Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2023-29406 (GCVE-0-2023-29406)
Vulnerability from cvelistv5 – Published: 2023-07-11 19:23 – Updated: 2025-02-13 16:49
VLAI
EPSS
Title
Insufficient sanitization of Host header in net/http
Summary
The HTTP/1 client does not fully validate the contents of the Host header. A maliciously crafted Host header can inject additional headers or entire requests. With fix, the HTTP/1 client now refuses to send requests containing an invalid Request.Host or Request.URL.Host value.
Severity
No CVSS data available.
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-113 - Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting')
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Go standard library | net/http |
Affected:
0 , < 1.19.11
(semver)
Affected: 1.20.0-0 , < 1.20.6 (semver) |
Credits
Bartek Nowotarski
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:07:45.735Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://go.dev/issue/60374"
},
{
"tags": [
"x_transferred"
],
"url": "https://go.dev/cl/506996"
},
{
"tags": [
"x_transferred"
],
"url": "https://groups.google.com/g/golang-announce/c/2q13H6LEEx0"
},
{
"tags": [
"x_transferred"
],
"url": "https://pkg.go.dev/vuln/GO-2023-1878"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20230814-0002/"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202311-09"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-29406",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-07T15:39:42.813114Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-07T15:39:53.007Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://pkg.go.dev",
"defaultStatus": "unaffected",
"packageName": "net/http",
"product": "net/http",
"programRoutines": [
{
"name": "Request.write"
},
{
"name": "Client.CloseIdleConnections"
},
{
"name": "Client.Do"
},
{
"name": "Client.Get"
},
{
"name": "Client.Head"
},
{
"name": "Client.Post"
},
{
"name": "Client.PostForm"
},
{
"name": "Get"
},
{
"name": "Head"
},
{
"name": "Post"
},
{
"name": "PostForm"
},
{
"name": "Request.Write"
},
{
"name": "Request.WriteProxy"
},
{
"name": "Transport.CancelRequest"
},
{
"name": "Transport.CloseIdleConnections"
},
{
"name": "Transport.RoundTrip"
}
],
"vendor": "Go standard library",
"versions": [
{
"lessThan": "1.19.11",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "1.20.6",
"status": "affected",
"version": "1.20.0-0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Bartek Nowotarski"
}
],
"descriptions": [
{
"lang": "en",
"value": "The HTTP/1 client does not fully validate the contents of the Host header. A maliciously crafted Host header can inject additional headers or entire requests. With fix, the HTTP/1 client now refuses to send requests containing an invalid Request.Host or Request.URL.Host value."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers (\u0027HTTP Request/Response Splitting\u0027)",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-25T11:09:28.969Z",
"orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"shortName": "Go"
},
"references": [
{
"url": "https://go.dev/issue/60374"
},
{
"url": "https://go.dev/cl/506996"
},
{
"url": "https://groups.google.com/g/golang-announce/c/2q13H6LEEx0"
},
{
"url": "https://pkg.go.dev/vuln/GO-2023-1878"
},
{
"url": "https://security.netapp.com/advisory/ntap-20230814-0002/"
},
{
"url": "https://security.gentoo.org/glsa/202311-09"
}
],
"title": "Insufficient sanitization of Host header in net/http"
}
},
"cveMetadata": {
"assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"assignerShortName": "Go",
"cveId": "CVE-2023-29406",
"datePublished": "2023-07-11T19:23:58.511Z",
"dateReserved": "2023-04-05T19:36:35.043Z",
"dateUpdated": "2025-02-13T16:49:14.579Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2023-29406",
"date": "2026-06-05",
"epss": "0.00344",
"percentile": "0.573"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2023-29406\",\"sourceIdentifier\":\"security@golang.org\",\"published\":\"2023-07-11T20:15:10.643\",\"lastModified\":\"2024-11-21T07:56:59.913\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The HTTP/1 client does not fully validate the contents of the Host header. A maliciously crafted Host header can inject additional headers or entire requests. With fix, the HTTP/1 client now refuses to send requests containing an invalid Request.Host or Request.URL.Host value.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-436\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.19.11\",\"matchCriteriaId\":\"A12D1C04-755E-4205-8261-3A85D0AE0AB6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.20.0\",\"versionEndExcluding\":\"1.20.6\",\"matchCriteriaId\":\"9A77E128-E2EE-4E9A-9C4C-5F812E14EBFA\"}]}]}],\"references\":[{\"url\":\"https://go.dev/cl/506996\",\"source\":\"security@golang.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://go.dev/issue/60374\",\"source\":\"security@golang.org\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://groups.google.com/g/golang-announce/c/2q13H6LEEx0\",\"source\":\"security@golang.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://pkg.go.dev/vuln/GO-2023-1878\",\"source\":\"security@golang.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202311-09\",\"source\":\"security@golang.org\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20230814-0002/\",\"source\":\"security@golang.org\"},{\"url\":\"https://go.dev/cl/506996\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://go.dev/issue/60374\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://groups.google.com/g/golang-announce/c/2q13H6LEEx0\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://pkg.go.dev/vuln/GO-2023-1878\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202311-09\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20230814-0002/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://go.dev/issue/60374\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://go.dev/cl/506996\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://groups.google.com/g/golang-announce/c/2q13H6LEEx0\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://pkg.go.dev/vuln/GO-2023-1878\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20230814-0002/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://security.gentoo.org/glsa/202311-09\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T14:07:45.735Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-29406\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-11-07T15:39:42.813114Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-11-07T15:39:46.956Z\"}}], \"cna\": {\"title\": \"Insufficient sanitization of Host header in net/http\", \"credits\": [{\"lang\": \"en\", \"value\": \"Bartek Nowotarski\"}], \"affected\": [{\"vendor\": \"Go standard library\", \"product\": \"net/http\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"1.19.11\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"1.20.0-0\", \"lessThan\": \"1.20.6\", \"versionType\": \"semver\"}], \"packageName\": \"net/http\", \"collectionURL\": \"https://pkg.go.dev\", \"defaultStatus\": \"unaffected\", \"programRoutines\": [{\"name\": \"Request.write\"}, {\"name\": \"Client.CloseIdleConnections\"}, {\"name\": \"Client.Do\"}, {\"name\": \"Client.Get\"}, {\"name\": \"Client.Head\"}, {\"name\": \"Client.Post\"}, {\"name\": \"Client.PostForm\"}, {\"name\": \"Get\"}, {\"name\": \"Head\"}, {\"name\": \"Post\"}, {\"name\": \"PostForm\"}, {\"name\": \"Request.Write\"}, {\"name\": \"Request.WriteProxy\"}, {\"name\": \"Transport.CancelRequest\"}, {\"name\": \"Transport.CloseIdleConnections\"}, {\"name\": \"Transport.RoundTrip\"}]}], \"references\": [{\"url\": \"https://go.dev/issue/60374\"}, {\"url\": \"https://go.dev/cl/506996\"}, {\"url\": \"https://groups.google.com/g/golang-announce/c/2q13H6LEEx0\"}, {\"url\": \"https://pkg.go.dev/vuln/GO-2023-1878\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20230814-0002/\"}, {\"url\": \"https://security.gentoo.org/glsa/202311-09\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"The HTTP/1 client does not fully validate the contents of the Host header. A maliciously crafted Host header can inject additional headers or entire requests. With fix, the HTTP/1 client now refuses to send requests containing an invalid Request.Host or Request.URL.Host value.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"description\": \"CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers (\u0027HTTP Request/Response Splitting\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"1bb62c36-49e3-4200-9d77-64a1400537cc\", \"shortName\": \"Go\", \"dateUpdated\": \"2023-11-25T11:09:28.969Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2023-29406\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-02-13T16:49:14.579Z\", \"dateReserved\": \"2023-04-05T19:36:35.043Z\", \"assignerOrgId\": \"1bb62c36-49e3-4200-9d77-64a1400537cc\", \"datePublished\": \"2023-07-11T19:23:58.511Z\", \"assignerShortName\": \"Go\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
RHSA-2023:5530
Vulnerability from csaf_redhat - Published: 2023-10-20 05:04 - Updated: 2026-06-05 13:07Summary
Red Hat Security Advisory: Logging Subsystem 5.7.7 - Red Hat OpenShift security update
Severity
Important
Notes
Topic: Logging Subsystem 5.7.7 - Red Hat OpenShift
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Logging Subsystem 5.7.7 - Red Hat OpenShift\\Security Fix(es):
* golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-39325)
* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)
NOTE: A Red Hat Security Bulletin which addresses further details about this flaw is available in the References section.
* golang: net/http: insufficient sanitization of Host header (CVE-2023-29406)
* golang: crypto/tls: slow verification of certificate chains containing large RSA keys (CVE-2023-29409)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in Golang, where it is vulnerable to HTTP header injection caused by improper content validation of the Host header by the HTTP/1 client. A remote attacker can inject arbitrary HTTP headers by persuading a victim to visit a specially crafted Web page. This flaw allows the attacker to conduct various attacks against the vulnerable system, including Cross-site scripting, cache poisoning, or session hijacking.
6.5 (Medium)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:476a5e47090c24d1f8f5bafaca9b80e5373a2da0f14a7ec6e7254a32440adfdb_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:8cb4328b46bc3f8627f11fe69b37d8147f1d76b909c9880066277615c36cabc1_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:9a1e97c4dac0165d92615b30b9140149b038ab788464dcd41f8a14b647220a98_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:9fe7eba96b742b1a3d55cef2934ce6259be01faf589f0b2ec1bc3b557a833980_amd64 | — |
Vendor Fix
fix
|
Known not affected
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/cluster-logging-operator-bundle@sha256:0761943b57451fa8cd0d42942a831376ab48f723e8ea461d0a5ea49c9a391d7b_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:1d6a2bd236f72f3dbb4c2e284cb2ac2554d7d79b416d57ee94b8d158ea3ea807_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:2023d126c1be90ab6e6b27e778cc3944a2e5af2b44358537d65e60d385e78959_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:c9a5546e0f427376f36d6d350cebe7ed3e7d2468d3c8290528fbe054462e22d6_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:efb5cb250782473d1f4eb42d06747c9fad6df65c888cca88ed421bba399c5d96_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/elasticsearch-operator-bundle@sha256:060f8fd11a32cbb6247d7d41e4be1fc71026e9bab9238995b7b2e563fb94e6d7_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:2995302941f4c0d5016e49c3a01ca3bc4d80935ce1de70c84a2124e28e290947_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:6f64ee3aeedb891cb4b88e90c7569235d8e136cb2a66c7da1bc3ec73a518aa5d_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:7ca7ec92b15a7556d6a8daabd24a70f42e4260b6caf9168e852890c063e91186_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:f223378bb8b335e6ed531a451a48fc17c039004414836cc1f2bf8d408eb6eb18_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:368447ae5216ada4c092c8781d3b847a5d37606d7c4ce430376ed5d3a4384863_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:640dfbd649bde0c5fed45d5ecaf595e1cf09ffa6d76be3b75751108c0d85bbcb_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:720587fcb7a89a571c04c8e222e5ebf54c899086ce07461e5f5dac7dfe8e6af9_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:9a492f0164ba9ea96a8cef43577a6d62ce5806dc1e821d3aee2abfcf35a02ac0_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:0fab0830499ef530add912e8022f9d5a09addbf229e62bea989a1d8734e70a33_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:560831bdc34128719564aaaca4b80bba32062b97c87118b4ac00413609bcf067_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:90c408f644a8a853de8338f2d4c1b7ff10877973a98c15868e1e0662da8eca46_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:a00a7c1c152b6d2897bdc06b0137b556e6931b7d309e4e9a585825dbd558d3ba_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:3054aade5994df42ab7c2981865a7851049ea46ed20b7805d1553d6b28ab5af8_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:7a45458250a73682ab11a3c743d563ab1c9072281b15d3a18088c5902130a4cd_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:ac827708b7d49a217770e510124427e9430ec13b23d8fc3e0f7bdcb682214b34_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:bc31b395c3a2353048cad9d0d44f28e60f7e0a01e5fc6f6b2803d813ec279687_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:08ba4f66916d6331ce739c856c863e2de59c7b870ef2247ed2ee4b5895932193_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:65b491f9794f306cfe74b6ff622e9fe8b1155df5ed89e8db1f34ee2d299b2245_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:d920792d5ea71265702f0a408888e051b47d23cb8b624c02e6ed29b142d152bf_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:f93ddeb2a52c0aead46bb0bb2af71a68c9a11093617615faadb3b07f45590fa1_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:6bdd69f14340d82695bd645b14f4faaa99c830630087d43aa843418cfb34b89e_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:b104e6731b8ddfb98dd8a0891dfb1051fb59e82d70f91c297a62402922412c32_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:e8af2bde433bebee9236365ce6bc52db26981c8e484df2048cb4ed2b7cb5bed1_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:eddddb656ad870ad417cb92756ce537d32b55b17a9af3c87b5e2f4834017e48a_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:407891f77d384f8708f9e33469c410e84ba25fa9e4cb16e4a6a9c212f0b48a9c_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:7f5f8f7d40938e5a0b2b2724c551f4e1dcf57de78daacd736b28b964d0fa6eec_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:a91af106ffacd6a620c6b194697516ee3e9f8aa36605873061766d9f0ec35f84_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:fef8afe2da100f267ed9e3848b4a9a1183e04bf0a9702404d03b2f57e5ec1bde_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:00fe8c23f7944a5d639c17b2e81dd80a424aabbddd4d7f0aff6b54f8cf370a58_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:0a7df021980720321c27e8021626e0c4f428150faa75fd92803b3e172f07eedf_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:927ba226f05237f6ad1faf686149a89f692f8904445f5a35f15a685518d3fe6a_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:94a2902ffbfcec5c29a23529d81f4605ebab9bde8156ad1be6dba42ccedeb1fe_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:0f251245e9f1030e64a6c9b76fe22b571e4a3f9cc2fd38979b52e5c91c6bd2e6_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:2f09d0a0faad8944b5d4689699ae15d3d4e44cefaa5aaa11f2c584e71b23e667_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:8181f92baa5a86da7767f605f4537b59fad583ee80fcde309fea504e9c3147c0_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:c1247743656700aa4be1b1f6d43732e9ad65e0a99a928065aa94ef2a3729bac8_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/loki-operator-bundle@sha256:c569eba6b695d9f26dc47f413e925d02666683a4af0401f23cfd05b96dcb61e9_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:31cdc95fe91aeb315afa5a1daf98e91587eac31b895de5b698bfd4637889ce22_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:4e59120fc8a10978b234716a5757891c197e9394aae2446b3b8d8621f3983792_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:75d73f70f941e73b41e38d666dc1dbdfb465cb2d182b6f3663d632da5a15feb7_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:c7d2ef7cf71269238bb23db61f08f9d237baa955a18cb394e8d34dc80178cdc5_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:1b1dd755ceb338795820eb5c4abd1914071b4579502eb40379e0126dbc5bd58c_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:37e919ddb8673ef99e5e0e1b9e5c9c388c9417dd45971f2dab05bf92b462ab67_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:3ef274ae69a419f4458c290b6bd33c2787798dc5a905f46dc20aff7b1c0b6e25_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:4cc1ddf22cba8a5ed94549115b5210d961e1978618c8cb48e820e545369ecb65_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:a99366c13fbb55e96bebe92054c09ac75133023b940df8b80a43d89c8d6db580_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:bdb8fb48f8b164fb3d55de977aaa19414654ec7284f148db11b77b94a3feefd1_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:cc216b7b979a7b216fa7d4965ad6b1a147405fe95b95eafc0aa47c758f1b16d9_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:cf9edc3befb08c9e0327197884faeb387b44efc169063020d154aa2ce77bd711_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:5d785f0ff007386c3d6c69eb06e1bac518c7a1b781504ef5ddbb7e6a682382e8_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:7c85f6f777f9c74096c33f76fbc9c122f203cb549fc91142d51e6aebdc400ec5_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:b5633612eab927c2d65848d0fd4629e692fbd4ea5b7aa9254ddfe6982824c06a_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:eb444e7e77e14ff1f36c048bdd53d482b6cf3ed98d3ff6f2574620187fde49ab_arm64 | — |
Threats
Impact
Moderate
A denial of service vulnerability was found in the Golang Go package caused by an uncontrolled resource consumption flaw. By persuading a victim to use a specially crafted certificate with large RSA keys, a remote attacker can cause a client/server to expend significant CPU time verifying signatures, resulting in a denial of service condition.
5.3 (Medium)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:476a5e47090c24d1f8f5bafaca9b80e5373a2da0f14a7ec6e7254a32440adfdb_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:8cb4328b46bc3f8627f11fe69b37d8147f1d76b909c9880066277615c36cabc1_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:9a1e97c4dac0165d92615b30b9140149b038ab788464dcd41f8a14b647220a98_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:9fe7eba96b742b1a3d55cef2934ce6259be01faf589f0b2ec1bc3b557a833980_amd64 | — |
Vendor Fix
fix
|
Known not affected
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/cluster-logging-operator-bundle@sha256:0761943b57451fa8cd0d42942a831376ab48f723e8ea461d0a5ea49c9a391d7b_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:1d6a2bd236f72f3dbb4c2e284cb2ac2554d7d79b416d57ee94b8d158ea3ea807_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:2023d126c1be90ab6e6b27e778cc3944a2e5af2b44358537d65e60d385e78959_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:c9a5546e0f427376f36d6d350cebe7ed3e7d2468d3c8290528fbe054462e22d6_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:efb5cb250782473d1f4eb42d06747c9fad6df65c888cca88ed421bba399c5d96_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/elasticsearch-operator-bundle@sha256:060f8fd11a32cbb6247d7d41e4be1fc71026e9bab9238995b7b2e563fb94e6d7_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:2995302941f4c0d5016e49c3a01ca3bc4d80935ce1de70c84a2124e28e290947_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:6f64ee3aeedb891cb4b88e90c7569235d8e136cb2a66c7da1bc3ec73a518aa5d_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:7ca7ec92b15a7556d6a8daabd24a70f42e4260b6caf9168e852890c063e91186_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:f223378bb8b335e6ed531a451a48fc17c039004414836cc1f2bf8d408eb6eb18_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:368447ae5216ada4c092c8781d3b847a5d37606d7c4ce430376ed5d3a4384863_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:640dfbd649bde0c5fed45d5ecaf595e1cf09ffa6d76be3b75751108c0d85bbcb_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:720587fcb7a89a571c04c8e222e5ebf54c899086ce07461e5f5dac7dfe8e6af9_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:9a492f0164ba9ea96a8cef43577a6d62ce5806dc1e821d3aee2abfcf35a02ac0_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:0fab0830499ef530add912e8022f9d5a09addbf229e62bea989a1d8734e70a33_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:560831bdc34128719564aaaca4b80bba32062b97c87118b4ac00413609bcf067_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:90c408f644a8a853de8338f2d4c1b7ff10877973a98c15868e1e0662da8eca46_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:a00a7c1c152b6d2897bdc06b0137b556e6931b7d309e4e9a585825dbd558d3ba_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:3054aade5994df42ab7c2981865a7851049ea46ed20b7805d1553d6b28ab5af8_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:7a45458250a73682ab11a3c743d563ab1c9072281b15d3a18088c5902130a4cd_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:ac827708b7d49a217770e510124427e9430ec13b23d8fc3e0f7bdcb682214b34_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:bc31b395c3a2353048cad9d0d44f28e60f7e0a01e5fc6f6b2803d813ec279687_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:08ba4f66916d6331ce739c856c863e2de59c7b870ef2247ed2ee4b5895932193_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:65b491f9794f306cfe74b6ff622e9fe8b1155df5ed89e8db1f34ee2d299b2245_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:d920792d5ea71265702f0a408888e051b47d23cb8b624c02e6ed29b142d152bf_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:f93ddeb2a52c0aead46bb0bb2af71a68c9a11093617615faadb3b07f45590fa1_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:6bdd69f14340d82695bd645b14f4faaa99c830630087d43aa843418cfb34b89e_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:b104e6731b8ddfb98dd8a0891dfb1051fb59e82d70f91c297a62402922412c32_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:e8af2bde433bebee9236365ce6bc52db26981c8e484df2048cb4ed2b7cb5bed1_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:eddddb656ad870ad417cb92756ce537d32b55b17a9af3c87b5e2f4834017e48a_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:407891f77d384f8708f9e33469c410e84ba25fa9e4cb16e4a6a9c212f0b48a9c_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:7f5f8f7d40938e5a0b2b2724c551f4e1dcf57de78daacd736b28b964d0fa6eec_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:a91af106ffacd6a620c6b194697516ee3e9f8aa36605873061766d9f0ec35f84_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:fef8afe2da100f267ed9e3848b4a9a1183e04bf0a9702404d03b2f57e5ec1bde_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:00fe8c23f7944a5d639c17b2e81dd80a424aabbddd4d7f0aff6b54f8cf370a58_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:0a7df021980720321c27e8021626e0c4f428150faa75fd92803b3e172f07eedf_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:927ba226f05237f6ad1faf686149a89f692f8904445f5a35f15a685518d3fe6a_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:94a2902ffbfcec5c29a23529d81f4605ebab9bde8156ad1be6dba42ccedeb1fe_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:0f251245e9f1030e64a6c9b76fe22b571e4a3f9cc2fd38979b52e5c91c6bd2e6_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:2f09d0a0faad8944b5d4689699ae15d3d4e44cefaa5aaa11f2c584e71b23e667_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:8181f92baa5a86da7767f605f4537b59fad583ee80fcde309fea504e9c3147c0_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:c1247743656700aa4be1b1f6d43732e9ad65e0a99a928065aa94ef2a3729bac8_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/loki-operator-bundle@sha256:c569eba6b695d9f26dc47f413e925d02666683a4af0401f23cfd05b96dcb61e9_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:31cdc95fe91aeb315afa5a1daf98e91587eac31b895de5b698bfd4637889ce22_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:4e59120fc8a10978b234716a5757891c197e9394aae2446b3b8d8621f3983792_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:75d73f70f941e73b41e38d666dc1dbdfb465cb2d182b6f3663d632da5a15feb7_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:c7d2ef7cf71269238bb23db61f08f9d237baa955a18cb394e8d34dc80178cdc5_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:1b1dd755ceb338795820eb5c4abd1914071b4579502eb40379e0126dbc5bd58c_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:37e919ddb8673ef99e5e0e1b9e5c9c388c9417dd45971f2dab05bf92b462ab67_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:3ef274ae69a419f4458c290b6bd33c2787798dc5a905f46dc20aff7b1c0b6e25_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:4cc1ddf22cba8a5ed94549115b5210d961e1978618c8cb48e820e545369ecb65_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:a99366c13fbb55e96bebe92054c09ac75133023b940df8b80a43d89c8d6db580_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:bdb8fb48f8b164fb3d55de977aaa19414654ec7284f148db11b77b94a3feefd1_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:cc216b7b979a7b216fa7d4965ad6b1a147405fe95b95eafc0aa47c758f1b16d9_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:cf9edc3befb08c9e0327197884faeb387b44efc169063020d154aa2ce77bd711_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:5d785f0ff007386c3d6c69eb06e1bac518c7a1b781504ef5ddbb7e6a682382e8_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:7c85f6f777f9c74096c33f76fbc9c122f203cb549fc91142d51e6aebdc400ec5_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:b5633612eab927c2d65848d0fd4629e692fbd4ea5b7aa9254ddfe6982824c06a_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:eb444e7e77e14ff1f36c048bdd53d482b6cf3ed98d3ff6f2574620187fde49ab_arm64 | — |
Threats
Impact
Moderate
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.
7.5 (High)
Affected products
Fixed
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:1d6a2bd236f72f3dbb4c2e284cb2ac2554d7d79b416d57ee94b8d158ea3ea807_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:2023d126c1be90ab6e6b27e778cc3944a2e5af2b44358537d65e60d385e78959_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:c9a5546e0f427376f36d6d350cebe7ed3e7d2468d3c8290528fbe054462e22d6_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:efb5cb250782473d1f4eb42d06747c9fad6df65c888cca88ed421bba399c5d96_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:2995302941f4c0d5016e49c3a01ca3bc4d80935ce1de70c84a2124e28e290947_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:6f64ee3aeedb891cb4b88e90c7569235d8e136cb2a66c7da1bc3ec73a518aa5d_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:7ca7ec92b15a7556d6a8daabd24a70f42e4260b6caf9168e852890c063e91186_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:f223378bb8b335e6ed531a451a48fc17c039004414836cc1f2bf8d408eb6eb18_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:368447ae5216ada4c092c8781d3b847a5d37606d7c4ce430376ed5d3a4384863_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:640dfbd649bde0c5fed45d5ecaf595e1cf09ffa6d76be3b75751108c0d85bbcb_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:720587fcb7a89a571c04c8e222e5ebf54c899086ce07461e5f5dac7dfe8e6af9_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:9a492f0164ba9ea96a8cef43577a6d62ce5806dc1e821d3aee2abfcf35a02ac0_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:3054aade5994df42ab7c2981865a7851049ea46ed20b7805d1553d6b28ab5af8_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:7a45458250a73682ab11a3c743d563ab1c9072281b15d3a18088c5902130a4cd_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:ac827708b7d49a217770e510124427e9430ec13b23d8fc3e0f7bdcb682214b34_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:bc31b395c3a2353048cad9d0d44f28e60f7e0a01e5fc6f6b2803d813ec279687_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:476a5e47090c24d1f8f5bafaca9b80e5373a2da0f14a7ec6e7254a32440adfdb_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:8cb4328b46bc3f8627f11fe69b37d8147f1d76b909c9880066277615c36cabc1_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:9a1e97c4dac0165d92615b30b9140149b038ab788464dcd41f8a14b647220a98_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:9fe7eba96b742b1a3d55cef2934ce6259be01faf589f0b2ec1bc3b557a833980_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:31cdc95fe91aeb315afa5a1daf98e91587eac31b895de5b698bfd4637889ce22_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:4e59120fc8a10978b234716a5757891c197e9394aae2446b3b8d8621f3983792_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:75d73f70f941e73b41e38d666dc1dbdfb465cb2d182b6f3663d632da5a15feb7_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:c7d2ef7cf71269238bb23db61f08f9d237baa955a18cb394e8d34dc80178cdc5_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:1b1dd755ceb338795820eb5c4abd1914071b4579502eb40379e0126dbc5bd58c_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:37e919ddb8673ef99e5e0e1b9e5c9c388c9417dd45971f2dab05bf92b462ab67_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:3ef274ae69a419f4458c290b6bd33c2787798dc5a905f46dc20aff7b1c0b6e25_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:4cc1ddf22cba8a5ed94549115b5210d961e1978618c8cb48e820e545369ecb65_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:a99366c13fbb55e96bebe92054c09ac75133023b940df8b80a43d89c8d6db580_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:bdb8fb48f8b164fb3d55de977aaa19414654ec7284f148db11b77b94a3feefd1_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:cc216b7b979a7b216fa7d4965ad6b1a147405fe95b95eafc0aa47c758f1b16d9_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:cf9edc3befb08c9e0327197884faeb387b44efc169063020d154aa2ce77bd711_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/cluster-logging-operator-bundle@sha256:0761943b57451fa8cd0d42942a831376ab48f723e8ea461d0a5ea49c9a391d7b_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/elasticsearch-operator-bundle@sha256:060f8fd11a32cbb6247d7d41e4be1fc71026e9bab9238995b7b2e563fb94e6d7_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:0fab0830499ef530add912e8022f9d5a09addbf229e62bea989a1d8734e70a33_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:560831bdc34128719564aaaca4b80bba32062b97c87118b4ac00413609bcf067_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:90c408f644a8a853de8338f2d4c1b7ff10877973a98c15868e1e0662da8eca46_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:a00a7c1c152b6d2897bdc06b0137b556e6931b7d309e4e9a585825dbd558d3ba_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:08ba4f66916d6331ce739c856c863e2de59c7b870ef2247ed2ee4b5895932193_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:65b491f9794f306cfe74b6ff622e9fe8b1155df5ed89e8db1f34ee2d299b2245_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:d920792d5ea71265702f0a408888e051b47d23cb8b624c02e6ed29b142d152bf_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:f93ddeb2a52c0aead46bb0bb2af71a68c9a11093617615faadb3b07f45590fa1_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:6bdd69f14340d82695bd645b14f4faaa99c830630087d43aa843418cfb34b89e_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:b104e6731b8ddfb98dd8a0891dfb1051fb59e82d70f91c297a62402922412c32_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:e8af2bde433bebee9236365ce6bc52db26981c8e484df2048cb4ed2b7cb5bed1_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:eddddb656ad870ad417cb92756ce537d32b55b17a9af3c87b5e2f4834017e48a_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:407891f77d384f8708f9e33469c410e84ba25fa9e4cb16e4a6a9c212f0b48a9c_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:7f5f8f7d40938e5a0b2b2724c551f4e1dcf57de78daacd736b28b964d0fa6eec_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:a91af106ffacd6a620c6b194697516ee3e9f8aa36605873061766d9f0ec35f84_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:fef8afe2da100f267ed9e3848b4a9a1183e04bf0a9702404d03b2f57e5ec1bde_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:00fe8c23f7944a5d639c17b2e81dd80a424aabbddd4d7f0aff6b54f8cf370a58_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:0a7df021980720321c27e8021626e0c4f428150faa75fd92803b3e172f07eedf_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:927ba226f05237f6ad1faf686149a89f692f8904445f5a35f15a685518d3fe6a_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:94a2902ffbfcec5c29a23529d81f4605ebab9bde8156ad1be6dba42ccedeb1fe_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:0f251245e9f1030e64a6c9b76fe22b571e4a3f9cc2fd38979b52e5c91c6bd2e6_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:2f09d0a0faad8944b5d4689699ae15d3d4e44cefaa5aaa11f2c584e71b23e667_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:8181f92baa5a86da7767f605f4537b59fad583ee80fcde309fea504e9c3147c0_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:c1247743656700aa4be1b1f6d43732e9ad65e0a99a928065aa94ef2a3729bac8_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/loki-operator-bundle@sha256:c569eba6b695d9f26dc47f413e925d02666683a4af0401f23cfd05b96dcb61e9_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:5d785f0ff007386c3d6c69eb06e1bac518c7a1b781504ef5ddbb7e6a682382e8_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:7c85f6f777f9c74096c33f76fbc9c122f203cb549fc91142d51e6aebdc400ec5_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:b5633612eab927c2d65848d0fd4629e692fbd4ea5b7aa9254ddfe6982824c06a_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:eb444e7e77e14ff1f36c048bdd53d482b6cf3ed98d3ff6f2574620187fde49ab_arm64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages. Security Bulletin https://access.redhat.com/security/vulnerabilities/RHSB-2023-003
7.5 (High)
Affected products
Fixed
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:0fab0830499ef530add912e8022f9d5a09addbf229e62bea989a1d8734e70a33_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:560831bdc34128719564aaaca4b80bba32062b97c87118b4ac00413609bcf067_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:90c408f644a8a853de8338f2d4c1b7ff10877973a98c15868e1e0662da8eca46_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:a00a7c1c152b6d2897bdc06b0137b556e6931b7d309e4e9a585825dbd558d3ba_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:0f251245e9f1030e64a6c9b76fe22b571e4a3f9cc2fd38979b52e5c91c6bd2e6_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:2f09d0a0faad8944b5d4689699ae15d3d4e44cefaa5aaa11f2c584e71b23e667_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:8181f92baa5a86da7767f605f4537b59fad583ee80fcde309fea504e9c3147c0_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:c1247743656700aa4be1b1f6d43732e9ad65e0a99a928065aa94ef2a3729bac8_s390x | — |
Vendor Fix
fix
Workaround
|
Known not affected
55 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/cluster-logging-operator-bundle@sha256:0761943b57451fa8cd0d42942a831376ab48f723e8ea461d0a5ea49c9a391d7b_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:1d6a2bd236f72f3dbb4c2e284cb2ac2554d7d79b416d57ee94b8d158ea3ea807_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:2023d126c1be90ab6e6b27e778cc3944a2e5af2b44358537d65e60d385e78959_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:c9a5546e0f427376f36d6d350cebe7ed3e7d2468d3c8290528fbe054462e22d6_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:efb5cb250782473d1f4eb42d06747c9fad6df65c888cca88ed421bba399c5d96_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/elasticsearch-operator-bundle@sha256:060f8fd11a32cbb6247d7d41e4be1fc71026e9bab9238995b7b2e563fb94e6d7_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:2995302941f4c0d5016e49c3a01ca3bc4d80935ce1de70c84a2124e28e290947_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:6f64ee3aeedb891cb4b88e90c7569235d8e136cb2a66c7da1bc3ec73a518aa5d_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:7ca7ec92b15a7556d6a8daabd24a70f42e4260b6caf9168e852890c063e91186_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:f223378bb8b335e6ed531a451a48fc17c039004414836cc1f2bf8d408eb6eb18_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:368447ae5216ada4c092c8781d3b847a5d37606d7c4ce430376ed5d3a4384863_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:640dfbd649bde0c5fed45d5ecaf595e1cf09ffa6d76be3b75751108c0d85bbcb_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:720587fcb7a89a571c04c8e222e5ebf54c899086ce07461e5f5dac7dfe8e6af9_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:9a492f0164ba9ea96a8cef43577a6d62ce5806dc1e821d3aee2abfcf35a02ac0_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:3054aade5994df42ab7c2981865a7851049ea46ed20b7805d1553d6b28ab5af8_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:7a45458250a73682ab11a3c743d563ab1c9072281b15d3a18088c5902130a4cd_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:ac827708b7d49a217770e510124427e9430ec13b23d8fc3e0f7bdcb682214b34_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:bc31b395c3a2353048cad9d0d44f28e60f7e0a01e5fc6f6b2803d813ec279687_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:08ba4f66916d6331ce739c856c863e2de59c7b870ef2247ed2ee4b5895932193_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:65b491f9794f306cfe74b6ff622e9fe8b1155df5ed89e8db1f34ee2d299b2245_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:d920792d5ea71265702f0a408888e051b47d23cb8b624c02e6ed29b142d152bf_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:f93ddeb2a52c0aead46bb0bb2af71a68c9a11093617615faadb3b07f45590fa1_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:6bdd69f14340d82695bd645b14f4faaa99c830630087d43aa843418cfb34b89e_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:b104e6731b8ddfb98dd8a0891dfb1051fb59e82d70f91c297a62402922412c32_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:e8af2bde433bebee9236365ce6bc52db26981c8e484df2048cb4ed2b7cb5bed1_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:eddddb656ad870ad417cb92756ce537d32b55b17a9af3c87b5e2f4834017e48a_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:407891f77d384f8708f9e33469c410e84ba25fa9e4cb16e4a6a9c212f0b48a9c_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:7f5f8f7d40938e5a0b2b2724c551f4e1dcf57de78daacd736b28b964d0fa6eec_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:a91af106ffacd6a620c6b194697516ee3e9f8aa36605873061766d9f0ec35f84_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:fef8afe2da100f267ed9e3848b4a9a1183e04bf0a9702404d03b2f57e5ec1bde_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:00fe8c23f7944a5d639c17b2e81dd80a424aabbddd4d7f0aff6b54f8cf370a58_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:0a7df021980720321c27e8021626e0c4f428150faa75fd92803b3e172f07eedf_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:927ba226f05237f6ad1faf686149a89f692f8904445f5a35f15a685518d3fe6a_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:94a2902ffbfcec5c29a23529d81f4605ebab9bde8156ad1be6dba42ccedeb1fe_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:476a5e47090c24d1f8f5bafaca9b80e5373a2da0f14a7ec6e7254a32440adfdb_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:8cb4328b46bc3f8627f11fe69b37d8147f1d76b909c9880066277615c36cabc1_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:9a1e97c4dac0165d92615b30b9140149b038ab788464dcd41f8a14b647220a98_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:9fe7eba96b742b1a3d55cef2934ce6259be01faf589f0b2ec1bc3b557a833980_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/loki-operator-bundle@sha256:c569eba6b695d9f26dc47f413e925d02666683a4af0401f23cfd05b96dcb61e9_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:31cdc95fe91aeb315afa5a1daf98e91587eac31b895de5b698bfd4637889ce22_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:4e59120fc8a10978b234716a5757891c197e9394aae2446b3b8d8621f3983792_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:75d73f70f941e73b41e38d666dc1dbdfb465cb2d182b6f3663d632da5a15feb7_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:c7d2ef7cf71269238bb23db61f08f9d237baa955a18cb394e8d34dc80178cdc5_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:1b1dd755ceb338795820eb5c4abd1914071b4579502eb40379e0126dbc5bd58c_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:37e919ddb8673ef99e5e0e1b9e5c9c388c9417dd45971f2dab05bf92b462ab67_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:3ef274ae69a419f4458c290b6bd33c2787798dc5a905f46dc20aff7b1c0b6e25_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:4cc1ddf22cba8a5ed94549115b5210d961e1978618c8cb48e820e545369ecb65_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:a99366c13fbb55e96bebe92054c09ac75133023b940df8b80a43d89c8d6db580_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:bdb8fb48f8b164fb3d55de977aaa19414654ec7284f148db11b77b94a3feefd1_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:cc216b7b979a7b216fa7d4965ad6b1a147405fe95b95eafc0aa47c758f1b16d9_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:cf9edc3befb08c9e0327197884faeb387b44efc169063020d154aa2ce77bd711_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:5d785f0ff007386c3d6c69eb06e1bac518c7a1b781504ef5ddbb7e6a682382e8_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:7c85f6f777f9c74096c33f76fbc9c122f203cb549fc91142d51e6aebdc400ec5_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:b5633612eab927c2d65848d0fd4629e692fbd4ea5b7aa9254ddfe6982824c06a_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:eb444e7e77e14ff1f36c048bdd53d482b6cf3ed98d3ff6f2574620187fde49ab_arm64 | — |
Workaround
|
Threats
Exploit Status
CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Impact
Important
References
41 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Logging Subsystem 5.7.7 - Red Hat OpenShift\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Logging Subsystem 5.7.7 - Red Hat OpenShift\\\\Security Fix(es):\n\n* golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-39325)\n\n* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)\n\nNOTE: A Red Hat Security Bulletin which addresses further details about this flaw is available in the References section.\n\n* golang: net/http: insufficient sanitization of Host header (CVE-2023-29406)\n\n* golang: crypto/tls: slow verification of certificate chains containing large RSA keys (CVE-2023-29409)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:5530",
"url": "https://access.redhat.com/errata/RHSA-2023:5530"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "2222167",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2222167"
},
{
"category": "external",
"summary": "2228743",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2228743"
},
{
"category": "external",
"summary": "2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "external",
"summary": "LOG-4555",
"url": "https://issues.redhat.com/browse/LOG-4555"
},
{
"category": "external",
"summary": "LOG-4569",
"url": "https://issues.redhat.com/browse/LOG-4569"
},
{
"category": "external",
"summary": "LOG-4575",
"url": "https://issues.redhat.com/browse/LOG-4575"
},
{
"category": "external",
"summary": "LOG-4686",
"url": "https://issues.redhat.com/browse/LOG-4686"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_5530.json"
}
],
"title": "Red Hat Security Advisory: Logging Subsystem 5.7.7 - Red Hat OpenShift security update",
"tracking": {
"current_release_date": "2026-06-05T13:07:47+00:00",
"generator": {
"date": "2026-06-05T13:07:47+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.2"
}
},
"id": "RHSA-2023:5530",
"initial_release_date": "2023-10-20T05:04:43+00:00",
"revision_history": [
{
"date": "2023-10-20T05:04:43+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-10-20T05:04:43+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-05T13:07:47+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHOL 5.7 for RHEL 8",
"product": {
"name": "RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:logging:5.7::el8"
}
}
}
],
"category": "product_family",
"name": "logging for Red Hat OpenShift"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:1d6a2bd236f72f3dbb4c2e284cb2ac2554d7d79b416d57ee94b8d158ea3ea807_arm64",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:1d6a2bd236f72f3dbb4c2e284cb2ac2554d7d79b416d57ee94b8d158ea3ea807_arm64",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:1d6a2bd236f72f3dbb4c2e284cb2ac2554d7d79b416d57ee94b8d158ea3ea807_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:1d6a2bd236f72f3dbb4c2e284cb2ac2554d7d79b416d57ee94b8d158ea3ea807?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.7.7-22"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:9a492f0164ba9ea96a8cef43577a6d62ce5806dc1e821d3aee2abfcf35a02ac0_arm64",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:9a492f0164ba9ea96a8cef43577a6d62ce5806dc1e821d3aee2abfcf35a02ac0_arm64",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:9a492f0164ba9ea96a8cef43577a6d62ce5806dc1e821d3aee2abfcf35a02ac0_arm64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:9a492f0164ba9ea96a8cef43577a6d62ce5806dc1e821d3aee2abfcf35a02ac0?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.7.7-9"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:2995302941f4c0d5016e49c3a01ca3bc4d80935ce1de70c84a2124e28e290947_arm64",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:2995302941f4c0d5016e49c3a01ca3bc4d80935ce1de70c84a2124e28e290947_arm64",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:2995302941f4c0d5016e49c3a01ca3bc4d80935ce1de70c84a2124e28e290947_arm64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:2995302941f4c0d5016e49c3a01ca3bc4d80935ce1de70c84a2124e28e290947?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-440"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:7f5f8f7d40938e5a0b2b2724c551f4e1dcf57de78daacd736b28b964d0fa6eec_arm64",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:7f5f8f7d40938e5a0b2b2724c551f4e1dcf57de78daacd736b28b964d0fa6eec_arm64",
"product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:7f5f8f7d40938e5a0b2b2724c551f4e1dcf57de78daacd736b28b964d0fa6eec_arm64",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:7f5f8f7d40938e5a0b2b2724c551f4e1dcf57de78daacd736b28b964d0fa6eec?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.1.0-175"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel8@sha256:0a7df021980720321c27e8021626e0c4f428150faa75fd92803b3e172f07eedf_arm64",
"product": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:0a7df021980720321c27e8021626e0c4f428150faa75fd92803b3e172f07eedf_arm64",
"product_id": "openshift-logging/logging-curator5-rhel8@sha256:0a7df021980720321c27e8021626e0c4f428150faa75fd92803b3e172f07eedf_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel8@sha256:0a7df021980720321c27e8021626e0c4f428150faa75fd92803b3e172f07eedf?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-419"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:a00a7c1c152b6d2897bdc06b0137b556e6931b7d309e4e9a585825dbd558d3ba_arm64",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:a00a7c1c152b6d2897bdc06b0137b556e6931b7d309e4e9a585825dbd558d3ba_arm64",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:a00a7c1c152b6d2897bdc06b0137b556e6931b7d309e4e9a585825dbd558d3ba_arm64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:a00a7c1c152b6d2897bdc06b0137b556e6931b7d309e4e9a585825dbd558d3ba?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-369"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:bc31b395c3a2353048cad9d0d44f28e60f7e0a01e5fc6f6b2803d813ec279687_arm64",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:bc31b395c3a2353048cad9d0d44f28e60f7e0a01e5fc6f6b2803d813ec279687_arm64",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:bc31b395c3a2353048cad9d0d44f28e60f7e0a01e5fc6f6b2803d813ec279687_arm64",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:bc31b395c3a2353048cad9d0d44f28e60f7e0a01e5fc6f6b2803d813ec279687?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.4.0-189"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:d920792d5ea71265702f0a408888e051b47d23cb8b624c02e6ed29b142d152bf_arm64",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:d920792d5ea71265702f0a408888e051b47d23cb8b624c02e6ed29b142d152bf_arm64",
"product_id": "openshift-logging/fluentd-rhel8@sha256:d920792d5ea71265702f0a408888e051b47d23cb8b624c02e6ed29b142d152bf_arm64",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:d920792d5ea71265702f0a408888e051b47d23cb8b624c02e6ed29b142d152bf?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.14.6-191"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:6bdd69f14340d82695bd645b14f4faaa99c830630087d43aa843418cfb34b89e_arm64",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:6bdd69f14340d82695bd645b14f4faaa99c830630087d43aa843418cfb34b89e_arm64",
"product_id": "openshift-logging/kibana6-rhel8@sha256:6bdd69f14340d82695bd645b14f4faaa99c830630087d43aa843418cfb34b89e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:6bdd69f14340d82695bd645b14f4faaa99c830630087d43aa843418cfb34b89e?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-398"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-loki-rhel8@sha256:8cb4328b46bc3f8627f11fe69b37d8147f1d76b909c9880066277615c36cabc1_arm64",
"product": {
"name": "openshift-logging/logging-loki-rhel8@sha256:8cb4328b46bc3f8627f11fe69b37d8147f1d76b909c9880066277615c36cabc1_arm64",
"product_id": "openshift-logging/logging-loki-rhel8@sha256:8cb4328b46bc3f8627f11fe69b37d8147f1d76b909c9880066277615c36cabc1_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel8@sha256:8cb4328b46bc3f8627f11fe69b37d8147f1d76b909c9880066277615c36cabc1?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel8\u0026tag=v2.9.2-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/vector-rhel8@sha256:eb444e7e77e14ff1f36c048bdd53d482b6cf3ed98d3ff6f2574620187fde49ab_arm64",
"product": {
"name": "openshift-logging/vector-rhel8@sha256:eb444e7e77e14ff1f36c048bdd53d482b6cf3ed98d3ff6f2574620187fde49ab_arm64",
"product_id": "openshift-logging/vector-rhel8@sha256:eb444e7e77e14ff1f36c048bdd53d482b6cf3ed98d3ff6f2574620187fde49ab_arm64",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel8@sha256:eb444e7e77e14ff1f36c048bdd53d482b6cf3ed98d3ff6f2574620187fde49ab?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel8\u0026tag=v0.28.1-32"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:0f251245e9f1030e64a6c9b76fe22b571e4a3f9cc2fd38979b52e5c91c6bd2e6_arm64",
"product": {
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:0f251245e9f1030e64a6c9b76fe22b571e4a3f9cc2fd38979b52e5c91c6bd2e6_arm64",
"product_id": "openshift-logging/logging-view-plugin-rhel8@sha256:0f251245e9f1030e64a6c9b76fe22b571e4a3f9cc2fd38979b52e5c91c6bd2e6_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logging-view-plugin-rhel8@sha256:0f251245e9f1030e64a6c9b76fe22b571e4a3f9cc2fd38979b52e5c91c6bd2e6?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/logging-view-plugin-rhel8\u0026tag=v5.7.7-8"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/loki-rhel8-operator@sha256:31cdc95fe91aeb315afa5a1daf98e91587eac31b895de5b698bfd4637889ce22_arm64",
"product": {
"name": "openshift-logging/loki-rhel8-operator@sha256:31cdc95fe91aeb315afa5a1daf98e91587eac31b895de5b698bfd4637889ce22_arm64",
"product_id": "openshift-logging/loki-rhel8-operator@sha256:31cdc95fe91aeb315afa5a1daf98e91587eac31b895de5b698bfd4637889ce22_arm64",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel8-operator@sha256:31cdc95fe91aeb315afa5a1daf98e91587eac31b895de5b698bfd4637889ce22?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel8-operator\u0026tag=v5.7.7-16"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:3ef274ae69a419f4458c290b6bd33c2787798dc5a905f46dc20aff7b1c0b6e25_arm64",
"product": {
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:3ef274ae69a419f4458c290b6bd33c2787798dc5a905f46dc20aff7b1c0b6e25_arm64",
"product_id": "openshift-logging/lokistack-gateway-rhel8@sha256:3ef274ae69a419f4458c290b6bd33c2787798dc5a905f46dc20aff7b1c0b6e25_arm64",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel8@sha256:3ef274ae69a419f4458c290b6bd33c2787798dc5a905f46dc20aff7b1c0b6e25?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel8\u0026tag=v0.1.0-355"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/opa-openshift-rhel8@sha256:cc216b7b979a7b216fa7d4965ad6b1a147405fe95b95eafc0aa47c758f1b16d9_arm64",
"product": {
"name": "openshift-logging/opa-openshift-rhel8@sha256:cc216b7b979a7b216fa7d4965ad6b1a147405fe95b95eafc0aa47c758f1b16d9_arm64",
"product_id": "openshift-logging/opa-openshift-rhel8@sha256:cc216b7b979a7b216fa7d4965ad6b1a147405fe95b95eafc0aa47c758f1b16d9_arm64",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel8@sha256:cc216b7b979a7b216fa7d4965ad6b1a147405fe95b95eafc0aa47c758f1b16d9?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel8\u0026tag=v0.1.0-161"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:efb5cb250782473d1f4eb42d06747c9fad6df65c888cca88ed421bba399c5d96_amd64",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:efb5cb250782473d1f4eb42d06747c9fad6df65c888cca88ed421bba399c5d96_amd64",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:efb5cb250782473d1f4eb42d06747c9fad6df65c888cca88ed421bba399c5d96_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:efb5cb250782473d1f4eb42d06747c9fad6df65c888cca88ed421bba399c5d96?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.7.7-22"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:0761943b57451fa8cd0d42942a831376ab48f723e8ea461d0a5ea49c9a391d7b_amd64",
"product": {
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:0761943b57451fa8cd0d42942a831376ab48f723e8ea461d0a5ea49c9a391d7b_amd64",
"product_id": "openshift-logging/cluster-logging-operator-bundle@sha256:0761943b57451fa8cd0d42942a831376ab48f723e8ea461d0a5ea49c9a391d7b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-operator-bundle@sha256:0761943b57451fa8cd0d42942a831376ab48f723e8ea461d0a5ea49c9a391d7b?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-operator-bundle\u0026tag=v5.7.7-53"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:368447ae5216ada4c092c8781d3b847a5d37606d7c4ce430376ed5d3a4384863_amd64",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:368447ae5216ada4c092c8781d3b847a5d37606d7c4ce430376ed5d3a4384863_amd64",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:368447ae5216ada4c092c8781d3b847a5d37606d7c4ce430376ed5d3a4384863_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:368447ae5216ada4c092c8781d3b847a5d37606d7c4ce430376ed5d3a4384863?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.7.7-9"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:060f8fd11a32cbb6247d7d41e4be1fc71026e9bab9238995b7b2e563fb94e6d7_amd64",
"product": {
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:060f8fd11a32cbb6247d7d41e4be1fc71026e9bab9238995b7b2e563fb94e6d7_amd64",
"product_id": "openshift-logging/elasticsearch-operator-bundle@sha256:060f8fd11a32cbb6247d7d41e4be1fc71026e9bab9238995b7b2e563fb94e6d7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-operator-bundle@sha256:060f8fd11a32cbb6247d7d41e4be1fc71026e9bab9238995b7b2e563fb94e6d7?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-operator-bundle\u0026tag=v5.7.7-24"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:7ca7ec92b15a7556d6a8daabd24a70f42e4260b6caf9168e852890c063e91186_amd64",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:7ca7ec92b15a7556d6a8daabd24a70f42e4260b6caf9168e852890c063e91186_amd64",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:7ca7ec92b15a7556d6a8daabd24a70f42e4260b6caf9168e852890c063e91186_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:7ca7ec92b15a7556d6a8daabd24a70f42e4260b6caf9168e852890c063e91186?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-440"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:407891f77d384f8708f9e33469c410e84ba25fa9e4cb16e4a6a9c212f0b48a9c_amd64",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:407891f77d384f8708f9e33469c410e84ba25fa9e4cb16e4a6a9c212f0b48a9c_amd64",
"product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:407891f77d384f8708f9e33469c410e84ba25fa9e4cb16e4a6a9c212f0b48a9c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:407891f77d384f8708f9e33469c410e84ba25fa9e4cb16e4a6a9c212f0b48a9c?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.1.0-175"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel8@sha256:00fe8c23f7944a5d639c17b2e81dd80a424aabbddd4d7f0aff6b54f8cf370a58_amd64",
"product": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:00fe8c23f7944a5d639c17b2e81dd80a424aabbddd4d7f0aff6b54f8cf370a58_amd64",
"product_id": "openshift-logging/logging-curator5-rhel8@sha256:00fe8c23f7944a5d639c17b2e81dd80a424aabbddd4d7f0aff6b54f8cf370a58_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel8@sha256:00fe8c23f7944a5d639c17b2e81dd80a424aabbddd4d7f0aff6b54f8cf370a58?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-419"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:560831bdc34128719564aaaca4b80bba32062b97c87118b4ac00413609bcf067_amd64",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:560831bdc34128719564aaaca4b80bba32062b97c87118b4ac00413609bcf067_amd64",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:560831bdc34128719564aaaca4b80bba32062b97c87118b4ac00413609bcf067_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:560831bdc34128719564aaaca4b80bba32062b97c87118b4ac00413609bcf067?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-369"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:3054aade5994df42ab7c2981865a7851049ea46ed20b7805d1553d6b28ab5af8_amd64",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:3054aade5994df42ab7c2981865a7851049ea46ed20b7805d1553d6b28ab5af8_amd64",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:3054aade5994df42ab7c2981865a7851049ea46ed20b7805d1553d6b28ab5af8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:3054aade5994df42ab7c2981865a7851049ea46ed20b7805d1553d6b28ab5af8?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.4.0-189"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:f93ddeb2a52c0aead46bb0bb2af71a68c9a11093617615faadb3b07f45590fa1_amd64",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:f93ddeb2a52c0aead46bb0bb2af71a68c9a11093617615faadb3b07f45590fa1_amd64",
"product_id": "openshift-logging/fluentd-rhel8@sha256:f93ddeb2a52c0aead46bb0bb2af71a68c9a11093617615faadb3b07f45590fa1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:f93ddeb2a52c0aead46bb0bb2af71a68c9a11093617615faadb3b07f45590fa1?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.14.6-191"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:b104e6731b8ddfb98dd8a0891dfb1051fb59e82d70f91c297a62402922412c32_amd64",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:b104e6731b8ddfb98dd8a0891dfb1051fb59e82d70f91c297a62402922412c32_amd64",
"product_id": "openshift-logging/kibana6-rhel8@sha256:b104e6731b8ddfb98dd8a0891dfb1051fb59e82d70f91c297a62402922412c32_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:b104e6731b8ddfb98dd8a0891dfb1051fb59e82d70f91c297a62402922412c32?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-398"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-loki-rhel8@sha256:9fe7eba96b742b1a3d55cef2934ce6259be01faf589f0b2ec1bc3b557a833980_amd64",
"product": {
"name": "openshift-logging/logging-loki-rhel8@sha256:9fe7eba96b742b1a3d55cef2934ce6259be01faf589f0b2ec1bc3b557a833980_amd64",
"product_id": "openshift-logging/logging-loki-rhel8@sha256:9fe7eba96b742b1a3d55cef2934ce6259be01faf589f0b2ec1bc3b557a833980_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel8@sha256:9fe7eba96b742b1a3d55cef2934ce6259be01faf589f0b2ec1bc3b557a833980?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel8\u0026tag=v2.9.2-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/vector-rhel8@sha256:5d785f0ff007386c3d6c69eb06e1bac518c7a1b781504ef5ddbb7e6a682382e8_amd64",
"product": {
"name": "openshift-logging/vector-rhel8@sha256:5d785f0ff007386c3d6c69eb06e1bac518c7a1b781504ef5ddbb7e6a682382e8_amd64",
"product_id": "openshift-logging/vector-rhel8@sha256:5d785f0ff007386c3d6c69eb06e1bac518c7a1b781504ef5ddbb7e6a682382e8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel8@sha256:5d785f0ff007386c3d6c69eb06e1bac518c7a1b781504ef5ddbb7e6a682382e8?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel8\u0026tag=v0.28.1-32"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:2f09d0a0faad8944b5d4689699ae15d3d4e44cefaa5aaa11f2c584e71b23e667_amd64",
"product": {
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:2f09d0a0faad8944b5d4689699ae15d3d4e44cefaa5aaa11f2c584e71b23e667_amd64",
"product_id": "openshift-logging/logging-view-plugin-rhel8@sha256:2f09d0a0faad8944b5d4689699ae15d3d4e44cefaa5aaa11f2c584e71b23e667_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logging-view-plugin-rhel8@sha256:2f09d0a0faad8944b5d4689699ae15d3d4e44cefaa5aaa11f2c584e71b23e667?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/logging-view-plugin-rhel8\u0026tag=v5.7.7-8"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/loki-operator-bundle@sha256:c569eba6b695d9f26dc47f413e925d02666683a4af0401f23cfd05b96dcb61e9_amd64",
"product": {
"name": "openshift-logging/loki-operator-bundle@sha256:c569eba6b695d9f26dc47f413e925d02666683a4af0401f23cfd05b96dcb61e9_amd64",
"product_id": "openshift-logging/loki-operator-bundle@sha256:c569eba6b695d9f26dc47f413e925d02666683a4af0401f23cfd05b96dcb61e9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/loki-operator-bundle@sha256:c569eba6b695d9f26dc47f413e925d02666683a4af0401f23cfd05b96dcb61e9?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/loki-operator-bundle\u0026tag=v5.7.7-32"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/loki-rhel8-operator@sha256:c7d2ef7cf71269238bb23db61f08f9d237baa955a18cb394e8d34dc80178cdc5_amd64",
"product": {
"name": "openshift-logging/loki-rhel8-operator@sha256:c7d2ef7cf71269238bb23db61f08f9d237baa955a18cb394e8d34dc80178cdc5_amd64",
"product_id": "openshift-logging/loki-rhel8-operator@sha256:c7d2ef7cf71269238bb23db61f08f9d237baa955a18cb394e8d34dc80178cdc5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel8-operator@sha256:c7d2ef7cf71269238bb23db61f08f9d237baa955a18cb394e8d34dc80178cdc5?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel8-operator\u0026tag=v5.7.7-16"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:37e919ddb8673ef99e5e0e1b9e5c9c388c9417dd45971f2dab05bf92b462ab67_amd64",
"product": {
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:37e919ddb8673ef99e5e0e1b9e5c9c388c9417dd45971f2dab05bf92b462ab67_amd64",
"product_id": "openshift-logging/lokistack-gateway-rhel8@sha256:37e919ddb8673ef99e5e0e1b9e5c9c388c9417dd45971f2dab05bf92b462ab67_amd64",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel8@sha256:37e919ddb8673ef99e5e0e1b9e5c9c388c9417dd45971f2dab05bf92b462ab67?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel8\u0026tag=v0.1.0-355"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/opa-openshift-rhel8@sha256:cf9edc3befb08c9e0327197884faeb387b44efc169063020d154aa2ce77bd711_amd64",
"product": {
"name": "openshift-logging/opa-openshift-rhel8@sha256:cf9edc3befb08c9e0327197884faeb387b44efc169063020d154aa2ce77bd711_amd64",
"product_id": "openshift-logging/opa-openshift-rhel8@sha256:cf9edc3befb08c9e0327197884faeb387b44efc169063020d154aa2ce77bd711_amd64",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel8@sha256:cf9edc3befb08c9e0327197884faeb387b44efc169063020d154aa2ce77bd711?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel8\u0026tag=v0.1.0-161"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:c9a5546e0f427376f36d6d350cebe7ed3e7d2468d3c8290528fbe054462e22d6_s390x",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:c9a5546e0f427376f36d6d350cebe7ed3e7d2468d3c8290528fbe054462e22d6_s390x",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:c9a5546e0f427376f36d6d350cebe7ed3e7d2468d3c8290528fbe054462e22d6_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:c9a5546e0f427376f36d6d350cebe7ed3e7d2468d3c8290528fbe054462e22d6?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.7.7-22"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:720587fcb7a89a571c04c8e222e5ebf54c899086ce07461e5f5dac7dfe8e6af9_s390x",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:720587fcb7a89a571c04c8e222e5ebf54c899086ce07461e5f5dac7dfe8e6af9_s390x",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:720587fcb7a89a571c04c8e222e5ebf54c899086ce07461e5f5dac7dfe8e6af9_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:720587fcb7a89a571c04c8e222e5ebf54c899086ce07461e5f5dac7dfe8e6af9?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.7.7-9"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:6f64ee3aeedb891cb4b88e90c7569235d8e136cb2a66c7da1bc3ec73a518aa5d_s390x",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:6f64ee3aeedb891cb4b88e90c7569235d8e136cb2a66c7da1bc3ec73a518aa5d_s390x",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:6f64ee3aeedb891cb4b88e90c7569235d8e136cb2a66c7da1bc3ec73a518aa5d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:6f64ee3aeedb891cb4b88e90c7569235d8e136cb2a66c7da1bc3ec73a518aa5d?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-440"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:a91af106ffacd6a620c6b194697516ee3e9f8aa36605873061766d9f0ec35f84_s390x",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:a91af106ffacd6a620c6b194697516ee3e9f8aa36605873061766d9f0ec35f84_s390x",
"product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:a91af106ffacd6a620c6b194697516ee3e9f8aa36605873061766d9f0ec35f84_s390x",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:a91af106ffacd6a620c6b194697516ee3e9f8aa36605873061766d9f0ec35f84?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.1.0-175"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel8@sha256:94a2902ffbfcec5c29a23529d81f4605ebab9bde8156ad1be6dba42ccedeb1fe_s390x",
"product": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:94a2902ffbfcec5c29a23529d81f4605ebab9bde8156ad1be6dba42ccedeb1fe_s390x",
"product_id": "openshift-logging/logging-curator5-rhel8@sha256:94a2902ffbfcec5c29a23529d81f4605ebab9bde8156ad1be6dba42ccedeb1fe_s390x",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel8@sha256:94a2902ffbfcec5c29a23529d81f4605ebab9bde8156ad1be6dba42ccedeb1fe?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-419"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:90c408f644a8a853de8338f2d4c1b7ff10877973a98c15868e1e0662da8eca46_s390x",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:90c408f644a8a853de8338f2d4c1b7ff10877973a98c15868e1e0662da8eca46_s390x",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:90c408f644a8a853de8338f2d4c1b7ff10877973a98c15868e1e0662da8eca46_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:90c408f644a8a853de8338f2d4c1b7ff10877973a98c15868e1e0662da8eca46?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-369"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:7a45458250a73682ab11a3c743d563ab1c9072281b15d3a18088c5902130a4cd_s390x",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:7a45458250a73682ab11a3c743d563ab1c9072281b15d3a18088c5902130a4cd_s390x",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:7a45458250a73682ab11a3c743d563ab1c9072281b15d3a18088c5902130a4cd_s390x",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:7a45458250a73682ab11a3c743d563ab1c9072281b15d3a18088c5902130a4cd?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.4.0-189"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:08ba4f66916d6331ce739c856c863e2de59c7b870ef2247ed2ee4b5895932193_s390x",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:08ba4f66916d6331ce739c856c863e2de59c7b870ef2247ed2ee4b5895932193_s390x",
"product_id": "openshift-logging/fluentd-rhel8@sha256:08ba4f66916d6331ce739c856c863e2de59c7b870ef2247ed2ee4b5895932193_s390x",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:08ba4f66916d6331ce739c856c863e2de59c7b870ef2247ed2ee4b5895932193?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.14.6-191"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:e8af2bde433bebee9236365ce6bc52db26981c8e484df2048cb4ed2b7cb5bed1_s390x",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:e8af2bde433bebee9236365ce6bc52db26981c8e484df2048cb4ed2b7cb5bed1_s390x",
"product_id": "openshift-logging/kibana6-rhel8@sha256:e8af2bde433bebee9236365ce6bc52db26981c8e484df2048cb4ed2b7cb5bed1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:e8af2bde433bebee9236365ce6bc52db26981c8e484df2048cb4ed2b7cb5bed1?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-398"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-loki-rhel8@sha256:9a1e97c4dac0165d92615b30b9140149b038ab788464dcd41f8a14b647220a98_s390x",
"product": {
"name": "openshift-logging/logging-loki-rhel8@sha256:9a1e97c4dac0165d92615b30b9140149b038ab788464dcd41f8a14b647220a98_s390x",
"product_id": "openshift-logging/logging-loki-rhel8@sha256:9a1e97c4dac0165d92615b30b9140149b038ab788464dcd41f8a14b647220a98_s390x",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel8@sha256:9a1e97c4dac0165d92615b30b9140149b038ab788464dcd41f8a14b647220a98?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel8\u0026tag=v2.9.2-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/vector-rhel8@sha256:7c85f6f777f9c74096c33f76fbc9c122f203cb549fc91142d51e6aebdc400ec5_s390x",
"product": {
"name": "openshift-logging/vector-rhel8@sha256:7c85f6f777f9c74096c33f76fbc9c122f203cb549fc91142d51e6aebdc400ec5_s390x",
"product_id": "openshift-logging/vector-rhel8@sha256:7c85f6f777f9c74096c33f76fbc9c122f203cb549fc91142d51e6aebdc400ec5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel8@sha256:7c85f6f777f9c74096c33f76fbc9c122f203cb549fc91142d51e6aebdc400ec5?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel8\u0026tag=v0.28.1-32"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:c1247743656700aa4be1b1f6d43732e9ad65e0a99a928065aa94ef2a3729bac8_s390x",
"product": {
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:c1247743656700aa4be1b1f6d43732e9ad65e0a99a928065aa94ef2a3729bac8_s390x",
"product_id": "openshift-logging/logging-view-plugin-rhel8@sha256:c1247743656700aa4be1b1f6d43732e9ad65e0a99a928065aa94ef2a3729bac8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/logging-view-plugin-rhel8@sha256:c1247743656700aa4be1b1f6d43732e9ad65e0a99a928065aa94ef2a3729bac8?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/logging-view-plugin-rhel8\u0026tag=v5.7.7-8"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/loki-rhel8-operator@sha256:75d73f70f941e73b41e38d666dc1dbdfb465cb2d182b6f3663d632da5a15feb7_s390x",
"product": {
"name": "openshift-logging/loki-rhel8-operator@sha256:75d73f70f941e73b41e38d666dc1dbdfb465cb2d182b6f3663d632da5a15feb7_s390x",
"product_id": "openshift-logging/loki-rhel8-operator@sha256:75d73f70f941e73b41e38d666dc1dbdfb465cb2d182b6f3663d632da5a15feb7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel8-operator@sha256:75d73f70f941e73b41e38d666dc1dbdfb465cb2d182b6f3663d632da5a15feb7?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel8-operator\u0026tag=v5.7.7-16"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:1b1dd755ceb338795820eb5c4abd1914071b4579502eb40379e0126dbc5bd58c_s390x",
"product": {
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:1b1dd755ceb338795820eb5c4abd1914071b4579502eb40379e0126dbc5bd58c_s390x",
"product_id": "openshift-logging/lokistack-gateway-rhel8@sha256:1b1dd755ceb338795820eb5c4abd1914071b4579502eb40379e0126dbc5bd58c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel8@sha256:1b1dd755ceb338795820eb5c4abd1914071b4579502eb40379e0126dbc5bd58c?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel8\u0026tag=v0.1.0-355"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/opa-openshift-rhel8@sha256:a99366c13fbb55e96bebe92054c09ac75133023b940df8b80a43d89c8d6db580_s390x",
"product": {
"name": "openshift-logging/opa-openshift-rhel8@sha256:a99366c13fbb55e96bebe92054c09ac75133023b940df8b80a43d89c8d6db580_s390x",
"product_id": "openshift-logging/opa-openshift-rhel8@sha256:a99366c13fbb55e96bebe92054c09ac75133023b940df8b80a43d89c8d6db580_s390x",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel8@sha256:a99366c13fbb55e96bebe92054c09ac75133023b940df8b80a43d89c8d6db580?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel8\u0026tag=v0.1.0-161"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:2023d126c1be90ab6e6b27e778cc3944a2e5af2b44358537d65e60d385e78959_ppc64le",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:2023d126c1be90ab6e6b27e778cc3944a2e5af2b44358537d65e60d385e78959_ppc64le",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:2023d126c1be90ab6e6b27e778cc3944a2e5af2b44358537d65e60d385e78959_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:2023d126c1be90ab6e6b27e778cc3944a2e5af2b44358537d65e60d385e78959?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.7.7-22"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:640dfbd649bde0c5fed45d5ecaf595e1cf09ffa6d76be3b75751108c0d85bbcb_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:640dfbd649bde0c5fed45d5ecaf595e1cf09ffa6d76be3b75751108c0d85bbcb_ppc64le",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:640dfbd649bde0c5fed45d5ecaf595e1cf09ffa6d76be3b75751108c0d85bbcb_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:640dfbd649bde0c5fed45d5ecaf595e1cf09ffa6d76be3b75751108c0d85bbcb?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.7.7-9"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:f223378bb8b335e6ed531a451a48fc17c039004414836cc1f2bf8d408eb6eb18_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:f223378bb8b335e6ed531a451a48fc17c039004414836cc1f2bf8d408eb6eb18_ppc64le",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:f223378bb8b335e6ed531a451a48fc17c039004414836cc1f2bf8d408eb6eb18_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:f223378bb8b335e6ed531a451a48fc17c039004414836cc1f2bf8d408eb6eb18?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-440"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:fef8afe2da100f267ed9e3848b4a9a1183e04bf0a9702404d03b2f57e5ec1bde_ppc64le",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:fef8afe2da100f267ed9e3848b4a9a1183e04bf0a9702404d03b2f57e5ec1bde_ppc64le",
"product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:fef8afe2da100f267ed9e3848b4a9a1183e04bf0a9702404d03b2f57e5ec1bde_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:fef8afe2da100f267ed9e3848b4a9a1183e04bf0a9702404d03b2f57e5ec1bde?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.1.0-175"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel8@sha256:927ba226f05237f6ad1faf686149a89f692f8904445f5a35f15a685518d3fe6a_ppc64le",
"product": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:927ba226f05237f6ad1faf686149a89f692f8904445f5a35f15a685518d3fe6a_ppc64le",
"product_id": "openshift-logging/logging-curator5-rhel8@sha256:927ba226f05237f6ad1faf686149a89f692f8904445f5a35f15a685518d3fe6a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel8@sha256:927ba226f05237f6ad1faf686149a89f692f8904445f5a35f15a685518d3fe6a?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-419"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:0fab0830499ef530add912e8022f9d5a09addbf229e62bea989a1d8734e70a33_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:0fab0830499ef530add912e8022f9d5a09addbf229e62bea989a1d8734e70a33_ppc64le",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:0fab0830499ef530add912e8022f9d5a09addbf229e62bea989a1d8734e70a33_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:0fab0830499ef530add912e8022f9d5a09addbf229e62bea989a1d8734e70a33?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-369"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:ac827708b7d49a217770e510124427e9430ec13b23d8fc3e0f7bdcb682214b34_ppc64le",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:ac827708b7d49a217770e510124427e9430ec13b23d8fc3e0f7bdcb682214b34_ppc64le",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:ac827708b7d49a217770e510124427e9430ec13b23d8fc3e0f7bdcb682214b34_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:ac827708b7d49a217770e510124427e9430ec13b23d8fc3e0f7bdcb682214b34?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.4.0-189"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:65b491f9794f306cfe74b6ff622e9fe8b1155df5ed89e8db1f34ee2d299b2245_ppc64le",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:65b491f9794f306cfe74b6ff622e9fe8b1155df5ed89e8db1f34ee2d299b2245_ppc64le",
"product_id": "openshift-logging/fluentd-rhel8@sha256:65b491f9794f306cfe74b6ff622e9fe8b1155df5ed89e8db1f34ee2d299b2245_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:65b491f9794f306cfe74b6ff622e9fe8b1155df5ed89e8db1f34ee2d299b2245?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.14.6-191"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:eddddb656ad870ad417cb92756ce537d32b55b17a9af3c87b5e2f4834017e48a_ppc64le",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:eddddb656ad870ad417cb92756ce537d32b55b17a9af3c87b5e2f4834017e48a_ppc64le",
"product_id": "openshift-logging/kibana6-rhel8@sha256:eddddb656ad870ad417cb92756ce537d32b55b17a9af3c87b5e2f4834017e48a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:eddddb656ad870ad417cb92756ce537d32b55b17a9af3c87b5e2f4834017e48a?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-398"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-loki-rhel8@sha256:476a5e47090c24d1f8f5bafaca9b80e5373a2da0f14a7ec6e7254a32440adfdb_ppc64le",
"product": {
"name": "openshift-logging/logging-loki-rhel8@sha256:476a5e47090c24d1f8f5bafaca9b80e5373a2da0f14a7ec6e7254a32440adfdb_ppc64le",
"product_id": "openshift-logging/logging-loki-rhel8@sha256:476a5e47090c24d1f8f5bafaca9b80e5373a2da0f14a7ec6e7254a32440adfdb_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel8@sha256:476a5e47090c24d1f8f5bafaca9b80e5373a2da0f14a7ec6e7254a32440adfdb?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel8\u0026tag=v2.9.2-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/vector-rhel8@sha256:b5633612eab927c2d65848d0fd4629e692fbd4ea5b7aa9254ddfe6982824c06a_ppc64le",
"product": {
"name": "openshift-logging/vector-rhel8@sha256:b5633612eab927c2d65848d0fd4629e692fbd4ea5b7aa9254ddfe6982824c06a_ppc64le",
"product_id": "openshift-logging/vector-rhel8@sha256:b5633612eab927c2d65848d0fd4629e692fbd4ea5b7aa9254ddfe6982824c06a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel8@sha256:b5633612eab927c2d65848d0fd4629e692fbd4ea5b7aa9254ddfe6982824c06a?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel8\u0026tag=v0.28.1-32"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:8181f92baa5a86da7767f605f4537b59fad583ee80fcde309fea504e9c3147c0_ppc64le",
"product": {
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:8181f92baa5a86da7767f605f4537b59fad583ee80fcde309fea504e9c3147c0_ppc64le",
"product_id": "openshift-logging/logging-view-plugin-rhel8@sha256:8181f92baa5a86da7767f605f4537b59fad583ee80fcde309fea504e9c3147c0_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logging-view-plugin-rhel8@sha256:8181f92baa5a86da7767f605f4537b59fad583ee80fcde309fea504e9c3147c0?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/logging-view-plugin-rhel8\u0026tag=v5.7.7-8"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/loki-rhel8-operator@sha256:4e59120fc8a10978b234716a5757891c197e9394aae2446b3b8d8621f3983792_ppc64le",
"product": {
"name": "openshift-logging/loki-rhel8-operator@sha256:4e59120fc8a10978b234716a5757891c197e9394aae2446b3b8d8621f3983792_ppc64le",
"product_id": "openshift-logging/loki-rhel8-operator@sha256:4e59120fc8a10978b234716a5757891c197e9394aae2446b3b8d8621f3983792_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel8-operator@sha256:4e59120fc8a10978b234716a5757891c197e9394aae2446b3b8d8621f3983792?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel8-operator\u0026tag=v5.7.7-16"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:4cc1ddf22cba8a5ed94549115b5210d961e1978618c8cb48e820e545369ecb65_ppc64le",
"product": {
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:4cc1ddf22cba8a5ed94549115b5210d961e1978618c8cb48e820e545369ecb65_ppc64le",
"product_id": "openshift-logging/lokistack-gateway-rhel8@sha256:4cc1ddf22cba8a5ed94549115b5210d961e1978618c8cb48e820e545369ecb65_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel8@sha256:4cc1ddf22cba8a5ed94549115b5210d961e1978618c8cb48e820e545369ecb65?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel8\u0026tag=v0.1.0-355"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/opa-openshift-rhel8@sha256:bdb8fb48f8b164fb3d55de977aaa19414654ec7284f148db11b77b94a3feefd1_ppc64le",
"product": {
"name": "openshift-logging/opa-openshift-rhel8@sha256:bdb8fb48f8b164fb3d55de977aaa19414654ec7284f148db11b77b94a3feefd1_ppc64le",
"product_id": "openshift-logging/opa-openshift-rhel8@sha256:bdb8fb48f8b164fb3d55de977aaa19414654ec7284f148db11b77b94a3feefd1_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel8@sha256:bdb8fb48f8b164fb3d55de977aaa19414654ec7284f148db11b77b94a3feefd1?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel8\u0026tag=v0.1.0-161"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:0761943b57451fa8cd0d42942a831376ab48f723e8ea461d0a5ea49c9a391d7b_amd64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/cluster-logging-operator-bundle@sha256:0761943b57451fa8cd0d42942a831376ab48f723e8ea461d0a5ea49c9a391d7b_amd64"
},
"product_reference": "openshift-logging/cluster-logging-operator-bundle@sha256:0761943b57451fa8cd0d42942a831376ab48f723e8ea461d0a5ea49c9a391d7b_amd64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:1d6a2bd236f72f3dbb4c2e284cb2ac2554d7d79b416d57ee94b8d158ea3ea807_arm64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:1d6a2bd236f72f3dbb4c2e284cb2ac2554d7d79b416d57ee94b8d158ea3ea807_arm64"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:1d6a2bd236f72f3dbb4c2e284cb2ac2554d7d79b416d57ee94b8d158ea3ea807_arm64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:2023d126c1be90ab6e6b27e778cc3944a2e5af2b44358537d65e60d385e78959_ppc64le as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:2023d126c1be90ab6e6b27e778cc3944a2e5af2b44358537d65e60d385e78959_ppc64le"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:2023d126c1be90ab6e6b27e778cc3944a2e5af2b44358537d65e60d385e78959_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:c9a5546e0f427376f36d6d350cebe7ed3e7d2468d3c8290528fbe054462e22d6_s390x as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:c9a5546e0f427376f36d6d350cebe7ed3e7d2468d3c8290528fbe054462e22d6_s390x"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:c9a5546e0f427376f36d6d350cebe7ed3e7d2468d3c8290528fbe054462e22d6_s390x",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:efb5cb250782473d1f4eb42d06747c9fad6df65c888cca88ed421bba399c5d96_amd64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:efb5cb250782473d1f4eb42d06747c9fad6df65c888cca88ed421bba399c5d96_amd64"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:efb5cb250782473d1f4eb42d06747c9fad6df65c888cca88ed421bba399c5d96_amd64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:060f8fd11a32cbb6247d7d41e4be1fc71026e9bab9238995b7b2e563fb94e6d7_amd64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/elasticsearch-operator-bundle@sha256:060f8fd11a32cbb6247d7d41e4be1fc71026e9bab9238995b7b2e563fb94e6d7_amd64"
},
"product_reference": "openshift-logging/elasticsearch-operator-bundle@sha256:060f8fd11a32cbb6247d7d41e4be1fc71026e9bab9238995b7b2e563fb94e6d7_amd64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:2995302941f4c0d5016e49c3a01ca3bc4d80935ce1de70c84a2124e28e290947_arm64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:2995302941f4c0d5016e49c3a01ca3bc4d80935ce1de70c84a2124e28e290947_arm64"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:2995302941f4c0d5016e49c3a01ca3bc4d80935ce1de70c84a2124e28e290947_arm64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:6f64ee3aeedb891cb4b88e90c7569235d8e136cb2a66c7da1bc3ec73a518aa5d_s390x as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:6f64ee3aeedb891cb4b88e90c7569235d8e136cb2a66c7da1bc3ec73a518aa5d_s390x"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:6f64ee3aeedb891cb4b88e90c7569235d8e136cb2a66c7da1bc3ec73a518aa5d_s390x",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:7ca7ec92b15a7556d6a8daabd24a70f42e4260b6caf9168e852890c063e91186_amd64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:7ca7ec92b15a7556d6a8daabd24a70f42e4260b6caf9168e852890c063e91186_amd64"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:7ca7ec92b15a7556d6a8daabd24a70f42e4260b6caf9168e852890c063e91186_amd64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:f223378bb8b335e6ed531a451a48fc17c039004414836cc1f2bf8d408eb6eb18_ppc64le as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:f223378bb8b335e6ed531a451a48fc17c039004414836cc1f2bf8d408eb6eb18_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:f223378bb8b335e6ed531a451a48fc17c039004414836cc1f2bf8d408eb6eb18_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:368447ae5216ada4c092c8781d3b847a5d37606d7c4ce430376ed5d3a4384863_amd64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:368447ae5216ada4c092c8781d3b847a5d37606d7c4ce430376ed5d3a4384863_amd64"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:368447ae5216ada4c092c8781d3b847a5d37606d7c4ce430376ed5d3a4384863_amd64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:640dfbd649bde0c5fed45d5ecaf595e1cf09ffa6d76be3b75751108c0d85bbcb_ppc64le as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:640dfbd649bde0c5fed45d5ecaf595e1cf09ffa6d76be3b75751108c0d85bbcb_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:640dfbd649bde0c5fed45d5ecaf595e1cf09ffa6d76be3b75751108c0d85bbcb_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:720587fcb7a89a571c04c8e222e5ebf54c899086ce07461e5f5dac7dfe8e6af9_s390x as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:720587fcb7a89a571c04c8e222e5ebf54c899086ce07461e5f5dac7dfe8e6af9_s390x"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:720587fcb7a89a571c04c8e222e5ebf54c899086ce07461e5f5dac7dfe8e6af9_s390x",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:9a492f0164ba9ea96a8cef43577a6d62ce5806dc1e821d3aee2abfcf35a02ac0_arm64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:9a492f0164ba9ea96a8cef43577a6d62ce5806dc1e821d3aee2abfcf35a02ac0_arm64"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:9a492f0164ba9ea96a8cef43577a6d62ce5806dc1e821d3aee2abfcf35a02ac0_arm64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:0fab0830499ef530add912e8022f9d5a09addbf229e62bea989a1d8734e70a33_ppc64le as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:0fab0830499ef530add912e8022f9d5a09addbf229e62bea989a1d8734e70a33_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:0fab0830499ef530add912e8022f9d5a09addbf229e62bea989a1d8734e70a33_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:560831bdc34128719564aaaca4b80bba32062b97c87118b4ac00413609bcf067_amd64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:560831bdc34128719564aaaca4b80bba32062b97c87118b4ac00413609bcf067_amd64"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:560831bdc34128719564aaaca4b80bba32062b97c87118b4ac00413609bcf067_amd64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:90c408f644a8a853de8338f2d4c1b7ff10877973a98c15868e1e0662da8eca46_s390x as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:90c408f644a8a853de8338f2d4c1b7ff10877973a98c15868e1e0662da8eca46_s390x"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:90c408f644a8a853de8338f2d4c1b7ff10877973a98c15868e1e0662da8eca46_s390x",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:a00a7c1c152b6d2897bdc06b0137b556e6931b7d309e4e9a585825dbd558d3ba_arm64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:a00a7c1c152b6d2897bdc06b0137b556e6931b7d309e4e9a585825dbd558d3ba_arm64"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:a00a7c1c152b6d2897bdc06b0137b556e6931b7d309e4e9a585825dbd558d3ba_arm64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:3054aade5994df42ab7c2981865a7851049ea46ed20b7805d1553d6b28ab5af8_amd64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:3054aade5994df42ab7c2981865a7851049ea46ed20b7805d1553d6b28ab5af8_amd64"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:3054aade5994df42ab7c2981865a7851049ea46ed20b7805d1553d6b28ab5af8_amd64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:7a45458250a73682ab11a3c743d563ab1c9072281b15d3a18088c5902130a4cd_s390x as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:7a45458250a73682ab11a3c743d563ab1c9072281b15d3a18088c5902130a4cd_s390x"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:7a45458250a73682ab11a3c743d563ab1c9072281b15d3a18088c5902130a4cd_s390x",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:ac827708b7d49a217770e510124427e9430ec13b23d8fc3e0f7bdcb682214b34_ppc64le as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:ac827708b7d49a217770e510124427e9430ec13b23d8fc3e0f7bdcb682214b34_ppc64le"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:ac827708b7d49a217770e510124427e9430ec13b23d8fc3e0f7bdcb682214b34_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:bc31b395c3a2353048cad9d0d44f28e60f7e0a01e5fc6f6b2803d813ec279687_arm64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:bc31b395c3a2353048cad9d0d44f28e60f7e0a01e5fc6f6b2803d813ec279687_arm64"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:bc31b395c3a2353048cad9d0d44f28e60f7e0a01e5fc6f6b2803d813ec279687_arm64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:08ba4f66916d6331ce739c856c863e2de59c7b870ef2247ed2ee4b5895932193_s390x as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:08ba4f66916d6331ce739c856c863e2de59c7b870ef2247ed2ee4b5895932193_s390x"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:08ba4f66916d6331ce739c856c863e2de59c7b870ef2247ed2ee4b5895932193_s390x",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:65b491f9794f306cfe74b6ff622e9fe8b1155df5ed89e8db1f34ee2d299b2245_ppc64le as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:65b491f9794f306cfe74b6ff622e9fe8b1155df5ed89e8db1f34ee2d299b2245_ppc64le"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:65b491f9794f306cfe74b6ff622e9fe8b1155df5ed89e8db1f34ee2d299b2245_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:d920792d5ea71265702f0a408888e051b47d23cb8b624c02e6ed29b142d152bf_arm64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:d920792d5ea71265702f0a408888e051b47d23cb8b624c02e6ed29b142d152bf_arm64"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:d920792d5ea71265702f0a408888e051b47d23cb8b624c02e6ed29b142d152bf_arm64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:f93ddeb2a52c0aead46bb0bb2af71a68c9a11093617615faadb3b07f45590fa1_amd64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:f93ddeb2a52c0aead46bb0bb2af71a68c9a11093617615faadb3b07f45590fa1_amd64"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:f93ddeb2a52c0aead46bb0bb2af71a68c9a11093617615faadb3b07f45590fa1_amd64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:6bdd69f14340d82695bd645b14f4faaa99c830630087d43aa843418cfb34b89e_arm64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:6bdd69f14340d82695bd645b14f4faaa99c830630087d43aa843418cfb34b89e_arm64"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:6bdd69f14340d82695bd645b14f4faaa99c830630087d43aa843418cfb34b89e_arm64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:b104e6731b8ddfb98dd8a0891dfb1051fb59e82d70f91c297a62402922412c32_amd64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:b104e6731b8ddfb98dd8a0891dfb1051fb59e82d70f91c297a62402922412c32_amd64"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:b104e6731b8ddfb98dd8a0891dfb1051fb59e82d70f91c297a62402922412c32_amd64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:e8af2bde433bebee9236365ce6bc52db26981c8e484df2048cb4ed2b7cb5bed1_s390x as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:e8af2bde433bebee9236365ce6bc52db26981c8e484df2048cb4ed2b7cb5bed1_s390x"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:e8af2bde433bebee9236365ce6bc52db26981c8e484df2048cb4ed2b7cb5bed1_s390x",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:eddddb656ad870ad417cb92756ce537d32b55b17a9af3c87b5e2f4834017e48a_ppc64le as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:eddddb656ad870ad417cb92756ce537d32b55b17a9af3c87b5e2f4834017e48a_ppc64le"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:eddddb656ad870ad417cb92756ce537d32b55b17a9af3c87b5e2f4834017e48a_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:407891f77d384f8708f9e33469c410e84ba25fa9e4cb16e4a6a9c212f0b48a9c_amd64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:407891f77d384f8708f9e33469c410e84ba25fa9e4cb16e4a6a9c212f0b48a9c_amd64"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:407891f77d384f8708f9e33469c410e84ba25fa9e4cb16e4a6a9c212f0b48a9c_amd64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:7f5f8f7d40938e5a0b2b2724c551f4e1dcf57de78daacd736b28b964d0fa6eec_arm64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:7f5f8f7d40938e5a0b2b2724c551f4e1dcf57de78daacd736b28b964d0fa6eec_arm64"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:7f5f8f7d40938e5a0b2b2724c551f4e1dcf57de78daacd736b28b964d0fa6eec_arm64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:a91af106ffacd6a620c6b194697516ee3e9f8aa36605873061766d9f0ec35f84_s390x as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:a91af106ffacd6a620c6b194697516ee3e9f8aa36605873061766d9f0ec35f84_s390x"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:a91af106ffacd6a620c6b194697516ee3e9f8aa36605873061766d9f0ec35f84_s390x",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:fef8afe2da100f267ed9e3848b4a9a1183e04bf0a9702404d03b2f57e5ec1bde_ppc64le as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:fef8afe2da100f267ed9e3848b4a9a1183e04bf0a9702404d03b2f57e5ec1bde_ppc64le"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:fef8afe2da100f267ed9e3848b4a9a1183e04bf0a9702404d03b2f57e5ec1bde_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:00fe8c23f7944a5d639c17b2e81dd80a424aabbddd4d7f0aff6b54f8cf370a58_amd64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:00fe8c23f7944a5d639c17b2e81dd80a424aabbddd4d7f0aff6b54f8cf370a58_amd64"
},
"product_reference": "openshift-logging/logging-curator5-rhel8@sha256:00fe8c23f7944a5d639c17b2e81dd80a424aabbddd4d7f0aff6b54f8cf370a58_amd64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:0a7df021980720321c27e8021626e0c4f428150faa75fd92803b3e172f07eedf_arm64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:0a7df021980720321c27e8021626e0c4f428150faa75fd92803b3e172f07eedf_arm64"
},
"product_reference": "openshift-logging/logging-curator5-rhel8@sha256:0a7df021980720321c27e8021626e0c4f428150faa75fd92803b3e172f07eedf_arm64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:927ba226f05237f6ad1faf686149a89f692f8904445f5a35f15a685518d3fe6a_ppc64le as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:927ba226f05237f6ad1faf686149a89f692f8904445f5a35f15a685518d3fe6a_ppc64le"
},
"product_reference": "openshift-logging/logging-curator5-rhel8@sha256:927ba226f05237f6ad1faf686149a89f692f8904445f5a35f15a685518d3fe6a_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:94a2902ffbfcec5c29a23529d81f4605ebab9bde8156ad1be6dba42ccedeb1fe_s390x as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:94a2902ffbfcec5c29a23529d81f4605ebab9bde8156ad1be6dba42ccedeb1fe_s390x"
},
"product_reference": "openshift-logging/logging-curator5-rhel8@sha256:94a2902ffbfcec5c29a23529d81f4605ebab9bde8156ad1be6dba42ccedeb1fe_s390x",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-loki-rhel8@sha256:476a5e47090c24d1f8f5bafaca9b80e5373a2da0f14a7ec6e7254a32440adfdb_ppc64le as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:476a5e47090c24d1f8f5bafaca9b80e5373a2da0f14a7ec6e7254a32440adfdb_ppc64le"
},
"product_reference": "openshift-logging/logging-loki-rhel8@sha256:476a5e47090c24d1f8f5bafaca9b80e5373a2da0f14a7ec6e7254a32440adfdb_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-loki-rhel8@sha256:8cb4328b46bc3f8627f11fe69b37d8147f1d76b909c9880066277615c36cabc1_arm64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:8cb4328b46bc3f8627f11fe69b37d8147f1d76b909c9880066277615c36cabc1_arm64"
},
"product_reference": "openshift-logging/logging-loki-rhel8@sha256:8cb4328b46bc3f8627f11fe69b37d8147f1d76b909c9880066277615c36cabc1_arm64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-loki-rhel8@sha256:9a1e97c4dac0165d92615b30b9140149b038ab788464dcd41f8a14b647220a98_s390x as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:9a1e97c4dac0165d92615b30b9140149b038ab788464dcd41f8a14b647220a98_s390x"
},
"product_reference": "openshift-logging/logging-loki-rhel8@sha256:9a1e97c4dac0165d92615b30b9140149b038ab788464dcd41f8a14b647220a98_s390x",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-loki-rhel8@sha256:9fe7eba96b742b1a3d55cef2934ce6259be01faf589f0b2ec1bc3b557a833980_amd64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:9fe7eba96b742b1a3d55cef2934ce6259be01faf589f0b2ec1bc3b557a833980_amd64"
},
"product_reference": "openshift-logging/logging-loki-rhel8@sha256:9fe7eba96b742b1a3d55cef2934ce6259be01faf589f0b2ec1bc3b557a833980_amd64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:0f251245e9f1030e64a6c9b76fe22b571e4a3f9cc2fd38979b52e5c91c6bd2e6_arm64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:0f251245e9f1030e64a6c9b76fe22b571e4a3f9cc2fd38979b52e5c91c6bd2e6_arm64"
},
"product_reference": "openshift-logging/logging-view-plugin-rhel8@sha256:0f251245e9f1030e64a6c9b76fe22b571e4a3f9cc2fd38979b52e5c91c6bd2e6_arm64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:2f09d0a0faad8944b5d4689699ae15d3d4e44cefaa5aaa11f2c584e71b23e667_amd64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:2f09d0a0faad8944b5d4689699ae15d3d4e44cefaa5aaa11f2c584e71b23e667_amd64"
},
"product_reference": "openshift-logging/logging-view-plugin-rhel8@sha256:2f09d0a0faad8944b5d4689699ae15d3d4e44cefaa5aaa11f2c584e71b23e667_amd64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:8181f92baa5a86da7767f605f4537b59fad583ee80fcde309fea504e9c3147c0_ppc64le as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:8181f92baa5a86da7767f605f4537b59fad583ee80fcde309fea504e9c3147c0_ppc64le"
},
"product_reference": "openshift-logging/logging-view-plugin-rhel8@sha256:8181f92baa5a86da7767f605f4537b59fad583ee80fcde309fea504e9c3147c0_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:c1247743656700aa4be1b1f6d43732e9ad65e0a99a928065aa94ef2a3729bac8_s390x as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:c1247743656700aa4be1b1f6d43732e9ad65e0a99a928065aa94ef2a3729bac8_s390x"
},
"product_reference": "openshift-logging/logging-view-plugin-rhel8@sha256:c1247743656700aa4be1b1f6d43732e9ad65e0a99a928065aa94ef2a3729bac8_s390x",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/loki-operator-bundle@sha256:c569eba6b695d9f26dc47f413e925d02666683a4af0401f23cfd05b96dcb61e9_amd64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/loki-operator-bundle@sha256:c569eba6b695d9f26dc47f413e925d02666683a4af0401f23cfd05b96dcb61e9_amd64"
},
"product_reference": "openshift-logging/loki-operator-bundle@sha256:c569eba6b695d9f26dc47f413e925d02666683a4af0401f23cfd05b96dcb61e9_amd64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/loki-rhel8-operator@sha256:31cdc95fe91aeb315afa5a1daf98e91587eac31b895de5b698bfd4637889ce22_arm64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:31cdc95fe91aeb315afa5a1daf98e91587eac31b895de5b698bfd4637889ce22_arm64"
},
"product_reference": "openshift-logging/loki-rhel8-operator@sha256:31cdc95fe91aeb315afa5a1daf98e91587eac31b895de5b698bfd4637889ce22_arm64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/loki-rhel8-operator@sha256:4e59120fc8a10978b234716a5757891c197e9394aae2446b3b8d8621f3983792_ppc64le as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:4e59120fc8a10978b234716a5757891c197e9394aae2446b3b8d8621f3983792_ppc64le"
},
"product_reference": "openshift-logging/loki-rhel8-operator@sha256:4e59120fc8a10978b234716a5757891c197e9394aae2446b3b8d8621f3983792_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/loki-rhel8-operator@sha256:75d73f70f941e73b41e38d666dc1dbdfb465cb2d182b6f3663d632da5a15feb7_s390x as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:75d73f70f941e73b41e38d666dc1dbdfb465cb2d182b6f3663d632da5a15feb7_s390x"
},
"product_reference": "openshift-logging/loki-rhel8-operator@sha256:75d73f70f941e73b41e38d666dc1dbdfb465cb2d182b6f3663d632da5a15feb7_s390x",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/loki-rhel8-operator@sha256:c7d2ef7cf71269238bb23db61f08f9d237baa955a18cb394e8d34dc80178cdc5_amd64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:c7d2ef7cf71269238bb23db61f08f9d237baa955a18cb394e8d34dc80178cdc5_amd64"
},
"product_reference": "openshift-logging/loki-rhel8-operator@sha256:c7d2ef7cf71269238bb23db61f08f9d237baa955a18cb394e8d34dc80178cdc5_amd64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:1b1dd755ceb338795820eb5c4abd1914071b4579502eb40379e0126dbc5bd58c_s390x as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:1b1dd755ceb338795820eb5c4abd1914071b4579502eb40379e0126dbc5bd58c_s390x"
},
"product_reference": "openshift-logging/lokistack-gateway-rhel8@sha256:1b1dd755ceb338795820eb5c4abd1914071b4579502eb40379e0126dbc5bd58c_s390x",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:37e919ddb8673ef99e5e0e1b9e5c9c388c9417dd45971f2dab05bf92b462ab67_amd64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:37e919ddb8673ef99e5e0e1b9e5c9c388c9417dd45971f2dab05bf92b462ab67_amd64"
},
"product_reference": "openshift-logging/lokistack-gateway-rhel8@sha256:37e919ddb8673ef99e5e0e1b9e5c9c388c9417dd45971f2dab05bf92b462ab67_amd64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:3ef274ae69a419f4458c290b6bd33c2787798dc5a905f46dc20aff7b1c0b6e25_arm64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:3ef274ae69a419f4458c290b6bd33c2787798dc5a905f46dc20aff7b1c0b6e25_arm64"
},
"product_reference": "openshift-logging/lokistack-gateway-rhel8@sha256:3ef274ae69a419f4458c290b6bd33c2787798dc5a905f46dc20aff7b1c0b6e25_arm64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:4cc1ddf22cba8a5ed94549115b5210d961e1978618c8cb48e820e545369ecb65_ppc64le as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:4cc1ddf22cba8a5ed94549115b5210d961e1978618c8cb48e820e545369ecb65_ppc64le"
},
"product_reference": "openshift-logging/lokistack-gateway-rhel8@sha256:4cc1ddf22cba8a5ed94549115b5210d961e1978618c8cb48e820e545369ecb65_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/opa-openshift-rhel8@sha256:a99366c13fbb55e96bebe92054c09ac75133023b940df8b80a43d89c8d6db580_s390x as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:a99366c13fbb55e96bebe92054c09ac75133023b940df8b80a43d89c8d6db580_s390x"
},
"product_reference": "openshift-logging/opa-openshift-rhel8@sha256:a99366c13fbb55e96bebe92054c09ac75133023b940df8b80a43d89c8d6db580_s390x",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/opa-openshift-rhel8@sha256:bdb8fb48f8b164fb3d55de977aaa19414654ec7284f148db11b77b94a3feefd1_ppc64le as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:bdb8fb48f8b164fb3d55de977aaa19414654ec7284f148db11b77b94a3feefd1_ppc64le"
},
"product_reference": "openshift-logging/opa-openshift-rhel8@sha256:bdb8fb48f8b164fb3d55de977aaa19414654ec7284f148db11b77b94a3feefd1_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/opa-openshift-rhel8@sha256:cc216b7b979a7b216fa7d4965ad6b1a147405fe95b95eafc0aa47c758f1b16d9_arm64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:cc216b7b979a7b216fa7d4965ad6b1a147405fe95b95eafc0aa47c758f1b16d9_arm64"
},
"product_reference": "openshift-logging/opa-openshift-rhel8@sha256:cc216b7b979a7b216fa7d4965ad6b1a147405fe95b95eafc0aa47c758f1b16d9_arm64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/opa-openshift-rhel8@sha256:cf9edc3befb08c9e0327197884faeb387b44efc169063020d154aa2ce77bd711_amd64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:cf9edc3befb08c9e0327197884faeb387b44efc169063020d154aa2ce77bd711_amd64"
},
"product_reference": "openshift-logging/opa-openshift-rhel8@sha256:cf9edc3befb08c9e0327197884faeb387b44efc169063020d154aa2ce77bd711_amd64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/vector-rhel8@sha256:5d785f0ff007386c3d6c69eb06e1bac518c7a1b781504ef5ddbb7e6a682382e8_amd64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:5d785f0ff007386c3d6c69eb06e1bac518c7a1b781504ef5ddbb7e6a682382e8_amd64"
},
"product_reference": "openshift-logging/vector-rhel8@sha256:5d785f0ff007386c3d6c69eb06e1bac518c7a1b781504ef5ddbb7e6a682382e8_amd64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/vector-rhel8@sha256:7c85f6f777f9c74096c33f76fbc9c122f203cb549fc91142d51e6aebdc400ec5_s390x as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:7c85f6f777f9c74096c33f76fbc9c122f203cb549fc91142d51e6aebdc400ec5_s390x"
},
"product_reference": "openshift-logging/vector-rhel8@sha256:7c85f6f777f9c74096c33f76fbc9c122f203cb549fc91142d51e6aebdc400ec5_s390x",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/vector-rhel8@sha256:b5633612eab927c2d65848d0fd4629e692fbd4ea5b7aa9254ddfe6982824c06a_ppc64le as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:b5633612eab927c2d65848d0fd4629e692fbd4ea5b7aa9254ddfe6982824c06a_ppc64le"
},
"product_reference": "openshift-logging/vector-rhel8@sha256:b5633612eab927c2d65848d0fd4629e692fbd4ea5b7aa9254ddfe6982824c06a_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/vector-rhel8@sha256:eb444e7e77e14ff1f36c048bdd53d482b6cf3ed98d3ff6f2574620187fde49ab_arm64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:eb444e7e77e14ff1f36c048bdd53d482b6cf3ed98d3ff6f2574620187fde49ab_arm64"
},
"product_reference": "openshift-logging/vector-rhel8@sha256:eb444e7e77e14ff1f36c048bdd53d482b6cf3ed98d3ff6f2574620187fde49ab_arm64",
"relates_to_product_reference": "8Base-RHOL-5.7"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-29406",
"cwe": {
"id": "CWE-113",
"name": "Improper Neutralization of CRLF Sequences in HTTP Headers (\u0027HTTP Request/Response Splitting\u0027)"
},
"discovery_date": "2023-07-12T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOL-5.7:openshift-logging/cluster-logging-operator-bundle@sha256:0761943b57451fa8cd0d42942a831376ab48f723e8ea461d0a5ea49c9a391d7b_amd64",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:1d6a2bd236f72f3dbb4c2e284cb2ac2554d7d79b416d57ee94b8d158ea3ea807_arm64",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:2023d126c1be90ab6e6b27e778cc3944a2e5af2b44358537d65e60d385e78959_ppc64le",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:c9a5546e0f427376f36d6d350cebe7ed3e7d2468d3c8290528fbe054462e22d6_s390x",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:efb5cb250782473d1f4eb42d06747c9fad6df65c888cca88ed421bba399c5d96_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-operator-bundle@sha256:060f8fd11a32cbb6247d7d41e4be1fc71026e9bab9238995b7b2e563fb94e6d7_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:2995302941f4c0d5016e49c3a01ca3bc4d80935ce1de70c84a2124e28e290947_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:6f64ee3aeedb891cb4b88e90c7569235d8e136cb2a66c7da1bc3ec73a518aa5d_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:7ca7ec92b15a7556d6a8daabd24a70f42e4260b6caf9168e852890c063e91186_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:f223378bb8b335e6ed531a451a48fc17c039004414836cc1f2bf8d408eb6eb18_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:368447ae5216ada4c092c8781d3b847a5d37606d7c4ce430376ed5d3a4384863_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:640dfbd649bde0c5fed45d5ecaf595e1cf09ffa6d76be3b75751108c0d85bbcb_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:720587fcb7a89a571c04c8e222e5ebf54c899086ce07461e5f5dac7dfe8e6af9_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:9a492f0164ba9ea96a8cef43577a6d62ce5806dc1e821d3aee2abfcf35a02ac0_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:0fab0830499ef530add912e8022f9d5a09addbf229e62bea989a1d8734e70a33_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:560831bdc34128719564aaaca4b80bba32062b97c87118b4ac00413609bcf067_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:90c408f644a8a853de8338f2d4c1b7ff10877973a98c15868e1e0662da8eca46_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:a00a7c1c152b6d2897bdc06b0137b556e6931b7d309e4e9a585825dbd558d3ba_arm64",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:3054aade5994df42ab7c2981865a7851049ea46ed20b7805d1553d6b28ab5af8_amd64",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:7a45458250a73682ab11a3c743d563ab1c9072281b15d3a18088c5902130a4cd_s390x",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:ac827708b7d49a217770e510124427e9430ec13b23d8fc3e0f7bdcb682214b34_ppc64le",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:bc31b395c3a2353048cad9d0d44f28e60f7e0a01e5fc6f6b2803d813ec279687_arm64",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:08ba4f66916d6331ce739c856c863e2de59c7b870ef2247ed2ee4b5895932193_s390x",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:65b491f9794f306cfe74b6ff622e9fe8b1155df5ed89e8db1f34ee2d299b2245_ppc64le",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:d920792d5ea71265702f0a408888e051b47d23cb8b624c02e6ed29b142d152bf_arm64",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:f93ddeb2a52c0aead46bb0bb2af71a68c9a11093617615faadb3b07f45590fa1_amd64",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:6bdd69f14340d82695bd645b14f4faaa99c830630087d43aa843418cfb34b89e_arm64",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:b104e6731b8ddfb98dd8a0891dfb1051fb59e82d70f91c297a62402922412c32_amd64",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:e8af2bde433bebee9236365ce6bc52db26981c8e484df2048cb4ed2b7cb5bed1_s390x",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:eddddb656ad870ad417cb92756ce537d32b55b17a9af3c87b5e2f4834017e48a_ppc64le",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:407891f77d384f8708f9e33469c410e84ba25fa9e4cb16e4a6a9c212f0b48a9c_amd64",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:7f5f8f7d40938e5a0b2b2724c551f4e1dcf57de78daacd736b28b964d0fa6eec_arm64",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:a91af106ffacd6a620c6b194697516ee3e9f8aa36605873061766d9f0ec35f84_s390x",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:fef8afe2da100f267ed9e3848b4a9a1183e04bf0a9702404d03b2f57e5ec1bde_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:00fe8c23f7944a5d639c17b2e81dd80a424aabbddd4d7f0aff6b54f8cf370a58_amd64",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:0a7df021980720321c27e8021626e0c4f428150faa75fd92803b3e172f07eedf_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:927ba226f05237f6ad1faf686149a89f692f8904445f5a35f15a685518d3fe6a_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:94a2902ffbfcec5c29a23529d81f4605ebab9bde8156ad1be6dba42ccedeb1fe_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:0f251245e9f1030e64a6c9b76fe22b571e4a3f9cc2fd38979b52e5c91c6bd2e6_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:2f09d0a0faad8944b5d4689699ae15d3d4e44cefaa5aaa11f2c584e71b23e667_amd64",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:8181f92baa5a86da7767f605f4537b59fad583ee80fcde309fea504e9c3147c0_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:c1247743656700aa4be1b1f6d43732e9ad65e0a99a928065aa94ef2a3729bac8_s390x",
"8Base-RHOL-5.7:openshift-logging/loki-operator-bundle@sha256:c569eba6b695d9f26dc47f413e925d02666683a4af0401f23cfd05b96dcb61e9_amd64",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:31cdc95fe91aeb315afa5a1daf98e91587eac31b895de5b698bfd4637889ce22_arm64",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:4e59120fc8a10978b234716a5757891c197e9394aae2446b3b8d8621f3983792_ppc64le",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:75d73f70f941e73b41e38d666dc1dbdfb465cb2d182b6f3663d632da5a15feb7_s390x",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:c7d2ef7cf71269238bb23db61f08f9d237baa955a18cb394e8d34dc80178cdc5_amd64",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:1b1dd755ceb338795820eb5c4abd1914071b4579502eb40379e0126dbc5bd58c_s390x",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:37e919ddb8673ef99e5e0e1b9e5c9c388c9417dd45971f2dab05bf92b462ab67_amd64",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:3ef274ae69a419f4458c290b6bd33c2787798dc5a905f46dc20aff7b1c0b6e25_arm64",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:4cc1ddf22cba8a5ed94549115b5210d961e1978618c8cb48e820e545369ecb65_ppc64le",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:a99366c13fbb55e96bebe92054c09ac75133023b940df8b80a43d89c8d6db580_s390x",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:bdb8fb48f8b164fb3d55de977aaa19414654ec7284f148db11b77b94a3feefd1_ppc64le",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:cc216b7b979a7b216fa7d4965ad6b1a147405fe95b95eafc0aa47c758f1b16d9_arm64",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:cf9edc3befb08c9e0327197884faeb387b44efc169063020d154aa2ce77bd711_amd64",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:5d785f0ff007386c3d6c69eb06e1bac518c7a1b781504ef5ddbb7e6a682382e8_amd64",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:7c85f6f777f9c74096c33f76fbc9c122f203cb549fc91142d51e6aebdc400ec5_s390x",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:b5633612eab927c2d65848d0fd4629e692fbd4ea5b7aa9254ddfe6982824c06a_ppc64le",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:eb444e7e77e14ff1f36c048bdd53d482b6cf3ed98d3ff6f2574620187fde49ab_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2222167"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Golang, where it is vulnerable to HTTP header injection caused by improper content validation of the Host header by the HTTP/1 client. A remote attacker can inject arbitrary HTTP headers by persuading a victim to visit a specially crafted Web page. This flaw allows the attacker to conduct various attacks against the vulnerable system, including Cross-site scripting, cache poisoning, or session hijacking.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http: insufficient sanitization of Host header",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:476a5e47090c24d1f8f5bafaca9b80e5373a2da0f14a7ec6e7254a32440adfdb_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:8cb4328b46bc3f8627f11fe69b37d8147f1d76b909c9880066277615c36cabc1_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:9a1e97c4dac0165d92615b30b9140149b038ab788464dcd41f8a14b647220a98_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:9fe7eba96b742b1a3d55cef2934ce6259be01faf589f0b2ec1bc3b557a833980_amd64"
],
"known_not_affected": [
"8Base-RHOL-5.7:openshift-logging/cluster-logging-operator-bundle@sha256:0761943b57451fa8cd0d42942a831376ab48f723e8ea461d0a5ea49c9a391d7b_amd64",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:1d6a2bd236f72f3dbb4c2e284cb2ac2554d7d79b416d57ee94b8d158ea3ea807_arm64",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:2023d126c1be90ab6e6b27e778cc3944a2e5af2b44358537d65e60d385e78959_ppc64le",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:c9a5546e0f427376f36d6d350cebe7ed3e7d2468d3c8290528fbe054462e22d6_s390x",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:efb5cb250782473d1f4eb42d06747c9fad6df65c888cca88ed421bba399c5d96_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-operator-bundle@sha256:060f8fd11a32cbb6247d7d41e4be1fc71026e9bab9238995b7b2e563fb94e6d7_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:2995302941f4c0d5016e49c3a01ca3bc4d80935ce1de70c84a2124e28e290947_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:6f64ee3aeedb891cb4b88e90c7569235d8e136cb2a66c7da1bc3ec73a518aa5d_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:7ca7ec92b15a7556d6a8daabd24a70f42e4260b6caf9168e852890c063e91186_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:f223378bb8b335e6ed531a451a48fc17c039004414836cc1f2bf8d408eb6eb18_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:368447ae5216ada4c092c8781d3b847a5d37606d7c4ce430376ed5d3a4384863_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:640dfbd649bde0c5fed45d5ecaf595e1cf09ffa6d76be3b75751108c0d85bbcb_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:720587fcb7a89a571c04c8e222e5ebf54c899086ce07461e5f5dac7dfe8e6af9_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:9a492f0164ba9ea96a8cef43577a6d62ce5806dc1e821d3aee2abfcf35a02ac0_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:0fab0830499ef530add912e8022f9d5a09addbf229e62bea989a1d8734e70a33_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:560831bdc34128719564aaaca4b80bba32062b97c87118b4ac00413609bcf067_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:90c408f644a8a853de8338f2d4c1b7ff10877973a98c15868e1e0662da8eca46_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:a00a7c1c152b6d2897bdc06b0137b556e6931b7d309e4e9a585825dbd558d3ba_arm64",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:3054aade5994df42ab7c2981865a7851049ea46ed20b7805d1553d6b28ab5af8_amd64",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:7a45458250a73682ab11a3c743d563ab1c9072281b15d3a18088c5902130a4cd_s390x",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:ac827708b7d49a217770e510124427e9430ec13b23d8fc3e0f7bdcb682214b34_ppc64le",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:bc31b395c3a2353048cad9d0d44f28e60f7e0a01e5fc6f6b2803d813ec279687_arm64",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:08ba4f66916d6331ce739c856c863e2de59c7b870ef2247ed2ee4b5895932193_s390x",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:65b491f9794f306cfe74b6ff622e9fe8b1155df5ed89e8db1f34ee2d299b2245_ppc64le",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:d920792d5ea71265702f0a408888e051b47d23cb8b624c02e6ed29b142d152bf_arm64",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:f93ddeb2a52c0aead46bb0bb2af71a68c9a11093617615faadb3b07f45590fa1_amd64",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:6bdd69f14340d82695bd645b14f4faaa99c830630087d43aa843418cfb34b89e_arm64",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:b104e6731b8ddfb98dd8a0891dfb1051fb59e82d70f91c297a62402922412c32_amd64",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:e8af2bde433bebee9236365ce6bc52db26981c8e484df2048cb4ed2b7cb5bed1_s390x",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:eddddb656ad870ad417cb92756ce537d32b55b17a9af3c87b5e2f4834017e48a_ppc64le",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:407891f77d384f8708f9e33469c410e84ba25fa9e4cb16e4a6a9c212f0b48a9c_amd64",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:7f5f8f7d40938e5a0b2b2724c551f4e1dcf57de78daacd736b28b964d0fa6eec_arm64",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:a91af106ffacd6a620c6b194697516ee3e9f8aa36605873061766d9f0ec35f84_s390x",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:fef8afe2da100f267ed9e3848b4a9a1183e04bf0a9702404d03b2f57e5ec1bde_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:00fe8c23f7944a5d639c17b2e81dd80a424aabbddd4d7f0aff6b54f8cf370a58_amd64",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:0a7df021980720321c27e8021626e0c4f428150faa75fd92803b3e172f07eedf_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:927ba226f05237f6ad1faf686149a89f692f8904445f5a35f15a685518d3fe6a_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:94a2902ffbfcec5c29a23529d81f4605ebab9bde8156ad1be6dba42ccedeb1fe_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:0f251245e9f1030e64a6c9b76fe22b571e4a3f9cc2fd38979b52e5c91c6bd2e6_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:2f09d0a0faad8944b5d4689699ae15d3d4e44cefaa5aaa11f2c584e71b23e667_amd64",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:8181f92baa5a86da7767f605f4537b59fad583ee80fcde309fea504e9c3147c0_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:c1247743656700aa4be1b1f6d43732e9ad65e0a99a928065aa94ef2a3729bac8_s390x",
"8Base-RHOL-5.7:openshift-logging/loki-operator-bundle@sha256:c569eba6b695d9f26dc47f413e925d02666683a4af0401f23cfd05b96dcb61e9_amd64",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:31cdc95fe91aeb315afa5a1daf98e91587eac31b895de5b698bfd4637889ce22_arm64",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:4e59120fc8a10978b234716a5757891c197e9394aae2446b3b8d8621f3983792_ppc64le",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:75d73f70f941e73b41e38d666dc1dbdfb465cb2d182b6f3663d632da5a15feb7_s390x",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:c7d2ef7cf71269238bb23db61f08f9d237baa955a18cb394e8d34dc80178cdc5_amd64",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:1b1dd755ceb338795820eb5c4abd1914071b4579502eb40379e0126dbc5bd58c_s390x",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:37e919ddb8673ef99e5e0e1b9e5c9c388c9417dd45971f2dab05bf92b462ab67_amd64",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:3ef274ae69a419f4458c290b6bd33c2787798dc5a905f46dc20aff7b1c0b6e25_arm64",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:4cc1ddf22cba8a5ed94549115b5210d961e1978618c8cb48e820e545369ecb65_ppc64le",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:a99366c13fbb55e96bebe92054c09ac75133023b940df8b80a43d89c8d6db580_s390x",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:bdb8fb48f8b164fb3d55de977aaa19414654ec7284f148db11b77b94a3feefd1_ppc64le",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:cc216b7b979a7b216fa7d4965ad6b1a147405fe95b95eafc0aa47c758f1b16d9_arm64",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:cf9edc3befb08c9e0327197884faeb387b44efc169063020d154aa2ce77bd711_amd64",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:5d785f0ff007386c3d6c69eb06e1bac518c7a1b781504ef5ddbb7e6a682382e8_amd64",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:7c85f6f777f9c74096c33f76fbc9c122f203cb549fc91142d51e6aebdc400ec5_s390x",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:b5633612eab927c2d65848d0fd4629e692fbd4ea5b7aa9254ddfe6982824c06a_ppc64le",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:eb444e7e77e14ff1f36c048bdd53d482b6cf3ed98d3ff6f2574620187fde49ab_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-29406"
},
{
"category": "external",
"summary": "RHBZ#2222167",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2222167"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-29406",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29406"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-29406",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29406"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/2q13H6LEEx0",
"url": "https://groups.google.com/g/golang-announce/c/2q13H6LEEx0"
}
],
"release_date": "2023-07-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-20T05:04:43+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:476a5e47090c24d1f8f5bafaca9b80e5373a2da0f14a7ec6e7254a32440adfdb_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:8cb4328b46bc3f8627f11fe69b37d8147f1d76b909c9880066277615c36cabc1_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:9a1e97c4dac0165d92615b30b9140149b038ab788464dcd41f8a14b647220a98_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:9fe7eba96b742b1a3d55cef2934ce6259be01faf589f0b2ec1bc3b557a833980_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:5530"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOL-5.7:openshift-logging/cluster-logging-operator-bundle@sha256:0761943b57451fa8cd0d42942a831376ab48f723e8ea461d0a5ea49c9a391d7b_amd64",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:1d6a2bd236f72f3dbb4c2e284cb2ac2554d7d79b416d57ee94b8d158ea3ea807_arm64",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:2023d126c1be90ab6e6b27e778cc3944a2e5af2b44358537d65e60d385e78959_ppc64le",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:c9a5546e0f427376f36d6d350cebe7ed3e7d2468d3c8290528fbe054462e22d6_s390x",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:efb5cb250782473d1f4eb42d06747c9fad6df65c888cca88ed421bba399c5d96_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-operator-bundle@sha256:060f8fd11a32cbb6247d7d41e4be1fc71026e9bab9238995b7b2e563fb94e6d7_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:2995302941f4c0d5016e49c3a01ca3bc4d80935ce1de70c84a2124e28e290947_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:6f64ee3aeedb891cb4b88e90c7569235d8e136cb2a66c7da1bc3ec73a518aa5d_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:7ca7ec92b15a7556d6a8daabd24a70f42e4260b6caf9168e852890c063e91186_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:f223378bb8b335e6ed531a451a48fc17c039004414836cc1f2bf8d408eb6eb18_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:368447ae5216ada4c092c8781d3b847a5d37606d7c4ce430376ed5d3a4384863_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:640dfbd649bde0c5fed45d5ecaf595e1cf09ffa6d76be3b75751108c0d85bbcb_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:720587fcb7a89a571c04c8e222e5ebf54c899086ce07461e5f5dac7dfe8e6af9_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:9a492f0164ba9ea96a8cef43577a6d62ce5806dc1e821d3aee2abfcf35a02ac0_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:0fab0830499ef530add912e8022f9d5a09addbf229e62bea989a1d8734e70a33_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:560831bdc34128719564aaaca4b80bba32062b97c87118b4ac00413609bcf067_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:90c408f644a8a853de8338f2d4c1b7ff10877973a98c15868e1e0662da8eca46_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:a00a7c1c152b6d2897bdc06b0137b556e6931b7d309e4e9a585825dbd558d3ba_arm64",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:3054aade5994df42ab7c2981865a7851049ea46ed20b7805d1553d6b28ab5af8_amd64",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:7a45458250a73682ab11a3c743d563ab1c9072281b15d3a18088c5902130a4cd_s390x",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:ac827708b7d49a217770e510124427e9430ec13b23d8fc3e0f7bdcb682214b34_ppc64le",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:bc31b395c3a2353048cad9d0d44f28e60f7e0a01e5fc6f6b2803d813ec279687_arm64",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:08ba4f66916d6331ce739c856c863e2de59c7b870ef2247ed2ee4b5895932193_s390x",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:65b491f9794f306cfe74b6ff622e9fe8b1155df5ed89e8db1f34ee2d299b2245_ppc64le",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:d920792d5ea71265702f0a408888e051b47d23cb8b624c02e6ed29b142d152bf_arm64",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:f93ddeb2a52c0aead46bb0bb2af71a68c9a11093617615faadb3b07f45590fa1_amd64",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:6bdd69f14340d82695bd645b14f4faaa99c830630087d43aa843418cfb34b89e_arm64",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:b104e6731b8ddfb98dd8a0891dfb1051fb59e82d70f91c297a62402922412c32_amd64",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:e8af2bde433bebee9236365ce6bc52db26981c8e484df2048cb4ed2b7cb5bed1_s390x",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:eddddb656ad870ad417cb92756ce537d32b55b17a9af3c87b5e2f4834017e48a_ppc64le",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:407891f77d384f8708f9e33469c410e84ba25fa9e4cb16e4a6a9c212f0b48a9c_amd64",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:7f5f8f7d40938e5a0b2b2724c551f4e1dcf57de78daacd736b28b964d0fa6eec_arm64",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:a91af106ffacd6a620c6b194697516ee3e9f8aa36605873061766d9f0ec35f84_s390x",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:fef8afe2da100f267ed9e3848b4a9a1183e04bf0a9702404d03b2f57e5ec1bde_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:00fe8c23f7944a5d639c17b2e81dd80a424aabbddd4d7f0aff6b54f8cf370a58_amd64",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:0a7df021980720321c27e8021626e0c4f428150faa75fd92803b3e172f07eedf_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:927ba226f05237f6ad1faf686149a89f692f8904445f5a35f15a685518d3fe6a_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:94a2902ffbfcec5c29a23529d81f4605ebab9bde8156ad1be6dba42ccedeb1fe_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:476a5e47090c24d1f8f5bafaca9b80e5373a2da0f14a7ec6e7254a32440adfdb_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:8cb4328b46bc3f8627f11fe69b37d8147f1d76b909c9880066277615c36cabc1_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:9a1e97c4dac0165d92615b30b9140149b038ab788464dcd41f8a14b647220a98_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:9fe7eba96b742b1a3d55cef2934ce6259be01faf589f0b2ec1bc3b557a833980_amd64",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:0f251245e9f1030e64a6c9b76fe22b571e4a3f9cc2fd38979b52e5c91c6bd2e6_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:2f09d0a0faad8944b5d4689699ae15d3d4e44cefaa5aaa11f2c584e71b23e667_amd64",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:8181f92baa5a86da7767f605f4537b59fad583ee80fcde309fea504e9c3147c0_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:c1247743656700aa4be1b1f6d43732e9ad65e0a99a928065aa94ef2a3729bac8_s390x",
"8Base-RHOL-5.7:openshift-logging/loki-operator-bundle@sha256:c569eba6b695d9f26dc47f413e925d02666683a4af0401f23cfd05b96dcb61e9_amd64",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:31cdc95fe91aeb315afa5a1daf98e91587eac31b895de5b698bfd4637889ce22_arm64",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:4e59120fc8a10978b234716a5757891c197e9394aae2446b3b8d8621f3983792_ppc64le",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:75d73f70f941e73b41e38d666dc1dbdfb465cb2d182b6f3663d632da5a15feb7_s390x",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:c7d2ef7cf71269238bb23db61f08f9d237baa955a18cb394e8d34dc80178cdc5_amd64",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:1b1dd755ceb338795820eb5c4abd1914071b4579502eb40379e0126dbc5bd58c_s390x",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:37e919ddb8673ef99e5e0e1b9e5c9c388c9417dd45971f2dab05bf92b462ab67_amd64",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:3ef274ae69a419f4458c290b6bd33c2787798dc5a905f46dc20aff7b1c0b6e25_arm64",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:4cc1ddf22cba8a5ed94549115b5210d961e1978618c8cb48e820e545369ecb65_ppc64le",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:a99366c13fbb55e96bebe92054c09ac75133023b940df8b80a43d89c8d6db580_s390x",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:bdb8fb48f8b164fb3d55de977aaa19414654ec7284f148db11b77b94a3feefd1_ppc64le",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:cc216b7b979a7b216fa7d4965ad6b1a147405fe95b95eafc0aa47c758f1b16d9_arm64",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:cf9edc3befb08c9e0327197884faeb387b44efc169063020d154aa2ce77bd711_amd64",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:5d785f0ff007386c3d6c69eb06e1bac518c7a1b781504ef5ddbb7e6a682382e8_amd64",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:7c85f6f777f9c74096c33f76fbc9c122f203cb549fc91142d51e6aebdc400ec5_s390x",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:b5633612eab927c2d65848d0fd4629e692fbd4ea5b7aa9254ddfe6982824c06a_ppc64le",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:eb444e7e77e14ff1f36c048bdd53d482b6cf3ed98d3ff6f2574620187fde49ab_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http: insufficient sanitization of Host header"
},
{
"cve": "CVE-2023-29409",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-08-03T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOL-5.7:openshift-logging/cluster-logging-operator-bundle@sha256:0761943b57451fa8cd0d42942a831376ab48f723e8ea461d0a5ea49c9a391d7b_amd64",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:1d6a2bd236f72f3dbb4c2e284cb2ac2554d7d79b416d57ee94b8d158ea3ea807_arm64",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:2023d126c1be90ab6e6b27e778cc3944a2e5af2b44358537d65e60d385e78959_ppc64le",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:c9a5546e0f427376f36d6d350cebe7ed3e7d2468d3c8290528fbe054462e22d6_s390x",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:efb5cb250782473d1f4eb42d06747c9fad6df65c888cca88ed421bba399c5d96_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-operator-bundle@sha256:060f8fd11a32cbb6247d7d41e4be1fc71026e9bab9238995b7b2e563fb94e6d7_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:2995302941f4c0d5016e49c3a01ca3bc4d80935ce1de70c84a2124e28e290947_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:6f64ee3aeedb891cb4b88e90c7569235d8e136cb2a66c7da1bc3ec73a518aa5d_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:7ca7ec92b15a7556d6a8daabd24a70f42e4260b6caf9168e852890c063e91186_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:f223378bb8b335e6ed531a451a48fc17c039004414836cc1f2bf8d408eb6eb18_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:368447ae5216ada4c092c8781d3b847a5d37606d7c4ce430376ed5d3a4384863_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:640dfbd649bde0c5fed45d5ecaf595e1cf09ffa6d76be3b75751108c0d85bbcb_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:720587fcb7a89a571c04c8e222e5ebf54c899086ce07461e5f5dac7dfe8e6af9_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:9a492f0164ba9ea96a8cef43577a6d62ce5806dc1e821d3aee2abfcf35a02ac0_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:0fab0830499ef530add912e8022f9d5a09addbf229e62bea989a1d8734e70a33_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:560831bdc34128719564aaaca4b80bba32062b97c87118b4ac00413609bcf067_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:90c408f644a8a853de8338f2d4c1b7ff10877973a98c15868e1e0662da8eca46_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:a00a7c1c152b6d2897bdc06b0137b556e6931b7d309e4e9a585825dbd558d3ba_arm64",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:3054aade5994df42ab7c2981865a7851049ea46ed20b7805d1553d6b28ab5af8_amd64",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:7a45458250a73682ab11a3c743d563ab1c9072281b15d3a18088c5902130a4cd_s390x",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:ac827708b7d49a217770e510124427e9430ec13b23d8fc3e0f7bdcb682214b34_ppc64le",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:bc31b395c3a2353048cad9d0d44f28e60f7e0a01e5fc6f6b2803d813ec279687_arm64",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:08ba4f66916d6331ce739c856c863e2de59c7b870ef2247ed2ee4b5895932193_s390x",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:65b491f9794f306cfe74b6ff622e9fe8b1155df5ed89e8db1f34ee2d299b2245_ppc64le",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:d920792d5ea71265702f0a408888e051b47d23cb8b624c02e6ed29b142d152bf_arm64",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:f93ddeb2a52c0aead46bb0bb2af71a68c9a11093617615faadb3b07f45590fa1_amd64",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:6bdd69f14340d82695bd645b14f4faaa99c830630087d43aa843418cfb34b89e_arm64",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:b104e6731b8ddfb98dd8a0891dfb1051fb59e82d70f91c297a62402922412c32_amd64",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:e8af2bde433bebee9236365ce6bc52db26981c8e484df2048cb4ed2b7cb5bed1_s390x",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:eddddb656ad870ad417cb92756ce537d32b55b17a9af3c87b5e2f4834017e48a_ppc64le",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:407891f77d384f8708f9e33469c410e84ba25fa9e4cb16e4a6a9c212f0b48a9c_amd64",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:7f5f8f7d40938e5a0b2b2724c551f4e1dcf57de78daacd736b28b964d0fa6eec_arm64",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:a91af106ffacd6a620c6b194697516ee3e9f8aa36605873061766d9f0ec35f84_s390x",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:fef8afe2da100f267ed9e3848b4a9a1183e04bf0a9702404d03b2f57e5ec1bde_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:00fe8c23f7944a5d639c17b2e81dd80a424aabbddd4d7f0aff6b54f8cf370a58_amd64",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:0a7df021980720321c27e8021626e0c4f428150faa75fd92803b3e172f07eedf_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:927ba226f05237f6ad1faf686149a89f692f8904445f5a35f15a685518d3fe6a_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:94a2902ffbfcec5c29a23529d81f4605ebab9bde8156ad1be6dba42ccedeb1fe_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:0f251245e9f1030e64a6c9b76fe22b571e4a3f9cc2fd38979b52e5c91c6bd2e6_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:2f09d0a0faad8944b5d4689699ae15d3d4e44cefaa5aaa11f2c584e71b23e667_amd64",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:8181f92baa5a86da7767f605f4537b59fad583ee80fcde309fea504e9c3147c0_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:c1247743656700aa4be1b1f6d43732e9ad65e0a99a928065aa94ef2a3729bac8_s390x",
"8Base-RHOL-5.7:openshift-logging/loki-operator-bundle@sha256:c569eba6b695d9f26dc47f413e925d02666683a4af0401f23cfd05b96dcb61e9_amd64",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:31cdc95fe91aeb315afa5a1daf98e91587eac31b895de5b698bfd4637889ce22_arm64",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:4e59120fc8a10978b234716a5757891c197e9394aae2446b3b8d8621f3983792_ppc64le",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:75d73f70f941e73b41e38d666dc1dbdfb465cb2d182b6f3663d632da5a15feb7_s390x",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:c7d2ef7cf71269238bb23db61f08f9d237baa955a18cb394e8d34dc80178cdc5_amd64",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:1b1dd755ceb338795820eb5c4abd1914071b4579502eb40379e0126dbc5bd58c_s390x",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:37e919ddb8673ef99e5e0e1b9e5c9c388c9417dd45971f2dab05bf92b462ab67_amd64",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:3ef274ae69a419f4458c290b6bd33c2787798dc5a905f46dc20aff7b1c0b6e25_arm64",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:4cc1ddf22cba8a5ed94549115b5210d961e1978618c8cb48e820e545369ecb65_ppc64le",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:a99366c13fbb55e96bebe92054c09ac75133023b940df8b80a43d89c8d6db580_s390x",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:bdb8fb48f8b164fb3d55de977aaa19414654ec7284f148db11b77b94a3feefd1_ppc64le",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:cc216b7b979a7b216fa7d4965ad6b1a147405fe95b95eafc0aa47c758f1b16d9_arm64",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:cf9edc3befb08c9e0327197884faeb387b44efc169063020d154aa2ce77bd711_amd64",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:5d785f0ff007386c3d6c69eb06e1bac518c7a1b781504ef5ddbb7e6a682382e8_amd64",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:7c85f6f777f9c74096c33f76fbc9c122f203cb549fc91142d51e6aebdc400ec5_s390x",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:b5633612eab927c2d65848d0fd4629e692fbd4ea5b7aa9254ddfe6982824c06a_ppc64le",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:eb444e7e77e14ff1f36c048bdd53d482b6cf3ed98d3ff6f2574620187fde49ab_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2228743"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service vulnerability was found in the Golang Go package caused by an uncontrolled resource consumption flaw. By persuading a victim to use a specially crafted certificate with large RSA keys, a remote attacker can cause a client/server to expend significant CPU time verifying signatures, resulting in a denial of service condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: crypto/tls: slow verification of certificate chains containing large RSA keys",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:476a5e47090c24d1f8f5bafaca9b80e5373a2da0f14a7ec6e7254a32440adfdb_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:8cb4328b46bc3f8627f11fe69b37d8147f1d76b909c9880066277615c36cabc1_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:9a1e97c4dac0165d92615b30b9140149b038ab788464dcd41f8a14b647220a98_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:9fe7eba96b742b1a3d55cef2934ce6259be01faf589f0b2ec1bc3b557a833980_amd64"
],
"known_not_affected": [
"8Base-RHOL-5.7:openshift-logging/cluster-logging-operator-bundle@sha256:0761943b57451fa8cd0d42942a831376ab48f723e8ea461d0a5ea49c9a391d7b_amd64",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:1d6a2bd236f72f3dbb4c2e284cb2ac2554d7d79b416d57ee94b8d158ea3ea807_arm64",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:2023d126c1be90ab6e6b27e778cc3944a2e5af2b44358537d65e60d385e78959_ppc64le",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:c9a5546e0f427376f36d6d350cebe7ed3e7d2468d3c8290528fbe054462e22d6_s390x",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:efb5cb250782473d1f4eb42d06747c9fad6df65c888cca88ed421bba399c5d96_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-operator-bundle@sha256:060f8fd11a32cbb6247d7d41e4be1fc71026e9bab9238995b7b2e563fb94e6d7_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:2995302941f4c0d5016e49c3a01ca3bc4d80935ce1de70c84a2124e28e290947_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:6f64ee3aeedb891cb4b88e90c7569235d8e136cb2a66c7da1bc3ec73a518aa5d_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:7ca7ec92b15a7556d6a8daabd24a70f42e4260b6caf9168e852890c063e91186_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:f223378bb8b335e6ed531a451a48fc17c039004414836cc1f2bf8d408eb6eb18_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:368447ae5216ada4c092c8781d3b847a5d37606d7c4ce430376ed5d3a4384863_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:640dfbd649bde0c5fed45d5ecaf595e1cf09ffa6d76be3b75751108c0d85bbcb_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:720587fcb7a89a571c04c8e222e5ebf54c899086ce07461e5f5dac7dfe8e6af9_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:9a492f0164ba9ea96a8cef43577a6d62ce5806dc1e821d3aee2abfcf35a02ac0_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:0fab0830499ef530add912e8022f9d5a09addbf229e62bea989a1d8734e70a33_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:560831bdc34128719564aaaca4b80bba32062b97c87118b4ac00413609bcf067_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:90c408f644a8a853de8338f2d4c1b7ff10877973a98c15868e1e0662da8eca46_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:a00a7c1c152b6d2897bdc06b0137b556e6931b7d309e4e9a585825dbd558d3ba_arm64",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:3054aade5994df42ab7c2981865a7851049ea46ed20b7805d1553d6b28ab5af8_amd64",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:7a45458250a73682ab11a3c743d563ab1c9072281b15d3a18088c5902130a4cd_s390x",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:ac827708b7d49a217770e510124427e9430ec13b23d8fc3e0f7bdcb682214b34_ppc64le",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:bc31b395c3a2353048cad9d0d44f28e60f7e0a01e5fc6f6b2803d813ec279687_arm64",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:08ba4f66916d6331ce739c856c863e2de59c7b870ef2247ed2ee4b5895932193_s390x",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:65b491f9794f306cfe74b6ff622e9fe8b1155df5ed89e8db1f34ee2d299b2245_ppc64le",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:d920792d5ea71265702f0a408888e051b47d23cb8b624c02e6ed29b142d152bf_arm64",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:f93ddeb2a52c0aead46bb0bb2af71a68c9a11093617615faadb3b07f45590fa1_amd64",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:6bdd69f14340d82695bd645b14f4faaa99c830630087d43aa843418cfb34b89e_arm64",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:b104e6731b8ddfb98dd8a0891dfb1051fb59e82d70f91c297a62402922412c32_amd64",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:e8af2bde433bebee9236365ce6bc52db26981c8e484df2048cb4ed2b7cb5bed1_s390x",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:eddddb656ad870ad417cb92756ce537d32b55b17a9af3c87b5e2f4834017e48a_ppc64le",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:407891f77d384f8708f9e33469c410e84ba25fa9e4cb16e4a6a9c212f0b48a9c_amd64",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:7f5f8f7d40938e5a0b2b2724c551f4e1dcf57de78daacd736b28b964d0fa6eec_arm64",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:a91af106ffacd6a620c6b194697516ee3e9f8aa36605873061766d9f0ec35f84_s390x",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:fef8afe2da100f267ed9e3848b4a9a1183e04bf0a9702404d03b2f57e5ec1bde_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:00fe8c23f7944a5d639c17b2e81dd80a424aabbddd4d7f0aff6b54f8cf370a58_amd64",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:0a7df021980720321c27e8021626e0c4f428150faa75fd92803b3e172f07eedf_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:927ba226f05237f6ad1faf686149a89f692f8904445f5a35f15a685518d3fe6a_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:94a2902ffbfcec5c29a23529d81f4605ebab9bde8156ad1be6dba42ccedeb1fe_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:0f251245e9f1030e64a6c9b76fe22b571e4a3f9cc2fd38979b52e5c91c6bd2e6_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:2f09d0a0faad8944b5d4689699ae15d3d4e44cefaa5aaa11f2c584e71b23e667_amd64",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:8181f92baa5a86da7767f605f4537b59fad583ee80fcde309fea504e9c3147c0_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:c1247743656700aa4be1b1f6d43732e9ad65e0a99a928065aa94ef2a3729bac8_s390x",
"8Base-RHOL-5.7:openshift-logging/loki-operator-bundle@sha256:c569eba6b695d9f26dc47f413e925d02666683a4af0401f23cfd05b96dcb61e9_amd64",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:31cdc95fe91aeb315afa5a1daf98e91587eac31b895de5b698bfd4637889ce22_arm64",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:4e59120fc8a10978b234716a5757891c197e9394aae2446b3b8d8621f3983792_ppc64le",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:75d73f70f941e73b41e38d666dc1dbdfb465cb2d182b6f3663d632da5a15feb7_s390x",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:c7d2ef7cf71269238bb23db61f08f9d237baa955a18cb394e8d34dc80178cdc5_amd64",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:1b1dd755ceb338795820eb5c4abd1914071b4579502eb40379e0126dbc5bd58c_s390x",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:37e919ddb8673ef99e5e0e1b9e5c9c388c9417dd45971f2dab05bf92b462ab67_amd64",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:3ef274ae69a419f4458c290b6bd33c2787798dc5a905f46dc20aff7b1c0b6e25_arm64",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:4cc1ddf22cba8a5ed94549115b5210d961e1978618c8cb48e820e545369ecb65_ppc64le",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:a99366c13fbb55e96bebe92054c09ac75133023b940df8b80a43d89c8d6db580_s390x",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:bdb8fb48f8b164fb3d55de977aaa19414654ec7284f148db11b77b94a3feefd1_ppc64le",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:cc216b7b979a7b216fa7d4965ad6b1a147405fe95b95eafc0aa47c758f1b16d9_arm64",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:cf9edc3befb08c9e0327197884faeb387b44efc169063020d154aa2ce77bd711_amd64",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:5d785f0ff007386c3d6c69eb06e1bac518c7a1b781504ef5ddbb7e6a682382e8_amd64",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:7c85f6f777f9c74096c33f76fbc9c122f203cb549fc91142d51e6aebdc400ec5_s390x",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:b5633612eab927c2d65848d0fd4629e692fbd4ea5b7aa9254ddfe6982824c06a_ppc64le",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:eb444e7e77e14ff1f36c048bdd53d482b6cf3ed98d3ff6f2574620187fde49ab_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-29409"
},
{
"category": "external",
"summary": "RHBZ#2228743",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2228743"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-29409",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29409"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-29409",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29409"
},
{
"category": "external",
"summary": "https://go.dev/cl/515257",
"url": "https://go.dev/cl/515257"
},
{
"category": "external",
"summary": "https://go.dev/issue/61460",
"url": "https://go.dev/issue/61460"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ",
"url": "https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-1987",
"url": "https://pkg.go.dev/vuln/GO-2023-1987"
}
],
"release_date": "2023-08-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-20T05:04:43+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:476a5e47090c24d1f8f5bafaca9b80e5373a2da0f14a7ec6e7254a32440adfdb_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:8cb4328b46bc3f8627f11fe69b37d8147f1d76b909c9880066277615c36cabc1_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:9a1e97c4dac0165d92615b30b9140149b038ab788464dcd41f8a14b647220a98_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:9fe7eba96b742b1a3d55cef2934ce6259be01faf589f0b2ec1bc3b557a833980_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:5530"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"8Base-RHOL-5.7:openshift-logging/cluster-logging-operator-bundle@sha256:0761943b57451fa8cd0d42942a831376ab48f723e8ea461d0a5ea49c9a391d7b_amd64",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:1d6a2bd236f72f3dbb4c2e284cb2ac2554d7d79b416d57ee94b8d158ea3ea807_arm64",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:2023d126c1be90ab6e6b27e778cc3944a2e5af2b44358537d65e60d385e78959_ppc64le",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:c9a5546e0f427376f36d6d350cebe7ed3e7d2468d3c8290528fbe054462e22d6_s390x",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:efb5cb250782473d1f4eb42d06747c9fad6df65c888cca88ed421bba399c5d96_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-operator-bundle@sha256:060f8fd11a32cbb6247d7d41e4be1fc71026e9bab9238995b7b2e563fb94e6d7_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:2995302941f4c0d5016e49c3a01ca3bc4d80935ce1de70c84a2124e28e290947_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:6f64ee3aeedb891cb4b88e90c7569235d8e136cb2a66c7da1bc3ec73a518aa5d_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:7ca7ec92b15a7556d6a8daabd24a70f42e4260b6caf9168e852890c063e91186_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:f223378bb8b335e6ed531a451a48fc17c039004414836cc1f2bf8d408eb6eb18_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:368447ae5216ada4c092c8781d3b847a5d37606d7c4ce430376ed5d3a4384863_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:640dfbd649bde0c5fed45d5ecaf595e1cf09ffa6d76be3b75751108c0d85bbcb_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:720587fcb7a89a571c04c8e222e5ebf54c899086ce07461e5f5dac7dfe8e6af9_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:9a492f0164ba9ea96a8cef43577a6d62ce5806dc1e821d3aee2abfcf35a02ac0_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:0fab0830499ef530add912e8022f9d5a09addbf229e62bea989a1d8734e70a33_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:560831bdc34128719564aaaca4b80bba32062b97c87118b4ac00413609bcf067_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:90c408f644a8a853de8338f2d4c1b7ff10877973a98c15868e1e0662da8eca46_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:a00a7c1c152b6d2897bdc06b0137b556e6931b7d309e4e9a585825dbd558d3ba_arm64",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:3054aade5994df42ab7c2981865a7851049ea46ed20b7805d1553d6b28ab5af8_amd64",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:7a45458250a73682ab11a3c743d563ab1c9072281b15d3a18088c5902130a4cd_s390x",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:ac827708b7d49a217770e510124427e9430ec13b23d8fc3e0f7bdcb682214b34_ppc64le",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:bc31b395c3a2353048cad9d0d44f28e60f7e0a01e5fc6f6b2803d813ec279687_arm64",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:08ba4f66916d6331ce739c856c863e2de59c7b870ef2247ed2ee4b5895932193_s390x",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:65b491f9794f306cfe74b6ff622e9fe8b1155df5ed89e8db1f34ee2d299b2245_ppc64le",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:d920792d5ea71265702f0a408888e051b47d23cb8b624c02e6ed29b142d152bf_arm64",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:f93ddeb2a52c0aead46bb0bb2af71a68c9a11093617615faadb3b07f45590fa1_amd64",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:6bdd69f14340d82695bd645b14f4faaa99c830630087d43aa843418cfb34b89e_arm64",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:b104e6731b8ddfb98dd8a0891dfb1051fb59e82d70f91c297a62402922412c32_amd64",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:e8af2bde433bebee9236365ce6bc52db26981c8e484df2048cb4ed2b7cb5bed1_s390x",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:eddddb656ad870ad417cb92756ce537d32b55b17a9af3c87b5e2f4834017e48a_ppc64le",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:407891f77d384f8708f9e33469c410e84ba25fa9e4cb16e4a6a9c212f0b48a9c_amd64",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:7f5f8f7d40938e5a0b2b2724c551f4e1dcf57de78daacd736b28b964d0fa6eec_arm64",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:a91af106ffacd6a620c6b194697516ee3e9f8aa36605873061766d9f0ec35f84_s390x",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:fef8afe2da100f267ed9e3848b4a9a1183e04bf0a9702404d03b2f57e5ec1bde_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:00fe8c23f7944a5d639c17b2e81dd80a424aabbddd4d7f0aff6b54f8cf370a58_amd64",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:0a7df021980720321c27e8021626e0c4f428150faa75fd92803b3e172f07eedf_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:927ba226f05237f6ad1faf686149a89f692f8904445f5a35f15a685518d3fe6a_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:94a2902ffbfcec5c29a23529d81f4605ebab9bde8156ad1be6dba42ccedeb1fe_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:476a5e47090c24d1f8f5bafaca9b80e5373a2da0f14a7ec6e7254a32440adfdb_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:8cb4328b46bc3f8627f11fe69b37d8147f1d76b909c9880066277615c36cabc1_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:9a1e97c4dac0165d92615b30b9140149b038ab788464dcd41f8a14b647220a98_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:9fe7eba96b742b1a3d55cef2934ce6259be01faf589f0b2ec1bc3b557a833980_amd64",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:0f251245e9f1030e64a6c9b76fe22b571e4a3f9cc2fd38979b52e5c91c6bd2e6_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:2f09d0a0faad8944b5d4689699ae15d3d4e44cefaa5aaa11f2c584e71b23e667_amd64",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:8181f92baa5a86da7767f605f4537b59fad583ee80fcde309fea504e9c3147c0_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:c1247743656700aa4be1b1f6d43732e9ad65e0a99a928065aa94ef2a3729bac8_s390x",
"8Base-RHOL-5.7:openshift-logging/loki-operator-bundle@sha256:c569eba6b695d9f26dc47f413e925d02666683a4af0401f23cfd05b96dcb61e9_amd64",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:31cdc95fe91aeb315afa5a1daf98e91587eac31b895de5b698bfd4637889ce22_arm64",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:4e59120fc8a10978b234716a5757891c197e9394aae2446b3b8d8621f3983792_ppc64le",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:75d73f70f941e73b41e38d666dc1dbdfb465cb2d182b6f3663d632da5a15feb7_s390x",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:c7d2ef7cf71269238bb23db61f08f9d237baa955a18cb394e8d34dc80178cdc5_amd64",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:1b1dd755ceb338795820eb5c4abd1914071b4579502eb40379e0126dbc5bd58c_s390x",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:37e919ddb8673ef99e5e0e1b9e5c9c388c9417dd45971f2dab05bf92b462ab67_amd64",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:3ef274ae69a419f4458c290b6bd33c2787798dc5a905f46dc20aff7b1c0b6e25_arm64",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:4cc1ddf22cba8a5ed94549115b5210d961e1978618c8cb48e820e545369ecb65_ppc64le",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:a99366c13fbb55e96bebe92054c09ac75133023b940df8b80a43d89c8d6db580_s390x",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:bdb8fb48f8b164fb3d55de977aaa19414654ec7284f148db11b77b94a3feefd1_ppc64le",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:cc216b7b979a7b216fa7d4965ad6b1a147405fe95b95eafc0aa47c758f1b16d9_arm64",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:cf9edc3befb08c9e0327197884faeb387b44efc169063020d154aa2ce77bd711_amd64",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:5d785f0ff007386c3d6c69eb06e1bac518c7a1b781504ef5ddbb7e6a682382e8_amd64",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:7c85f6f777f9c74096c33f76fbc9c122f203cb549fc91142d51e6aebdc400ec5_s390x",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:b5633612eab927c2d65848d0fd4629e692fbd4ea5b7aa9254ddfe6982824c06a_ppc64le",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:eb444e7e77e14ff1f36c048bdd53d482b6cf3ed98d3ff6f2574620187fde49ab_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: crypto/tls: slow verification of certificate chains containing large RSA keys"
},
{
"cve": "CVE-2023-39325",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-10T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOL-5.7:openshift-logging/cluster-logging-operator-bundle@sha256:0761943b57451fa8cd0d42942a831376ab48f723e8ea461d0a5ea49c9a391d7b_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-operator-bundle@sha256:060f8fd11a32cbb6247d7d41e4be1fc71026e9bab9238995b7b2e563fb94e6d7_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:0fab0830499ef530add912e8022f9d5a09addbf229e62bea989a1d8734e70a33_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:560831bdc34128719564aaaca4b80bba32062b97c87118b4ac00413609bcf067_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:90c408f644a8a853de8338f2d4c1b7ff10877973a98c15868e1e0662da8eca46_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:a00a7c1c152b6d2897bdc06b0137b556e6931b7d309e4e9a585825dbd558d3ba_arm64",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:08ba4f66916d6331ce739c856c863e2de59c7b870ef2247ed2ee4b5895932193_s390x",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:65b491f9794f306cfe74b6ff622e9fe8b1155df5ed89e8db1f34ee2d299b2245_ppc64le",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:d920792d5ea71265702f0a408888e051b47d23cb8b624c02e6ed29b142d152bf_arm64",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:f93ddeb2a52c0aead46bb0bb2af71a68c9a11093617615faadb3b07f45590fa1_amd64",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:6bdd69f14340d82695bd645b14f4faaa99c830630087d43aa843418cfb34b89e_arm64",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:b104e6731b8ddfb98dd8a0891dfb1051fb59e82d70f91c297a62402922412c32_amd64",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:e8af2bde433bebee9236365ce6bc52db26981c8e484df2048cb4ed2b7cb5bed1_s390x",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:eddddb656ad870ad417cb92756ce537d32b55b17a9af3c87b5e2f4834017e48a_ppc64le",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:407891f77d384f8708f9e33469c410e84ba25fa9e4cb16e4a6a9c212f0b48a9c_amd64",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:7f5f8f7d40938e5a0b2b2724c551f4e1dcf57de78daacd736b28b964d0fa6eec_arm64",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:a91af106ffacd6a620c6b194697516ee3e9f8aa36605873061766d9f0ec35f84_s390x",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:fef8afe2da100f267ed9e3848b4a9a1183e04bf0a9702404d03b2f57e5ec1bde_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:00fe8c23f7944a5d639c17b2e81dd80a424aabbddd4d7f0aff6b54f8cf370a58_amd64",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:0a7df021980720321c27e8021626e0c4f428150faa75fd92803b3e172f07eedf_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:927ba226f05237f6ad1faf686149a89f692f8904445f5a35f15a685518d3fe6a_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:94a2902ffbfcec5c29a23529d81f4605ebab9bde8156ad1be6dba42ccedeb1fe_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:0f251245e9f1030e64a6c9b76fe22b571e4a3f9cc2fd38979b52e5c91c6bd2e6_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:2f09d0a0faad8944b5d4689699ae15d3d4e44cefaa5aaa11f2c584e71b23e667_amd64",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:8181f92baa5a86da7767f605f4537b59fad583ee80fcde309fea504e9c3147c0_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:c1247743656700aa4be1b1f6d43732e9ad65e0a99a928065aa94ef2a3729bac8_s390x",
"8Base-RHOL-5.7:openshift-logging/loki-operator-bundle@sha256:c569eba6b695d9f26dc47f413e925d02666683a4af0401f23cfd05b96dcb61e9_amd64",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:5d785f0ff007386c3d6c69eb06e1bac518c7a1b781504ef5ddbb7e6a682382e8_amd64",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:7c85f6f777f9c74096c33f76fbc9c122f203cb549fc91142d51e6aebdc400ec5_s390x",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:b5633612eab927c2d65848d0fd4629e692fbd4ea5b7aa9254ddfe6982824c06a_ppc64le",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:eb444e7e77e14ff1f36c048bdd53d482b6cf3ed98d3ff6f2574620187fde49ab_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2243296"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE is related to CVE-2023-44487.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nAs go-lang vendors its dependencies, a package may contain a library with a known vulnerability, solely because of lower tier libraries including it as a part of its dependencies, but the vulnerable code is not reachable at runtime. In such cases the issue is not exploitable. We classify these situations as \u201cNot affected\u201d or \u201cWill not fix,\u201d depending on the risk of breaking other unrelated packages.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:1d6a2bd236f72f3dbb4c2e284cb2ac2554d7d79b416d57ee94b8d158ea3ea807_arm64",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:2023d126c1be90ab6e6b27e778cc3944a2e5af2b44358537d65e60d385e78959_ppc64le",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:c9a5546e0f427376f36d6d350cebe7ed3e7d2468d3c8290528fbe054462e22d6_s390x",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:efb5cb250782473d1f4eb42d06747c9fad6df65c888cca88ed421bba399c5d96_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:2995302941f4c0d5016e49c3a01ca3bc4d80935ce1de70c84a2124e28e290947_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:6f64ee3aeedb891cb4b88e90c7569235d8e136cb2a66c7da1bc3ec73a518aa5d_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:7ca7ec92b15a7556d6a8daabd24a70f42e4260b6caf9168e852890c063e91186_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:f223378bb8b335e6ed531a451a48fc17c039004414836cc1f2bf8d408eb6eb18_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:368447ae5216ada4c092c8781d3b847a5d37606d7c4ce430376ed5d3a4384863_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:640dfbd649bde0c5fed45d5ecaf595e1cf09ffa6d76be3b75751108c0d85bbcb_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:720587fcb7a89a571c04c8e222e5ebf54c899086ce07461e5f5dac7dfe8e6af9_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:9a492f0164ba9ea96a8cef43577a6d62ce5806dc1e821d3aee2abfcf35a02ac0_arm64",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:3054aade5994df42ab7c2981865a7851049ea46ed20b7805d1553d6b28ab5af8_amd64",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:7a45458250a73682ab11a3c743d563ab1c9072281b15d3a18088c5902130a4cd_s390x",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:ac827708b7d49a217770e510124427e9430ec13b23d8fc3e0f7bdcb682214b34_ppc64le",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:bc31b395c3a2353048cad9d0d44f28e60f7e0a01e5fc6f6b2803d813ec279687_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:476a5e47090c24d1f8f5bafaca9b80e5373a2da0f14a7ec6e7254a32440adfdb_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:8cb4328b46bc3f8627f11fe69b37d8147f1d76b909c9880066277615c36cabc1_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:9a1e97c4dac0165d92615b30b9140149b038ab788464dcd41f8a14b647220a98_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:9fe7eba96b742b1a3d55cef2934ce6259be01faf589f0b2ec1bc3b557a833980_amd64",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:31cdc95fe91aeb315afa5a1daf98e91587eac31b895de5b698bfd4637889ce22_arm64",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:4e59120fc8a10978b234716a5757891c197e9394aae2446b3b8d8621f3983792_ppc64le",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:75d73f70f941e73b41e38d666dc1dbdfb465cb2d182b6f3663d632da5a15feb7_s390x",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:c7d2ef7cf71269238bb23db61f08f9d237baa955a18cb394e8d34dc80178cdc5_amd64",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:1b1dd755ceb338795820eb5c4abd1914071b4579502eb40379e0126dbc5bd58c_s390x",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:37e919ddb8673ef99e5e0e1b9e5c9c388c9417dd45971f2dab05bf92b462ab67_amd64",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:3ef274ae69a419f4458c290b6bd33c2787798dc5a905f46dc20aff7b1c0b6e25_arm64",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:4cc1ddf22cba8a5ed94549115b5210d961e1978618c8cb48e820e545369ecb65_ppc64le",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:a99366c13fbb55e96bebe92054c09ac75133023b940df8b80a43d89c8d6db580_s390x",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:bdb8fb48f8b164fb3d55de977aaa19414654ec7284f148db11b77b94a3feefd1_ppc64le",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:cc216b7b979a7b216fa7d4965ad6b1a147405fe95b95eafc0aa47c758f1b16d9_arm64",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:cf9edc3befb08c9e0327197884faeb387b44efc169063020d154aa2ce77bd711_amd64"
],
"known_not_affected": [
"8Base-RHOL-5.7:openshift-logging/cluster-logging-operator-bundle@sha256:0761943b57451fa8cd0d42942a831376ab48f723e8ea461d0a5ea49c9a391d7b_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-operator-bundle@sha256:060f8fd11a32cbb6247d7d41e4be1fc71026e9bab9238995b7b2e563fb94e6d7_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:0fab0830499ef530add912e8022f9d5a09addbf229e62bea989a1d8734e70a33_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:560831bdc34128719564aaaca4b80bba32062b97c87118b4ac00413609bcf067_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:90c408f644a8a853de8338f2d4c1b7ff10877973a98c15868e1e0662da8eca46_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:a00a7c1c152b6d2897bdc06b0137b556e6931b7d309e4e9a585825dbd558d3ba_arm64",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:08ba4f66916d6331ce739c856c863e2de59c7b870ef2247ed2ee4b5895932193_s390x",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:65b491f9794f306cfe74b6ff622e9fe8b1155df5ed89e8db1f34ee2d299b2245_ppc64le",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:d920792d5ea71265702f0a408888e051b47d23cb8b624c02e6ed29b142d152bf_arm64",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:f93ddeb2a52c0aead46bb0bb2af71a68c9a11093617615faadb3b07f45590fa1_amd64",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:6bdd69f14340d82695bd645b14f4faaa99c830630087d43aa843418cfb34b89e_arm64",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:b104e6731b8ddfb98dd8a0891dfb1051fb59e82d70f91c297a62402922412c32_amd64",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:e8af2bde433bebee9236365ce6bc52db26981c8e484df2048cb4ed2b7cb5bed1_s390x",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:eddddb656ad870ad417cb92756ce537d32b55b17a9af3c87b5e2f4834017e48a_ppc64le",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:407891f77d384f8708f9e33469c410e84ba25fa9e4cb16e4a6a9c212f0b48a9c_amd64",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:7f5f8f7d40938e5a0b2b2724c551f4e1dcf57de78daacd736b28b964d0fa6eec_arm64",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:a91af106ffacd6a620c6b194697516ee3e9f8aa36605873061766d9f0ec35f84_s390x",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:fef8afe2da100f267ed9e3848b4a9a1183e04bf0a9702404d03b2f57e5ec1bde_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:00fe8c23f7944a5d639c17b2e81dd80a424aabbddd4d7f0aff6b54f8cf370a58_amd64",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:0a7df021980720321c27e8021626e0c4f428150faa75fd92803b3e172f07eedf_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:927ba226f05237f6ad1faf686149a89f692f8904445f5a35f15a685518d3fe6a_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:94a2902ffbfcec5c29a23529d81f4605ebab9bde8156ad1be6dba42ccedeb1fe_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:0f251245e9f1030e64a6c9b76fe22b571e4a3f9cc2fd38979b52e5c91c6bd2e6_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:2f09d0a0faad8944b5d4689699ae15d3d4e44cefaa5aaa11f2c584e71b23e667_amd64",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:8181f92baa5a86da7767f605f4537b59fad583ee80fcde309fea504e9c3147c0_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:c1247743656700aa4be1b1f6d43732e9ad65e0a99a928065aa94ef2a3729bac8_s390x",
"8Base-RHOL-5.7:openshift-logging/loki-operator-bundle@sha256:c569eba6b695d9f26dc47f413e925d02666683a4af0401f23cfd05b96dcb61e9_amd64",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:5d785f0ff007386c3d6c69eb06e1bac518c7a1b781504ef5ddbb7e6a682382e8_amd64",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:7c85f6f777f9c74096c33f76fbc9c122f203cb549fc91142d51e6aebdc400ec5_s390x",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:b5633612eab927c2d65848d0fd4629e692fbd4ea5b7aa9254ddfe6982824c06a_ppc64le",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:eb444e7e77e14ff1f36c048bdd53d482b6cf3ed98d3ff6f2574620187fde49ab_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39325"
},
{
"category": "external",
"summary": "RHBZ#2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2023-44487",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://go.dev/issue/63417",
"url": "https://go.dev/issue/63417"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-20T05:04:43+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:1d6a2bd236f72f3dbb4c2e284cb2ac2554d7d79b416d57ee94b8d158ea3ea807_arm64",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:2023d126c1be90ab6e6b27e778cc3944a2e5af2b44358537d65e60d385e78959_ppc64le",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:c9a5546e0f427376f36d6d350cebe7ed3e7d2468d3c8290528fbe054462e22d6_s390x",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:efb5cb250782473d1f4eb42d06747c9fad6df65c888cca88ed421bba399c5d96_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:2995302941f4c0d5016e49c3a01ca3bc4d80935ce1de70c84a2124e28e290947_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:6f64ee3aeedb891cb4b88e90c7569235d8e136cb2a66c7da1bc3ec73a518aa5d_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:7ca7ec92b15a7556d6a8daabd24a70f42e4260b6caf9168e852890c063e91186_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:f223378bb8b335e6ed531a451a48fc17c039004414836cc1f2bf8d408eb6eb18_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:368447ae5216ada4c092c8781d3b847a5d37606d7c4ce430376ed5d3a4384863_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:640dfbd649bde0c5fed45d5ecaf595e1cf09ffa6d76be3b75751108c0d85bbcb_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:720587fcb7a89a571c04c8e222e5ebf54c899086ce07461e5f5dac7dfe8e6af9_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:9a492f0164ba9ea96a8cef43577a6d62ce5806dc1e821d3aee2abfcf35a02ac0_arm64",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:3054aade5994df42ab7c2981865a7851049ea46ed20b7805d1553d6b28ab5af8_amd64",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:7a45458250a73682ab11a3c743d563ab1c9072281b15d3a18088c5902130a4cd_s390x",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:ac827708b7d49a217770e510124427e9430ec13b23d8fc3e0f7bdcb682214b34_ppc64le",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:bc31b395c3a2353048cad9d0d44f28e60f7e0a01e5fc6f6b2803d813ec279687_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:476a5e47090c24d1f8f5bafaca9b80e5373a2da0f14a7ec6e7254a32440adfdb_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:8cb4328b46bc3f8627f11fe69b37d8147f1d76b909c9880066277615c36cabc1_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:9a1e97c4dac0165d92615b30b9140149b038ab788464dcd41f8a14b647220a98_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:9fe7eba96b742b1a3d55cef2934ce6259be01faf589f0b2ec1bc3b557a833980_amd64",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:31cdc95fe91aeb315afa5a1daf98e91587eac31b895de5b698bfd4637889ce22_arm64",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:4e59120fc8a10978b234716a5757891c197e9394aae2446b3b8d8621f3983792_ppc64le",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:75d73f70f941e73b41e38d666dc1dbdfb465cb2d182b6f3663d632da5a15feb7_s390x",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:c7d2ef7cf71269238bb23db61f08f9d237baa955a18cb394e8d34dc80178cdc5_amd64",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:1b1dd755ceb338795820eb5c4abd1914071b4579502eb40379e0126dbc5bd58c_s390x",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:37e919ddb8673ef99e5e0e1b9e5c9c388c9417dd45971f2dab05bf92b462ab67_amd64",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:3ef274ae69a419f4458c290b6bd33c2787798dc5a905f46dc20aff7b1c0b6e25_arm64",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:4cc1ddf22cba8a5ed94549115b5210d961e1978618c8cb48e820e545369ecb65_ppc64le",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:a99366c13fbb55e96bebe92054c09ac75133023b940df8b80a43d89c8d6db580_s390x",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:bdb8fb48f8b164fb3d55de977aaa19414654ec7284f148db11b77b94a3feefd1_ppc64le",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:cc216b7b979a7b216fa7d4965ad6b1a147405fe95b95eafc0aa47c758f1b16d9_arm64",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:cf9edc3befb08c9e0327197884faeb387b44efc169063020d154aa2ce77bd711_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:5530"
},
{
"category": "workaround",
"details": "The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"8Base-RHOL-5.7:openshift-logging/cluster-logging-operator-bundle@sha256:0761943b57451fa8cd0d42942a831376ab48f723e8ea461d0a5ea49c9a391d7b_amd64",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:1d6a2bd236f72f3dbb4c2e284cb2ac2554d7d79b416d57ee94b8d158ea3ea807_arm64",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:2023d126c1be90ab6e6b27e778cc3944a2e5af2b44358537d65e60d385e78959_ppc64le",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:c9a5546e0f427376f36d6d350cebe7ed3e7d2468d3c8290528fbe054462e22d6_s390x",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:efb5cb250782473d1f4eb42d06747c9fad6df65c888cca88ed421bba399c5d96_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-operator-bundle@sha256:060f8fd11a32cbb6247d7d41e4be1fc71026e9bab9238995b7b2e563fb94e6d7_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:2995302941f4c0d5016e49c3a01ca3bc4d80935ce1de70c84a2124e28e290947_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:6f64ee3aeedb891cb4b88e90c7569235d8e136cb2a66c7da1bc3ec73a518aa5d_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:7ca7ec92b15a7556d6a8daabd24a70f42e4260b6caf9168e852890c063e91186_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:f223378bb8b335e6ed531a451a48fc17c039004414836cc1f2bf8d408eb6eb18_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:368447ae5216ada4c092c8781d3b847a5d37606d7c4ce430376ed5d3a4384863_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:640dfbd649bde0c5fed45d5ecaf595e1cf09ffa6d76be3b75751108c0d85bbcb_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:720587fcb7a89a571c04c8e222e5ebf54c899086ce07461e5f5dac7dfe8e6af9_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:9a492f0164ba9ea96a8cef43577a6d62ce5806dc1e821d3aee2abfcf35a02ac0_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:0fab0830499ef530add912e8022f9d5a09addbf229e62bea989a1d8734e70a33_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:560831bdc34128719564aaaca4b80bba32062b97c87118b4ac00413609bcf067_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:90c408f644a8a853de8338f2d4c1b7ff10877973a98c15868e1e0662da8eca46_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:a00a7c1c152b6d2897bdc06b0137b556e6931b7d309e4e9a585825dbd558d3ba_arm64",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:3054aade5994df42ab7c2981865a7851049ea46ed20b7805d1553d6b28ab5af8_amd64",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:7a45458250a73682ab11a3c743d563ab1c9072281b15d3a18088c5902130a4cd_s390x",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:ac827708b7d49a217770e510124427e9430ec13b23d8fc3e0f7bdcb682214b34_ppc64le",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:bc31b395c3a2353048cad9d0d44f28e60f7e0a01e5fc6f6b2803d813ec279687_arm64",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:08ba4f66916d6331ce739c856c863e2de59c7b870ef2247ed2ee4b5895932193_s390x",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:65b491f9794f306cfe74b6ff622e9fe8b1155df5ed89e8db1f34ee2d299b2245_ppc64le",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:d920792d5ea71265702f0a408888e051b47d23cb8b624c02e6ed29b142d152bf_arm64",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:f93ddeb2a52c0aead46bb0bb2af71a68c9a11093617615faadb3b07f45590fa1_amd64",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:6bdd69f14340d82695bd645b14f4faaa99c830630087d43aa843418cfb34b89e_arm64",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:b104e6731b8ddfb98dd8a0891dfb1051fb59e82d70f91c297a62402922412c32_amd64",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:e8af2bde433bebee9236365ce6bc52db26981c8e484df2048cb4ed2b7cb5bed1_s390x",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:eddddb656ad870ad417cb92756ce537d32b55b17a9af3c87b5e2f4834017e48a_ppc64le",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:407891f77d384f8708f9e33469c410e84ba25fa9e4cb16e4a6a9c212f0b48a9c_amd64",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:7f5f8f7d40938e5a0b2b2724c551f4e1dcf57de78daacd736b28b964d0fa6eec_arm64",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:a91af106ffacd6a620c6b194697516ee3e9f8aa36605873061766d9f0ec35f84_s390x",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:fef8afe2da100f267ed9e3848b4a9a1183e04bf0a9702404d03b2f57e5ec1bde_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:00fe8c23f7944a5d639c17b2e81dd80a424aabbddd4d7f0aff6b54f8cf370a58_amd64",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:0a7df021980720321c27e8021626e0c4f428150faa75fd92803b3e172f07eedf_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:927ba226f05237f6ad1faf686149a89f692f8904445f5a35f15a685518d3fe6a_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:94a2902ffbfcec5c29a23529d81f4605ebab9bde8156ad1be6dba42ccedeb1fe_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:476a5e47090c24d1f8f5bafaca9b80e5373a2da0f14a7ec6e7254a32440adfdb_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:8cb4328b46bc3f8627f11fe69b37d8147f1d76b909c9880066277615c36cabc1_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:9a1e97c4dac0165d92615b30b9140149b038ab788464dcd41f8a14b647220a98_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:9fe7eba96b742b1a3d55cef2934ce6259be01faf589f0b2ec1bc3b557a833980_amd64",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:0f251245e9f1030e64a6c9b76fe22b571e4a3f9cc2fd38979b52e5c91c6bd2e6_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:2f09d0a0faad8944b5d4689699ae15d3d4e44cefaa5aaa11f2c584e71b23e667_amd64",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:8181f92baa5a86da7767f605f4537b59fad583ee80fcde309fea504e9c3147c0_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:c1247743656700aa4be1b1f6d43732e9ad65e0a99a928065aa94ef2a3729bac8_s390x",
"8Base-RHOL-5.7:openshift-logging/loki-operator-bundle@sha256:c569eba6b695d9f26dc47f413e925d02666683a4af0401f23cfd05b96dcb61e9_amd64",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:31cdc95fe91aeb315afa5a1daf98e91587eac31b895de5b698bfd4637889ce22_arm64",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:4e59120fc8a10978b234716a5757891c197e9394aae2446b3b8d8621f3983792_ppc64le",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:75d73f70f941e73b41e38d666dc1dbdfb465cb2d182b6f3663d632da5a15feb7_s390x",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:c7d2ef7cf71269238bb23db61f08f9d237baa955a18cb394e8d34dc80178cdc5_amd64",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:1b1dd755ceb338795820eb5c4abd1914071b4579502eb40379e0126dbc5bd58c_s390x",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:37e919ddb8673ef99e5e0e1b9e5c9c388c9417dd45971f2dab05bf92b462ab67_amd64",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:3ef274ae69a419f4458c290b6bd33c2787798dc5a905f46dc20aff7b1c0b6e25_arm64",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:4cc1ddf22cba8a5ed94549115b5210d961e1978618c8cb48e820e545369ecb65_ppc64le",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:a99366c13fbb55e96bebe92054c09ac75133023b940df8b80a43d89c8d6db580_s390x",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:bdb8fb48f8b164fb3d55de977aaa19414654ec7284f148db11b77b94a3feefd1_ppc64le",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:cc216b7b979a7b216fa7d4965ad6b1a147405fe95b95eafc0aa47c758f1b16d9_arm64",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:cf9edc3befb08c9e0327197884faeb387b44efc169063020d154aa2ce77bd711_amd64",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:5d785f0ff007386c3d6c69eb06e1bac518c7a1b781504ef5ddbb7e6a682382e8_amd64",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:7c85f6f777f9c74096c33f76fbc9c122f203cb549fc91142d51e6aebdc400ec5_s390x",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:b5633612eab927c2d65848d0fd4629e692fbd4ea5b7aa9254ddfe6982824c06a_ppc64le",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:eb444e7e77e14ff1f36c048bdd53d482b6cf3ed98d3ff6f2574620187fde49ab_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOL-5.7:openshift-logging/cluster-logging-operator-bundle@sha256:0761943b57451fa8cd0d42942a831376ab48f723e8ea461d0a5ea49c9a391d7b_amd64",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:1d6a2bd236f72f3dbb4c2e284cb2ac2554d7d79b416d57ee94b8d158ea3ea807_arm64",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:2023d126c1be90ab6e6b27e778cc3944a2e5af2b44358537d65e60d385e78959_ppc64le",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:c9a5546e0f427376f36d6d350cebe7ed3e7d2468d3c8290528fbe054462e22d6_s390x",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:efb5cb250782473d1f4eb42d06747c9fad6df65c888cca88ed421bba399c5d96_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-operator-bundle@sha256:060f8fd11a32cbb6247d7d41e4be1fc71026e9bab9238995b7b2e563fb94e6d7_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:2995302941f4c0d5016e49c3a01ca3bc4d80935ce1de70c84a2124e28e290947_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:6f64ee3aeedb891cb4b88e90c7569235d8e136cb2a66c7da1bc3ec73a518aa5d_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:7ca7ec92b15a7556d6a8daabd24a70f42e4260b6caf9168e852890c063e91186_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:f223378bb8b335e6ed531a451a48fc17c039004414836cc1f2bf8d408eb6eb18_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:368447ae5216ada4c092c8781d3b847a5d37606d7c4ce430376ed5d3a4384863_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:640dfbd649bde0c5fed45d5ecaf595e1cf09ffa6d76be3b75751108c0d85bbcb_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:720587fcb7a89a571c04c8e222e5ebf54c899086ce07461e5f5dac7dfe8e6af9_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:9a492f0164ba9ea96a8cef43577a6d62ce5806dc1e821d3aee2abfcf35a02ac0_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:0fab0830499ef530add912e8022f9d5a09addbf229e62bea989a1d8734e70a33_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:560831bdc34128719564aaaca4b80bba32062b97c87118b4ac00413609bcf067_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:90c408f644a8a853de8338f2d4c1b7ff10877973a98c15868e1e0662da8eca46_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:a00a7c1c152b6d2897bdc06b0137b556e6931b7d309e4e9a585825dbd558d3ba_arm64",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:3054aade5994df42ab7c2981865a7851049ea46ed20b7805d1553d6b28ab5af8_amd64",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:7a45458250a73682ab11a3c743d563ab1c9072281b15d3a18088c5902130a4cd_s390x",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:ac827708b7d49a217770e510124427e9430ec13b23d8fc3e0f7bdcb682214b34_ppc64le",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:bc31b395c3a2353048cad9d0d44f28e60f7e0a01e5fc6f6b2803d813ec279687_arm64",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:08ba4f66916d6331ce739c856c863e2de59c7b870ef2247ed2ee4b5895932193_s390x",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:65b491f9794f306cfe74b6ff622e9fe8b1155df5ed89e8db1f34ee2d299b2245_ppc64le",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:d920792d5ea71265702f0a408888e051b47d23cb8b624c02e6ed29b142d152bf_arm64",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:f93ddeb2a52c0aead46bb0bb2af71a68c9a11093617615faadb3b07f45590fa1_amd64",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:6bdd69f14340d82695bd645b14f4faaa99c830630087d43aa843418cfb34b89e_arm64",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:b104e6731b8ddfb98dd8a0891dfb1051fb59e82d70f91c297a62402922412c32_amd64",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:e8af2bde433bebee9236365ce6bc52db26981c8e484df2048cb4ed2b7cb5bed1_s390x",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:eddddb656ad870ad417cb92756ce537d32b55b17a9af3c87b5e2f4834017e48a_ppc64le",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:407891f77d384f8708f9e33469c410e84ba25fa9e4cb16e4a6a9c212f0b48a9c_amd64",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:7f5f8f7d40938e5a0b2b2724c551f4e1dcf57de78daacd736b28b964d0fa6eec_arm64",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:a91af106ffacd6a620c6b194697516ee3e9f8aa36605873061766d9f0ec35f84_s390x",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:fef8afe2da100f267ed9e3848b4a9a1183e04bf0a9702404d03b2f57e5ec1bde_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:00fe8c23f7944a5d639c17b2e81dd80a424aabbddd4d7f0aff6b54f8cf370a58_amd64",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:0a7df021980720321c27e8021626e0c4f428150faa75fd92803b3e172f07eedf_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:927ba226f05237f6ad1faf686149a89f692f8904445f5a35f15a685518d3fe6a_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:94a2902ffbfcec5c29a23529d81f4605ebab9bde8156ad1be6dba42ccedeb1fe_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:476a5e47090c24d1f8f5bafaca9b80e5373a2da0f14a7ec6e7254a32440adfdb_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:8cb4328b46bc3f8627f11fe69b37d8147f1d76b909c9880066277615c36cabc1_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:9a1e97c4dac0165d92615b30b9140149b038ab788464dcd41f8a14b647220a98_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:9fe7eba96b742b1a3d55cef2934ce6259be01faf589f0b2ec1bc3b557a833980_amd64",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:0f251245e9f1030e64a6c9b76fe22b571e4a3f9cc2fd38979b52e5c91c6bd2e6_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:2f09d0a0faad8944b5d4689699ae15d3d4e44cefaa5aaa11f2c584e71b23e667_amd64",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:8181f92baa5a86da7767f605f4537b59fad583ee80fcde309fea504e9c3147c0_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:c1247743656700aa4be1b1f6d43732e9ad65e0a99a928065aa94ef2a3729bac8_s390x",
"8Base-RHOL-5.7:openshift-logging/loki-operator-bundle@sha256:c569eba6b695d9f26dc47f413e925d02666683a4af0401f23cfd05b96dcb61e9_amd64",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:31cdc95fe91aeb315afa5a1daf98e91587eac31b895de5b698bfd4637889ce22_arm64",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:4e59120fc8a10978b234716a5757891c197e9394aae2446b3b8d8621f3983792_ppc64le",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:75d73f70f941e73b41e38d666dc1dbdfb465cb2d182b6f3663d632da5a15feb7_s390x",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:c7d2ef7cf71269238bb23db61f08f9d237baa955a18cb394e8d34dc80178cdc5_amd64",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:1b1dd755ceb338795820eb5c4abd1914071b4579502eb40379e0126dbc5bd58c_s390x",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:37e919ddb8673ef99e5e0e1b9e5c9c388c9417dd45971f2dab05bf92b462ab67_amd64",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:3ef274ae69a419f4458c290b6bd33c2787798dc5a905f46dc20aff7b1c0b6e25_arm64",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:4cc1ddf22cba8a5ed94549115b5210d961e1978618c8cb48e820e545369ecb65_ppc64le",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:a99366c13fbb55e96bebe92054c09ac75133023b940df8b80a43d89c8d6db580_s390x",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:bdb8fb48f8b164fb3d55de977aaa19414654ec7284f148db11b77b94a3feefd1_ppc64le",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:cc216b7b979a7b216fa7d4965ad6b1a147405fe95b95eafc0aa47c758f1b16d9_arm64",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:cf9edc3befb08c9e0327197884faeb387b44efc169063020d154aa2ce77bd711_amd64",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:5d785f0ff007386c3d6c69eb06e1bac518c7a1b781504ef5ddbb7e6a682382e8_amd64",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:7c85f6f777f9c74096c33f76fbc9c122f203cb549fc91142d51e6aebdc400ec5_s390x",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:b5633612eab927c2d65848d0fd4629e692fbd4ea5b7aa9254ddfe6982824c06a_ppc64le",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:eb444e7e77e14ff1f36c048bdd53d482b6cf3ed98d3ff6f2574620187fde49ab_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)"
},
{
"cve": "CVE-2023-44487",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOL-5.7:openshift-logging/cluster-logging-operator-bundle@sha256:0761943b57451fa8cd0d42942a831376ab48f723e8ea461d0a5ea49c9a391d7b_amd64",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:1d6a2bd236f72f3dbb4c2e284cb2ac2554d7d79b416d57ee94b8d158ea3ea807_arm64",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:2023d126c1be90ab6e6b27e778cc3944a2e5af2b44358537d65e60d385e78959_ppc64le",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:c9a5546e0f427376f36d6d350cebe7ed3e7d2468d3c8290528fbe054462e22d6_s390x",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:efb5cb250782473d1f4eb42d06747c9fad6df65c888cca88ed421bba399c5d96_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-operator-bundle@sha256:060f8fd11a32cbb6247d7d41e4be1fc71026e9bab9238995b7b2e563fb94e6d7_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:2995302941f4c0d5016e49c3a01ca3bc4d80935ce1de70c84a2124e28e290947_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:6f64ee3aeedb891cb4b88e90c7569235d8e136cb2a66c7da1bc3ec73a518aa5d_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:7ca7ec92b15a7556d6a8daabd24a70f42e4260b6caf9168e852890c063e91186_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:f223378bb8b335e6ed531a451a48fc17c039004414836cc1f2bf8d408eb6eb18_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:368447ae5216ada4c092c8781d3b847a5d37606d7c4ce430376ed5d3a4384863_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:640dfbd649bde0c5fed45d5ecaf595e1cf09ffa6d76be3b75751108c0d85bbcb_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:720587fcb7a89a571c04c8e222e5ebf54c899086ce07461e5f5dac7dfe8e6af9_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:9a492f0164ba9ea96a8cef43577a6d62ce5806dc1e821d3aee2abfcf35a02ac0_arm64",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:3054aade5994df42ab7c2981865a7851049ea46ed20b7805d1553d6b28ab5af8_amd64",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:7a45458250a73682ab11a3c743d563ab1c9072281b15d3a18088c5902130a4cd_s390x",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:ac827708b7d49a217770e510124427e9430ec13b23d8fc3e0f7bdcb682214b34_ppc64le",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:bc31b395c3a2353048cad9d0d44f28e60f7e0a01e5fc6f6b2803d813ec279687_arm64",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:08ba4f66916d6331ce739c856c863e2de59c7b870ef2247ed2ee4b5895932193_s390x",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:65b491f9794f306cfe74b6ff622e9fe8b1155df5ed89e8db1f34ee2d299b2245_ppc64le",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:d920792d5ea71265702f0a408888e051b47d23cb8b624c02e6ed29b142d152bf_arm64",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:f93ddeb2a52c0aead46bb0bb2af71a68c9a11093617615faadb3b07f45590fa1_amd64",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:6bdd69f14340d82695bd645b14f4faaa99c830630087d43aa843418cfb34b89e_arm64",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:b104e6731b8ddfb98dd8a0891dfb1051fb59e82d70f91c297a62402922412c32_amd64",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:e8af2bde433bebee9236365ce6bc52db26981c8e484df2048cb4ed2b7cb5bed1_s390x",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:eddddb656ad870ad417cb92756ce537d32b55b17a9af3c87b5e2f4834017e48a_ppc64le",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:407891f77d384f8708f9e33469c410e84ba25fa9e4cb16e4a6a9c212f0b48a9c_amd64",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:7f5f8f7d40938e5a0b2b2724c551f4e1dcf57de78daacd736b28b964d0fa6eec_arm64",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:a91af106ffacd6a620c6b194697516ee3e9f8aa36605873061766d9f0ec35f84_s390x",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:fef8afe2da100f267ed9e3848b4a9a1183e04bf0a9702404d03b2f57e5ec1bde_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:00fe8c23f7944a5d639c17b2e81dd80a424aabbddd4d7f0aff6b54f8cf370a58_amd64",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:0a7df021980720321c27e8021626e0c4f428150faa75fd92803b3e172f07eedf_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:927ba226f05237f6ad1faf686149a89f692f8904445f5a35f15a685518d3fe6a_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:94a2902ffbfcec5c29a23529d81f4605ebab9bde8156ad1be6dba42ccedeb1fe_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:476a5e47090c24d1f8f5bafaca9b80e5373a2da0f14a7ec6e7254a32440adfdb_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:8cb4328b46bc3f8627f11fe69b37d8147f1d76b909c9880066277615c36cabc1_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:9a1e97c4dac0165d92615b30b9140149b038ab788464dcd41f8a14b647220a98_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:9fe7eba96b742b1a3d55cef2934ce6259be01faf589f0b2ec1bc3b557a833980_amd64",
"8Base-RHOL-5.7:openshift-logging/loki-operator-bundle@sha256:c569eba6b695d9f26dc47f413e925d02666683a4af0401f23cfd05b96dcb61e9_amd64",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:31cdc95fe91aeb315afa5a1daf98e91587eac31b895de5b698bfd4637889ce22_arm64",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:4e59120fc8a10978b234716a5757891c197e9394aae2446b3b8d8621f3983792_ppc64le",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:75d73f70f941e73b41e38d666dc1dbdfb465cb2d182b6f3663d632da5a15feb7_s390x",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:c7d2ef7cf71269238bb23db61f08f9d237baa955a18cb394e8d34dc80178cdc5_amd64",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:1b1dd755ceb338795820eb5c4abd1914071b4579502eb40379e0126dbc5bd58c_s390x",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:37e919ddb8673ef99e5e0e1b9e5c9c388c9417dd45971f2dab05bf92b462ab67_amd64",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:3ef274ae69a419f4458c290b6bd33c2787798dc5a905f46dc20aff7b1c0b6e25_arm64",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:4cc1ddf22cba8a5ed94549115b5210d961e1978618c8cb48e820e545369ecb65_ppc64le",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:a99366c13fbb55e96bebe92054c09ac75133023b940df8b80a43d89c8d6db580_s390x",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:bdb8fb48f8b164fb3d55de977aaa19414654ec7284f148db11b77b94a3feefd1_ppc64le",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:cc216b7b979a7b216fa7d4965ad6b1a147405fe95b95eafc0aa47c758f1b16d9_arm64",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:cf9edc3befb08c9e0327197884faeb387b44efc169063020d154aa2ce77bd711_amd64",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:5d785f0ff007386c3d6c69eb06e1bac518c7a1b781504ef5ddbb7e6a682382e8_amd64",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:7c85f6f777f9c74096c33f76fbc9c122f203cb549fc91142d51e6aebdc400ec5_s390x",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:b5633612eab927c2d65848d0fd4629e692fbd4ea5b7aa9254ddfe6982824c06a_ppc64le",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:eb444e7e77e14ff1f36c048bdd53d482b6cf3ed98d3ff6f2574620187fde49ab_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2242803"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages.\r\n\r\nSecurity Bulletin\r\nhttps://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "NGINX has been marked as Moderate Impact because, for performance and resource consumption reasons, NGINX limits the number of concurrent streams to a default of 128. In addition, to optimally balance network and server performance, NGINX allows the client to persist HTTP connections for up to 1000 requests by default using an HTTP keepalive.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nrhc component is no longer impacted by CVE-2023-44487 \u0026 CVE-2023-39325.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:0fab0830499ef530add912e8022f9d5a09addbf229e62bea989a1d8734e70a33_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:560831bdc34128719564aaaca4b80bba32062b97c87118b4ac00413609bcf067_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:90c408f644a8a853de8338f2d4c1b7ff10877973a98c15868e1e0662da8eca46_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:a00a7c1c152b6d2897bdc06b0137b556e6931b7d309e4e9a585825dbd558d3ba_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:0f251245e9f1030e64a6c9b76fe22b571e4a3f9cc2fd38979b52e5c91c6bd2e6_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:2f09d0a0faad8944b5d4689699ae15d3d4e44cefaa5aaa11f2c584e71b23e667_amd64",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:8181f92baa5a86da7767f605f4537b59fad583ee80fcde309fea504e9c3147c0_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:c1247743656700aa4be1b1f6d43732e9ad65e0a99a928065aa94ef2a3729bac8_s390x"
],
"known_not_affected": [
"8Base-RHOL-5.7:openshift-logging/cluster-logging-operator-bundle@sha256:0761943b57451fa8cd0d42942a831376ab48f723e8ea461d0a5ea49c9a391d7b_amd64",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:1d6a2bd236f72f3dbb4c2e284cb2ac2554d7d79b416d57ee94b8d158ea3ea807_arm64",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:2023d126c1be90ab6e6b27e778cc3944a2e5af2b44358537d65e60d385e78959_ppc64le",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:c9a5546e0f427376f36d6d350cebe7ed3e7d2468d3c8290528fbe054462e22d6_s390x",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:efb5cb250782473d1f4eb42d06747c9fad6df65c888cca88ed421bba399c5d96_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-operator-bundle@sha256:060f8fd11a32cbb6247d7d41e4be1fc71026e9bab9238995b7b2e563fb94e6d7_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:2995302941f4c0d5016e49c3a01ca3bc4d80935ce1de70c84a2124e28e290947_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:6f64ee3aeedb891cb4b88e90c7569235d8e136cb2a66c7da1bc3ec73a518aa5d_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:7ca7ec92b15a7556d6a8daabd24a70f42e4260b6caf9168e852890c063e91186_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:f223378bb8b335e6ed531a451a48fc17c039004414836cc1f2bf8d408eb6eb18_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:368447ae5216ada4c092c8781d3b847a5d37606d7c4ce430376ed5d3a4384863_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:640dfbd649bde0c5fed45d5ecaf595e1cf09ffa6d76be3b75751108c0d85bbcb_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:720587fcb7a89a571c04c8e222e5ebf54c899086ce07461e5f5dac7dfe8e6af9_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:9a492f0164ba9ea96a8cef43577a6d62ce5806dc1e821d3aee2abfcf35a02ac0_arm64",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:3054aade5994df42ab7c2981865a7851049ea46ed20b7805d1553d6b28ab5af8_amd64",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:7a45458250a73682ab11a3c743d563ab1c9072281b15d3a18088c5902130a4cd_s390x",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:ac827708b7d49a217770e510124427e9430ec13b23d8fc3e0f7bdcb682214b34_ppc64le",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:bc31b395c3a2353048cad9d0d44f28e60f7e0a01e5fc6f6b2803d813ec279687_arm64",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:08ba4f66916d6331ce739c856c863e2de59c7b870ef2247ed2ee4b5895932193_s390x",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:65b491f9794f306cfe74b6ff622e9fe8b1155df5ed89e8db1f34ee2d299b2245_ppc64le",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:d920792d5ea71265702f0a408888e051b47d23cb8b624c02e6ed29b142d152bf_arm64",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:f93ddeb2a52c0aead46bb0bb2af71a68c9a11093617615faadb3b07f45590fa1_amd64",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:6bdd69f14340d82695bd645b14f4faaa99c830630087d43aa843418cfb34b89e_arm64",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:b104e6731b8ddfb98dd8a0891dfb1051fb59e82d70f91c297a62402922412c32_amd64",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:e8af2bde433bebee9236365ce6bc52db26981c8e484df2048cb4ed2b7cb5bed1_s390x",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:eddddb656ad870ad417cb92756ce537d32b55b17a9af3c87b5e2f4834017e48a_ppc64le",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:407891f77d384f8708f9e33469c410e84ba25fa9e4cb16e4a6a9c212f0b48a9c_amd64",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:7f5f8f7d40938e5a0b2b2724c551f4e1dcf57de78daacd736b28b964d0fa6eec_arm64",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:a91af106ffacd6a620c6b194697516ee3e9f8aa36605873061766d9f0ec35f84_s390x",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:fef8afe2da100f267ed9e3848b4a9a1183e04bf0a9702404d03b2f57e5ec1bde_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:00fe8c23f7944a5d639c17b2e81dd80a424aabbddd4d7f0aff6b54f8cf370a58_amd64",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:0a7df021980720321c27e8021626e0c4f428150faa75fd92803b3e172f07eedf_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:927ba226f05237f6ad1faf686149a89f692f8904445f5a35f15a685518d3fe6a_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:94a2902ffbfcec5c29a23529d81f4605ebab9bde8156ad1be6dba42ccedeb1fe_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:476a5e47090c24d1f8f5bafaca9b80e5373a2da0f14a7ec6e7254a32440adfdb_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:8cb4328b46bc3f8627f11fe69b37d8147f1d76b909c9880066277615c36cabc1_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:9a1e97c4dac0165d92615b30b9140149b038ab788464dcd41f8a14b647220a98_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:9fe7eba96b742b1a3d55cef2934ce6259be01faf589f0b2ec1bc3b557a833980_amd64",
"8Base-RHOL-5.7:openshift-logging/loki-operator-bundle@sha256:c569eba6b695d9f26dc47f413e925d02666683a4af0401f23cfd05b96dcb61e9_amd64",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:31cdc95fe91aeb315afa5a1daf98e91587eac31b895de5b698bfd4637889ce22_arm64",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:4e59120fc8a10978b234716a5757891c197e9394aae2446b3b8d8621f3983792_ppc64le",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:75d73f70f941e73b41e38d666dc1dbdfb465cb2d182b6f3663d632da5a15feb7_s390x",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:c7d2ef7cf71269238bb23db61f08f9d237baa955a18cb394e8d34dc80178cdc5_amd64",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:1b1dd755ceb338795820eb5c4abd1914071b4579502eb40379e0126dbc5bd58c_s390x",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:37e919ddb8673ef99e5e0e1b9e5c9c388c9417dd45971f2dab05bf92b462ab67_amd64",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:3ef274ae69a419f4458c290b6bd33c2787798dc5a905f46dc20aff7b1c0b6e25_arm64",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:4cc1ddf22cba8a5ed94549115b5210d961e1978618c8cb48e820e545369ecb65_ppc64le",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:a99366c13fbb55e96bebe92054c09ac75133023b940df8b80a43d89c8d6db580_s390x",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:bdb8fb48f8b164fb3d55de977aaa19414654ec7284f148db11b77b94a3feefd1_ppc64le",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:cc216b7b979a7b216fa7d4965ad6b1a147405fe95b95eafc0aa47c758f1b16d9_arm64",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:cf9edc3befb08c9e0327197884faeb387b44efc169063020d154aa2ce77bd711_amd64",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:5d785f0ff007386c3d6c69eb06e1bac518c7a1b781504ef5ddbb7e6a682382e8_amd64",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:7c85f6f777f9c74096c33f76fbc9c122f203cb549fc91142d51e6aebdc400ec5_s390x",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:b5633612eab927c2d65848d0fd4629e692fbd4ea5b7aa9254ddfe6982824c06a_ppc64le",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:eb444e7e77e14ff1f36c048bdd53d482b6cf3ed98d3ff6f2574620187fde49ab_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "RHBZ#2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://github.com/dotnet/announcements/issues/277",
"url": "https://github.com/dotnet/announcements/issues/277"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
},
{
"category": "external",
"summary": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/",
"url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-20T05:04:43+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:0fab0830499ef530add912e8022f9d5a09addbf229e62bea989a1d8734e70a33_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:560831bdc34128719564aaaca4b80bba32062b97c87118b4ac00413609bcf067_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:90c408f644a8a853de8338f2d4c1b7ff10877973a98c15868e1e0662da8eca46_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:a00a7c1c152b6d2897bdc06b0137b556e6931b7d309e4e9a585825dbd558d3ba_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:0f251245e9f1030e64a6c9b76fe22b571e4a3f9cc2fd38979b52e5c91c6bd2e6_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:2f09d0a0faad8944b5d4689699ae15d3d4e44cefaa5aaa11f2c584e71b23e667_amd64",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:8181f92baa5a86da7767f605f4537b59fad583ee80fcde309fea504e9c3147c0_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:c1247743656700aa4be1b1f6d43732e9ad65e0a99a928065aa94ef2a3729bac8_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:5530"
},
{
"category": "workaround",
"details": "Users are strongly urged to update their software as soon as fixes are available. \nThere are several mitigation approaches for this flaw. \n\n1. If circumstances permit, users may disable http2 endpoints to circumvent the flaw altogether until a fix is available.\n2. IP-based blocking or flood protection and rate control tools may be used at network endpoints to filter incoming traffic.\n3. Several package specific mitigations are also available. \n a. nginx: https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\n b. netty: https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p\n c. haproxy: https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\n d. nghttp2: https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg\n e. golang: The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"8Base-RHOL-5.7:openshift-logging/cluster-logging-operator-bundle@sha256:0761943b57451fa8cd0d42942a831376ab48f723e8ea461d0a5ea49c9a391d7b_amd64",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:1d6a2bd236f72f3dbb4c2e284cb2ac2554d7d79b416d57ee94b8d158ea3ea807_arm64",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:2023d126c1be90ab6e6b27e778cc3944a2e5af2b44358537d65e60d385e78959_ppc64le",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:c9a5546e0f427376f36d6d350cebe7ed3e7d2468d3c8290528fbe054462e22d6_s390x",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:efb5cb250782473d1f4eb42d06747c9fad6df65c888cca88ed421bba399c5d96_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-operator-bundle@sha256:060f8fd11a32cbb6247d7d41e4be1fc71026e9bab9238995b7b2e563fb94e6d7_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:2995302941f4c0d5016e49c3a01ca3bc4d80935ce1de70c84a2124e28e290947_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:6f64ee3aeedb891cb4b88e90c7569235d8e136cb2a66c7da1bc3ec73a518aa5d_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:7ca7ec92b15a7556d6a8daabd24a70f42e4260b6caf9168e852890c063e91186_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:f223378bb8b335e6ed531a451a48fc17c039004414836cc1f2bf8d408eb6eb18_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:368447ae5216ada4c092c8781d3b847a5d37606d7c4ce430376ed5d3a4384863_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:640dfbd649bde0c5fed45d5ecaf595e1cf09ffa6d76be3b75751108c0d85bbcb_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:720587fcb7a89a571c04c8e222e5ebf54c899086ce07461e5f5dac7dfe8e6af9_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:9a492f0164ba9ea96a8cef43577a6d62ce5806dc1e821d3aee2abfcf35a02ac0_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:0fab0830499ef530add912e8022f9d5a09addbf229e62bea989a1d8734e70a33_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:560831bdc34128719564aaaca4b80bba32062b97c87118b4ac00413609bcf067_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:90c408f644a8a853de8338f2d4c1b7ff10877973a98c15868e1e0662da8eca46_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:a00a7c1c152b6d2897bdc06b0137b556e6931b7d309e4e9a585825dbd558d3ba_arm64",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:3054aade5994df42ab7c2981865a7851049ea46ed20b7805d1553d6b28ab5af8_amd64",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:7a45458250a73682ab11a3c743d563ab1c9072281b15d3a18088c5902130a4cd_s390x",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:ac827708b7d49a217770e510124427e9430ec13b23d8fc3e0f7bdcb682214b34_ppc64le",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:bc31b395c3a2353048cad9d0d44f28e60f7e0a01e5fc6f6b2803d813ec279687_arm64",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:08ba4f66916d6331ce739c856c863e2de59c7b870ef2247ed2ee4b5895932193_s390x",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:65b491f9794f306cfe74b6ff622e9fe8b1155df5ed89e8db1f34ee2d299b2245_ppc64le",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:d920792d5ea71265702f0a408888e051b47d23cb8b624c02e6ed29b142d152bf_arm64",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:f93ddeb2a52c0aead46bb0bb2af71a68c9a11093617615faadb3b07f45590fa1_amd64",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:6bdd69f14340d82695bd645b14f4faaa99c830630087d43aa843418cfb34b89e_arm64",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:b104e6731b8ddfb98dd8a0891dfb1051fb59e82d70f91c297a62402922412c32_amd64",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:e8af2bde433bebee9236365ce6bc52db26981c8e484df2048cb4ed2b7cb5bed1_s390x",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:eddddb656ad870ad417cb92756ce537d32b55b17a9af3c87b5e2f4834017e48a_ppc64le",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:407891f77d384f8708f9e33469c410e84ba25fa9e4cb16e4a6a9c212f0b48a9c_amd64",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:7f5f8f7d40938e5a0b2b2724c551f4e1dcf57de78daacd736b28b964d0fa6eec_arm64",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:a91af106ffacd6a620c6b194697516ee3e9f8aa36605873061766d9f0ec35f84_s390x",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:fef8afe2da100f267ed9e3848b4a9a1183e04bf0a9702404d03b2f57e5ec1bde_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:00fe8c23f7944a5d639c17b2e81dd80a424aabbddd4d7f0aff6b54f8cf370a58_amd64",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:0a7df021980720321c27e8021626e0c4f428150faa75fd92803b3e172f07eedf_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:927ba226f05237f6ad1faf686149a89f692f8904445f5a35f15a685518d3fe6a_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:94a2902ffbfcec5c29a23529d81f4605ebab9bde8156ad1be6dba42ccedeb1fe_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:476a5e47090c24d1f8f5bafaca9b80e5373a2da0f14a7ec6e7254a32440adfdb_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:8cb4328b46bc3f8627f11fe69b37d8147f1d76b909c9880066277615c36cabc1_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:9a1e97c4dac0165d92615b30b9140149b038ab788464dcd41f8a14b647220a98_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:9fe7eba96b742b1a3d55cef2934ce6259be01faf589f0b2ec1bc3b557a833980_amd64",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:0f251245e9f1030e64a6c9b76fe22b571e4a3f9cc2fd38979b52e5c91c6bd2e6_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:2f09d0a0faad8944b5d4689699ae15d3d4e44cefaa5aaa11f2c584e71b23e667_amd64",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:8181f92baa5a86da7767f605f4537b59fad583ee80fcde309fea504e9c3147c0_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:c1247743656700aa4be1b1f6d43732e9ad65e0a99a928065aa94ef2a3729bac8_s390x",
"8Base-RHOL-5.7:openshift-logging/loki-operator-bundle@sha256:c569eba6b695d9f26dc47f413e925d02666683a4af0401f23cfd05b96dcb61e9_amd64",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:31cdc95fe91aeb315afa5a1daf98e91587eac31b895de5b698bfd4637889ce22_arm64",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:4e59120fc8a10978b234716a5757891c197e9394aae2446b3b8d8621f3983792_ppc64le",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:75d73f70f941e73b41e38d666dc1dbdfb465cb2d182b6f3663d632da5a15feb7_s390x",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:c7d2ef7cf71269238bb23db61f08f9d237baa955a18cb394e8d34dc80178cdc5_amd64",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:1b1dd755ceb338795820eb5c4abd1914071b4579502eb40379e0126dbc5bd58c_s390x",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:37e919ddb8673ef99e5e0e1b9e5c9c388c9417dd45971f2dab05bf92b462ab67_amd64",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:3ef274ae69a419f4458c290b6bd33c2787798dc5a905f46dc20aff7b1c0b6e25_arm64",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:4cc1ddf22cba8a5ed94549115b5210d961e1978618c8cb48e820e545369ecb65_ppc64le",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:a99366c13fbb55e96bebe92054c09ac75133023b940df8b80a43d89c8d6db580_s390x",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:bdb8fb48f8b164fb3d55de977aaa19414654ec7284f148db11b77b94a3feefd1_ppc64le",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:cc216b7b979a7b216fa7d4965ad6b1a147405fe95b95eafc0aa47c758f1b16d9_arm64",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:cf9edc3befb08c9e0327197884faeb387b44efc169063020d154aa2ce77bd711_amd64",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:5d785f0ff007386c3d6c69eb06e1bac518c7a1b781504ef5ddbb7e6a682382e8_amd64",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:7c85f6f777f9c74096c33f76fbc9c122f203cb549fc91142d51e6aebdc400ec5_s390x",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:b5633612eab927c2d65848d0fd4629e692fbd4ea5b7aa9254ddfe6982824c06a_ppc64le",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:eb444e7e77e14ff1f36c048bdd53d482b6cf3ed98d3ff6f2574620187fde49ab_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOL-5.7:openshift-logging/cluster-logging-operator-bundle@sha256:0761943b57451fa8cd0d42942a831376ab48f723e8ea461d0a5ea49c9a391d7b_amd64",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:1d6a2bd236f72f3dbb4c2e284cb2ac2554d7d79b416d57ee94b8d158ea3ea807_arm64",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:2023d126c1be90ab6e6b27e778cc3944a2e5af2b44358537d65e60d385e78959_ppc64le",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:c9a5546e0f427376f36d6d350cebe7ed3e7d2468d3c8290528fbe054462e22d6_s390x",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:efb5cb250782473d1f4eb42d06747c9fad6df65c888cca88ed421bba399c5d96_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-operator-bundle@sha256:060f8fd11a32cbb6247d7d41e4be1fc71026e9bab9238995b7b2e563fb94e6d7_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:2995302941f4c0d5016e49c3a01ca3bc4d80935ce1de70c84a2124e28e290947_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:6f64ee3aeedb891cb4b88e90c7569235d8e136cb2a66c7da1bc3ec73a518aa5d_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:7ca7ec92b15a7556d6a8daabd24a70f42e4260b6caf9168e852890c063e91186_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:f223378bb8b335e6ed531a451a48fc17c039004414836cc1f2bf8d408eb6eb18_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:368447ae5216ada4c092c8781d3b847a5d37606d7c4ce430376ed5d3a4384863_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:640dfbd649bde0c5fed45d5ecaf595e1cf09ffa6d76be3b75751108c0d85bbcb_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:720587fcb7a89a571c04c8e222e5ebf54c899086ce07461e5f5dac7dfe8e6af9_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:9a492f0164ba9ea96a8cef43577a6d62ce5806dc1e821d3aee2abfcf35a02ac0_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:0fab0830499ef530add912e8022f9d5a09addbf229e62bea989a1d8734e70a33_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:560831bdc34128719564aaaca4b80bba32062b97c87118b4ac00413609bcf067_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:90c408f644a8a853de8338f2d4c1b7ff10877973a98c15868e1e0662da8eca46_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:a00a7c1c152b6d2897bdc06b0137b556e6931b7d309e4e9a585825dbd558d3ba_arm64",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:3054aade5994df42ab7c2981865a7851049ea46ed20b7805d1553d6b28ab5af8_amd64",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:7a45458250a73682ab11a3c743d563ab1c9072281b15d3a18088c5902130a4cd_s390x",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:ac827708b7d49a217770e510124427e9430ec13b23d8fc3e0f7bdcb682214b34_ppc64le",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:bc31b395c3a2353048cad9d0d44f28e60f7e0a01e5fc6f6b2803d813ec279687_arm64",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:08ba4f66916d6331ce739c856c863e2de59c7b870ef2247ed2ee4b5895932193_s390x",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:65b491f9794f306cfe74b6ff622e9fe8b1155df5ed89e8db1f34ee2d299b2245_ppc64le",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:d920792d5ea71265702f0a408888e051b47d23cb8b624c02e6ed29b142d152bf_arm64",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:f93ddeb2a52c0aead46bb0bb2af71a68c9a11093617615faadb3b07f45590fa1_amd64",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:6bdd69f14340d82695bd645b14f4faaa99c830630087d43aa843418cfb34b89e_arm64",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:b104e6731b8ddfb98dd8a0891dfb1051fb59e82d70f91c297a62402922412c32_amd64",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:e8af2bde433bebee9236365ce6bc52db26981c8e484df2048cb4ed2b7cb5bed1_s390x",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:eddddb656ad870ad417cb92756ce537d32b55b17a9af3c87b5e2f4834017e48a_ppc64le",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:407891f77d384f8708f9e33469c410e84ba25fa9e4cb16e4a6a9c212f0b48a9c_amd64",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:7f5f8f7d40938e5a0b2b2724c551f4e1dcf57de78daacd736b28b964d0fa6eec_arm64",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:a91af106ffacd6a620c6b194697516ee3e9f8aa36605873061766d9f0ec35f84_s390x",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:fef8afe2da100f267ed9e3848b4a9a1183e04bf0a9702404d03b2f57e5ec1bde_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:00fe8c23f7944a5d639c17b2e81dd80a424aabbddd4d7f0aff6b54f8cf370a58_amd64",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:0a7df021980720321c27e8021626e0c4f428150faa75fd92803b3e172f07eedf_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:927ba226f05237f6ad1faf686149a89f692f8904445f5a35f15a685518d3fe6a_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:94a2902ffbfcec5c29a23529d81f4605ebab9bde8156ad1be6dba42ccedeb1fe_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:476a5e47090c24d1f8f5bafaca9b80e5373a2da0f14a7ec6e7254a32440adfdb_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:8cb4328b46bc3f8627f11fe69b37d8147f1d76b909c9880066277615c36cabc1_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:9a1e97c4dac0165d92615b30b9140149b038ab788464dcd41f8a14b647220a98_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:9fe7eba96b742b1a3d55cef2934ce6259be01faf589f0b2ec1bc3b557a833980_amd64",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:0f251245e9f1030e64a6c9b76fe22b571e4a3f9cc2fd38979b52e5c91c6bd2e6_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:2f09d0a0faad8944b5d4689699ae15d3d4e44cefaa5aaa11f2c584e71b23e667_amd64",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:8181f92baa5a86da7767f605f4537b59fad583ee80fcde309fea504e9c3147c0_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:c1247743656700aa4be1b1f6d43732e9ad65e0a99a928065aa94ef2a3729bac8_s390x",
"8Base-RHOL-5.7:openshift-logging/loki-operator-bundle@sha256:c569eba6b695d9f26dc47f413e925d02666683a4af0401f23cfd05b96dcb61e9_amd64",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:31cdc95fe91aeb315afa5a1daf98e91587eac31b895de5b698bfd4637889ce22_arm64",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:4e59120fc8a10978b234716a5757891c197e9394aae2446b3b8d8621f3983792_ppc64le",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:75d73f70f941e73b41e38d666dc1dbdfb465cb2d182b6f3663d632da5a15feb7_s390x",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:c7d2ef7cf71269238bb23db61f08f9d237baa955a18cb394e8d34dc80178cdc5_amd64",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:1b1dd755ceb338795820eb5c4abd1914071b4579502eb40379e0126dbc5bd58c_s390x",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:37e919ddb8673ef99e5e0e1b9e5c9c388c9417dd45971f2dab05bf92b462ab67_amd64",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:3ef274ae69a419f4458c290b6bd33c2787798dc5a905f46dc20aff7b1c0b6e25_arm64",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:4cc1ddf22cba8a5ed94549115b5210d961e1978618c8cb48e820e545369ecb65_ppc64le",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:a99366c13fbb55e96bebe92054c09ac75133023b940df8b80a43d89c8d6db580_s390x",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:bdb8fb48f8b164fb3d55de977aaa19414654ec7284f148db11b77b94a3feefd1_ppc64le",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:cc216b7b979a7b216fa7d4965ad6b1a147405fe95b95eafc0aa47c758f1b16d9_arm64",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:cf9edc3befb08c9e0327197884faeb387b44efc169063020d154aa2ce77bd711_amd64",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:5d785f0ff007386c3d6c69eb06e1bac518c7a1b781504ef5ddbb7e6a682382e8_amd64",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:7c85f6f777f9c74096c33f76fbc9c122f203cb549fc91142d51e6aebdc400ec5_s390x",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:b5633612eab927c2d65848d0fd4629e692fbd4ea5b7aa9254ddfe6982824c06a_ppc64le",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:eb444e7e77e14ff1f36c048bdd53d482b6cf3ed98d3ff6f2574620187fde49ab_arm64"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-10-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)"
}
]
}
RHSA-2023:5541
Vulnerability from csaf_redhat - Published: 2023-10-20 04:11 - Updated: 2026-06-05 13:07Summary
Red Hat Security Advisory: Logging Subsystem 5.6.12 - Red Hat OpenShift security update
Severity
Important
Notes
Topic: Logging Subsystem 5.6.12 - Red Hat OpenShift
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Logging Subsystem 5.6.12 - Red Hat OpenShift
Security Fix(es):
* golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-39325)
* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)
NOTE: A Red Hat Security Bulletin which addresses further details about this flaw is available in the References section.
* tough-cookie: prototype pollution in cookie memstore (CVE-2023-26136)
* golang: net/http: insufficient sanitization of Host header (CVE-2023-29406)
* golang: crypto/tls: slow verification of certificate chains containing large RSA keys (CVE-2023-29409)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the tough-cookie package which allows Prototype Pollution due to improper handling of Cookies when using CookieJar in rejectPublicSuffixes=false mode. This issue arises from the manner in which the objects are initialized.
6.5 (Medium)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:42223f3fb6d55d6d9155f110b90323965eaf68263d51c485114784a651be8e5e_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:50230e9829718254fc51d844e0305978b694354bda4b798fb5066ca3c182d323_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:79590fd5063ffa0245d96cec02dc4ce257244a431e213ecbe38462e86536b859_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:fd9b30d940cdc8b281fa4a46e8a22f946571e7e72695fef9cfa02c4337e74dc0_amd64 | — |
Vendor Fix
fix
|
Known not affected
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:02c4a20e1f2b0678afe4ea0757933ce581ef66e6b189622aea7dc0fa91e6c18c_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:556e2c39c0eebd2e8a4d361d40221fa8cf0e9bf7db66dcf2bd2f32576240d94b_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:64d3a93c2adbca869845ea59edfbef2675658bd15fd22dfc1681b57809d3269c_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:a697fe3d581606f0da267205636c94e0dd7076fdf562fe9d4f0332ec0267f880_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:f8553bf9f5a75c089cdf5a26f8853e6f4488c19ef2a8dc1e0ebc96e4aab0384f_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:369d45c783651c6e07dfd721fa43025800b263da8e1fdbbc75b296686426e840_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:26f58db9cb18dfe0eb7a3478a7bb86c87efabe32d98dcf74bc34226a09ea6f0e_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:938ac92e58ab4fd377219899c6f3c25f41a58260f078e44b371d91964083d96a_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:c67b4fadb575fc60d60cc3307da75f2fa3e5c4760e572072308a506e4e271ab1_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:ce5fc5a37453626de4bcb9a05d3849ef7da0722bfc8f0fecfc1f693cf6b5deff_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:2a87c3b6888c57d813169da3ae06aa5bcac1ac916cdc62da3c492928d8eab187_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:34a393916466f1d4544cbe4d75936147c4bfc4e0246bee0faebc5c285f26d30d_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:358c663dbc3c6b0ee31a4b2665c79ff7b826ba6b72c21db62d186a6da09b04c4_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:7a9678d49d25ec0afbcab3c98a3d26d2eeda04a0ece3a833d91dde818f0dde22_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:8e62859531fcb8dd6b054a76c4bc95b62ff62bcbe69fe18f132689a203168bc8_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:92ab2dde35f2f59c3a8ce7b8b12f5703a7a214e83ca5cc13673d0c8ad373f02e_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:caeeb679701abcbb9612b77ef0975575cf31c96b74bfc06553d61140a3f52bb7_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:cd9a57aad90fdec4fef3b0f9b31df96c12bd7fe97cad90f9a1de79e6b0af4bbb_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:b822207e2e70c989cf98d9e5a810e85034a8a1fd2130451e525ce4a804dd1727_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:ec56cae824197805c3287f57854343d2d26caa0b192a009c966d28c32f0d0d92_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:fc638d1f8ff0f079ea1f5cfa3a9938dc06374ca4e6cd24f92ba62b7d03fd6963_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:ff509532db6b7e2d3a44fac2cf9b63687aa8bfbaab46d7a5f9d58be192475818_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:149d75b8f4f523c86122176935c63b96305f6eb308e74eea9fa6651c8e75d239_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:3038086e3dbfab1e3070cdeeb7968e863ab4b1012d161ed263e93b153ae2223b_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:816908f1ac923336e8e3b87129af40271bde545e12b3385186425038f1b14991_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:e489da61d05557fba2718fd3e75b7ba50c51c173f43088334db7f3c993748711_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:0958ffa84bed51e99177837ac672324e5a8c1b20535d8110a3bbabe3f952073e_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:0c4ea44d09b21a915c3ecc17c9a50ba22d71ed06b0cc4ba1d8bfbe1ced426e47_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:20b6b6aef51ef6cabe133e53dcc1d6665ff8fae0fab4d56ecd6998ca88554773_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:57b608727de6a22f2c39c138d184b4d2e9a1e62b2206fbcab290aeef2802e520_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:1646d63e4b9fa7d45f8fc9d1e8cec3cccbed9ba850f3ac07dc75b18f416c580f_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:94471501cf396d9d298e9dfee95ed7496e0ec8767eb80bab0ea809cb4e16b878_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:a2bd4a83b30b2b9e88e8581784e3e901d564d576ba3a58824cd203779ccc9e80_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:b442de2cb36a3a26b3d8b32d953d83d01c4cd5b659f974e1f781fbb5aaef5977_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:1cac7ceee19cd185658324643c9a81d055d22aa238a28986c76594153c79b422_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:4f8f194cc5827f05a969960937e9993528ad030c32d64c7a8d95bcb8ad1bb27a_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:cb78249fdad4f2cff00011a9863f40f0749c2f3b4093a322f9590008e62c06c6_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:f09e73392f894fd4f9c38595e617dd4eebabb698d8e1ad0f3ac4e080c37b1f12_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:47df30d450dbc2b26cf828f2208832ddcba75719cef9486d047e4b2bfb2c61a8_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:aea6196bddef8110c0d9282d6e84a7e8cdee066fab8ba3607dacb8425b458819_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:af7c029f15eacd2b65a99271538c68d9b2dcd5c25dbfabadd0e9f8bb2911d827_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:f4558c73e630c043e8ffebd92bfbc805d13a644b19e5e43d35979b7942225b98_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:62f04228cf7e9abc40efbd69b6dcd0b6d421834b520753194105010cc35e810c_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:260731d610f37fa0072760f09d460d04fd3a1359d24a2218918412bc1a93947b_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:347cb504d7b382c241a238d1fffc91b5905121c4fe6c976356c46909161b9ced_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:c5c0c41173e8c288341859dda8e9c982fba297e2e6c616b953a04ea4280f8caa_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:c5e123a5c5d637ff9fb0327c03351e46f14b0d774b484fd045d51df058550d3d_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:1da817a84816082f56d2f3bea2f4a680b8e8cc4fe7ff95e311b44e1b5f1f5f0a_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:a40f0f1402d912aa12329e0ee3f4d8084337a376f72f1e0b5e45a4dac44ac848_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:ea81838d5b7a63e28ad7e20113253a701063d8d723137681bf11afd801c69f6f_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:f7c8b8251566fadb3396dfee110b6995e9d2ca27614a3b51f148f78fe5b51b50_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:01d2e3c8016742d49a9fe1cf7d62c6826dfc8f805babdc4c32e1407c3c8ae6c2_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:5b8bc65ad9760c2bcabac5ebf72f2a256271a4c1173871742bf8f817c6ce0478_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:b76cb34507d54f963da41744b614b83bb7cc031942e7252452c3b299dcc0f530_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:e9fc83b6a9a40c2af4dd8a8454d8ca9e3a3bb96fdb290427d3a0c9cb753e91f4_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:10f88bb7c978c24555def7bf4d7fd35dba3d1b5ffdc32fde359b175fc8d8b34e_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:7e46ef2e749e3896a86af16744c1c3542ff8a6d0467793af27aedb0fdbc9ee4a_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:a9f8b40acd19609ee9c9bc85a4f2cdec9aa4c8c786b62ad94e33c8ea451de961_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:ebff04a36feae157572fdd32ce2cc045c504b850c0b9f471d381676da314dd97_arm64 | — |
Threats
Impact
Moderate
A flaw was found in Golang, where it is vulnerable to HTTP header injection caused by improper content validation of the Host header by the HTTP/1 client. A remote attacker can inject arbitrary HTTP headers by persuading a victim to visit a specially crafted Web page. This flaw allows the attacker to conduct various attacks against the vulnerable system, including Cross-site scripting, cache poisoning, or session hijacking.
6.5 (Medium)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:47df30d450dbc2b26cf828f2208832ddcba75719cef9486d047e4b2bfb2c61a8_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:aea6196bddef8110c0d9282d6e84a7e8cdee066fab8ba3607dacb8425b458819_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:af7c029f15eacd2b65a99271538c68d9b2dcd5c25dbfabadd0e9f8bb2911d827_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:f4558c73e630c043e8ffebd92bfbc805d13a644b19e5e43d35979b7942225b98_arm64 | — |
Vendor Fix
fix
|
Known not affected
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:02c4a20e1f2b0678afe4ea0757933ce581ef66e6b189622aea7dc0fa91e6c18c_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:556e2c39c0eebd2e8a4d361d40221fa8cf0e9bf7db66dcf2bd2f32576240d94b_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:64d3a93c2adbca869845ea59edfbef2675658bd15fd22dfc1681b57809d3269c_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:a697fe3d581606f0da267205636c94e0dd7076fdf562fe9d4f0332ec0267f880_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:f8553bf9f5a75c089cdf5a26f8853e6f4488c19ef2a8dc1e0ebc96e4aab0384f_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:369d45c783651c6e07dfd721fa43025800b263da8e1fdbbc75b296686426e840_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:26f58db9cb18dfe0eb7a3478a7bb86c87efabe32d98dcf74bc34226a09ea6f0e_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:938ac92e58ab4fd377219899c6f3c25f41a58260f078e44b371d91964083d96a_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:c67b4fadb575fc60d60cc3307da75f2fa3e5c4760e572072308a506e4e271ab1_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:ce5fc5a37453626de4bcb9a05d3849ef7da0722bfc8f0fecfc1f693cf6b5deff_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:2a87c3b6888c57d813169da3ae06aa5bcac1ac916cdc62da3c492928d8eab187_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:34a393916466f1d4544cbe4d75936147c4bfc4e0246bee0faebc5c285f26d30d_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:358c663dbc3c6b0ee31a4b2665c79ff7b826ba6b72c21db62d186a6da09b04c4_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:7a9678d49d25ec0afbcab3c98a3d26d2eeda04a0ece3a833d91dde818f0dde22_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:8e62859531fcb8dd6b054a76c4bc95b62ff62bcbe69fe18f132689a203168bc8_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:92ab2dde35f2f59c3a8ce7b8b12f5703a7a214e83ca5cc13673d0c8ad373f02e_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:caeeb679701abcbb9612b77ef0975575cf31c96b74bfc06553d61140a3f52bb7_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:cd9a57aad90fdec4fef3b0f9b31df96c12bd7fe97cad90f9a1de79e6b0af4bbb_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:b822207e2e70c989cf98d9e5a810e85034a8a1fd2130451e525ce4a804dd1727_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:ec56cae824197805c3287f57854343d2d26caa0b192a009c966d28c32f0d0d92_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:fc638d1f8ff0f079ea1f5cfa3a9938dc06374ca4e6cd24f92ba62b7d03fd6963_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:ff509532db6b7e2d3a44fac2cf9b63687aa8bfbaab46d7a5f9d58be192475818_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:149d75b8f4f523c86122176935c63b96305f6eb308e74eea9fa6651c8e75d239_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:3038086e3dbfab1e3070cdeeb7968e863ab4b1012d161ed263e93b153ae2223b_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:816908f1ac923336e8e3b87129af40271bde545e12b3385186425038f1b14991_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:e489da61d05557fba2718fd3e75b7ba50c51c173f43088334db7f3c993748711_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:0958ffa84bed51e99177837ac672324e5a8c1b20535d8110a3bbabe3f952073e_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:0c4ea44d09b21a915c3ecc17c9a50ba22d71ed06b0cc4ba1d8bfbe1ced426e47_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:20b6b6aef51ef6cabe133e53dcc1d6665ff8fae0fab4d56ecd6998ca88554773_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:57b608727de6a22f2c39c138d184b4d2e9a1e62b2206fbcab290aeef2802e520_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:1646d63e4b9fa7d45f8fc9d1e8cec3cccbed9ba850f3ac07dc75b18f416c580f_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:94471501cf396d9d298e9dfee95ed7496e0ec8767eb80bab0ea809cb4e16b878_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:a2bd4a83b30b2b9e88e8581784e3e901d564d576ba3a58824cd203779ccc9e80_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:b442de2cb36a3a26b3d8b32d953d83d01c4cd5b659f974e1f781fbb5aaef5977_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:1cac7ceee19cd185658324643c9a81d055d22aa238a28986c76594153c79b422_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:4f8f194cc5827f05a969960937e9993528ad030c32d64c7a8d95bcb8ad1bb27a_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:cb78249fdad4f2cff00011a9863f40f0749c2f3b4093a322f9590008e62c06c6_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:f09e73392f894fd4f9c38595e617dd4eebabb698d8e1ad0f3ac4e080c37b1f12_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:42223f3fb6d55d6d9155f110b90323965eaf68263d51c485114784a651be8e5e_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:50230e9829718254fc51d844e0305978b694354bda4b798fb5066ca3c182d323_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:79590fd5063ffa0245d96cec02dc4ce257244a431e213ecbe38462e86536b859_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:fd9b30d940cdc8b281fa4a46e8a22f946571e7e72695fef9cfa02c4337e74dc0_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:62f04228cf7e9abc40efbd69b6dcd0b6d421834b520753194105010cc35e810c_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:260731d610f37fa0072760f09d460d04fd3a1359d24a2218918412bc1a93947b_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:347cb504d7b382c241a238d1fffc91b5905121c4fe6c976356c46909161b9ced_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:c5c0c41173e8c288341859dda8e9c982fba297e2e6c616b953a04ea4280f8caa_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:c5e123a5c5d637ff9fb0327c03351e46f14b0d774b484fd045d51df058550d3d_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:1da817a84816082f56d2f3bea2f4a680b8e8cc4fe7ff95e311b44e1b5f1f5f0a_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:a40f0f1402d912aa12329e0ee3f4d8084337a376f72f1e0b5e45a4dac44ac848_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:ea81838d5b7a63e28ad7e20113253a701063d8d723137681bf11afd801c69f6f_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:f7c8b8251566fadb3396dfee110b6995e9d2ca27614a3b51f148f78fe5b51b50_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:01d2e3c8016742d49a9fe1cf7d62c6826dfc8f805babdc4c32e1407c3c8ae6c2_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:5b8bc65ad9760c2bcabac5ebf72f2a256271a4c1173871742bf8f817c6ce0478_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:b76cb34507d54f963da41744b614b83bb7cc031942e7252452c3b299dcc0f530_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:e9fc83b6a9a40c2af4dd8a8454d8ca9e3a3bb96fdb290427d3a0c9cb753e91f4_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:10f88bb7c978c24555def7bf4d7fd35dba3d1b5ffdc32fde359b175fc8d8b34e_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:7e46ef2e749e3896a86af16744c1c3542ff8a6d0467793af27aedb0fdbc9ee4a_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:a9f8b40acd19609ee9c9bc85a4f2cdec9aa4c8c786b62ad94e33c8ea451de961_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:ebff04a36feae157572fdd32ce2cc045c504b850c0b9f471d381676da314dd97_arm64 | — |
Threats
Impact
Moderate
A denial of service vulnerability was found in the Golang Go package caused by an uncontrolled resource consumption flaw. By persuading a victim to use a specially crafted certificate with large RSA keys, a remote attacker can cause a client/server to expend significant CPU time verifying signatures, resulting in a denial of service condition.
5.3 (Medium)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:47df30d450dbc2b26cf828f2208832ddcba75719cef9486d047e4b2bfb2c61a8_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:aea6196bddef8110c0d9282d6e84a7e8cdee066fab8ba3607dacb8425b458819_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:af7c029f15eacd2b65a99271538c68d9b2dcd5c25dbfabadd0e9f8bb2911d827_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:f4558c73e630c043e8ffebd92bfbc805d13a644b19e5e43d35979b7942225b98_arm64 | — |
Vendor Fix
fix
|
Known not affected
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:02c4a20e1f2b0678afe4ea0757933ce581ef66e6b189622aea7dc0fa91e6c18c_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:556e2c39c0eebd2e8a4d361d40221fa8cf0e9bf7db66dcf2bd2f32576240d94b_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:64d3a93c2adbca869845ea59edfbef2675658bd15fd22dfc1681b57809d3269c_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:a697fe3d581606f0da267205636c94e0dd7076fdf562fe9d4f0332ec0267f880_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:f8553bf9f5a75c089cdf5a26f8853e6f4488c19ef2a8dc1e0ebc96e4aab0384f_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:369d45c783651c6e07dfd721fa43025800b263da8e1fdbbc75b296686426e840_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:26f58db9cb18dfe0eb7a3478a7bb86c87efabe32d98dcf74bc34226a09ea6f0e_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:938ac92e58ab4fd377219899c6f3c25f41a58260f078e44b371d91964083d96a_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:c67b4fadb575fc60d60cc3307da75f2fa3e5c4760e572072308a506e4e271ab1_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:ce5fc5a37453626de4bcb9a05d3849ef7da0722bfc8f0fecfc1f693cf6b5deff_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:2a87c3b6888c57d813169da3ae06aa5bcac1ac916cdc62da3c492928d8eab187_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:34a393916466f1d4544cbe4d75936147c4bfc4e0246bee0faebc5c285f26d30d_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:358c663dbc3c6b0ee31a4b2665c79ff7b826ba6b72c21db62d186a6da09b04c4_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:7a9678d49d25ec0afbcab3c98a3d26d2eeda04a0ece3a833d91dde818f0dde22_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:8e62859531fcb8dd6b054a76c4bc95b62ff62bcbe69fe18f132689a203168bc8_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:92ab2dde35f2f59c3a8ce7b8b12f5703a7a214e83ca5cc13673d0c8ad373f02e_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:caeeb679701abcbb9612b77ef0975575cf31c96b74bfc06553d61140a3f52bb7_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:cd9a57aad90fdec4fef3b0f9b31df96c12bd7fe97cad90f9a1de79e6b0af4bbb_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:b822207e2e70c989cf98d9e5a810e85034a8a1fd2130451e525ce4a804dd1727_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:ec56cae824197805c3287f57854343d2d26caa0b192a009c966d28c32f0d0d92_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:fc638d1f8ff0f079ea1f5cfa3a9938dc06374ca4e6cd24f92ba62b7d03fd6963_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:ff509532db6b7e2d3a44fac2cf9b63687aa8bfbaab46d7a5f9d58be192475818_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:149d75b8f4f523c86122176935c63b96305f6eb308e74eea9fa6651c8e75d239_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:3038086e3dbfab1e3070cdeeb7968e863ab4b1012d161ed263e93b153ae2223b_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:816908f1ac923336e8e3b87129af40271bde545e12b3385186425038f1b14991_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:e489da61d05557fba2718fd3e75b7ba50c51c173f43088334db7f3c993748711_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:0958ffa84bed51e99177837ac672324e5a8c1b20535d8110a3bbabe3f952073e_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:0c4ea44d09b21a915c3ecc17c9a50ba22d71ed06b0cc4ba1d8bfbe1ced426e47_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:20b6b6aef51ef6cabe133e53dcc1d6665ff8fae0fab4d56ecd6998ca88554773_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:57b608727de6a22f2c39c138d184b4d2e9a1e62b2206fbcab290aeef2802e520_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:1646d63e4b9fa7d45f8fc9d1e8cec3cccbed9ba850f3ac07dc75b18f416c580f_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:94471501cf396d9d298e9dfee95ed7496e0ec8767eb80bab0ea809cb4e16b878_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:a2bd4a83b30b2b9e88e8581784e3e901d564d576ba3a58824cd203779ccc9e80_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:b442de2cb36a3a26b3d8b32d953d83d01c4cd5b659f974e1f781fbb5aaef5977_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:1cac7ceee19cd185658324643c9a81d055d22aa238a28986c76594153c79b422_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:4f8f194cc5827f05a969960937e9993528ad030c32d64c7a8d95bcb8ad1bb27a_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:cb78249fdad4f2cff00011a9863f40f0749c2f3b4093a322f9590008e62c06c6_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:f09e73392f894fd4f9c38595e617dd4eebabb698d8e1ad0f3ac4e080c37b1f12_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:42223f3fb6d55d6d9155f110b90323965eaf68263d51c485114784a651be8e5e_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:50230e9829718254fc51d844e0305978b694354bda4b798fb5066ca3c182d323_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:79590fd5063ffa0245d96cec02dc4ce257244a431e213ecbe38462e86536b859_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:fd9b30d940cdc8b281fa4a46e8a22f946571e7e72695fef9cfa02c4337e74dc0_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:62f04228cf7e9abc40efbd69b6dcd0b6d421834b520753194105010cc35e810c_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:260731d610f37fa0072760f09d460d04fd3a1359d24a2218918412bc1a93947b_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:347cb504d7b382c241a238d1fffc91b5905121c4fe6c976356c46909161b9ced_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:c5c0c41173e8c288341859dda8e9c982fba297e2e6c616b953a04ea4280f8caa_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:c5e123a5c5d637ff9fb0327c03351e46f14b0d774b484fd045d51df058550d3d_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:1da817a84816082f56d2f3bea2f4a680b8e8cc4fe7ff95e311b44e1b5f1f5f0a_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:a40f0f1402d912aa12329e0ee3f4d8084337a376f72f1e0b5e45a4dac44ac848_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:ea81838d5b7a63e28ad7e20113253a701063d8d723137681bf11afd801c69f6f_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:f7c8b8251566fadb3396dfee110b6995e9d2ca27614a3b51f148f78fe5b51b50_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:01d2e3c8016742d49a9fe1cf7d62c6826dfc8f805babdc4c32e1407c3c8ae6c2_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:5b8bc65ad9760c2bcabac5ebf72f2a256271a4c1173871742bf8f817c6ce0478_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:b76cb34507d54f963da41744b614b83bb7cc031942e7252452c3b299dcc0f530_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:e9fc83b6a9a40c2af4dd8a8454d8ca9e3a3bb96fdb290427d3a0c9cb753e91f4_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:10f88bb7c978c24555def7bf4d7fd35dba3d1b5ffdc32fde359b175fc8d8b34e_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:7e46ef2e749e3896a86af16744c1c3542ff8a6d0467793af27aedb0fdbc9ee4a_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:a9f8b40acd19609ee9c9bc85a4f2cdec9aa4c8c786b62ad94e33c8ea451de961_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:ebff04a36feae157572fdd32ce2cc045c504b850c0b9f471d381676da314dd97_arm64 | — |
Threats
Impact
Moderate
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.
7.5 (High)
Affected products
Fixed
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:556e2c39c0eebd2e8a4d361d40221fa8cf0e9bf7db66dcf2bd2f32576240d94b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:64d3a93c2adbca869845ea59edfbef2675658bd15fd22dfc1681b57809d3269c_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:a697fe3d581606f0da267205636c94e0dd7076fdf562fe9d4f0332ec0267f880_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:f8553bf9f5a75c089cdf5a26f8853e6f4488c19ef2a8dc1e0ebc96e4aab0384f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:26f58db9cb18dfe0eb7a3478a7bb86c87efabe32d98dcf74bc34226a09ea6f0e_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:938ac92e58ab4fd377219899c6f3c25f41a58260f078e44b371d91964083d96a_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:c67b4fadb575fc60d60cc3307da75f2fa3e5c4760e572072308a506e4e271ab1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:ce5fc5a37453626de4bcb9a05d3849ef7da0722bfc8f0fecfc1f693cf6b5deff_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:2a87c3b6888c57d813169da3ae06aa5bcac1ac916cdc62da3c492928d8eab187_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:34a393916466f1d4544cbe4d75936147c4bfc4e0246bee0faebc5c285f26d30d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:358c663dbc3c6b0ee31a4b2665c79ff7b826ba6b72c21db62d186a6da09b04c4_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:7a9678d49d25ec0afbcab3c98a3d26d2eeda04a0ece3a833d91dde818f0dde22_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:b822207e2e70c989cf98d9e5a810e85034a8a1fd2130451e525ce4a804dd1727_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:ec56cae824197805c3287f57854343d2d26caa0b192a009c966d28c32f0d0d92_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:fc638d1f8ff0f079ea1f5cfa3a9938dc06374ca4e6cd24f92ba62b7d03fd6963_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:ff509532db6b7e2d3a44fac2cf9b63687aa8bfbaab46d7a5f9d58be192475818_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:47df30d450dbc2b26cf828f2208832ddcba75719cef9486d047e4b2bfb2c61a8_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:aea6196bddef8110c0d9282d6e84a7e8cdee066fab8ba3607dacb8425b458819_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:af7c029f15eacd2b65a99271538c68d9b2dcd5c25dbfabadd0e9f8bb2911d827_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:f4558c73e630c043e8ffebd92bfbc805d13a644b19e5e43d35979b7942225b98_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:260731d610f37fa0072760f09d460d04fd3a1359d24a2218918412bc1a93947b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:347cb504d7b382c241a238d1fffc91b5905121c4fe6c976356c46909161b9ced_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:c5c0c41173e8c288341859dda8e9c982fba297e2e6c616b953a04ea4280f8caa_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:c5e123a5c5d637ff9fb0327c03351e46f14b0d774b484fd045d51df058550d3d_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:1da817a84816082f56d2f3bea2f4a680b8e8cc4fe7ff95e311b44e1b5f1f5f0a_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:a40f0f1402d912aa12329e0ee3f4d8084337a376f72f1e0b5e45a4dac44ac848_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:ea81838d5b7a63e28ad7e20113253a701063d8d723137681bf11afd801c69f6f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:f7c8b8251566fadb3396dfee110b6995e9d2ca27614a3b51f148f78fe5b51b50_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:01d2e3c8016742d49a9fe1cf7d62c6826dfc8f805babdc4c32e1407c3c8ae6c2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:5b8bc65ad9760c2bcabac5ebf72f2a256271a4c1173871742bf8f817c6ce0478_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:b76cb34507d54f963da41744b614b83bb7cc031942e7252452c3b299dcc0f530_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:e9fc83b6a9a40c2af4dd8a8454d8ca9e3a3bb96fdb290427d3a0c9cb753e91f4_arm64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:02c4a20e1f2b0678afe4ea0757933ce581ef66e6b189622aea7dc0fa91e6c18c_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:369d45c783651c6e07dfd721fa43025800b263da8e1fdbbc75b296686426e840_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:8e62859531fcb8dd6b054a76c4bc95b62ff62bcbe69fe18f132689a203168bc8_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:92ab2dde35f2f59c3a8ce7b8b12f5703a7a214e83ca5cc13673d0c8ad373f02e_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:caeeb679701abcbb9612b77ef0975575cf31c96b74bfc06553d61140a3f52bb7_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:cd9a57aad90fdec4fef3b0f9b31df96c12bd7fe97cad90f9a1de79e6b0af4bbb_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:149d75b8f4f523c86122176935c63b96305f6eb308e74eea9fa6651c8e75d239_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:3038086e3dbfab1e3070cdeeb7968e863ab4b1012d161ed263e93b153ae2223b_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:816908f1ac923336e8e3b87129af40271bde545e12b3385186425038f1b14991_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:e489da61d05557fba2718fd3e75b7ba50c51c173f43088334db7f3c993748711_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:0958ffa84bed51e99177837ac672324e5a8c1b20535d8110a3bbabe3f952073e_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:0c4ea44d09b21a915c3ecc17c9a50ba22d71ed06b0cc4ba1d8bfbe1ced426e47_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:20b6b6aef51ef6cabe133e53dcc1d6665ff8fae0fab4d56ecd6998ca88554773_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:57b608727de6a22f2c39c138d184b4d2e9a1e62b2206fbcab290aeef2802e520_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:1646d63e4b9fa7d45f8fc9d1e8cec3cccbed9ba850f3ac07dc75b18f416c580f_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:94471501cf396d9d298e9dfee95ed7496e0ec8767eb80bab0ea809cb4e16b878_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:a2bd4a83b30b2b9e88e8581784e3e901d564d576ba3a58824cd203779ccc9e80_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:b442de2cb36a3a26b3d8b32d953d83d01c4cd5b659f974e1f781fbb5aaef5977_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:1cac7ceee19cd185658324643c9a81d055d22aa238a28986c76594153c79b422_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:4f8f194cc5827f05a969960937e9993528ad030c32d64c7a8d95bcb8ad1bb27a_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:cb78249fdad4f2cff00011a9863f40f0749c2f3b4093a322f9590008e62c06c6_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:f09e73392f894fd4f9c38595e617dd4eebabb698d8e1ad0f3ac4e080c37b1f12_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:42223f3fb6d55d6d9155f110b90323965eaf68263d51c485114784a651be8e5e_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:50230e9829718254fc51d844e0305978b694354bda4b798fb5066ca3c182d323_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:79590fd5063ffa0245d96cec02dc4ce257244a431e213ecbe38462e86536b859_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:fd9b30d940cdc8b281fa4a46e8a22f946571e7e72695fef9cfa02c4337e74dc0_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:62f04228cf7e9abc40efbd69b6dcd0b6d421834b520753194105010cc35e810c_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:10f88bb7c978c24555def7bf4d7fd35dba3d1b5ffdc32fde359b175fc8d8b34e_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:7e46ef2e749e3896a86af16744c1c3542ff8a6d0467793af27aedb0fdbc9ee4a_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:a9f8b40acd19609ee9c9bc85a4f2cdec9aa4c8c786b62ad94e33c8ea451de961_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:ebff04a36feae157572fdd32ce2cc045c504b850c0b9f471d381676da314dd97_arm64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages. Security Bulletin https://access.redhat.com/security/vulnerabilities/RHSB-2023-003
7.5 (High)
Affected products
Fixed
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:8e62859531fcb8dd6b054a76c4bc95b62ff62bcbe69fe18f132689a203168bc8_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:92ab2dde35f2f59c3a8ce7b8b12f5703a7a214e83ca5cc13673d0c8ad373f02e_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:caeeb679701abcbb9612b77ef0975575cf31c96b74bfc06553d61140a3f52bb7_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:cd9a57aad90fdec4fef3b0f9b31df96c12bd7fe97cad90f9a1de79e6b0af4bbb_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:42223f3fb6d55d6d9155f110b90323965eaf68263d51c485114784a651be8e5e_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:50230e9829718254fc51d844e0305978b694354bda4b798fb5066ca3c182d323_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:79590fd5063ffa0245d96cec02dc4ce257244a431e213ecbe38462e86536b859_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:fd9b30d940cdc8b281fa4a46e8a22f946571e7e72695fef9cfa02c4337e74dc0_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
55 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:02c4a20e1f2b0678afe4ea0757933ce581ef66e6b189622aea7dc0fa91e6c18c_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:556e2c39c0eebd2e8a4d361d40221fa8cf0e9bf7db66dcf2bd2f32576240d94b_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:64d3a93c2adbca869845ea59edfbef2675658bd15fd22dfc1681b57809d3269c_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:a697fe3d581606f0da267205636c94e0dd7076fdf562fe9d4f0332ec0267f880_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:f8553bf9f5a75c089cdf5a26f8853e6f4488c19ef2a8dc1e0ebc96e4aab0384f_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:369d45c783651c6e07dfd721fa43025800b263da8e1fdbbc75b296686426e840_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:26f58db9cb18dfe0eb7a3478a7bb86c87efabe32d98dcf74bc34226a09ea6f0e_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:938ac92e58ab4fd377219899c6f3c25f41a58260f078e44b371d91964083d96a_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:c67b4fadb575fc60d60cc3307da75f2fa3e5c4760e572072308a506e4e271ab1_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:ce5fc5a37453626de4bcb9a05d3849ef7da0722bfc8f0fecfc1f693cf6b5deff_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:2a87c3b6888c57d813169da3ae06aa5bcac1ac916cdc62da3c492928d8eab187_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:34a393916466f1d4544cbe4d75936147c4bfc4e0246bee0faebc5c285f26d30d_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:358c663dbc3c6b0ee31a4b2665c79ff7b826ba6b72c21db62d186a6da09b04c4_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:7a9678d49d25ec0afbcab3c98a3d26d2eeda04a0ece3a833d91dde818f0dde22_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:b822207e2e70c989cf98d9e5a810e85034a8a1fd2130451e525ce4a804dd1727_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:ec56cae824197805c3287f57854343d2d26caa0b192a009c966d28c32f0d0d92_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:fc638d1f8ff0f079ea1f5cfa3a9938dc06374ca4e6cd24f92ba62b7d03fd6963_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:ff509532db6b7e2d3a44fac2cf9b63687aa8bfbaab46d7a5f9d58be192475818_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:149d75b8f4f523c86122176935c63b96305f6eb308e74eea9fa6651c8e75d239_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:3038086e3dbfab1e3070cdeeb7968e863ab4b1012d161ed263e93b153ae2223b_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:816908f1ac923336e8e3b87129af40271bde545e12b3385186425038f1b14991_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:e489da61d05557fba2718fd3e75b7ba50c51c173f43088334db7f3c993748711_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:0958ffa84bed51e99177837ac672324e5a8c1b20535d8110a3bbabe3f952073e_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:0c4ea44d09b21a915c3ecc17c9a50ba22d71ed06b0cc4ba1d8bfbe1ced426e47_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:20b6b6aef51ef6cabe133e53dcc1d6665ff8fae0fab4d56ecd6998ca88554773_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:57b608727de6a22f2c39c138d184b4d2e9a1e62b2206fbcab290aeef2802e520_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:1646d63e4b9fa7d45f8fc9d1e8cec3cccbed9ba850f3ac07dc75b18f416c580f_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:94471501cf396d9d298e9dfee95ed7496e0ec8767eb80bab0ea809cb4e16b878_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:a2bd4a83b30b2b9e88e8581784e3e901d564d576ba3a58824cd203779ccc9e80_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:b442de2cb36a3a26b3d8b32d953d83d01c4cd5b659f974e1f781fbb5aaef5977_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:1cac7ceee19cd185658324643c9a81d055d22aa238a28986c76594153c79b422_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:4f8f194cc5827f05a969960937e9993528ad030c32d64c7a8d95bcb8ad1bb27a_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:cb78249fdad4f2cff00011a9863f40f0749c2f3b4093a322f9590008e62c06c6_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:f09e73392f894fd4f9c38595e617dd4eebabb698d8e1ad0f3ac4e080c37b1f12_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:47df30d450dbc2b26cf828f2208832ddcba75719cef9486d047e4b2bfb2c61a8_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:aea6196bddef8110c0d9282d6e84a7e8cdee066fab8ba3607dacb8425b458819_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:af7c029f15eacd2b65a99271538c68d9b2dcd5c25dbfabadd0e9f8bb2911d827_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:f4558c73e630c043e8ffebd92bfbc805d13a644b19e5e43d35979b7942225b98_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:62f04228cf7e9abc40efbd69b6dcd0b6d421834b520753194105010cc35e810c_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:260731d610f37fa0072760f09d460d04fd3a1359d24a2218918412bc1a93947b_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:347cb504d7b382c241a238d1fffc91b5905121c4fe6c976356c46909161b9ced_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:c5c0c41173e8c288341859dda8e9c982fba297e2e6c616b953a04ea4280f8caa_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:c5e123a5c5d637ff9fb0327c03351e46f14b0d774b484fd045d51df058550d3d_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:1da817a84816082f56d2f3bea2f4a680b8e8cc4fe7ff95e311b44e1b5f1f5f0a_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:a40f0f1402d912aa12329e0ee3f4d8084337a376f72f1e0b5e45a4dac44ac848_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:ea81838d5b7a63e28ad7e20113253a701063d8d723137681bf11afd801c69f6f_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:f7c8b8251566fadb3396dfee110b6995e9d2ca27614a3b51f148f78fe5b51b50_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:01d2e3c8016742d49a9fe1cf7d62c6826dfc8f805babdc4c32e1407c3c8ae6c2_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:5b8bc65ad9760c2bcabac5ebf72f2a256271a4c1173871742bf8f817c6ce0478_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:b76cb34507d54f963da41744b614b83bb7cc031942e7252452c3b299dcc0f530_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:e9fc83b6a9a40c2af4dd8a8454d8ca9e3a3bb96fdb290427d3a0c9cb753e91f4_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:10f88bb7c978c24555def7bf4d7fd35dba3d1b5ffdc32fde359b175fc8d8b34e_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:7e46ef2e749e3896a86af16744c1c3542ff8a6d0467793af27aedb0fdbc9ee4a_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:a9f8b40acd19609ee9c9bc85a4f2cdec9aa4c8c786b62ad94e33c8ea451de961_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:ebff04a36feae157572fdd32ce2cc045c504b850c0b9f471d381676da314dd97_arm64 | — |
Workaround
|
Threats
Exploit Status
CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Impact
Important
References
50 references
Acknowledgments
Kokorin Vsevolod
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Logging Subsystem 5.6.12 - Red Hat OpenShift\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Logging Subsystem 5.6.12 - Red Hat OpenShift\n\nSecurity Fix(es):\n\n* golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-39325)\n\n* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)\n\nNOTE: A Red Hat Security Bulletin which addresses further details about this flaw is available in the References section.\n\n* tough-cookie: prototype pollution in cookie memstore (CVE-2023-26136)\n\n* golang: net/http: insufficient sanitization of Host header (CVE-2023-29406)\n\n* golang: crypto/tls: slow verification of certificate chains containing large RSA keys (CVE-2023-29409)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:5541",
"url": "https://access.redhat.com/errata/RHSA-2023:5541"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "2219310",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2219310"
},
{
"category": "external",
"summary": "2222167",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2222167"
},
{
"category": "external",
"summary": "2228743",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2228743"
},
{
"category": "external",
"summary": "2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "external",
"summary": "LOG-4570",
"url": "https://issues.redhat.com/browse/LOG-4570"
},
{
"category": "external",
"summary": "LOG-4579",
"url": "https://issues.redhat.com/browse/LOG-4579"
},
{
"category": "external",
"summary": "LOG-4687",
"url": "https://issues.redhat.com/browse/LOG-4687"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_5541.json"
}
],
"title": "Red Hat Security Advisory: Logging Subsystem 5.6.12 - Red Hat OpenShift security update",
"tracking": {
"current_release_date": "2026-06-05T13:07:47+00:00",
"generator": {
"date": "2026-06-05T13:07:47+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.2"
}
},
"id": "RHSA-2023:5541",
"initial_release_date": "2023-10-20T04:11:50+00:00",
"revision_history": [
{
"date": "2023-10-20T04:11:50+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-10-20T04:11:50+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-05T13:07:47+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHOL 5.6 for RHEL 8",
"product": {
"name": "RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:logging:5.6::el8"
}
}
}
],
"category": "product_family",
"name": "logging for Red Hat OpenShift"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:556e2c39c0eebd2e8a4d361d40221fa8cf0e9bf7db66dcf2bd2f32576240d94b_amd64",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:556e2c39c0eebd2e8a4d361d40221fa8cf0e9bf7db66dcf2bd2f32576240d94b_amd64",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:556e2c39c0eebd2e8a4d361d40221fa8cf0e9bf7db66dcf2bd2f32576240d94b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:556e2c39c0eebd2e8a4d361d40221fa8cf0e9bf7db66dcf2bd2f32576240d94b?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.6.12-10"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:02c4a20e1f2b0678afe4ea0757933ce581ef66e6b189622aea7dc0fa91e6c18c_amd64",
"product": {
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:02c4a20e1f2b0678afe4ea0757933ce581ef66e6b189622aea7dc0fa91e6c18c_amd64",
"product_id": "openshift-logging/cluster-logging-operator-bundle@sha256:02c4a20e1f2b0678afe4ea0757933ce581ef66e6b189622aea7dc0fa91e6c18c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-operator-bundle@sha256:02c4a20e1f2b0678afe4ea0757933ce581ef66e6b189622aea7dc0fa91e6c18c?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-operator-bundle\u0026tag=v5.6.12-19"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:2a87c3b6888c57d813169da3ae06aa5bcac1ac916cdc62da3c492928d8eab187_amd64",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:2a87c3b6888c57d813169da3ae06aa5bcac1ac916cdc62da3c492928d8eab187_amd64",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:2a87c3b6888c57d813169da3ae06aa5bcac1ac916cdc62da3c492928d8eab187_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:2a87c3b6888c57d813169da3ae06aa5bcac1ac916cdc62da3c492928d8eab187?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.6.12-8"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:369d45c783651c6e07dfd721fa43025800b263da8e1fdbbc75b296686426e840_amd64",
"product": {
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:369d45c783651c6e07dfd721fa43025800b263da8e1fdbbc75b296686426e840_amd64",
"product_id": "openshift-logging/elasticsearch-operator-bundle@sha256:369d45c783651c6e07dfd721fa43025800b263da8e1fdbbc75b296686426e840_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-operator-bundle@sha256:369d45c783651c6e07dfd721fa43025800b263da8e1fdbbc75b296686426e840?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-operator-bundle\u0026tag=v5.6.12-21"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:c67b4fadb575fc60d60cc3307da75f2fa3e5c4760e572072308a506e4e271ab1_amd64",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:c67b4fadb575fc60d60cc3307da75f2fa3e5c4760e572072308a506e4e271ab1_amd64",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:c67b4fadb575fc60d60cc3307da75f2fa3e5c4760e572072308a506e4e271ab1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:c67b4fadb575fc60d60cc3307da75f2fa3e5c4760e572072308a506e4e271ab1?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-438"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:94471501cf396d9d298e9dfee95ed7496e0ec8767eb80bab0ea809cb4e16b878_amd64",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:94471501cf396d9d298e9dfee95ed7496e0ec8767eb80bab0ea809cb4e16b878_amd64",
"product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:94471501cf396d9d298e9dfee95ed7496e0ec8767eb80bab0ea809cb4e16b878_amd64",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:94471501cf396d9d298e9dfee95ed7496e0ec8767eb80bab0ea809cb4e16b878?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.1.0-176"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel8@sha256:1cac7ceee19cd185658324643c9a81d055d22aa238a28986c76594153c79b422_amd64",
"product": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:1cac7ceee19cd185658324643c9a81d055d22aa238a28986c76594153c79b422_amd64",
"product_id": "openshift-logging/logging-curator5-rhel8@sha256:1cac7ceee19cd185658324643c9a81d055d22aa238a28986c76594153c79b422_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel8@sha256:1cac7ceee19cd185658324643c9a81d055d22aa238a28986c76594153c79b422?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-420"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:92ab2dde35f2f59c3a8ce7b8b12f5703a7a214e83ca5cc13673d0c8ad373f02e_amd64",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:92ab2dde35f2f59c3a8ce7b8b12f5703a7a214e83ca5cc13673d0c8ad373f02e_amd64",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:92ab2dde35f2f59c3a8ce7b8b12f5703a7a214e83ca5cc13673d0c8ad373f02e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:92ab2dde35f2f59c3a8ce7b8b12f5703a7a214e83ca5cc13673d0c8ad373f02e?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-370"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:ff509532db6b7e2d3a44fac2cf9b63687aa8bfbaab46d7a5f9d58be192475818_amd64",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:ff509532db6b7e2d3a44fac2cf9b63687aa8bfbaab46d7a5f9d58be192475818_amd64",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:ff509532db6b7e2d3a44fac2cf9b63687aa8bfbaab46d7a5f9d58be192475818_amd64",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:ff509532db6b7e2d3a44fac2cf9b63687aa8bfbaab46d7a5f9d58be192475818?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.4.0-190"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:149d75b8f4f523c86122176935c63b96305f6eb308e74eea9fa6651c8e75d239_amd64",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:149d75b8f4f523c86122176935c63b96305f6eb308e74eea9fa6651c8e75d239_amd64",
"product_id": "openshift-logging/fluentd-rhel8@sha256:149d75b8f4f523c86122176935c63b96305f6eb308e74eea9fa6651c8e75d239_amd64",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:149d75b8f4f523c86122176935c63b96305f6eb308e74eea9fa6651c8e75d239?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.14.6-192"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:57b608727de6a22f2c39c138d184b4d2e9a1e62b2206fbcab290aeef2802e520_amd64",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:57b608727de6a22f2c39c138d184b4d2e9a1e62b2206fbcab290aeef2802e520_amd64",
"product_id": "openshift-logging/kibana6-rhel8@sha256:57b608727de6a22f2c39c138d184b4d2e9a1e62b2206fbcab290aeef2802e520_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:57b608727de6a22f2c39c138d184b4d2e9a1e62b2206fbcab290aeef2802e520?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-400"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-loki-rhel8@sha256:47df30d450dbc2b26cf828f2208832ddcba75719cef9486d047e4b2bfb2c61a8_amd64",
"product": {
"name": "openshift-logging/logging-loki-rhel8@sha256:47df30d450dbc2b26cf828f2208832ddcba75719cef9486d047e4b2bfb2c61a8_amd64",
"product_id": "openshift-logging/logging-loki-rhel8@sha256:47df30d450dbc2b26cf828f2208832ddcba75719cef9486d047e4b2bfb2c61a8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel8@sha256:47df30d450dbc2b26cf828f2208832ddcba75719cef9486d047e4b2bfb2c61a8?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel8\u0026tag=v2.9.2-2"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/vector-rhel8@sha256:a9f8b40acd19609ee9c9bc85a4f2cdec9aa4c8c786b62ad94e33c8ea451de961_amd64",
"product": {
"name": "openshift-logging/vector-rhel8@sha256:a9f8b40acd19609ee9c9bc85a4f2cdec9aa4c8c786b62ad94e33c8ea451de961_amd64",
"product_id": "openshift-logging/vector-rhel8@sha256:a9f8b40acd19609ee9c9bc85a4f2cdec9aa4c8c786b62ad94e33c8ea451de961_amd64",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel8@sha256:a9f8b40acd19609ee9c9bc85a4f2cdec9aa4c8c786b62ad94e33c8ea451de961?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel8\u0026tag=v0.21.0-113"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:fd9b30d940cdc8b281fa4a46e8a22f946571e7e72695fef9cfa02c4337e74dc0_amd64",
"product": {
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:fd9b30d940cdc8b281fa4a46e8a22f946571e7e72695fef9cfa02c4337e74dc0_amd64",
"product_id": "openshift-logging/logging-view-plugin-rhel8@sha256:fd9b30d940cdc8b281fa4a46e8a22f946571e7e72695fef9cfa02c4337e74dc0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logging-view-plugin-rhel8@sha256:fd9b30d940cdc8b281fa4a46e8a22f946571e7e72695fef9cfa02c4337e74dc0?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/logging-view-plugin-rhel8\u0026tag=v5.6.12-8"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/loki-operator-bundle@sha256:62f04228cf7e9abc40efbd69b6dcd0b6d421834b520753194105010cc35e810c_amd64",
"product": {
"name": "openshift-logging/loki-operator-bundle@sha256:62f04228cf7e9abc40efbd69b6dcd0b6d421834b520753194105010cc35e810c_amd64",
"product_id": "openshift-logging/loki-operator-bundle@sha256:62f04228cf7e9abc40efbd69b6dcd0b6d421834b520753194105010cc35e810c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/loki-operator-bundle@sha256:62f04228cf7e9abc40efbd69b6dcd0b6d421834b520753194105010cc35e810c?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/loki-operator-bundle\u0026tag=v5.6.12-22"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/loki-rhel8-operator@sha256:347cb504d7b382c241a238d1fffc91b5905121c4fe6c976356c46909161b9ced_amd64",
"product": {
"name": "openshift-logging/loki-rhel8-operator@sha256:347cb504d7b382c241a238d1fffc91b5905121c4fe6c976356c46909161b9ced_amd64",
"product_id": "openshift-logging/loki-rhel8-operator@sha256:347cb504d7b382c241a238d1fffc91b5905121c4fe6c976356c46909161b9ced_amd64",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel8-operator@sha256:347cb504d7b382c241a238d1fffc91b5905121c4fe6c976356c46909161b9ced?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel8-operator\u0026tag=v5.6.12-10"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:ea81838d5b7a63e28ad7e20113253a701063d8d723137681bf11afd801c69f6f_amd64",
"product": {
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:ea81838d5b7a63e28ad7e20113253a701063d8d723137681bf11afd801c69f6f_amd64",
"product_id": "openshift-logging/lokistack-gateway-rhel8@sha256:ea81838d5b7a63e28ad7e20113253a701063d8d723137681bf11afd801c69f6f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel8@sha256:ea81838d5b7a63e28ad7e20113253a701063d8d723137681bf11afd801c69f6f?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel8\u0026tag=v0.1.0-357"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/opa-openshift-rhel8@sha256:01d2e3c8016742d49a9fe1cf7d62c6826dfc8f805babdc4c32e1407c3c8ae6c2_amd64",
"product": {
"name": "openshift-logging/opa-openshift-rhel8@sha256:01d2e3c8016742d49a9fe1cf7d62c6826dfc8f805babdc4c32e1407c3c8ae6c2_amd64",
"product_id": "openshift-logging/opa-openshift-rhel8@sha256:01d2e3c8016742d49a9fe1cf7d62c6826dfc8f805babdc4c32e1407c3c8ae6c2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel8@sha256:01d2e3c8016742d49a9fe1cf7d62c6826dfc8f805babdc4c32e1407c3c8ae6c2?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel8\u0026tag=v0.1.0-163"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:f8553bf9f5a75c089cdf5a26f8853e6f4488c19ef2a8dc1e0ebc96e4aab0384f_ppc64le",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:f8553bf9f5a75c089cdf5a26f8853e6f4488c19ef2a8dc1e0ebc96e4aab0384f_ppc64le",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:f8553bf9f5a75c089cdf5a26f8853e6f4488c19ef2a8dc1e0ebc96e4aab0384f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:f8553bf9f5a75c089cdf5a26f8853e6f4488c19ef2a8dc1e0ebc96e4aab0384f?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.6.12-10"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:358c663dbc3c6b0ee31a4b2665c79ff7b826ba6b72c21db62d186a6da09b04c4_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:358c663dbc3c6b0ee31a4b2665c79ff7b826ba6b72c21db62d186a6da09b04c4_ppc64le",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:358c663dbc3c6b0ee31a4b2665c79ff7b826ba6b72c21db62d186a6da09b04c4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:358c663dbc3c6b0ee31a4b2665c79ff7b826ba6b72c21db62d186a6da09b04c4?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.6.12-8"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:26f58db9cb18dfe0eb7a3478a7bb86c87efabe32d98dcf74bc34226a09ea6f0e_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:26f58db9cb18dfe0eb7a3478a7bb86c87efabe32d98dcf74bc34226a09ea6f0e_ppc64le",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:26f58db9cb18dfe0eb7a3478a7bb86c87efabe32d98dcf74bc34226a09ea6f0e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:26f58db9cb18dfe0eb7a3478a7bb86c87efabe32d98dcf74bc34226a09ea6f0e?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-438"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:a2bd4a83b30b2b9e88e8581784e3e901d564d576ba3a58824cd203779ccc9e80_ppc64le",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:a2bd4a83b30b2b9e88e8581784e3e901d564d576ba3a58824cd203779ccc9e80_ppc64le",
"product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:a2bd4a83b30b2b9e88e8581784e3e901d564d576ba3a58824cd203779ccc9e80_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:a2bd4a83b30b2b9e88e8581784e3e901d564d576ba3a58824cd203779ccc9e80?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.1.0-176"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel8@sha256:cb78249fdad4f2cff00011a9863f40f0749c2f3b4093a322f9590008e62c06c6_ppc64le",
"product": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:cb78249fdad4f2cff00011a9863f40f0749c2f3b4093a322f9590008e62c06c6_ppc64le",
"product_id": "openshift-logging/logging-curator5-rhel8@sha256:cb78249fdad4f2cff00011a9863f40f0749c2f3b4093a322f9590008e62c06c6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel8@sha256:cb78249fdad4f2cff00011a9863f40f0749c2f3b4093a322f9590008e62c06c6?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-420"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:caeeb679701abcbb9612b77ef0975575cf31c96b74bfc06553d61140a3f52bb7_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:caeeb679701abcbb9612b77ef0975575cf31c96b74bfc06553d61140a3f52bb7_ppc64le",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:caeeb679701abcbb9612b77ef0975575cf31c96b74bfc06553d61140a3f52bb7_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:caeeb679701abcbb9612b77ef0975575cf31c96b74bfc06553d61140a3f52bb7?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-370"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:ec56cae824197805c3287f57854343d2d26caa0b192a009c966d28c32f0d0d92_ppc64le",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:ec56cae824197805c3287f57854343d2d26caa0b192a009c966d28c32f0d0d92_ppc64le",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:ec56cae824197805c3287f57854343d2d26caa0b192a009c966d28c32f0d0d92_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:ec56cae824197805c3287f57854343d2d26caa0b192a009c966d28c32f0d0d92?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.4.0-190"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:e489da61d05557fba2718fd3e75b7ba50c51c173f43088334db7f3c993748711_ppc64le",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:e489da61d05557fba2718fd3e75b7ba50c51c173f43088334db7f3c993748711_ppc64le",
"product_id": "openshift-logging/fluentd-rhel8@sha256:e489da61d05557fba2718fd3e75b7ba50c51c173f43088334db7f3c993748711_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:e489da61d05557fba2718fd3e75b7ba50c51c173f43088334db7f3c993748711?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.14.6-192"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:0958ffa84bed51e99177837ac672324e5a8c1b20535d8110a3bbabe3f952073e_ppc64le",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:0958ffa84bed51e99177837ac672324e5a8c1b20535d8110a3bbabe3f952073e_ppc64le",
"product_id": "openshift-logging/kibana6-rhel8@sha256:0958ffa84bed51e99177837ac672324e5a8c1b20535d8110a3bbabe3f952073e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:0958ffa84bed51e99177837ac672324e5a8c1b20535d8110a3bbabe3f952073e?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-400"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-loki-rhel8@sha256:aea6196bddef8110c0d9282d6e84a7e8cdee066fab8ba3607dacb8425b458819_ppc64le",
"product": {
"name": "openshift-logging/logging-loki-rhel8@sha256:aea6196bddef8110c0d9282d6e84a7e8cdee066fab8ba3607dacb8425b458819_ppc64le",
"product_id": "openshift-logging/logging-loki-rhel8@sha256:aea6196bddef8110c0d9282d6e84a7e8cdee066fab8ba3607dacb8425b458819_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel8@sha256:aea6196bddef8110c0d9282d6e84a7e8cdee066fab8ba3607dacb8425b458819?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel8\u0026tag=v2.9.2-2"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/vector-rhel8@sha256:10f88bb7c978c24555def7bf4d7fd35dba3d1b5ffdc32fde359b175fc8d8b34e_ppc64le",
"product": {
"name": "openshift-logging/vector-rhel8@sha256:10f88bb7c978c24555def7bf4d7fd35dba3d1b5ffdc32fde359b175fc8d8b34e_ppc64le",
"product_id": "openshift-logging/vector-rhel8@sha256:10f88bb7c978c24555def7bf4d7fd35dba3d1b5ffdc32fde359b175fc8d8b34e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel8@sha256:10f88bb7c978c24555def7bf4d7fd35dba3d1b5ffdc32fde359b175fc8d8b34e?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel8\u0026tag=v0.21.0-113"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:42223f3fb6d55d6d9155f110b90323965eaf68263d51c485114784a651be8e5e_ppc64le",
"product": {
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:42223f3fb6d55d6d9155f110b90323965eaf68263d51c485114784a651be8e5e_ppc64le",
"product_id": "openshift-logging/logging-view-plugin-rhel8@sha256:42223f3fb6d55d6d9155f110b90323965eaf68263d51c485114784a651be8e5e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logging-view-plugin-rhel8@sha256:42223f3fb6d55d6d9155f110b90323965eaf68263d51c485114784a651be8e5e?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/logging-view-plugin-rhel8\u0026tag=v5.6.12-8"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/loki-rhel8-operator@sha256:c5c0c41173e8c288341859dda8e9c982fba297e2e6c616b953a04ea4280f8caa_ppc64le",
"product": {
"name": "openshift-logging/loki-rhel8-operator@sha256:c5c0c41173e8c288341859dda8e9c982fba297e2e6c616b953a04ea4280f8caa_ppc64le",
"product_id": "openshift-logging/loki-rhel8-operator@sha256:c5c0c41173e8c288341859dda8e9c982fba297e2e6c616b953a04ea4280f8caa_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel8-operator@sha256:c5c0c41173e8c288341859dda8e9c982fba297e2e6c616b953a04ea4280f8caa?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel8-operator\u0026tag=v5.6.12-10"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:f7c8b8251566fadb3396dfee110b6995e9d2ca27614a3b51f148f78fe5b51b50_ppc64le",
"product": {
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:f7c8b8251566fadb3396dfee110b6995e9d2ca27614a3b51f148f78fe5b51b50_ppc64le",
"product_id": "openshift-logging/lokistack-gateway-rhel8@sha256:f7c8b8251566fadb3396dfee110b6995e9d2ca27614a3b51f148f78fe5b51b50_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel8@sha256:f7c8b8251566fadb3396dfee110b6995e9d2ca27614a3b51f148f78fe5b51b50?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel8\u0026tag=v0.1.0-357"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/opa-openshift-rhel8@sha256:5b8bc65ad9760c2bcabac5ebf72f2a256271a4c1173871742bf8f817c6ce0478_ppc64le",
"product": {
"name": "openshift-logging/opa-openshift-rhel8@sha256:5b8bc65ad9760c2bcabac5ebf72f2a256271a4c1173871742bf8f817c6ce0478_ppc64le",
"product_id": "openshift-logging/opa-openshift-rhel8@sha256:5b8bc65ad9760c2bcabac5ebf72f2a256271a4c1173871742bf8f817c6ce0478_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel8@sha256:5b8bc65ad9760c2bcabac5ebf72f2a256271a4c1173871742bf8f817c6ce0478?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel8\u0026tag=v0.1.0-163"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:a697fe3d581606f0da267205636c94e0dd7076fdf562fe9d4f0332ec0267f880_s390x",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:a697fe3d581606f0da267205636c94e0dd7076fdf562fe9d4f0332ec0267f880_s390x",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:a697fe3d581606f0da267205636c94e0dd7076fdf562fe9d4f0332ec0267f880_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:a697fe3d581606f0da267205636c94e0dd7076fdf562fe9d4f0332ec0267f880?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.6.12-10"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:7a9678d49d25ec0afbcab3c98a3d26d2eeda04a0ece3a833d91dde818f0dde22_s390x",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:7a9678d49d25ec0afbcab3c98a3d26d2eeda04a0ece3a833d91dde818f0dde22_s390x",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:7a9678d49d25ec0afbcab3c98a3d26d2eeda04a0ece3a833d91dde818f0dde22_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:7a9678d49d25ec0afbcab3c98a3d26d2eeda04a0ece3a833d91dde818f0dde22?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.6.12-8"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:938ac92e58ab4fd377219899c6f3c25f41a58260f078e44b371d91964083d96a_s390x",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:938ac92e58ab4fd377219899c6f3c25f41a58260f078e44b371d91964083d96a_s390x",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:938ac92e58ab4fd377219899c6f3c25f41a58260f078e44b371d91964083d96a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:938ac92e58ab4fd377219899c6f3c25f41a58260f078e44b371d91964083d96a?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-438"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:1646d63e4b9fa7d45f8fc9d1e8cec3cccbed9ba850f3ac07dc75b18f416c580f_s390x",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:1646d63e4b9fa7d45f8fc9d1e8cec3cccbed9ba850f3ac07dc75b18f416c580f_s390x",
"product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:1646d63e4b9fa7d45f8fc9d1e8cec3cccbed9ba850f3ac07dc75b18f416c580f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:1646d63e4b9fa7d45f8fc9d1e8cec3cccbed9ba850f3ac07dc75b18f416c580f?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.1.0-176"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel8@sha256:f09e73392f894fd4f9c38595e617dd4eebabb698d8e1ad0f3ac4e080c37b1f12_s390x",
"product": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:f09e73392f894fd4f9c38595e617dd4eebabb698d8e1ad0f3ac4e080c37b1f12_s390x",
"product_id": "openshift-logging/logging-curator5-rhel8@sha256:f09e73392f894fd4f9c38595e617dd4eebabb698d8e1ad0f3ac4e080c37b1f12_s390x",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel8@sha256:f09e73392f894fd4f9c38595e617dd4eebabb698d8e1ad0f3ac4e080c37b1f12?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-420"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:8e62859531fcb8dd6b054a76c4bc95b62ff62bcbe69fe18f132689a203168bc8_s390x",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:8e62859531fcb8dd6b054a76c4bc95b62ff62bcbe69fe18f132689a203168bc8_s390x",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:8e62859531fcb8dd6b054a76c4bc95b62ff62bcbe69fe18f132689a203168bc8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:8e62859531fcb8dd6b054a76c4bc95b62ff62bcbe69fe18f132689a203168bc8?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-370"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:b822207e2e70c989cf98d9e5a810e85034a8a1fd2130451e525ce4a804dd1727_s390x",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:b822207e2e70c989cf98d9e5a810e85034a8a1fd2130451e525ce4a804dd1727_s390x",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:b822207e2e70c989cf98d9e5a810e85034a8a1fd2130451e525ce4a804dd1727_s390x",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:b822207e2e70c989cf98d9e5a810e85034a8a1fd2130451e525ce4a804dd1727?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.4.0-190"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:3038086e3dbfab1e3070cdeeb7968e863ab4b1012d161ed263e93b153ae2223b_s390x",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:3038086e3dbfab1e3070cdeeb7968e863ab4b1012d161ed263e93b153ae2223b_s390x",
"product_id": "openshift-logging/fluentd-rhel8@sha256:3038086e3dbfab1e3070cdeeb7968e863ab4b1012d161ed263e93b153ae2223b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:3038086e3dbfab1e3070cdeeb7968e863ab4b1012d161ed263e93b153ae2223b?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.14.6-192"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:20b6b6aef51ef6cabe133e53dcc1d6665ff8fae0fab4d56ecd6998ca88554773_s390x",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:20b6b6aef51ef6cabe133e53dcc1d6665ff8fae0fab4d56ecd6998ca88554773_s390x",
"product_id": "openshift-logging/kibana6-rhel8@sha256:20b6b6aef51ef6cabe133e53dcc1d6665ff8fae0fab4d56ecd6998ca88554773_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:20b6b6aef51ef6cabe133e53dcc1d6665ff8fae0fab4d56ecd6998ca88554773?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-400"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-loki-rhel8@sha256:af7c029f15eacd2b65a99271538c68d9b2dcd5c25dbfabadd0e9f8bb2911d827_s390x",
"product": {
"name": "openshift-logging/logging-loki-rhel8@sha256:af7c029f15eacd2b65a99271538c68d9b2dcd5c25dbfabadd0e9f8bb2911d827_s390x",
"product_id": "openshift-logging/logging-loki-rhel8@sha256:af7c029f15eacd2b65a99271538c68d9b2dcd5c25dbfabadd0e9f8bb2911d827_s390x",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel8@sha256:af7c029f15eacd2b65a99271538c68d9b2dcd5c25dbfabadd0e9f8bb2911d827?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel8\u0026tag=v2.9.2-2"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/vector-rhel8@sha256:7e46ef2e749e3896a86af16744c1c3542ff8a6d0467793af27aedb0fdbc9ee4a_s390x",
"product": {
"name": "openshift-logging/vector-rhel8@sha256:7e46ef2e749e3896a86af16744c1c3542ff8a6d0467793af27aedb0fdbc9ee4a_s390x",
"product_id": "openshift-logging/vector-rhel8@sha256:7e46ef2e749e3896a86af16744c1c3542ff8a6d0467793af27aedb0fdbc9ee4a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel8@sha256:7e46ef2e749e3896a86af16744c1c3542ff8a6d0467793af27aedb0fdbc9ee4a?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel8\u0026tag=v0.21.0-113"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:50230e9829718254fc51d844e0305978b694354bda4b798fb5066ca3c182d323_s390x",
"product": {
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:50230e9829718254fc51d844e0305978b694354bda4b798fb5066ca3c182d323_s390x",
"product_id": "openshift-logging/logging-view-plugin-rhel8@sha256:50230e9829718254fc51d844e0305978b694354bda4b798fb5066ca3c182d323_s390x",
"product_identification_helper": {
"purl": "pkg:oci/logging-view-plugin-rhel8@sha256:50230e9829718254fc51d844e0305978b694354bda4b798fb5066ca3c182d323?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/logging-view-plugin-rhel8\u0026tag=v5.6.12-8"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/loki-rhel8-operator@sha256:c5e123a5c5d637ff9fb0327c03351e46f14b0d774b484fd045d51df058550d3d_s390x",
"product": {
"name": "openshift-logging/loki-rhel8-operator@sha256:c5e123a5c5d637ff9fb0327c03351e46f14b0d774b484fd045d51df058550d3d_s390x",
"product_id": "openshift-logging/loki-rhel8-operator@sha256:c5e123a5c5d637ff9fb0327c03351e46f14b0d774b484fd045d51df058550d3d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel8-operator@sha256:c5e123a5c5d637ff9fb0327c03351e46f14b0d774b484fd045d51df058550d3d?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel8-operator\u0026tag=v5.6.12-10"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:1da817a84816082f56d2f3bea2f4a680b8e8cc4fe7ff95e311b44e1b5f1f5f0a_s390x",
"product": {
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:1da817a84816082f56d2f3bea2f4a680b8e8cc4fe7ff95e311b44e1b5f1f5f0a_s390x",
"product_id": "openshift-logging/lokistack-gateway-rhel8@sha256:1da817a84816082f56d2f3bea2f4a680b8e8cc4fe7ff95e311b44e1b5f1f5f0a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel8@sha256:1da817a84816082f56d2f3bea2f4a680b8e8cc4fe7ff95e311b44e1b5f1f5f0a?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel8\u0026tag=v0.1.0-357"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/opa-openshift-rhel8@sha256:b76cb34507d54f963da41744b614b83bb7cc031942e7252452c3b299dcc0f530_s390x",
"product": {
"name": "openshift-logging/opa-openshift-rhel8@sha256:b76cb34507d54f963da41744b614b83bb7cc031942e7252452c3b299dcc0f530_s390x",
"product_id": "openshift-logging/opa-openshift-rhel8@sha256:b76cb34507d54f963da41744b614b83bb7cc031942e7252452c3b299dcc0f530_s390x",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel8@sha256:b76cb34507d54f963da41744b614b83bb7cc031942e7252452c3b299dcc0f530?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel8\u0026tag=v0.1.0-163"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:64d3a93c2adbca869845ea59edfbef2675658bd15fd22dfc1681b57809d3269c_arm64",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:64d3a93c2adbca869845ea59edfbef2675658bd15fd22dfc1681b57809d3269c_arm64",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:64d3a93c2adbca869845ea59edfbef2675658bd15fd22dfc1681b57809d3269c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:64d3a93c2adbca869845ea59edfbef2675658bd15fd22dfc1681b57809d3269c?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.6.12-10"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:34a393916466f1d4544cbe4d75936147c4bfc4e0246bee0faebc5c285f26d30d_arm64",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:34a393916466f1d4544cbe4d75936147c4bfc4e0246bee0faebc5c285f26d30d_arm64",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:34a393916466f1d4544cbe4d75936147c4bfc4e0246bee0faebc5c285f26d30d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:34a393916466f1d4544cbe4d75936147c4bfc4e0246bee0faebc5c285f26d30d?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.6.12-8"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:ce5fc5a37453626de4bcb9a05d3849ef7da0722bfc8f0fecfc1f693cf6b5deff_arm64",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:ce5fc5a37453626de4bcb9a05d3849ef7da0722bfc8f0fecfc1f693cf6b5deff_arm64",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:ce5fc5a37453626de4bcb9a05d3849ef7da0722bfc8f0fecfc1f693cf6b5deff_arm64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:ce5fc5a37453626de4bcb9a05d3849ef7da0722bfc8f0fecfc1f693cf6b5deff?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-438"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:b442de2cb36a3a26b3d8b32d953d83d01c4cd5b659f974e1f781fbb5aaef5977_arm64",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:b442de2cb36a3a26b3d8b32d953d83d01c4cd5b659f974e1f781fbb5aaef5977_arm64",
"product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:b442de2cb36a3a26b3d8b32d953d83d01c4cd5b659f974e1f781fbb5aaef5977_arm64",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:b442de2cb36a3a26b3d8b32d953d83d01c4cd5b659f974e1f781fbb5aaef5977?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.1.0-176"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel8@sha256:4f8f194cc5827f05a969960937e9993528ad030c32d64c7a8d95bcb8ad1bb27a_arm64",
"product": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:4f8f194cc5827f05a969960937e9993528ad030c32d64c7a8d95bcb8ad1bb27a_arm64",
"product_id": "openshift-logging/logging-curator5-rhel8@sha256:4f8f194cc5827f05a969960937e9993528ad030c32d64c7a8d95bcb8ad1bb27a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel8@sha256:4f8f194cc5827f05a969960937e9993528ad030c32d64c7a8d95bcb8ad1bb27a?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-420"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:cd9a57aad90fdec4fef3b0f9b31df96c12bd7fe97cad90f9a1de79e6b0af4bbb_arm64",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:cd9a57aad90fdec4fef3b0f9b31df96c12bd7fe97cad90f9a1de79e6b0af4bbb_arm64",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:cd9a57aad90fdec4fef3b0f9b31df96c12bd7fe97cad90f9a1de79e6b0af4bbb_arm64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:cd9a57aad90fdec4fef3b0f9b31df96c12bd7fe97cad90f9a1de79e6b0af4bbb?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-370"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:fc638d1f8ff0f079ea1f5cfa3a9938dc06374ca4e6cd24f92ba62b7d03fd6963_arm64",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:fc638d1f8ff0f079ea1f5cfa3a9938dc06374ca4e6cd24f92ba62b7d03fd6963_arm64",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:fc638d1f8ff0f079ea1f5cfa3a9938dc06374ca4e6cd24f92ba62b7d03fd6963_arm64",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:fc638d1f8ff0f079ea1f5cfa3a9938dc06374ca4e6cd24f92ba62b7d03fd6963?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.4.0-190"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:816908f1ac923336e8e3b87129af40271bde545e12b3385186425038f1b14991_arm64",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:816908f1ac923336e8e3b87129af40271bde545e12b3385186425038f1b14991_arm64",
"product_id": "openshift-logging/fluentd-rhel8@sha256:816908f1ac923336e8e3b87129af40271bde545e12b3385186425038f1b14991_arm64",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:816908f1ac923336e8e3b87129af40271bde545e12b3385186425038f1b14991?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.14.6-192"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:0c4ea44d09b21a915c3ecc17c9a50ba22d71ed06b0cc4ba1d8bfbe1ced426e47_arm64",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:0c4ea44d09b21a915c3ecc17c9a50ba22d71ed06b0cc4ba1d8bfbe1ced426e47_arm64",
"product_id": "openshift-logging/kibana6-rhel8@sha256:0c4ea44d09b21a915c3ecc17c9a50ba22d71ed06b0cc4ba1d8bfbe1ced426e47_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:0c4ea44d09b21a915c3ecc17c9a50ba22d71ed06b0cc4ba1d8bfbe1ced426e47?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-400"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-loki-rhel8@sha256:f4558c73e630c043e8ffebd92bfbc805d13a644b19e5e43d35979b7942225b98_arm64",
"product": {
"name": "openshift-logging/logging-loki-rhel8@sha256:f4558c73e630c043e8ffebd92bfbc805d13a644b19e5e43d35979b7942225b98_arm64",
"product_id": "openshift-logging/logging-loki-rhel8@sha256:f4558c73e630c043e8ffebd92bfbc805d13a644b19e5e43d35979b7942225b98_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel8@sha256:f4558c73e630c043e8ffebd92bfbc805d13a644b19e5e43d35979b7942225b98?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel8\u0026tag=v2.9.2-2"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/vector-rhel8@sha256:ebff04a36feae157572fdd32ce2cc045c504b850c0b9f471d381676da314dd97_arm64",
"product": {
"name": "openshift-logging/vector-rhel8@sha256:ebff04a36feae157572fdd32ce2cc045c504b850c0b9f471d381676da314dd97_arm64",
"product_id": "openshift-logging/vector-rhel8@sha256:ebff04a36feae157572fdd32ce2cc045c504b850c0b9f471d381676da314dd97_arm64",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel8@sha256:ebff04a36feae157572fdd32ce2cc045c504b850c0b9f471d381676da314dd97?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel8\u0026tag=v0.21.0-113"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:79590fd5063ffa0245d96cec02dc4ce257244a431e213ecbe38462e86536b859_arm64",
"product": {
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:79590fd5063ffa0245d96cec02dc4ce257244a431e213ecbe38462e86536b859_arm64",
"product_id": "openshift-logging/logging-view-plugin-rhel8@sha256:79590fd5063ffa0245d96cec02dc4ce257244a431e213ecbe38462e86536b859_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logging-view-plugin-rhel8@sha256:79590fd5063ffa0245d96cec02dc4ce257244a431e213ecbe38462e86536b859?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/logging-view-plugin-rhel8\u0026tag=v5.6.12-8"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/loki-rhel8-operator@sha256:260731d610f37fa0072760f09d460d04fd3a1359d24a2218918412bc1a93947b_arm64",
"product": {
"name": "openshift-logging/loki-rhel8-operator@sha256:260731d610f37fa0072760f09d460d04fd3a1359d24a2218918412bc1a93947b_arm64",
"product_id": "openshift-logging/loki-rhel8-operator@sha256:260731d610f37fa0072760f09d460d04fd3a1359d24a2218918412bc1a93947b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel8-operator@sha256:260731d610f37fa0072760f09d460d04fd3a1359d24a2218918412bc1a93947b?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel8-operator\u0026tag=v5.6.12-10"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:a40f0f1402d912aa12329e0ee3f4d8084337a376f72f1e0b5e45a4dac44ac848_arm64",
"product": {
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:a40f0f1402d912aa12329e0ee3f4d8084337a376f72f1e0b5e45a4dac44ac848_arm64",
"product_id": "openshift-logging/lokistack-gateway-rhel8@sha256:a40f0f1402d912aa12329e0ee3f4d8084337a376f72f1e0b5e45a4dac44ac848_arm64",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel8@sha256:a40f0f1402d912aa12329e0ee3f4d8084337a376f72f1e0b5e45a4dac44ac848?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel8\u0026tag=v0.1.0-357"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/opa-openshift-rhel8@sha256:e9fc83b6a9a40c2af4dd8a8454d8ca9e3a3bb96fdb290427d3a0c9cb753e91f4_arm64",
"product": {
"name": "openshift-logging/opa-openshift-rhel8@sha256:e9fc83b6a9a40c2af4dd8a8454d8ca9e3a3bb96fdb290427d3a0c9cb753e91f4_arm64",
"product_id": "openshift-logging/opa-openshift-rhel8@sha256:e9fc83b6a9a40c2af4dd8a8454d8ca9e3a3bb96fdb290427d3a0c9cb753e91f4_arm64",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel8@sha256:e9fc83b6a9a40c2af4dd8a8454d8ca9e3a3bb96fdb290427d3a0c9cb753e91f4?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel8\u0026tag=v0.1.0-163"
}
}
}
],
"category": "architecture",
"name": "arm64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:02c4a20e1f2b0678afe4ea0757933ce581ef66e6b189622aea7dc0fa91e6c18c_amd64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:02c4a20e1f2b0678afe4ea0757933ce581ef66e6b189622aea7dc0fa91e6c18c_amd64"
},
"product_reference": "openshift-logging/cluster-logging-operator-bundle@sha256:02c4a20e1f2b0678afe4ea0757933ce581ef66e6b189622aea7dc0fa91e6c18c_amd64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:556e2c39c0eebd2e8a4d361d40221fa8cf0e9bf7db66dcf2bd2f32576240d94b_amd64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:556e2c39c0eebd2e8a4d361d40221fa8cf0e9bf7db66dcf2bd2f32576240d94b_amd64"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:556e2c39c0eebd2e8a4d361d40221fa8cf0e9bf7db66dcf2bd2f32576240d94b_amd64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:64d3a93c2adbca869845ea59edfbef2675658bd15fd22dfc1681b57809d3269c_arm64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:64d3a93c2adbca869845ea59edfbef2675658bd15fd22dfc1681b57809d3269c_arm64"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:64d3a93c2adbca869845ea59edfbef2675658bd15fd22dfc1681b57809d3269c_arm64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:a697fe3d581606f0da267205636c94e0dd7076fdf562fe9d4f0332ec0267f880_s390x as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:a697fe3d581606f0da267205636c94e0dd7076fdf562fe9d4f0332ec0267f880_s390x"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:a697fe3d581606f0da267205636c94e0dd7076fdf562fe9d4f0332ec0267f880_s390x",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:f8553bf9f5a75c089cdf5a26f8853e6f4488c19ef2a8dc1e0ebc96e4aab0384f_ppc64le as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:f8553bf9f5a75c089cdf5a26f8853e6f4488c19ef2a8dc1e0ebc96e4aab0384f_ppc64le"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:f8553bf9f5a75c089cdf5a26f8853e6f4488c19ef2a8dc1e0ebc96e4aab0384f_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:369d45c783651c6e07dfd721fa43025800b263da8e1fdbbc75b296686426e840_amd64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:369d45c783651c6e07dfd721fa43025800b263da8e1fdbbc75b296686426e840_amd64"
},
"product_reference": "openshift-logging/elasticsearch-operator-bundle@sha256:369d45c783651c6e07dfd721fa43025800b263da8e1fdbbc75b296686426e840_amd64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:26f58db9cb18dfe0eb7a3478a7bb86c87efabe32d98dcf74bc34226a09ea6f0e_ppc64le as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:26f58db9cb18dfe0eb7a3478a7bb86c87efabe32d98dcf74bc34226a09ea6f0e_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:26f58db9cb18dfe0eb7a3478a7bb86c87efabe32d98dcf74bc34226a09ea6f0e_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:938ac92e58ab4fd377219899c6f3c25f41a58260f078e44b371d91964083d96a_s390x as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:938ac92e58ab4fd377219899c6f3c25f41a58260f078e44b371d91964083d96a_s390x"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:938ac92e58ab4fd377219899c6f3c25f41a58260f078e44b371d91964083d96a_s390x",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:c67b4fadb575fc60d60cc3307da75f2fa3e5c4760e572072308a506e4e271ab1_amd64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:c67b4fadb575fc60d60cc3307da75f2fa3e5c4760e572072308a506e4e271ab1_amd64"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:c67b4fadb575fc60d60cc3307da75f2fa3e5c4760e572072308a506e4e271ab1_amd64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:ce5fc5a37453626de4bcb9a05d3849ef7da0722bfc8f0fecfc1f693cf6b5deff_arm64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:ce5fc5a37453626de4bcb9a05d3849ef7da0722bfc8f0fecfc1f693cf6b5deff_arm64"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:ce5fc5a37453626de4bcb9a05d3849ef7da0722bfc8f0fecfc1f693cf6b5deff_arm64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:2a87c3b6888c57d813169da3ae06aa5bcac1ac916cdc62da3c492928d8eab187_amd64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:2a87c3b6888c57d813169da3ae06aa5bcac1ac916cdc62da3c492928d8eab187_amd64"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:2a87c3b6888c57d813169da3ae06aa5bcac1ac916cdc62da3c492928d8eab187_amd64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:34a393916466f1d4544cbe4d75936147c4bfc4e0246bee0faebc5c285f26d30d_arm64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:34a393916466f1d4544cbe4d75936147c4bfc4e0246bee0faebc5c285f26d30d_arm64"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:34a393916466f1d4544cbe4d75936147c4bfc4e0246bee0faebc5c285f26d30d_arm64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:358c663dbc3c6b0ee31a4b2665c79ff7b826ba6b72c21db62d186a6da09b04c4_ppc64le as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:358c663dbc3c6b0ee31a4b2665c79ff7b826ba6b72c21db62d186a6da09b04c4_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:358c663dbc3c6b0ee31a4b2665c79ff7b826ba6b72c21db62d186a6da09b04c4_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:7a9678d49d25ec0afbcab3c98a3d26d2eeda04a0ece3a833d91dde818f0dde22_s390x as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:7a9678d49d25ec0afbcab3c98a3d26d2eeda04a0ece3a833d91dde818f0dde22_s390x"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:7a9678d49d25ec0afbcab3c98a3d26d2eeda04a0ece3a833d91dde818f0dde22_s390x",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:8e62859531fcb8dd6b054a76c4bc95b62ff62bcbe69fe18f132689a203168bc8_s390x as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:8e62859531fcb8dd6b054a76c4bc95b62ff62bcbe69fe18f132689a203168bc8_s390x"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:8e62859531fcb8dd6b054a76c4bc95b62ff62bcbe69fe18f132689a203168bc8_s390x",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:92ab2dde35f2f59c3a8ce7b8b12f5703a7a214e83ca5cc13673d0c8ad373f02e_amd64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:92ab2dde35f2f59c3a8ce7b8b12f5703a7a214e83ca5cc13673d0c8ad373f02e_amd64"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:92ab2dde35f2f59c3a8ce7b8b12f5703a7a214e83ca5cc13673d0c8ad373f02e_amd64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:caeeb679701abcbb9612b77ef0975575cf31c96b74bfc06553d61140a3f52bb7_ppc64le as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:caeeb679701abcbb9612b77ef0975575cf31c96b74bfc06553d61140a3f52bb7_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:caeeb679701abcbb9612b77ef0975575cf31c96b74bfc06553d61140a3f52bb7_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:cd9a57aad90fdec4fef3b0f9b31df96c12bd7fe97cad90f9a1de79e6b0af4bbb_arm64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:cd9a57aad90fdec4fef3b0f9b31df96c12bd7fe97cad90f9a1de79e6b0af4bbb_arm64"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:cd9a57aad90fdec4fef3b0f9b31df96c12bd7fe97cad90f9a1de79e6b0af4bbb_arm64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:b822207e2e70c989cf98d9e5a810e85034a8a1fd2130451e525ce4a804dd1727_s390x as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:b822207e2e70c989cf98d9e5a810e85034a8a1fd2130451e525ce4a804dd1727_s390x"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:b822207e2e70c989cf98d9e5a810e85034a8a1fd2130451e525ce4a804dd1727_s390x",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:ec56cae824197805c3287f57854343d2d26caa0b192a009c966d28c32f0d0d92_ppc64le as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:ec56cae824197805c3287f57854343d2d26caa0b192a009c966d28c32f0d0d92_ppc64le"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:ec56cae824197805c3287f57854343d2d26caa0b192a009c966d28c32f0d0d92_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:fc638d1f8ff0f079ea1f5cfa3a9938dc06374ca4e6cd24f92ba62b7d03fd6963_arm64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:fc638d1f8ff0f079ea1f5cfa3a9938dc06374ca4e6cd24f92ba62b7d03fd6963_arm64"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:fc638d1f8ff0f079ea1f5cfa3a9938dc06374ca4e6cd24f92ba62b7d03fd6963_arm64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:ff509532db6b7e2d3a44fac2cf9b63687aa8bfbaab46d7a5f9d58be192475818_amd64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:ff509532db6b7e2d3a44fac2cf9b63687aa8bfbaab46d7a5f9d58be192475818_amd64"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:ff509532db6b7e2d3a44fac2cf9b63687aa8bfbaab46d7a5f9d58be192475818_amd64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:149d75b8f4f523c86122176935c63b96305f6eb308e74eea9fa6651c8e75d239_amd64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:149d75b8f4f523c86122176935c63b96305f6eb308e74eea9fa6651c8e75d239_amd64"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:149d75b8f4f523c86122176935c63b96305f6eb308e74eea9fa6651c8e75d239_amd64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:3038086e3dbfab1e3070cdeeb7968e863ab4b1012d161ed263e93b153ae2223b_s390x as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:3038086e3dbfab1e3070cdeeb7968e863ab4b1012d161ed263e93b153ae2223b_s390x"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:3038086e3dbfab1e3070cdeeb7968e863ab4b1012d161ed263e93b153ae2223b_s390x",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:816908f1ac923336e8e3b87129af40271bde545e12b3385186425038f1b14991_arm64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:816908f1ac923336e8e3b87129af40271bde545e12b3385186425038f1b14991_arm64"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:816908f1ac923336e8e3b87129af40271bde545e12b3385186425038f1b14991_arm64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:e489da61d05557fba2718fd3e75b7ba50c51c173f43088334db7f3c993748711_ppc64le as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:e489da61d05557fba2718fd3e75b7ba50c51c173f43088334db7f3c993748711_ppc64le"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:e489da61d05557fba2718fd3e75b7ba50c51c173f43088334db7f3c993748711_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:0958ffa84bed51e99177837ac672324e5a8c1b20535d8110a3bbabe3f952073e_ppc64le as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:0958ffa84bed51e99177837ac672324e5a8c1b20535d8110a3bbabe3f952073e_ppc64le"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:0958ffa84bed51e99177837ac672324e5a8c1b20535d8110a3bbabe3f952073e_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:0c4ea44d09b21a915c3ecc17c9a50ba22d71ed06b0cc4ba1d8bfbe1ced426e47_arm64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:0c4ea44d09b21a915c3ecc17c9a50ba22d71ed06b0cc4ba1d8bfbe1ced426e47_arm64"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:0c4ea44d09b21a915c3ecc17c9a50ba22d71ed06b0cc4ba1d8bfbe1ced426e47_arm64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:20b6b6aef51ef6cabe133e53dcc1d6665ff8fae0fab4d56ecd6998ca88554773_s390x as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:20b6b6aef51ef6cabe133e53dcc1d6665ff8fae0fab4d56ecd6998ca88554773_s390x"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:20b6b6aef51ef6cabe133e53dcc1d6665ff8fae0fab4d56ecd6998ca88554773_s390x",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:57b608727de6a22f2c39c138d184b4d2e9a1e62b2206fbcab290aeef2802e520_amd64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:57b608727de6a22f2c39c138d184b4d2e9a1e62b2206fbcab290aeef2802e520_amd64"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:57b608727de6a22f2c39c138d184b4d2e9a1e62b2206fbcab290aeef2802e520_amd64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:1646d63e4b9fa7d45f8fc9d1e8cec3cccbed9ba850f3ac07dc75b18f416c580f_s390x as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:1646d63e4b9fa7d45f8fc9d1e8cec3cccbed9ba850f3ac07dc75b18f416c580f_s390x"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:1646d63e4b9fa7d45f8fc9d1e8cec3cccbed9ba850f3ac07dc75b18f416c580f_s390x",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:94471501cf396d9d298e9dfee95ed7496e0ec8767eb80bab0ea809cb4e16b878_amd64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:94471501cf396d9d298e9dfee95ed7496e0ec8767eb80bab0ea809cb4e16b878_amd64"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:94471501cf396d9d298e9dfee95ed7496e0ec8767eb80bab0ea809cb4e16b878_amd64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:a2bd4a83b30b2b9e88e8581784e3e901d564d576ba3a58824cd203779ccc9e80_ppc64le as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:a2bd4a83b30b2b9e88e8581784e3e901d564d576ba3a58824cd203779ccc9e80_ppc64le"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:a2bd4a83b30b2b9e88e8581784e3e901d564d576ba3a58824cd203779ccc9e80_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:b442de2cb36a3a26b3d8b32d953d83d01c4cd5b659f974e1f781fbb5aaef5977_arm64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:b442de2cb36a3a26b3d8b32d953d83d01c4cd5b659f974e1f781fbb5aaef5977_arm64"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:b442de2cb36a3a26b3d8b32d953d83d01c4cd5b659f974e1f781fbb5aaef5977_arm64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:1cac7ceee19cd185658324643c9a81d055d22aa238a28986c76594153c79b422_amd64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:1cac7ceee19cd185658324643c9a81d055d22aa238a28986c76594153c79b422_amd64"
},
"product_reference": "openshift-logging/logging-curator5-rhel8@sha256:1cac7ceee19cd185658324643c9a81d055d22aa238a28986c76594153c79b422_amd64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:4f8f194cc5827f05a969960937e9993528ad030c32d64c7a8d95bcb8ad1bb27a_arm64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:4f8f194cc5827f05a969960937e9993528ad030c32d64c7a8d95bcb8ad1bb27a_arm64"
},
"product_reference": "openshift-logging/logging-curator5-rhel8@sha256:4f8f194cc5827f05a969960937e9993528ad030c32d64c7a8d95bcb8ad1bb27a_arm64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:cb78249fdad4f2cff00011a9863f40f0749c2f3b4093a322f9590008e62c06c6_ppc64le as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:cb78249fdad4f2cff00011a9863f40f0749c2f3b4093a322f9590008e62c06c6_ppc64le"
},
"product_reference": "openshift-logging/logging-curator5-rhel8@sha256:cb78249fdad4f2cff00011a9863f40f0749c2f3b4093a322f9590008e62c06c6_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:f09e73392f894fd4f9c38595e617dd4eebabb698d8e1ad0f3ac4e080c37b1f12_s390x as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:f09e73392f894fd4f9c38595e617dd4eebabb698d8e1ad0f3ac4e080c37b1f12_s390x"
},
"product_reference": "openshift-logging/logging-curator5-rhel8@sha256:f09e73392f894fd4f9c38595e617dd4eebabb698d8e1ad0f3ac4e080c37b1f12_s390x",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-loki-rhel8@sha256:47df30d450dbc2b26cf828f2208832ddcba75719cef9486d047e4b2bfb2c61a8_amd64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:47df30d450dbc2b26cf828f2208832ddcba75719cef9486d047e4b2bfb2c61a8_amd64"
},
"product_reference": "openshift-logging/logging-loki-rhel8@sha256:47df30d450dbc2b26cf828f2208832ddcba75719cef9486d047e4b2bfb2c61a8_amd64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-loki-rhel8@sha256:aea6196bddef8110c0d9282d6e84a7e8cdee066fab8ba3607dacb8425b458819_ppc64le as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:aea6196bddef8110c0d9282d6e84a7e8cdee066fab8ba3607dacb8425b458819_ppc64le"
},
"product_reference": "openshift-logging/logging-loki-rhel8@sha256:aea6196bddef8110c0d9282d6e84a7e8cdee066fab8ba3607dacb8425b458819_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-loki-rhel8@sha256:af7c029f15eacd2b65a99271538c68d9b2dcd5c25dbfabadd0e9f8bb2911d827_s390x as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:af7c029f15eacd2b65a99271538c68d9b2dcd5c25dbfabadd0e9f8bb2911d827_s390x"
},
"product_reference": "openshift-logging/logging-loki-rhel8@sha256:af7c029f15eacd2b65a99271538c68d9b2dcd5c25dbfabadd0e9f8bb2911d827_s390x",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-loki-rhel8@sha256:f4558c73e630c043e8ffebd92bfbc805d13a644b19e5e43d35979b7942225b98_arm64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:f4558c73e630c043e8ffebd92bfbc805d13a644b19e5e43d35979b7942225b98_arm64"
},
"product_reference": "openshift-logging/logging-loki-rhel8@sha256:f4558c73e630c043e8ffebd92bfbc805d13a644b19e5e43d35979b7942225b98_arm64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:42223f3fb6d55d6d9155f110b90323965eaf68263d51c485114784a651be8e5e_ppc64le as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:42223f3fb6d55d6d9155f110b90323965eaf68263d51c485114784a651be8e5e_ppc64le"
},
"product_reference": "openshift-logging/logging-view-plugin-rhel8@sha256:42223f3fb6d55d6d9155f110b90323965eaf68263d51c485114784a651be8e5e_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:50230e9829718254fc51d844e0305978b694354bda4b798fb5066ca3c182d323_s390x as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:50230e9829718254fc51d844e0305978b694354bda4b798fb5066ca3c182d323_s390x"
},
"product_reference": "openshift-logging/logging-view-plugin-rhel8@sha256:50230e9829718254fc51d844e0305978b694354bda4b798fb5066ca3c182d323_s390x",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:79590fd5063ffa0245d96cec02dc4ce257244a431e213ecbe38462e86536b859_arm64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:79590fd5063ffa0245d96cec02dc4ce257244a431e213ecbe38462e86536b859_arm64"
},
"product_reference": "openshift-logging/logging-view-plugin-rhel8@sha256:79590fd5063ffa0245d96cec02dc4ce257244a431e213ecbe38462e86536b859_arm64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:fd9b30d940cdc8b281fa4a46e8a22f946571e7e72695fef9cfa02c4337e74dc0_amd64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:fd9b30d940cdc8b281fa4a46e8a22f946571e7e72695fef9cfa02c4337e74dc0_amd64"
},
"product_reference": "openshift-logging/logging-view-plugin-rhel8@sha256:fd9b30d940cdc8b281fa4a46e8a22f946571e7e72695fef9cfa02c4337e74dc0_amd64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/loki-operator-bundle@sha256:62f04228cf7e9abc40efbd69b6dcd0b6d421834b520753194105010cc35e810c_amd64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:62f04228cf7e9abc40efbd69b6dcd0b6d421834b520753194105010cc35e810c_amd64"
},
"product_reference": "openshift-logging/loki-operator-bundle@sha256:62f04228cf7e9abc40efbd69b6dcd0b6d421834b520753194105010cc35e810c_amd64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/loki-rhel8-operator@sha256:260731d610f37fa0072760f09d460d04fd3a1359d24a2218918412bc1a93947b_arm64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:260731d610f37fa0072760f09d460d04fd3a1359d24a2218918412bc1a93947b_arm64"
},
"product_reference": "openshift-logging/loki-rhel8-operator@sha256:260731d610f37fa0072760f09d460d04fd3a1359d24a2218918412bc1a93947b_arm64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/loki-rhel8-operator@sha256:347cb504d7b382c241a238d1fffc91b5905121c4fe6c976356c46909161b9ced_amd64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:347cb504d7b382c241a238d1fffc91b5905121c4fe6c976356c46909161b9ced_amd64"
},
"product_reference": "openshift-logging/loki-rhel8-operator@sha256:347cb504d7b382c241a238d1fffc91b5905121c4fe6c976356c46909161b9ced_amd64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/loki-rhel8-operator@sha256:c5c0c41173e8c288341859dda8e9c982fba297e2e6c616b953a04ea4280f8caa_ppc64le as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:c5c0c41173e8c288341859dda8e9c982fba297e2e6c616b953a04ea4280f8caa_ppc64le"
},
"product_reference": "openshift-logging/loki-rhel8-operator@sha256:c5c0c41173e8c288341859dda8e9c982fba297e2e6c616b953a04ea4280f8caa_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/loki-rhel8-operator@sha256:c5e123a5c5d637ff9fb0327c03351e46f14b0d774b484fd045d51df058550d3d_s390x as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:c5e123a5c5d637ff9fb0327c03351e46f14b0d774b484fd045d51df058550d3d_s390x"
},
"product_reference": "openshift-logging/loki-rhel8-operator@sha256:c5e123a5c5d637ff9fb0327c03351e46f14b0d774b484fd045d51df058550d3d_s390x",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:1da817a84816082f56d2f3bea2f4a680b8e8cc4fe7ff95e311b44e1b5f1f5f0a_s390x as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:1da817a84816082f56d2f3bea2f4a680b8e8cc4fe7ff95e311b44e1b5f1f5f0a_s390x"
},
"product_reference": "openshift-logging/lokistack-gateway-rhel8@sha256:1da817a84816082f56d2f3bea2f4a680b8e8cc4fe7ff95e311b44e1b5f1f5f0a_s390x",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:a40f0f1402d912aa12329e0ee3f4d8084337a376f72f1e0b5e45a4dac44ac848_arm64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:a40f0f1402d912aa12329e0ee3f4d8084337a376f72f1e0b5e45a4dac44ac848_arm64"
},
"product_reference": "openshift-logging/lokistack-gateway-rhel8@sha256:a40f0f1402d912aa12329e0ee3f4d8084337a376f72f1e0b5e45a4dac44ac848_arm64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:ea81838d5b7a63e28ad7e20113253a701063d8d723137681bf11afd801c69f6f_amd64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:ea81838d5b7a63e28ad7e20113253a701063d8d723137681bf11afd801c69f6f_amd64"
},
"product_reference": "openshift-logging/lokistack-gateway-rhel8@sha256:ea81838d5b7a63e28ad7e20113253a701063d8d723137681bf11afd801c69f6f_amd64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:f7c8b8251566fadb3396dfee110b6995e9d2ca27614a3b51f148f78fe5b51b50_ppc64le as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:f7c8b8251566fadb3396dfee110b6995e9d2ca27614a3b51f148f78fe5b51b50_ppc64le"
},
"product_reference": "openshift-logging/lokistack-gateway-rhel8@sha256:f7c8b8251566fadb3396dfee110b6995e9d2ca27614a3b51f148f78fe5b51b50_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/opa-openshift-rhel8@sha256:01d2e3c8016742d49a9fe1cf7d62c6826dfc8f805babdc4c32e1407c3c8ae6c2_amd64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:01d2e3c8016742d49a9fe1cf7d62c6826dfc8f805babdc4c32e1407c3c8ae6c2_amd64"
},
"product_reference": "openshift-logging/opa-openshift-rhel8@sha256:01d2e3c8016742d49a9fe1cf7d62c6826dfc8f805babdc4c32e1407c3c8ae6c2_amd64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/opa-openshift-rhel8@sha256:5b8bc65ad9760c2bcabac5ebf72f2a256271a4c1173871742bf8f817c6ce0478_ppc64le as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:5b8bc65ad9760c2bcabac5ebf72f2a256271a4c1173871742bf8f817c6ce0478_ppc64le"
},
"product_reference": "openshift-logging/opa-openshift-rhel8@sha256:5b8bc65ad9760c2bcabac5ebf72f2a256271a4c1173871742bf8f817c6ce0478_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/opa-openshift-rhel8@sha256:b76cb34507d54f963da41744b614b83bb7cc031942e7252452c3b299dcc0f530_s390x as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:b76cb34507d54f963da41744b614b83bb7cc031942e7252452c3b299dcc0f530_s390x"
},
"product_reference": "openshift-logging/opa-openshift-rhel8@sha256:b76cb34507d54f963da41744b614b83bb7cc031942e7252452c3b299dcc0f530_s390x",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/opa-openshift-rhel8@sha256:e9fc83b6a9a40c2af4dd8a8454d8ca9e3a3bb96fdb290427d3a0c9cb753e91f4_arm64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:e9fc83b6a9a40c2af4dd8a8454d8ca9e3a3bb96fdb290427d3a0c9cb753e91f4_arm64"
},
"product_reference": "openshift-logging/opa-openshift-rhel8@sha256:e9fc83b6a9a40c2af4dd8a8454d8ca9e3a3bb96fdb290427d3a0c9cb753e91f4_arm64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/vector-rhel8@sha256:10f88bb7c978c24555def7bf4d7fd35dba3d1b5ffdc32fde359b175fc8d8b34e_ppc64le as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:10f88bb7c978c24555def7bf4d7fd35dba3d1b5ffdc32fde359b175fc8d8b34e_ppc64le"
},
"product_reference": "openshift-logging/vector-rhel8@sha256:10f88bb7c978c24555def7bf4d7fd35dba3d1b5ffdc32fde359b175fc8d8b34e_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/vector-rhel8@sha256:7e46ef2e749e3896a86af16744c1c3542ff8a6d0467793af27aedb0fdbc9ee4a_s390x as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:7e46ef2e749e3896a86af16744c1c3542ff8a6d0467793af27aedb0fdbc9ee4a_s390x"
},
"product_reference": "openshift-logging/vector-rhel8@sha256:7e46ef2e749e3896a86af16744c1c3542ff8a6d0467793af27aedb0fdbc9ee4a_s390x",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/vector-rhel8@sha256:a9f8b40acd19609ee9c9bc85a4f2cdec9aa4c8c786b62ad94e33c8ea451de961_amd64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:a9f8b40acd19609ee9c9bc85a4f2cdec9aa4c8c786b62ad94e33c8ea451de961_amd64"
},
"product_reference": "openshift-logging/vector-rhel8@sha256:a9f8b40acd19609ee9c9bc85a4f2cdec9aa4c8c786b62ad94e33c8ea451de961_amd64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/vector-rhel8@sha256:ebff04a36feae157572fdd32ce2cc045c504b850c0b9f471d381676da314dd97_arm64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:ebff04a36feae157572fdd32ce2cc045c504b850c0b9f471d381676da314dd97_arm64"
},
"product_reference": "openshift-logging/vector-rhel8@sha256:ebff04a36feae157572fdd32ce2cc045c504b850c0b9f471d381676da314dd97_arm64",
"relates_to_product_reference": "8Base-RHOL-5.6"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Kokorin Vsevolod"
]
}
],
"cve": "CVE-2023-26136",
"cwe": {
"id": "CWE-1321",
"name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
},
"discovery_date": "2023-07-03T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:02c4a20e1f2b0678afe4ea0757933ce581ef66e6b189622aea7dc0fa91e6c18c_amd64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:556e2c39c0eebd2e8a4d361d40221fa8cf0e9bf7db66dcf2bd2f32576240d94b_amd64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:64d3a93c2adbca869845ea59edfbef2675658bd15fd22dfc1681b57809d3269c_arm64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:a697fe3d581606f0da267205636c94e0dd7076fdf562fe9d4f0332ec0267f880_s390x",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:f8553bf9f5a75c089cdf5a26f8853e6f4488c19ef2a8dc1e0ebc96e4aab0384f_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:369d45c783651c6e07dfd721fa43025800b263da8e1fdbbc75b296686426e840_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:26f58db9cb18dfe0eb7a3478a7bb86c87efabe32d98dcf74bc34226a09ea6f0e_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:938ac92e58ab4fd377219899c6f3c25f41a58260f078e44b371d91964083d96a_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:c67b4fadb575fc60d60cc3307da75f2fa3e5c4760e572072308a506e4e271ab1_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:ce5fc5a37453626de4bcb9a05d3849ef7da0722bfc8f0fecfc1f693cf6b5deff_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:2a87c3b6888c57d813169da3ae06aa5bcac1ac916cdc62da3c492928d8eab187_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:34a393916466f1d4544cbe4d75936147c4bfc4e0246bee0faebc5c285f26d30d_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:358c663dbc3c6b0ee31a4b2665c79ff7b826ba6b72c21db62d186a6da09b04c4_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:7a9678d49d25ec0afbcab3c98a3d26d2eeda04a0ece3a833d91dde818f0dde22_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:8e62859531fcb8dd6b054a76c4bc95b62ff62bcbe69fe18f132689a203168bc8_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:92ab2dde35f2f59c3a8ce7b8b12f5703a7a214e83ca5cc13673d0c8ad373f02e_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:caeeb679701abcbb9612b77ef0975575cf31c96b74bfc06553d61140a3f52bb7_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:cd9a57aad90fdec4fef3b0f9b31df96c12bd7fe97cad90f9a1de79e6b0af4bbb_arm64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:b822207e2e70c989cf98d9e5a810e85034a8a1fd2130451e525ce4a804dd1727_s390x",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:ec56cae824197805c3287f57854343d2d26caa0b192a009c966d28c32f0d0d92_ppc64le",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:fc638d1f8ff0f079ea1f5cfa3a9938dc06374ca4e6cd24f92ba62b7d03fd6963_arm64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:ff509532db6b7e2d3a44fac2cf9b63687aa8bfbaab46d7a5f9d58be192475818_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:149d75b8f4f523c86122176935c63b96305f6eb308e74eea9fa6651c8e75d239_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:3038086e3dbfab1e3070cdeeb7968e863ab4b1012d161ed263e93b153ae2223b_s390x",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:816908f1ac923336e8e3b87129af40271bde545e12b3385186425038f1b14991_arm64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:e489da61d05557fba2718fd3e75b7ba50c51c173f43088334db7f3c993748711_ppc64le",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:0958ffa84bed51e99177837ac672324e5a8c1b20535d8110a3bbabe3f952073e_ppc64le",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:0c4ea44d09b21a915c3ecc17c9a50ba22d71ed06b0cc4ba1d8bfbe1ced426e47_arm64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:20b6b6aef51ef6cabe133e53dcc1d6665ff8fae0fab4d56ecd6998ca88554773_s390x",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:57b608727de6a22f2c39c138d184b4d2e9a1e62b2206fbcab290aeef2802e520_amd64",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:1646d63e4b9fa7d45f8fc9d1e8cec3cccbed9ba850f3ac07dc75b18f416c580f_s390x",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:94471501cf396d9d298e9dfee95ed7496e0ec8767eb80bab0ea809cb4e16b878_amd64",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:a2bd4a83b30b2b9e88e8581784e3e901d564d576ba3a58824cd203779ccc9e80_ppc64le",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:b442de2cb36a3a26b3d8b32d953d83d01c4cd5b659f974e1f781fbb5aaef5977_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:1cac7ceee19cd185658324643c9a81d055d22aa238a28986c76594153c79b422_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:4f8f194cc5827f05a969960937e9993528ad030c32d64c7a8d95bcb8ad1bb27a_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:cb78249fdad4f2cff00011a9863f40f0749c2f3b4093a322f9590008e62c06c6_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:f09e73392f894fd4f9c38595e617dd4eebabb698d8e1ad0f3ac4e080c37b1f12_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:47df30d450dbc2b26cf828f2208832ddcba75719cef9486d047e4b2bfb2c61a8_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:aea6196bddef8110c0d9282d6e84a7e8cdee066fab8ba3607dacb8425b458819_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:af7c029f15eacd2b65a99271538c68d9b2dcd5c25dbfabadd0e9f8bb2911d827_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:f4558c73e630c043e8ffebd92bfbc805d13a644b19e5e43d35979b7942225b98_arm64",
"8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:62f04228cf7e9abc40efbd69b6dcd0b6d421834b520753194105010cc35e810c_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:260731d610f37fa0072760f09d460d04fd3a1359d24a2218918412bc1a93947b_arm64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:347cb504d7b382c241a238d1fffc91b5905121c4fe6c976356c46909161b9ced_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:c5c0c41173e8c288341859dda8e9c982fba297e2e6c616b953a04ea4280f8caa_ppc64le",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:c5e123a5c5d637ff9fb0327c03351e46f14b0d774b484fd045d51df058550d3d_s390x",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:1da817a84816082f56d2f3bea2f4a680b8e8cc4fe7ff95e311b44e1b5f1f5f0a_s390x",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:a40f0f1402d912aa12329e0ee3f4d8084337a376f72f1e0b5e45a4dac44ac848_arm64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:ea81838d5b7a63e28ad7e20113253a701063d8d723137681bf11afd801c69f6f_amd64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:f7c8b8251566fadb3396dfee110b6995e9d2ca27614a3b51f148f78fe5b51b50_ppc64le",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:01d2e3c8016742d49a9fe1cf7d62c6826dfc8f805babdc4c32e1407c3c8ae6c2_amd64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:5b8bc65ad9760c2bcabac5ebf72f2a256271a4c1173871742bf8f817c6ce0478_ppc64le",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:b76cb34507d54f963da41744b614b83bb7cc031942e7252452c3b299dcc0f530_s390x",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:e9fc83b6a9a40c2af4dd8a8454d8ca9e3a3bb96fdb290427d3a0c9cb753e91f4_arm64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:10f88bb7c978c24555def7bf4d7fd35dba3d1b5ffdc32fde359b175fc8d8b34e_ppc64le",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:7e46ef2e749e3896a86af16744c1c3542ff8a6d0467793af27aedb0fdbc9ee4a_s390x",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:a9f8b40acd19609ee9c9bc85a4f2cdec9aa4c8c786b62ad94e33c8ea451de961_amd64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:ebff04a36feae157572fdd32ce2cc045c504b850c0b9f471d381676da314dd97_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2219310"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the tough-cookie package which allows Prototype Pollution due to improper handling of Cookies when using CookieJar in rejectPublicSuffixes=false mode. This issue arises from the manner in which the objects are initialized.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tough-cookie: prototype pollution in cookie memstore",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:42223f3fb6d55d6d9155f110b90323965eaf68263d51c485114784a651be8e5e_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:50230e9829718254fc51d844e0305978b694354bda4b798fb5066ca3c182d323_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:79590fd5063ffa0245d96cec02dc4ce257244a431e213ecbe38462e86536b859_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:fd9b30d940cdc8b281fa4a46e8a22f946571e7e72695fef9cfa02c4337e74dc0_amd64"
],
"known_not_affected": [
"8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:02c4a20e1f2b0678afe4ea0757933ce581ef66e6b189622aea7dc0fa91e6c18c_amd64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:556e2c39c0eebd2e8a4d361d40221fa8cf0e9bf7db66dcf2bd2f32576240d94b_amd64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:64d3a93c2adbca869845ea59edfbef2675658bd15fd22dfc1681b57809d3269c_arm64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:a697fe3d581606f0da267205636c94e0dd7076fdf562fe9d4f0332ec0267f880_s390x",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:f8553bf9f5a75c089cdf5a26f8853e6f4488c19ef2a8dc1e0ebc96e4aab0384f_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:369d45c783651c6e07dfd721fa43025800b263da8e1fdbbc75b296686426e840_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:26f58db9cb18dfe0eb7a3478a7bb86c87efabe32d98dcf74bc34226a09ea6f0e_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:938ac92e58ab4fd377219899c6f3c25f41a58260f078e44b371d91964083d96a_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:c67b4fadb575fc60d60cc3307da75f2fa3e5c4760e572072308a506e4e271ab1_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:ce5fc5a37453626de4bcb9a05d3849ef7da0722bfc8f0fecfc1f693cf6b5deff_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:2a87c3b6888c57d813169da3ae06aa5bcac1ac916cdc62da3c492928d8eab187_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:34a393916466f1d4544cbe4d75936147c4bfc4e0246bee0faebc5c285f26d30d_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:358c663dbc3c6b0ee31a4b2665c79ff7b826ba6b72c21db62d186a6da09b04c4_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:7a9678d49d25ec0afbcab3c98a3d26d2eeda04a0ece3a833d91dde818f0dde22_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:8e62859531fcb8dd6b054a76c4bc95b62ff62bcbe69fe18f132689a203168bc8_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:92ab2dde35f2f59c3a8ce7b8b12f5703a7a214e83ca5cc13673d0c8ad373f02e_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:caeeb679701abcbb9612b77ef0975575cf31c96b74bfc06553d61140a3f52bb7_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:cd9a57aad90fdec4fef3b0f9b31df96c12bd7fe97cad90f9a1de79e6b0af4bbb_arm64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:b822207e2e70c989cf98d9e5a810e85034a8a1fd2130451e525ce4a804dd1727_s390x",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:ec56cae824197805c3287f57854343d2d26caa0b192a009c966d28c32f0d0d92_ppc64le",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:fc638d1f8ff0f079ea1f5cfa3a9938dc06374ca4e6cd24f92ba62b7d03fd6963_arm64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:ff509532db6b7e2d3a44fac2cf9b63687aa8bfbaab46d7a5f9d58be192475818_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:149d75b8f4f523c86122176935c63b96305f6eb308e74eea9fa6651c8e75d239_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:3038086e3dbfab1e3070cdeeb7968e863ab4b1012d161ed263e93b153ae2223b_s390x",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:816908f1ac923336e8e3b87129af40271bde545e12b3385186425038f1b14991_arm64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:e489da61d05557fba2718fd3e75b7ba50c51c173f43088334db7f3c993748711_ppc64le",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:0958ffa84bed51e99177837ac672324e5a8c1b20535d8110a3bbabe3f952073e_ppc64le",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:0c4ea44d09b21a915c3ecc17c9a50ba22d71ed06b0cc4ba1d8bfbe1ced426e47_arm64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:20b6b6aef51ef6cabe133e53dcc1d6665ff8fae0fab4d56ecd6998ca88554773_s390x",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:57b608727de6a22f2c39c138d184b4d2e9a1e62b2206fbcab290aeef2802e520_amd64",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:1646d63e4b9fa7d45f8fc9d1e8cec3cccbed9ba850f3ac07dc75b18f416c580f_s390x",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:94471501cf396d9d298e9dfee95ed7496e0ec8767eb80bab0ea809cb4e16b878_amd64",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:a2bd4a83b30b2b9e88e8581784e3e901d564d576ba3a58824cd203779ccc9e80_ppc64le",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:b442de2cb36a3a26b3d8b32d953d83d01c4cd5b659f974e1f781fbb5aaef5977_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:1cac7ceee19cd185658324643c9a81d055d22aa238a28986c76594153c79b422_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:4f8f194cc5827f05a969960937e9993528ad030c32d64c7a8d95bcb8ad1bb27a_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:cb78249fdad4f2cff00011a9863f40f0749c2f3b4093a322f9590008e62c06c6_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:f09e73392f894fd4f9c38595e617dd4eebabb698d8e1ad0f3ac4e080c37b1f12_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:47df30d450dbc2b26cf828f2208832ddcba75719cef9486d047e4b2bfb2c61a8_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:aea6196bddef8110c0d9282d6e84a7e8cdee066fab8ba3607dacb8425b458819_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:af7c029f15eacd2b65a99271538c68d9b2dcd5c25dbfabadd0e9f8bb2911d827_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:f4558c73e630c043e8ffebd92bfbc805d13a644b19e5e43d35979b7942225b98_arm64",
"8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:62f04228cf7e9abc40efbd69b6dcd0b6d421834b520753194105010cc35e810c_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:260731d610f37fa0072760f09d460d04fd3a1359d24a2218918412bc1a93947b_arm64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:347cb504d7b382c241a238d1fffc91b5905121c4fe6c976356c46909161b9ced_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:c5c0c41173e8c288341859dda8e9c982fba297e2e6c616b953a04ea4280f8caa_ppc64le",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:c5e123a5c5d637ff9fb0327c03351e46f14b0d774b484fd045d51df058550d3d_s390x",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:1da817a84816082f56d2f3bea2f4a680b8e8cc4fe7ff95e311b44e1b5f1f5f0a_s390x",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:a40f0f1402d912aa12329e0ee3f4d8084337a376f72f1e0b5e45a4dac44ac848_arm64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:ea81838d5b7a63e28ad7e20113253a701063d8d723137681bf11afd801c69f6f_amd64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:f7c8b8251566fadb3396dfee110b6995e9d2ca27614a3b51f148f78fe5b51b50_ppc64le",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:01d2e3c8016742d49a9fe1cf7d62c6826dfc8f805babdc4c32e1407c3c8ae6c2_amd64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:5b8bc65ad9760c2bcabac5ebf72f2a256271a4c1173871742bf8f817c6ce0478_ppc64le",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:b76cb34507d54f963da41744b614b83bb7cc031942e7252452c3b299dcc0f530_s390x",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:e9fc83b6a9a40c2af4dd8a8454d8ca9e3a3bb96fdb290427d3a0c9cb753e91f4_arm64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:10f88bb7c978c24555def7bf4d7fd35dba3d1b5ffdc32fde359b175fc8d8b34e_ppc64le",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:7e46ef2e749e3896a86af16744c1c3542ff8a6d0467793af27aedb0fdbc9ee4a_s390x",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:a9f8b40acd19609ee9c9bc85a4f2cdec9aa4c8c786b62ad94e33c8ea451de961_amd64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:ebff04a36feae157572fdd32ce2cc045c504b850c0b9f471d381676da314dd97_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-26136"
},
{
"category": "external",
"summary": "RHBZ#2219310",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2219310"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-26136",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26136"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-26136",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-26136"
},
{
"category": "external",
"summary": "https://github.com/salesforce/tough-cookie/commit/12d474791bb856004e858fdb1c47b7608d09cf6e",
"url": "https://github.com/salesforce/tough-cookie/commit/12d474791bb856004e858fdb1c47b7608d09cf6e"
},
{
"category": "external",
"summary": "https://github.com/salesforce/tough-cookie/issues/282",
"url": "https://github.com/salesforce/tough-cookie/issues/282"
},
{
"category": "external",
"summary": "https://github.com/salesforce/tough-cookie/releases/tag/v4.1.3",
"url": "https://github.com/salesforce/tough-cookie/releases/tag/v4.1.3"
},
{
"category": "external",
"summary": "https://lists.debian.org/debian-lts-announce/2023/07/msg00010.html",
"url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00010.html"
},
{
"category": "external",
"summary": "https://security.snyk.io/vuln/SNYK-JS-TOUGHCOOKIE-5672873",
"url": "https://security.snyk.io/vuln/SNYK-JS-TOUGHCOOKIE-5672873"
}
],
"release_date": "2023-07-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-20T04:11:50+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:42223f3fb6d55d6d9155f110b90323965eaf68263d51c485114784a651be8e5e_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:50230e9829718254fc51d844e0305978b694354bda4b798fb5066ca3c182d323_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:79590fd5063ffa0245d96cec02dc4ce257244a431e213ecbe38462e86536b859_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:fd9b30d940cdc8b281fa4a46e8a22f946571e7e72695fef9cfa02c4337e74dc0_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:5541"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:02c4a20e1f2b0678afe4ea0757933ce581ef66e6b189622aea7dc0fa91e6c18c_amd64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:556e2c39c0eebd2e8a4d361d40221fa8cf0e9bf7db66dcf2bd2f32576240d94b_amd64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:64d3a93c2adbca869845ea59edfbef2675658bd15fd22dfc1681b57809d3269c_arm64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:a697fe3d581606f0da267205636c94e0dd7076fdf562fe9d4f0332ec0267f880_s390x",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:f8553bf9f5a75c089cdf5a26f8853e6f4488c19ef2a8dc1e0ebc96e4aab0384f_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:369d45c783651c6e07dfd721fa43025800b263da8e1fdbbc75b296686426e840_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:26f58db9cb18dfe0eb7a3478a7bb86c87efabe32d98dcf74bc34226a09ea6f0e_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:938ac92e58ab4fd377219899c6f3c25f41a58260f078e44b371d91964083d96a_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:c67b4fadb575fc60d60cc3307da75f2fa3e5c4760e572072308a506e4e271ab1_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:ce5fc5a37453626de4bcb9a05d3849ef7da0722bfc8f0fecfc1f693cf6b5deff_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:2a87c3b6888c57d813169da3ae06aa5bcac1ac916cdc62da3c492928d8eab187_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:34a393916466f1d4544cbe4d75936147c4bfc4e0246bee0faebc5c285f26d30d_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:358c663dbc3c6b0ee31a4b2665c79ff7b826ba6b72c21db62d186a6da09b04c4_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:7a9678d49d25ec0afbcab3c98a3d26d2eeda04a0ece3a833d91dde818f0dde22_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:8e62859531fcb8dd6b054a76c4bc95b62ff62bcbe69fe18f132689a203168bc8_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:92ab2dde35f2f59c3a8ce7b8b12f5703a7a214e83ca5cc13673d0c8ad373f02e_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:caeeb679701abcbb9612b77ef0975575cf31c96b74bfc06553d61140a3f52bb7_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:cd9a57aad90fdec4fef3b0f9b31df96c12bd7fe97cad90f9a1de79e6b0af4bbb_arm64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:b822207e2e70c989cf98d9e5a810e85034a8a1fd2130451e525ce4a804dd1727_s390x",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:ec56cae824197805c3287f57854343d2d26caa0b192a009c966d28c32f0d0d92_ppc64le",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:fc638d1f8ff0f079ea1f5cfa3a9938dc06374ca4e6cd24f92ba62b7d03fd6963_arm64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:ff509532db6b7e2d3a44fac2cf9b63687aa8bfbaab46d7a5f9d58be192475818_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:149d75b8f4f523c86122176935c63b96305f6eb308e74eea9fa6651c8e75d239_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:3038086e3dbfab1e3070cdeeb7968e863ab4b1012d161ed263e93b153ae2223b_s390x",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:816908f1ac923336e8e3b87129af40271bde545e12b3385186425038f1b14991_arm64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:e489da61d05557fba2718fd3e75b7ba50c51c173f43088334db7f3c993748711_ppc64le",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:0958ffa84bed51e99177837ac672324e5a8c1b20535d8110a3bbabe3f952073e_ppc64le",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:0c4ea44d09b21a915c3ecc17c9a50ba22d71ed06b0cc4ba1d8bfbe1ced426e47_arm64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:20b6b6aef51ef6cabe133e53dcc1d6665ff8fae0fab4d56ecd6998ca88554773_s390x",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:57b608727de6a22f2c39c138d184b4d2e9a1e62b2206fbcab290aeef2802e520_amd64",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:1646d63e4b9fa7d45f8fc9d1e8cec3cccbed9ba850f3ac07dc75b18f416c580f_s390x",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:94471501cf396d9d298e9dfee95ed7496e0ec8767eb80bab0ea809cb4e16b878_amd64",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:a2bd4a83b30b2b9e88e8581784e3e901d564d576ba3a58824cd203779ccc9e80_ppc64le",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:b442de2cb36a3a26b3d8b32d953d83d01c4cd5b659f974e1f781fbb5aaef5977_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:1cac7ceee19cd185658324643c9a81d055d22aa238a28986c76594153c79b422_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:4f8f194cc5827f05a969960937e9993528ad030c32d64c7a8d95bcb8ad1bb27a_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:cb78249fdad4f2cff00011a9863f40f0749c2f3b4093a322f9590008e62c06c6_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:f09e73392f894fd4f9c38595e617dd4eebabb698d8e1ad0f3ac4e080c37b1f12_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:47df30d450dbc2b26cf828f2208832ddcba75719cef9486d047e4b2bfb2c61a8_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:aea6196bddef8110c0d9282d6e84a7e8cdee066fab8ba3607dacb8425b458819_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:af7c029f15eacd2b65a99271538c68d9b2dcd5c25dbfabadd0e9f8bb2911d827_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:f4558c73e630c043e8ffebd92bfbc805d13a644b19e5e43d35979b7942225b98_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:42223f3fb6d55d6d9155f110b90323965eaf68263d51c485114784a651be8e5e_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:50230e9829718254fc51d844e0305978b694354bda4b798fb5066ca3c182d323_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:79590fd5063ffa0245d96cec02dc4ce257244a431e213ecbe38462e86536b859_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:fd9b30d940cdc8b281fa4a46e8a22f946571e7e72695fef9cfa02c4337e74dc0_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:62f04228cf7e9abc40efbd69b6dcd0b6d421834b520753194105010cc35e810c_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:260731d610f37fa0072760f09d460d04fd3a1359d24a2218918412bc1a93947b_arm64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:347cb504d7b382c241a238d1fffc91b5905121c4fe6c976356c46909161b9ced_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:c5c0c41173e8c288341859dda8e9c982fba297e2e6c616b953a04ea4280f8caa_ppc64le",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:c5e123a5c5d637ff9fb0327c03351e46f14b0d774b484fd045d51df058550d3d_s390x",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:1da817a84816082f56d2f3bea2f4a680b8e8cc4fe7ff95e311b44e1b5f1f5f0a_s390x",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:a40f0f1402d912aa12329e0ee3f4d8084337a376f72f1e0b5e45a4dac44ac848_arm64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:ea81838d5b7a63e28ad7e20113253a701063d8d723137681bf11afd801c69f6f_amd64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:f7c8b8251566fadb3396dfee110b6995e9d2ca27614a3b51f148f78fe5b51b50_ppc64le",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:01d2e3c8016742d49a9fe1cf7d62c6826dfc8f805babdc4c32e1407c3c8ae6c2_amd64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:5b8bc65ad9760c2bcabac5ebf72f2a256271a4c1173871742bf8f817c6ce0478_ppc64le",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:b76cb34507d54f963da41744b614b83bb7cc031942e7252452c3b299dcc0f530_s390x",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:e9fc83b6a9a40c2af4dd8a8454d8ca9e3a3bb96fdb290427d3a0c9cb753e91f4_arm64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:10f88bb7c978c24555def7bf4d7fd35dba3d1b5ffdc32fde359b175fc8d8b34e_ppc64le",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:7e46ef2e749e3896a86af16744c1c3542ff8a6d0467793af27aedb0fdbc9ee4a_s390x",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:a9f8b40acd19609ee9c9bc85a4f2cdec9aa4c8c786b62ad94e33c8ea451de961_amd64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:ebff04a36feae157572fdd32ce2cc045c504b850c0b9f471d381676da314dd97_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "tough-cookie: prototype pollution in cookie memstore"
},
{
"cve": "CVE-2023-29406",
"cwe": {
"id": "CWE-113",
"name": "Improper Neutralization of CRLF Sequences in HTTP Headers (\u0027HTTP Request/Response Splitting\u0027)"
},
"discovery_date": "2023-07-12T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:02c4a20e1f2b0678afe4ea0757933ce581ef66e6b189622aea7dc0fa91e6c18c_amd64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:556e2c39c0eebd2e8a4d361d40221fa8cf0e9bf7db66dcf2bd2f32576240d94b_amd64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:64d3a93c2adbca869845ea59edfbef2675658bd15fd22dfc1681b57809d3269c_arm64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:a697fe3d581606f0da267205636c94e0dd7076fdf562fe9d4f0332ec0267f880_s390x",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:f8553bf9f5a75c089cdf5a26f8853e6f4488c19ef2a8dc1e0ebc96e4aab0384f_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:369d45c783651c6e07dfd721fa43025800b263da8e1fdbbc75b296686426e840_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:26f58db9cb18dfe0eb7a3478a7bb86c87efabe32d98dcf74bc34226a09ea6f0e_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:938ac92e58ab4fd377219899c6f3c25f41a58260f078e44b371d91964083d96a_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:c67b4fadb575fc60d60cc3307da75f2fa3e5c4760e572072308a506e4e271ab1_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:ce5fc5a37453626de4bcb9a05d3849ef7da0722bfc8f0fecfc1f693cf6b5deff_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:2a87c3b6888c57d813169da3ae06aa5bcac1ac916cdc62da3c492928d8eab187_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:34a393916466f1d4544cbe4d75936147c4bfc4e0246bee0faebc5c285f26d30d_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:358c663dbc3c6b0ee31a4b2665c79ff7b826ba6b72c21db62d186a6da09b04c4_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:7a9678d49d25ec0afbcab3c98a3d26d2eeda04a0ece3a833d91dde818f0dde22_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:8e62859531fcb8dd6b054a76c4bc95b62ff62bcbe69fe18f132689a203168bc8_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:92ab2dde35f2f59c3a8ce7b8b12f5703a7a214e83ca5cc13673d0c8ad373f02e_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:caeeb679701abcbb9612b77ef0975575cf31c96b74bfc06553d61140a3f52bb7_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:cd9a57aad90fdec4fef3b0f9b31df96c12bd7fe97cad90f9a1de79e6b0af4bbb_arm64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:b822207e2e70c989cf98d9e5a810e85034a8a1fd2130451e525ce4a804dd1727_s390x",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:ec56cae824197805c3287f57854343d2d26caa0b192a009c966d28c32f0d0d92_ppc64le",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:fc638d1f8ff0f079ea1f5cfa3a9938dc06374ca4e6cd24f92ba62b7d03fd6963_arm64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:ff509532db6b7e2d3a44fac2cf9b63687aa8bfbaab46d7a5f9d58be192475818_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:149d75b8f4f523c86122176935c63b96305f6eb308e74eea9fa6651c8e75d239_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:3038086e3dbfab1e3070cdeeb7968e863ab4b1012d161ed263e93b153ae2223b_s390x",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:816908f1ac923336e8e3b87129af40271bde545e12b3385186425038f1b14991_arm64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:e489da61d05557fba2718fd3e75b7ba50c51c173f43088334db7f3c993748711_ppc64le",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:0958ffa84bed51e99177837ac672324e5a8c1b20535d8110a3bbabe3f952073e_ppc64le",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:0c4ea44d09b21a915c3ecc17c9a50ba22d71ed06b0cc4ba1d8bfbe1ced426e47_arm64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:20b6b6aef51ef6cabe133e53dcc1d6665ff8fae0fab4d56ecd6998ca88554773_s390x",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:57b608727de6a22f2c39c138d184b4d2e9a1e62b2206fbcab290aeef2802e520_amd64",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:1646d63e4b9fa7d45f8fc9d1e8cec3cccbed9ba850f3ac07dc75b18f416c580f_s390x",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:94471501cf396d9d298e9dfee95ed7496e0ec8767eb80bab0ea809cb4e16b878_amd64",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:a2bd4a83b30b2b9e88e8581784e3e901d564d576ba3a58824cd203779ccc9e80_ppc64le",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:b442de2cb36a3a26b3d8b32d953d83d01c4cd5b659f974e1f781fbb5aaef5977_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:1cac7ceee19cd185658324643c9a81d055d22aa238a28986c76594153c79b422_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:4f8f194cc5827f05a969960937e9993528ad030c32d64c7a8d95bcb8ad1bb27a_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:cb78249fdad4f2cff00011a9863f40f0749c2f3b4093a322f9590008e62c06c6_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:f09e73392f894fd4f9c38595e617dd4eebabb698d8e1ad0f3ac4e080c37b1f12_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:42223f3fb6d55d6d9155f110b90323965eaf68263d51c485114784a651be8e5e_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:50230e9829718254fc51d844e0305978b694354bda4b798fb5066ca3c182d323_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:79590fd5063ffa0245d96cec02dc4ce257244a431e213ecbe38462e86536b859_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:fd9b30d940cdc8b281fa4a46e8a22f946571e7e72695fef9cfa02c4337e74dc0_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:62f04228cf7e9abc40efbd69b6dcd0b6d421834b520753194105010cc35e810c_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:260731d610f37fa0072760f09d460d04fd3a1359d24a2218918412bc1a93947b_arm64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:347cb504d7b382c241a238d1fffc91b5905121c4fe6c976356c46909161b9ced_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:c5c0c41173e8c288341859dda8e9c982fba297e2e6c616b953a04ea4280f8caa_ppc64le",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:c5e123a5c5d637ff9fb0327c03351e46f14b0d774b484fd045d51df058550d3d_s390x",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:1da817a84816082f56d2f3bea2f4a680b8e8cc4fe7ff95e311b44e1b5f1f5f0a_s390x",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:a40f0f1402d912aa12329e0ee3f4d8084337a376f72f1e0b5e45a4dac44ac848_arm64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:ea81838d5b7a63e28ad7e20113253a701063d8d723137681bf11afd801c69f6f_amd64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:f7c8b8251566fadb3396dfee110b6995e9d2ca27614a3b51f148f78fe5b51b50_ppc64le",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:01d2e3c8016742d49a9fe1cf7d62c6826dfc8f805babdc4c32e1407c3c8ae6c2_amd64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:5b8bc65ad9760c2bcabac5ebf72f2a256271a4c1173871742bf8f817c6ce0478_ppc64le",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:b76cb34507d54f963da41744b614b83bb7cc031942e7252452c3b299dcc0f530_s390x",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:e9fc83b6a9a40c2af4dd8a8454d8ca9e3a3bb96fdb290427d3a0c9cb753e91f4_arm64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:10f88bb7c978c24555def7bf4d7fd35dba3d1b5ffdc32fde359b175fc8d8b34e_ppc64le",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:7e46ef2e749e3896a86af16744c1c3542ff8a6d0467793af27aedb0fdbc9ee4a_s390x",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:a9f8b40acd19609ee9c9bc85a4f2cdec9aa4c8c786b62ad94e33c8ea451de961_amd64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:ebff04a36feae157572fdd32ce2cc045c504b850c0b9f471d381676da314dd97_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2222167"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Golang, where it is vulnerable to HTTP header injection caused by improper content validation of the Host header by the HTTP/1 client. A remote attacker can inject arbitrary HTTP headers by persuading a victim to visit a specially crafted Web page. This flaw allows the attacker to conduct various attacks against the vulnerable system, including Cross-site scripting, cache poisoning, or session hijacking.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http: insufficient sanitization of Host header",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:47df30d450dbc2b26cf828f2208832ddcba75719cef9486d047e4b2bfb2c61a8_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:aea6196bddef8110c0d9282d6e84a7e8cdee066fab8ba3607dacb8425b458819_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:af7c029f15eacd2b65a99271538c68d9b2dcd5c25dbfabadd0e9f8bb2911d827_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:f4558c73e630c043e8ffebd92bfbc805d13a644b19e5e43d35979b7942225b98_arm64"
],
"known_not_affected": [
"8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:02c4a20e1f2b0678afe4ea0757933ce581ef66e6b189622aea7dc0fa91e6c18c_amd64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:556e2c39c0eebd2e8a4d361d40221fa8cf0e9bf7db66dcf2bd2f32576240d94b_amd64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:64d3a93c2adbca869845ea59edfbef2675658bd15fd22dfc1681b57809d3269c_arm64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:a697fe3d581606f0da267205636c94e0dd7076fdf562fe9d4f0332ec0267f880_s390x",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:f8553bf9f5a75c089cdf5a26f8853e6f4488c19ef2a8dc1e0ebc96e4aab0384f_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:369d45c783651c6e07dfd721fa43025800b263da8e1fdbbc75b296686426e840_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:26f58db9cb18dfe0eb7a3478a7bb86c87efabe32d98dcf74bc34226a09ea6f0e_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:938ac92e58ab4fd377219899c6f3c25f41a58260f078e44b371d91964083d96a_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:c67b4fadb575fc60d60cc3307da75f2fa3e5c4760e572072308a506e4e271ab1_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:ce5fc5a37453626de4bcb9a05d3849ef7da0722bfc8f0fecfc1f693cf6b5deff_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:2a87c3b6888c57d813169da3ae06aa5bcac1ac916cdc62da3c492928d8eab187_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:34a393916466f1d4544cbe4d75936147c4bfc4e0246bee0faebc5c285f26d30d_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:358c663dbc3c6b0ee31a4b2665c79ff7b826ba6b72c21db62d186a6da09b04c4_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:7a9678d49d25ec0afbcab3c98a3d26d2eeda04a0ece3a833d91dde818f0dde22_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:8e62859531fcb8dd6b054a76c4bc95b62ff62bcbe69fe18f132689a203168bc8_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:92ab2dde35f2f59c3a8ce7b8b12f5703a7a214e83ca5cc13673d0c8ad373f02e_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:caeeb679701abcbb9612b77ef0975575cf31c96b74bfc06553d61140a3f52bb7_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:cd9a57aad90fdec4fef3b0f9b31df96c12bd7fe97cad90f9a1de79e6b0af4bbb_arm64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:b822207e2e70c989cf98d9e5a810e85034a8a1fd2130451e525ce4a804dd1727_s390x",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:ec56cae824197805c3287f57854343d2d26caa0b192a009c966d28c32f0d0d92_ppc64le",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:fc638d1f8ff0f079ea1f5cfa3a9938dc06374ca4e6cd24f92ba62b7d03fd6963_arm64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:ff509532db6b7e2d3a44fac2cf9b63687aa8bfbaab46d7a5f9d58be192475818_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:149d75b8f4f523c86122176935c63b96305f6eb308e74eea9fa6651c8e75d239_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:3038086e3dbfab1e3070cdeeb7968e863ab4b1012d161ed263e93b153ae2223b_s390x",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:816908f1ac923336e8e3b87129af40271bde545e12b3385186425038f1b14991_arm64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:e489da61d05557fba2718fd3e75b7ba50c51c173f43088334db7f3c993748711_ppc64le",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:0958ffa84bed51e99177837ac672324e5a8c1b20535d8110a3bbabe3f952073e_ppc64le",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:0c4ea44d09b21a915c3ecc17c9a50ba22d71ed06b0cc4ba1d8bfbe1ced426e47_arm64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:20b6b6aef51ef6cabe133e53dcc1d6665ff8fae0fab4d56ecd6998ca88554773_s390x",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:57b608727de6a22f2c39c138d184b4d2e9a1e62b2206fbcab290aeef2802e520_amd64",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:1646d63e4b9fa7d45f8fc9d1e8cec3cccbed9ba850f3ac07dc75b18f416c580f_s390x",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:94471501cf396d9d298e9dfee95ed7496e0ec8767eb80bab0ea809cb4e16b878_amd64",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:a2bd4a83b30b2b9e88e8581784e3e901d564d576ba3a58824cd203779ccc9e80_ppc64le",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:b442de2cb36a3a26b3d8b32d953d83d01c4cd5b659f974e1f781fbb5aaef5977_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:1cac7ceee19cd185658324643c9a81d055d22aa238a28986c76594153c79b422_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:4f8f194cc5827f05a969960937e9993528ad030c32d64c7a8d95bcb8ad1bb27a_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:cb78249fdad4f2cff00011a9863f40f0749c2f3b4093a322f9590008e62c06c6_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:f09e73392f894fd4f9c38595e617dd4eebabb698d8e1ad0f3ac4e080c37b1f12_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:42223f3fb6d55d6d9155f110b90323965eaf68263d51c485114784a651be8e5e_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:50230e9829718254fc51d844e0305978b694354bda4b798fb5066ca3c182d323_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:79590fd5063ffa0245d96cec02dc4ce257244a431e213ecbe38462e86536b859_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:fd9b30d940cdc8b281fa4a46e8a22f946571e7e72695fef9cfa02c4337e74dc0_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:62f04228cf7e9abc40efbd69b6dcd0b6d421834b520753194105010cc35e810c_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:260731d610f37fa0072760f09d460d04fd3a1359d24a2218918412bc1a93947b_arm64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:347cb504d7b382c241a238d1fffc91b5905121c4fe6c976356c46909161b9ced_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:c5c0c41173e8c288341859dda8e9c982fba297e2e6c616b953a04ea4280f8caa_ppc64le",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:c5e123a5c5d637ff9fb0327c03351e46f14b0d774b484fd045d51df058550d3d_s390x",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:1da817a84816082f56d2f3bea2f4a680b8e8cc4fe7ff95e311b44e1b5f1f5f0a_s390x",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:a40f0f1402d912aa12329e0ee3f4d8084337a376f72f1e0b5e45a4dac44ac848_arm64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:ea81838d5b7a63e28ad7e20113253a701063d8d723137681bf11afd801c69f6f_amd64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:f7c8b8251566fadb3396dfee110b6995e9d2ca27614a3b51f148f78fe5b51b50_ppc64le",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:01d2e3c8016742d49a9fe1cf7d62c6826dfc8f805babdc4c32e1407c3c8ae6c2_amd64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:5b8bc65ad9760c2bcabac5ebf72f2a256271a4c1173871742bf8f817c6ce0478_ppc64le",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:b76cb34507d54f963da41744b614b83bb7cc031942e7252452c3b299dcc0f530_s390x",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:e9fc83b6a9a40c2af4dd8a8454d8ca9e3a3bb96fdb290427d3a0c9cb753e91f4_arm64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:10f88bb7c978c24555def7bf4d7fd35dba3d1b5ffdc32fde359b175fc8d8b34e_ppc64le",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:7e46ef2e749e3896a86af16744c1c3542ff8a6d0467793af27aedb0fdbc9ee4a_s390x",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:a9f8b40acd19609ee9c9bc85a4f2cdec9aa4c8c786b62ad94e33c8ea451de961_amd64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:ebff04a36feae157572fdd32ce2cc045c504b850c0b9f471d381676da314dd97_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-29406"
},
{
"category": "external",
"summary": "RHBZ#2222167",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2222167"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-29406",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29406"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-29406",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29406"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/2q13H6LEEx0",
"url": "https://groups.google.com/g/golang-announce/c/2q13H6LEEx0"
}
],
"release_date": "2023-07-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-20T04:11:50+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:47df30d450dbc2b26cf828f2208832ddcba75719cef9486d047e4b2bfb2c61a8_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:aea6196bddef8110c0d9282d6e84a7e8cdee066fab8ba3607dacb8425b458819_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:af7c029f15eacd2b65a99271538c68d9b2dcd5c25dbfabadd0e9f8bb2911d827_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:f4558c73e630c043e8ffebd92bfbc805d13a644b19e5e43d35979b7942225b98_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:5541"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:02c4a20e1f2b0678afe4ea0757933ce581ef66e6b189622aea7dc0fa91e6c18c_amd64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:556e2c39c0eebd2e8a4d361d40221fa8cf0e9bf7db66dcf2bd2f32576240d94b_amd64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:64d3a93c2adbca869845ea59edfbef2675658bd15fd22dfc1681b57809d3269c_arm64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:a697fe3d581606f0da267205636c94e0dd7076fdf562fe9d4f0332ec0267f880_s390x",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:f8553bf9f5a75c089cdf5a26f8853e6f4488c19ef2a8dc1e0ebc96e4aab0384f_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:369d45c783651c6e07dfd721fa43025800b263da8e1fdbbc75b296686426e840_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:26f58db9cb18dfe0eb7a3478a7bb86c87efabe32d98dcf74bc34226a09ea6f0e_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:938ac92e58ab4fd377219899c6f3c25f41a58260f078e44b371d91964083d96a_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:c67b4fadb575fc60d60cc3307da75f2fa3e5c4760e572072308a506e4e271ab1_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:ce5fc5a37453626de4bcb9a05d3849ef7da0722bfc8f0fecfc1f693cf6b5deff_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:2a87c3b6888c57d813169da3ae06aa5bcac1ac916cdc62da3c492928d8eab187_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:34a393916466f1d4544cbe4d75936147c4bfc4e0246bee0faebc5c285f26d30d_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:358c663dbc3c6b0ee31a4b2665c79ff7b826ba6b72c21db62d186a6da09b04c4_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:7a9678d49d25ec0afbcab3c98a3d26d2eeda04a0ece3a833d91dde818f0dde22_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:8e62859531fcb8dd6b054a76c4bc95b62ff62bcbe69fe18f132689a203168bc8_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:92ab2dde35f2f59c3a8ce7b8b12f5703a7a214e83ca5cc13673d0c8ad373f02e_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:caeeb679701abcbb9612b77ef0975575cf31c96b74bfc06553d61140a3f52bb7_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:cd9a57aad90fdec4fef3b0f9b31df96c12bd7fe97cad90f9a1de79e6b0af4bbb_arm64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:b822207e2e70c989cf98d9e5a810e85034a8a1fd2130451e525ce4a804dd1727_s390x",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:ec56cae824197805c3287f57854343d2d26caa0b192a009c966d28c32f0d0d92_ppc64le",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:fc638d1f8ff0f079ea1f5cfa3a9938dc06374ca4e6cd24f92ba62b7d03fd6963_arm64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:ff509532db6b7e2d3a44fac2cf9b63687aa8bfbaab46d7a5f9d58be192475818_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:149d75b8f4f523c86122176935c63b96305f6eb308e74eea9fa6651c8e75d239_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:3038086e3dbfab1e3070cdeeb7968e863ab4b1012d161ed263e93b153ae2223b_s390x",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:816908f1ac923336e8e3b87129af40271bde545e12b3385186425038f1b14991_arm64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:e489da61d05557fba2718fd3e75b7ba50c51c173f43088334db7f3c993748711_ppc64le",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:0958ffa84bed51e99177837ac672324e5a8c1b20535d8110a3bbabe3f952073e_ppc64le",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:0c4ea44d09b21a915c3ecc17c9a50ba22d71ed06b0cc4ba1d8bfbe1ced426e47_arm64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:20b6b6aef51ef6cabe133e53dcc1d6665ff8fae0fab4d56ecd6998ca88554773_s390x",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:57b608727de6a22f2c39c138d184b4d2e9a1e62b2206fbcab290aeef2802e520_amd64",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:1646d63e4b9fa7d45f8fc9d1e8cec3cccbed9ba850f3ac07dc75b18f416c580f_s390x",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:94471501cf396d9d298e9dfee95ed7496e0ec8767eb80bab0ea809cb4e16b878_amd64",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:a2bd4a83b30b2b9e88e8581784e3e901d564d576ba3a58824cd203779ccc9e80_ppc64le",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:b442de2cb36a3a26b3d8b32d953d83d01c4cd5b659f974e1f781fbb5aaef5977_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:1cac7ceee19cd185658324643c9a81d055d22aa238a28986c76594153c79b422_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:4f8f194cc5827f05a969960937e9993528ad030c32d64c7a8d95bcb8ad1bb27a_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:cb78249fdad4f2cff00011a9863f40f0749c2f3b4093a322f9590008e62c06c6_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:f09e73392f894fd4f9c38595e617dd4eebabb698d8e1ad0f3ac4e080c37b1f12_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:47df30d450dbc2b26cf828f2208832ddcba75719cef9486d047e4b2bfb2c61a8_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:aea6196bddef8110c0d9282d6e84a7e8cdee066fab8ba3607dacb8425b458819_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:af7c029f15eacd2b65a99271538c68d9b2dcd5c25dbfabadd0e9f8bb2911d827_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:f4558c73e630c043e8ffebd92bfbc805d13a644b19e5e43d35979b7942225b98_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:42223f3fb6d55d6d9155f110b90323965eaf68263d51c485114784a651be8e5e_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:50230e9829718254fc51d844e0305978b694354bda4b798fb5066ca3c182d323_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:79590fd5063ffa0245d96cec02dc4ce257244a431e213ecbe38462e86536b859_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:fd9b30d940cdc8b281fa4a46e8a22f946571e7e72695fef9cfa02c4337e74dc0_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:62f04228cf7e9abc40efbd69b6dcd0b6d421834b520753194105010cc35e810c_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:260731d610f37fa0072760f09d460d04fd3a1359d24a2218918412bc1a93947b_arm64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:347cb504d7b382c241a238d1fffc91b5905121c4fe6c976356c46909161b9ced_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:c5c0c41173e8c288341859dda8e9c982fba297e2e6c616b953a04ea4280f8caa_ppc64le",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:c5e123a5c5d637ff9fb0327c03351e46f14b0d774b484fd045d51df058550d3d_s390x",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:1da817a84816082f56d2f3bea2f4a680b8e8cc4fe7ff95e311b44e1b5f1f5f0a_s390x",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:a40f0f1402d912aa12329e0ee3f4d8084337a376f72f1e0b5e45a4dac44ac848_arm64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:ea81838d5b7a63e28ad7e20113253a701063d8d723137681bf11afd801c69f6f_amd64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:f7c8b8251566fadb3396dfee110b6995e9d2ca27614a3b51f148f78fe5b51b50_ppc64le",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:01d2e3c8016742d49a9fe1cf7d62c6826dfc8f805babdc4c32e1407c3c8ae6c2_amd64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:5b8bc65ad9760c2bcabac5ebf72f2a256271a4c1173871742bf8f817c6ce0478_ppc64le",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:b76cb34507d54f963da41744b614b83bb7cc031942e7252452c3b299dcc0f530_s390x",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:e9fc83b6a9a40c2af4dd8a8454d8ca9e3a3bb96fdb290427d3a0c9cb753e91f4_arm64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:10f88bb7c978c24555def7bf4d7fd35dba3d1b5ffdc32fde359b175fc8d8b34e_ppc64le",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:7e46ef2e749e3896a86af16744c1c3542ff8a6d0467793af27aedb0fdbc9ee4a_s390x",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:a9f8b40acd19609ee9c9bc85a4f2cdec9aa4c8c786b62ad94e33c8ea451de961_amd64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:ebff04a36feae157572fdd32ce2cc045c504b850c0b9f471d381676da314dd97_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http: insufficient sanitization of Host header"
},
{
"cve": "CVE-2023-29409",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-08-03T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:02c4a20e1f2b0678afe4ea0757933ce581ef66e6b189622aea7dc0fa91e6c18c_amd64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:556e2c39c0eebd2e8a4d361d40221fa8cf0e9bf7db66dcf2bd2f32576240d94b_amd64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:64d3a93c2adbca869845ea59edfbef2675658bd15fd22dfc1681b57809d3269c_arm64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:a697fe3d581606f0da267205636c94e0dd7076fdf562fe9d4f0332ec0267f880_s390x",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:f8553bf9f5a75c089cdf5a26f8853e6f4488c19ef2a8dc1e0ebc96e4aab0384f_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:369d45c783651c6e07dfd721fa43025800b263da8e1fdbbc75b296686426e840_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:26f58db9cb18dfe0eb7a3478a7bb86c87efabe32d98dcf74bc34226a09ea6f0e_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:938ac92e58ab4fd377219899c6f3c25f41a58260f078e44b371d91964083d96a_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:c67b4fadb575fc60d60cc3307da75f2fa3e5c4760e572072308a506e4e271ab1_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:ce5fc5a37453626de4bcb9a05d3849ef7da0722bfc8f0fecfc1f693cf6b5deff_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:2a87c3b6888c57d813169da3ae06aa5bcac1ac916cdc62da3c492928d8eab187_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:34a393916466f1d4544cbe4d75936147c4bfc4e0246bee0faebc5c285f26d30d_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:358c663dbc3c6b0ee31a4b2665c79ff7b826ba6b72c21db62d186a6da09b04c4_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:7a9678d49d25ec0afbcab3c98a3d26d2eeda04a0ece3a833d91dde818f0dde22_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:8e62859531fcb8dd6b054a76c4bc95b62ff62bcbe69fe18f132689a203168bc8_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:92ab2dde35f2f59c3a8ce7b8b12f5703a7a214e83ca5cc13673d0c8ad373f02e_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:caeeb679701abcbb9612b77ef0975575cf31c96b74bfc06553d61140a3f52bb7_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:cd9a57aad90fdec4fef3b0f9b31df96c12bd7fe97cad90f9a1de79e6b0af4bbb_arm64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:b822207e2e70c989cf98d9e5a810e85034a8a1fd2130451e525ce4a804dd1727_s390x",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:ec56cae824197805c3287f57854343d2d26caa0b192a009c966d28c32f0d0d92_ppc64le",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:fc638d1f8ff0f079ea1f5cfa3a9938dc06374ca4e6cd24f92ba62b7d03fd6963_arm64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:ff509532db6b7e2d3a44fac2cf9b63687aa8bfbaab46d7a5f9d58be192475818_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:149d75b8f4f523c86122176935c63b96305f6eb308e74eea9fa6651c8e75d239_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:3038086e3dbfab1e3070cdeeb7968e863ab4b1012d161ed263e93b153ae2223b_s390x",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:816908f1ac923336e8e3b87129af40271bde545e12b3385186425038f1b14991_arm64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:e489da61d05557fba2718fd3e75b7ba50c51c173f43088334db7f3c993748711_ppc64le",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:0958ffa84bed51e99177837ac672324e5a8c1b20535d8110a3bbabe3f952073e_ppc64le",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:0c4ea44d09b21a915c3ecc17c9a50ba22d71ed06b0cc4ba1d8bfbe1ced426e47_arm64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:20b6b6aef51ef6cabe133e53dcc1d6665ff8fae0fab4d56ecd6998ca88554773_s390x",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:57b608727de6a22f2c39c138d184b4d2e9a1e62b2206fbcab290aeef2802e520_amd64",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:1646d63e4b9fa7d45f8fc9d1e8cec3cccbed9ba850f3ac07dc75b18f416c580f_s390x",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:94471501cf396d9d298e9dfee95ed7496e0ec8767eb80bab0ea809cb4e16b878_amd64",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:a2bd4a83b30b2b9e88e8581784e3e901d564d576ba3a58824cd203779ccc9e80_ppc64le",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:b442de2cb36a3a26b3d8b32d953d83d01c4cd5b659f974e1f781fbb5aaef5977_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:1cac7ceee19cd185658324643c9a81d055d22aa238a28986c76594153c79b422_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:4f8f194cc5827f05a969960937e9993528ad030c32d64c7a8d95bcb8ad1bb27a_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:cb78249fdad4f2cff00011a9863f40f0749c2f3b4093a322f9590008e62c06c6_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:f09e73392f894fd4f9c38595e617dd4eebabb698d8e1ad0f3ac4e080c37b1f12_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:42223f3fb6d55d6d9155f110b90323965eaf68263d51c485114784a651be8e5e_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:50230e9829718254fc51d844e0305978b694354bda4b798fb5066ca3c182d323_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:79590fd5063ffa0245d96cec02dc4ce257244a431e213ecbe38462e86536b859_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:fd9b30d940cdc8b281fa4a46e8a22f946571e7e72695fef9cfa02c4337e74dc0_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:62f04228cf7e9abc40efbd69b6dcd0b6d421834b520753194105010cc35e810c_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:260731d610f37fa0072760f09d460d04fd3a1359d24a2218918412bc1a93947b_arm64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:347cb504d7b382c241a238d1fffc91b5905121c4fe6c976356c46909161b9ced_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:c5c0c41173e8c288341859dda8e9c982fba297e2e6c616b953a04ea4280f8caa_ppc64le",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:c5e123a5c5d637ff9fb0327c03351e46f14b0d774b484fd045d51df058550d3d_s390x",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:1da817a84816082f56d2f3bea2f4a680b8e8cc4fe7ff95e311b44e1b5f1f5f0a_s390x",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:a40f0f1402d912aa12329e0ee3f4d8084337a376f72f1e0b5e45a4dac44ac848_arm64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:ea81838d5b7a63e28ad7e20113253a701063d8d723137681bf11afd801c69f6f_amd64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:f7c8b8251566fadb3396dfee110b6995e9d2ca27614a3b51f148f78fe5b51b50_ppc64le",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:01d2e3c8016742d49a9fe1cf7d62c6826dfc8f805babdc4c32e1407c3c8ae6c2_amd64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:5b8bc65ad9760c2bcabac5ebf72f2a256271a4c1173871742bf8f817c6ce0478_ppc64le",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:b76cb34507d54f963da41744b614b83bb7cc031942e7252452c3b299dcc0f530_s390x",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:e9fc83b6a9a40c2af4dd8a8454d8ca9e3a3bb96fdb290427d3a0c9cb753e91f4_arm64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:10f88bb7c978c24555def7bf4d7fd35dba3d1b5ffdc32fde359b175fc8d8b34e_ppc64le",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:7e46ef2e749e3896a86af16744c1c3542ff8a6d0467793af27aedb0fdbc9ee4a_s390x",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:a9f8b40acd19609ee9c9bc85a4f2cdec9aa4c8c786b62ad94e33c8ea451de961_amd64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:ebff04a36feae157572fdd32ce2cc045c504b850c0b9f471d381676da314dd97_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2228743"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service vulnerability was found in the Golang Go package caused by an uncontrolled resource consumption flaw. By persuading a victim to use a specially crafted certificate with large RSA keys, a remote attacker can cause a client/server to expend significant CPU time verifying signatures, resulting in a denial of service condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: crypto/tls: slow verification of certificate chains containing large RSA keys",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:47df30d450dbc2b26cf828f2208832ddcba75719cef9486d047e4b2bfb2c61a8_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:aea6196bddef8110c0d9282d6e84a7e8cdee066fab8ba3607dacb8425b458819_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:af7c029f15eacd2b65a99271538c68d9b2dcd5c25dbfabadd0e9f8bb2911d827_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:f4558c73e630c043e8ffebd92bfbc805d13a644b19e5e43d35979b7942225b98_arm64"
],
"known_not_affected": [
"8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:02c4a20e1f2b0678afe4ea0757933ce581ef66e6b189622aea7dc0fa91e6c18c_amd64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:556e2c39c0eebd2e8a4d361d40221fa8cf0e9bf7db66dcf2bd2f32576240d94b_amd64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:64d3a93c2adbca869845ea59edfbef2675658bd15fd22dfc1681b57809d3269c_arm64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:a697fe3d581606f0da267205636c94e0dd7076fdf562fe9d4f0332ec0267f880_s390x",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:f8553bf9f5a75c089cdf5a26f8853e6f4488c19ef2a8dc1e0ebc96e4aab0384f_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:369d45c783651c6e07dfd721fa43025800b263da8e1fdbbc75b296686426e840_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:26f58db9cb18dfe0eb7a3478a7bb86c87efabe32d98dcf74bc34226a09ea6f0e_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:938ac92e58ab4fd377219899c6f3c25f41a58260f078e44b371d91964083d96a_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:c67b4fadb575fc60d60cc3307da75f2fa3e5c4760e572072308a506e4e271ab1_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:ce5fc5a37453626de4bcb9a05d3849ef7da0722bfc8f0fecfc1f693cf6b5deff_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:2a87c3b6888c57d813169da3ae06aa5bcac1ac916cdc62da3c492928d8eab187_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:34a393916466f1d4544cbe4d75936147c4bfc4e0246bee0faebc5c285f26d30d_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:358c663dbc3c6b0ee31a4b2665c79ff7b826ba6b72c21db62d186a6da09b04c4_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:7a9678d49d25ec0afbcab3c98a3d26d2eeda04a0ece3a833d91dde818f0dde22_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:8e62859531fcb8dd6b054a76c4bc95b62ff62bcbe69fe18f132689a203168bc8_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:92ab2dde35f2f59c3a8ce7b8b12f5703a7a214e83ca5cc13673d0c8ad373f02e_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:caeeb679701abcbb9612b77ef0975575cf31c96b74bfc06553d61140a3f52bb7_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:cd9a57aad90fdec4fef3b0f9b31df96c12bd7fe97cad90f9a1de79e6b0af4bbb_arm64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:b822207e2e70c989cf98d9e5a810e85034a8a1fd2130451e525ce4a804dd1727_s390x",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:ec56cae824197805c3287f57854343d2d26caa0b192a009c966d28c32f0d0d92_ppc64le",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:fc638d1f8ff0f079ea1f5cfa3a9938dc06374ca4e6cd24f92ba62b7d03fd6963_arm64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:ff509532db6b7e2d3a44fac2cf9b63687aa8bfbaab46d7a5f9d58be192475818_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:149d75b8f4f523c86122176935c63b96305f6eb308e74eea9fa6651c8e75d239_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:3038086e3dbfab1e3070cdeeb7968e863ab4b1012d161ed263e93b153ae2223b_s390x",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:816908f1ac923336e8e3b87129af40271bde545e12b3385186425038f1b14991_arm64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:e489da61d05557fba2718fd3e75b7ba50c51c173f43088334db7f3c993748711_ppc64le",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:0958ffa84bed51e99177837ac672324e5a8c1b20535d8110a3bbabe3f952073e_ppc64le",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:0c4ea44d09b21a915c3ecc17c9a50ba22d71ed06b0cc4ba1d8bfbe1ced426e47_arm64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:20b6b6aef51ef6cabe133e53dcc1d6665ff8fae0fab4d56ecd6998ca88554773_s390x",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:57b608727de6a22f2c39c138d184b4d2e9a1e62b2206fbcab290aeef2802e520_amd64",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:1646d63e4b9fa7d45f8fc9d1e8cec3cccbed9ba850f3ac07dc75b18f416c580f_s390x",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:94471501cf396d9d298e9dfee95ed7496e0ec8767eb80bab0ea809cb4e16b878_amd64",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:a2bd4a83b30b2b9e88e8581784e3e901d564d576ba3a58824cd203779ccc9e80_ppc64le",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:b442de2cb36a3a26b3d8b32d953d83d01c4cd5b659f974e1f781fbb5aaef5977_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:1cac7ceee19cd185658324643c9a81d055d22aa238a28986c76594153c79b422_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:4f8f194cc5827f05a969960937e9993528ad030c32d64c7a8d95bcb8ad1bb27a_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:cb78249fdad4f2cff00011a9863f40f0749c2f3b4093a322f9590008e62c06c6_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:f09e73392f894fd4f9c38595e617dd4eebabb698d8e1ad0f3ac4e080c37b1f12_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:42223f3fb6d55d6d9155f110b90323965eaf68263d51c485114784a651be8e5e_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:50230e9829718254fc51d844e0305978b694354bda4b798fb5066ca3c182d323_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:79590fd5063ffa0245d96cec02dc4ce257244a431e213ecbe38462e86536b859_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:fd9b30d940cdc8b281fa4a46e8a22f946571e7e72695fef9cfa02c4337e74dc0_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:62f04228cf7e9abc40efbd69b6dcd0b6d421834b520753194105010cc35e810c_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:260731d610f37fa0072760f09d460d04fd3a1359d24a2218918412bc1a93947b_arm64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:347cb504d7b382c241a238d1fffc91b5905121c4fe6c976356c46909161b9ced_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:c5c0c41173e8c288341859dda8e9c982fba297e2e6c616b953a04ea4280f8caa_ppc64le",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:c5e123a5c5d637ff9fb0327c03351e46f14b0d774b484fd045d51df058550d3d_s390x",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:1da817a84816082f56d2f3bea2f4a680b8e8cc4fe7ff95e311b44e1b5f1f5f0a_s390x",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:a40f0f1402d912aa12329e0ee3f4d8084337a376f72f1e0b5e45a4dac44ac848_arm64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:ea81838d5b7a63e28ad7e20113253a701063d8d723137681bf11afd801c69f6f_amd64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:f7c8b8251566fadb3396dfee110b6995e9d2ca27614a3b51f148f78fe5b51b50_ppc64le",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:01d2e3c8016742d49a9fe1cf7d62c6826dfc8f805babdc4c32e1407c3c8ae6c2_amd64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:5b8bc65ad9760c2bcabac5ebf72f2a256271a4c1173871742bf8f817c6ce0478_ppc64le",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:b76cb34507d54f963da41744b614b83bb7cc031942e7252452c3b299dcc0f530_s390x",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:e9fc83b6a9a40c2af4dd8a8454d8ca9e3a3bb96fdb290427d3a0c9cb753e91f4_arm64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:10f88bb7c978c24555def7bf4d7fd35dba3d1b5ffdc32fde359b175fc8d8b34e_ppc64le",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:7e46ef2e749e3896a86af16744c1c3542ff8a6d0467793af27aedb0fdbc9ee4a_s390x",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:a9f8b40acd19609ee9c9bc85a4f2cdec9aa4c8c786b62ad94e33c8ea451de961_amd64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:ebff04a36feae157572fdd32ce2cc045c504b850c0b9f471d381676da314dd97_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-29409"
},
{
"category": "external",
"summary": "RHBZ#2228743",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2228743"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-29409",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29409"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-29409",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29409"
},
{
"category": "external",
"summary": "https://go.dev/cl/515257",
"url": "https://go.dev/cl/515257"
},
{
"category": "external",
"summary": "https://go.dev/issue/61460",
"url": "https://go.dev/issue/61460"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ",
"url": "https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-1987",
"url": "https://pkg.go.dev/vuln/GO-2023-1987"
}
],
"release_date": "2023-08-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-20T04:11:50+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:47df30d450dbc2b26cf828f2208832ddcba75719cef9486d047e4b2bfb2c61a8_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:aea6196bddef8110c0d9282d6e84a7e8cdee066fab8ba3607dacb8425b458819_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:af7c029f15eacd2b65a99271538c68d9b2dcd5c25dbfabadd0e9f8bb2911d827_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:f4558c73e630c043e8ffebd92bfbc805d13a644b19e5e43d35979b7942225b98_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:5541"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:02c4a20e1f2b0678afe4ea0757933ce581ef66e6b189622aea7dc0fa91e6c18c_amd64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:556e2c39c0eebd2e8a4d361d40221fa8cf0e9bf7db66dcf2bd2f32576240d94b_amd64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:64d3a93c2adbca869845ea59edfbef2675658bd15fd22dfc1681b57809d3269c_arm64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:a697fe3d581606f0da267205636c94e0dd7076fdf562fe9d4f0332ec0267f880_s390x",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:f8553bf9f5a75c089cdf5a26f8853e6f4488c19ef2a8dc1e0ebc96e4aab0384f_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:369d45c783651c6e07dfd721fa43025800b263da8e1fdbbc75b296686426e840_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:26f58db9cb18dfe0eb7a3478a7bb86c87efabe32d98dcf74bc34226a09ea6f0e_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:938ac92e58ab4fd377219899c6f3c25f41a58260f078e44b371d91964083d96a_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:c67b4fadb575fc60d60cc3307da75f2fa3e5c4760e572072308a506e4e271ab1_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:ce5fc5a37453626de4bcb9a05d3849ef7da0722bfc8f0fecfc1f693cf6b5deff_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:2a87c3b6888c57d813169da3ae06aa5bcac1ac916cdc62da3c492928d8eab187_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:34a393916466f1d4544cbe4d75936147c4bfc4e0246bee0faebc5c285f26d30d_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:358c663dbc3c6b0ee31a4b2665c79ff7b826ba6b72c21db62d186a6da09b04c4_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:7a9678d49d25ec0afbcab3c98a3d26d2eeda04a0ece3a833d91dde818f0dde22_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:8e62859531fcb8dd6b054a76c4bc95b62ff62bcbe69fe18f132689a203168bc8_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:92ab2dde35f2f59c3a8ce7b8b12f5703a7a214e83ca5cc13673d0c8ad373f02e_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:caeeb679701abcbb9612b77ef0975575cf31c96b74bfc06553d61140a3f52bb7_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:cd9a57aad90fdec4fef3b0f9b31df96c12bd7fe97cad90f9a1de79e6b0af4bbb_arm64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:b822207e2e70c989cf98d9e5a810e85034a8a1fd2130451e525ce4a804dd1727_s390x",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:ec56cae824197805c3287f57854343d2d26caa0b192a009c966d28c32f0d0d92_ppc64le",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:fc638d1f8ff0f079ea1f5cfa3a9938dc06374ca4e6cd24f92ba62b7d03fd6963_arm64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:ff509532db6b7e2d3a44fac2cf9b63687aa8bfbaab46d7a5f9d58be192475818_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:149d75b8f4f523c86122176935c63b96305f6eb308e74eea9fa6651c8e75d239_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:3038086e3dbfab1e3070cdeeb7968e863ab4b1012d161ed263e93b153ae2223b_s390x",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:816908f1ac923336e8e3b87129af40271bde545e12b3385186425038f1b14991_arm64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:e489da61d05557fba2718fd3e75b7ba50c51c173f43088334db7f3c993748711_ppc64le",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:0958ffa84bed51e99177837ac672324e5a8c1b20535d8110a3bbabe3f952073e_ppc64le",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:0c4ea44d09b21a915c3ecc17c9a50ba22d71ed06b0cc4ba1d8bfbe1ced426e47_arm64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:20b6b6aef51ef6cabe133e53dcc1d6665ff8fae0fab4d56ecd6998ca88554773_s390x",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:57b608727de6a22f2c39c138d184b4d2e9a1e62b2206fbcab290aeef2802e520_amd64",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:1646d63e4b9fa7d45f8fc9d1e8cec3cccbed9ba850f3ac07dc75b18f416c580f_s390x",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:94471501cf396d9d298e9dfee95ed7496e0ec8767eb80bab0ea809cb4e16b878_amd64",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:a2bd4a83b30b2b9e88e8581784e3e901d564d576ba3a58824cd203779ccc9e80_ppc64le",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:b442de2cb36a3a26b3d8b32d953d83d01c4cd5b659f974e1f781fbb5aaef5977_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:1cac7ceee19cd185658324643c9a81d055d22aa238a28986c76594153c79b422_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:4f8f194cc5827f05a969960937e9993528ad030c32d64c7a8d95bcb8ad1bb27a_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:cb78249fdad4f2cff00011a9863f40f0749c2f3b4093a322f9590008e62c06c6_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:f09e73392f894fd4f9c38595e617dd4eebabb698d8e1ad0f3ac4e080c37b1f12_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:47df30d450dbc2b26cf828f2208832ddcba75719cef9486d047e4b2bfb2c61a8_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:aea6196bddef8110c0d9282d6e84a7e8cdee066fab8ba3607dacb8425b458819_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:af7c029f15eacd2b65a99271538c68d9b2dcd5c25dbfabadd0e9f8bb2911d827_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:f4558c73e630c043e8ffebd92bfbc805d13a644b19e5e43d35979b7942225b98_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:42223f3fb6d55d6d9155f110b90323965eaf68263d51c485114784a651be8e5e_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:50230e9829718254fc51d844e0305978b694354bda4b798fb5066ca3c182d323_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:79590fd5063ffa0245d96cec02dc4ce257244a431e213ecbe38462e86536b859_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:fd9b30d940cdc8b281fa4a46e8a22f946571e7e72695fef9cfa02c4337e74dc0_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:62f04228cf7e9abc40efbd69b6dcd0b6d421834b520753194105010cc35e810c_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:260731d610f37fa0072760f09d460d04fd3a1359d24a2218918412bc1a93947b_arm64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:347cb504d7b382c241a238d1fffc91b5905121c4fe6c976356c46909161b9ced_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:c5c0c41173e8c288341859dda8e9c982fba297e2e6c616b953a04ea4280f8caa_ppc64le",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:c5e123a5c5d637ff9fb0327c03351e46f14b0d774b484fd045d51df058550d3d_s390x",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:1da817a84816082f56d2f3bea2f4a680b8e8cc4fe7ff95e311b44e1b5f1f5f0a_s390x",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:a40f0f1402d912aa12329e0ee3f4d8084337a376f72f1e0b5e45a4dac44ac848_arm64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:ea81838d5b7a63e28ad7e20113253a701063d8d723137681bf11afd801c69f6f_amd64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:f7c8b8251566fadb3396dfee110b6995e9d2ca27614a3b51f148f78fe5b51b50_ppc64le",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:01d2e3c8016742d49a9fe1cf7d62c6826dfc8f805babdc4c32e1407c3c8ae6c2_amd64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:5b8bc65ad9760c2bcabac5ebf72f2a256271a4c1173871742bf8f817c6ce0478_ppc64le",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:b76cb34507d54f963da41744b614b83bb7cc031942e7252452c3b299dcc0f530_s390x",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:e9fc83b6a9a40c2af4dd8a8454d8ca9e3a3bb96fdb290427d3a0c9cb753e91f4_arm64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:10f88bb7c978c24555def7bf4d7fd35dba3d1b5ffdc32fde359b175fc8d8b34e_ppc64le",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:7e46ef2e749e3896a86af16744c1c3542ff8a6d0467793af27aedb0fdbc9ee4a_s390x",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:a9f8b40acd19609ee9c9bc85a4f2cdec9aa4c8c786b62ad94e33c8ea451de961_amd64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:ebff04a36feae157572fdd32ce2cc045c504b850c0b9f471d381676da314dd97_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: crypto/tls: slow verification of certificate chains containing large RSA keys"
},
{
"cve": "CVE-2023-39325",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-10T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:02c4a20e1f2b0678afe4ea0757933ce581ef66e6b189622aea7dc0fa91e6c18c_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:369d45c783651c6e07dfd721fa43025800b263da8e1fdbbc75b296686426e840_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:8e62859531fcb8dd6b054a76c4bc95b62ff62bcbe69fe18f132689a203168bc8_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:92ab2dde35f2f59c3a8ce7b8b12f5703a7a214e83ca5cc13673d0c8ad373f02e_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:caeeb679701abcbb9612b77ef0975575cf31c96b74bfc06553d61140a3f52bb7_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:cd9a57aad90fdec4fef3b0f9b31df96c12bd7fe97cad90f9a1de79e6b0af4bbb_arm64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:149d75b8f4f523c86122176935c63b96305f6eb308e74eea9fa6651c8e75d239_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:3038086e3dbfab1e3070cdeeb7968e863ab4b1012d161ed263e93b153ae2223b_s390x",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:816908f1ac923336e8e3b87129af40271bde545e12b3385186425038f1b14991_arm64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:e489da61d05557fba2718fd3e75b7ba50c51c173f43088334db7f3c993748711_ppc64le",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:0958ffa84bed51e99177837ac672324e5a8c1b20535d8110a3bbabe3f952073e_ppc64le",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:0c4ea44d09b21a915c3ecc17c9a50ba22d71ed06b0cc4ba1d8bfbe1ced426e47_arm64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:20b6b6aef51ef6cabe133e53dcc1d6665ff8fae0fab4d56ecd6998ca88554773_s390x",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:57b608727de6a22f2c39c138d184b4d2e9a1e62b2206fbcab290aeef2802e520_amd64",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:1646d63e4b9fa7d45f8fc9d1e8cec3cccbed9ba850f3ac07dc75b18f416c580f_s390x",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:94471501cf396d9d298e9dfee95ed7496e0ec8767eb80bab0ea809cb4e16b878_amd64",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:a2bd4a83b30b2b9e88e8581784e3e901d564d576ba3a58824cd203779ccc9e80_ppc64le",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:b442de2cb36a3a26b3d8b32d953d83d01c4cd5b659f974e1f781fbb5aaef5977_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:1cac7ceee19cd185658324643c9a81d055d22aa238a28986c76594153c79b422_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:4f8f194cc5827f05a969960937e9993528ad030c32d64c7a8d95bcb8ad1bb27a_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:cb78249fdad4f2cff00011a9863f40f0749c2f3b4093a322f9590008e62c06c6_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:f09e73392f894fd4f9c38595e617dd4eebabb698d8e1ad0f3ac4e080c37b1f12_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:42223f3fb6d55d6d9155f110b90323965eaf68263d51c485114784a651be8e5e_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:50230e9829718254fc51d844e0305978b694354bda4b798fb5066ca3c182d323_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:79590fd5063ffa0245d96cec02dc4ce257244a431e213ecbe38462e86536b859_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:fd9b30d940cdc8b281fa4a46e8a22f946571e7e72695fef9cfa02c4337e74dc0_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:62f04228cf7e9abc40efbd69b6dcd0b6d421834b520753194105010cc35e810c_amd64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:10f88bb7c978c24555def7bf4d7fd35dba3d1b5ffdc32fde359b175fc8d8b34e_ppc64le",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:7e46ef2e749e3896a86af16744c1c3542ff8a6d0467793af27aedb0fdbc9ee4a_s390x",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:a9f8b40acd19609ee9c9bc85a4f2cdec9aa4c8c786b62ad94e33c8ea451de961_amd64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:ebff04a36feae157572fdd32ce2cc045c504b850c0b9f471d381676da314dd97_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2243296"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE is related to CVE-2023-44487.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nAs go-lang vendors its dependencies, a package may contain a library with a known vulnerability, solely because of lower tier libraries including it as a part of its dependencies, but the vulnerable code is not reachable at runtime. In such cases the issue is not exploitable. We classify these situations as \u201cNot affected\u201d or \u201cWill not fix,\u201d depending on the risk of breaking other unrelated packages.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:556e2c39c0eebd2e8a4d361d40221fa8cf0e9bf7db66dcf2bd2f32576240d94b_amd64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:64d3a93c2adbca869845ea59edfbef2675658bd15fd22dfc1681b57809d3269c_arm64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:a697fe3d581606f0da267205636c94e0dd7076fdf562fe9d4f0332ec0267f880_s390x",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:f8553bf9f5a75c089cdf5a26f8853e6f4488c19ef2a8dc1e0ebc96e4aab0384f_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:26f58db9cb18dfe0eb7a3478a7bb86c87efabe32d98dcf74bc34226a09ea6f0e_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:938ac92e58ab4fd377219899c6f3c25f41a58260f078e44b371d91964083d96a_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:c67b4fadb575fc60d60cc3307da75f2fa3e5c4760e572072308a506e4e271ab1_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:ce5fc5a37453626de4bcb9a05d3849ef7da0722bfc8f0fecfc1f693cf6b5deff_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:2a87c3b6888c57d813169da3ae06aa5bcac1ac916cdc62da3c492928d8eab187_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:34a393916466f1d4544cbe4d75936147c4bfc4e0246bee0faebc5c285f26d30d_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:358c663dbc3c6b0ee31a4b2665c79ff7b826ba6b72c21db62d186a6da09b04c4_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:7a9678d49d25ec0afbcab3c98a3d26d2eeda04a0ece3a833d91dde818f0dde22_s390x",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:b822207e2e70c989cf98d9e5a810e85034a8a1fd2130451e525ce4a804dd1727_s390x",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:ec56cae824197805c3287f57854343d2d26caa0b192a009c966d28c32f0d0d92_ppc64le",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:fc638d1f8ff0f079ea1f5cfa3a9938dc06374ca4e6cd24f92ba62b7d03fd6963_arm64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:ff509532db6b7e2d3a44fac2cf9b63687aa8bfbaab46d7a5f9d58be192475818_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:47df30d450dbc2b26cf828f2208832ddcba75719cef9486d047e4b2bfb2c61a8_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:aea6196bddef8110c0d9282d6e84a7e8cdee066fab8ba3607dacb8425b458819_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:af7c029f15eacd2b65a99271538c68d9b2dcd5c25dbfabadd0e9f8bb2911d827_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:f4558c73e630c043e8ffebd92bfbc805d13a644b19e5e43d35979b7942225b98_arm64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:260731d610f37fa0072760f09d460d04fd3a1359d24a2218918412bc1a93947b_arm64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:347cb504d7b382c241a238d1fffc91b5905121c4fe6c976356c46909161b9ced_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:c5c0c41173e8c288341859dda8e9c982fba297e2e6c616b953a04ea4280f8caa_ppc64le",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:c5e123a5c5d637ff9fb0327c03351e46f14b0d774b484fd045d51df058550d3d_s390x",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:1da817a84816082f56d2f3bea2f4a680b8e8cc4fe7ff95e311b44e1b5f1f5f0a_s390x",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:a40f0f1402d912aa12329e0ee3f4d8084337a376f72f1e0b5e45a4dac44ac848_arm64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:ea81838d5b7a63e28ad7e20113253a701063d8d723137681bf11afd801c69f6f_amd64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:f7c8b8251566fadb3396dfee110b6995e9d2ca27614a3b51f148f78fe5b51b50_ppc64le",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:01d2e3c8016742d49a9fe1cf7d62c6826dfc8f805babdc4c32e1407c3c8ae6c2_amd64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:5b8bc65ad9760c2bcabac5ebf72f2a256271a4c1173871742bf8f817c6ce0478_ppc64le",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:b76cb34507d54f963da41744b614b83bb7cc031942e7252452c3b299dcc0f530_s390x",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:e9fc83b6a9a40c2af4dd8a8454d8ca9e3a3bb96fdb290427d3a0c9cb753e91f4_arm64"
],
"known_not_affected": [
"8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:02c4a20e1f2b0678afe4ea0757933ce581ef66e6b189622aea7dc0fa91e6c18c_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:369d45c783651c6e07dfd721fa43025800b263da8e1fdbbc75b296686426e840_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:8e62859531fcb8dd6b054a76c4bc95b62ff62bcbe69fe18f132689a203168bc8_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:92ab2dde35f2f59c3a8ce7b8b12f5703a7a214e83ca5cc13673d0c8ad373f02e_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:caeeb679701abcbb9612b77ef0975575cf31c96b74bfc06553d61140a3f52bb7_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:cd9a57aad90fdec4fef3b0f9b31df96c12bd7fe97cad90f9a1de79e6b0af4bbb_arm64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:149d75b8f4f523c86122176935c63b96305f6eb308e74eea9fa6651c8e75d239_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:3038086e3dbfab1e3070cdeeb7968e863ab4b1012d161ed263e93b153ae2223b_s390x",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:816908f1ac923336e8e3b87129af40271bde545e12b3385186425038f1b14991_arm64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:e489da61d05557fba2718fd3e75b7ba50c51c173f43088334db7f3c993748711_ppc64le",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:0958ffa84bed51e99177837ac672324e5a8c1b20535d8110a3bbabe3f952073e_ppc64le",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:0c4ea44d09b21a915c3ecc17c9a50ba22d71ed06b0cc4ba1d8bfbe1ced426e47_arm64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:20b6b6aef51ef6cabe133e53dcc1d6665ff8fae0fab4d56ecd6998ca88554773_s390x",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:57b608727de6a22f2c39c138d184b4d2e9a1e62b2206fbcab290aeef2802e520_amd64",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:1646d63e4b9fa7d45f8fc9d1e8cec3cccbed9ba850f3ac07dc75b18f416c580f_s390x",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:94471501cf396d9d298e9dfee95ed7496e0ec8767eb80bab0ea809cb4e16b878_amd64",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:a2bd4a83b30b2b9e88e8581784e3e901d564d576ba3a58824cd203779ccc9e80_ppc64le",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:b442de2cb36a3a26b3d8b32d953d83d01c4cd5b659f974e1f781fbb5aaef5977_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:1cac7ceee19cd185658324643c9a81d055d22aa238a28986c76594153c79b422_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:4f8f194cc5827f05a969960937e9993528ad030c32d64c7a8d95bcb8ad1bb27a_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:cb78249fdad4f2cff00011a9863f40f0749c2f3b4093a322f9590008e62c06c6_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:f09e73392f894fd4f9c38595e617dd4eebabb698d8e1ad0f3ac4e080c37b1f12_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:42223f3fb6d55d6d9155f110b90323965eaf68263d51c485114784a651be8e5e_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:50230e9829718254fc51d844e0305978b694354bda4b798fb5066ca3c182d323_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:79590fd5063ffa0245d96cec02dc4ce257244a431e213ecbe38462e86536b859_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:fd9b30d940cdc8b281fa4a46e8a22f946571e7e72695fef9cfa02c4337e74dc0_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:62f04228cf7e9abc40efbd69b6dcd0b6d421834b520753194105010cc35e810c_amd64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:10f88bb7c978c24555def7bf4d7fd35dba3d1b5ffdc32fde359b175fc8d8b34e_ppc64le",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:7e46ef2e749e3896a86af16744c1c3542ff8a6d0467793af27aedb0fdbc9ee4a_s390x",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:a9f8b40acd19609ee9c9bc85a4f2cdec9aa4c8c786b62ad94e33c8ea451de961_amd64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:ebff04a36feae157572fdd32ce2cc045c504b850c0b9f471d381676da314dd97_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39325"
},
{
"category": "external",
"summary": "RHBZ#2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2023-44487",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://go.dev/issue/63417",
"url": "https://go.dev/issue/63417"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-20T04:11:50+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:556e2c39c0eebd2e8a4d361d40221fa8cf0e9bf7db66dcf2bd2f32576240d94b_amd64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:64d3a93c2adbca869845ea59edfbef2675658bd15fd22dfc1681b57809d3269c_arm64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:a697fe3d581606f0da267205636c94e0dd7076fdf562fe9d4f0332ec0267f880_s390x",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:f8553bf9f5a75c089cdf5a26f8853e6f4488c19ef2a8dc1e0ebc96e4aab0384f_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:26f58db9cb18dfe0eb7a3478a7bb86c87efabe32d98dcf74bc34226a09ea6f0e_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:938ac92e58ab4fd377219899c6f3c25f41a58260f078e44b371d91964083d96a_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:c67b4fadb575fc60d60cc3307da75f2fa3e5c4760e572072308a506e4e271ab1_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:ce5fc5a37453626de4bcb9a05d3849ef7da0722bfc8f0fecfc1f693cf6b5deff_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:2a87c3b6888c57d813169da3ae06aa5bcac1ac916cdc62da3c492928d8eab187_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:34a393916466f1d4544cbe4d75936147c4bfc4e0246bee0faebc5c285f26d30d_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:358c663dbc3c6b0ee31a4b2665c79ff7b826ba6b72c21db62d186a6da09b04c4_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:7a9678d49d25ec0afbcab3c98a3d26d2eeda04a0ece3a833d91dde818f0dde22_s390x",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:b822207e2e70c989cf98d9e5a810e85034a8a1fd2130451e525ce4a804dd1727_s390x",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:ec56cae824197805c3287f57854343d2d26caa0b192a009c966d28c32f0d0d92_ppc64le",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:fc638d1f8ff0f079ea1f5cfa3a9938dc06374ca4e6cd24f92ba62b7d03fd6963_arm64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:ff509532db6b7e2d3a44fac2cf9b63687aa8bfbaab46d7a5f9d58be192475818_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:47df30d450dbc2b26cf828f2208832ddcba75719cef9486d047e4b2bfb2c61a8_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:aea6196bddef8110c0d9282d6e84a7e8cdee066fab8ba3607dacb8425b458819_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:af7c029f15eacd2b65a99271538c68d9b2dcd5c25dbfabadd0e9f8bb2911d827_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:f4558c73e630c043e8ffebd92bfbc805d13a644b19e5e43d35979b7942225b98_arm64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:260731d610f37fa0072760f09d460d04fd3a1359d24a2218918412bc1a93947b_arm64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:347cb504d7b382c241a238d1fffc91b5905121c4fe6c976356c46909161b9ced_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:c5c0c41173e8c288341859dda8e9c982fba297e2e6c616b953a04ea4280f8caa_ppc64le",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:c5e123a5c5d637ff9fb0327c03351e46f14b0d774b484fd045d51df058550d3d_s390x",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:1da817a84816082f56d2f3bea2f4a680b8e8cc4fe7ff95e311b44e1b5f1f5f0a_s390x",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:a40f0f1402d912aa12329e0ee3f4d8084337a376f72f1e0b5e45a4dac44ac848_arm64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:ea81838d5b7a63e28ad7e20113253a701063d8d723137681bf11afd801c69f6f_amd64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:f7c8b8251566fadb3396dfee110b6995e9d2ca27614a3b51f148f78fe5b51b50_ppc64le",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:01d2e3c8016742d49a9fe1cf7d62c6826dfc8f805babdc4c32e1407c3c8ae6c2_amd64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:5b8bc65ad9760c2bcabac5ebf72f2a256271a4c1173871742bf8f817c6ce0478_ppc64le",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:b76cb34507d54f963da41744b614b83bb7cc031942e7252452c3b299dcc0f530_s390x",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:e9fc83b6a9a40c2af4dd8a8454d8ca9e3a3bb96fdb290427d3a0c9cb753e91f4_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:5541"
},
{
"category": "workaround",
"details": "The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:02c4a20e1f2b0678afe4ea0757933ce581ef66e6b189622aea7dc0fa91e6c18c_amd64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:556e2c39c0eebd2e8a4d361d40221fa8cf0e9bf7db66dcf2bd2f32576240d94b_amd64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:64d3a93c2adbca869845ea59edfbef2675658bd15fd22dfc1681b57809d3269c_arm64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:a697fe3d581606f0da267205636c94e0dd7076fdf562fe9d4f0332ec0267f880_s390x",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:f8553bf9f5a75c089cdf5a26f8853e6f4488c19ef2a8dc1e0ebc96e4aab0384f_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:369d45c783651c6e07dfd721fa43025800b263da8e1fdbbc75b296686426e840_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:26f58db9cb18dfe0eb7a3478a7bb86c87efabe32d98dcf74bc34226a09ea6f0e_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:938ac92e58ab4fd377219899c6f3c25f41a58260f078e44b371d91964083d96a_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:c67b4fadb575fc60d60cc3307da75f2fa3e5c4760e572072308a506e4e271ab1_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:ce5fc5a37453626de4bcb9a05d3849ef7da0722bfc8f0fecfc1f693cf6b5deff_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:2a87c3b6888c57d813169da3ae06aa5bcac1ac916cdc62da3c492928d8eab187_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:34a393916466f1d4544cbe4d75936147c4bfc4e0246bee0faebc5c285f26d30d_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:358c663dbc3c6b0ee31a4b2665c79ff7b826ba6b72c21db62d186a6da09b04c4_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:7a9678d49d25ec0afbcab3c98a3d26d2eeda04a0ece3a833d91dde818f0dde22_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:8e62859531fcb8dd6b054a76c4bc95b62ff62bcbe69fe18f132689a203168bc8_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:92ab2dde35f2f59c3a8ce7b8b12f5703a7a214e83ca5cc13673d0c8ad373f02e_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:caeeb679701abcbb9612b77ef0975575cf31c96b74bfc06553d61140a3f52bb7_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:cd9a57aad90fdec4fef3b0f9b31df96c12bd7fe97cad90f9a1de79e6b0af4bbb_arm64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:b822207e2e70c989cf98d9e5a810e85034a8a1fd2130451e525ce4a804dd1727_s390x",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:ec56cae824197805c3287f57854343d2d26caa0b192a009c966d28c32f0d0d92_ppc64le",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:fc638d1f8ff0f079ea1f5cfa3a9938dc06374ca4e6cd24f92ba62b7d03fd6963_arm64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:ff509532db6b7e2d3a44fac2cf9b63687aa8bfbaab46d7a5f9d58be192475818_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:149d75b8f4f523c86122176935c63b96305f6eb308e74eea9fa6651c8e75d239_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:3038086e3dbfab1e3070cdeeb7968e863ab4b1012d161ed263e93b153ae2223b_s390x",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:816908f1ac923336e8e3b87129af40271bde545e12b3385186425038f1b14991_arm64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:e489da61d05557fba2718fd3e75b7ba50c51c173f43088334db7f3c993748711_ppc64le",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:0958ffa84bed51e99177837ac672324e5a8c1b20535d8110a3bbabe3f952073e_ppc64le",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:0c4ea44d09b21a915c3ecc17c9a50ba22d71ed06b0cc4ba1d8bfbe1ced426e47_arm64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:20b6b6aef51ef6cabe133e53dcc1d6665ff8fae0fab4d56ecd6998ca88554773_s390x",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:57b608727de6a22f2c39c138d184b4d2e9a1e62b2206fbcab290aeef2802e520_amd64",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:1646d63e4b9fa7d45f8fc9d1e8cec3cccbed9ba850f3ac07dc75b18f416c580f_s390x",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:94471501cf396d9d298e9dfee95ed7496e0ec8767eb80bab0ea809cb4e16b878_amd64",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:a2bd4a83b30b2b9e88e8581784e3e901d564d576ba3a58824cd203779ccc9e80_ppc64le",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:b442de2cb36a3a26b3d8b32d953d83d01c4cd5b659f974e1f781fbb5aaef5977_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:1cac7ceee19cd185658324643c9a81d055d22aa238a28986c76594153c79b422_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:4f8f194cc5827f05a969960937e9993528ad030c32d64c7a8d95bcb8ad1bb27a_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:cb78249fdad4f2cff00011a9863f40f0749c2f3b4093a322f9590008e62c06c6_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:f09e73392f894fd4f9c38595e617dd4eebabb698d8e1ad0f3ac4e080c37b1f12_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:47df30d450dbc2b26cf828f2208832ddcba75719cef9486d047e4b2bfb2c61a8_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:aea6196bddef8110c0d9282d6e84a7e8cdee066fab8ba3607dacb8425b458819_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:af7c029f15eacd2b65a99271538c68d9b2dcd5c25dbfabadd0e9f8bb2911d827_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:f4558c73e630c043e8ffebd92bfbc805d13a644b19e5e43d35979b7942225b98_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:42223f3fb6d55d6d9155f110b90323965eaf68263d51c485114784a651be8e5e_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:50230e9829718254fc51d844e0305978b694354bda4b798fb5066ca3c182d323_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:79590fd5063ffa0245d96cec02dc4ce257244a431e213ecbe38462e86536b859_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:fd9b30d940cdc8b281fa4a46e8a22f946571e7e72695fef9cfa02c4337e74dc0_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:62f04228cf7e9abc40efbd69b6dcd0b6d421834b520753194105010cc35e810c_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:260731d610f37fa0072760f09d460d04fd3a1359d24a2218918412bc1a93947b_arm64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:347cb504d7b382c241a238d1fffc91b5905121c4fe6c976356c46909161b9ced_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:c5c0c41173e8c288341859dda8e9c982fba297e2e6c616b953a04ea4280f8caa_ppc64le",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:c5e123a5c5d637ff9fb0327c03351e46f14b0d774b484fd045d51df058550d3d_s390x",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:1da817a84816082f56d2f3bea2f4a680b8e8cc4fe7ff95e311b44e1b5f1f5f0a_s390x",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:a40f0f1402d912aa12329e0ee3f4d8084337a376f72f1e0b5e45a4dac44ac848_arm64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:ea81838d5b7a63e28ad7e20113253a701063d8d723137681bf11afd801c69f6f_amd64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:f7c8b8251566fadb3396dfee110b6995e9d2ca27614a3b51f148f78fe5b51b50_ppc64le",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:01d2e3c8016742d49a9fe1cf7d62c6826dfc8f805babdc4c32e1407c3c8ae6c2_amd64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:5b8bc65ad9760c2bcabac5ebf72f2a256271a4c1173871742bf8f817c6ce0478_ppc64le",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:b76cb34507d54f963da41744b614b83bb7cc031942e7252452c3b299dcc0f530_s390x",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:e9fc83b6a9a40c2af4dd8a8454d8ca9e3a3bb96fdb290427d3a0c9cb753e91f4_arm64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:10f88bb7c978c24555def7bf4d7fd35dba3d1b5ffdc32fde359b175fc8d8b34e_ppc64le",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:7e46ef2e749e3896a86af16744c1c3542ff8a6d0467793af27aedb0fdbc9ee4a_s390x",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:a9f8b40acd19609ee9c9bc85a4f2cdec9aa4c8c786b62ad94e33c8ea451de961_amd64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:ebff04a36feae157572fdd32ce2cc045c504b850c0b9f471d381676da314dd97_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:02c4a20e1f2b0678afe4ea0757933ce581ef66e6b189622aea7dc0fa91e6c18c_amd64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:556e2c39c0eebd2e8a4d361d40221fa8cf0e9bf7db66dcf2bd2f32576240d94b_amd64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:64d3a93c2adbca869845ea59edfbef2675658bd15fd22dfc1681b57809d3269c_arm64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:a697fe3d581606f0da267205636c94e0dd7076fdf562fe9d4f0332ec0267f880_s390x",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:f8553bf9f5a75c089cdf5a26f8853e6f4488c19ef2a8dc1e0ebc96e4aab0384f_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:369d45c783651c6e07dfd721fa43025800b263da8e1fdbbc75b296686426e840_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:26f58db9cb18dfe0eb7a3478a7bb86c87efabe32d98dcf74bc34226a09ea6f0e_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:938ac92e58ab4fd377219899c6f3c25f41a58260f078e44b371d91964083d96a_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:c67b4fadb575fc60d60cc3307da75f2fa3e5c4760e572072308a506e4e271ab1_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:ce5fc5a37453626de4bcb9a05d3849ef7da0722bfc8f0fecfc1f693cf6b5deff_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:2a87c3b6888c57d813169da3ae06aa5bcac1ac916cdc62da3c492928d8eab187_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:34a393916466f1d4544cbe4d75936147c4bfc4e0246bee0faebc5c285f26d30d_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:358c663dbc3c6b0ee31a4b2665c79ff7b826ba6b72c21db62d186a6da09b04c4_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:7a9678d49d25ec0afbcab3c98a3d26d2eeda04a0ece3a833d91dde818f0dde22_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:8e62859531fcb8dd6b054a76c4bc95b62ff62bcbe69fe18f132689a203168bc8_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:92ab2dde35f2f59c3a8ce7b8b12f5703a7a214e83ca5cc13673d0c8ad373f02e_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:caeeb679701abcbb9612b77ef0975575cf31c96b74bfc06553d61140a3f52bb7_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:cd9a57aad90fdec4fef3b0f9b31df96c12bd7fe97cad90f9a1de79e6b0af4bbb_arm64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:b822207e2e70c989cf98d9e5a810e85034a8a1fd2130451e525ce4a804dd1727_s390x",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:ec56cae824197805c3287f57854343d2d26caa0b192a009c966d28c32f0d0d92_ppc64le",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:fc638d1f8ff0f079ea1f5cfa3a9938dc06374ca4e6cd24f92ba62b7d03fd6963_arm64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:ff509532db6b7e2d3a44fac2cf9b63687aa8bfbaab46d7a5f9d58be192475818_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:149d75b8f4f523c86122176935c63b96305f6eb308e74eea9fa6651c8e75d239_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:3038086e3dbfab1e3070cdeeb7968e863ab4b1012d161ed263e93b153ae2223b_s390x",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:816908f1ac923336e8e3b87129af40271bde545e12b3385186425038f1b14991_arm64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:e489da61d05557fba2718fd3e75b7ba50c51c173f43088334db7f3c993748711_ppc64le",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:0958ffa84bed51e99177837ac672324e5a8c1b20535d8110a3bbabe3f952073e_ppc64le",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:0c4ea44d09b21a915c3ecc17c9a50ba22d71ed06b0cc4ba1d8bfbe1ced426e47_arm64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:20b6b6aef51ef6cabe133e53dcc1d6665ff8fae0fab4d56ecd6998ca88554773_s390x",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:57b608727de6a22f2c39c138d184b4d2e9a1e62b2206fbcab290aeef2802e520_amd64",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:1646d63e4b9fa7d45f8fc9d1e8cec3cccbed9ba850f3ac07dc75b18f416c580f_s390x",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:94471501cf396d9d298e9dfee95ed7496e0ec8767eb80bab0ea809cb4e16b878_amd64",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:a2bd4a83b30b2b9e88e8581784e3e901d564d576ba3a58824cd203779ccc9e80_ppc64le",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:b442de2cb36a3a26b3d8b32d953d83d01c4cd5b659f974e1f781fbb5aaef5977_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:1cac7ceee19cd185658324643c9a81d055d22aa238a28986c76594153c79b422_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:4f8f194cc5827f05a969960937e9993528ad030c32d64c7a8d95bcb8ad1bb27a_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:cb78249fdad4f2cff00011a9863f40f0749c2f3b4093a322f9590008e62c06c6_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:f09e73392f894fd4f9c38595e617dd4eebabb698d8e1ad0f3ac4e080c37b1f12_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:47df30d450dbc2b26cf828f2208832ddcba75719cef9486d047e4b2bfb2c61a8_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:aea6196bddef8110c0d9282d6e84a7e8cdee066fab8ba3607dacb8425b458819_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:af7c029f15eacd2b65a99271538c68d9b2dcd5c25dbfabadd0e9f8bb2911d827_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:f4558c73e630c043e8ffebd92bfbc805d13a644b19e5e43d35979b7942225b98_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:42223f3fb6d55d6d9155f110b90323965eaf68263d51c485114784a651be8e5e_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:50230e9829718254fc51d844e0305978b694354bda4b798fb5066ca3c182d323_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:79590fd5063ffa0245d96cec02dc4ce257244a431e213ecbe38462e86536b859_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:fd9b30d940cdc8b281fa4a46e8a22f946571e7e72695fef9cfa02c4337e74dc0_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:62f04228cf7e9abc40efbd69b6dcd0b6d421834b520753194105010cc35e810c_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:260731d610f37fa0072760f09d460d04fd3a1359d24a2218918412bc1a93947b_arm64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:347cb504d7b382c241a238d1fffc91b5905121c4fe6c976356c46909161b9ced_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:c5c0c41173e8c288341859dda8e9c982fba297e2e6c616b953a04ea4280f8caa_ppc64le",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:c5e123a5c5d637ff9fb0327c03351e46f14b0d774b484fd045d51df058550d3d_s390x",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:1da817a84816082f56d2f3bea2f4a680b8e8cc4fe7ff95e311b44e1b5f1f5f0a_s390x",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:a40f0f1402d912aa12329e0ee3f4d8084337a376f72f1e0b5e45a4dac44ac848_arm64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:ea81838d5b7a63e28ad7e20113253a701063d8d723137681bf11afd801c69f6f_amd64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:f7c8b8251566fadb3396dfee110b6995e9d2ca27614a3b51f148f78fe5b51b50_ppc64le",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:01d2e3c8016742d49a9fe1cf7d62c6826dfc8f805babdc4c32e1407c3c8ae6c2_amd64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:5b8bc65ad9760c2bcabac5ebf72f2a256271a4c1173871742bf8f817c6ce0478_ppc64le",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:b76cb34507d54f963da41744b614b83bb7cc031942e7252452c3b299dcc0f530_s390x",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:e9fc83b6a9a40c2af4dd8a8454d8ca9e3a3bb96fdb290427d3a0c9cb753e91f4_arm64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:10f88bb7c978c24555def7bf4d7fd35dba3d1b5ffdc32fde359b175fc8d8b34e_ppc64le",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:7e46ef2e749e3896a86af16744c1c3542ff8a6d0467793af27aedb0fdbc9ee4a_s390x",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:a9f8b40acd19609ee9c9bc85a4f2cdec9aa4c8c786b62ad94e33c8ea451de961_amd64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:ebff04a36feae157572fdd32ce2cc045c504b850c0b9f471d381676da314dd97_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)"
},
{
"cve": "CVE-2023-44487",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:02c4a20e1f2b0678afe4ea0757933ce581ef66e6b189622aea7dc0fa91e6c18c_amd64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:556e2c39c0eebd2e8a4d361d40221fa8cf0e9bf7db66dcf2bd2f32576240d94b_amd64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:64d3a93c2adbca869845ea59edfbef2675658bd15fd22dfc1681b57809d3269c_arm64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:a697fe3d581606f0da267205636c94e0dd7076fdf562fe9d4f0332ec0267f880_s390x",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:f8553bf9f5a75c089cdf5a26f8853e6f4488c19ef2a8dc1e0ebc96e4aab0384f_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:369d45c783651c6e07dfd721fa43025800b263da8e1fdbbc75b296686426e840_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:26f58db9cb18dfe0eb7a3478a7bb86c87efabe32d98dcf74bc34226a09ea6f0e_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:938ac92e58ab4fd377219899c6f3c25f41a58260f078e44b371d91964083d96a_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:c67b4fadb575fc60d60cc3307da75f2fa3e5c4760e572072308a506e4e271ab1_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:ce5fc5a37453626de4bcb9a05d3849ef7da0722bfc8f0fecfc1f693cf6b5deff_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:2a87c3b6888c57d813169da3ae06aa5bcac1ac916cdc62da3c492928d8eab187_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:34a393916466f1d4544cbe4d75936147c4bfc4e0246bee0faebc5c285f26d30d_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:358c663dbc3c6b0ee31a4b2665c79ff7b826ba6b72c21db62d186a6da09b04c4_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:7a9678d49d25ec0afbcab3c98a3d26d2eeda04a0ece3a833d91dde818f0dde22_s390x",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:b822207e2e70c989cf98d9e5a810e85034a8a1fd2130451e525ce4a804dd1727_s390x",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:ec56cae824197805c3287f57854343d2d26caa0b192a009c966d28c32f0d0d92_ppc64le",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:fc638d1f8ff0f079ea1f5cfa3a9938dc06374ca4e6cd24f92ba62b7d03fd6963_arm64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:ff509532db6b7e2d3a44fac2cf9b63687aa8bfbaab46d7a5f9d58be192475818_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:149d75b8f4f523c86122176935c63b96305f6eb308e74eea9fa6651c8e75d239_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:3038086e3dbfab1e3070cdeeb7968e863ab4b1012d161ed263e93b153ae2223b_s390x",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:816908f1ac923336e8e3b87129af40271bde545e12b3385186425038f1b14991_arm64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:e489da61d05557fba2718fd3e75b7ba50c51c173f43088334db7f3c993748711_ppc64le",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:0958ffa84bed51e99177837ac672324e5a8c1b20535d8110a3bbabe3f952073e_ppc64le",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:0c4ea44d09b21a915c3ecc17c9a50ba22d71ed06b0cc4ba1d8bfbe1ced426e47_arm64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:20b6b6aef51ef6cabe133e53dcc1d6665ff8fae0fab4d56ecd6998ca88554773_s390x",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:57b608727de6a22f2c39c138d184b4d2e9a1e62b2206fbcab290aeef2802e520_amd64",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:1646d63e4b9fa7d45f8fc9d1e8cec3cccbed9ba850f3ac07dc75b18f416c580f_s390x",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:94471501cf396d9d298e9dfee95ed7496e0ec8767eb80bab0ea809cb4e16b878_amd64",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:a2bd4a83b30b2b9e88e8581784e3e901d564d576ba3a58824cd203779ccc9e80_ppc64le",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:b442de2cb36a3a26b3d8b32d953d83d01c4cd5b659f974e1f781fbb5aaef5977_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:1cac7ceee19cd185658324643c9a81d055d22aa238a28986c76594153c79b422_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:4f8f194cc5827f05a969960937e9993528ad030c32d64c7a8d95bcb8ad1bb27a_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:cb78249fdad4f2cff00011a9863f40f0749c2f3b4093a322f9590008e62c06c6_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:f09e73392f894fd4f9c38595e617dd4eebabb698d8e1ad0f3ac4e080c37b1f12_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:47df30d450dbc2b26cf828f2208832ddcba75719cef9486d047e4b2bfb2c61a8_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:aea6196bddef8110c0d9282d6e84a7e8cdee066fab8ba3607dacb8425b458819_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:af7c029f15eacd2b65a99271538c68d9b2dcd5c25dbfabadd0e9f8bb2911d827_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:f4558c73e630c043e8ffebd92bfbc805d13a644b19e5e43d35979b7942225b98_arm64",
"8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:62f04228cf7e9abc40efbd69b6dcd0b6d421834b520753194105010cc35e810c_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:260731d610f37fa0072760f09d460d04fd3a1359d24a2218918412bc1a93947b_arm64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:347cb504d7b382c241a238d1fffc91b5905121c4fe6c976356c46909161b9ced_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:c5c0c41173e8c288341859dda8e9c982fba297e2e6c616b953a04ea4280f8caa_ppc64le",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:c5e123a5c5d637ff9fb0327c03351e46f14b0d774b484fd045d51df058550d3d_s390x",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:1da817a84816082f56d2f3bea2f4a680b8e8cc4fe7ff95e311b44e1b5f1f5f0a_s390x",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:a40f0f1402d912aa12329e0ee3f4d8084337a376f72f1e0b5e45a4dac44ac848_arm64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:ea81838d5b7a63e28ad7e20113253a701063d8d723137681bf11afd801c69f6f_amd64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:f7c8b8251566fadb3396dfee110b6995e9d2ca27614a3b51f148f78fe5b51b50_ppc64le",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:01d2e3c8016742d49a9fe1cf7d62c6826dfc8f805babdc4c32e1407c3c8ae6c2_amd64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:5b8bc65ad9760c2bcabac5ebf72f2a256271a4c1173871742bf8f817c6ce0478_ppc64le",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:b76cb34507d54f963da41744b614b83bb7cc031942e7252452c3b299dcc0f530_s390x",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:e9fc83b6a9a40c2af4dd8a8454d8ca9e3a3bb96fdb290427d3a0c9cb753e91f4_arm64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:10f88bb7c978c24555def7bf4d7fd35dba3d1b5ffdc32fde359b175fc8d8b34e_ppc64le",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:7e46ef2e749e3896a86af16744c1c3542ff8a6d0467793af27aedb0fdbc9ee4a_s390x",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:a9f8b40acd19609ee9c9bc85a4f2cdec9aa4c8c786b62ad94e33c8ea451de961_amd64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:ebff04a36feae157572fdd32ce2cc045c504b850c0b9f471d381676da314dd97_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2242803"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages.\r\n\r\nSecurity Bulletin\r\nhttps://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "NGINX has been marked as Moderate Impact because, for performance and resource consumption reasons, NGINX limits the number of concurrent streams to a default of 128. In addition, to optimally balance network and server performance, NGINX allows the client to persist HTTP connections for up to 1000 requests by default using an HTTP keepalive.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nrhc component is no longer impacted by CVE-2023-44487 \u0026 CVE-2023-39325.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:8e62859531fcb8dd6b054a76c4bc95b62ff62bcbe69fe18f132689a203168bc8_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:92ab2dde35f2f59c3a8ce7b8b12f5703a7a214e83ca5cc13673d0c8ad373f02e_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:caeeb679701abcbb9612b77ef0975575cf31c96b74bfc06553d61140a3f52bb7_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:cd9a57aad90fdec4fef3b0f9b31df96c12bd7fe97cad90f9a1de79e6b0af4bbb_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:42223f3fb6d55d6d9155f110b90323965eaf68263d51c485114784a651be8e5e_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:50230e9829718254fc51d844e0305978b694354bda4b798fb5066ca3c182d323_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:79590fd5063ffa0245d96cec02dc4ce257244a431e213ecbe38462e86536b859_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:fd9b30d940cdc8b281fa4a46e8a22f946571e7e72695fef9cfa02c4337e74dc0_amd64"
],
"known_not_affected": [
"8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:02c4a20e1f2b0678afe4ea0757933ce581ef66e6b189622aea7dc0fa91e6c18c_amd64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:556e2c39c0eebd2e8a4d361d40221fa8cf0e9bf7db66dcf2bd2f32576240d94b_amd64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:64d3a93c2adbca869845ea59edfbef2675658bd15fd22dfc1681b57809d3269c_arm64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:a697fe3d581606f0da267205636c94e0dd7076fdf562fe9d4f0332ec0267f880_s390x",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:f8553bf9f5a75c089cdf5a26f8853e6f4488c19ef2a8dc1e0ebc96e4aab0384f_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:369d45c783651c6e07dfd721fa43025800b263da8e1fdbbc75b296686426e840_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:26f58db9cb18dfe0eb7a3478a7bb86c87efabe32d98dcf74bc34226a09ea6f0e_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:938ac92e58ab4fd377219899c6f3c25f41a58260f078e44b371d91964083d96a_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:c67b4fadb575fc60d60cc3307da75f2fa3e5c4760e572072308a506e4e271ab1_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:ce5fc5a37453626de4bcb9a05d3849ef7da0722bfc8f0fecfc1f693cf6b5deff_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:2a87c3b6888c57d813169da3ae06aa5bcac1ac916cdc62da3c492928d8eab187_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:34a393916466f1d4544cbe4d75936147c4bfc4e0246bee0faebc5c285f26d30d_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:358c663dbc3c6b0ee31a4b2665c79ff7b826ba6b72c21db62d186a6da09b04c4_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:7a9678d49d25ec0afbcab3c98a3d26d2eeda04a0ece3a833d91dde818f0dde22_s390x",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:b822207e2e70c989cf98d9e5a810e85034a8a1fd2130451e525ce4a804dd1727_s390x",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:ec56cae824197805c3287f57854343d2d26caa0b192a009c966d28c32f0d0d92_ppc64le",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:fc638d1f8ff0f079ea1f5cfa3a9938dc06374ca4e6cd24f92ba62b7d03fd6963_arm64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:ff509532db6b7e2d3a44fac2cf9b63687aa8bfbaab46d7a5f9d58be192475818_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:149d75b8f4f523c86122176935c63b96305f6eb308e74eea9fa6651c8e75d239_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:3038086e3dbfab1e3070cdeeb7968e863ab4b1012d161ed263e93b153ae2223b_s390x",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:816908f1ac923336e8e3b87129af40271bde545e12b3385186425038f1b14991_arm64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:e489da61d05557fba2718fd3e75b7ba50c51c173f43088334db7f3c993748711_ppc64le",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:0958ffa84bed51e99177837ac672324e5a8c1b20535d8110a3bbabe3f952073e_ppc64le",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:0c4ea44d09b21a915c3ecc17c9a50ba22d71ed06b0cc4ba1d8bfbe1ced426e47_arm64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:20b6b6aef51ef6cabe133e53dcc1d6665ff8fae0fab4d56ecd6998ca88554773_s390x",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:57b608727de6a22f2c39c138d184b4d2e9a1e62b2206fbcab290aeef2802e520_amd64",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:1646d63e4b9fa7d45f8fc9d1e8cec3cccbed9ba850f3ac07dc75b18f416c580f_s390x",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:94471501cf396d9d298e9dfee95ed7496e0ec8767eb80bab0ea809cb4e16b878_amd64",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:a2bd4a83b30b2b9e88e8581784e3e901d564d576ba3a58824cd203779ccc9e80_ppc64le",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:b442de2cb36a3a26b3d8b32d953d83d01c4cd5b659f974e1f781fbb5aaef5977_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:1cac7ceee19cd185658324643c9a81d055d22aa238a28986c76594153c79b422_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:4f8f194cc5827f05a969960937e9993528ad030c32d64c7a8d95bcb8ad1bb27a_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:cb78249fdad4f2cff00011a9863f40f0749c2f3b4093a322f9590008e62c06c6_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:f09e73392f894fd4f9c38595e617dd4eebabb698d8e1ad0f3ac4e080c37b1f12_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:47df30d450dbc2b26cf828f2208832ddcba75719cef9486d047e4b2bfb2c61a8_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:aea6196bddef8110c0d9282d6e84a7e8cdee066fab8ba3607dacb8425b458819_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:af7c029f15eacd2b65a99271538c68d9b2dcd5c25dbfabadd0e9f8bb2911d827_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:f4558c73e630c043e8ffebd92bfbc805d13a644b19e5e43d35979b7942225b98_arm64",
"8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:62f04228cf7e9abc40efbd69b6dcd0b6d421834b520753194105010cc35e810c_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:260731d610f37fa0072760f09d460d04fd3a1359d24a2218918412bc1a93947b_arm64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:347cb504d7b382c241a238d1fffc91b5905121c4fe6c976356c46909161b9ced_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:c5c0c41173e8c288341859dda8e9c982fba297e2e6c616b953a04ea4280f8caa_ppc64le",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:c5e123a5c5d637ff9fb0327c03351e46f14b0d774b484fd045d51df058550d3d_s390x",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:1da817a84816082f56d2f3bea2f4a680b8e8cc4fe7ff95e311b44e1b5f1f5f0a_s390x",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:a40f0f1402d912aa12329e0ee3f4d8084337a376f72f1e0b5e45a4dac44ac848_arm64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:ea81838d5b7a63e28ad7e20113253a701063d8d723137681bf11afd801c69f6f_amd64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:f7c8b8251566fadb3396dfee110b6995e9d2ca27614a3b51f148f78fe5b51b50_ppc64le",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:01d2e3c8016742d49a9fe1cf7d62c6826dfc8f805babdc4c32e1407c3c8ae6c2_amd64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:5b8bc65ad9760c2bcabac5ebf72f2a256271a4c1173871742bf8f817c6ce0478_ppc64le",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:b76cb34507d54f963da41744b614b83bb7cc031942e7252452c3b299dcc0f530_s390x",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:e9fc83b6a9a40c2af4dd8a8454d8ca9e3a3bb96fdb290427d3a0c9cb753e91f4_arm64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:10f88bb7c978c24555def7bf4d7fd35dba3d1b5ffdc32fde359b175fc8d8b34e_ppc64le",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:7e46ef2e749e3896a86af16744c1c3542ff8a6d0467793af27aedb0fdbc9ee4a_s390x",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:a9f8b40acd19609ee9c9bc85a4f2cdec9aa4c8c786b62ad94e33c8ea451de961_amd64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:ebff04a36feae157572fdd32ce2cc045c504b850c0b9f471d381676da314dd97_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "RHBZ#2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://github.com/dotnet/announcements/issues/277",
"url": "https://github.com/dotnet/announcements/issues/277"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
},
{
"category": "external",
"summary": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/",
"url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-20T04:11:50+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:8e62859531fcb8dd6b054a76c4bc95b62ff62bcbe69fe18f132689a203168bc8_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:92ab2dde35f2f59c3a8ce7b8b12f5703a7a214e83ca5cc13673d0c8ad373f02e_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:caeeb679701abcbb9612b77ef0975575cf31c96b74bfc06553d61140a3f52bb7_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:cd9a57aad90fdec4fef3b0f9b31df96c12bd7fe97cad90f9a1de79e6b0af4bbb_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:42223f3fb6d55d6d9155f110b90323965eaf68263d51c485114784a651be8e5e_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:50230e9829718254fc51d844e0305978b694354bda4b798fb5066ca3c182d323_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:79590fd5063ffa0245d96cec02dc4ce257244a431e213ecbe38462e86536b859_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:fd9b30d940cdc8b281fa4a46e8a22f946571e7e72695fef9cfa02c4337e74dc0_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:5541"
},
{
"category": "workaround",
"details": "Users are strongly urged to update their software as soon as fixes are available. \nThere are several mitigation approaches for this flaw. \n\n1. If circumstances permit, users may disable http2 endpoints to circumvent the flaw altogether until a fix is available.\n2. IP-based blocking or flood protection and rate control tools may be used at network endpoints to filter incoming traffic.\n3. Several package specific mitigations are also available. \n a. nginx: https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\n b. netty: https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p\n c. haproxy: https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\n d. nghttp2: https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg\n e. golang: The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:02c4a20e1f2b0678afe4ea0757933ce581ef66e6b189622aea7dc0fa91e6c18c_amd64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:556e2c39c0eebd2e8a4d361d40221fa8cf0e9bf7db66dcf2bd2f32576240d94b_amd64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:64d3a93c2adbca869845ea59edfbef2675658bd15fd22dfc1681b57809d3269c_arm64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:a697fe3d581606f0da267205636c94e0dd7076fdf562fe9d4f0332ec0267f880_s390x",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:f8553bf9f5a75c089cdf5a26f8853e6f4488c19ef2a8dc1e0ebc96e4aab0384f_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:369d45c783651c6e07dfd721fa43025800b263da8e1fdbbc75b296686426e840_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:26f58db9cb18dfe0eb7a3478a7bb86c87efabe32d98dcf74bc34226a09ea6f0e_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:938ac92e58ab4fd377219899c6f3c25f41a58260f078e44b371d91964083d96a_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:c67b4fadb575fc60d60cc3307da75f2fa3e5c4760e572072308a506e4e271ab1_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:ce5fc5a37453626de4bcb9a05d3849ef7da0722bfc8f0fecfc1f693cf6b5deff_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:2a87c3b6888c57d813169da3ae06aa5bcac1ac916cdc62da3c492928d8eab187_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:34a393916466f1d4544cbe4d75936147c4bfc4e0246bee0faebc5c285f26d30d_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:358c663dbc3c6b0ee31a4b2665c79ff7b826ba6b72c21db62d186a6da09b04c4_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:7a9678d49d25ec0afbcab3c98a3d26d2eeda04a0ece3a833d91dde818f0dde22_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:8e62859531fcb8dd6b054a76c4bc95b62ff62bcbe69fe18f132689a203168bc8_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:92ab2dde35f2f59c3a8ce7b8b12f5703a7a214e83ca5cc13673d0c8ad373f02e_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:caeeb679701abcbb9612b77ef0975575cf31c96b74bfc06553d61140a3f52bb7_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:cd9a57aad90fdec4fef3b0f9b31df96c12bd7fe97cad90f9a1de79e6b0af4bbb_arm64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:b822207e2e70c989cf98d9e5a810e85034a8a1fd2130451e525ce4a804dd1727_s390x",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:ec56cae824197805c3287f57854343d2d26caa0b192a009c966d28c32f0d0d92_ppc64le",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:fc638d1f8ff0f079ea1f5cfa3a9938dc06374ca4e6cd24f92ba62b7d03fd6963_arm64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:ff509532db6b7e2d3a44fac2cf9b63687aa8bfbaab46d7a5f9d58be192475818_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:149d75b8f4f523c86122176935c63b96305f6eb308e74eea9fa6651c8e75d239_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:3038086e3dbfab1e3070cdeeb7968e863ab4b1012d161ed263e93b153ae2223b_s390x",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:816908f1ac923336e8e3b87129af40271bde545e12b3385186425038f1b14991_arm64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:e489da61d05557fba2718fd3e75b7ba50c51c173f43088334db7f3c993748711_ppc64le",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:0958ffa84bed51e99177837ac672324e5a8c1b20535d8110a3bbabe3f952073e_ppc64le",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:0c4ea44d09b21a915c3ecc17c9a50ba22d71ed06b0cc4ba1d8bfbe1ced426e47_arm64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:20b6b6aef51ef6cabe133e53dcc1d6665ff8fae0fab4d56ecd6998ca88554773_s390x",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:57b608727de6a22f2c39c138d184b4d2e9a1e62b2206fbcab290aeef2802e520_amd64",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:1646d63e4b9fa7d45f8fc9d1e8cec3cccbed9ba850f3ac07dc75b18f416c580f_s390x",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:94471501cf396d9d298e9dfee95ed7496e0ec8767eb80bab0ea809cb4e16b878_amd64",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:a2bd4a83b30b2b9e88e8581784e3e901d564d576ba3a58824cd203779ccc9e80_ppc64le",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:b442de2cb36a3a26b3d8b32d953d83d01c4cd5b659f974e1f781fbb5aaef5977_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:1cac7ceee19cd185658324643c9a81d055d22aa238a28986c76594153c79b422_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:4f8f194cc5827f05a969960937e9993528ad030c32d64c7a8d95bcb8ad1bb27a_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:cb78249fdad4f2cff00011a9863f40f0749c2f3b4093a322f9590008e62c06c6_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:f09e73392f894fd4f9c38595e617dd4eebabb698d8e1ad0f3ac4e080c37b1f12_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:47df30d450dbc2b26cf828f2208832ddcba75719cef9486d047e4b2bfb2c61a8_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:aea6196bddef8110c0d9282d6e84a7e8cdee066fab8ba3607dacb8425b458819_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:af7c029f15eacd2b65a99271538c68d9b2dcd5c25dbfabadd0e9f8bb2911d827_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:f4558c73e630c043e8ffebd92bfbc805d13a644b19e5e43d35979b7942225b98_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:42223f3fb6d55d6d9155f110b90323965eaf68263d51c485114784a651be8e5e_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:50230e9829718254fc51d844e0305978b694354bda4b798fb5066ca3c182d323_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:79590fd5063ffa0245d96cec02dc4ce257244a431e213ecbe38462e86536b859_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:fd9b30d940cdc8b281fa4a46e8a22f946571e7e72695fef9cfa02c4337e74dc0_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:62f04228cf7e9abc40efbd69b6dcd0b6d421834b520753194105010cc35e810c_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:260731d610f37fa0072760f09d460d04fd3a1359d24a2218918412bc1a93947b_arm64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:347cb504d7b382c241a238d1fffc91b5905121c4fe6c976356c46909161b9ced_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:c5c0c41173e8c288341859dda8e9c982fba297e2e6c616b953a04ea4280f8caa_ppc64le",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:c5e123a5c5d637ff9fb0327c03351e46f14b0d774b484fd045d51df058550d3d_s390x",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:1da817a84816082f56d2f3bea2f4a680b8e8cc4fe7ff95e311b44e1b5f1f5f0a_s390x",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:a40f0f1402d912aa12329e0ee3f4d8084337a376f72f1e0b5e45a4dac44ac848_arm64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:ea81838d5b7a63e28ad7e20113253a701063d8d723137681bf11afd801c69f6f_amd64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:f7c8b8251566fadb3396dfee110b6995e9d2ca27614a3b51f148f78fe5b51b50_ppc64le",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:01d2e3c8016742d49a9fe1cf7d62c6826dfc8f805babdc4c32e1407c3c8ae6c2_amd64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:5b8bc65ad9760c2bcabac5ebf72f2a256271a4c1173871742bf8f817c6ce0478_ppc64le",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:b76cb34507d54f963da41744b614b83bb7cc031942e7252452c3b299dcc0f530_s390x",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:e9fc83b6a9a40c2af4dd8a8454d8ca9e3a3bb96fdb290427d3a0c9cb753e91f4_arm64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:10f88bb7c978c24555def7bf4d7fd35dba3d1b5ffdc32fde359b175fc8d8b34e_ppc64le",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:7e46ef2e749e3896a86af16744c1c3542ff8a6d0467793af27aedb0fdbc9ee4a_s390x",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:a9f8b40acd19609ee9c9bc85a4f2cdec9aa4c8c786b62ad94e33c8ea451de961_amd64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:ebff04a36feae157572fdd32ce2cc045c504b850c0b9f471d381676da314dd97_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:02c4a20e1f2b0678afe4ea0757933ce581ef66e6b189622aea7dc0fa91e6c18c_amd64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:556e2c39c0eebd2e8a4d361d40221fa8cf0e9bf7db66dcf2bd2f32576240d94b_amd64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:64d3a93c2adbca869845ea59edfbef2675658bd15fd22dfc1681b57809d3269c_arm64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:a697fe3d581606f0da267205636c94e0dd7076fdf562fe9d4f0332ec0267f880_s390x",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:f8553bf9f5a75c089cdf5a26f8853e6f4488c19ef2a8dc1e0ebc96e4aab0384f_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:369d45c783651c6e07dfd721fa43025800b263da8e1fdbbc75b296686426e840_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:26f58db9cb18dfe0eb7a3478a7bb86c87efabe32d98dcf74bc34226a09ea6f0e_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:938ac92e58ab4fd377219899c6f3c25f41a58260f078e44b371d91964083d96a_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:c67b4fadb575fc60d60cc3307da75f2fa3e5c4760e572072308a506e4e271ab1_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:ce5fc5a37453626de4bcb9a05d3849ef7da0722bfc8f0fecfc1f693cf6b5deff_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:2a87c3b6888c57d813169da3ae06aa5bcac1ac916cdc62da3c492928d8eab187_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:34a393916466f1d4544cbe4d75936147c4bfc4e0246bee0faebc5c285f26d30d_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:358c663dbc3c6b0ee31a4b2665c79ff7b826ba6b72c21db62d186a6da09b04c4_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:7a9678d49d25ec0afbcab3c98a3d26d2eeda04a0ece3a833d91dde818f0dde22_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:8e62859531fcb8dd6b054a76c4bc95b62ff62bcbe69fe18f132689a203168bc8_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:92ab2dde35f2f59c3a8ce7b8b12f5703a7a214e83ca5cc13673d0c8ad373f02e_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:caeeb679701abcbb9612b77ef0975575cf31c96b74bfc06553d61140a3f52bb7_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:cd9a57aad90fdec4fef3b0f9b31df96c12bd7fe97cad90f9a1de79e6b0af4bbb_arm64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:b822207e2e70c989cf98d9e5a810e85034a8a1fd2130451e525ce4a804dd1727_s390x",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:ec56cae824197805c3287f57854343d2d26caa0b192a009c966d28c32f0d0d92_ppc64le",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:fc638d1f8ff0f079ea1f5cfa3a9938dc06374ca4e6cd24f92ba62b7d03fd6963_arm64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:ff509532db6b7e2d3a44fac2cf9b63687aa8bfbaab46d7a5f9d58be192475818_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:149d75b8f4f523c86122176935c63b96305f6eb308e74eea9fa6651c8e75d239_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:3038086e3dbfab1e3070cdeeb7968e863ab4b1012d161ed263e93b153ae2223b_s390x",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:816908f1ac923336e8e3b87129af40271bde545e12b3385186425038f1b14991_arm64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:e489da61d05557fba2718fd3e75b7ba50c51c173f43088334db7f3c993748711_ppc64le",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:0958ffa84bed51e99177837ac672324e5a8c1b20535d8110a3bbabe3f952073e_ppc64le",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:0c4ea44d09b21a915c3ecc17c9a50ba22d71ed06b0cc4ba1d8bfbe1ced426e47_arm64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:20b6b6aef51ef6cabe133e53dcc1d6665ff8fae0fab4d56ecd6998ca88554773_s390x",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:57b608727de6a22f2c39c138d184b4d2e9a1e62b2206fbcab290aeef2802e520_amd64",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:1646d63e4b9fa7d45f8fc9d1e8cec3cccbed9ba850f3ac07dc75b18f416c580f_s390x",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:94471501cf396d9d298e9dfee95ed7496e0ec8767eb80bab0ea809cb4e16b878_amd64",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:a2bd4a83b30b2b9e88e8581784e3e901d564d576ba3a58824cd203779ccc9e80_ppc64le",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:b442de2cb36a3a26b3d8b32d953d83d01c4cd5b659f974e1f781fbb5aaef5977_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:1cac7ceee19cd185658324643c9a81d055d22aa238a28986c76594153c79b422_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:4f8f194cc5827f05a969960937e9993528ad030c32d64c7a8d95bcb8ad1bb27a_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:cb78249fdad4f2cff00011a9863f40f0749c2f3b4093a322f9590008e62c06c6_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:f09e73392f894fd4f9c38595e617dd4eebabb698d8e1ad0f3ac4e080c37b1f12_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:47df30d450dbc2b26cf828f2208832ddcba75719cef9486d047e4b2bfb2c61a8_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:aea6196bddef8110c0d9282d6e84a7e8cdee066fab8ba3607dacb8425b458819_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:af7c029f15eacd2b65a99271538c68d9b2dcd5c25dbfabadd0e9f8bb2911d827_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:f4558c73e630c043e8ffebd92bfbc805d13a644b19e5e43d35979b7942225b98_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:42223f3fb6d55d6d9155f110b90323965eaf68263d51c485114784a651be8e5e_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:50230e9829718254fc51d844e0305978b694354bda4b798fb5066ca3c182d323_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:79590fd5063ffa0245d96cec02dc4ce257244a431e213ecbe38462e86536b859_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:fd9b30d940cdc8b281fa4a46e8a22f946571e7e72695fef9cfa02c4337e74dc0_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:62f04228cf7e9abc40efbd69b6dcd0b6d421834b520753194105010cc35e810c_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:260731d610f37fa0072760f09d460d04fd3a1359d24a2218918412bc1a93947b_arm64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:347cb504d7b382c241a238d1fffc91b5905121c4fe6c976356c46909161b9ced_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:c5c0c41173e8c288341859dda8e9c982fba297e2e6c616b953a04ea4280f8caa_ppc64le",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:c5e123a5c5d637ff9fb0327c03351e46f14b0d774b484fd045d51df058550d3d_s390x",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:1da817a84816082f56d2f3bea2f4a680b8e8cc4fe7ff95e311b44e1b5f1f5f0a_s390x",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:a40f0f1402d912aa12329e0ee3f4d8084337a376f72f1e0b5e45a4dac44ac848_arm64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:ea81838d5b7a63e28ad7e20113253a701063d8d723137681bf11afd801c69f6f_amd64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:f7c8b8251566fadb3396dfee110b6995e9d2ca27614a3b51f148f78fe5b51b50_ppc64le",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:01d2e3c8016742d49a9fe1cf7d62c6826dfc8f805babdc4c32e1407c3c8ae6c2_amd64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:5b8bc65ad9760c2bcabac5ebf72f2a256271a4c1173871742bf8f817c6ce0478_ppc64le",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:b76cb34507d54f963da41744b614b83bb7cc031942e7252452c3b299dcc0f530_s390x",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:e9fc83b6a9a40c2af4dd8a8454d8ca9e3a3bb96fdb290427d3a0c9cb753e91f4_arm64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:10f88bb7c978c24555def7bf4d7fd35dba3d1b5ffdc32fde359b175fc8d8b34e_ppc64le",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:7e46ef2e749e3896a86af16744c1c3542ff8a6d0467793af27aedb0fdbc9ee4a_s390x",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:a9f8b40acd19609ee9c9bc85a4f2cdec9aa4c8c786b62ad94e33c8ea451de961_amd64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:ebff04a36feae157572fdd32ce2cc045c504b850c0b9f471d381676da314dd97_arm64"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-10-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)"
}
]
}
RHSA-2023:5721
Vulnerability from csaf_redhat - Published: 2023-10-16 12:38 - Updated: 2026-06-05 13:07Summary
Red Hat Security Advisory: go-toolset:rhel8 security update
Severity
Important
Notes
Topic: An update for the go-toolset:rhel8 module is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang.
Security Fix(es):
* golang: net/http, x/net/http2: rapid stream resets can cause excessive work [CVE-2023-44487] (CVE-2023-39325)
* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in Golang, where it is vulnerable to HTTP header injection caused by improper content validation of the Host header by the HTTP/1 client. A remote attacker can inject arbitrary HTTP headers by persuading a victim to visit a specially crafted Web page. This flaw allows the attacker to conduct various attacks against the vulnerable system, including Cross-site scripting, cache poisoning, or session hijacking.
6.5 (Medium)
Affected products
Fixed
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.8.0.Z.MAIN.EUS:delve-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.src::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.8.0.Z.MAIN.EUS:delve-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.8.0.Z.MAIN.EUS:delve-debuginfo-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.8.0.Z.MAIN.EUS:delve-debugsource-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.src::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.src::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.8.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.8.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.8.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.8.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.8.0.Z.MAIN.EUS:golang-docs-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.8.0.Z.MAIN.EUS:golang-misc-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.8.0.Z.MAIN.EUS:golang-race-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.8.0.Z.MAIN.EUS:golang-src-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.8.0.Z.MAIN.EUS:golang-tests-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A denial of service vulnerability was found in the Golang Go package caused by an uncontrolled resource consumption flaw. By persuading a victim to use a specially crafted certificate with large RSA keys, a remote attacker can cause a client/server to expend significant CPU time verifying signatures, resulting in a denial of service condition.
5.3 (Medium)
Affected products
Fixed
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.8.0.Z.MAIN.EUS:delve-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.src::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.8.0.Z.MAIN.EUS:delve-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.8.0.Z.MAIN.EUS:delve-debuginfo-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.8.0.Z.MAIN.EUS:delve-debugsource-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.src::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.src::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.8.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.8.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.8.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.8.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.8.0.Z.MAIN.EUS:golang-docs-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.8.0.Z.MAIN.EUS:golang-misc-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.8.0.Z.MAIN.EUS:golang-race-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.8.0.Z.MAIN.EUS:golang-src-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.8.0.Z.MAIN.EUS:golang-tests-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.
7.5 (High)
Affected products
Fixed
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.8.0.Z.MAIN.EUS:delve-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.src::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.MAIN.EUS:delve-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.MAIN.EUS:delve-debuginfo-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.MAIN.EUS:delve-debugsource-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.src::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.src::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.MAIN.EUS:golang-docs-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.MAIN.EUS:golang-misc-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.MAIN.EUS:golang-race-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.MAIN.EUS:golang-src-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.MAIN.EUS:golang-tests-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages. Security Bulletin https://access.redhat.com/security/vulnerabilities/RHSB-2023-003
7.5 (High)
Affected products
Fixed
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.8.0.Z.MAIN.EUS:delve-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.src::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.MAIN.EUS:delve-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.MAIN.EUS:delve-debuginfo-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.MAIN.EUS:delve-debugsource-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.src::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.src::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.MAIN.EUS:golang-docs-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.MAIN.EUS:golang-misc-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.MAIN.EUS:golang-race-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.MAIN.EUS:golang-src-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.MAIN.EUS:golang-tests-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
Threats
Exploit Status
CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Impact
Important
References
35 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for the go-toolset:rhel8 module is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. \n\nSecurity Fix(es):\n\n* golang: net/http, x/net/http2: rapid stream resets can cause excessive work [CVE-2023-44487] (CVE-2023-39325)\n\n* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:5721",
"url": "https://access.redhat.com/errata/RHSA-2023:5721"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_5721.json"
}
],
"title": "Red Hat Security Advisory: go-toolset:rhel8 security update",
"tracking": {
"current_release_date": "2026-06-05T13:07:57+00:00",
"generator": {
"date": "2026-06-05T13:07:57+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.2"
}
},
"id": "RHSA-2023:5721",
"initial_release_date": "2023-10-16T12:38:36+00:00",
"revision_history": [
{
"date": "2023-10-16T12:38:36+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-10-16T12:38:36+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-05T13:07:57+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.8.0.Z.MAIN.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.aarch64::go-toolset:rhel8",
"product": {
"name": "go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.aarch64 (go-toolset:rhel8)",
"product_id": "go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.aarch64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.19.13-1.module%2Bel8.8.0%2B20380%2B7171fefb?arch=aarch64\u0026rpmmod=go-toolset:rhel8:8080020231013004859:6b4b45d8"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.aarch64::go-toolset:rhel8",
"product": {
"name": "golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.aarch64 (go-toolset:rhel8)",
"product_id": "golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.aarch64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.19.13-1.module%2Bel8.8.0%2B20373%2Bd9cd605c?arch=aarch64\u0026rpmmod=go-toolset:rhel8:8080020231013004859:6b4b45d8"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.aarch64::go-toolset:rhel8",
"product": {
"name": "golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.aarch64 (go-toolset:rhel8)",
"product_id": "golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.aarch64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.19.13-1.module%2Bel8.8.0%2B20373%2Bd9cd605c?arch=aarch64\u0026rpmmod=go-toolset:rhel8:8080020231013004859:6b4b45d8"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.src::go-toolset:rhel8",
"product": {
"name": "go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.src (go-toolset:rhel8)",
"product_id": "go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.src::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.19.13-1.module%2Bel8.8.0%2B20380%2B7171fefb?arch=src\u0026rpmmod=go-toolset:rhel8:8080020231013004859:6b4b45d8"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.src::go-toolset:rhel8",
"product": {
"name": "golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.src (go-toolset:rhel8)",
"product_id": "golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.src::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.19.13-1.module%2Bel8.8.0%2B20373%2Bd9cd605c?arch=src\u0026rpmmod=go-toolset:rhel8:8080020231013004859:6b4b45d8"
}
}
},
{
"category": "product_version",
"name": "delve-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.src::go-toolset:rhel8",
"product": {
"name": "delve-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.src (go-toolset:rhel8)",
"product_id": "delve-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.src::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/delve@1.9.1-1.module%2Bel8.8.0%2B16778%2B5fbb74f5?arch=src\u0026rpmmod=go-toolset:rhel8:8080020231013004859:6b4b45d8"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-docs-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch::go-toolset:rhel8",
"product": {
"name": "golang-docs-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch (go-toolset:rhel8)",
"product_id": "golang-docs-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-docs@1.19.13-1.module%2Bel8.8.0%2B20373%2Bd9cd605c?arch=noarch\u0026rpmmod=go-toolset:rhel8:8080020231013004859:6b4b45d8"
}
}
},
{
"category": "product_version",
"name": "golang-misc-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch::go-toolset:rhel8",
"product": {
"name": "golang-misc-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch (go-toolset:rhel8)",
"product_id": "golang-misc-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-misc@1.19.13-1.module%2Bel8.8.0%2B20373%2Bd9cd605c?arch=noarch\u0026rpmmod=go-toolset:rhel8:8080020231013004859:6b4b45d8"
}
}
},
{
"category": "product_version",
"name": "golang-src-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch::go-toolset:rhel8",
"product": {
"name": "golang-src-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch (go-toolset:rhel8)",
"product_id": "golang-src-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-src@1.19.13-1.module%2Bel8.8.0%2B20373%2Bd9cd605c?arch=noarch\u0026rpmmod=go-toolset:rhel8:8080020231013004859:6b4b45d8"
}
}
},
{
"category": "product_version",
"name": "golang-tests-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch::go-toolset:rhel8",
"product": {
"name": "golang-tests-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch (go-toolset:rhel8)",
"product_id": "golang-tests-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-tests@1.19.13-1.module%2Bel8.8.0%2B20373%2Bd9cd605c?arch=noarch\u0026rpmmod=go-toolset:rhel8:8080020231013004859:6b4b45d8"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.ppc64le::go-toolset:rhel8",
"product": {
"name": "go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.ppc64le (go-toolset:rhel8)",
"product_id": "go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.ppc64le::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.19.13-1.module%2Bel8.8.0%2B20380%2B7171fefb?arch=ppc64le\u0026rpmmod=go-toolset:rhel8:8080020231013004859:6b4b45d8"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.ppc64le::go-toolset:rhel8",
"product": {
"name": "golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.ppc64le (go-toolset:rhel8)",
"product_id": "golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.ppc64le::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.19.13-1.module%2Bel8.8.0%2B20373%2Bd9cd605c?arch=ppc64le\u0026rpmmod=go-toolset:rhel8:8080020231013004859:6b4b45d8"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.ppc64le::go-toolset:rhel8",
"product": {
"name": "golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.ppc64le (go-toolset:rhel8)",
"product_id": "golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.ppc64le::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.19.13-1.module%2Bel8.8.0%2B20373%2Bd9cd605c?arch=ppc64le\u0026rpmmod=go-toolset:rhel8:8080020231013004859:6b4b45d8"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.s390x::go-toolset:rhel8",
"product": {
"name": "go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.s390x (go-toolset:rhel8)",
"product_id": "go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.s390x::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.19.13-1.module%2Bel8.8.0%2B20380%2B7171fefb?arch=s390x\u0026rpmmod=go-toolset:rhel8:8080020231013004859:6b4b45d8"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.s390x::go-toolset:rhel8",
"product": {
"name": "golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.s390x (go-toolset:rhel8)",
"product_id": "golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.s390x::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.19.13-1.module%2Bel8.8.0%2B20373%2Bd9cd605c?arch=s390x\u0026rpmmod=go-toolset:rhel8:8080020231013004859:6b4b45d8"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.s390x::go-toolset:rhel8",
"product": {
"name": "golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.s390x (go-toolset:rhel8)",
"product_id": "golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.s390x::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.19.13-1.module%2Bel8.8.0%2B20373%2Bd9cd605c?arch=s390x\u0026rpmmod=go-toolset:rhel8:8080020231013004859:6b4b45d8"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "delve-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64::go-toolset:rhel8",
"product": {
"name": "delve-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64 (go-toolset:rhel8)",
"product_id": "delve-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/delve@1.9.1-1.module%2Bel8.8.0%2B16778%2B5fbb74f5?arch=x86_64\u0026rpmmod=go-toolset:rhel8:8080020231013004859:6b4b45d8"
}
}
},
{
"category": "product_version",
"name": "delve-debuginfo-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64::go-toolset:rhel8",
"product": {
"name": "delve-debuginfo-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64 (go-toolset:rhel8)",
"product_id": "delve-debuginfo-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/delve-debuginfo@1.9.1-1.module%2Bel8.8.0%2B16778%2B5fbb74f5?arch=x86_64\u0026rpmmod=go-toolset:rhel8:8080020231013004859:6b4b45d8"
}
}
},
{
"category": "product_version",
"name": "delve-debugsource-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64::go-toolset:rhel8",
"product": {
"name": "delve-debugsource-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64 (go-toolset:rhel8)",
"product_id": "delve-debugsource-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/delve-debugsource@1.9.1-1.module%2Bel8.8.0%2B16778%2B5fbb74f5?arch=x86_64\u0026rpmmod=go-toolset:rhel8:8080020231013004859:6b4b45d8"
}
}
},
{
"category": "product_version",
"name": "go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.x86_64::go-toolset:rhel8",
"product": {
"name": "go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.x86_64 (go-toolset:rhel8)",
"product_id": "go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.x86_64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.19.13-1.module%2Bel8.8.0%2B20380%2B7171fefb?arch=x86_64\u0026rpmmod=go-toolset:rhel8:8080020231013004859:6b4b45d8"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.x86_64::go-toolset:rhel8",
"product": {
"name": "golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.x86_64 (go-toolset:rhel8)",
"product_id": "golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.x86_64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.19.13-1.module%2Bel8.8.0%2B20373%2Bd9cd605c?arch=x86_64\u0026rpmmod=go-toolset:rhel8:8080020231013004859:6b4b45d8"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.x86_64::go-toolset:rhel8",
"product": {
"name": "golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.x86_64 (go-toolset:rhel8)",
"product_id": "golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.x86_64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.19.13-1.module%2Bel8.8.0%2B20373%2Bd9cd605c?arch=x86_64\u0026rpmmod=go-toolset:rhel8:8080020231013004859:6b4b45d8"
}
}
},
{
"category": "product_version",
"name": "golang-race-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.x86_64::go-toolset:rhel8",
"product": {
"name": "golang-race-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.x86_64 (go-toolset:rhel8)",
"product_id": "golang-race-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.x86_64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-race@1.19.13-1.module%2Bel8.8.0%2B20373%2Bd9cd605c?arch=x86_64\u0026rpmmod=go-toolset:rhel8:8080020231013004859:6b4b45d8"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "delve-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.src (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.8.0.Z.MAIN.EUS:delve-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.src::go-toolset:rhel8"
},
"product_reference": "delve-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.src::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "delve-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.8.0.Z.MAIN.EUS:delve-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64::go-toolset:rhel8"
},
"product_reference": "delve-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "delve-debuginfo-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.8.0.Z.MAIN.EUS:delve-debuginfo-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64::go-toolset:rhel8"
},
"product_reference": "delve-debuginfo-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "delve-debugsource-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.8.0.Z.MAIN.EUS:delve-debugsource-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64::go-toolset:rhel8"
},
"product_reference": "delve-debugsource-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.aarch64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.aarch64::go-toolset:rhel8"
},
"product_reference": "go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.aarch64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.ppc64le (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.ppc64le::go-toolset:rhel8"
},
"product_reference": "go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.ppc64le::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.s390x (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.s390x::go-toolset:rhel8"
},
"product_reference": "go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.s390x::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.src (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.src::go-toolset:rhel8"
},
"product_reference": "go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.src::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.x86_64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.x86_64::go-toolset:rhel8"
},
"product_reference": "go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.x86_64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.aarch64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.aarch64::go-toolset:rhel8"
},
"product_reference": "golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.aarch64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.ppc64le (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.ppc64le::go-toolset:rhel8"
},
"product_reference": "golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.ppc64le::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.s390x (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.s390x::go-toolset:rhel8"
},
"product_reference": "golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.s390x::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.src (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.src::go-toolset:rhel8"
},
"product_reference": "golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.src::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.x86_64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.x86_64::go-toolset:rhel8"
},
"product_reference": "golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.x86_64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.aarch64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.8.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.aarch64::go-toolset:rhel8"
},
"product_reference": "golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.aarch64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.ppc64le (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.8.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.ppc64le::go-toolset:rhel8"
},
"product_reference": "golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.ppc64le::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.s390x (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.8.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.s390x::go-toolset:rhel8"
},
"product_reference": "golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.s390x::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.x86_64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.8.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.x86_64::go-toolset:rhel8"
},
"product_reference": "golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.x86_64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-docs-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.8.0.Z.MAIN.EUS:golang-docs-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch::go-toolset:rhel8"
},
"product_reference": "golang-docs-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-misc-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.8.0.Z.MAIN.EUS:golang-misc-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch::go-toolset:rhel8"
},
"product_reference": "golang-misc-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-race-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.x86_64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.8.0.Z.MAIN.EUS:golang-race-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.x86_64::go-toolset:rhel8"
},
"product_reference": "golang-race-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.x86_64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-src-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.8.0.Z.MAIN.EUS:golang-src-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch::go-toolset:rhel8"
},
"product_reference": "golang-src-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-tests-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.8.0.Z.MAIN.EUS:golang-tests-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch::go-toolset:rhel8"
},
"product_reference": "golang-tests-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.8.0.Z.MAIN.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-29406",
"cwe": {
"id": "CWE-113",
"name": "Improper Neutralization of CRLF Sequences in HTTP Headers (\u0027HTTP Request/Response Splitting\u0027)"
},
"discovery_date": "2023-07-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2222167"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Golang, where it is vulnerable to HTTP header injection caused by improper content validation of the Host header by the HTTP/1 client. A remote attacker can inject arbitrary HTTP headers by persuading a victim to visit a specially crafted Web page. This flaw allows the attacker to conduct various attacks against the vulnerable system, including Cross-site scripting, cache poisoning, or session hijacking.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http: insufficient sanitization of Host header",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.8.0.Z.MAIN.EUS:delve-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.src::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:delve-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:delve-debuginfo-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:delve-debugsource-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.aarch64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.ppc64le::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.s390x::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.src::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.aarch64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.ppc64le::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.s390x::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.src::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.aarch64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.ppc64le::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.s390x::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-docs-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-misc-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-race-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-src-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-tests-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch::go-toolset:rhel8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-29406"
},
{
"category": "external",
"summary": "RHBZ#2222167",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2222167"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-29406",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29406"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-29406",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29406"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/2q13H6LEEx0",
"url": "https://groups.google.com/g/golang-announce/c/2q13H6LEEx0"
}
],
"release_date": "2023-07-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-16T12:38:36+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.8.0.Z.MAIN.EUS:delve-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.src::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:delve-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:delve-debuginfo-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:delve-debugsource-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.aarch64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.ppc64le::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.s390x::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.src::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.aarch64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.ppc64le::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.s390x::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.src::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.aarch64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.ppc64le::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.s390x::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-docs-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-misc-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-race-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-src-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-tests-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch::go-toolset:rhel8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:5721"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.8.0.Z.MAIN.EUS:delve-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.src::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:delve-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:delve-debuginfo-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:delve-debugsource-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.aarch64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.ppc64le::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.s390x::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.src::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.aarch64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.ppc64le::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.s390x::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.src::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.aarch64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.ppc64le::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.s390x::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-docs-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-misc-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-race-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-src-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-tests-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch::go-toolset:rhel8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http: insufficient sanitization of Host header"
},
{
"cve": "CVE-2023-29409",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-08-03T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2228743"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service vulnerability was found in the Golang Go package caused by an uncontrolled resource consumption flaw. By persuading a victim to use a specially crafted certificate with large RSA keys, a remote attacker can cause a client/server to expend significant CPU time verifying signatures, resulting in a denial of service condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: crypto/tls: slow verification of certificate chains containing large RSA keys",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.8.0.Z.MAIN.EUS:delve-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.src::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:delve-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:delve-debuginfo-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:delve-debugsource-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.aarch64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.ppc64le::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.s390x::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.src::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.aarch64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.ppc64le::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.s390x::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.src::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.aarch64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.ppc64le::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.s390x::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-docs-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-misc-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-race-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-src-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-tests-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch::go-toolset:rhel8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-29409"
},
{
"category": "external",
"summary": "RHBZ#2228743",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2228743"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-29409",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29409"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-29409",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29409"
},
{
"category": "external",
"summary": "https://go.dev/cl/515257",
"url": "https://go.dev/cl/515257"
},
{
"category": "external",
"summary": "https://go.dev/issue/61460",
"url": "https://go.dev/issue/61460"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ",
"url": "https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-1987",
"url": "https://pkg.go.dev/vuln/GO-2023-1987"
}
],
"release_date": "2023-08-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-16T12:38:36+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.8.0.Z.MAIN.EUS:delve-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.src::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:delve-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:delve-debuginfo-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:delve-debugsource-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.aarch64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.ppc64le::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.s390x::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.src::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.aarch64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.ppc64le::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.s390x::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.src::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.aarch64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.ppc64le::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.s390x::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-docs-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-misc-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-race-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-src-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-tests-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch::go-toolset:rhel8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:5721"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.8.0.Z.MAIN.EUS:delve-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.src::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:delve-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:delve-debuginfo-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:delve-debugsource-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.aarch64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.ppc64le::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.s390x::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.src::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.aarch64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.ppc64le::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.s390x::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.src::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.aarch64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.ppc64le::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.s390x::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-docs-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-misc-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-race-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-src-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-tests-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch::go-toolset:rhel8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: crypto/tls: slow verification of certificate chains containing large RSA keys"
},
{
"cve": "CVE-2023-39325",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2243296"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE is related to CVE-2023-44487.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nAs go-lang vendors its dependencies, a package may contain a library with a known vulnerability, solely because of lower tier libraries including it as a part of its dependencies, but the vulnerable code is not reachable at runtime. In such cases the issue is not exploitable. We classify these situations as \u201cNot affected\u201d or \u201cWill not fix,\u201d depending on the risk of breaking other unrelated packages.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.8.0.Z.MAIN.EUS:delve-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.src::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:delve-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:delve-debuginfo-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:delve-debugsource-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.aarch64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.ppc64le::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.s390x::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.src::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.aarch64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.ppc64le::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.s390x::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.src::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.aarch64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.ppc64le::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.s390x::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-docs-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-misc-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-race-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-src-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-tests-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch::go-toolset:rhel8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39325"
},
{
"category": "external",
"summary": "RHBZ#2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2023-44487",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://go.dev/issue/63417",
"url": "https://go.dev/issue/63417"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-16T12:38:36+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.8.0.Z.MAIN.EUS:delve-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.src::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:delve-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:delve-debuginfo-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:delve-debugsource-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.aarch64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.ppc64le::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.s390x::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.src::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.aarch64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.ppc64le::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.s390x::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.src::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.aarch64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.ppc64le::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.s390x::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-docs-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-misc-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-race-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-src-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-tests-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch::go-toolset:rhel8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:5721"
},
{
"category": "workaround",
"details": "The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"AppStream-8.8.0.Z.MAIN.EUS:delve-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.src::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:delve-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:delve-debuginfo-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:delve-debugsource-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.aarch64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.ppc64le::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.s390x::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.src::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.aarch64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.ppc64le::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.s390x::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.src::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.aarch64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.ppc64le::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.s390x::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-docs-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-misc-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-race-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-src-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-tests-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch::go-toolset:rhel8"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.8.0.Z.MAIN.EUS:delve-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.src::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:delve-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:delve-debuginfo-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:delve-debugsource-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.aarch64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.ppc64le::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.s390x::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.src::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.aarch64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.ppc64le::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.s390x::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.src::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.aarch64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.ppc64le::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.s390x::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-docs-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-misc-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-race-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-src-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-tests-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch::go-toolset:rhel8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)"
},
{
"cve": "CVE-2023-44487",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2242803"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages.\r\n\r\nSecurity Bulletin\r\nhttps://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "NGINX has been marked as Moderate Impact because, for performance and resource consumption reasons, NGINX limits the number of concurrent streams to a default of 128. In addition, to optimally balance network and server performance, NGINX allows the client to persist HTTP connections for up to 1000 requests by default using an HTTP keepalive.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nrhc component is no longer impacted by CVE-2023-44487 \u0026 CVE-2023-39325.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.8.0.Z.MAIN.EUS:delve-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.src::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:delve-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:delve-debuginfo-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:delve-debugsource-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.aarch64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.ppc64le::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.s390x::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.src::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.aarch64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.ppc64le::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.s390x::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.src::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.aarch64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.ppc64le::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.s390x::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-docs-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-misc-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-race-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-src-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-tests-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch::go-toolset:rhel8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "RHBZ#2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://github.com/dotnet/announcements/issues/277",
"url": "https://github.com/dotnet/announcements/issues/277"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
},
{
"category": "external",
"summary": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/",
"url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-16T12:38:36+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.8.0.Z.MAIN.EUS:delve-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.src::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:delve-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:delve-debuginfo-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:delve-debugsource-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.aarch64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.ppc64le::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.s390x::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.src::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.aarch64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.ppc64le::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.s390x::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.src::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.aarch64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.ppc64le::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.s390x::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-docs-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-misc-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-race-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-src-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-tests-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch::go-toolset:rhel8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:5721"
},
{
"category": "workaround",
"details": "Users are strongly urged to update their software as soon as fixes are available. \nThere are several mitigation approaches for this flaw. \n\n1. If circumstances permit, users may disable http2 endpoints to circumvent the flaw altogether until a fix is available.\n2. IP-based blocking or flood protection and rate control tools may be used at network endpoints to filter incoming traffic.\n3. Several package specific mitigations are also available. \n a. nginx: https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\n b. netty: https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p\n c. haproxy: https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\n d. nghttp2: https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg\n e. golang: The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"AppStream-8.8.0.Z.MAIN.EUS:delve-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.src::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:delve-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:delve-debuginfo-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:delve-debugsource-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.aarch64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.ppc64le::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.s390x::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.src::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.aarch64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.ppc64le::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.s390x::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.src::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.aarch64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.ppc64le::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.s390x::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-docs-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-misc-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-race-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-src-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-tests-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch::go-toolset:rhel8"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.8.0.Z.MAIN.EUS:delve-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.src::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:delve-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:delve-debuginfo-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:delve-debugsource-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.aarch64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.ppc64le::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.s390x::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.src::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.aarch64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.ppc64le::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.s390x::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.src::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.aarch64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.ppc64le::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.s390x::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-docs-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-misc-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-race-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-src-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch::go-toolset:rhel8",
"AppStream-8.8.0.Z.MAIN.EUS:golang-tests-0:1.19.13-1.module+el8.8.0+20373+d9cd605c.noarch::go-toolset:rhel8"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-10-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)"
}
]
}
RHSA-2023:5738
Vulnerability from csaf_redhat - Published: 2023-10-16 14:00 - Updated: 2026-06-05 13:07Summary
Red Hat Security Advisory: go-toolset and golang security and bug fix update
Severity
Important
Notes
Topic: An update for go-toolset and golang is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang.
The golang packages provide the Go programming language compiler.
Security Fix(es):
* golang: net/http, x/net/http2: rapid stream resets can cause excessive work [CVE-2023-44487] (CVE-2023-39325)
* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)
* golang: crypto/tls: slow verification of certificate chains containing large RSA keys (CVE-2023-29409)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* Midstream dist-git patches (BZ#2223637)
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in Golang, where it is vulnerable to HTTP header injection caused by improper content validation of the Host header by the HTTP/1 client. A remote attacker can inject arbitrary HTTP headers by persuading a victim to visit a specially crafted Web page. This flaw allows the attacker to conduct various attacks against the vulnerable system, including Cross-site scripting, cache poisoning, or session hijacking.
6.5 (Medium)
Affected products
Fixed
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.el9_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.el9_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.el9_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:golang-docs-0:1.19.13-1.el9_2.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:golang-misc-0:1.19.13-1.el9_2.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:golang-race-0:1.19.13-1.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:golang-src-0:1.19.13-1.el9_2.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:golang-tests-0:1.19.13-1.el9_2.noarch | — |
Vendor Fix
fix
|
Known not affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.aarch64 | — | ||
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.ppc64le | — | ||
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.s390x | — | ||
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.src | — | ||
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.x86_64 | — |
Threats
Impact
Moderate
A denial of service vulnerability was found in the Golang Go package caused by an uncontrolled resource consumption flaw. By persuading a victim to use a specially crafted certificate with large RSA keys, a remote attacker can cause a client/server to expend significant CPU time verifying signatures, resulting in a denial of service condition.
5.3 (Medium)
Affected products
Fixed
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.el9_2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.el9_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.el9_2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:golang-docs-0:1.19.13-1.el9_2.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:golang-misc-0:1.19.13-1.el9_2.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:golang-race-0:1.19.13-1.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:golang-src-0:1.19.13-1.el9_2.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:golang-tests-0:1.19.13-1.el9_2.noarch | — |
Vendor Fix
fix
|
Known not affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.aarch64 | — | ||
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.ppc64le | — | ||
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.s390x | — | ||
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.src | — | ||
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.x86_64 | — |
Threats
Impact
Moderate
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.
7.5 (High)
Affected products
Fixed
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.el9_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.el9_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:golang-docs-0:1.19.13-1.el9_2.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:golang-misc-0:1.19.13-1.el9_2.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:golang-race-0:1.19.13-1.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:golang-src-0:1.19.13-1.el9_2.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:golang-tests-0:1.19.13-1.el9_2.noarch | — |
Vendor Fix
fix
Workaround
|
Known not affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.aarch64 | — |
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.ppc64le | — |
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.s390x | — |
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.src | — |
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.x86_64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages. Security Bulletin https://access.redhat.com/security/vulnerabilities/RHSB-2023-003
7.5 (High)
Affected products
Fixed
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.el9_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.el9_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:golang-docs-0:1.19.13-1.el9_2.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:golang-misc-0:1.19.13-1.el9_2.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:golang-race-0:1.19.13-1.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:golang-src-0:1.19.13-1.el9_2.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:golang-tests-0:1.19.13-1.el9_2.noarch | — |
Vendor Fix
fix
Workaround
|
Known not affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.aarch64 | — |
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.ppc64le | — |
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.s390x | — |
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.src | — |
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.x86_64 | — |
Workaround
|
Threats
Exploit Status
CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Impact
Important
References
36 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for go-toolset and golang is now available for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. \n\nThe golang packages provide the Go programming language compiler.\n\nSecurity Fix(es):\n\n* golang: net/http, x/net/http2: rapid stream resets can cause excessive work [CVE-2023-44487] (CVE-2023-39325)\n\n* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)\n\n* golang: crypto/tls: slow verification of certificate chains containing large RSA keys (CVE-2023-29409)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* Midstream dist-git patches (BZ#2223637)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:5738",
"url": "https://access.redhat.com/errata/RHSA-2023:5738"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "2228743",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2228743"
},
{
"category": "external",
"summary": "2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_5738.json"
}
],
"title": "Red Hat Security Advisory: go-toolset and golang security and bug fix update",
"tracking": {
"current_release_date": "2026-06-05T13:07:58+00:00",
"generator": {
"date": "2026-06-05T13:07:58+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.2"
}
},
"id": "RHSA-2023:5738",
"initial_release_date": "2023-10-16T14:00:36+00:00",
"revision_history": [
{
"date": "2023-10-16T14:00:36+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-10-16T14:00:36+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-05T13:07:58+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:9::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-0:1.19.13-1.el9_2.src",
"product": {
"name": "golang-0:1.19.13-1.el9_2.src",
"product_id": "golang-0:1.19.13-1.el9_2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.19.13-1.el9_2?arch=src"
}
}
},
{
"category": "product_version",
"name": "go-toolset-0:1.19.13-1.el9_2.src",
"product": {
"name": "go-toolset-0:1.19.13-1.el9_2.src",
"product_id": "go-toolset-0:1.19.13-1.el9_2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.19.13-1.el9_2?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-0:1.19.13-1.el9_2.aarch64",
"product": {
"name": "golang-0:1.19.13-1.el9_2.aarch64",
"product_id": "golang-0:1.19.13-1.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.19.13-1.el9_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.19.13-1.el9_2.aarch64",
"product": {
"name": "golang-bin-0:1.19.13-1.el9_2.aarch64",
"product_id": "golang-bin-0:1.19.13-1.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.19.13-1.el9_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "go-toolset-0:1.19.13-1.el9_2.aarch64",
"product": {
"name": "go-toolset-0:1.19.13-1.el9_2.aarch64",
"product_id": "go-toolset-0:1.19.13-1.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.19.13-1.el9_2?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-0:1.19.13-1.el9_2.ppc64le",
"product": {
"name": "golang-0:1.19.13-1.el9_2.ppc64le",
"product_id": "golang-0:1.19.13-1.el9_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.19.13-1.el9_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.19.13-1.el9_2.ppc64le",
"product": {
"name": "golang-bin-0:1.19.13-1.el9_2.ppc64le",
"product_id": "golang-bin-0:1.19.13-1.el9_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.19.13-1.el9_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "go-toolset-0:1.19.13-1.el9_2.ppc64le",
"product": {
"name": "go-toolset-0:1.19.13-1.el9_2.ppc64le",
"product_id": "go-toolset-0:1.19.13-1.el9_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.19.13-1.el9_2?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-0:1.19.13-1.el9_2.x86_64",
"product": {
"name": "golang-0:1.19.13-1.el9_2.x86_64",
"product_id": "golang-0:1.19.13-1.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.19.13-1.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.19.13-1.el9_2.x86_64",
"product": {
"name": "golang-bin-0:1.19.13-1.el9_2.x86_64",
"product_id": "golang-bin-0:1.19.13-1.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.19.13-1.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "golang-race-0:1.19.13-1.el9_2.x86_64",
"product": {
"name": "golang-race-0:1.19.13-1.el9_2.x86_64",
"product_id": "golang-race-0:1.19.13-1.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-race@1.19.13-1.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "go-toolset-0:1.19.13-1.el9_2.x86_64",
"product": {
"name": "go-toolset-0:1.19.13-1.el9_2.x86_64",
"product_id": "go-toolset-0:1.19.13-1.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.19.13-1.el9_2?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-0:1.19.13-1.el9_2.s390x",
"product": {
"name": "golang-0:1.19.13-1.el9_2.s390x",
"product_id": "golang-0:1.19.13-1.el9_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.19.13-1.el9_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.19.13-1.el9_2.s390x",
"product": {
"name": "golang-bin-0:1.19.13-1.el9_2.s390x",
"product_id": "golang-bin-0:1.19.13-1.el9_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.19.13-1.el9_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "go-toolset-0:1.19.13-1.el9_2.s390x",
"product": {
"name": "go-toolset-0:1.19.13-1.el9_2.s390x",
"product_id": "go-toolset-0:1.19.13-1.el9_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.19.13-1.el9_2?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-docs-0:1.19.13-1.el9_2.noarch",
"product": {
"name": "golang-docs-0:1.19.13-1.el9_2.noarch",
"product_id": "golang-docs-0:1.19.13-1.el9_2.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-docs@1.19.13-1.el9_2?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "golang-misc-0:1.19.13-1.el9_2.noarch",
"product": {
"name": "golang-misc-0:1.19.13-1.el9_2.noarch",
"product_id": "golang-misc-0:1.19.13-1.el9_2.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-misc@1.19.13-1.el9_2?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "golang-src-0:1.19.13-1.el9_2.noarch",
"product": {
"name": "golang-src-0:1.19.13-1.el9_2.noarch",
"product_id": "golang-src-0:1.19.13-1.el9_2.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-src@1.19.13-1.el9_2?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "golang-tests-0:1.19.13-1.el9_2.noarch",
"product": {
"name": "golang-tests-0:1.19.13-1.el9_2.noarch",
"product_id": "golang-tests-0:1.19.13-1.el9_2.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-tests@1.19.13-1.el9_2?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.19.13-1.el9_2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.aarch64"
},
"product_reference": "go-toolset-0:1.19.13-1.el9_2.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.19.13-1.el9_2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.ppc64le"
},
"product_reference": "go-toolset-0:1.19.13-1.el9_2.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.19.13-1.el9_2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.s390x"
},
"product_reference": "go-toolset-0:1.19.13-1.el9_2.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.19.13-1.el9_2.src as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.src"
},
"product_reference": "go-toolset-0:1.19.13-1.el9_2.src",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.19.13-1.el9_2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.x86_64"
},
"product_reference": "go-toolset-0:1.19.13-1.el9_2.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.19.13-1.el9_2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.aarch64"
},
"product_reference": "golang-0:1.19.13-1.el9_2.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.19.13-1.el9_2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.ppc64le"
},
"product_reference": "golang-0:1.19.13-1.el9_2.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.19.13-1.el9_2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.s390x"
},
"product_reference": "golang-0:1.19.13-1.el9_2.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.19.13-1.el9_2.src as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.src"
},
"product_reference": "golang-0:1.19.13-1.el9_2.src",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.19.13-1.el9_2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.x86_64"
},
"product_reference": "golang-0:1.19.13-1.el9_2.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.19.13-1.el9_2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.el9_2.aarch64"
},
"product_reference": "golang-bin-0:1.19.13-1.el9_2.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.19.13-1.el9_2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.el9_2.ppc64le"
},
"product_reference": "golang-bin-0:1.19.13-1.el9_2.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.19.13-1.el9_2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.el9_2.s390x"
},
"product_reference": "golang-bin-0:1.19.13-1.el9_2.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.19.13-1.el9_2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.el9_2.x86_64"
},
"product_reference": "golang-bin-0:1.19.13-1.el9_2.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-docs-0:1.19.13-1.el9_2.noarch as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:golang-docs-0:1.19.13-1.el9_2.noarch"
},
"product_reference": "golang-docs-0:1.19.13-1.el9_2.noarch",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-misc-0:1.19.13-1.el9_2.noarch as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:golang-misc-0:1.19.13-1.el9_2.noarch"
},
"product_reference": "golang-misc-0:1.19.13-1.el9_2.noarch",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-race-0:1.19.13-1.el9_2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:golang-race-0:1.19.13-1.el9_2.x86_64"
},
"product_reference": "golang-race-0:1.19.13-1.el9_2.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-src-0:1.19.13-1.el9_2.noarch as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:golang-src-0:1.19.13-1.el9_2.noarch"
},
"product_reference": "golang-src-0:1.19.13-1.el9_2.noarch",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-tests-0:1.19.13-1.el9_2.noarch as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:golang-tests-0:1.19.13-1.el9_2.noarch"
},
"product_reference": "golang-tests-0:1.19.13-1.el9_2.noarch",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-29406",
"cwe": {
"id": "CWE-113",
"name": "Improper Neutralization of CRLF Sequences in HTTP Headers (\u0027HTTP Request/Response Splitting\u0027)"
},
"discovery_date": "2023-07-12T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.src",
"AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2222167"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Golang, where it is vulnerable to HTTP header injection caused by improper content validation of the Host header by the HTTP/1 client. A remote attacker can inject arbitrary HTTP headers by persuading a victim to visit a specially crafted Web page. This flaw allows the attacker to conduct various attacks against the vulnerable system, including Cross-site scripting, cache poisoning, or session hijacking.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http: insufficient sanitization of Host header",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.src",
"AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:golang-docs-0:1.19.13-1.el9_2.noarch",
"AppStream-9.2.0.Z.MAIN.EUS:golang-misc-0:1.19.13-1.el9_2.noarch",
"AppStream-9.2.0.Z.MAIN.EUS:golang-race-0:1.19.13-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:golang-src-0:1.19.13-1.el9_2.noarch",
"AppStream-9.2.0.Z.MAIN.EUS:golang-tests-0:1.19.13-1.el9_2.noarch"
],
"known_not_affected": [
"AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.src",
"AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-29406"
},
{
"category": "external",
"summary": "RHBZ#2222167",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2222167"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-29406",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29406"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-29406",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29406"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/2q13H6LEEx0",
"url": "https://groups.google.com/g/golang-announce/c/2q13H6LEEx0"
}
],
"release_date": "2023-07-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-16T14:00:36+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.src",
"AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:golang-docs-0:1.19.13-1.el9_2.noarch",
"AppStream-9.2.0.Z.MAIN.EUS:golang-misc-0:1.19.13-1.el9_2.noarch",
"AppStream-9.2.0.Z.MAIN.EUS:golang-race-0:1.19.13-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:golang-src-0:1.19.13-1.el9_2.noarch",
"AppStream-9.2.0.Z.MAIN.EUS:golang-tests-0:1.19.13-1.el9_2.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:5738"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.src",
"AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.src",
"AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:golang-docs-0:1.19.13-1.el9_2.noarch",
"AppStream-9.2.0.Z.MAIN.EUS:golang-misc-0:1.19.13-1.el9_2.noarch",
"AppStream-9.2.0.Z.MAIN.EUS:golang-race-0:1.19.13-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:golang-src-0:1.19.13-1.el9_2.noarch",
"AppStream-9.2.0.Z.MAIN.EUS:golang-tests-0:1.19.13-1.el9_2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http: insufficient sanitization of Host header"
},
{
"cve": "CVE-2023-29409",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-08-03T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.src",
"AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2228743"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service vulnerability was found in the Golang Go package caused by an uncontrolled resource consumption flaw. By persuading a victim to use a specially crafted certificate with large RSA keys, a remote attacker can cause a client/server to expend significant CPU time verifying signatures, resulting in a denial of service condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: crypto/tls: slow verification of certificate chains containing large RSA keys",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.src",
"AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:golang-docs-0:1.19.13-1.el9_2.noarch",
"AppStream-9.2.0.Z.MAIN.EUS:golang-misc-0:1.19.13-1.el9_2.noarch",
"AppStream-9.2.0.Z.MAIN.EUS:golang-race-0:1.19.13-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:golang-src-0:1.19.13-1.el9_2.noarch",
"AppStream-9.2.0.Z.MAIN.EUS:golang-tests-0:1.19.13-1.el9_2.noarch"
],
"known_not_affected": [
"AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.src",
"AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-29409"
},
{
"category": "external",
"summary": "RHBZ#2228743",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2228743"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-29409",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29409"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-29409",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29409"
},
{
"category": "external",
"summary": "https://go.dev/cl/515257",
"url": "https://go.dev/cl/515257"
},
{
"category": "external",
"summary": "https://go.dev/issue/61460",
"url": "https://go.dev/issue/61460"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ",
"url": "https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-1987",
"url": "https://pkg.go.dev/vuln/GO-2023-1987"
}
],
"release_date": "2023-08-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-16T14:00:36+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.src",
"AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:golang-docs-0:1.19.13-1.el9_2.noarch",
"AppStream-9.2.0.Z.MAIN.EUS:golang-misc-0:1.19.13-1.el9_2.noarch",
"AppStream-9.2.0.Z.MAIN.EUS:golang-race-0:1.19.13-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:golang-src-0:1.19.13-1.el9_2.noarch",
"AppStream-9.2.0.Z.MAIN.EUS:golang-tests-0:1.19.13-1.el9_2.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:5738"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.src",
"AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.src",
"AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:golang-docs-0:1.19.13-1.el9_2.noarch",
"AppStream-9.2.0.Z.MAIN.EUS:golang-misc-0:1.19.13-1.el9_2.noarch",
"AppStream-9.2.0.Z.MAIN.EUS:golang-race-0:1.19.13-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:golang-src-0:1.19.13-1.el9_2.noarch",
"AppStream-9.2.0.Z.MAIN.EUS:golang-tests-0:1.19.13-1.el9_2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: crypto/tls: slow verification of certificate chains containing large RSA keys"
},
{
"cve": "CVE-2023-39325",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-10T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.src",
"AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2243296"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE is related to CVE-2023-44487.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nAs go-lang vendors its dependencies, a package may contain a library with a known vulnerability, solely because of lower tier libraries including it as a part of its dependencies, but the vulnerable code is not reachable at runtime. In such cases the issue is not exploitable. We classify these situations as \u201cNot affected\u201d or \u201cWill not fix,\u201d depending on the risk of breaking other unrelated packages.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.src",
"AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:golang-docs-0:1.19.13-1.el9_2.noarch",
"AppStream-9.2.0.Z.MAIN.EUS:golang-misc-0:1.19.13-1.el9_2.noarch",
"AppStream-9.2.0.Z.MAIN.EUS:golang-race-0:1.19.13-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:golang-src-0:1.19.13-1.el9_2.noarch",
"AppStream-9.2.0.Z.MAIN.EUS:golang-tests-0:1.19.13-1.el9_2.noarch"
],
"known_not_affected": [
"AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.src",
"AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39325"
},
{
"category": "external",
"summary": "RHBZ#2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2023-44487",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://go.dev/issue/63417",
"url": "https://go.dev/issue/63417"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-16T14:00:36+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.src",
"AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:golang-docs-0:1.19.13-1.el9_2.noarch",
"AppStream-9.2.0.Z.MAIN.EUS:golang-misc-0:1.19.13-1.el9_2.noarch",
"AppStream-9.2.0.Z.MAIN.EUS:golang-race-0:1.19.13-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:golang-src-0:1.19.13-1.el9_2.noarch",
"AppStream-9.2.0.Z.MAIN.EUS:golang-tests-0:1.19.13-1.el9_2.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:5738"
},
{
"category": "workaround",
"details": "The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.src",
"AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.src",
"AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:golang-docs-0:1.19.13-1.el9_2.noarch",
"AppStream-9.2.0.Z.MAIN.EUS:golang-misc-0:1.19.13-1.el9_2.noarch",
"AppStream-9.2.0.Z.MAIN.EUS:golang-race-0:1.19.13-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:golang-src-0:1.19.13-1.el9_2.noarch",
"AppStream-9.2.0.Z.MAIN.EUS:golang-tests-0:1.19.13-1.el9_2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.src",
"AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.src",
"AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:golang-docs-0:1.19.13-1.el9_2.noarch",
"AppStream-9.2.0.Z.MAIN.EUS:golang-misc-0:1.19.13-1.el9_2.noarch",
"AppStream-9.2.0.Z.MAIN.EUS:golang-race-0:1.19.13-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:golang-src-0:1.19.13-1.el9_2.noarch",
"AppStream-9.2.0.Z.MAIN.EUS:golang-tests-0:1.19.13-1.el9_2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)"
},
{
"cve": "CVE-2023-44487",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.src",
"AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2242803"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages.\r\n\r\nSecurity Bulletin\r\nhttps://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "NGINX has been marked as Moderate Impact because, for performance and resource consumption reasons, NGINX limits the number of concurrent streams to a default of 128. In addition, to optimally balance network and server performance, NGINX allows the client to persist HTTP connections for up to 1000 requests by default using an HTTP keepalive.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nrhc component is no longer impacted by CVE-2023-44487 \u0026 CVE-2023-39325.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.src",
"AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:golang-docs-0:1.19.13-1.el9_2.noarch",
"AppStream-9.2.0.Z.MAIN.EUS:golang-misc-0:1.19.13-1.el9_2.noarch",
"AppStream-9.2.0.Z.MAIN.EUS:golang-race-0:1.19.13-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:golang-src-0:1.19.13-1.el9_2.noarch",
"AppStream-9.2.0.Z.MAIN.EUS:golang-tests-0:1.19.13-1.el9_2.noarch"
],
"known_not_affected": [
"AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.src",
"AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "RHBZ#2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://github.com/dotnet/announcements/issues/277",
"url": "https://github.com/dotnet/announcements/issues/277"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
},
{
"category": "external",
"summary": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/",
"url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-16T14:00:36+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.src",
"AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:golang-docs-0:1.19.13-1.el9_2.noarch",
"AppStream-9.2.0.Z.MAIN.EUS:golang-misc-0:1.19.13-1.el9_2.noarch",
"AppStream-9.2.0.Z.MAIN.EUS:golang-race-0:1.19.13-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:golang-src-0:1.19.13-1.el9_2.noarch",
"AppStream-9.2.0.Z.MAIN.EUS:golang-tests-0:1.19.13-1.el9_2.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:5738"
},
{
"category": "workaround",
"details": "Users are strongly urged to update their software as soon as fixes are available. \nThere are several mitigation approaches for this flaw. \n\n1. If circumstances permit, users may disable http2 endpoints to circumvent the flaw altogether until a fix is available.\n2. IP-based blocking or flood protection and rate control tools may be used at network endpoints to filter incoming traffic.\n3. Several package specific mitigations are also available. \n a. nginx: https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\n b. netty: https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p\n c. haproxy: https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\n d. nghttp2: https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg\n e. golang: The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.src",
"AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.src",
"AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:golang-docs-0:1.19.13-1.el9_2.noarch",
"AppStream-9.2.0.Z.MAIN.EUS:golang-misc-0:1.19.13-1.el9_2.noarch",
"AppStream-9.2.0.Z.MAIN.EUS:golang-race-0:1.19.13-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:golang-src-0:1.19.13-1.el9_2.noarch",
"AppStream-9.2.0.Z.MAIN.EUS:golang-tests-0:1.19.13-1.el9_2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.src",
"AppStream-9.2.0.Z.MAIN.EUS:go-toolset-0:1.19.13-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.src",
"AppStream-9.2.0.Z.MAIN.EUS:golang-0:1.19.13-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:golang-bin-0:1.19.13-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:golang-docs-0:1.19.13-1.el9_2.noarch",
"AppStream-9.2.0.Z.MAIN.EUS:golang-misc-0:1.19.13-1.el9_2.noarch",
"AppStream-9.2.0.Z.MAIN.EUS:golang-race-0:1.19.13-1.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:golang-src-0:1.19.13-1.el9_2.noarch",
"AppStream-9.2.0.Z.MAIN.EUS:golang-tests-0:1.19.13-1.el9_2.noarch"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-10-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)"
}
]
}
RHSA-2023:5933
Vulnerability from csaf_redhat - Published: 2023-10-26 01:04 - Updated: 2026-06-05 13:08Summary
Red Hat Security Advisory: Openshift Secondary Scheduler Operator 1.1.3 security update
Severity
Important
Notes
Topic: Secondary Scheduler Operator for Red Hat OpenShift 1.1.3
An update for secondary-scheduler-operator-bundle-container and secondary-scheduler-operator-container is now available for OSSO-1.1-RHEL-8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Secondary Scheduler Operator for Red Hat OpenShift 1.1.3
Security Fix(es):
* golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) (CVE-2023-39325)
* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)
* golang: net/http: insufficient sanitization of Host header (CVE-2023-29406)
* golang: crypto/tls: slow verification of certificate chains containing large RSA keys (CVE-2023-29409)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in Golang, where it is vulnerable to HTTP header injection caused by improper content validation of the Host header by the HTTP/1 client. A remote attacker can inject arbitrary HTTP headers by persuading a victim to visit a specially crafted Web page. This flaw allows the attacker to conduct various attacks against the vulnerable system, including Cross-site scripting, cache poisoning, or session hijacking.
6.5 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-rhel8@sha256:fb305e8ee14a0cd1f45da0bdd9000a1f9d0a9c4dd20e300004c3cef26997b9b8_amd64 | — |
Vendor Fix
fix
|
Known not affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-bundle@sha256:51458b1eafc32dd920558e757506e9b71856b5b47744284c961c5430766536b2_amd64 | — |
Threats
Impact
Moderate
A denial of service vulnerability was found in the Golang Go package caused by an uncontrolled resource consumption flaw. By persuading a victim to use a specially crafted certificate with large RSA keys, a remote attacker can cause a client/server to expend significant CPU time verifying signatures, resulting in a denial of service condition.
5.3 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-rhel8@sha256:fb305e8ee14a0cd1f45da0bdd9000a1f9d0a9c4dd20e300004c3cef26997b9b8_amd64 | — |
Vendor Fix
fix
|
Known not affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-bundle@sha256:51458b1eafc32dd920558e757506e9b71856b5b47744284c961c5430766536b2_amd64 | — |
Threats
Impact
Moderate
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-rhel8@sha256:fb305e8ee14a0cd1f45da0bdd9000a1f9d0a9c4dd20e300004c3cef26997b9b8_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-bundle@sha256:51458b1eafc32dd920558e757506e9b71856b5b47744284c961c5430766536b2_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages. Security Bulletin https://access.redhat.com/security/vulnerabilities/RHSB-2023-003
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-rhel8@sha256:fb305e8ee14a0cd1f45da0bdd9000a1f9d0a9c4dd20e300004c3cef26997b9b8_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-bundle@sha256:51458b1eafc32dd920558e757506e9b71856b5b47744284c961c5430766536b2_amd64 | — |
Workaround
|
Threats
Exploit Status
CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Impact
Important
References
38 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Secondary Scheduler Operator for Red Hat OpenShift 1.1.3\n\nAn update for secondary-scheduler-operator-bundle-container and secondary-scheduler-operator-container is now available for OSSO-1.1-RHEL-8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Secondary Scheduler Operator for Red Hat OpenShift 1.1.3\n\nSecurity Fix(es):\n\n* golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) (CVE-2023-39325)\n\n* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)\n\n* golang: net/http: insufficient sanitization of Host header (CVE-2023-29406)\n\n* golang: crypto/tls: slow verification of certificate chains containing large RSA keys (CVE-2023-29409)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:5933",
"url": "https://access.redhat.com/errata/RHSA-2023:5933"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "2222167",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2222167"
},
{
"category": "external",
"summary": "2228743",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2228743"
},
{
"category": "external",
"summary": "2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "external",
"summary": "WRKLDS-878",
"url": "https://issues.redhat.com/browse/WRKLDS-878"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_5933.json"
}
],
"title": "Red Hat Security Advisory: Openshift Secondary Scheduler Operator 1.1.3 security update",
"tracking": {
"current_release_date": "2026-06-05T13:08:03+00:00",
"generator": {
"date": "2026-06-05T13:08:03+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.2"
}
},
"id": "RHSA-2023:5933",
"initial_release_date": "2023-10-26T01:04:37+00:00",
"revision_history": [
{
"date": "2023-10-26T01:04:37+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-10-26T21:11:21+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-05T13:08:03+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "OSSO 1.1 for RHEL 8",
"product": {
"name": "OSSO 1.1 for RHEL 8",
"product_id": "8Base-OSSO-1.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_secondary_scheduler:1.1::el8"
}
}
}
],
"category": "product_family",
"name": "Openshift Secondary Scheduler Operator"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-secondary-scheduler-operator/secondary-scheduler-operator-bundle@sha256:51458b1eafc32dd920558e757506e9b71856b5b47744284c961c5430766536b2_amd64",
"product": {
"name": "openshift-secondary-scheduler-operator/secondary-scheduler-operator-bundle@sha256:51458b1eafc32dd920558e757506e9b71856b5b47744284c961c5430766536b2_amd64",
"product_id": "openshift-secondary-scheduler-operator/secondary-scheduler-operator-bundle@sha256:51458b1eafc32dd920558e757506e9b71856b5b47744284c961c5430766536b2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/secondary-scheduler-operator-bundle@sha256:51458b1eafc32dd920558e757506e9b71856b5b47744284c961c5430766536b2?arch=amd64\u0026repository_url=registry.redhat.io/openshift-secondary-scheduler-operator/secondary-scheduler-operator-bundle\u0026tag=v1.1-34"
}
}
},
{
"category": "product_version",
"name": "openshift-secondary-scheduler-operator/secondary-scheduler-operator-rhel8@sha256:fb305e8ee14a0cd1f45da0bdd9000a1f9d0a9c4dd20e300004c3cef26997b9b8_amd64",
"product": {
"name": "openshift-secondary-scheduler-operator/secondary-scheduler-operator-rhel8@sha256:fb305e8ee14a0cd1f45da0bdd9000a1f9d0a9c4dd20e300004c3cef26997b9b8_amd64",
"product_id": "openshift-secondary-scheduler-operator/secondary-scheduler-operator-rhel8@sha256:fb305e8ee14a0cd1f45da0bdd9000a1f9d0a9c4dd20e300004c3cef26997b9b8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/secondary-scheduler-operator-rhel8@sha256:fb305e8ee14a0cd1f45da0bdd9000a1f9d0a9c4dd20e300004c3cef26997b9b8?arch=amd64\u0026repository_url=registry.redhat.io/openshift-secondary-scheduler-operator/secondary-scheduler-operator-rhel8\u0026tag=v1.1-37"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-secondary-scheduler-operator/secondary-scheduler-operator-bundle@sha256:51458b1eafc32dd920558e757506e9b71856b5b47744284c961c5430766536b2_amd64 as a component of OSSO 1.1 for RHEL 8",
"product_id": "8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-bundle@sha256:51458b1eafc32dd920558e757506e9b71856b5b47744284c961c5430766536b2_amd64"
},
"product_reference": "openshift-secondary-scheduler-operator/secondary-scheduler-operator-bundle@sha256:51458b1eafc32dd920558e757506e9b71856b5b47744284c961c5430766536b2_amd64",
"relates_to_product_reference": "8Base-OSSO-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-secondary-scheduler-operator/secondary-scheduler-operator-rhel8@sha256:fb305e8ee14a0cd1f45da0bdd9000a1f9d0a9c4dd20e300004c3cef26997b9b8_amd64 as a component of OSSO 1.1 for RHEL 8",
"product_id": "8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-rhel8@sha256:fb305e8ee14a0cd1f45da0bdd9000a1f9d0a9c4dd20e300004c3cef26997b9b8_amd64"
},
"product_reference": "openshift-secondary-scheduler-operator/secondary-scheduler-operator-rhel8@sha256:fb305e8ee14a0cd1f45da0bdd9000a1f9d0a9c4dd20e300004c3cef26997b9b8_amd64",
"relates_to_product_reference": "8Base-OSSO-1.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-29406",
"cwe": {
"id": "CWE-113",
"name": "Improper Neutralization of CRLF Sequences in HTTP Headers (\u0027HTTP Request/Response Splitting\u0027)"
},
"discovery_date": "2023-07-12T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-bundle@sha256:51458b1eafc32dd920558e757506e9b71856b5b47744284c961c5430766536b2_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2222167"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Golang, where it is vulnerable to HTTP header injection caused by improper content validation of the Host header by the HTTP/1 client. A remote attacker can inject arbitrary HTTP headers by persuading a victim to visit a specially crafted Web page. This flaw allows the attacker to conduct various attacks against the vulnerable system, including Cross-site scripting, cache poisoning, or session hijacking.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http: insufficient sanitization of Host header",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-rhel8@sha256:fb305e8ee14a0cd1f45da0bdd9000a1f9d0a9c4dd20e300004c3cef26997b9b8_amd64"
],
"known_not_affected": [
"8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-bundle@sha256:51458b1eafc32dd920558e757506e9b71856b5b47744284c961c5430766536b2_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-29406"
},
{
"category": "external",
"summary": "RHBZ#2222167",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2222167"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-29406",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29406"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-29406",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29406"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/2q13H6LEEx0",
"url": "https://groups.google.com/g/golang-announce/c/2q13H6LEEx0"
}
],
"release_date": "2023-07-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-26T01:04:37+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-rhel8@sha256:fb305e8ee14a0cd1f45da0bdd9000a1f9d0a9c4dd20e300004c3cef26997b9b8_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:5933"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-bundle@sha256:51458b1eafc32dd920558e757506e9b71856b5b47744284c961c5430766536b2_amd64",
"8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-rhel8@sha256:fb305e8ee14a0cd1f45da0bdd9000a1f9d0a9c4dd20e300004c3cef26997b9b8_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http: insufficient sanitization of Host header"
},
{
"cve": "CVE-2023-29409",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-08-03T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-bundle@sha256:51458b1eafc32dd920558e757506e9b71856b5b47744284c961c5430766536b2_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2228743"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service vulnerability was found in the Golang Go package caused by an uncontrolled resource consumption flaw. By persuading a victim to use a specially crafted certificate with large RSA keys, a remote attacker can cause a client/server to expend significant CPU time verifying signatures, resulting in a denial of service condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: crypto/tls: slow verification of certificate chains containing large RSA keys",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-rhel8@sha256:fb305e8ee14a0cd1f45da0bdd9000a1f9d0a9c4dd20e300004c3cef26997b9b8_amd64"
],
"known_not_affected": [
"8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-bundle@sha256:51458b1eafc32dd920558e757506e9b71856b5b47744284c961c5430766536b2_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-29409"
},
{
"category": "external",
"summary": "RHBZ#2228743",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2228743"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-29409",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29409"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-29409",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29409"
},
{
"category": "external",
"summary": "https://go.dev/cl/515257",
"url": "https://go.dev/cl/515257"
},
{
"category": "external",
"summary": "https://go.dev/issue/61460",
"url": "https://go.dev/issue/61460"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ",
"url": "https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-1987",
"url": "https://pkg.go.dev/vuln/GO-2023-1987"
}
],
"release_date": "2023-08-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-26T01:04:37+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-rhel8@sha256:fb305e8ee14a0cd1f45da0bdd9000a1f9d0a9c4dd20e300004c3cef26997b9b8_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:5933"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-bundle@sha256:51458b1eafc32dd920558e757506e9b71856b5b47744284c961c5430766536b2_amd64",
"8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-rhel8@sha256:fb305e8ee14a0cd1f45da0bdd9000a1f9d0a9c4dd20e300004c3cef26997b9b8_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: crypto/tls: slow verification of certificate chains containing large RSA keys"
},
{
"cve": "CVE-2023-39325",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-10T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-bundle@sha256:51458b1eafc32dd920558e757506e9b71856b5b47744284c961c5430766536b2_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2243296"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE is related to CVE-2023-44487.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nAs go-lang vendors its dependencies, a package may contain a library with a known vulnerability, solely because of lower tier libraries including it as a part of its dependencies, but the vulnerable code is not reachable at runtime. In such cases the issue is not exploitable. We classify these situations as \u201cNot affected\u201d or \u201cWill not fix,\u201d depending on the risk of breaking other unrelated packages.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-rhel8@sha256:fb305e8ee14a0cd1f45da0bdd9000a1f9d0a9c4dd20e300004c3cef26997b9b8_amd64"
],
"known_not_affected": [
"8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-bundle@sha256:51458b1eafc32dd920558e757506e9b71856b5b47744284c961c5430766536b2_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39325"
},
{
"category": "external",
"summary": "RHBZ#2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2023-44487",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://go.dev/issue/63417",
"url": "https://go.dev/issue/63417"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-26T01:04:37+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-rhel8@sha256:fb305e8ee14a0cd1f45da0bdd9000a1f9d0a9c4dd20e300004c3cef26997b9b8_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:5933"
},
{
"category": "workaround",
"details": "The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-bundle@sha256:51458b1eafc32dd920558e757506e9b71856b5b47744284c961c5430766536b2_amd64",
"8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-rhel8@sha256:fb305e8ee14a0cd1f45da0bdd9000a1f9d0a9c4dd20e300004c3cef26997b9b8_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-bundle@sha256:51458b1eafc32dd920558e757506e9b71856b5b47744284c961c5430766536b2_amd64",
"8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-rhel8@sha256:fb305e8ee14a0cd1f45da0bdd9000a1f9d0a9c4dd20e300004c3cef26997b9b8_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)"
},
{
"cve": "CVE-2023-44487",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-bundle@sha256:51458b1eafc32dd920558e757506e9b71856b5b47744284c961c5430766536b2_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2242803"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages.\r\n\r\nSecurity Bulletin\r\nhttps://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "NGINX has been marked as Moderate Impact because, for performance and resource consumption reasons, NGINX limits the number of concurrent streams to a default of 128. In addition, to optimally balance network and server performance, NGINX allows the client to persist HTTP connections for up to 1000 requests by default using an HTTP keepalive.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nrhc component is no longer impacted by CVE-2023-44487 \u0026 CVE-2023-39325.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-rhel8@sha256:fb305e8ee14a0cd1f45da0bdd9000a1f9d0a9c4dd20e300004c3cef26997b9b8_amd64"
],
"known_not_affected": [
"8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-bundle@sha256:51458b1eafc32dd920558e757506e9b71856b5b47744284c961c5430766536b2_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "RHBZ#2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://github.com/dotnet/announcements/issues/277",
"url": "https://github.com/dotnet/announcements/issues/277"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
},
{
"category": "external",
"summary": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/",
"url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-26T01:04:37+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-rhel8@sha256:fb305e8ee14a0cd1f45da0bdd9000a1f9d0a9c4dd20e300004c3cef26997b9b8_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:5933"
},
{
"category": "workaround",
"details": "Users are strongly urged to update their software as soon as fixes are available. \nThere are several mitigation approaches for this flaw. \n\n1. If circumstances permit, users may disable http2 endpoints to circumvent the flaw altogether until a fix is available.\n2. IP-based blocking or flood protection and rate control tools may be used at network endpoints to filter incoming traffic.\n3. Several package specific mitigations are also available. \n a. nginx: https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\n b. netty: https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p\n c. haproxy: https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\n d. nghttp2: https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg\n e. golang: The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-bundle@sha256:51458b1eafc32dd920558e757506e9b71856b5b47744284c961c5430766536b2_amd64",
"8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-rhel8@sha256:fb305e8ee14a0cd1f45da0bdd9000a1f9d0a9c4dd20e300004c3cef26997b9b8_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-bundle@sha256:51458b1eafc32dd920558e757506e9b71856b5b47744284c961c5430766536b2_amd64",
"8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-rhel8@sha256:fb305e8ee14a0cd1f45da0bdd9000a1f9d0a9c4dd20e300004c3cef26997b9b8_amd64"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-10-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)"
}
]
}
RHSA-2023:5935
Vulnerability from csaf_redhat - Published: 2023-10-19 16:50 - Updated: 2026-06-05 13:08Summary
Red Hat Security Advisory: Red Hat OpenStack Platform 16.2.5 security update
Severity
Important
Notes
Topic: An update for osp-director-agent-container, osp-director-downloader-container, osp-director-operator-bundle-container, and osp-director-operator-container is now available for Red Hat OpenStack Platform 16.2.5.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Security Fix(es):
* golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) (CVE-2023-39325)
* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)
* golang: crypto/tls: large handshake records may cause panics (CVE-2022-41724)
* golang: net/http, mime/multipart: denial of service from excessive resource consumption (CVE-2022-41725)
* golang: crypto/internal/nistec: specific unreduced P-256 scalars produce incorrect results (CVE-2023-24532)
* golang: net/http: insufficient sanitization of Host header (CVE-2023-29406)
* golang: crypto/tls: slow verification of certificate chains containing large RSA keys (CVE-2023-29409)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in Golang Go, where it is vulnerable to a denial of service caused when processing large TLS handshake records. By sending specially-crafted TLS handshake records, a remote, authenticated attacker can cause a denial of service condition.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOS-16.2:rhosp-rhel8/osp-director-agent@sha256:669c11288ec857369274ef710c6f6ce4ca1355f9e18f43cb9bc49ab089d8f4a6_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOS-16.2:rhosp-rhel8/osp-director-downloader@sha256:79f994acd1e9e2b58143915f73590b1cbb3381b37285088973fef549545b3a8a_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOS-16.2:rhosp-rhel8/osp-director-operator-bundle@sha256:fe042ad7fa6c0b0cc3645205b817c70ed2498ac8f3d992dfaef5ca921b46da7f_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOS-16.2:rhosp-rhel8/osp-director-operator@sha256:451c7a787a5d8560f71928921eee70875c9c3fa58a606f602d6677a9872fea47_amd64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in Go, where it is vulnerable to a denial of service caused by an excessive resource consumption flaw in the net/http and mime/multipart packages. By sending a specially-crafted request, a remote attacker can cause a denial of service.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOS-16.2:rhosp-rhel8/osp-director-agent@sha256:669c11288ec857369274ef710c6f6ce4ca1355f9e18f43cb9bc49ab089d8f4a6_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOS-16.2:rhosp-rhel8/osp-director-downloader@sha256:79f994acd1e9e2b58143915f73590b1cbb3381b37285088973fef549545b3a8a_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOS-16.2:rhosp-rhel8/osp-director-operator-bundle@sha256:fe042ad7fa6c0b0cc3645205b817c70ed2498ac8f3d992dfaef5ca921b46da7f_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOS-16.2:rhosp-rhel8/osp-director-operator@sha256:451c7a787a5d8560f71928921eee70875c9c3fa58a606f602d6677a9872fea47_amd64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the crypto/internal/nistec golang library. The ScalarMult and ScalarBaseMult methods of the P256 Curve may return an incorrect result if called with some specific unreduced scalars, such as a scalar larger than the order of the curve. This does not impact usages of crypto/ecdsa or crypto/ecdh.
5.3 (Medium)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOS-16.2:rhosp-rhel8/osp-director-agent@sha256:669c11288ec857369274ef710c6f6ce4ca1355f9e18f43cb9bc49ab089d8f4a6_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOS-16.2:rhosp-rhel8/osp-director-downloader@sha256:79f994acd1e9e2b58143915f73590b1cbb3381b37285088973fef549545b3a8a_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOS-16.2:rhosp-rhel8/osp-director-operator-bundle@sha256:fe042ad7fa6c0b0cc3645205b817c70ed2498ac8f3d992dfaef5ca921b46da7f_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOS-16.2:rhosp-rhel8/osp-director-operator@sha256:451c7a787a5d8560f71928921eee70875c9c3fa58a606f602d6677a9872fea47_amd64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in Golang, where it is vulnerable to HTTP header injection caused by improper content validation of the Host header by the HTTP/1 client. A remote attacker can inject arbitrary HTTP headers by persuading a victim to visit a specially crafted Web page. This flaw allows the attacker to conduct various attacks against the vulnerable system, including Cross-site scripting, cache poisoning, or session hijacking.
6.5 (Medium)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOS-16.2:rhosp-rhel8/osp-director-agent@sha256:669c11288ec857369274ef710c6f6ce4ca1355f9e18f43cb9bc49ab089d8f4a6_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOS-16.2:rhosp-rhel8/osp-director-downloader@sha256:79f994acd1e9e2b58143915f73590b1cbb3381b37285088973fef549545b3a8a_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOS-16.2:rhosp-rhel8/osp-director-operator-bundle@sha256:fe042ad7fa6c0b0cc3645205b817c70ed2498ac8f3d992dfaef5ca921b46da7f_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOS-16.2:rhosp-rhel8/osp-director-operator@sha256:451c7a787a5d8560f71928921eee70875c9c3fa58a606f602d6677a9872fea47_amd64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A denial of service vulnerability was found in the Golang Go package caused by an uncontrolled resource consumption flaw. By persuading a victim to use a specially crafted certificate with large RSA keys, a remote attacker can cause a client/server to expend significant CPU time verifying signatures, resulting in a denial of service condition.
5.3 (Medium)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOS-16.2:rhosp-rhel8/osp-director-agent@sha256:669c11288ec857369274ef710c6f6ce4ca1355f9e18f43cb9bc49ab089d8f4a6_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOS-16.2:rhosp-rhel8/osp-director-downloader@sha256:79f994acd1e9e2b58143915f73590b1cbb3381b37285088973fef549545b3a8a_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOS-16.2:rhosp-rhel8/osp-director-operator-bundle@sha256:fe042ad7fa6c0b0cc3645205b817c70ed2498ac8f3d992dfaef5ca921b46da7f_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOS-16.2:rhosp-rhel8/osp-director-operator@sha256:451c7a787a5d8560f71928921eee70875c9c3fa58a606f602d6677a9872fea47_amd64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOS-16.2:rhosp-rhel8/osp-director-agent@sha256:669c11288ec857369274ef710c6f6ce4ca1355f9e18f43cb9bc49ab089d8f4a6_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOS-16.2:rhosp-rhel8/osp-director-downloader@sha256:79f994acd1e9e2b58143915f73590b1cbb3381b37285088973fef549545b3a8a_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOS-16.2:rhosp-rhel8/osp-director-operator-bundle@sha256:fe042ad7fa6c0b0cc3645205b817c70ed2498ac8f3d992dfaef5ca921b46da7f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOS-16.2:rhosp-rhel8/osp-director-operator@sha256:451c7a787a5d8560f71928921eee70875c9c3fa58a606f602d6677a9872fea47_amd64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages. Security Bulletin https://access.redhat.com/security/vulnerabilities/RHSB-2023-003
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOS-16.2:rhosp-rhel8/osp-director-agent@sha256:669c11288ec857369274ef710c6f6ce4ca1355f9e18f43cb9bc49ab089d8f4a6_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOS-16.2:rhosp-rhel8/osp-director-downloader@sha256:79f994acd1e9e2b58143915f73590b1cbb3381b37285088973fef549545b3a8a_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOS-16.2:rhosp-rhel8/osp-director-operator-bundle@sha256:fe042ad7fa6c0b0cc3645205b817c70ed2498ac8f3d992dfaef5ca921b46da7f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOS-16.2:rhosp-rhel8/osp-director-operator@sha256:451c7a787a5d8560f71928921eee70875c9c3fa58a606f602d6677a9872fea47_amd64 | — |
Vendor Fix
fix
Workaround
|
Threats
Exploit Status
CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Impact
Important
References
63 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for osp-director-agent-container, osp-director-downloader-container, osp-director-operator-bundle-container, and osp-director-operator-container is now available for Red Hat OpenStack Platform 16.2.5.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Security Fix(es):\n\n* golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) (CVE-2023-39325)\n\n* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)\n\n* golang: crypto/tls: large handshake records may cause panics (CVE-2022-41724)\n\n* golang: net/http, mime/multipart: denial of service from excessive resource consumption (CVE-2022-41725)\n\n* golang: crypto/internal/nistec: specific unreduced P-256 scalars produce incorrect results (CVE-2023-24532)\n\n* golang: net/http: insufficient sanitization of Host header (CVE-2023-29406)\n\n* golang: crypto/tls: slow verification of certificate chains containing large RSA keys (CVE-2023-29409)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:5935",
"url": "https://access.redhat.com/errata/RHSA-2023:5935"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "2178488",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178488"
},
{
"category": "external",
"summary": "2178492",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178492"
},
{
"category": "external",
"summary": "2222167",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2222167"
},
{
"category": "external",
"summary": "2223355",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2223355"
},
{
"category": "external",
"summary": "2228743",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2228743"
},
{
"category": "external",
"summary": "2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_5935.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenStack Platform 16.2.5 security update",
"tracking": {
"current_release_date": "2026-06-05T13:08:04+00:00",
"generator": {
"date": "2026-06-05T13:08:04+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.2"
}
},
"id": "RHSA-2023:5935",
"initial_release_date": "2023-10-19T16:50:07+00:00",
"revision_history": [
{
"date": "2023-10-19T16:50:07+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-10-19T16:50:07+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-05T13:08:04+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenStack Platform 16.2",
"product": {
"name": "Red Hat OpenStack Platform 16.2",
"product_id": "8Base-RHOS-16.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openstack:16.2::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenStack Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "rhosp-rhel8/osp-director-agent@sha256:669c11288ec857369274ef710c6f6ce4ca1355f9e18f43cb9bc49ab089d8f4a6_amd64",
"product": {
"name": "rhosp-rhel8/osp-director-agent@sha256:669c11288ec857369274ef710c6f6ce4ca1355f9e18f43cb9bc49ab089d8f4a6_amd64",
"product_id": "rhosp-rhel8/osp-director-agent@sha256:669c11288ec857369274ef710c6f6ce4ca1355f9e18f43cb9bc49ab089d8f4a6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/osp-director-agent@sha256:669c11288ec857369274ef710c6f6ce4ca1355f9e18f43cb9bc49ab089d8f4a6?arch=amd64\u0026repository_url=registry.redhat.io/rhosp-rhel8/osp-director-agent\u0026tag=1.3.0-10"
}
}
},
{
"category": "product_version",
"name": "rhosp-rhel8/osp-director-downloader@sha256:79f994acd1e9e2b58143915f73590b1cbb3381b37285088973fef549545b3a8a_amd64",
"product": {
"name": "rhosp-rhel8/osp-director-downloader@sha256:79f994acd1e9e2b58143915f73590b1cbb3381b37285088973fef549545b3a8a_amd64",
"product_id": "rhosp-rhel8/osp-director-downloader@sha256:79f994acd1e9e2b58143915f73590b1cbb3381b37285088973fef549545b3a8a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/osp-director-downloader@sha256:79f994acd1e9e2b58143915f73590b1cbb3381b37285088973fef549545b3a8a?arch=amd64\u0026repository_url=registry.redhat.io/rhosp-rhel8/osp-director-downloader\u0026tag=1.3.0-11"
}
}
},
{
"category": "product_version",
"name": "rhosp-rhel8/osp-director-operator-bundle@sha256:fe042ad7fa6c0b0cc3645205b817c70ed2498ac8f3d992dfaef5ca921b46da7f_amd64",
"product": {
"name": "rhosp-rhel8/osp-director-operator-bundle@sha256:fe042ad7fa6c0b0cc3645205b817c70ed2498ac8f3d992dfaef5ca921b46da7f_amd64",
"product_id": "rhosp-rhel8/osp-director-operator-bundle@sha256:fe042ad7fa6c0b0cc3645205b817c70ed2498ac8f3d992dfaef5ca921b46da7f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/osp-director-operator-bundle@sha256:fe042ad7fa6c0b0cc3645205b817c70ed2498ac8f3d992dfaef5ca921b46da7f?arch=amd64\u0026repository_url=registry.redhat.io/rhosp-rhel8/osp-director-operator-bundle\u0026tag=1.3.0-19"
}
}
},
{
"category": "product_version",
"name": "rhosp-rhel8/osp-director-operator@sha256:451c7a787a5d8560f71928921eee70875c9c3fa58a606f602d6677a9872fea47_amd64",
"product": {
"name": "rhosp-rhel8/osp-director-operator@sha256:451c7a787a5d8560f71928921eee70875c9c3fa58a606f602d6677a9872fea47_amd64",
"product_id": "rhosp-rhel8/osp-director-operator@sha256:451c7a787a5d8560f71928921eee70875c9c3fa58a606f602d6677a9872fea47_amd64",
"product_identification_helper": {
"purl": "pkg:oci/osp-director-operator@sha256:451c7a787a5d8560f71928921eee70875c9c3fa58a606f602d6677a9872fea47?arch=amd64\u0026repository_url=registry.redhat.io/rhosp-rhel8/osp-director-operator\u0026tag=1.3.0-9"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosp-rhel8/osp-director-agent@sha256:669c11288ec857369274ef710c6f6ce4ca1355f9e18f43cb9bc49ab089d8f4a6_amd64 as a component of Red Hat OpenStack Platform 16.2",
"product_id": "8Base-RHOS-16.2:rhosp-rhel8/osp-director-agent@sha256:669c11288ec857369274ef710c6f6ce4ca1355f9e18f43cb9bc49ab089d8f4a6_amd64"
},
"product_reference": "rhosp-rhel8/osp-director-agent@sha256:669c11288ec857369274ef710c6f6ce4ca1355f9e18f43cb9bc49ab089d8f4a6_amd64",
"relates_to_product_reference": "8Base-RHOS-16.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosp-rhel8/osp-director-downloader@sha256:79f994acd1e9e2b58143915f73590b1cbb3381b37285088973fef549545b3a8a_amd64 as a component of Red Hat OpenStack Platform 16.2",
"product_id": "8Base-RHOS-16.2:rhosp-rhel8/osp-director-downloader@sha256:79f994acd1e9e2b58143915f73590b1cbb3381b37285088973fef549545b3a8a_amd64"
},
"product_reference": "rhosp-rhel8/osp-director-downloader@sha256:79f994acd1e9e2b58143915f73590b1cbb3381b37285088973fef549545b3a8a_amd64",
"relates_to_product_reference": "8Base-RHOS-16.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosp-rhel8/osp-director-operator-bundle@sha256:fe042ad7fa6c0b0cc3645205b817c70ed2498ac8f3d992dfaef5ca921b46da7f_amd64 as a component of Red Hat OpenStack Platform 16.2",
"product_id": "8Base-RHOS-16.2:rhosp-rhel8/osp-director-operator-bundle@sha256:fe042ad7fa6c0b0cc3645205b817c70ed2498ac8f3d992dfaef5ca921b46da7f_amd64"
},
"product_reference": "rhosp-rhel8/osp-director-operator-bundle@sha256:fe042ad7fa6c0b0cc3645205b817c70ed2498ac8f3d992dfaef5ca921b46da7f_amd64",
"relates_to_product_reference": "8Base-RHOS-16.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosp-rhel8/osp-director-operator@sha256:451c7a787a5d8560f71928921eee70875c9c3fa58a606f602d6677a9872fea47_amd64 as a component of Red Hat OpenStack Platform 16.2",
"product_id": "8Base-RHOS-16.2:rhosp-rhel8/osp-director-operator@sha256:451c7a787a5d8560f71928921eee70875c9c3fa58a606f602d6677a9872fea47_amd64"
},
"product_reference": "rhosp-rhel8/osp-director-operator@sha256:451c7a787a5d8560f71928921eee70875c9c3fa58a606f602d6677a9872fea47_amd64",
"relates_to_product_reference": "8Base-RHOS-16.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-41724",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-03-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2178492"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Golang Go, where it is vulnerable to a denial of service caused when processing large TLS handshake records. By sending specially-crafted TLS handshake records, a remote, authenticated attacker can cause a denial of service condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: crypto/tls: large handshake records may cause panics",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The opportunity for a denial of service is limited to the golang runtime. In the case of the OpenShift Container Platform, this would be restricted within each individual container. There are multiple layers of guide rails (Golang\u2019s Garbage Collector; OpenShift\u2019s resource constraints imposed at the container and cluster levels) which would require a malicious user to continue submitting attacks for there to be any enduring impact. They would also need access to external server resources to be able to send a massive volume of requests to cause a significant impact on server operations.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOS-16.2:rhosp-rhel8/osp-director-agent@sha256:669c11288ec857369274ef710c6f6ce4ca1355f9e18f43cb9bc49ab089d8f4a6_amd64",
"8Base-RHOS-16.2:rhosp-rhel8/osp-director-downloader@sha256:79f994acd1e9e2b58143915f73590b1cbb3381b37285088973fef549545b3a8a_amd64",
"8Base-RHOS-16.2:rhosp-rhel8/osp-director-operator-bundle@sha256:fe042ad7fa6c0b0cc3645205b817c70ed2498ac8f3d992dfaef5ca921b46da7f_amd64",
"8Base-RHOS-16.2:rhosp-rhel8/osp-director-operator@sha256:451c7a787a5d8560f71928921eee70875c9c3fa58a606f602d6677a9872fea47_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41724"
},
{
"category": "external",
"summary": "RHBZ#2178492",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178492"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41724",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41724"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41724",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41724"
},
{
"category": "external",
"summary": "https://go.dev/cl/468125",
"url": "https://go.dev/cl/468125"
},
{
"category": "external",
"summary": "https://go.dev/issue/58001",
"url": "https://go.dev/issue/58001"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E",
"url": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-1570",
"url": "https://pkg.go.dev/vuln/GO-2023-1570"
}
],
"release_date": "2023-02-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-19T16:50:07+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOS-16.2:rhosp-rhel8/osp-director-agent@sha256:669c11288ec857369274ef710c6f6ce4ca1355f9e18f43cb9bc49ab089d8f4a6_amd64",
"8Base-RHOS-16.2:rhosp-rhel8/osp-director-downloader@sha256:79f994acd1e9e2b58143915f73590b1cbb3381b37285088973fef549545b3a8a_amd64",
"8Base-RHOS-16.2:rhosp-rhel8/osp-director-operator-bundle@sha256:fe042ad7fa6c0b0cc3645205b817c70ed2498ac8f3d992dfaef5ca921b46da7f_amd64",
"8Base-RHOS-16.2:rhosp-rhel8/osp-director-operator@sha256:451c7a787a5d8560f71928921eee70875c9c3fa58a606f602d6677a9872fea47_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:5935"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOS-16.2:rhosp-rhel8/osp-director-agent@sha256:669c11288ec857369274ef710c6f6ce4ca1355f9e18f43cb9bc49ab089d8f4a6_amd64",
"8Base-RHOS-16.2:rhosp-rhel8/osp-director-downloader@sha256:79f994acd1e9e2b58143915f73590b1cbb3381b37285088973fef549545b3a8a_amd64",
"8Base-RHOS-16.2:rhosp-rhel8/osp-director-operator-bundle@sha256:fe042ad7fa6c0b0cc3645205b817c70ed2498ac8f3d992dfaef5ca921b46da7f_amd64",
"8Base-RHOS-16.2:rhosp-rhel8/osp-director-operator@sha256:451c7a787a5d8560f71928921eee70875c9c3fa58a606f602d6677a9872fea47_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: crypto/tls: large handshake records may cause panics"
},
{
"cve": "CVE-2022-41725",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-03-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2178488"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go, where it is vulnerable to a denial of service caused by an excessive resource consumption flaw in the net/http and mime/multipart packages. By sending a specially-crafted request, a remote attacker can cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http, mime/multipart: denial of service from excessive resource consumption",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The opportunity for a Denial of Service is limited to the golang runtime. In the case of the OpenShift Container Platform, this would be restricted within each individual container. There are multiple layers of guide rails (Golang\u2019s Garbage Collector; OpenShift\u2019s resource constraints imposed at the container and cluster levels) which would require a malicious user to continue submitting attacks for there to be any enduring impact. They would also need access to external server resources to be able to send a massive volume of requests to cause a significant impact on server operations.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOS-16.2:rhosp-rhel8/osp-director-agent@sha256:669c11288ec857369274ef710c6f6ce4ca1355f9e18f43cb9bc49ab089d8f4a6_amd64",
"8Base-RHOS-16.2:rhosp-rhel8/osp-director-downloader@sha256:79f994acd1e9e2b58143915f73590b1cbb3381b37285088973fef549545b3a8a_amd64",
"8Base-RHOS-16.2:rhosp-rhel8/osp-director-operator-bundle@sha256:fe042ad7fa6c0b0cc3645205b817c70ed2498ac8f3d992dfaef5ca921b46da7f_amd64",
"8Base-RHOS-16.2:rhosp-rhel8/osp-director-operator@sha256:451c7a787a5d8560f71928921eee70875c9c3fa58a606f602d6677a9872fea47_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41725"
},
{
"category": "external",
"summary": "RHBZ#2178488",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178488"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41725",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41725"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41725",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41725"
},
{
"category": "external",
"summary": "https://go.dev/cl/468124",
"url": "https://go.dev/cl/468124"
},
{
"category": "external",
"summary": "https://go.dev/issue/58006",
"url": "https://go.dev/issue/58006"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E",
"url": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-1569",
"url": "https://pkg.go.dev/vuln/GO-2023-1569"
}
],
"release_date": "2023-02-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-19T16:50:07+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOS-16.2:rhosp-rhel8/osp-director-agent@sha256:669c11288ec857369274ef710c6f6ce4ca1355f9e18f43cb9bc49ab089d8f4a6_amd64",
"8Base-RHOS-16.2:rhosp-rhel8/osp-director-downloader@sha256:79f994acd1e9e2b58143915f73590b1cbb3381b37285088973fef549545b3a8a_amd64",
"8Base-RHOS-16.2:rhosp-rhel8/osp-director-operator-bundle@sha256:fe042ad7fa6c0b0cc3645205b817c70ed2498ac8f3d992dfaef5ca921b46da7f_amd64",
"8Base-RHOS-16.2:rhosp-rhel8/osp-director-operator@sha256:451c7a787a5d8560f71928921eee70875c9c3fa58a606f602d6677a9872fea47_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:5935"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOS-16.2:rhosp-rhel8/osp-director-agent@sha256:669c11288ec857369274ef710c6f6ce4ca1355f9e18f43cb9bc49ab089d8f4a6_amd64",
"8Base-RHOS-16.2:rhosp-rhel8/osp-director-downloader@sha256:79f994acd1e9e2b58143915f73590b1cbb3381b37285088973fef549545b3a8a_amd64",
"8Base-RHOS-16.2:rhosp-rhel8/osp-director-operator-bundle@sha256:fe042ad7fa6c0b0cc3645205b817c70ed2498ac8f3d992dfaef5ca921b46da7f_amd64",
"8Base-RHOS-16.2:rhosp-rhel8/osp-director-operator@sha256:451c7a787a5d8560f71928921eee70875c9c3fa58a606f602d6677a9872fea47_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http, mime/multipart: denial of service from excessive resource consumption"
},
{
"cve": "CVE-2023-24532",
"cwe": {
"id": "CWE-682",
"name": "Incorrect Calculation"
},
"discovery_date": "2023-07-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2223355"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the crypto/internal/nistec golang library. The ScalarMult and ScalarBaseMult methods of the P256 Curve may return an incorrect result if called with some specific unreduced scalars, such as a scalar larger than the order of the curve. This does not impact usages of crypto/ecdsa or crypto/ecdh.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: crypto/internal/nistec: specific unreduced P-256 scalars produce incorrect results",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOS-16.2:rhosp-rhel8/osp-director-agent@sha256:669c11288ec857369274ef710c6f6ce4ca1355f9e18f43cb9bc49ab089d8f4a6_amd64",
"8Base-RHOS-16.2:rhosp-rhel8/osp-director-downloader@sha256:79f994acd1e9e2b58143915f73590b1cbb3381b37285088973fef549545b3a8a_amd64",
"8Base-RHOS-16.2:rhosp-rhel8/osp-director-operator-bundle@sha256:fe042ad7fa6c0b0cc3645205b817c70ed2498ac8f3d992dfaef5ca921b46da7f_amd64",
"8Base-RHOS-16.2:rhosp-rhel8/osp-director-operator@sha256:451c7a787a5d8560f71928921eee70875c9c3fa58a606f602d6677a9872fea47_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-24532"
},
{
"category": "external",
"summary": "RHBZ#2223355",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2223355"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-24532",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24532"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-24532",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24532"
},
{
"category": "external",
"summary": "https://go.dev/cl/471255",
"url": "https://go.dev/cl/471255"
},
{
"category": "external",
"summary": "https://go.dev/issue/58647",
"url": "https://go.dev/issue/58647"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/3-TpUx48iQY",
"url": "https://groups.google.com/g/golang-announce/c/3-TpUx48iQY"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-1621",
"url": "https://pkg.go.dev/vuln/GO-2023-1621"
}
],
"release_date": "2023-03-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-19T16:50:07+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOS-16.2:rhosp-rhel8/osp-director-agent@sha256:669c11288ec857369274ef710c6f6ce4ca1355f9e18f43cb9bc49ab089d8f4a6_amd64",
"8Base-RHOS-16.2:rhosp-rhel8/osp-director-downloader@sha256:79f994acd1e9e2b58143915f73590b1cbb3381b37285088973fef549545b3a8a_amd64",
"8Base-RHOS-16.2:rhosp-rhel8/osp-director-operator-bundle@sha256:fe042ad7fa6c0b0cc3645205b817c70ed2498ac8f3d992dfaef5ca921b46da7f_amd64",
"8Base-RHOS-16.2:rhosp-rhel8/osp-director-operator@sha256:451c7a787a5d8560f71928921eee70875c9c3fa58a606f602d6677a9872fea47_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:5935"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOS-16.2:rhosp-rhel8/osp-director-agent@sha256:669c11288ec857369274ef710c6f6ce4ca1355f9e18f43cb9bc49ab089d8f4a6_amd64",
"8Base-RHOS-16.2:rhosp-rhel8/osp-director-downloader@sha256:79f994acd1e9e2b58143915f73590b1cbb3381b37285088973fef549545b3a8a_amd64",
"8Base-RHOS-16.2:rhosp-rhel8/osp-director-operator-bundle@sha256:fe042ad7fa6c0b0cc3645205b817c70ed2498ac8f3d992dfaef5ca921b46da7f_amd64",
"8Base-RHOS-16.2:rhosp-rhel8/osp-director-operator@sha256:451c7a787a5d8560f71928921eee70875c9c3fa58a606f602d6677a9872fea47_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: crypto/internal/nistec: specific unreduced P-256 scalars produce incorrect results"
},
{
"cve": "CVE-2023-29406",
"cwe": {
"id": "CWE-113",
"name": "Improper Neutralization of CRLF Sequences in HTTP Headers (\u0027HTTP Request/Response Splitting\u0027)"
},
"discovery_date": "2023-07-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2222167"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Golang, where it is vulnerable to HTTP header injection caused by improper content validation of the Host header by the HTTP/1 client. A remote attacker can inject arbitrary HTTP headers by persuading a victim to visit a specially crafted Web page. This flaw allows the attacker to conduct various attacks against the vulnerable system, including Cross-site scripting, cache poisoning, or session hijacking.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http: insufficient sanitization of Host header",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOS-16.2:rhosp-rhel8/osp-director-agent@sha256:669c11288ec857369274ef710c6f6ce4ca1355f9e18f43cb9bc49ab089d8f4a6_amd64",
"8Base-RHOS-16.2:rhosp-rhel8/osp-director-downloader@sha256:79f994acd1e9e2b58143915f73590b1cbb3381b37285088973fef549545b3a8a_amd64",
"8Base-RHOS-16.2:rhosp-rhel8/osp-director-operator-bundle@sha256:fe042ad7fa6c0b0cc3645205b817c70ed2498ac8f3d992dfaef5ca921b46da7f_amd64",
"8Base-RHOS-16.2:rhosp-rhel8/osp-director-operator@sha256:451c7a787a5d8560f71928921eee70875c9c3fa58a606f602d6677a9872fea47_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-29406"
},
{
"category": "external",
"summary": "RHBZ#2222167",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2222167"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-29406",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29406"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-29406",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29406"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/2q13H6LEEx0",
"url": "https://groups.google.com/g/golang-announce/c/2q13H6LEEx0"
}
],
"release_date": "2023-07-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-19T16:50:07+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOS-16.2:rhosp-rhel8/osp-director-agent@sha256:669c11288ec857369274ef710c6f6ce4ca1355f9e18f43cb9bc49ab089d8f4a6_amd64",
"8Base-RHOS-16.2:rhosp-rhel8/osp-director-downloader@sha256:79f994acd1e9e2b58143915f73590b1cbb3381b37285088973fef549545b3a8a_amd64",
"8Base-RHOS-16.2:rhosp-rhel8/osp-director-operator-bundle@sha256:fe042ad7fa6c0b0cc3645205b817c70ed2498ac8f3d992dfaef5ca921b46da7f_amd64",
"8Base-RHOS-16.2:rhosp-rhel8/osp-director-operator@sha256:451c7a787a5d8560f71928921eee70875c9c3fa58a606f602d6677a9872fea47_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:5935"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOS-16.2:rhosp-rhel8/osp-director-agent@sha256:669c11288ec857369274ef710c6f6ce4ca1355f9e18f43cb9bc49ab089d8f4a6_amd64",
"8Base-RHOS-16.2:rhosp-rhel8/osp-director-downloader@sha256:79f994acd1e9e2b58143915f73590b1cbb3381b37285088973fef549545b3a8a_amd64",
"8Base-RHOS-16.2:rhosp-rhel8/osp-director-operator-bundle@sha256:fe042ad7fa6c0b0cc3645205b817c70ed2498ac8f3d992dfaef5ca921b46da7f_amd64",
"8Base-RHOS-16.2:rhosp-rhel8/osp-director-operator@sha256:451c7a787a5d8560f71928921eee70875c9c3fa58a606f602d6677a9872fea47_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http: insufficient sanitization of Host header"
},
{
"cve": "CVE-2023-29409",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-08-03T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2228743"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service vulnerability was found in the Golang Go package caused by an uncontrolled resource consumption flaw. By persuading a victim to use a specially crafted certificate with large RSA keys, a remote attacker can cause a client/server to expend significant CPU time verifying signatures, resulting in a denial of service condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: crypto/tls: slow verification of certificate chains containing large RSA keys",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOS-16.2:rhosp-rhel8/osp-director-agent@sha256:669c11288ec857369274ef710c6f6ce4ca1355f9e18f43cb9bc49ab089d8f4a6_amd64",
"8Base-RHOS-16.2:rhosp-rhel8/osp-director-downloader@sha256:79f994acd1e9e2b58143915f73590b1cbb3381b37285088973fef549545b3a8a_amd64",
"8Base-RHOS-16.2:rhosp-rhel8/osp-director-operator-bundle@sha256:fe042ad7fa6c0b0cc3645205b817c70ed2498ac8f3d992dfaef5ca921b46da7f_amd64",
"8Base-RHOS-16.2:rhosp-rhel8/osp-director-operator@sha256:451c7a787a5d8560f71928921eee70875c9c3fa58a606f602d6677a9872fea47_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-29409"
},
{
"category": "external",
"summary": "RHBZ#2228743",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2228743"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-29409",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29409"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-29409",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29409"
},
{
"category": "external",
"summary": "https://go.dev/cl/515257",
"url": "https://go.dev/cl/515257"
},
{
"category": "external",
"summary": "https://go.dev/issue/61460",
"url": "https://go.dev/issue/61460"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ",
"url": "https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-1987",
"url": "https://pkg.go.dev/vuln/GO-2023-1987"
}
],
"release_date": "2023-08-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-19T16:50:07+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOS-16.2:rhosp-rhel8/osp-director-agent@sha256:669c11288ec857369274ef710c6f6ce4ca1355f9e18f43cb9bc49ab089d8f4a6_amd64",
"8Base-RHOS-16.2:rhosp-rhel8/osp-director-downloader@sha256:79f994acd1e9e2b58143915f73590b1cbb3381b37285088973fef549545b3a8a_amd64",
"8Base-RHOS-16.2:rhosp-rhel8/osp-director-operator-bundle@sha256:fe042ad7fa6c0b0cc3645205b817c70ed2498ac8f3d992dfaef5ca921b46da7f_amd64",
"8Base-RHOS-16.2:rhosp-rhel8/osp-director-operator@sha256:451c7a787a5d8560f71928921eee70875c9c3fa58a606f602d6677a9872fea47_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:5935"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"8Base-RHOS-16.2:rhosp-rhel8/osp-director-agent@sha256:669c11288ec857369274ef710c6f6ce4ca1355f9e18f43cb9bc49ab089d8f4a6_amd64",
"8Base-RHOS-16.2:rhosp-rhel8/osp-director-downloader@sha256:79f994acd1e9e2b58143915f73590b1cbb3381b37285088973fef549545b3a8a_amd64",
"8Base-RHOS-16.2:rhosp-rhel8/osp-director-operator-bundle@sha256:fe042ad7fa6c0b0cc3645205b817c70ed2498ac8f3d992dfaef5ca921b46da7f_amd64",
"8Base-RHOS-16.2:rhosp-rhel8/osp-director-operator@sha256:451c7a787a5d8560f71928921eee70875c9c3fa58a606f602d6677a9872fea47_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: crypto/tls: slow verification of certificate chains containing large RSA keys"
},
{
"cve": "CVE-2023-39325",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2243296"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE is related to CVE-2023-44487.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nAs go-lang vendors its dependencies, a package may contain a library with a known vulnerability, solely because of lower tier libraries including it as a part of its dependencies, but the vulnerable code is not reachable at runtime. In such cases the issue is not exploitable. We classify these situations as \u201cNot affected\u201d or \u201cWill not fix,\u201d depending on the risk of breaking other unrelated packages.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOS-16.2:rhosp-rhel8/osp-director-agent@sha256:669c11288ec857369274ef710c6f6ce4ca1355f9e18f43cb9bc49ab089d8f4a6_amd64",
"8Base-RHOS-16.2:rhosp-rhel8/osp-director-downloader@sha256:79f994acd1e9e2b58143915f73590b1cbb3381b37285088973fef549545b3a8a_amd64",
"8Base-RHOS-16.2:rhosp-rhel8/osp-director-operator-bundle@sha256:fe042ad7fa6c0b0cc3645205b817c70ed2498ac8f3d992dfaef5ca921b46da7f_amd64",
"8Base-RHOS-16.2:rhosp-rhel8/osp-director-operator@sha256:451c7a787a5d8560f71928921eee70875c9c3fa58a606f602d6677a9872fea47_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39325"
},
{
"category": "external",
"summary": "RHBZ#2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2023-44487",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://go.dev/issue/63417",
"url": "https://go.dev/issue/63417"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-19T16:50:07+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOS-16.2:rhosp-rhel8/osp-director-agent@sha256:669c11288ec857369274ef710c6f6ce4ca1355f9e18f43cb9bc49ab089d8f4a6_amd64",
"8Base-RHOS-16.2:rhosp-rhel8/osp-director-downloader@sha256:79f994acd1e9e2b58143915f73590b1cbb3381b37285088973fef549545b3a8a_amd64",
"8Base-RHOS-16.2:rhosp-rhel8/osp-director-operator-bundle@sha256:fe042ad7fa6c0b0cc3645205b817c70ed2498ac8f3d992dfaef5ca921b46da7f_amd64",
"8Base-RHOS-16.2:rhosp-rhel8/osp-director-operator@sha256:451c7a787a5d8560f71928921eee70875c9c3fa58a606f602d6677a9872fea47_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:5935"
},
{
"category": "workaround",
"details": "The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"8Base-RHOS-16.2:rhosp-rhel8/osp-director-agent@sha256:669c11288ec857369274ef710c6f6ce4ca1355f9e18f43cb9bc49ab089d8f4a6_amd64",
"8Base-RHOS-16.2:rhosp-rhel8/osp-director-downloader@sha256:79f994acd1e9e2b58143915f73590b1cbb3381b37285088973fef549545b3a8a_amd64",
"8Base-RHOS-16.2:rhosp-rhel8/osp-director-operator-bundle@sha256:fe042ad7fa6c0b0cc3645205b817c70ed2498ac8f3d992dfaef5ca921b46da7f_amd64",
"8Base-RHOS-16.2:rhosp-rhel8/osp-director-operator@sha256:451c7a787a5d8560f71928921eee70875c9c3fa58a606f602d6677a9872fea47_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOS-16.2:rhosp-rhel8/osp-director-agent@sha256:669c11288ec857369274ef710c6f6ce4ca1355f9e18f43cb9bc49ab089d8f4a6_amd64",
"8Base-RHOS-16.2:rhosp-rhel8/osp-director-downloader@sha256:79f994acd1e9e2b58143915f73590b1cbb3381b37285088973fef549545b3a8a_amd64",
"8Base-RHOS-16.2:rhosp-rhel8/osp-director-operator-bundle@sha256:fe042ad7fa6c0b0cc3645205b817c70ed2498ac8f3d992dfaef5ca921b46da7f_amd64",
"8Base-RHOS-16.2:rhosp-rhel8/osp-director-operator@sha256:451c7a787a5d8560f71928921eee70875c9c3fa58a606f602d6677a9872fea47_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)"
},
{
"cve": "CVE-2023-44487",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2242803"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages.\r\n\r\nSecurity Bulletin\r\nhttps://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "NGINX has been marked as Moderate Impact because, for performance and resource consumption reasons, NGINX limits the number of concurrent streams to a default of 128. In addition, to optimally balance network and server performance, NGINX allows the client to persist HTTP connections for up to 1000 requests by default using an HTTP keepalive.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nrhc component is no longer impacted by CVE-2023-44487 \u0026 CVE-2023-39325.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOS-16.2:rhosp-rhel8/osp-director-agent@sha256:669c11288ec857369274ef710c6f6ce4ca1355f9e18f43cb9bc49ab089d8f4a6_amd64",
"8Base-RHOS-16.2:rhosp-rhel8/osp-director-downloader@sha256:79f994acd1e9e2b58143915f73590b1cbb3381b37285088973fef549545b3a8a_amd64",
"8Base-RHOS-16.2:rhosp-rhel8/osp-director-operator-bundle@sha256:fe042ad7fa6c0b0cc3645205b817c70ed2498ac8f3d992dfaef5ca921b46da7f_amd64",
"8Base-RHOS-16.2:rhosp-rhel8/osp-director-operator@sha256:451c7a787a5d8560f71928921eee70875c9c3fa58a606f602d6677a9872fea47_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "RHBZ#2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://github.com/dotnet/announcements/issues/277",
"url": "https://github.com/dotnet/announcements/issues/277"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
},
{
"category": "external",
"summary": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/",
"url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-19T16:50:07+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOS-16.2:rhosp-rhel8/osp-director-agent@sha256:669c11288ec857369274ef710c6f6ce4ca1355f9e18f43cb9bc49ab089d8f4a6_amd64",
"8Base-RHOS-16.2:rhosp-rhel8/osp-director-downloader@sha256:79f994acd1e9e2b58143915f73590b1cbb3381b37285088973fef549545b3a8a_amd64",
"8Base-RHOS-16.2:rhosp-rhel8/osp-director-operator-bundle@sha256:fe042ad7fa6c0b0cc3645205b817c70ed2498ac8f3d992dfaef5ca921b46da7f_amd64",
"8Base-RHOS-16.2:rhosp-rhel8/osp-director-operator@sha256:451c7a787a5d8560f71928921eee70875c9c3fa58a606f602d6677a9872fea47_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:5935"
},
{
"category": "workaround",
"details": "Users are strongly urged to update their software as soon as fixes are available. \nThere are several mitigation approaches for this flaw. \n\n1. If circumstances permit, users may disable http2 endpoints to circumvent the flaw altogether until a fix is available.\n2. IP-based blocking or flood protection and rate control tools may be used at network endpoints to filter incoming traffic.\n3. Several package specific mitigations are also available. \n a. nginx: https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\n b. netty: https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p\n c. haproxy: https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\n d. nghttp2: https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg\n e. golang: The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"8Base-RHOS-16.2:rhosp-rhel8/osp-director-agent@sha256:669c11288ec857369274ef710c6f6ce4ca1355f9e18f43cb9bc49ab089d8f4a6_amd64",
"8Base-RHOS-16.2:rhosp-rhel8/osp-director-downloader@sha256:79f994acd1e9e2b58143915f73590b1cbb3381b37285088973fef549545b3a8a_amd64",
"8Base-RHOS-16.2:rhosp-rhel8/osp-director-operator-bundle@sha256:fe042ad7fa6c0b0cc3645205b817c70ed2498ac8f3d992dfaef5ca921b46da7f_amd64",
"8Base-RHOS-16.2:rhosp-rhel8/osp-director-operator@sha256:451c7a787a5d8560f71928921eee70875c9c3fa58a606f602d6677a9872fea47_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOS-16.2:rhosp-rhel8/osp-director-agent@sha256:669c11288ec857369274ef710c6f6ce4ca1355f9e18f43cb9bc49ab089d8f4a6_amd64",
"8Base-RHOS-16.2:rhosp-rhel8/osp-director-downloader@sha256:79f994acd1e9e2b58143915f73590b1cbb3381b37285088973fef549545b3a8a_amd64",
"8Base-RHOS-16.2:rhosp-rhel8/osp-director-operator-bundle@sha256:fe042ad7fa6c0b0cc3645205b817c70ed2498ac8f3d992dfaef5ca921b46da7f_amd64",
"8Base-RHOS-16.2:rhosp-rhel8/osp-director-operator@sha256:451c7a787a5d8560f71928921eee70875c9c3fa58a606f602d6677a9872fea47_amd64"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-10-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)"
}
]
}
RHSA-2023:5947
Vulnerability from csaf_redhat - Published: 2023-10-26 00:47 - Updated: 2026-06-05 13:08Summary
Red Hat Security Advisory: Run Once Duration Override Operator for Red Hat OpenShift 1.0.1 security update
Severity
Important
Notes
Topic: An update for run-once-duration-override-container, run-once-duration-override-operator-bundle-container, and run-once-duration-override-operator-container is now available for RODOO-1.0-RHEL-8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: The Run Once Duration Override Operator for Red Hat OpenShift is an optional
operator that makes it possible to override activeDeadlineSecondsOverride
field during pod admission.
Security Fix(es):
* golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) (CVE-2023-39325)
* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)
* golang: html/template: improper handling of JavaScript whitespace (CVE-2023-24540)
* golang: crypto/internal/nistec: specific unreduced P-256 scalars produce incorrect results (CVE-2023-24532)
* golang: html/template: improper sanitization of CSS values (CVE-2023-24539)
* golang: html/template: improper handling of empty HTML attributes (CVE-2023-29400)
* golang: net/http: insufficient sanitization of Host header (CVE-2023-29406)
* golang: crypto/tls: slow verification of certificate chains containing large RSA keys (CVE-2023-29409)
* golang: html/template: improper handling of HTML-like comments within script contexts (CVE-2023-39318)
* golang: html/template: improper handling of special tags within script contexts (CVE-2023-39319)
* golang: crypto/tls: panic when processing post-handshake message on QUIC connections (CVE-2023-39321)
* golang: crypto/tls: lack of a limit on buffered post-handshake (CVE-2023-39322)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the crypto/internal/nistec golang library. The ScalarMult and ScalarBaseMult methods of the P256 Curve may return an incorrect result if called with some specific unreduced scalars, such as a scalar larger than the order of the curve. This does not impact usages of crypto/ecdsa or crypto/ecdh.
5.3 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-rhel8@sha256:70c5f120078cec9a22f2e754e5606ebe5d086e38aeb5fc9daac18fced6705f43_amd64 | — |
Vendor Fix
fix
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-bundle@sha256:5e2f382d233fab6817da02d17459b3e6e8c16f0be58270221b66d87ce3d09cc6_amd64 | — | ||
| Unresolved product id: 8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-rhel8@sha256:a43806835a54ea3c712e1cbb96cd7ff2cd0434912ae1cbc11b4f54524c15c40b_amd64 | — |
Threats
Impact
Moderate
A flaw was found in golang where angle brackets (<>) were not considered dangerous characters when inserted into CSS contexts. Templates containing multiple actions separated by a '/' character could result in the CSS context unexpectedly closing, allowing for the injection of unexpected HMTL if executed with untrusted input.
7.3 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-rhel8@sha256:70c5f120078cec9a22f2e754e5606ebe5d086e38aeb5fc9daac18fced6705f43_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-bundle@sha256:5e2f382d233fab6817da02d17459b3e6e8c16f0be58270221b66d87ce3d09cc6_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-rhel8@sha256:a43806835a54ea3c712e1cbb96cd7ff2cd0434912ae1cbc11b4f54524c15c40b_amd64 | — |
Workaround
|
Threats
Impact
Moderate
A flaw was found in golang, where not all valid JavaScript white-space characters were considered white space. Due to this issue, templates containing white-space characters outside of the character set "\t\n\f\r\u0020\u2028\u2029" in JavaScript contexts that also contain actions may not be properly sanitized during execution.
8.1 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-rhel8@sha256:70c5f120078cec9a22f2e754e5606ebe5d086e38aeb5fc9daac18fced6705f43_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-bundle@sha256:5e2f382d233fab6817da02d17459b3e6e8c16f0be58270221b66d87ce3d09cc6_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-rhel8@sha256:a43806835a54ea3c712e1cbb96cd7ff2cd0434912ae1cbc11b4f54524c15c40b_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in golang. Templates containing actions in unquoted HTML attributes, for example, "attr={{.}}") executed with empty input, could result in output that has unexpected results when parsed due to HTML normalization rules. This issue may allow the injection of arbitrary attributes into tags.
7.3 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-rhel8@sha256:70c5f120078cec9a22f2e754e5606ebe5d086e38aeb5fc9daac18fced6705f43_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-bundle@sha256:5e2f382d233fab6817da02d17459b3e6e8c16f0be58270221b66d87ce3d09cc6_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-rhel8@sha256:a43806835a54ea3c712e1cbb96cd7ff2cd0434912ae1cbc11b4f54524c15c40b_amd64 | — |
Workaround
|
Threats
Impact
Moderate
A flaw was found in Golang, where it is vulnerable to HTTP header injection caused by improper content validation of the Host header by the HTTP/1 client. A remote attacker can inject arbitrary HTTP headers by persuading a victim to visit a specially crafted Web page. This flaw allows the attacker to conduct various attacks against the vulnerable system, including Cross-site scripting, cache poisoning, or session hijacking.
6.5 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-rhel8@sha256:70c5f120078cec9a22f2e754e5606ebe5d086e38aeb5fc9daac18fced6705f43_amd64 | — |
Vendor Fix
fix
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-bundle@sha256:5e2f382d233fab6817da02d17459b3e6e8c16f0be58270221b66d87ce3d09cc6_amd64 | — | ||
| Unresolved product id: 8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-rhel8@sha256:a43806835a54ea3c712e1cbb96cd7ff2cd0434912ae1cbc11b4f54524c15c40b_amd64 | — |
Threats
Impact
Moderate
A denial of service vulnerability was found in the Golang Go package caused by an uncontrolled resource consumption flaw. By persuading a victim to use a specially crafted certificate with large RSA keys, a remote attacker can cause a client/server to expend significant CPU time verifying signatures, resulting in a denial of service condition.
5.3 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-rhel8@sha256:70c5f120078cec9a22f2e754e5606ebe5d086e38aeb5fc9daac18fced6705f43_amd64 | — |
Vendor Fix
fix
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-bundle@sha256:5e2f382d233fab6817da02d17459b3e6e8c16f0be58270221b66d87ce3d09cc6_amd64 | — | ||
| Unresolved product id: 8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-rhel8@sha256:a43806835a54ea3c712e1cbb96cd7ff2cd0434912ae1cbc11b4f54524c15c40b_amd64 | — |
Threats
Impact
Moderate
A flaw was found in Golang. The html/template package did not properly handle HMTL-like "<!--" and "-->" comment tokens, nor hashbang "#!" comment tokens, in <script> contexts. This issue may cause the template parser to improperly interpret the contents of <script> contexts, causing actions to be improperly escaped.
6.1 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-rhel8@sha256:70c5f120078cec9a22f2e754e5606ebe5d086e38aeb5fc9daac18fced6705f43_amd64 | — |
Vendor Fix
fix
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-bundle@sha256:5e2f382d233fab6817da02d17459b3e6e8c16f0be58270221b66d87ce3d09cc6_amd64 | — | ||
| Unresolved product id: 8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-rhel8@sha256:a43806835a54ea3c712e1cbb96cd7ff2cd0434912ae1cbc11b4f54524c15c40b_amd64 | — |
Threats
Impact
Moderate
A flaw was found in Golang. The html/template package did not apply the proper rules for handling occurrences of "<script", "<!--", and "</script" within JS literals in <script> contexts. This issue may cause the template parser to improperly consider script contexts to be terminated early, causing actions to be improperly escaped.
6.1 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-rhel8@sha256:70c5f120078cec9a22f2e754e5606ebe5d086e38aeb5fc9daac18fced6705f43_amd64 | — |
Vendor Fix
fix
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-bundle@sha256:5e2f382d233fab6817da02d17459b3e6e8c16f0be58270221b66d87ce3d09cc6_amd64 | — | ||
| Unresolved product id: 8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-rhel8@sha256:a43806835a54ea3c712e1cbb96cd7ff2cd0434912ae1cbc11b4f54524c15c40b_amd64 | — |
Threats
Impact
Moderate
A flaw was found in Golang. Processing an incomplete post-handshake message for a QUIC connection caused a panic.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-rhel8@sha256:70c5f120078cec9a22f2e754e5606ebe5d086e38aeb5fc9daac18fced6705f43_amd64 | — |
Vendor Fix
fix
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-bundle@sha256:5e2f382d233fab6817da02d17459b3e6e8c16f0be58270221b66d87ce3d09cc6_amd64 | — | ||
| Unresolved product id: 8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-rhel8@sha256:a43806835a54ea3c712e1cbb96cd7ff2cd0434912ae1cbc11b4f54524c15c40b_amd64 | — |
Threats
Impact
Moderate
A flaw was found in Golang. QUIC connections do not set an upper bound on the amount of data buffered when reading post-handshake messages, allowing a malicious QUIC connection to cause unbounded memory growth. With the fix, connections now consistently reject messages larger than 65KiB in size.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-rhel8@sha256:70c5f120078cec9a22f2e754e5606ebe5d086e38aeb5fc9daac18fced6705f43_amd64 | — |
Vendor Fix
fix
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-bundle@sha256:5e2f382d233fab6817da02d17459b3e6e8c16f0be58270221b66d87ce3d09cc6_amd64 | — | ||
| Unresolved product id: 8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-rhel8@sha256:a43806835a54ea3c712e1cbb96cd7ff2cd0434912ae1cbc11b4f54524c15c40b_amd64 | — |
Threats
Impact
Moderate
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-rhel8@sha256:70c5f120078cec9a22f2e754e5606ebe5d086e38aeb5fc9daac18fced6705f43_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-bundle@sha256:5e2f382d233fab6817da02d17459b3e6e8c16f0be58270221b66d87ce3d09cc6_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-rhel8@sha256:a43806835a54ea3c712e1cbb96cd7ff2cd0434912ae1cbc11b4f54524c15c40b_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages. Security Bulletin https://access.redhat.com/security/vulnerabilities/RHSB-2023-003
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-rhel8@sha256:70c5f120078cec9a22f2e754e5606ebe5d086e38aeb5fc9daac18fced6705f43_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-bundle@sha256:5e2f382d233fab6817da02d17459b3e6e8c16f0be58270221b66d87ce3d09cc6_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-rhel8@sha256:a43806835a54ea3c712e1cbb96cd7ff2cd0434912ae1cbc11b4f54524c15c40b_amd64 | — |
Workaround
|
Threats
Exploit Status
CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Impact
Important
References
98 references
Acknowledgments
Mattermost
Juho Nurminen
GMO Cybersecurity by Ierae, Inc.
Takeshi Kaneko
Martin Seemann
Marten Seemann
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for run-once-duration-override-container, run-once-duration-override-operator-bundle-container, and run-once-duration-override-operator-container is now available for RODOO-1.0-RHEL-8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The Run Once Duration Override Operator for Red Hat OpenShift is an optional\noperator that makes it possible to override activeDeadlineSecondsOverride\nfield during pod admission.\n\nSecurity Fix(es):\n\n* golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) (CVE-2023-39325)\n\n* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)\n\n* golang: html/template: improper handling of JavaScript whitespace (CVE-2023-24540)\n\n* golang: crypto/internal/nistec: specific unreduced P-256 scalars produce incorrect results (CVE-2023-24532)\n\n* golang: html/template: improper sanitization of CSS values (CVE-2023-24539)\n\n* golang: html/template: improper handling of empty HTML attributes (CVE-2023-29400)\n\n* golang: net/http: insufficient sanitization of Host header (CVE-2023-29406)\n\n* golang: crypto/tls: slow verification of certificate chains containing large RSA keys (CVE-2023-29409)\n\n* golang: html/template: improper handling of HTML-like comments within script contexts (CVE-2023-39318)\n\n* golang: html/template: improper handling of special tags within script contexts (CVE-2023-39319)\n\n* golang: crypto/tls: panic when processing post-handshake message on QUIC connections (CVE-2023-39321)\n\n* golang: crypto/tls: lack of a limit on buffered post-handshake (CVE-2023-39322)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:5947",
"url": "https://access.redhat.com/errata/RHSA-2023:5947"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "2196026",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2196026"
},
{
"category": "external",
"summary": "2196027",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2196027"
},
{
"category": "external",
"summary": "2196029",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2196029"
},
{
"category": "external",
"summary": "2222167",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2222167"
},
{
"category": "external",
"summary": "2223355",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2223355"
},
{
"category": "external",
"summary": "2228743",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2228743"
},
{
"category": "external",
"summary": "2237773",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237773"
},
{
"category": "external",
"summary": "2237776",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237776"
},
{
"category": "external",
"summary": "2237777",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237777"
},
{
"category": "external",
"summary": "2237778",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237778"
},
{
"category": "external",
"summary": "2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "external",
"summary": "OCPBUGS-20489",
"url": "https://issues.redhat.com/browse/OCPBUGS-20489"
},
{
"category": "external",
"summary": "WRKLDS-780",
"url": "https://issues.redhat.com/browse/WRKLDS-780"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_5947.json"
}
],
"title": "Red Hat Security Advisory: Run Once Duration Override Operator for Red Hat OpenShift 1.0.1 security update",
"tracking": {
"current_release_date": "2026-06-05T13:08:04+00:00",
"generator": {
"date": "2026-06-05T13:08:04+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.2"
}
},
"id": "RHSA-2023:5947",
"initial_release_date": "2023-10-26T00:47:43+00:00",
"revision_history": [
{
"date": "2023-10-26T00:47:43+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-10-26T00:47:43+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-05T13:08:04+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RODOO 1.0 for RHEL 8",
"product": {
"name": "RODOO 1.0 for RHEL 8",
"product_id": "8Base-RODOO-1.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:run_once_duration_override_operator:1.0::el8"
}
}
}
],
"category": "product_family",
"name": "Run Once Duration Override Operator"
},
{
"branches": [
{
"category": "product_version",
"name": "run-once-duration-override-operator/run-once-duration-override-rhel8@sha256:70c5f120078cec9a22f2e754e5606ebe5d086e38aeb5fc9daac18fced6705f43_amd64",
"product": {
"name": "run-once-duration-override-operator/run-once-duration-override-rhel8@sha256:70c5f120078cec9a22f2e754e5606ebe5d086e38aeb5fc9daac18fced6705f43_amd64",
"product_id": "run-once-duration-override-operator/run-once-duration-override-rhel8@sha256:70c5f120078cec9a22f2e754e5606ebe5d086e38aeb5fc9daac18fced6705f43_amd64",
"product_identification_helper": {
"purl": "pkg:oci/run-once-duration-override-rhel8@sha256:70c5f120078cec9a22f2e754e5606ebe5d086e38aeb5fc9daac18fced6705f43?arch=amd64\u0026repository_url=registry.redhat.io/run-once-duration-override-operator/run-once-duration-override-rhel8\u0026tag=v1.0-30"
}
}
},
{
"category": "product_version",
"name": "run-once-duration-override-operator/run-once-duration-override-operator-bundle@sha256:5e2f382d233fab6817da02d17459b3e6e8c16f0be58270221b66d87ce3d09cc6_amd64",
"product": {
"name": "run-once-duration-override-operator/run-once-duration-override-operator-bundle@sha256:5e2f382d233fab6817da02d17459b3e6e8c16f0be58270221b66d87ce3d09cc6_amd64",
"product_id": "run-once-duration-override-operator/run-once-duration-override-operator-bundle@sha256:5e2f382d233fab6817da02d17459b3e6e8c16f0be58270221b66d87ce3d09cc6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/run-once-duration-override-operator-bundle@sha256:5e2f382d233fab6817da02d17459b3e6e8c16f0be58270221b66d87ce3d09cc6?arch=amd64\u0026repository_url=registry.redhat.io/run-once-duration-override-operator/run-once-duration-override-operator-bundle\u0026tag=v1.0-20"
}
}
},
{
"category": "product_version",
"name": "run-once-duration-override-operator/run-once-duration-override-operator-rhel8@sha256:a43806835a54ea3c712e1cbb96cd7ff2cd0434912ae1cbc11b4f54524c15c40b_amd64",
"product": {
"name": "run-once-duration-override-operator/run-once-duration-override-operator-rhel8@sha256:a43806835a54ea3c712e1cbb96cd7ff2cd0434912ae1cbc11b4f54524c15c40b_amd64",
"product_id": "run-once-duration-override-operator/run-once-duration-override-operator-rhel8@sha256:a43806835a54ea3c712e1cbb96cd7ff2cd0434912ae1cbc11b4f54524c15c40b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/run-once-duration-override-operator-rhel8@sha256:a43806835a54ea3c712e1cbb96cd7ff2cd0434912ae1cbc11b4f54524c15c40b?arch=amd64\u0026repository_url=registry.redhat.io/run-once-duration-override-operator/run-once-duration-override-operator-rhel8\u0026tag=v1.0-25"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "run-once-duration-override-operator/run-once-duration-override-operator-bundle@sha256:5e2f382d233fab6817da02d17459b3e6e8c16f0be58270221b66d87ce3d09cc6_amd64 as a component of RODOO 1.0 for RHEL 8",
"product_id": "8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-bundle@sha256:5e2f382d233fab6817da02d17459b3e6e8c16f0be58270221b66d87ce3d09cc6_amd64"
},
"product_reference": "run-once-duration-override-operator/run-once-duration-override-operator-bundle@sha256:5e2f382d233fab6817da02d17459b3e6e8c16f0be58270221b66d87ce3d09cc6_amd64",
"relates_to_product_reference": "8Base-RODOO-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "run-once-duration-override-operator/run-once-duration-override-operator-rhel8@sha256:a43806835a54ea3c712e1cbb96cd7ff2cd0434912ae1cbc11b4f54524c15c40b_amd64 as a component of RODOO 1.0 for RHEL 8",
"product_id": "8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-rhel8@sha256:a43806835a54ea3c712e1cbb96cd7ff2cd0434912ae1cbc11b4f54524c15c40b_amd64"
},
"product_reference": "run-once-duration-override-operator/run-once-duration-override-operator-rhel8@sha256:a43806835a54ea3c712e1cbb96cd7ff2cd0434912ae1cbc11b4f54524c15c40b_amd64",
"relates_to_product_reference": "8Base-RODOO-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "run-once-duration-override-operator/run-once-duration-override-rhel8@sha256:70c5f120078cec9a22f2e754e5606ebe5d086e38aeb5fc9daac18fced6705f43_amd64 as a component of RODOO 1.0 for RHEL 8",
"product_id": "8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-rhel8@sha256:70c5f120078cec9a22f2e754e5606ebe5d086e38aeb5fc9daac18fced6705f43_amd64"
},
"product_reference": "run-once-duration-override-operator/run-once-duration-override-rhel8@sha256:70c5f120078cec9a22f2e754e5606ebe5d086e38aeb5fc9daac18fced6705f43_amd64",
"relates_to_product_reference": "8Base-RODOO-1.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-24532",
"cwe": {
"id": "CWE-682",
"name": "Incorrect Calculation"
},
"discovery_date": "2023-07-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-bundle@sha256:5e2f382d233fab6817da02d17459b3e6e8c16f0be58270221b66d87ce3d09cc6_amd64",
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-rhel8@sha256:a43806835a54ea3c712e1cbb96cd7ff2cd0434912ae1cbc11b4f54524c15c40b_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2223355"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the crypto/internal/nistec golang library. The ScalarMult and ScalarBaseMult methods of the P256 Curve may return an incorrect result if called with some specific unreduced scalars, such as a scalar larger than the order of the curve. This does not impact usages of crypto/ecdsa or crypto/ecdh.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: crypto/internal/nistec: specific unreduced P-256 scalars produce incorrect results",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-rhel8@sha256:70c5f120078cec9a22f2e754e5606ebe5d086e38aeb5fc9daac18fced6705f43_amd64"
],
"known_not_affected": [
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-bundle@sha256:5e2f382d233fab6817da02d17459b3e6e8c16f0be58270221b66d87ce3d09cc6_amd64",
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-rhel8@sha256:a43806835a54ea3c712e1cbb96cd7ff2cd0434912ae1cbc11b4f54524c15c40b_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-24532"
},
{
"category": "external",
"summary": "RHBZ#2223355",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2223355"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-24532",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24532"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-24532",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24532"
},
{
"category": "external",
"summary": "https://go.dev/cl/471255",
"url": "https://go.dev/cl/471255"
},
{
"category": "external",
"summary": "https://go.dev/issue/58647",
"url": "https://go.dev/issue/58647"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/3-TpUx48iQY",
"url": "https://groups.google.com/g/golang-announce/c/3-TpUx48iQY"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-1621",
"url": "https://pkg.go.dev/vuln/GO-2023-1621"
}
],
"release_date": "2023-03-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-26T00:47:43+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-rhel8@sha256:70c5f120078cec9a22f2e754e5606ebe5d086e38aeb5fc9daac18fced6705f43_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:5947"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-bundle@sha256:5e2f382d233fab6817da02d17459b3e6e8c16f0be58270221b66d87ce3d09cc6_amd64",
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-rhel8@sha256:a43806835a54ea3c712e1cbb96cd7ff2cd0434912ae1cbc11b4f54524c15c40b_amd64",
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-rhel8@sha256:70c5f120078cec9a22f2e754e5606ebe5d086e38aeb5fc9daac18fced6705f43_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: crypto/internal/nistec: specific unreduced P-256 scalars produce incorrect results"
},
{
"acknowledgments": [
{
"names": [
"Juho Nurminen"
],
"organization": "Mattermost"
}
],
"cve": "CVE-2023-24539",
"cwe": {
"id": "CWE-176",
"name": "Improper Handling of Unicode Encoding"
},
"discovery_date": "2023-05-07T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-bundle@sha256:5e2f382d233fab6817da02d17459b3e6e8c16f0be58270221b66d87ce3d09cc6_amd64",
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-rhel8@sha256:a43806835a54ea3c712e1cbb96cd7ff2cd0434912ae1cbc11b4f54524c15c40b_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2196026"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang where angle brackets (\u003c\u003e) were not considered dangerous characters when inserted into CSS contexts. Templates containing multiple actions separated by a \u0027/\u0027 character could result in the CSS context unexpectedly closing, allowing for the injection of unexpected HMTL if executed with untrusted input.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: html/template: improper sanitization of CSS values",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For Red Hat Enterprise Linux,\n\n* Conmon uses go in unit testing, but not functionally in the package. Go is used only in test files, not in the actual code. Thus, conmon is not affected.\n* The Go templates in Grafana do not contain any javascript. Thus, it is not affected.\n* Ignition does not make use of html/template.\n\nIn Red Hat Advanced Cluster Management for Kubernetes (RHACM), the affected containers are behind OpenShift OAuth authentication. This restricts access to the vulnerable golang html/templates to authenticated users only, therefore, the impact is low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-rhel8@sha256:70c5f120078cec9a22f2e754e5606ebe5d086e38aeb5fc9daac18fced6705f43_amd64"
],
"known_not_affected": [
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-bundle@sha256:5e2f382d233fab6817da02d17459b3e6e8c16f0be58270221b66d87ce3d09cc6_amd64",
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-rhel8@sha256:a43806835a54ea3c712e1cbb96cd7ff2cd0434912ae1cbc11b4f54524c15c40b_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-24539"
},
{
"category": "external",
"summary": "RHBZ#2196026",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2196026"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-24539",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24539"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-24539",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24539"
},
{
"category": "external",
"summary": "https://github.com/golang/go/issues/59720",
"url": "https://github.com/golang/go/issues/59720"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/MEb0UyuSMsU",
"url": "https://groups.google.com/g/golang-announce/c/MEb0UyuSMsU"
}
],
"release_date": "2023-04-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-26T00:47:43+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-rhel8@sha256:70c5f120078cec9a22f2e754e5606ebe5d086e38aeb5fc9daac18fced6705f43_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:5947"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-bundle@sha256:5e2f382d233fab6817da02d17459b3e6e8c16f0be58270221b66d87ce3d09cc6_amd64",
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-rhel8@sha256:a43806835a54ea3c712e1cbb96cd7ff2cd0434912ae1cbc11b4f54524c15c40b_amd64",
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-rhel8@sha256:70c5f120078cec9a22f2e754e5606ebe5d086e38aeb5fc9daac18fced6705f43_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-bundle@sha256:5e2f382d233fab6817da02d17459b3e6e8c16f0be58270221b66d87ce3d09cc6_amd64",
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-rhel8@sha256:a43806835a54ea3c712e1cbb96cd7ff2cd0434912ae1cbc11b4f54524c15c40b_amd64",
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-rhel8@sha256:70c5f120078cec9a22f2e754e5606ebe5d086e38aeb5fc9daac18fced6705f43_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: html/template: improper sanitization of CSS values"
},
{
"acknowledgments": [
{
"names": [
"Juho Nurminen"
],
"organization": "Mattermost"
}
],
"cve": "CVE-2023-24540",
"cwe": {
"id": "CWE-176",
"name": "Improper Handling of Unicode Encoding"
},
"discovery_date": "2023-05-07T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-bundle@sha256:5e2f382d233fab6817da02d17459b3e6e8c16f0be58270221b66d87ce3d09cc6_amd64",
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-rhel8@sha256:a43806835a54ea3c712e1cbb96cd7ff2cd0434912ae1cbc11b4f54524c15c40b_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2196027"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang, where not all valid JavaScript white-space characters were considered white space. Due to this issue, templates containing white-space characters outside of the character set \"\\t\\n\\f\\r\\u0020\\u2028\\u2029\" in JavaScript contexts that also contain actions may not be properly sanitized during execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: html/template: improper handling of JavaScript whitespace",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For Red Hat Enterprise Linux,\n* Conmon uses go in unit testing, but not functionally in the package. Go is used only in test files, hence, not in the actual code, thus, conmon is not affected.\n* The Go templates in Grafana do not contain any javascript. Thus, it is not affected.\n* Ignition does not make use of html/template.\n\nIn Red Hat Advanced Cluster Management for Kubernetes (RHACM) the affected containers are behind OpenShift OAuth authentication. This restricts access to the vulnerable golang html/templates to authenticated users only, therefore the impact is low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-rhel8@sha256:70c5f120078cec9a22f2e754e5606ebe5d086e38aeb5fc9daac18fced6705f43_amd64"
],
"known_not_affected": [
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-bundle@sha256:5e2f382d233fab6817da02d17459b3e6e8c16f0be58270221b66d87ce3d09cc6_amd64",
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-rhel8@sha256:a43806835a54ea3c712e1cbb96cd7ff2cd0434912ae1cbc11b4f54524c15c40b_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-24540"
},
{
"category": "external",
"summary": "RHBZ#2196027",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2196027"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-24540",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24540"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-24540",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24540"
},
{
"category": "external",
"summary": "https://go.dev/issue/59721",
"url": "https://go.dev/issue/59721"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/MEb0UyuSMsU",
"url": "https://groups.google.com/g/golang-announce/c/MEb0UyuSMsU"
}
],
"release_date": "2023-04-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-26T00:47:43+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-rhel8@sha256:70c5f120078cec9a22f2e754e5606ebe5d086e38aeb5fc9daac18fced6705f43_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:5947"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-bundle@sha256:5e2f382d233fab6817da02d17459b3e6e8c16f0be58270221b66d87ce3d09cc6_amd64",
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-rhel8@sha256:a43806835a54ea3c712e1cbb96cd7ff2cd0434912ae1cbc11b4f54524c15c40b_amd64",
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-rhel8@sha256:70c5f120078cec9a22f2e754e5606ebe5d086e38aeb5fc9daac18fced6705f43_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-bundle@sha256:5e2f382d233fab6817da02d17459b3e6e8c16f0be58270221b66d87ce3d09cc6_amd64",
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-rhel8@sha256:a43806835a54ea3c712e1cbb96cd7ff2cd0434912ae1cbc11b4f54524c15c40b_amd64",
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-rhel8@sha256:70c5f120078cec9a22f2e754e5606ebe5d086e38aeb5fc9daac18fced6705f43_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: html/template: improper handling of JavaScript whitespace"
},
{
"acknowledgments": [
{
"names": [
"Juho Nurminen"
],
"organization": "Mattermost"
}
],
"cve": "CVE-2023-29400",
"cwe": {
"id": "CWE-176",
"name": "Improper Handling of Unicode Encoding"
},
"discovery_date": "2023-05-07T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-bundle@sha256:5e2f382d233fab6817da02d17459b3e6e8c16f0be58270221b66d87ce3d09cc6_amd64",
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-rhel8@sha256:a43806835a54ea3c712e1cbb96cd7ff2cd0434912ae1cbc11b4f54524c15c40b_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2196029"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. Templates containing actions in unquoted HTML attributes, for example, \"attr={{.}}\") executed with empty input, could result in output that has unexpected results when parsed due to HTML normalization rules. This issue may allow the injection of arbitrary attributes into tags.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: html/template: improper handling of empty HTML attributes",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For Red Hat Enterprise Linux,\n\n* Conmon uses go in unit testing, but not functionally in the package. Go is used only in test files, not in the actual code. Thus, conmon is not affected.\n* The Go templates in Grafana do not contain any javascript. Thus, it is not affected.\n* Ignition does not make use of html/template.\n\nIn OpenShift Container Platform and Red Hat Advanced Cluster Management for Kubernetes (RHACM), the affected containers are behind OAuth authentication. This restricts access to the vulnerable golang html/templates to authenticated users, reducing the impact to low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-rhel8@sha256:70c5f120078cec9a22f2e754e5606ebe5d086e38aeb5fc9daac18fced6705f43_amd64"
],
"known_not_affected": [
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-bundle@sha256:5e2f382d233fab6817da02d17459b3e6e8c16f0be58270221b66d87ce3d09cc6_amd64",
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-rhel8@sha256:a43806835a54ea3c712e1cbb96cd7ff2cd0434912ae1cbc11b4f54524c15c40b_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-29400"
},
{
"category": "external",
"summary": "RHBZ#2196029",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2196029"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-29400",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29400"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-29400",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29400"
},
{
"category": "external",
"summary": "https://go.dev/issue/59722",
"url": "https://go.dev/issue/59722"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/MEb0UyuSMsU",
"url": "https://groups.google.com/g/golang-announce/c/MEb0UyuSMsU"
}
],
"release_date": "2023-04-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-26T00:47:43+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-rhel8@sha256:70c5f120078cec9a22f2e754e5606ebe5d086e38aeb5fc9daac18fced6705f43_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:5947"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-bundle@sha256:5e2f382d233fab6817da02d17459b3e6e8c16f0be58270221b66d87ce3d09cc6_amd64",
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-rhel8@sha256:a43806835a54ea3c712e1cbb96cd7ff2cd0434912ae1cbc11b4f54524c15c40b_amd64",
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-rhel8@sha256:70c5f120078cec9a22f2e754e5606ebe5d086e38aeb5fc9daac18fced6705f43_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-bundle@sha256:5e2f382d233fab6817da02d17459b3e6e8c16f0be58270221b66d87ce3d09cc6_amd64",
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-rhel8@sha256:a43806835a54ea3c712e1cbb96cd7ff2cd0434912ae1cbc11b4f54524c15c40b_amd64",
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-rhel8@sha256:70c5f120078cec9a22f2e754e5606ebe5d086e38aeb5fc9daac18fced6705f43_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: html/template: improper handling of empty HTML attributes"
},
{
"cve": "CVE-2023-29406",
"cwe": {
"id": "CWE-113",
"name": "Improper Neutralization of CRLF Sequences in HTTP Headers (\u0027HTTP Request/Response Splitting\u0027)"
},
"discovery_date": "2023-07-12T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-bundle@sha256:5e2f382d233fab6817da02d17459b3e6e8c16f0be58270221b66d87ce3d09cc6_amd64",
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-rhel8@sha256:a43806835a54ea3c712e1cbb96cd7ff2cd0434912ae1cbc11b4f54524c15c40b_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2222167"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Golang, where it is vulnerable to HTTP header injection caused by improper content validation of the Host header by the HTTP/1 client. A remote attacker can inject arbitrary HTTP headers by persuading a victim to visit a specially crafted Web page. This flaw allows the attacker to conduct various attacks against the vulnerable system, including Cross-site scripting, cache poisoning, or session hijacking.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http: insufficient sanitization of Host header",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-rhel8@sha256:70c5f120078cec9a22f2e754e5606ebe5d086e38aeb5fc9daac18fced6705f43_amd64"
],
"known_not_affected": [
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-bundle@sha256:5e2f382d233fab6817da02d17459b3e6e8c16f0be58270221b66d87ce3d09cc6_amd64",
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-rhel8@sha256:a43806835a54ea3c712e1cbb96cd7ff2cd0434912ae1cbc11b4f54524c15c40b_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-29406"
},
{
"category": "external",
"summary": "RHBZ#2222167",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2222167"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-29406",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29406"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-29406",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29406"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/2q13H6LEEx0",
"url": "https://groups.google.com/g/golang-announce/c/2q13H6LEEx0"
}
],
"release_date": "2023-07-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-26T00:47:43+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-rhel8@sha256:70c5f120078cec9a22f2e754e5606ebe5d086e38aeb5fc9daac18fced6705f43_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:5947"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-bundle@sha256:5e2f382d233fab6817da02d17459b3e6e8c16f0be58270221b66d87ce3d09cc6_amd64",
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-rhel8@sha256:a43806835a54ea3c712e1cbb96cd7ff2cd0434912ae1cbc11b4f54524c15c40b_amd64",
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-rhel8@sha256:70c5f120078cec9a22f2e754e5606ebe5d086e38aeb5fc9daac18fced6705f43_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http: insufficient sanitization of Host header"
},
{
"cve": "CVE-2023-29409",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-08-03T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-bundle@sha256:5e2f382d233fab6817da02d17459b3e6e8c16f0be58270221b66d87ce3d09cc6_amd64",
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-rhel8@sha256:a43806835a54ea3c712e1cbb96cd7ff2cd0434912ae1cbc11b4f54524c15c40b_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2228743"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service vulnerability was found in the Golang Go package caused by an uncontrolled resource consumption flaw. By persuading a victim to use a specially crafted certificate with large RSA keys, a remote attacker can cause a client/server to expend significant CPU time verifying signatures, resulting in a denial of service condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: crypto/tls: slow verification of certificate chains containing large RSA keys",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-rhel8@sha256:70c5f120078cec9a22f2e754e5606ebe5d086e38aeb5fc9daac18fced6705f43_amd64"
],
"known_not_affected": [
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-bundle@sha256:5e2f382d233fab6817da02d17459b3e6e8c16f0be58270221b66d87ce3d09cc6_amd64",
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-rhel8@sha256:a43806835a54ea3c712e1cbb96cd7ff2cd0434912ae1cbc11b4f54524c15c40b_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-29409"
},
{
"category": "external",
"summary": "RHBZ#2228743",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2228743"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-29409",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29409"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-29409",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29409"
},
{
"category": "external",
"summary": "https://go.dev/cl/515257",
"url": "https://go.dev/cl/515257"
},
{
"category": "external",
"summary": "https://go.dev/issue/61460",
"url": "https://go.dev/issue/61460"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ",
"url": "https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-1987",
"url": "https://pkg.go.dev/vuln/GO-2023-1987"
}
],
"release_date": "2023-08-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-26T00:47:43+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-rhel8@sha256:70c5f120078cec9a22f2e754e5606ebe5d086e38aeb5fc9daac18fced6705f43_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:5947"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-bundle@sha256:5e2f382d233fab6817da02d17459b3e6e8c16f0be58270221b66d87ce3d09cc6_amd64",
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-rhel8@sha256:a43806835a54ea3c712e1cbb96cd7ff2cd0434912ae1cbc11b4f54524c15c40b_amd64",
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-rhel8@sha256:70c5f120078cec9a22f2e754e5606ebe5d086e38aeb5fc9daac18fced6705f43_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: crypto/tls: slow verification of certificate chains containing large RSA keys"
},
{
"acknowledgments": [
{
"names": [
"Takeshi Kaneko"
],
"organization": "GMO Cybersecurity by Ierae, Inc."
}
],
"cve": "CVE-2023-39318",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2023-09-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-bundle@sha256:5e2f382d233fab6817da02d17459b3e6e8c16f0be58270221b66d87ce3d09cc6_amd64",
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-rhel8@sha256:a43806835a54ea3c712e1cbb96cd7ff2cd0434912ae1cbc11b4f54524c15c40b_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2237776"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Golang. The html/template package did not properly handle HMTL-like \"\u003c!--\" and \"--\u003e\" comment tokens, nor hashbang \"#!\" comment tokens, in \u003cscript\u003e contexts. This issue may cause the template parser to improperly interpret the contents of \u003cscript\u003e contexts, causing actions to be improperly escaped.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: html/template: improper handling of HTML-like comments within script contexts",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-rhel8@sha256:70c5f120078cec9a22f2e754e5606ebe5d086e38aeb5fc9daac18fced6705f43_amd64"
],
"known_not_affected": [
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-bundle@sha256:5e2f382d233fab6817da02d17459b3e6e8c16f0be58270221b66d87ce3d09cc6_amd64",
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-rhel8@sha256:a43806835a54ea3c712e1cbb96cd7ff2cd0434912ae1cbc11b4f54524c15c40b_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39318"
},
{
"category": "external",
"summary": "RHBZ#2237776",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237776"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39318",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39318"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39318",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39318"
},
{
"category": "external",
"summary": "https://go.dev/cl/526156",
"url": "https://go.dev/cl/526156"
},
{
"category": "external",
"summary": "https://go.dev/issue/62196",
"url": "https://go.dev/issue/62196"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ",
"url": "https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ"
},
{
"category": "external",
"summary": "https://vuln.go.dev/ID/GO-2023-2041.json",
"url": "https://vuln.go.dev/ID/GO-2023-2041.json"
}
],
"release_date": "2023-09-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-26T00:47:43+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-rhel8@sha256:70c5f120078cec9a22f2e754e5606ebe5d086e38aeb5fc9daac18fced6705f43_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:5947"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-bundle@sha256:5e2f382d233fab6817da02d17459b3e6e8c16f0be58270221b66d87ce3d09cc6_amd64",
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-rhel8@sha256:a43806835a54ea3c712e1cbb96cd7ff2cd0434912ae1cbc11b4f54524c15c40b_amd64",
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-rhel8@sha256:70c5f120078cec9a22f2e754e5606ebe5d086e38aeb5fc9daac18fced6705f43_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: html/template: improper handling of HTML-like comments within script contexts"
},
{
"acknowledgments": [
{
"names": [
"Takeshi Kaneko"
],
"organization": "GMO Cybersecurity by Ierae, Inc."
}
],
"cve": "CVE-2023-39319",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2023-09-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-bundle@sha256:5e2f382d233fab6817da02d17459b3e6e8c16f0be58270221b66d87ce3d09cc6_amd64",
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-rhel8@sha256:a43806835a54ea3c712e1cbb96cd7ff2cd0434912ae1cbc11b4f54524c15c40b_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2237773"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Golang. The html/template package did not apply the proper rules for handling occurrences of \"\u003cscript\", \"\u003c!--\", and \"\u003c/script\" within JS literals in \u003cscript\u003e contexts. This issue may cause the template parser to improperly consider script contexts to be terminated early, causing actions to be improperly escaped.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: html/template: improper handling of special tags within script contexts",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-rhel8@sha256:70c5f120078cec9a22f2e754e5606ebe5d086e38aeb5fc9daac18fced6705f43_amd64"
],
"known_not_affected": [
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-bundle@sha256:5e2f382d233fab6817da02d17459b3e6e8c16f0be58270221b66d87ce3d09cc6_amd64",
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-rhel8@sha256:a43806835a54ea3c712e1cbb96cd7ff2cd0434912ae1cbc11b4f54524c15c40b_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39319"
},
{
"category": "external",
"summary": "RHBZ#2237773",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237773"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39319",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39319"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39319",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39319"
},
{
"category": "external",
"summary": "https://go.dev/cl/526157",
"url": "https://go.dev/cl/526157"
},
{
"category": "external",
"summary": "https://go.dev/issue/62197",
"url": "https://go.dev/issue/62197"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ",
"url": "https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ"
},
{
"category": "external",
"summary": "https://vuln.go.dev/ID/GO-2023-2043.json",
"url": "https://vuln.go.dev/ID/GO-2023-2043.json"
}
],
"release_date": "2023-09-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-26T00:47:43+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-rhel8@sha256:70c5f120078cec9a22f2e754e5606ebe5d086e38aeb5fc9daac18fced6705f43_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:5947"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-bundle@sha256:5e2f382d233fab6817da02d17459b3e6e8c16f0be58270221b66d87ce3d09cc6_amd64",
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-rhel8@sha256:a43806835a54ea3c712e1cbb96cd7ff2cd0434912ae1cbc11b4f54524c15c40b_amd64",
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-rhel8@sha256:70c5f120078cec9a22f2e754e5606ebe5d086e38aeb5fc9daac18fced6705f43_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: html/template: improper handling of special tags within script contexts"
},
{
"acknowledgments": [
{
"names": [
"Martin Seemann"
]
}
],
"cve": "CVE-2023-39321",
"cwe": {
"id": "CWE-805",
"name": "Buffer Access with Incorrect Length Value"
},
"discovery_date": "2023-09-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-bundle@sha256:5e2f382d233fab6817da02d17459b3e6e8c16f0be58270221b66d87ce3d09cc6_amd64",
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-rhel8@sha256:a43806835a54ea3c712e1cbb96cd7ff2cd0434912ae1cbc11b4f54524c15c40b_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2237777"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Golang. Processing an incomplete post-handshake message for a QUIC connection caused a panic.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: crypto/tls: panic when processing post-handshake message on QUIC connections",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The flaw has been marked as moderate instead of high like NVD \nQUICConn.HandleData buffers data and passes it to handlePostHandshakeMessage every time the buffer contains a complete message, while HandleData doesn\u0027t limit the amount of data it can buffer, a panic or denial of service would likely be lower severity,also in order to exploit this vulnerability, an attacker would have to smuggle partial handshake data which might be rejected altogether as per tls RFC specification.Therfore because of a lower severity denial of service and conditions that are beyond the scope of attackers control,we have marked this as moderate severity",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-rhel8@sha256:70c5f120078cec9a22f2e754e5606ebe5d086e38aeb5fc9daac18fced6705f43_amd64"
],
"known_not_affected": [
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-bundle@sha256:5e2f382d233fab6817da02d17459b3e6e8c16f0be58270221b66d87ce3d09cc6_amd64",
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-rhel8@sha256:a43806835a54ea3c712e1cbb96cd7ff2cd0434912ae1cbc11b4f54524c15c40b_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39321"
},
{
"category": "external",
"summary": "RHBZ#2237777",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237777"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39321",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39321"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39321",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39321"
},
{
"category": "external",
"summary": "https://go.dev/cl/523039",
"url": "https://go.dev/cl/523039"
},
{
"category": "external",
"summary": "https://go.dev/issue/62266",
"url": "https://go.dev/issue/62266"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ",
"url": "https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ"
},
{
"category": "external",
"summary": "https://vuln.go.dev/ID/GO-2023-2044.json",
"url": "https://vuln.go.dev/ID/GO-2023-2044.json"
}
],
"release_date": "2023-09-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-26T00:47:43+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-rhel8@sha256:70c5f120078cec9a22f2e754e5606ebe5d086e38aeb5fc9daac18fced6705f43_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:5947"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-bundle@sha256:5e2f382d233fab6817da02d17459b3e6e8c16f0be58270221b66d87ce3d09cc6_amd64",
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-rhel8@sha256:a43806835a54ea3c712e1cbb96cd7ff2cd0434912ae1cbc11b4f54524c15c40b_amd64",
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-rhel8@sha256:70c5f120078cec9a22f2e754e5606ebe5d086e38aeb5fc9daac18fced6705f43_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: crypto/tls: panic when processing post-handshake message on QUIC connections"
},
{
"acknowledgments": [
{
"names": [
"Marten Seemann"
]
}
],
"cve": "CVE-2023-39322",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2023-09-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-bundle@sha256:5e2f382d233fab6817da02d17459b3e6e8c16f0be58270221b66d87ce3d09cc6_amd64",
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-rhel8@sha256:a43806835a54ea3c712e1cbb96cd7ff2cd0434912ae1cbc11b4f54524c15c40b_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2237778"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Golang. QUIC connections do not set an upper bound on the amount of data buffered when reading post-handshake messages, allowing a malicious QUIC connection to cause unbounded memory growth. With the fix, connections now consistently reject messages larger than 65KiB in size.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: crypto/tls: lack of a limit on buffered post-handshake",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "A vulnerability was found in the Go QUIC protocol implementation in the logic that processes post-handshake messages. It is an uncontrolled resource consumption flaw, triggered when a malicious connection sends data without an enforced upper bound. This leads to unbounded memory growth, causing the service to crash and resulting in a denial of service.The single-dimensional impact of denial of service and the added complexity of whether the resource exhaustion would happen, being out of an attacker\u0027s control,this has been rated as moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-rhel8@sha256:70c5f120078cec9a22f2e754e5606ebe5d086e38aeb5fc9daac18fced6705f43_amd64"
],
"known_not_affected": [
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-bundle@sha256:5e2f382d233fab6817da02d17459b3e6e8c16f0be58270221b66d87ce3d09cc6_amd64",
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-rhel8@sha256:a43806835a54ea3c712e1cbb96cd7ff2cd0434912ae1cbc11b4f54524c15c40b_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39322"
},
{
"category": "external",
"summary": "RHBZ#2237778",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237778"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39322"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39322",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39322"
},
{
"category": "external",
"summary": "https://go.dev/cl/523039",
"url": "https://go.dev/cl/523039"
},
{
"category": "external",
"summary": "https://go.dev/issue/62266",
"url": "https://go.dev/issue/62266"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ",
"url": "https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ"
},
{
"category": "external",
"summary": "https://vuln.go.dev/ID/GO-2023-2045.json",
"url": "https://vuln.go.dev/ID/GO-2023-2045.json"
}
],
"release_date": "2023-09-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-26T00:47:43+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-rhel8@sha256:70c5f120078cec9a22f2e754e5606ebe5d086e38aeb5fc9daac18fced6705f43_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:5947"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-bundle@sha256:5e2f382d233fab6817da02d17459b3e6e8c16f0be58270221b66d87ce3d09cc6_amd64",
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-rhel8@sha256:a43806835a54ea3c712e1cbb96cd7ff2cd0434912ae1cbc11b4f54524c15c40b_amd64",
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-rhel8@sha256:70c5f120078cec9a22f2e754e5606ebe5d086e38aeb5fc9daac18fced6705f43_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: crypto/tls: lack of a limit on buffered post-handshake"
},
{
"cve": "CVE-2023-39325",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-10T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-bundle@sha256:5e2f382d233fab6817da02d17459b3e6e8c16f0be58270221b66d87ce3d09cc6_amd64",
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-rhel8@sha256:a43806835a54ea3c712e1cbb96cd7ff2cd0434912ae1cbc11b4f54524c15c40b_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2243296"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE is related to CVE-2023-44487.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nAs go-lang vendors its dependencies, a package may contain a library with a known vulnerability, solely because of lower tier libraries including it as a part of its dependencies, but the vulnerable code is not reachable at runtime. In such cases the issue is not exploitable. We classify these situations as \u201cNot affected\u201d or \u201cWill not fix,\u201d depending on the risk of breaking other unrelated packages.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-rhel8@sha256:70c5f120078cec9a22f2e754e5606ebe5d086e38aeb5fc9daac18fced6705f43_amd64"
],
"known_not_affected": [
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-bundle@sha256:5e2f382d233fab6817da02d17459b3e6e8c16f0be58270221b66d87ce3d09cc6_amd64",
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-rhel8@sha256:a43806835a54ea3c712e1cbb96cd7ff2cd0434912ae1cbc11b4f54524c15c40b_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39325"
},
{
"category": "external",
"summary": "RHBZ#2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2023-44487",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://go.dev/issue/63417",
"url": "https://go.dev/issue/63417"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-26T00:47:43+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-rhel8@sha256:70c5f120078cec9a22f2e754e5606ebe5d086e38aeb5fc9daac18fced6705f43_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:5947"
},
{
"category": "workaround",
"details": "The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-bundle@sha256:5e2f382d233fab6817da02d17459b3e6e8c16f0be58270221b66d87ce3d09cc6_amd64",
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-rhel8@sha256:a43806835a54ea3c712e1cbb96cd7ff2cd0434912ae1cbc11b4f54524c15c40b_amd64",
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-rhel8@sha256:70c5f120078cec9a22f2e754e5606ebe5d086e38aeb5fc9daac18fced6705f43_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-bundle@sha256:5e2f382d233fab6817da02d17459b3e6e8c16f0be58270221b66d87ce3d09cc6_amd64",
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-rhel8@sha256:a43806835a54ea3c712e1cbb96cd7ff2cd0434912ae1cbc11b4f54524c15c40b_amd64",
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-rhel8@sha256:70c5f120078cec9a22f2e754e5606ebe5d086e38aeb5fc9daac18fced6705f43_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)"
},
{
"cve": "CVE-2023-44487",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-bundle@sha256:5e2f382d233fab6817da02d17459b3e6e8c16f0be58270221b66d87ce3d09cc6_amd64",
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-rhel8@sha256:a43806835a54ea3c712e1cbb96cd7ff2cd0434912ae1cbc11b4f54524c15c40b_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2242803"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages.\r\n\r\nSecurity Bulletin\r\nhttps://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "NGINX has been marked as Moderate Impact because, for performance and resource consumption reasons, NGINX limits the number of concurrent streams to a default of 128. In addition, to optimally balance network and server performance, NGINX allows the client to persist HTTP connections for up to 1000 requests by default using an HTTP keepalive.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nrhc component is no longer impacted by CVE-2023-44487 \u0026 CVE-2023-39325.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-rhel8@sha256:70c5f120078cec9a22f2e754e5606ebe5d086e38aeb5fc9daac18fced6705f43_amd64"
],
"known_not_affected": [
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-bundle@sha256:5e2f382d233fab6817da02d17459b3e6e8c16f0be58270221b66d87ce3d09cc6_amd64",
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-rhel8@sha256:a43806835a54ea3c712e1cbb96cd7ff2cd0434912ae1cbc11b4f54524c15c40b_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "RHBZ#2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://github.com/dotnet/announcements/issues/277",
"url": "https://github.com/dotnet/announcements/issues/277"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
},
{
"category": "external",
"summary": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/",
"url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-26T00:47:43+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-rhel8@sha256:70c5f120078cec9a22f2e754e5606ebe5d086e38aeb5fc9daac18fced6705f43_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:5947"
},
{
"category": "workaround",
"details": "Users are strongly urged to update their software as soon as fixes are available. \nThere are several mitigation approaches for this flaw. \n\n1. If circumstances permit, users may disable http2 endpoints to circumvent the flaw altogether until a fix is available.\n2. IP-based blocking or flood protection and rate control tools may be used at network endpoints to filter incoming traffic.\n3. Several package specific mitigations are also available. \n a. nginx: https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\n b. netty: https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p\n c. haproxy: https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\n d. nghttp2: https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg\n e. golang: The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-bundle@sha256:5e2f382d233fab6817da02d17459b3e6e8c16f0be58270221b66d87ce3d09cc6_amd64",
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-rhel8@sha256:a43806835a54ea3c712e1cbb96cd7ff2cd0434912ae1cbc11b4f54524c15c40b_amd64",
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-rhel8@sha256:70c5f120078cec9a22f2e754e5606ebe5d086e38aeb5fc9daac18fced6705f43_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-bundle@sha256:5e2f382d233fab6817da02d17459b3e6e8c16f0be58270221b66d87ce3d09cc6_amd64",
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-operator-rhel8@sha256:a43806835a54ea3c712e1cbb96cd7ff2cd0434912ae1cbc11b4f54524c15c40b_amd64",
"8Base-RODOO-1.0:run-once-duration-override-operator/run-once-duration-override-rhel8@sha256:70c5f120078cec9a22f2e754e5606ebe5d086e38aeb5fc9daac18fced6705f43_amd64"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-10-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)"
}
]
}
RHSA-2023:5965
Vulnerability from csaf_redhat - Published: 2023-10-20 14:54 - Updated: 2026-06-05 13:08Summary
Red Hat Security Advisory: Red Hat OpenStack Platform 16.2.5 (collectd-libpod-stats, etcd) security update
Severity
Important
Notes
Topic: An update for collectd-libpod-stats and etcd is now available for Red Hat OpenStack Platform 16.2.5 (Train).
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: A highly-available key value store for shared configuration
Security Fix(es):
* golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) (CVE-2023-39325)
* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)
* golang: net/http: insufficient sanitization of Host header (CVE-2023-29406)
* golang: crypto/tls: slow verification of certificate chains containing large RSA keys (CVE-2023-29409)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in Golang, where it is vulnerable to HTTP header injection caused by improper content validation of the Host header by the HTTP/1 client. A remote attacker can inject arbitrary HTTP headers by persuading a victim to visit a specially crafted Web page. This flaw allows the attacker to conduct various attacks against the vulnerable system, including Cross-site scripting, cache poisoning, or session hijacking.
6.5 (Medium)
Affected products
Fixed
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOS-16.2:etcd-0:3.3.23-15.el8ost.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOS-16.2:etcd-0:3.3.23-15.el8ost.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOS-16.2:etcd-0:3.3.23-15.el8ost.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOS-16.2:etcd-debuginfo-0:3.3.23-15.el8ost.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOS-16.2:etcd-debuginfo-0:3.3.23-15.el8ost.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOS-16.2:etcd-debugsource-0:3.3.23-15.el8ost.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOS-16.2:etcd-debugsource-0:3.3.23-15.el8ost.x86_64 | — |
Vendor Fix
fix
|
Known not affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOS-16.2:python-octavia-tests-tempest-0:1.4.1-2.20230111145026.f7718ef.el8ost.src | — | ||
| Unresolved product id: 8Base-RHOS-16.2:python-octavia-tests-tempest-debugsource-0:1.4.1-2.20230111145026.f7718ef.el8ost.ppc64le | — | ||
| Unresolved product id: 8Base-RHOS-16.2:python-octavia-tests-tempest-debugsource-0:1.4.1-2.20230111145026.f7718ef.el8ost.x86_64 | — | ||
| Unresolved product id: 8Base-RHOS-16.2:python3-octavia-tests-tempest-0:1.4.1-2.20230111145026.f7718ef.el8ost.noarch | — | ||
| Unresolved product id: 8Base-RHOS-16.2:python3-octavia-tests-tempest-golang-0:1.4.1-2.20230111145026.f7718ef.el8ost.ppc64le | — | ||
| Unresolved product id: 8Base-RHOS-16.2:python3-octavia-tests-tempest-golang-0:1.4.1-2.20230111145026.f7718ef.el8ost.x86_64 | — | ||
| Unresolved product id: 8Base-RHOS-16.2:python3-octavia-tests-tempest-golang-debuginfo-0:1.4.1-2.20230111145026.f7718ef.el8ost.ppc64le | — | ||
| Unresolved product id: 8Base-RHOS-16.2:python3-octavia-tests-tempest-golang-debuginfo-0:1.4.1-2.20230111145026.f7718ef.el8ost.x86_64 | — |
Threats
Impact
Moderate
A denial of service vulnerability was found in the Golang Go package caused by an uncontrolled resource consumption flaw. By persuading a victim to use a specially crafted certificate with large RSA keys, a remote attacker can cause a client/server to expend significant CPU time verifying signatures, resulting in a denial of service condition.
5.3 (Medium)
Affected products
Fixed
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOS-16.2:etcd-0:3.3.23-15.el8ost.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOS-16.2:etcd-0:3.3.23-15.el8ost.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOS-16.2:etcd-0:3.3.23-15.el8ost.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOS-16.2:etcd-debuginfo-0:3.3.23-15.el8ost.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOS-16.2:etcd-debuginfo-0:3.3.23-15.el8ost.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOS-16.2:etcd-debugsource-0:3.3.23-15.el8ost.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOS-16.2:etcd-debugsource-0:3.3.23-15.el8ost.x86_64 | — |
Vendor Fix
fix
|
Known not affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOS-16.2:python-octavia-tests-tempest-0:1.4.1-2.20230111145026.f7718ef.el8ost.src | — | ||
| Unresolved product id: 8Base-RHOS-16.2:python-octavia-tests-tempest-debugsource-0:1.4.1-2.20230111145026.f7718ef.el8ost.ppc64le | — | ||
| Unresolved product id: 8Base-RHOS-16.2:python-octavia-tests-tempest-debugsource-0:1.4.1-2.20230111145026.f7718ef.el8ost.x86_64 | — | ||
| Unresolved product id: 8Base-RHOS-16.2:python3-octavia-tests-tempest-0:1.4.1-2.20230111145026.f7718ef.el8ost.noarch | — | ||
| Unresolved product id: 8Base-RHOS-16.2:python3-octavia-tests-tempest-golang-0:1.4.1-2.20230111145026.f7718ef.el8ost.ppc64le | — | ||
| Unresolved product id: 8Base-RHOS-16.2:python3-octavia-tests-tempest-golang-0:1.4.1-2.20230111145026.f7718ef.el8ost.x86_64 | — | ||
| Unresolved product id: 8Base-RHOS-16.2:python3-octavia-tests-tempest-golang-debuginfo-0:1.4.1-2.20230111145026.f7718ef.el8ost.ppc64le | — | ||
| Unresolved product id: 8Base-RHOS-16.2:python3-octavia-tests-tempest-golang-debuginfo-0:1.4.1-2.20230111145026.f7718ef.el8ost.x86_64 | — |
Threats
Impact
Moderate
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.
7.5 (High)
Affected products
Fixed
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOS-16.2:etcd-0:3.3.23-15.el8ost.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOS-16.2:etcd-0:3.3.23-15.el8ost.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOS-16.2:etcd-0:3.3.23-15.el8ost.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOS-16.2:etcd-debuginfo-0:3.3.23-15.el8ost.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOS-16.2:etcd-debuginfo-0:3.3.23-15.el8ost.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOS-16.2:etcd-debugsource-0:3.3.23-15.el8ost.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOS-16.2:etcd-debugsource-0:3.3.23-15.el8ost.x86_64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOS-16.2:python-octavia-tests-tempest-0:1.4.1-2.20230111145026.f7718ef.el8ost.src | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOS-16.2:python-octavia-tests-tempest-debugsource-0:1.4.1-2.20230111145026.f7718ef.el8ost.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOS-16.2:python-octavia-tests-tempest-debugsource-0:1.4.1-2.20230111145026.f7718ef.el8ost.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOS-16.2:python3-octavia-tests-tempest-0:1.4.1-2.20230111145026.f7718ef.el8ost.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOS-16.2:python3-octavia-tests-tempest-golang-0:1.4.1-2.20230111145026.f7718ef.el8ost.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOS-16.2:python3-octavia-tests-tempest-golang-0:1.4.1-2.20230111145026.f7718ef.el8ost.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOS-16.2:python3-octavia-tests-tempest-golang-debuginfo-0:1.4.1-2.20230111145026.f7718ef.el8ost.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOS-16.2:python3-octavia-tests-tempest-golang-debuginfo-0:1.4.1-2.20230111145026.f7718ef.el8ost.x86_64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages. Security Bulletin https://access.redhat.com/security/vulnerabilities/RHSB-2023-003
7.5 (High)
Affected products
Fixed
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOS-16.2:etcd-0:3.3.23-15.el8ost.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOS-16.2:etcd-0:3.3.23-15.el8ost.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOS-16.2:etcd-0:3.3.23-15.el8ost.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOS-16.2:etcd-debuginfo-0:3.3.23-15.el8ost.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOS-16.2:etcd-debuginfo-0:3.3.23-15.el8ost.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOS-16.2:etcd-debugsource-0:3.3.23-15.el8ost.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOS-16.2:etcd-debugsource-0:3.3.23-15.el8ost.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOS-16.2:python-octavia-tests-tempest-0:1.4.1-2.20230111145026.f7718ef.el8ost.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOS-16.2:python-octavia-tests-tempest-debugsource-0:1.4.1-2.20230111145026.f7718ef.el8ost.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOS-16.2:python-octavia-tests-tempest-debugsource-0:1.4.1-2.20230111145026.f7718ef.el8ost.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOS-16.2:python3-octavia-tests-tempest-0:1.4.1-2.20230111145026.f7718ef.el8ost.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOS-16.2:python3-octavia-tests-tempest-golang-0:1.4.1-2.20230111145026.f7718ef.el8ost.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOS-16.2:python3-octavia-tests-tempest-golang-0:1.4.1-2.20230111145026.f7718ef.el8ost.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOS-16.2:python3-octavia-tests-tempest-golang-debuginfo-0:1.4.1-2.20230111145026.f7718ef.el8ost.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOS-16.2:python3-octavia-tests-tempest-golang-debuginfo-0:1.4.1-2.20230111145026.f7718ef.el8ost.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Exploit Status
CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Impact
Important
References
37 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for collectd-libpod-stats and etcd is now available for Red Hat OpenStack Platform 16.2.5 (Train).\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "A highly-available key value store for shared configuration\n\nSecurity Fix(es):\n\n* golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) (CVE-2023-39325)\n\n* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)\n\n* golang: net/http: insufficient sanitization of Host header (CVE-2023-29406)\n\n* golang: crypto/tls: slow verification of certificate chains containing large RSA keys (CVE-2023-29409)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:5965",
"url": "https://access.redhat.com/errata/RHSA-2023:5965"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "2222167",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2222167"
},
{
"category": "external",
"summary": "2228743",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2228743"
},
{
"category": "external",
"summary": "2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_5965.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenStack Platform 16.2.5 (collectd-libpod-stats, etcd) security update",
"tracking": {
"current_release_date": "2026-06-05T13:08:06+00:00",
"generator": {
"date": "2026-06-05T13:08:06+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.2"
}
},
"id": "RHSA-2023:5965",
"initial_release_date": "2023-10-20T14:54:26+00:00",
"revision_history": [
{
"date": "2023-10-20T14:54:26+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-10-20T14:54:26+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-05T13:08:06+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenStack Platform 16.2",
"product": {
"name": "Red Hat OpenStack Platform 16.2",
"product_id": "8Base-RHOS-16.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openstack:16.2::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenStack Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "etcd-0:3.3.23-15.el8ost.src",
"product": {
"name": "etcd-0:3.3.23-15.el8ost.src",
"product_id": "etcd-0:3.3.23-15.el8ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/etcd@3.3.23-15.el8ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-octavia-tests-tempest-0:1.4.1-2.20230111145026.f7718ef.el8ost.src",
"product": {
"name": "python-octavia-tests-tempest-0:1.4.1-2.20230111145026.f7718ef.el8ost.src",
"product_id": "python-octavia-tests-tempest-0:1.4.1-2.20230111145026.f7718ef.el8ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-octavia-tests-tempest@1.4.1-2.20230111145026.f7718ef.el8ost?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "etcd-0:3.3.23-15.el8ost.x86_64",
"product": {
"name": "etcd-0:3.3.23-15.el8ost.x86_64",
"product_id": "etcd-0:3.3.23-15.el8ost.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/etcd@3.3.23-15.el8ost?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "etcd-debugsource-0:3.3.23-15.el8ost.x86_64",
"product": {
"name": "etcd-debugsource-0:3.3.23-15.el8ost.x86_64",
"product_id": "etcd-debugsource-0:3.3.23-15.el8ost.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/etcd-debugsource@3.3.23-15.el8ost?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "etcd-debuginfo-0:3.3.23-15.el8ost.x86_64",
"product": {
"name": "etcd-debuginfo-0:3.3.23-15.el8ost.x86_64",
"product_id": "etcd-debuginfo-0:3.3.23-15.el8ost.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/etcd-debuginfo@3.3.23-15.el8ost?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-octavia-tests-tempest-golang-0:1.4.1-2.20230111145026.f7718ef.el8ost.x86_64",
"product": {
"name": "python3-octavia-tests-tempest-golang-0:1.4.1-2.20230111145026.f7718ef.el8ost.x86_64",
"product_id": "python3-octavia-tests-tempest-golang-0:1.4.1-2.20230111145026.f7718ef.el8ost.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-octavia-tests-tempest-golang@1.4.1-2.20230111145026.f7718ef.el8ost?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python-octavia-tests-tempest-debugsource-0:1.4.1-2.20230111145026.f7718ef.el8ost.x86_64",
"product": {
"name": "python-octavia-tests-tempest-debugsource-0:1.4.1-2.20230111145026.f7718ef.el8ost.x86_64",
"product_id": "python-octavia-tests-tempest-debugsource-0:1.4.1-2.20230111145026.f7718ef.el8ost.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-octavia-tests-tempest-debugsource@1.4.1-2.20230111145026.f7718ef.el8ost?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-octavia-tests-tempest-golang-debuginfo-0:1.4.1-2.20230111145026.f7718ef.el8ost.x86_64",
"product": {
"name": "python3-octavia-tests-tempest-golang-debuginfo-0:1.4.1-2.20230111145026.f7718ef.el8ost.x86_64",
"product_id": "python3-octavia-tests-tempest-golang-debuginfo-0:1.4.1-2.20230111145026.f7718ef.el8ost.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-octavia-tests-tempest-golang-debuginfo@1.4.1-2.20230111145026.f7718ef.el8ost?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "etcd-0:3.3.23-15.el8ost.ppc64le",
"product": {
"name": "etcd-0:3.3.23-15.el8ost.ppc64le",
"product_id": "etcd-0:3.3.23-15.el8ost.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/etcd@3.3.23-15.el8ost?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "etcd-debugsource-0:3.3.23-15.el8ost.ppc64le",
"product": {
"name": "etcd-debugsource-0:3.3.23-15.el8ost.ppc64le",
"product_id": "etcd-debugsource-0:3.3.23-15.el8ost.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/etcd-debugsource@3.3.23-15.el8ost?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "etcd-debuginfo-0:3.3.23-15.el8ost.ppc64le",
"product": {
"name": "etcd-debuginfo-0:3.3.23-15.el8ost.ppc64le",
"product_id": "etcd-debuginfo-0:3.3.23-15.el8ost.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/etcd-debuginfo@3.3.23-15.el8ost?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python3-octavia-tests-tempest-golang-0:1.4.1-2.20230111145026.f7718ef.el8ost.ppc64le",
"product": {
"name": "python3-octavia-tests-tempest-golang-0:1.4.1-2.20230111145026.f7718ef.el8ost.ppc64le",
"product_id": "python3-octavia-tests-tempest-golang-0:1.4.1-2.20230111145026.f7718ef.el8ost.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-octavia-tests-tempest-golang@1.4.1-2.20230111145026.f7718ef.el8ost?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python-octavia-tests-tempest-debugsource-0:1.4.1-2.20230111145026.f7718ef.el8ost.ppc64le",
"product": {
"name": "python-octavia-tests-tempest-debugsource-0:1.4.1-2.20230111145026.f7718ef.el8ost.ppc64le",
"product_id": "python-octavia-tests-tempest-debugsource-0:1.4.1-2.20230111145026.f7718ef.el8ost.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-octavia-tests-tempest-debugsource@1.4.1-2.20230111145026.f7718ef.el8ost?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python3-octavia-tests-tempest-golang-debuginfo-0:1.4.1-2.20230111145026.f7718ef.el8ost.ppc64le",
"product": {
"name": "python3-octavia-tests-tempest-golang-debuginfo-0:1.4.1-2.20230111145026.f7718ef.el8ost.ppc64le",
"product_id": "python3-octavia-tests-tempest-golang-debuginfo-0:1.4.1-2.20230111145026.f7718ef.el8ost.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-octavia-tests-tempest-golang-debuginfo@1.4.1-2.20230111145026.f7718ef.el8ost?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-octavia-tests-tempest-0:1.4.1-2.20230111145026.f7718ef.el8ost.noarch",
"product": {
"name": "python3-octavia-tests-tempest-0:1.4.1-2.20230111145026.f7718ef.el8ost.noarch",
"product_id": "python3-octavia-tests-tempest-0:1.4.1-2.20230111145026.f7718ef.el8ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-octavia-tests-tempest@1.4.1-2.20230111145026.f7718ef.el8ost?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "etcd-0:3.3.23-15.el8ost.ppc64le as a component of Red Hat OpenStack Platform 16.2",
"product_id": "8Base-RHOS-16.2:etcd-0:3.3.23-15.el8ost.ppc64le"
},
"product_reference": "etcd-0:3.3.23-15.el8ost.ppc64le",
"relates_to_product_reference": "8Base-RHOS-16.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "etcd-0:3.3.23-15.el8ost.src as a component of Red Hat OpenStack Platform 16.2",
"product_id": "8Base-RHOS-16.2:etcd-0:3.3.23-15.el8ost.src"
},
"product_reference": "etcd-0:3.3.23-15.el8ost.src",
"relates_to_product_reference": "8Base-RHOS-16.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "etcd-0:3.3.23-15.el8ost.x86_64 as a component of Red Hat OpenStack Platform 16.2",
"product_id": "8Base-RHOS-16.2:etcd-0:3.3.23-15.el8ost.x86_64"
},
"product_reference": "etcd-0:3.3.23-15.el8ost.x86_64",
"relates_to_product_reference": "8Base-RHOS-16.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "etcd-debuginfo-0:3.3.23-15.el8ost.ppc64le as a component of Red Hat OpenStack Platform 16.2",
"product_id": "8Base-RHOS-16.2:etcd-debuginfo-0:3.3.23-15.el8ost.ppc64le"
},
"product_reference": "etcd-debuginfo-0:3.3.23-15.el8ost.ppc64le",
"relates_to_product_reference": "8Base-RHOS-16.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "etcd-debuginfo-0:3.3.23-15.el8ost.x86_64 as a component of Red Hat OpenStack Platform 16.2",
"product_id": "8Base-RHOS-16.2:etcd-debuginfo-0:3.3.23-15.el8ost.x86_64"
},
"product_reference": "etcd-debuginfo-0:3.3.23-15.el8ost.x86_64",
"relates_to_product_reference": "8Base-RHOS-16.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "etcd-debugsource-0:3.3.23-15.el8ost.ppc64le as a component of Red Hat OpenStack Platform 16.2",
"product_id": "8Base-RHOS-16.2:etcd-debugsource-0:3.3.23-15.el8ost.ppc64le"
},
"product_reference": "etcd-debugsource-0:3.3.23-15.el8ost.ppc64le",
"relates_to_product_reference": "8Base-RHOS-16.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "etcd-debugsource-0:3.3.23-15.el8ost.x86_64 as a component of Red Hat OpenStack Platform 16.2",
"product_id": "8Base-RHOS-16.2:etcd-debugsource-0:3.3.23-15.el8ost.x86_64"
},
"product_reference": "etcd-debugsource-0:3.3.23-15.el8ost.x86_64",
"relates_to_product_reference": "8Base-RHOS-16.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-octavia-tests-tempest-0:1.4.1-2.20230111145026.f7718ef.el8ost.src as a component of Red Hat OpenStack Platform 16.2",
"product_id": "8Base-RHOS-16.2:python-octavia-tests-tempest-0:1.4.1-2.20230111145026.f7718ef.el8ost.src"
},
"product_reference": "python-octavia-tests-tempest-0:1.4.1-2.20230111145026.f7718ef.el8ost.src",
"relates_to_product_reference": "8Base-RHOS-16.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-octavia-tests-tempest-debugsource-0:1.4.1-2.20230111145026.f7718ef.el8ost.ppc64le as a component of Red Hat OpenStack Platform 16.2",
"product_id": "8Base-RHOS-16.2:python-octavia-tests-tempest-debugsource-0:1.4.1-2.20230111145026.f7718ef.el8ost.ppc64le"
},
"product_reference": "python-octavia-tests-tempest-debugsource-0:1.4.1-2.20230111145026.f7718ef.el8ost.ppc64le",
"relates_to_product_reference": "8Base-RHOS-16.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-octavia-tests-tempest-debugsource-0:1.4.1-2.20230111145026.f7718ef.el8ost.x86_64 as a component of Red Hat OpenStack Platform 16.2",
"product_id": "8Base-RHOS-16.2:python-octavia-tests-tempest-debugsource-0:1.4.1-2.20230111145026.f7718ef.el8ost.x86_64"
},
"product_reference": "python-octavia-tests-tempest-debugsource-0:1.4.1-2.20230111145026.f7718ef.el8ost.x86_64",
"relates_to_product_reference": "8Base-RHOS-16.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-octavia-tests-tempest-0:1.4.1-2.20230111145026.f7718ef.el8ost.noarch as a component of Red Hat OpenStack Platform 16.2",
"product_id": "8Base-RHOS-16.2:python3-octavia-tests-tempest-0:1.4.1-2.20230111145026.f7718ef.el8ost.noarch"
},
"product_reference": "python3-octavia-tests-tempest-0:1.4.1-2.20230111145026.f7718ef.el8ost.noarch",
"relates_to_product_reference": "8Base-RHOS-16.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-octavia-tests-tempest-golang-0:1.4.1-2.20230111145026.f7718ef.el8ost.ppc64le as a component of Red Hat OpenStack Platform 16.2",
"product_id": "8Base-RHOS-16.2:python3-octavia-tests-tempest-golang-0:1.4.1-2.20230111145026.f7718ef.el8ost.ppc64le"
},
"product_reference": "python3-octavia-tests-tempest-golang-0:1.4.1-2.20230111145026.f7718ef.el8ost.ppc64le",
"relates_to_product_reference": "8Base-RHOS-16.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-octavia-tests-tempest-golang-0:1.4.1-2.20230111145026.f7718ef.el8ost.x86_64 as a component of Red Hat OpenStack Platform 16.2",
"product_id": "8Base-RHOS-16.2:python3-octavia-tests-tempest-golang-0:1.4.1-2.20230111145026.f7718ef.el8ost.x86_64"
},
"product_reference": "python3-octavia-tests-tempest-golang-0:1.4.1-2.20230111145026.f7718ef.el8ost.x86_64",
"relates_to_product_reference": "8Base-RHOS-16.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-octavia-tests-tempest-golang-debuginfo-0:1.4.1-2.20230111145026.f7718ef.el8ost.ppc64le as a component of Red Hat OpenStack Platform 16.2",
"product_id": "8Base-RHOS-16.2:python3-octavia-tests-tempest-golang-debuginfo-0:1.4.1-2.20230111145026.f7718ef.el8ost.ppc64le"
},
"product_reference": "python3-octavia-tests-tempest-golang-debuginfo-0:1.4.1-2.20230111145026.f7718ef.el8ost.ppc64le",
"relates_to_product_reference": "8Base-RHOS-16.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-octavia-tests-tempest-golang-debuginfo-0:1.4.1-2.20230111145026.f7718ef.el8ost.x86_64 as a component of Red Hat OpenStack Platform 16.2",
"product_id": "8Base-RHOS-16.2:python3-octavia-tests-tempest-golang-debuginfo-0:1.4.1-2.20230111145026.f7718ef.el8ost.x86_64"
},
"product_reference": "python3-octavia-tests-tempest-golang-debuginfo-0:1.4.1-2.20230111145026.f7718ef.el8ost.x86_64",
"relates_to_product_reference": "8Base-RHOS-16.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-29406",
"cwe": {
"id": "CWE-113",
"name": "Improper Neutralization of CRLF Sequences in HTTP Headers (\u0027HTTP Request/Response Splitting\u0027)"
},
"discovery_date": "2023-07-12T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOS-16.2:python-octavia-tests-tempest-0:1.4.1-2.20230111145026.f7718ef.el8ost.src",
"8Base-RHOS-16.2:python-octavia-tests-tempest-debugsource-0:1.4.1-2.20230111145026.f7718ef.el8ost.ppc64le",
"8Base-RHOS-16.2:python-octavia-tests-tempest-debugsource-0:1.4.1-2.20230111145026.f7718ef.el8ost.x86_64",
"8Base-RHOS-16.2:python3-octavia-tests-tempest-0:1.4.1-2.20230111145026.f7718ef.el8ost.noarch",
"8Base-RHOS-16.2:python3-octavia-tests-tempest-golang-0:1.4.1-2.20230111145026.f7718ef.el8ost.ppc64le",
"8Base-RHOS-16.2:python3-octavia-tests-tempest-golang-0:1.4.1-2.20230111145026.f7718ef.el8ost.x86_64",
"8Base-RHOS-16.2:python3-octavia-tests-tempest-golang-debuginfo-0:1.4.1-2.20230111145026.f7718ef.el8ost.ppc64le",
"8Base-RHOS-16.2:python3-octavia-tests-tempest-golang-debuginfo-0:1.4.1-2.20230111145026.f7718ef.el8ost.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2222167"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Golang, where it is vulnerable to HTTP header injection caused by improper content validation of the Host header by the HTTP/1 client. A remote attacker can inject arbitrary HTTP headers by persuading a victim to visit a specially crafted Web page. This flaw allows the attacker to conduct various attacks against the vulnerable system, including Cross-site scripting, cache poisoning, or session hijacking.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http: insufficient sanitization of Host header",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOS-16.2:etcd-0:3.3.23-15.el8ost.ppc64le",
"8Base-RHOS-16.2:etcd-0:3.3.23-15.el8ost.src",
"8Base-RHOS-16.2:etcd-0:3.3.23-15.el8ost.x86_64",
"8Base-RHOS-16.2:etcd-debuginfo-0:3.3.23-15.el8ost.ppc64le",
"8Base-RHOS-16.2:etcd-debuginfo-0:3.3.23-15.el8ost.x86_64",
"8Base-RHOS-16.2:etcd-debugsource-0:3.3.23-15.el8ost.ppc64le",
"8Base-RHOS-16.2:etcd-debugsource-0:3.3.23-15.el8ost.x86_64"
],
"known_not_affected": [
"8Base-RHOS-16.2:python-octavia-tests-tempest-0:1.4.1-2.20230111145026.f7718ef.el8ost.src",
"8Base-RHOS-16.2:python-octavia-tests-tempest-debugsource-0:1.4.1-2.20230111145026.f7718ef.el8ost.ppc64le",
"8Base-RHOS-16.2:python-octavia-tests-tempest-debugsource-0:1.4.1-2.20230111145026.f7718ef.el8ost.x86_64",
"8Base-RHOS-16.2:python3-octavia-tests-tempest-0:1.4.1-2.20230111145026.f7718ef.el8ost.noarch",
"8Base-RHOS-16.2:python3-octavia-tests-tempest-golang-0:1.4.1-2.20230111145026.f7718ef.el8ost.ppc64le",
"8Base-RHOS-16.2:python3-octavia-tests-tempest-golang-0:1.4.1-2.20230111145026.f7718ef.el8ost.x86_64",
"8Base-RHOS-16.2:python3-octavia-tests-tempest-golang-debuginfo-0:1.4.1-2.20230111145026.f7718ef.el8ost.ppc64le",
"8Base-RHOS-16.2:python3-octavia-tests-tempest-golang-debuginfo-0:1.4.1-2.20230111145026.f7718ef.el8ost.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-29406"
},
{
"category": "external",
"summary": "RHBZ#2222167",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2222167"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-29406",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29406"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-29406",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29406"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/2q13H6LEEx0",
"url": "https://groups.google.com/g/golang-announce/c/2q13H6LEEx0"
}
],
"release_date": "2023-07-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-20T14:54:26+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOS-16.2:etcd-0:3.3.23-15.el8ost.ppc64le",
"8Base-RHOS-16.2:etcd-0:3.3.23-15.el8ost.src",
"8Base-RHOS-16.2:etcd-0:3.3.23-15.el8ost.x86_64",
"8Base-RHOS-16.2:etcd-debuginfo-0:3.3.23-15.el8ost.ppc64le",
"8Base-RHOS-16.2:etcd-debuginfo-0:3.3.23-15.el8ost.x86_64",
"8Base-RHOS-16.2:etcd-debugsource-0:3.3.23-15.el8ost.ppc64le",
"8Base-RHOS-16.2:etcd-debugsource-0:3.3.23-15.el8ost.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:5965"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOS-16.2:etcd-0:3.3.23-15.el8ost.ppc64le",
"8Base-RHOS-16.2:etcd-0:3.3.23-15.el8ost.src",
"8Base-RHOS-16.2:etcd-0:3.3.23-15.el8ost.x86_64",
"8Base-RHOS-16.2:etcd-debuginfo-0:3.3.23-15.el8ost.ppc64le",
"8Base-RHOS-16.2:etcd-debuginfo-0:3.3.23-15.el8ost.x86_64",
"8Base-RHOS-16.2:etcd-debugsource-0:3.3.23-15.el8ost.ppc64le",
"8Base-RHOS-16.2:etcd-debugsource-0:3.3.23-15.el8ost.x86_64",
"8Base-RHOS-16.2:python-octavia-tests-tempest-0:1.4.1-2.20230111145026.f7718ef.el8ost.src",
"8Base-RHOS-16.2:python-octavia-tests-tempest-debugsource-0:1.4.1-2.20230111145026.f7718ef.el8ost.ppc64le",
"8Base-RHOS-16.2:python-octavia-tests-tempest-debugsource-0:1.4.1-2.20230111145026.f7718ef.el8ost.x86_64",
"8Base-RHOS-16.2:python3-octavia-tests-tempest-0:1.4.1-2.20230111145026.f7718ef.el8ost.noarch",
"8Base-RHOS-16.2:python3-octavia-tests-tempest-golang-0:1.4.1-2.20230111145026.f7718ef.el8ost.ppc64le",
"8Base-RHOS-16.2:python3-octavia-tests-tempest-golang-0:1.4.1-2.20230111145026.f7718ef.el8ost.x86_64",
"8Base-RHOS-16.2:python3-octavia-tests-tempest-golang-debuginfo-0:1.4.1-2.20230111145026.f7718ef.el8ost.ppc64le",
"8Base-RHOS-16.2:python3-octavia-tests-tempest-golang-debuginfo-0:1.4.1-2.20230111145026.f7718ef.el8ost.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http: insufficient sanitization of Host header"
},
{
"cve": "CVE-2023-29409",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-08-03T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOS-16.2:python-octavia-tests-tempest-0:1.4.1-2.20230111145026.f7718ef.el8ost.src",
"8Base-RHOS-16.2:python-octavia-tests-tempest-debugsource-0:1.4.1-2.20230111145026.f7718ef.el8ost.ppc64le",
"8Base-RHOS-16.2:python-octavia-tests-tempest-debugsource-0:1.4.1-2.20230111145026.f7718ef.el8ost.x86_64",
"8Base-RHOS-16.2:python3-octavia-tests-tempest-0:1.4.1-2.20230111145026.f7718ef.el8ost.noarch",
"8Base-RHOS-16.2:python3-octavia-tests-tempest-golang-0:1.4.1-2.20230111145026.f7718ef.el8ost.ppc64le",
"8Base-RHOS-16.2:python3-octavia-tests-tempest-golang-0:1.4.1-2.20230111145026.f7718ef.el8ost.x86_64",
"8Base-RHOS-16.2:python3-octavia-tests-tempest-golang-debuginfo-0:1.4.1-2.20230111145026.f7718ef.el8ost.ppc64le",
"8Base-RHOS-16.2:python3-octavia-tests-tempest-golang-debuginfo-0:1.4.1-2.20230111145026.f7718ef.el8ost.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2228743"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service vulnerability was found in the Golang Go package caused by an uncontrolled resource consumption flaw. By persuading a victim to use a specially crafted certificate with large RSA keys, a remote attacker can cause a client/server to expend significant CPU time verifying signatures, resulting in a denial of service condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: crypto/tls: slow verification of certificate chains containing large RSA keys",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOS-16.2:etcd-0:3.3.23-15.el8ost.ppc64le",
"8Base-RHOS-16.2:etcd-0:3.3.23-15.el8ost.src",
"8Base-RHOS-16.2:etcd-0:3.3.23-15.el8ost.x86_64",
"8Base-RHOS-16.2:etcd-debuginfo-0:3.3.23-15.el8ost.ppc64le",
"8Base-RHOS-16.2:etcd-debuginfo-0:3.3.23-15.el8ost.x86_64",
"8Base-RHOS-16.2:etcd-debugsource-0:3.3.23-15.el8ost.ppc64le",
"8Base-RHOS-16.2:etcd-debugsource-0:3.3.23-15.el8ost.x86_64"
],
"known_not_affected": [
"8Base-RHOS-16.2:python-octavia-tests-tempest-0:1.4.1-2.20230111145026.f7718ef.el8ost.src",
"8Base-RHOS-16.2:python-octavia-tests-tempest-debugsource-0:1.4.1-2.20230111145026.f7718ef.el8ost.ppc64le",
"8Base-RHOS-16.2:python-octavia-tests-tempest-debugsource-0:1.4.1-2.20230111145026.f7718ef.el8ost.x86_64",
"8Base-RHOS-16.2:python3-octavia-tests-tempest-0:1.4.1-2.20230111145026.f7718ef.el8ost.noarch",
"8Base-RHOS-16.2:python3-octavia-tests-tempest-golang-0:1.4.1-2.20230111145026.f7718ef.el8ost.ppc64le",
"8Base-RHOS-16.2:python3-octavia-tests-tempest-golang-0:1.4.1-2.20230111145026.f7718ef.el8ost.x86_64",
"8Base-RHOS-16.2:python3-octavia-tests-tempest-golang-debuginfo-0:1.4.1-2.20230111145026.f7718ef.el8ost.ppc64le",
"8Base-RHOS-16.2:python3-octavia-tests-tempest-golang-debuginfo-0:1.4.1-2.20230111145026.f7718ef.el8ost.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-29409"
},
{
"category": "external",
"summary": "RHBZ#2228743",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2228743"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-29409",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29409"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-29409",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29409"
},
{
"category": "external",
"summary": "https://go.dev/cl/515257",
"url": "https://go.dev/cl/515257"
},
{
"category": "external",
"summary": "https://go.dev/issue/61460",
"url": "https://go.dev/issue/61460"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ",
"url": "https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-1987",
"url": "https://pkg.go.dev/vuln/GO-2023-1987"
}
],
"release_date": "2023-08-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-20T14:54:26+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOS-16.2:etcd-0:3.3.23-15.el8ost.ppc64le",
"8Base-RHOS-16.2:etcd-0:3.3.23-15.el8ost.src",
"8Base-RHOS-16.2:etcd-0:3.3.23-15.el8ost.x86_64",
"8Base-RHOS-16.2:etcd-debuginfo-0:3.3.23-15.el8ost.ppc64le",
"8Base-RHOS-16.2:etcd-debuginfo-0:3.3.23-15.el8ost.x86_64",
"8Base-RHOS-16.2:etcd-debugsource-0:3.3.23-15.el8ost.ppc64le",
"8Base-RHOS-16.2:etcd-debugsource-0:3.3.23-15.el8ost.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:5965"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"8Base-RHOS-16.2:etcd-0:3.3.23-15.el8ost.ppc64le",
"8Base-RHOS-16.2:etcd-0:3.3.23-15.el8ost.src",
"8Base-RHOS-16.2:etcd-0:3.3.23-15.el8ost.x86_64",
"8Base-RHOS-16.2:etcd-debuginfo-0:3.3.23-15.el8ost.ppc64le",
"8Base-RHOS-16.2:etcd-debuginfo-0:3.3.23-15.el8ost.x86_64",
"8Base-RHOS-16.2:etcd-debugsource-0:3.3.23-15.el8ost.ppc64le",
"8Base-RHOS-16.2:etcd-debugsource-0:3.3.23-15.el8ost.x86_64",
"8Base-RHOS-16.2:python-octavia-tests-tempest-0:1.4.1-2.20230111145026.f7718ef.el8ost.src",
"8Base-RHOS-16.2:python-octavia-tests-tempest-debugsource-0:1.4.1-2.20230111145026.f7718ef.el8ost.ppc64le",
"8Base-RHOS-16.2:python-octavia-tests-tempest-debugsource-0:1.4.1-2.20230111145026.f7718ef.el8ost.x86_64",
"8Base-RHOS-16.2:python3-octavia-tests-tempest-0:1.4.1-2.20230111145026.f7718ef.el8ost.noarch",
"8Base-RHOS-16.2:python3-octavia-tests-tempest-golang-0:1.4.1-2.20230111145026.f7718ef.el8ost.ppc64le",
"8Base-RHOS-16.2:python3-octavia-tests-tempest-golang-0:1.4.1-2.20230111145026.f7718ef.el8ost.x86_64",
"8Base-RHOS-16.2:python3-octavia-tests-tempest-golang-debuginfo-0:1.4.1-2.20230111145026.f7718ef.el8ost.ppc64le",
"8Base-RHOS-16.2:python3-octavia-tests-tempest-golang-debuginfo-0:1.4.1-2.20230111145026.f7718ef.el8ost.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: crypto/tls: slow verification of certificate chains containing large RSA keys"
},
{
"cve": "CVE-2023-39325",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-10T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOS-16.2:python-octavia-tests-tempest-0:1.4.1-2.20230111145026.f7718ef.el8ost.src",
"8Base-RHOS-16.2:python-octavia-tests-tempest-debugsource-0:1.4.1-2.20230111145026.f7718ef.el8ost.ppc64le",
"8Base-RHOS-16.2:python-octavia-tests-tempest-debugsource-0:1.4.1-2.20230111145026.f7718ef.el8ost.x86_64",
"8Base-RHOS-16.2:python3-octavia-tests-tempest-0:1.4.1-2.20230111145026.f7718ef.el8ost.noarch",
"8Base-RHOS-16.2:python3-octavia-tests-tempest-golang-0:1.4.1-2.20230111145026.f7718ef.el8ost.ppc64le",
"8Base-RHOS-16.2:python3-octavia-tests-tempest-golang-0:1.4.1-2.20230111145026.f7718ef.el8ost.x86_64",
"8Base-RHOS-16.2:python3-octavia-tests-tempest-golang-debuginfo-0:1.4.1-2.20230111145026.f7718ef.el8ost.ppc64le",
"8Base-RHOS-16.2:python3-octavia-tests-tempest-golang-debuginfo-0:1.4.1-2.20230111145026.f7718ef.el8ost.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2243296"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE is related to CVE-2023-44487.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nAs go-lang vendors its dependencies, a package may contain a library with a known vulnerability, solely because of lower tier libraries including it as a part of its dependencies, but the vulnerable code is not reachable at runtime. In such cases the issue is not exploitable. We classify these situations as \u201cNot affected\u201d or \u201cWill not fix,\u201d depending on the risk of breaking other unrelated packages.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOS-16.2:etcd-0:3.3.23-15.el8ost.ppc64le",
"8Base-RHOS-16.2:etcd-0:3.3.23-15.el8ost.src",
"8Base-RHOS-16.2:etcd-0:3.3.23-15.el8ost.x86_64",
"8Base-RHOS-16.2:etcd-debuginfo-0:3.3.23-15.el8ost.ppc64le",
"8Base-RHOS-16.2:etcd-debuginfo-0:3.3.23-15.el8ost.x86_64",
"8Base-RHOS-16.2:etcd-debugsource-0:3.3.23-15.el8ost.ppc64le",
"8Base-RHOS-16.2:etcd-debugsource-0:3.3.23-15.el8ost.x86_64"
],
"known_not_affected": [
"8Base-RHOS-16.2:python-octavia-tests-tempest-0:1.4.1-2.20230111145026.f7718ef.el8ost.src",
"8Base-RHOS-16.2:python-octavia-tests-tempest-debugsource-0:1.4.1-2.20230111145026.f7718ef.el8ost.ppc64le",
"8Base-RHOS-16.2:python-octavia-tests-tempest-debugsource-0:1.4.1-2.20230111145026.f7718ef.el8ost.x86_64",
"8Base-RHOS-16.2:python3-octavia-tests-tempest-0:1.4.1-2.20230111145026.f7718ef.el8ost.noarch",
"8Base-RHOS-16.2:python3-octavia-tests-tempest-golang-0:1.4.1-2.20230111145026.f7718ef.el8ost.ppc64le",
"8Base-RHOS-16.2:python3-octavia-tests-tempest-golang-0:1.4.1-2.20230111145026.f7718ef.el8ost.x86_64",
"8Base-RHOS-16.2:python3-octavia-tests-tempest-golang-debuginfo-0:1.4.1-2.20230111145026.f7718ef.el8ost.ppc64le",
"8Base-RHOS-16.2:python3-octavia-tests-tempest-golang-debuginfo-0:1.4.1-2.20230111145026.f7718ef.el8ost.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39325"
},
{
"category": "external",
"summary": "RHBZ#2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2023-44487",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://go.dev/issue/63417",
"url": "https://go.dev/issue/63417"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-20T14:54:26+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOS-16.2:etcd-0:3.3.23-15.el8ost.ppc64le",
"8Base-RHOS-16.2:etcd-0:3.3.23-15.el8ost.src",
"8Base-RHOS-16.2:etcd-0:3.3.23-15.el8ost.x86_64",
"8Base-RHOS-16.2:etcd-debuginfo-0:3.3.23-15.el8ost.ppc64le",
"8Base-RHOS-16.2:etcd-debuginfo-0:3.3.23-15.el8ost.x86_64",
"8Base-RHOS-16.2:etcd-debugsource-0:3.3.23-15.el8ost.ppc64le",
"8Base-RHOS-16.2:etcd-debugsource-0:3.3.23-15.el8ost.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:5965"
},
{
"category": "workaround",
"details": "The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"8Base-RHOS-16.2:etcd-0:3.3.23-15.el8ost.ppc64le",
"8Base-RHOS-16.2:etcd-0:3.3.23-15.el8ost.src",
"8Base-RHOS-16.2:etcd-0:3.3.23-15.el8ost.x86_64",
"8Base-RHOS-16.2:etcd-debuginfo-0:3.3.23-15.el8ost.ppc64le",
"8Base-RHOS-16.2:etcd-debuginfo-0:3.3.23-15.el8ost.x86_64",
"8Base-RHOS-16.2:etcd-debugsource-0:3.3.23-15.el8ost.ppc64le",
"8Base-RHOS-16.2:etcd-debugsource-0:3.3.23-15.el8ost.x86_64",
"8Base-RHOS-16.2:python-octavia-tests-tempest-0:1.4.1-2.20230111145026.f7718ef.el8ost.src",
"8Base-RHOS-16.2:python-octavia-tests-tempest-debugsource-0:1.4.1-2.20230111145026.f7718ef.el8ost.ppc64le",
"8Base-RHOS-16.2:python-octavia-tests-tempest-debugsource-0:1.4.1-2.20230111145026.f7718ef.el8ost.x86_64",
"8Base-RHOS-16.2:python3-octavia-tests-tempest-0:1.4.1-2.20230111145026.f7718ef.el8ost.noarch",
"8Base-RHOS-16.2:python3-octavia-tests-tempest-golang-0:1.4.1-2.20230111145026.f7718ef.el8ost.ppc64le",
"8Base-RHOS-16.2:python3-octavia-tests-tempest-golang-0:1.4.1-2.20230111145026.f7718ef.el8ost.x86_64",
"8Base-RHOS-16.2:python3-octavia-tests-tempest-golang-debuginfo-0:1.4.1-2.20230111145026.f7718ef.el8ost.ppc64le",
"8Base-RHOS-16.2:python3-octavia-tests-tempest-golang-debuginfo-0:1.4.1-2.20230111145026.f7718ef.el8ost.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOS-16.2:etcd-0:3.3.23-15.el8ost.ppc64le",
"8Base-RHOS-16.2:etcd-0:3.3.23-15.el8ost.src",
"8Base-RHOS-16.2:etcd-0:3.3.23-15.el8ost.x86_64",
"8Base-RHOS-16.2:etcd-debuginfo-0:3.3.23-15.el8ost.ppc64le",
"8Base-RHOS-16.2:etcd-debuginfo-0:3.3.23-15.el8ost.x86_64",
"8Base-RHOS-16.2:etcd-debugsource-0:3.3.23-15.el8ost.ppc64le",
"8Base-RHOS-16.2:etcd-debugsource-0:3.3.23-15.el8ost.x86_64",
"8Base-RHOS-16.2:python-octavia-tests-tempest-0:1.4.1-2.20230111145026.f7718ef.el8ost.src",
"8Base-RHOS-16.2:python-octavia-tests-tempest-debugsource-0:1.4.1-2.20230111145026.f7718ef.el8ost.ppc64le",
"8Base-RHOS-16.2:python-octavia-tests-tempest-debugsource-0:1.4.1-2.20230111145026.f7718ef.el8ost.x86_64",
"8Base-RHOS-16.2:python3-octavia-tests-tempest-0:1.4.1-2.20230111145026.f7718ef.el8ost.noarch",
"8Base-RHOS-16.2:python3-octavia-tests-tempest-golang-0:1.4.1-2.20230111145026.f7718ef.el8ost.ppc64le",
"8Base-RHOS-16.2:python3-octavia-tests-tempest-golang-0:1.4.1-2.20230111145026.f7718ef.el8ost.x86_64",
"8Base-RHOS-16.2:python3-octavia-tests-tempest-golang-debuginfo-0:1.4.1-2.20230111145026.f7718ef.el8ost.ppc64le",
"8Base-RHOS-16.2:python3-octavia-tests-tempest-golang-debuginfo-0:1.4.1-2.20230111145026.f7718ef.el8ost.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)"
},
{
"cve": "CVE-2023-44487",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2242803"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages.\r\n\r\nSecurity Bulletin\r\nhttps://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "NGINX has been marked as Moderate Impact because, for performance and resource consumption reasons, NGINX limits the number of concurrent streams to a default of 128. In addition, to optimally balance network and server performance, NGINX allows the client to persist HTTP connections for up to 1000 requests by default using an HTTP keepalive.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nrhc component is no longer impacted by CVE-2023-44487 \u0026 CVE-2023-39325.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOS-16.2:etcd-0:3.3.23-15.el8ost.ppc64le",
"8Base-RHOS-16.2:etcd-0:3.3.23-15.el8ost.src",
"8Base-RHOS-16.2:etcd-0:3.3.23-15.el8ost.x86_64",
"8Base-RHOS-16.2:etcd-debuginfo-0:3.3.23-15.el8ost.ppc64le",
"8Base-RHOS-16.2:etcd-debuginfo-0:3.3.23-15.el8ost.x86_64",
"8Base-RHOS-16.2:etcd-debugsource-0:3.3.23-15.el8ost.ppc64le",
"8Base-RHOS-16.2:etcd-debugsource-0:3.3.23-15.el8ost.x86_64",
"8Base-RHOS-16.2:python-octavia-tests-tempest-0:1.4.1-2.20230111145026.f7718ef.el8ost.src",
"8Base-RHOS-16.2:python-octavia-tests-tempest-debugsource-0:1.4.1-2.20230111145026.f7718ef.el8ost.ppc64le",
"8Base-RHOS-16.2:python-octavia-tests-tempest-debugsource-0:1.4.1-2.20230111145026.f7718ef.el8ost.x86_64",
"8Base-RHOS-16.2:python3-octavia-tests-tempest-0:1.4.1-2.20230111145026.f7718ef.el8ost.noarch",
"8Base-RHOS-16.2:python3-octavia-tests-tempest-golang-0:1.4.1-2.20230111145026.f7718ef.el8ost.ppc64le",
"8Base-RHOS-16.2:python3-octavia-tests-tempest-golang-0:1.4.1-2.20230111145026.f7718ef.el8ost.x86_64",
"8Base-RHOS-16.2:python3-octavia-tests-tempest-golang-debuginfo-0:1.4.1-2.20230111145026.f7718ef.el8ost.ppc64le",
"8Base-RHOS-16.2:python3-octavia-tests-tempest-golang-debuginfo-0:1.4.1-2.20230111145026.f7718ef.el8ost.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "RHBZ#2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://github.com/dotnet/announcements/issues/277",
"url": "https://github.com/dotnet/announcements/issues/277"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
},
{
"category": "external",
"summary": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/",
"url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-20T14:54:26+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOS-16.2:etcd-0:3.3.23-15.el8ost.ppc64le",
"8Base-RHOS-16.2:etcd-0:3.3.23-15.el8ost.src",
"8Base-RHOS-16.2:etcd-0:3.3.23-15.el8ost.x86_64",
"8Base-RHOS-16.2:etcd-debuginfo-0:3.3.23-15.el8ost.ppc64le",
"8Base-RHOS-16.2:etcd-debuginfo-0:3.3.23-15.el8ost.x86_64",
"8Base-RHOS-16.2:etcd-debugsource-0:3.3.23-15.el8ost.ppc64le",
"8Base-RHOS-16.2:etcd-debugsource-0:3.3.23-15.el8ost.x86_64",
"8Base-RHOS-16.2:python-octavia-tests-tempest-0:1.4.1-2.20230111145026.f7718ef.el8ost.src",
"8Base-RHOS-16.2:python-octavia-tests-tempest-debugsource-0:1.4.1-2.20230111145026.f7718ef.el8ost.ppc64le",
"8Base-RHOS-16.2:python-octavia-tests-tempest-debugsource-0:1.4.1-2.20230111145026.f7718ef.el8ost.x86_64",
"8Base-RHOS-16.2:python3-octavia-tests-tempest-0:1.4.1-2.20230111145026.f7718ef.el8ost.noarch",
"8Base-RHOS-16.2:python3-octavia-tests-tempest-golang-0:1.4.1-2.20230111145026.f7718ef.el8ost.ppc64le",
"8Base-RHOS-16.2:python3-octavia-tests-tempest-golang-0:1.4.1-2.20230111145026.f7718ef.el8ost.x86_64",
"8Base-RHOS-16.2:python3-octavia-tests-tempest-golang-debuginfo-0:1.4.1-2.20230111145026.f7718ef.el8ost.ppc64le",
"8Base-RHOS-16.2:python3-octavia-tests-tempest-golang-debuginfo-0:1.4.1-2.20230111145026.f7718ef.el8ost.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:5965"
},
{
"category": "workaround",
"details": "Users are strongly urged to update their software as soon as fixes are available. \nThere are several mitigation approaches for this flaw. \n\n1. If circumstances permit, users may disable http2 endpoints to circumvent the flaw altogether until a fix is available.\n2. IP-based blocking or flood protection and rate control tools may be used at network endpoints to filter incoming traffic.\n3. Several package specific mitigations are also available. \n a. nginx: https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\n b. netty: https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p\n c. haproxy: https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\n d. nghttp2: https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg\n e. golang: The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"8Base-RHOS-16.2:etcd-0:3.3.23-15.el8ost.ppc64le",
"8Base-RHOS-16.2:etcd-0:3.3.23-15.el8ost.src",
"8Base-RHOS-16.2:etcd-0:3.3.23-15.el8ost.x86_64",
"8Base-RHOS-16.2:etcd-debuginfo-0:3.3.23-15.el8ost.ppc64le",
"8Base-RHOS-16.2:etcd-debuginfo-0:3.3.23-15.el8ost.x86_64",
"8Base-RHOS-16.2:etcd-debugsource-0:3.3.23-15.el8ost.ppc64le",
"8Base-RHOS-16.2:etcd-debugsource-0:3.3.23-15.el8ost.x86_64",
"8Base-RHOS-16.2:python-octavia-tests-tempest-0:1.4.1-2.20230111145026.f7718ef.el8ost.src",
"8Base-RHOS-16.2:python-octavia-tests-tempest-debugsource-0:1.4.1-2.20230111145026.f7718ef.el8ost.ppc64le",
"8Base-RHOS-16.2:python-octavia-tests-tempest-debugsource-0:1.4.1-2.20230111145026.f7718ef.el8ost.x86_64",
"8Base-RHOS-16.2:python3-octavia-tests-tempest-0:1.4.1-2.20230111145026.f7718ef.el8ost.noarch",
"8Base-RHOS-16.2:python3-octavia-tests-tempest-golang-0:1.4.1-2.20230111145026.f7718ef.el8ost.ppc64le",
"8Base-RHOS-16.2:python3-octavia-tests-tempest-golang-0:1.4.1-2.20230111145026.f7718ef.el8ost.x86_64",
"8Base-RHOS-16.2:python3-octavia-tests-tempest-golang-debuginfo-0:1.4.1-2.20230111145026.f7718ef.el8ost.ppc64le",
"8Base-RHOS-16.2:python3-octavia-tests-tempest-golang-debuginfo-0:1.4.1-2.20230111145026.f7718ef.el8ost.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOS-16.2:etcd-0:3.3.23-15.el8ost.ppc64le",
"8Base-RHOS-16.2:etcd-0:3.3.23-15.el8ost.src",
"8Base-RHOS-16.2:etcd-0:3.3.23-15.el8ost.x86_64",
"8Base-RHOS-16.2:etcd-debuginfo-0:3.3.23-15.el8ost.ppc64le",
"8Base-RHOS-16.2:etcd-debuginfo-0:3.3.23-15.el8ost.x86_64",
"8Base-RHOS-16.2:etcd-debugsource-0:3.3.23-15.el8ost.ppc64le",
"8Base-RHOS-16.2:etcd-debugsource-0:3.3.23-15.el8ost.x86_64",
"8Base-RHOS-16.2:python-octavia-tests-tempest-0:1.4.1-2.20230111145026.f7718ef.el8ost.src",
"8Base-RHOS-16.2:python-octavia-tests-tempest-debugsource-0:1.4.1-2.20230111145026.f7718ef.el8ost.ppc64le",
"8Base-RHOS-16.2:python-octavia-tests-tempest-debugsource-0:1.4.1-2.20230111145026.f7718ef.el8ost.x86_64",
"8Base-RHOS-16.2:python3-octavia-tests-tempest-0:1.4.1-2.20230111145026.f7718ef.el8ost.noarch",
"8Base-RHOS-16.2:python3-octavia-tests-tempest-golang-0:1.4.1-2.20230111145026.f7718ef.el8ost.ppc64le",
"8Base-RHOS-16.2:python3-octavia-tests-tempest-golang-0:1.4.1-2.20230111145026.f7718ef.el8ost.x86_64",
"8Base-RHOS-16.2:python3-octavia-tests-tempest-golang-debuginfo-0:1.4.1-2.20230111145026.f7718ef.el8ost.ppc64le",
"8Base-RHOS-16.2:python3-octavia-tests-tempest-golang-debuginfo-0:1.4.1-2.20230111145026.f7718ef.el8ost.x86_64"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-10-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)"
}
]
}
RHSA-2023:5974
Vulnerability from csaf_redhat - Published: 2023-10-20 16:49 - Updated: 2026-06-05 13:08Summary
Red Hat Security Advisory: Network Observability security update
Severity
Important
Notes
Topic: An update for network-observability-console-plugin-container, network-observability-ebpf-agent-container, network-observability-flowlogs-pipeline-container, network-observability-operator-bundle-container, and network-observability-operator-container is now available for NETWORK-OBSERVABILITY-1.4.0-RHEL-9.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Security Fix(es):
* golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) (CVE-2023-39325)
* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)
* golang: net/http: insufficient sanitization of Host header (CVE-2023-29406)
* golang: crypto/tls: slow verification of certificate chains containing large RSA keys (CVE-2023-29409)
* golang: html/template: improper handling of HTML-like comments within script contexts (CVE-2023-39318)
* golang: html/template: improper handling of special tags within script contexts (CVE-2023-39319)
* golang: crypto/tls: panic when processing post-handshake message on QUIC connections (CVE-2023-39321)
* golang: crypto/tls: lack of a limit on buffered post-handshake (CVE-2023-39322)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in Golang, where it is vulnerable to HTTP header injection caused by improper content validation of the Host header by the HTTP/1 client. A remote attacker can inject arbitrary HTTP headers by persuading a victim to visit a specially crafted Web page. This flaw allows the attacker to conduct various attacks against the vulnerable system, including Cross-site scripting, cache poisoning, or session hijacking.
6.5 (Medium)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:66d6fed71915dce2d8b8386cf661590bd374e27baa26a7c2cddd1916386922ce_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:67167e08f0883c273e98810ad44288c4355ce2af13859021e2973c075c56cf9f_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:8596630dd1c175bf6dd29470c009e850d8b8fd465f3d9dcee8338a4aeca8dc64_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:be6bfe44af552d934c881db0177bee7e345d76442523b0ea0144610d5470ea45_ppc64le | — |
Vendor Fix
fix
|
Known not affected
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:5da2ecf1149394e0c64af7c8e8a2684012590838031e4c733d6eff7f30cd6265_amd64 | — | ||
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ae91d40862457c43c130aa081a66bcedca17dce7dce0f381143b244dd126bc12_arm64 | — | ||
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ce5c9ef5800ed30888dcb23aa2ed9cf56bd83767d572a51e3e3e1509a2539063_s390x | — | ||
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:e0239a8ff86253729b9af04e6407283c51744497fea90d099afaceaa4fc823ec_ppc64le | — | ||
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:27ecc916ce170d505d828742fa29d20143c4443343b101a2a9d75fe086b515f1_amd64 | — | ||
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:350a8565fb297353c81571bad33f0fca5ab129560ad7f15de242db98c4709b3c_s390x | — | ||
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:488df8c38e377719771c758b71f1e966d76bb03da6217e09c29c21fec12c437d_arm64 | — | ||
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:84ffa04b7ae504efc0037c3ae14c0e4d4f99057593a2db2bbbfcf92e526d2c7c_ppc64le | — | ||
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:03484bd14253a7340f754a6f1aef5659cfd5a6844ffbdfb2f215321b6fc63644_s390x | — | ||
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2dc033562cb43480543ff398284933993006741e83f453228a9902a2c9b3ff1d_ppc64le | — | ||
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:61c172961af1a895e9cb355573f1f8a780e7acecc505c58c18faeb9fc49efa66_amd64 | — | ||
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:a297d29025aa9d1e963daf0c4b076533da59ddd84825e79d6e6b0e921e8c2588_arm64 | — | ||
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:1607eb2595aa0679f571d81c19840cfaf923908553b05d479bd35b2290b1d7e6_ppc64le | — | ||
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:6f998bb3b7d5311d8e74b25f8fcfe4ae65897270da3c0763ca2cb1d763135bc4_amd64 | — | ||
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:8214855b40028fdd2def40116f4585bd50f42ef0948713d63e163840079e8be7_s390x | — | ||
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:e6e8f0a739c61bbd94a61bb75d81ef1af551a4e57ed4a64e583adce62c82af9c_arm64 | — |
Threats
Impact
Moderate
A denial of service vulnerability was found in the Golang Go package caused by an uncontrolled resource consumption flaw. By persuading a victim to use a specially crafted certificate with large RSA keys, a remote attacker can cause a client/server to expend significant CPU time verifying signatures, resulting in a denial of service condition.
5.3 (Medium)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:66d6fed71915dce2d8b8386cf661590bd374e27baa26a7c2cddd1916386922ce_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:67167e08f0883c273e98810ad44288c4355ce2af13859021e2973c075c56cf9f_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:8596630dd1c175bf6dd29470c009e850d8b8fd465f3d9dcee8338a4aeca8dc64_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:be6bfe44af552d934c881db0177bee7e345d76442523b0ea0144610d5470ea45_ppc64le | — |
Vendor Fix
fix
|
Known not affected
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:5da2ecf1149394e0c64af7c8e8a2684012590838031e4c733d6eff7f30cd6265_amd64 | — | ||
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ae91d40862457c43c130aa081a66bcedca17dce7dce0f381143b244dd126bc12_arm64 | — | ||
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ce5c9ef5800ed30888dcb23aa2ed9cf56bd83767d572a51e3e3e1509a2539063_s390x | — | ||
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:e0239a8ff86253729b9af04e6407283c51744497fea90d099afaceaa4fc823ec_ppc64le | — | ||
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:27ecc916ce170d505d828742fa29d20143c4443343b101a2a9d75fe086b515f1_amd64 | — | ||
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:350a8565fb297353c81571bad33f0fca5ab129560ad7f15de242db98c4709b3c_s390x | — | ||
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:488df8c38e377719771c758b71f1e966d76bb03da6217e09c29c21fec12c437d_arm64 | — | ||
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:84ffa04b7ae504efc0037c3ae14c0e4d4f99057593a2db2bbbfcf92e526d2c7c_ppc64le | — | ||
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:03484bd14253a7340f754a6f1aef5659cfd5a6844ffbdfb2f215321b6fc63644_s390x | — | ||
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2dc033562cb43480543ff398284933993006741e83f453228a9902a2c9b3ff1d_ppc64le | — | ||
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:61c172961af1a895e9cb355573f1f8a780e7acecc505c58c18faeb9fc49efa66_amd64 | — | ||
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:a297d29025aa9d1e963daf0c4b076533da59ddd84825e79d6e6b0e921e8c2588_arm64 | — | ||
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:1607eb2595aa0679f571d81c19840cfaf923908553b05d479bd35b2290b1d7e6_ppc64le | — | ||
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:6f998bb3b7d5311d8e74b25f8fcfe4ae65897270da3c0763ca2cb1d763135bc4_amd64 | — | ||
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:8214855b40028fdd2def40116f4585bd50f42ef0948713d63e163840079e8be7_s390x | — | ||
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:e6e8f0a739c61bbd94a61bb75d81ef1af551a4e57ed4a64e583adce62c82af9c_arm64 | — |
Threats
Impact
Moderate
A flaw was found in Golang. The html/template package did not properly handle HMTL-like "<!--" and "-->" comment tokens, nor hashbang "#!" comment tokens, in <script> contexts. This issue may cause the template parser to improperly interpret the contents of <script> contexts, causing actions to be improperly escaped.
6.1 (Medium)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:66d6fed71915dce2d8b8386cf661590bd374e27baa26a7c2cddd1916386922ce_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:67167e08f0883c273e98810ad44288c4355ce2af13859021e2973c075c56cf9f_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:8596630dd1c175bf6dd29470c009e850d8b8fd465f3d9dcee8338a4aeca8dc64_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:be6bfe44af552d934c881db0177bee7e345d76442523b0ea0144610d5470ea45_ppc64le | — |
Vendor Fix
fix
|
Known not affected
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:5da2ecf1149394e0c64af7c8e8a2684012590838031e4c733d6eff7f30cd6265_amd64 | — | ||
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ae91d40862457c43c130aa081a66bcedca17dce7dce0f381143b244dd126bc12_arm64 | — | ||
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ce5c9ef5800ed30888dcb23aa2ed9cf56bd83767d572a51e3e3e1509a2539063_s390x | — | ||
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:e0239a8ff86253729b9af04e6407283c51744497fea90d099afaceaa4fc823ec_ppc64le | — | ||
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:27ecc916ce170d505d828742fa29d20143c4443343b101a2a9d75fe086b515f1_amd64 | — | ||
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:350a8565fb297353c81571bad33f0fca5ab129560ad7f15de242db98c4709b3c_s390x | — | ||
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:488df8c38e377719771c758b71f1e966d76bb03da6217e09c29c21fec12c437d_arm64 | — | ||
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:84ffa04b7ae504efc0037c3ae14c0e4d4f99057593a2db2bbbfcf92e526d2c7c_ppc64le | — | ||
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:03484bd14253a7340f754a6f1aef5659cfd5a6844ffbdfb2f215321b6fc63644_s390x | — | ||
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2dc033562cb43480543ff398284933993006741e83f453228a9902a2c9b3ff1d_ppc64le | — | ||
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:61c172961af1a895e9cb355573f1f8a780e7acecc505c58c18faeb9fc49efa66_amd64 | — | ||
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:a297d29025aa9d1e963daf0c4b076533da59ddd84825e79d6e6b0e921e8c2588_arm64 | — | ||
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:1607eb2595aa0679f571d81c19840cfaf923908553b05d479bd35b2290b1d7e6_ppc64le | — | ||
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:6f998bb3b7d5311d8e74b25f8fcfe4ae65897270da3c0763ca2cb1d763135bc4_amd64 | — | ||
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:8214855b40028fdd2def40116f4585bd50f42ef0948713d63e163840079e8be7_s390x | — | ||
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:e6e8f0a739c61bbd94a61bb75d81ef1af551a4e57ed4a64e583adce62c82af9c_arm64 | — |
Threats
Impact
Moderate
A flaw was found in Golang. The html/template package did not apply the proper rules for handling occurrences of "<script", "<!--", and "</script" within JS literals in <script> contexts. This issue may cause the template parser to improperly consider script contexts to be terminated early, causing actions to be improperly escaped.
6.1 (Medium)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:66d6fed71915dce2d8b8386cf661590bd374e27baa26a7c2cddd1916386922ce_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:67167e08f0883c273e98810ad44288c4355ce2af13859021e2973c075c56cf9f_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:8596630dd1c175bf6dd29470c009e850d8b8fd465f3d9dcee8338a4aeca8dc64_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:be6bfe44af552d934c881db0177bee7e345d76442523b0ea0144610d5470ea45_ppc64le | — |
Vendor Fix
fix
|
Known not affected
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:5da2ecf1149394e0c64af7c8e8a2684012590838031e4c733d6eff7f30cd6265_amd64 | — | ||
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ae91d40862457c43c130aa081a66bcedca17dce7dce0f381143b244dd126bc12_arm64 | — | ||
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ce5c9ef5800ed30888dcb23aa2ed9cf56bd83767d572a51e3e3e1509a2539063_s390x | — | ||
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:e0239a8ff86253729b9af04e6407283c51744497fea90d099afaceaa4fc823ec_ppc64le | — | ||
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:27ecc916ce170d505d828742fa29d20143c4443343b101a2a9d75fe086b515f1_amd64 | — | ||
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:350a8565fb297353c81571bad33f0fca5ab129560ad7f15de242db98c4709b3c_s390x | — | ||
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:488df8c38e377719771c758b71f1e966d76bb03da6217e09c29c21fec12c437d_arm64 | — | ||
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:84ffa04b7ae504efc0037c3ae14c0e4d4f99057593a2db2bbbfcf92e526d2c7c_ppc64le | — | ||
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:03484bd14253a7340f754a6f1aef5659cfd5a6844ffbdfb2f215321b6fc63644_s390x | — | ||
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2dc033562cb43480543ff398284933993006741e83f453228a9902a2c9b3ff1d_ppc64le | — | ||
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:61c172961af1a895e9cb355573f1f8a780e7acecc505c58c18faeb9fc49efa66_amd64 | — | ||
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:a297d29025aa9d1e963daf0c4b076533da59ddd84825e79d6e6b0e921e8c2588_arm64 | — | ||
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:1607eb2595aa0679f571d81c19840cfaf923908553b05d479bd35b2290b1d7e6_ppc64le | — | ||
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:6f998bb3b7d5311d8e74b25f8fcfe4ae65897270da3c0763ca2cb1d763135bc4_amd64 | — | ||
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:8214855b40028fdd2def40116f4585bd50f42ef0948713d63e163840079e8be7_s390x | — | ||
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:e6e8f0a739c61bbd94a61bb75d81ef1af551a4e57ed4a64e583adce62c82af9c_arm64 | — |
Threats
Impact
Moderate
A flaw was found in Golang. Processing an incomplete post-handshake message for a QUIC connection caused a panic.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:66d6fed71915dce2d8b8386cf661590bd374e27baa26a7c2cddd1916386922ce_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:67167e08f0883c273e98810ad44288c4355ce2af13859021e2973c075c56cf9f_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:8596630dd1c175bf6dd29470c009e850d8b8fd465f3d9dcee8338a4aeca8dc64_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:be6bfe44af552d934c881db0177bee7e345d76442523b0ea0144610d5470ea45_ppc64le | — |
Vendor Fix
fix
|
Known not affected
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:5da2ecf1149394e0c64af7c8e8a2684012590838031e4c733d6eff7f30cd6265_amd64 | — | ||
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ae91d40862457c43c130aa081a66bcedca17dce7dce0f381143b244dd126bc12_arm64 | — | ||
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ce5c9ef5800ed30888dcb23aa2ed9cf56bd83767d572a51e3e3e1509a2539063_s390x | — | ||
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:e0239a8ff86253729b9af04e6407283c51744497fea90d099afaceaa4fc823ec_ppc64le | — | ||
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:27ecc916ce170d505d828742fa29d20143c4443343b101a2a9d75fe086b515f1_amd64 | — | ||
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:350a8565fb297353c81571bad33f0fca5ab129560ad7f15de242db98c4709b3c_s390x | — | ||
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:488df8c38e377719771c758b71f1e966d76bb03da6217e09c29c21fec12c437d_arm64 | — | ||
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:84ffa04b7ae504efc0037c3ae14c0e4d4f99057593a2db2bbbfcf92e526d2c7c_ppc64le | — | ||
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:03484bd14253a7340f754a6f1aef5659cfd5a6844ffbdfb2f215321b6fc63644_s390x | — | ||
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2dc033562cb43480543ff398284933993006741e83f453228a9902a2c9b3ff1d_ppc64le | — | ||
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:61c172961af1a895e9cb355573f1f8a780e7acecc505c58c18faeb9fc49efa66_amd64 | — | ||
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:a297d29025aa9d1e963daf0c4b076533da59ddd84825e79d6e6b0e921e8c2588_arm64 | — | ||
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:1607eb2595aa0679f571d81c19840cfaf923908553b05d479bd35b2290b1d7e6_ppc64le | — | ||
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:6f998bb3b7d5311d8e74b25f8fcfe4ae65897270da3c0763ca2cb1d763135bc4_amd64 | — | ||
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:8214855b40028fdd2def40116f4585bd50f42ef0948713d63e163840079e8be7_s390x | — | ||
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:e6e8f0a739c61bbd94a61bb75d81ef1af551a4e57ed4a64e583adce62c82af9c_arm64 | — |
Threats
Impact
Moderate
A flaw was found in Golang. QUIC connections do not set an upper bound on the amount of data buffered when reading post-handshake messages, allowing a malicious QUIC connection to cause unbounded memory growth. With the fix, connections now consistently reject messages larger than 65KiB in size.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:66d6fed71915dce2d8b8386cf661590bd374e27baa26a7c2cddd1916386922ce_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:67167e08f0883c273e98810ad44288c4355ce2af13859021e2973c075c56cf9f_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:8596630dd1c175bf6dd29470c009e850d8b8fd465f3d9dcee8338a4aeca8dc64_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:be6bfe44af552d934c881db0177bee7e345d76442523b0ea0144610d5470ea45_ppc64le | — |
Vendor Fix
fix
|
Known not affected
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:5da2ecf1149394e0c64af7c8e8a2684012590838031e4c733d6eff7f30cd6265_amd64 | — | ||
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ae91d40862457c43c130aa081a66bcedca17dce7dce0f381143b244dd126bc12_arm64 | — | ||
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ce5c9ef5800ed30888dcb23aa2ed9cf56bd83767d572a51e3e3e1509a2539063_s390x | — | ||
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:e0239a8ff86253729b9af04e6407283c51744497fea90d099afaceaa4fc823ec_ppc64le | — | ||
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:27ecc916ce170d505d828742fa29d20143c4443343b101a2a9d75fe086b515f1_amd64 | — | ||
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:350a8565fb297353c81571bad33f0fca5ab129560ad7f15de242db98c4709b3c_s390x | — | ||
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:488df8c38e377719771c758b71f1e966d76bb03da6217e09c29c21fec12c437d_arm64 | — | ||
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:84ffa04b7ae504efc0037c3ae14c0e4d4f99057593a2db2bbbfcf92e526d2c7c_ppc64le | — | ||
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:03484bd14253a7340f754a6f1aef5659cfd5a6844ffbdfb2f215321b6fc63644_s390x | — | ||
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2dc033562cb43480543ff398284933993006741e83f453228a9902a2c9b3ff1d_ppc64le | — | ||
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:61c172961af1a895e9cb355573f1f8a780e7acecc505c58c18faeb9fc49efa66_amd64 | — | ||
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:a297d29025aa9d1e963daf0c4b076533da59ddd84825e79d6e6b0e921e8c2588_arm64 | — | ||
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:1607eb2595aa0679f571d81c19840cfaf923908553b05d479bd35b2290b1d7e6_ppc64le | — | ||
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:6f998bb3b7d5311d8e74b25f8fcfe4ae65897270da3c0763ca2cb1d763135bc4_amd64 | — | ||
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:8214855b40028fdd2def40116f4585bd50f42ef0948713d63e163840079e8be7_s390x | — | ||
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:e6e8f0a739c61bbd94a61bb75d81ef1af551a4e57ed4a64e583adce62c82af9c_arm64 | — |
Threats
Impact
Moderate
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.
7.5 (High)
Affected products
Fixed
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:5da2ecf1149394e0c64af7c8e8a2684012590838031e4c733d6eff7f30cd6265_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ae91d40862457c43c130aa081a66bcedca17dce7dce0f381143b244dd126bc12_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ce5c9ef5800ed30888dcb23aa2ed9cf56bd83767d572a51e3e3e1509a2539063_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:e0239a8ff86253729b9af04e6407283c51744497fea90d099afaceaa4fc823ec_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:27ecc916ce170d505d828742fa29d20143c4443343b101a2a9d75fe086b515f1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:350a8565fb297353c81571bad33f0fca5ab129560ad7f15de242db98c4709b3c_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:488df8c38e377719771c758b71f1e966d76bb03da6217e09c29c21fec12c437d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:84ffa04b7ae504efc0037c3ae14c0e4d4f99057593a2db2bbbfcf92e526d2c7c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:03484bd14253a7340f754a6f1aef5659cfd5a6844ffbdfb2f215321b6fc63644_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2dc033562cb43480543ff398284933993006741e83f453228a9902a2c9b3ff1d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:61c172961af1a895e9cb355573f1f8a780e7acecc505c58c18faeb9fc49efa66_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:a297d29025aa9d1e963daf0c4b076533da59ddd84825e79d6e6b0e921e8c2588_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:66d6fed71915dce2d8b8386cf661590bd374e27baa26a7c2cddd1916386922ce_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:67167e08f0883c273e98810ad44288c4355ce2af13859021e2973c075c56cf9f_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:8596630dd1c175bf6dd29470c009e850d8b8fd465f3d9dcee8338a4aeca8dc64_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:be6bfe44af552d934c881db0177bee7e345d76442523b0ea0144610d5470ea45_ppc64le | — |
Vendor Fix
fix
Workaround
|
Known not affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:1607eb2595aa0679f571d81c19840cfaf923908553b05d479bd35b2290b1d7e6_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:6f998bb3b7d5311d8e74b25f8fcfe4ae65897270da3c0763ca2cb1d763135bc4_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:8214855b40028fdd2def40116f4585bd50f42ef0948713d63e163840079e8be7_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:e6e8f0a739c61bbd94a61bb75d81ef1af551a4e57ed4a64e583adce62c82af9c_arm64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages. Security Bulletin https://access.redhat.com/security/vulnerabilities/RHSB-2023-003
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:66d6fed71915dce2d8b8386cf661590bd374e27baa26a7c2cddd1916386922ce_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:67167e08f0883c273e98810ad44288c4355ce2af13859021e2973c075c56cf9f_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:8596630dd1c175bf6dd29470c009e850d8b8fd465f3d9dcee8338a4aeca8dc64_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:be6bfe44af552d934c881db0177bee7e345d76442523b0ea0144610d5470ea45_ppc64le | — |
Vendor Fix
fix
Workaround
|
Known not affected
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:5da2ecf1149394e0c64af7c8e8a2684012590838031e4c733d6eff7f30cd6265_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ae91d40862457c43c130aa081a66bcedca17dce7dce0f381143b244dd126bc12_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ce5c9ef5800ed30888dcb23aa2ed9cf56bd83767d572a51e3e3e1509a2539063_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:e0239a8ff86253729b9af04e6407283c51744497fea90d099afaceaa4fc823ec_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:27ecc916ce170d505d828742fa29d20143c4443343b101a2a9d75fe086b515f1_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:350a8565fb297353c81571bad33f0fca5ab129560ad7f15de242db98c4709b3c_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:488df8c38e377719771c758b71f1e966d76bb03da6217e09c29c21fec12c437d_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:84ffa04b7ae504efc0037c3ae14c0e4d4f99057593a2db2bbbfcf92e526d2c7c_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:03484bd14253a7340f754a6f1aef5659cfd5a6844ffbdfb2f215321b6fc63644_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2dc033562cb43480543ff398284933993006741e83f453228a9902a2c9b3ff1d_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:61c172961af1a895e9cb355573f1f8a780e7acecc505c58c18faeb9fc49efa66_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:a297d29025aa9d1e963daf0c4b076533da59ddd84825e79d6e6b0e921e8c2588_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:1607eb2595aa0679f571d81c19840cfaf923908553b05d479bd35b2290b1d7e6_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:6f998bb3b7d5311d8e74b25f8fcfe4ae65897270da3c0763ca2cb1d763135bc4_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:8214855b40028fdd2def40116f4585bd50f42ef0948713d63e163840079e8be7_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:e6e8f0a739c61bbd94a61bb75d81ef1af551a4e57ed4a64e583adce62c82af9c_arm64 | — |
Workaround
|
Threats
Exploit Status
CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Impact
Important
References
70 references
Acknowledgments
GMO Cybersecurity by Ierae, Inc.
Takeshi Kaneko
Martin Seemann
Marten Seemann
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for network-observability-console-plugin-container, network-observability-ebpf-agent-container, network-observability-flowlogs-pipeline-container, network-observability-operator-bundle-container, and network-observability-operator-container is now available for NETWORK-OBSERVABILITY-1.4.0-RHEL-9.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Security Fix(es):\n\n* golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) (CVE-2023-39325)\n\n* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)\n\n* golang: net/http: insufficient sanitization of Host header (CVE-2023-29406)\n\n* golang: crypto/tls: slow verification of certificate chains containing large RSA keys (CVE-2023-29409)\n\n* golang: html/template: improper handling of HTML-like comments within script contexts (CVE-2023-39318)\n\n* golang: html/template: improper handling of special tags within script contexts (CVE-2023-39319)\n\n* golang: crypto/tls: panic when processing post-handshake message on QUIC connections (CVE-2023-39321)\n\n* golang: crypto/tls: lack of a limit on buffered post-handshake (CVE-2023-39322)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:5974",
"url": "https://access.redhat.com/errata/RHSA-2023:5974"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "2222167",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2222167"
},
{
"category": "external",
"summary": "2228743",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2228743"
},
{
"category": "external",
"summary": "2237773",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237773"
},
{
"category": "external",
"summary": "2237776",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237776"
},
{
"category": "external",
"summary": "2237777",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237777"
},
{
"category": "external",
"summary": "2237778",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237778"
},
{
"category": "external",
"summary": "2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "external",
"summary": "NETOBSERV-1344",
"url": "https://issues.redhat.com/browse/NETOBSERV-1344"
},
{
"category": "external",
"summary": "NETOBSERV-926",
"url": "https://issues.redhat.com/browse/NETOBSERV-926"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_5974.json"
}
],
"title": "Red Hat Security Advisory: Network Observability security update",
"tracking": {
"current_release_date": "2026-06-05T13:08:08+00:00",
"generator": {
"date": "2026-06-05T13:08:08+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.2"
}
},
"id": "RHSA-2023:5974",
"initial_release_date": "2023-10-20T16:49:58+00:00",
"revision_history": [
{
"date": "2023-10-20T16:49:58+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-10-20T16:49:58+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-05T13:08:08+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "NETOBSERV 1.4 for RHEL 9",
"product": {
"name": "NETOBSERV 1.4 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.4.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:network_observ_optr:1.4.0::el9"
}
}
}
],
"category": "product_family",
"name": "Network Observability"
},
{
"branches": [
{
"category": "product_version",
"name": "network-observability/network-observability-console-plugin-rhel9@sha256:ae91d40862457c43c130aa081a66bcedca17dce7dce0f381143b244dd126bc12_arm64",
"product": {
"name": "network-observability/network-observability-console-plugin-rhel9@sha256:ae91d40862457c43c130aa081a66bcedca17dce7dce0f381143b244dd126bc12_arm64",
"product_id": "network-observability/network-observability-console-plugin-rhel9@sha256:ae91d40862457c43c130aa081a66bcedca17dce7dce0f381143b244dd126bc12_arm64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-console-plugin-rhel9@sha256:ae91d40862457c43c130aa081a66bcedca17dce7dce0f381143b244dd126bc12?arch=arm64\u0026repository_url=registry.redhat.io/network-observability/network-observability-console-plugin-rhel9\u0026tag=v1.4.0-51"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:488df8c38e377719771c758b71f1e966d76bb03da6217e09c29c21fec12c437d_arm64",
"product": {
"name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:488df8c38e377719771c758b71f1e966d76bb03da6217e09c29c21fec12c437d_arm64",
"product_id": "network-observability/network-observability-ebpf-agent-rhel9@sha256:488df8c38e377719771c758b71f1e966d76bb03da6217e09c29c21fec12c437d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-ebpf-agent-rhel9@sha256:488df8c38e377719771c758b71f1e966d76bb03da6217e09c29c21fec12c437d?arch=arm64\u0026repository_url=registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9\u0026tag=v1.4.0-51"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:a297d29025aa9d1e963daf0c4b076533da59ddd84825e79d6e6b0e921e8c2588_arm64",
"product": {
"name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:a297d29025aa9d1e963daf0c4b076533da59ddd84825e79d6e6b0e921e8c2588_arm64",
"product_id": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:a297d29025aa9d1e963daf0c4b076533da59ddd84825e79d6e6b0e921e8c2588_arm64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-flowlogs-pipeline-rhel9@sha256:a297d29025aa9d1e963daf0c4b076533da59ddd84825e79d6e6b0e921e8c2588?arch=arm64\u0026repository_url=registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9\u0026tag=v1.4.0-51"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-operator-bundle@sha256:e6e8f0a739c61bbd94a61bb75d81ef1af551a4e57ed4a64e583adce62c82af9c_arm64",
"product": {
"name": "network-observability/network-observability-operator-bundle@sha256:e6e8f0a739c61bbd94a61bb75d81ef1af551a4e57ed4a64e583adce62c82af9c_arm64",
"product_id": "network-observability/network-observability-operator-bundle@sha256:e6e8f0a739c61bbd94a61bb75d81ef1af551a4e57ed4a64e583adce62c82af9c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-operator-bundle@sha256:e6e8f0a739c61bbd94a61bb75d81ef1af551a4e57ed4a64e583adce62c82af9c?arch=arm64\u0026repository_url=registry.redhat.io/network-observability/network-observability-operator-bundle\u0026tag=1.4.0-70"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-rhel9-operator@sha256:8596630dd1c175bf6dd29470c009e850d8b8fd465f3d9dcee8338a4aeca8dc64_arm64",
"product": {
"name": "network-observability/network-observability-rhel9-operator@sha256:8596630dd1c175bf6dd29470c009e850d8b8fd465f3d9dcee8338a4aeca8dc64_arm64",
"product_id": "network-observability/network-observability-rhel9-operator@sha256:8596630dd1c175bf6dd29470c009e850d8b8fd465f3d9dcee8338a4aeca8dc64_arm64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-rhel9-operator@sha256:8596630dd1c175bf6dd29470c009e850d8b8fd465f3d9dcee8338a4aeca8dc64?arch=arm64\u0026repository_url=registry.redhat.io/network-observability/network-observability-rhel9-operator\u0026tag=v1.4.0-51"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "network-observability/network-observability-console-plugin-rhel9@sha256:e0239a8ff86253729b9af04e6407283c51744497fea90d099afaceaa4fc823ec_ppc64le",
"product": {
"name": "network-observability/network-observability-console-plugin-rhel9@sha256:e0239a8ff86253729b9af04e6407283c51744497fea90d099afaceaa4fc823ec_ppc64le",
"product_id": "network-observability/network-observability-console-plugin-rhel9@sha256:e0239a8ff86253729b9af04e6407283c51744497fea90d099afaceaa4fc823ec_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-console-plugin-rhel9@sha256:e0239a8ff86253729b9af04e6407283c51744497fea90d099afaceaa4fc823ec?arch=ppc64le\u0026repository_url=registry.redhat.io/network-observability/network-observability-console-plugin-rhel9\u0026tag=v1.4.0-51"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:84ffa04b7ae504efc0037c3ae14c0e4d4f99057593a2db2bbbfcf92e526d2c7c_ppc64le",
"product": {
"name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:84ffa04b7ae504efc0037c3ae14c0e4d4f99057593a2db2bbbfcf92e526d2c7c_ppc64le",
"product_id": "network-observability/network-observability-ebpf-agent-rhel9@sha256:84ffa04b7ae504efc0037c3ae14c0e4d4f99057593a2db2bbbfcf92e526d2c7c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-ebpf-agent-rhel9@sha256:84ffa04b7ae504efc0037c3ae14c0e4d4f99057593a2db2bbbfcf92e526d2c7c?arch=ppc64le\u0026repository_url=registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9\u0026tag=v1.4.0-51"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2dc033562cb43480543ff398284933993006741e83f453228a9902a2c9b3ff1d_ppc64le",
"product": {
"name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2dc033562cb43480543ff398284933993006741e83f453228a9902a2c9b3ff1d_ppc64le",
"product_id": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2dc033562cb43480543ff398284933993006741e83f453228a9902a2c9b3ff1d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-flowlogs-pipeline-rhel9@sha256:2dc033562cb43480543ff398284933993006741e83f453228a9902a2c9b3ff1d?arch=ppc64le\u0026repository_url=registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9\u0026tag=v1.4.0-51"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-operator-bundle@sha256:1607eb2595aa0679f571d81c19840cfaf923908553b05d479bd35b2290b1d7e6_ppc64le",
"product": {
"name": "network-observability/network-observability-operator-bundle@sha256:1607eb2595aa0679f571d81c19840cfaf923908553b05d479bd35b2290b1d7e6_ppc64le",
"product_id": "network-observability/network-observability-operator-bundle@sha256:1607eb2595aa0679f571d81c19840cfaf923908553b05d479bd35b2290b1d7e6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-operator-bundle@sha256:1607eb2595aa0679f571d81c19840cfaf923908553b05d479bd35b2290b1d7e6?arch=ppc64le\u0026repository_url=registry.redhat.io/network-observability/network-observability-operator-bundle\u0026tag=1.4.0-70"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-rhel9-operator@sha256:be6bfe44af552d934c881db0177bee7e345d76442523b0ea0144610d5470ea45_ppc64le",
"product": {
"name": "network-observability/network-observability-rhel9-operator@sha256:be6bfe44af552d934c881db0177bee7e345d76442523b0ea0144610d5470ea45_ppc64le",
"product_id": "network-observability/network-observability-rhel9-operator@sha256:be6bfe44af552d934c881db0177bee7e345d76442523b0ea0144610d5470ea45_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-rhel9-operator@sha256:be6bfe44af552d934c881db0177bee7e345d76442523b0ea0144610d5470ea45?arch=ppc64le\u0026repository_url=registry.redhat.io/network-observability/network-observability-rhel9-operator\u0026tag=v1.4.0-51"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "network-observability/network-observability-console-plugin-rhel9@sha256:ce5c9ef5800ed30888dcb23aa2ed9cf56bd83767d572a51e3e3e1509a2539063_s390x",
"product": {
"name": "network-observability/network-observability-console-plugin-rhel9@sha256:ce5c9ef5800ed30888dcb23aa2ed9cf56bd83767d572a51e3e3e1509a2539063_s390x",
"product_id": "network-observability/network-observability-console-plugin-rhel9@sha256:ce5c9ef5800ed30888dcb23aa2ed9cf56bd83767d572a51e3e3e1509a2539063_s390x",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-console-plugin-rhel9@sha256:ce5c9ef5800ed30888dcb23aa2ed9cf56bd83767d572a51e3e3e1509a2539063?arch=s390x\u0026repository_url=registry.redhat.io/network-observability/network-observability-console-plugin-rhel9\u0026tag=v1.4.0-51"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:350a8565fb297353c81571bad33f0fca5ab129560ad7f15de242db98c4709b3c_s390x",
"product": {
"name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:350a8565fb297353c81571bad33f0fca5ab129560ad7f15de242db98c4709b3c_s390x",
"product_id": "network-observability/network-observability-ebpf-agent-rhel9@sha256:350a8565fb297353c81571bad33f0fca5ab129560ad7f15de242db98c4709b3c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-ebpf-agent-rhel9@sha256:350a8565fb297353c81571bad33f0fca5ab129560ad7f15de242db98c4709b3c?arch=s390x\u0026repository_url=registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9\u0026tag=v1.4.0-51"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:03484bd14253a7340f754a6f1aef5659cfd5a6844ffbdfb2f215321b6fc63644_s390x",
"product": {
"name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:03484bd14253a7340f754a6f1aef5659cfd5a6844ffbdfb2f215321b6fc63644_s390x",
"product_id": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:03484bd14253a7340f754a6f1aef5659cfd5a6844ffbdfb2f215321b6fc63644_s390x",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-flowlogs-pipeline-rhel9@sha256:03484bd14253a7340f754a6f1aef5659cfd5a6844ffbdfb2f215321b6fc63644?arch=s390x\u0026repository_url=registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9\u0026tag=v1.4.0-51"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-operator-bundle@sha256:8214855b40028fdd2def40116f4585bd50f42ef0948713d63e163840079e8be7_s390x",
"product": {
"name": "network-observability/network-observability-operator-bundle@sha256:8214855b40028fdd2def40116f4585bd50f42ef0948713d63e163840079e8be7_s390x",
"product_id": "network-observability/network-observability-operator-bundle@sha256:8214855b40028fdd2def40116f4585bd50f42ef0948713d63e163840079e8be7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-operator-bundle@sha256:8214855b40028fdd2def40116f4585bd50f42ef0948713d63e163840079e8be7?arch=s390x\u0026repository_url=registry.redhat.io/network-observability/network-observability-operator-bundle\u0026tag=1.4.0-70"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-rhel9-operator@sha256:67167e08f0883c273e98810ad44288c4355ce2af13859021e2973c075c56cf9f_s390x",
"product": {
"name": "network-observability/network-observability-rhel9-operator@sha256:67167e08f0883c273e98810ad44288c4355ce2af13859021e2973c075c56cf9f_s390x",
"product_id": "network-observability/network-observability-rhel9-operator@sha256:67167e08f0883c273e98810ad44288c4355ce2af13859021e2973c075c56cf9f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-rhel9-operator@sha256:67167e08f0883c273e98810ad44288c4355ce2af13859021e2973c075c56cf9f?arch=s390x\u0026repository_url=registry.redhat.io/network-observability/network-observability-rhel9-operator\u0026tag=v1.4.0-51"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "network-observability/network-observability-console-plugin-rhel9@sha256:5da2ecf1149394e0c64af7c8e8a2684012590838031e4c733d6eff7f30cd6265_amd64",
"product": {
"name": "network-observability/network-observability-console-plugin-rhel9@sha256:5da2ecf1149394e0c64af7c8e8a2684012590838031e4c733d6eff7f30cd6265_amd64",
"product_id": "network-observability/network-observability-console-plugin-rhel9@sha256:5da2ecf1149394e0c64af7c8e8a2684012590838031e4c733d6eff7f30cd6265_amd64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-console-plugin-rhel9@sha256:5da2ecf1149394e0c64af7c8e8a2684012590838031e4c733d6eff7f30cd6265?arch=amd64\u0026repository_url=registry.redhat.io/network-observability/network-observability-console-plugin-rhel9\u0026tag=v1.4.0-51"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:27ecc916ce170d505d828742fa29d20143c4443343b101a2a9d75fe086b515f1_amd64",
"product": {
"name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:27ecc916ce170d505d828742fa29d20143c4443343b101a2a9d75fe086b515f1_amd64",
"product_id": "network-observability/network-observability-ebpf-agent-rhel9@sha256:27ecc916ce170d505d828742fa29d20143c4443343b101a2a9d75fe086b515f1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-ebpf-agent-rhel9@sha256:27ecc916ce170d505d828742fa29d20143c4443343b101a2a9d75fe086b515f1?arch=amd64\u0026repository_url=registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9\u0026tag=v1.4.0-51"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:61c172961af1a895e9cb355573f1f8a780e7acecc505c58c18faeb9fc49efa66_amd64",
"product": {
"name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:61c172961af1a895e9cb355573f1f8a780e7acecc505c58c18faeb9fc49efa66_amd64",
"product_id": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:61c172961af1a895e9cb355573f1f8a780e7acecc505c58c18faeb9fc49efa66_amd64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-flowlogs-pipeline-rhel9@sha256:61c172961af1a895e9cb355573f1f8a780e7acecc505c58c18faeb9fc49efa66?arch=amd64\u0026repository_url=registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9\u0026tag=v1.4.0-51"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-operator-bundle@sha256:6f998bb3b7d5311d8e74b25f8fcfe4ae65897270da3c0763ca2cb1d763135bc4_amd64",
"product": {
"name": "network-observability/network-observability-operator-bundle@sha256:6f998bb3b7d5311d8e74b25f8fcfe4ae65897270da3c0763ca2cb1d763135bc4_amd64",
"product_id": "network-observability/network-observability-operator-bundle@sha256:6f998bb3b7d5311d8e74b25f8fcfe4ae65897270da3c0763ca2cb1d763135bc4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-operator-bundle@sha256:6f998bb3b7d5311d8e74b25f8fcfe4ae65897270da3c0763ca2cb1d763135bc4?arch=amd64\u0026repository_url=registry.redhat.io/network-observability/network-observability-operator-bundle\u0026tag=1.4.0-70"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-rhel9-operator@sha256:66d6fed71915dce2d8b8386cf661590bd374e27baa26a7c2cddd1916386922ce_amd64",
"product": {
"name": "network-observability/network-observability-rhel9-operator@sha256:66d6fed71915dce2d8b8386cf661590bd374e27baa26a7c2cddd1916386922ce_amd64",
"product_id": "network-observability/network-observability-rhel9-operator@sha256:66d6fed71915dce2d8b8386cf661590bd374e27baa26a7c2cddd1916386922ce_amd64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-rhel9-operator@sha256:66d6fed71915dce2d8b8386cf661590bd374e27baa26a7c2cddd1916386922ce?arch=amd64\u0026repository_url=registry.redhat.io/network-observability/network-observability-rhel9-operator\u0026tag=v1.4.0-51"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-console-plugin-rhel9@sha256:5da2ecf1149394e0c64af7c8e8a2684012590838031e4c733d6eff7f30cd6265_amd64 as a component of NETOBSERV 1.4 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:5da2ecf1149394e0c64af7c8e8a2684012590838031e4c733d6eff7f30cd6265_amd64"
},
"product_reference": "network-observability/network-observability-console-plugin-rhel9@sha256:5da2ecf1149394e0c64af7c8e8a2684012590838031e4c733d6eff7f30cd6265_amd64",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-console-plugin-rhel9@sha256:ae91d40862457c43c130aa081a66bcedca17dce7dce0f381143b244dd126bc12_arm64 as a component of NETOBSERV 1.4 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ae91d40862457c43c130aa081a66bcedca17dce7dce0f381143b244dd126bc12_arm64"
},
"product_reference": "network-observability/network-observability-console-plugin-rhel9@sha256:ae91d40862457c43c130aa081a66bcedca17dce7dce0f381143b244dd126bc12_arm64",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-console-plugin-rhel9@sha256:ce5c9ef5800ed30888dcb23aa2ed9cf56bd83767d572a51e3e3e1509a2539063_s390x as a component of NETOBSERV 1.4 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ce5c9ef5800ed30888dcb23aa2ed9cf56bd83767d572a51e3e3e1509a2539063_s390x"
},
"product_reference": "network-observability/network-observability-console-plugin-rhel9@sha256:ce5c9ef5800ed30888dcb23aa2ed9cf56bd83767d572a51e3e3e1509a2539063_s390x",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-console-plugin-rhel9@sha256:e0239a8ff86253729b9af04e6407283c51744497fea90d099afaceaa4fc823ec_ppc64le as a component of NETOBSERV 1.4 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:e0239a8ff86253729b9af04e6407283c51744497fea90d099afaceaa4fc823ec_ppc64le"
},
"product_reference": "network-observability/network-observability-console-plugin-rhel9@sha256:e0239a8ff86253729b9af04e6407283c51744497fea90d099afaceaa4fc823ec_ppc64le",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:27ecc916ce170d505d828742fa29d20143c4443343b101a2a9d75fe086b515f1_amd64 as a component of NETOBSERV 1.4 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:27ecc916ce170d505d828742fa29d20143c4443343b101a2a9d75fe086b515f1_amd64"
},
"product_reference": "network-observability/network-observability-ebpf-agent-rhel9@sha256:27ecc916ce170d505d828742fa29d20143c4443343b101a2a9d75fe086b515f1_amd64",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:350a8565fb297353c81571bad33f0fca5ab129560ad7f15de242db98c4709b3c_s390x as a component of NETOBSERV 1.4 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:350a8565fb297353c81571bad33f0fca5ab129560ad7f15de242db98c4709b3c_s390x"
},
"product_reference": "network-observability/network-observability-ebpf-agent-rhel9@sha256:350a8565fb297353c81571bad33f0fca5ab129560ad7f15de242db98c4709b3c_s390x",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:488df8c38e377719771c758b71f1e966d76bb03da6217e09c29c21fec12c437d_arm64 as a component of NETOBSERV 1.4 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:488df8c38e377719771c758b71f1e966d76bb03da6217e09c29c21fec12c437d_arm64"
},
"product_reference": "network-observability/network-observability-ebpf-agent-rhel9@sha256:488df8c38e377719771c758b71f1e966d76bb03da6217e09c29c21fec12c437d_arm64",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:84ffa04b7ae504efc0037c3ae14c0e4d4f99057593a2db2bbbfcf92e526d2c7c_ppc64le as a component of NETOBSERV 1.4 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:84ffa04b7ae504efc0037c3ae14c0e4d4f99057593a2db2bbbfcf92e526d2c7c_ppc64le"
},
"product_reference": "network-observability/network-observability-ebpf-agent-rhel9@sha256:84ffa04b7ae504efc0037c3ae14c0e4d4f99057593a2db2bbbfcf92e526d2c7c_ppc64le",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:03484bd14253a7340f754a6f1aef5659cfd5a6844ffbdfb2f215321b6fc63644_s390x as a component of NETOBSERV 1.4 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:03484bd14253a7340f754a6f1aef5659cfd5a6844ffbdfb2f215321b6fc63644_s390x"
},
"product_reference": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:03484bd14253a7340f754a6f1aef5659cfd5a6844ffbdfb2f215321b6fc63644_s390x",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2dc033562cb43480543ff398284933993006741e83f453228a9902a2c9b3ff1d_ppc64le as a component of NETOBSERV 1.4 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2dc033562cb43480543ff398284933993006741e83f453228a9902a2c9b3ff1d_ppc64le"
},
"product_reference": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2dc033562cb43480543ff398284933993006741e83f453228a9902a2c9b3ff1d_ppc64le",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:61c172961af1a895e9cb355573f1f8a780e7acecc505c58c18faeb9fc49efa66_amd64 as a component of NETOBSERV 1.4 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:61c172961af1a895e9cb355573f1f8a780e7acecc505c58c18faeb9fc49efa66_amd64"
},
"product_reference": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:61c172961af1a895e9cb355573f1f8a780e7acecc505c58c18faeb9fc49efa66_amd64",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:a297d29025aa9d1e963daf0c4b076533da59ddd84825e79d6e6b0e921e8c2588_arm64 as a component of NETOBSERV 1.4 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:a297d29025aa9d1e963daf0c4b076533da59ddd84825e79d6e6b0e921e8c2588_arm64"
},
"product_reference": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:a297d29025aa9d1e963daf0c4b076533da59ddd84825e79d6e6b0e921e8c2588_arm64",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-operator-bundle@sha256:1607eb2595aa0679f571d81c19840cfaf923908553b05d479bd35b2290b1d7e6_ppc64le as a component of NETOBSERV 1.4 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:1607eb2595aa0679f571d81c19840cfaf923908553b05d479bd35b2290b1d7e6_ppc64le"
},
"product_reference": "network-observability/network-observability-operator-bundle@sha256:1607eb2595aa0679f571d81c19840cfaf923908553b05d479bd35b2290b1d7e6_ppc64le",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-operator-bundle@sha256:6f998bb3b7d5311d8e74b25f8fcfe4ae65897270da3c0763ca2cb1d763135bc4_amd64 as a component of NETOBSERV 1.4 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:6f998bb3b7d5311d8e74b25f8fcfe4ae65897270da3c0763ca2cb1d763135bc4_amd64"
},
"product_reference": "network-observability/network-observability-operator-bundle@sha256:6f998bb3b7d5311d8e74b25f8fcfe4ae65897270da3c0763ca2cb1d763135bc4_amd64",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-operator-bundle@sha256:8214855b40028fdd2def40116f4585bd50f42ef0948713d63e163840079e8be7_s390x as a component of NETOBSERV 1.4 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:8214855b40028fdd2def40116f4585bd50f42ef0948713d63e163840079e8be7_s390x"
},
"product_reference": "network-observability/network-observability-operator-bundle@sha256:8214855b40028fdd2def40116f4585bd50f42ef0948713d63e163840079e8be7_s390x",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-operator-bundle@sha256:e6e8f0a739c61bbd94a61bb75d81ef1af551a4e57ed4a64e583adce62c82af9c_arm64 as a component of NETOBSERV 1.4 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:e6e8f0a739c61bbd94a61bb75d81ef1af551a4e57ed4a64e583adce62c82af9c_arm64"
},
"product_reference": "network-observability/network-observability-operator-bundle@sha256:e6e8f0a739c61bbd94a61bb75d81ef1af551a4e57ed4a64e583adce62c82af9c_arm64",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-rhel9-operator@sha256:66d6fed71915dce2d8b8386cf661590bd374e27baa26a7c2cddd1916386922ce_amd64 as a component of NETOBSERV 1.4 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:66d6fed71915dce2d8b8386cf661590bd374e27baa26a7c2cddd1916386922ce_amd64"
},
"product_reference": "network-observability/network-observability-rhel9-operator@sha256:66d6fed71915dce2d8b8386cf661590bd374e27baa26a7c2cddd1916386922ce_amd64",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-rhel9-operator@sha256:67167e08f0883c273e98810ad44288c4355ce2af13859021e2973c075c56cf9f_s390x as a component of NETOBSERV 1.4 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:67167e08f0883c273e98810ad44288c4355ce2af13859021e2973c075c56cf9f_s390x"
},
"product_reference": "network-observability/network-observability-rhel9-operator@sha256:67167e08f0883c273e98810ad44288c4355ce2af13859021e2973c075c56cf9f_s390x",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-rhel9-operator@sha256:8596630dd1c175bf6dd29470c009e850d8b8fd465f3d9dcee8338a4aeca8dc64_arm64 as a component of NETOBSERV 1.4 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:8596630dd1c175bf6dd29470c009e850d8b8fd465f3d9dcee8338a4aeca8dc64_arm64"
},
"product_reference": "network-observability/network-observability-rhel9-operator@sha256:8596630dd1c175bf6dd29470c009e850d8b8fd465f3d9dcee8338a4aeca8dc64_arm64",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-rhel9-operator@sha256:be6bfe44af552d934c881db0177bee7e345d76442523b0ea0144610d5470ea45_ppc64le as a component of NETOBSERV 1.4 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:be6bfe44af552d934c881db0177bee7e345d76442523b0ea0144610d5470ea45_ppc64le"
},
"product_reference": "network-observability/network-observability-rhel9-operator@sha256:be6bfe44af552d934c881db0177bee7e345d76442523b0ea0144610d5470ea45_ppc64le",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.4.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-29406",
"cwe": {
"id": "CWE-113",
"name": "Improper Neutralization of CRLF Sequences in HTTP Headers (\u0027HTTP Request/Response Splitting\u0027)"
},
"discovery_date": "2023-07-12T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:5da2ecf1149394e0c64af7c8e8a2684012590838031e4c733d6eff7f30cd6265_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ae91d40862457c43c130aa081a66bcedca17dce7dce0f381143b244dd126bc12_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ce5c9ef5800ed30888dcb23aa2ed9cf56bd83767d572a51e3e3e1509a2539063_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:e0239a8ff86253729b9af04e6407283c51744497fea90d099afaceaa4fc823ec_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:27ecc916ce170d505d828742fa29d20143c4443343b101a2a9d75fe086b515f1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:350a8565fb297353c81571bad33f0fca5ab129560ad7f15de242db98c4709b3c_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:488df8c38e377719771c758b71f1e966d76bb03da6217e09c29c21fec12c437d_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:84ffa04b7ae504efc0037c3ae14c0e4d4f99057593a2db2bbbfcf92e526d2c7c_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:03484bd14253a7340f754a6f1aef5659cfd5a6844ffbdfb2f215321b6fc63644_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2dc033562cb43480543ff398284933993006741e83f453228a9902a2c9b3ff1d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:61c172961af1a895e9cb355573f1f8a780e7acecc505c58c18faeb9fc49efa66_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:a297d29025aa9d1e963daf0c4b076533da59ddd84825e79d6e6b0e921e8c2588_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:1607eb2595aa0679f571d81c19840cfaf923908553b05d479bd35b2290b1d7e6_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:6f998bb3b7d5311d8e74b25f8fcfe4ae65897270da3c0763ca2cb1d763135bc4_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:8214855b40028fdd2def40116f4585bd50f42ef0948713d63e163840079e8be7_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:e6e8f0a739c61bbd94a61bb75d81ef1af551a4e57ed4a64e583adce62c82af9c_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2222167"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Golang, where it is vulnerable to HTTP header injection caused by improper content validation of the Host header by the HTTP/1 client. A remote attacker can inject arbitrary HTTP headers by persuading a victim to visit a specially crafted Web page. This flaw allows the attacker to conduct various attacks against the vulnerable system, including Cross-site scripting, cache poisoning, or session hijacking.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http: insufficient sanitization of Host header",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:66d6fed71915dce2d8b8386cf661590bd374e27baa26a7c2cddd1916386922ce_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:67167e08f0883c273e98810ad44288c4355ce2af13859021e2973c075c56cf9f_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:8596630dd1c175bf6dd29470c009e850d8b8fd465f3d9dcee8338a4aeca8dc64_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:be6bfe44af552d934c881db0177bee7e345d76442523b0ea0144610d5470ea45_ppc64le"
],
"known_not_affected": [
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:5da2ecf1149394e0c64af7c8e8a2684012590838031e4c733d6eff7f30cd6265_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ae91d40862457c43c130aa081a66bcedca17dce7dce0f381143b244dd126bc12_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ce5c9ef5800ed30888dcb23aa2ed9cf56bd83767d572a51e3e3e1509a2539063_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:e0239a8ff86253729b9af04e6407283c51744497fea90d099afaceaa4fc823ec_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:27ecc916ce170d505d828742fa29d20143c4443343b101a2a9d75fe086b515f1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:350a8565fb297353c81571bad33f0fca5ab129560ad7f15de242db98c4709b3c_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:488df8c38e377719771c758b71f1e966d76bb03da6217e09c29c21fec12c437d_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:84ffa04b7ae504efc0037c3ae14c0e4d4f99057593a2db2bbbfcf92e526d2c7c_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:03484bd14253a7340f754a6f1aef5659cfd5a6844ffbdfb2f215321b6fc63644_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2dc033562cb43480543ff398284933993006741e83f453228a9902a2c9b3ff1d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:61c172961af1a895e9cb355573f1f8a780e7acecc505c58c18faeb9fc49efa66_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:a297d29025aa9d1e963daf0c4b076533da59ddd84825e79d6e6b0e921e8c2588_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:1607eb2595aa0679f571d81c19840cfaf923908553b05d479bd35b2290b1d7e6_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:6f998bb3b7d5311d8e74b25f8fcfe4ae65897270da3c0763ca2cb1d763135bc4_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:8214855b40028fdd2def40116f4585bd50f42ef0948713d63e163840079e8be7_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:e6e8f0a739c61bbd94a61bb75d81ef1af551a4e57ed4a64e583adce62c82af9c_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-29406"
},
{
"category": "external",
"summary": "RHBZ#2222167",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2222167"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-29406",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29406"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-29406",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29406"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/2q13H6LEEx0",
"url": "https://groups.google.com/g/golang-announce/c/2q13H6LEEx0"
}
],
"release_date": "2023-07-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-20T16:49:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:66d6fed71915dce2d8b8386cf661590bd374e27baa26a7c2cddd1916386922ce_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:67167e08f0883c273e98810ad44288c4355ce2af13859021e2973c075c56cf9f_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:8596630dd1c175bf6dd29470c009e850d8b8fd465f3d9dcee8338a4aeca8dc64_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:be6bfe44af552d934c881db0177bee7e345d76442523b0ea0144610d5470ea45_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:5974"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:5da2ecf1149394e0c64af7c8e8a2684012590838031e4c733d6eff7f30cd6265_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ae91d40862457c43c130aa081a66bcedca17dce7dce0f381143b244dd126bc12_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ce5c9ef5800ed30888dcb23aa2ed9cf56bd83767d572a51e3e3e1509a2539063_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:e0239a8ff86253729b9af04e6407283c51744497fea90d099afaceaa4fc823ec_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:27ecc916ce170d505d828742fa29d20143c4443343b101a2a9d75fe086b515f1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:350a8565fb297353c81571bad33f0fca5ab129560ad7f15de242db98c4709b3c_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:488df8c38e377719771c758b71f1e966d76bb03da6217e09c29c21fec12c437d_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:84ffa04b7ae504efc0037c3ae14c0e4d4f99057593a2db2bbbfcf92e526d2c7c_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:03484bd14253a7340f754a6f1aef5659cfd5a6844ffbdfb2f215321b6fc63644_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2dc033562cb43480543ff398284933993006741e83f453228a9902a2c9b3ff1d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:61c172961af1a895e9cb355573f1f8a780e7acecc505c58c18faeb9fc49efa66_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:a297d29025aa9d1e963daf0c4b076533da59ddd84825e79d6e6b0e921e8c2588_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:1607eb2595aa0679f571d81c19840cfaf923908553b05d479bd35b2290b1d7e6_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:6f998bb3b7d5311d8e74b25f8fcfe4ae65897270da3c0763ca2cb1d763135bc4_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:8214855b40028fdd2def40116f4585bd50f42ef0948713d63e163840079e8be7_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:e6e8f0a739c61bbd94a61bb75d81ef1af551a4e57ed4a64e583adce62c82af9c_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:66d6fed71915dce2d8b8386cf661590bd374e27baa26a7c2cddd1916386922ce_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:67167e08f0883c273e98810ad44288c4355ce2af13859021e2973c075c56cf9f_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:8596630dd1c175bf6dd29470c009e850d8b8fd465f3d9dcee8338a4aeca8dc64_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:be6bfe44af552d934c881db0177bee7e345d76442523b0ea0144610d5470ea45_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http: insufficient sanitization of Host header"
},
{
"cve": "CVE-2023-29409",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-08-03T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:5da2ecf1149394e0c64af7c8e8a2684012590838031e4c733d6eff7f30cd6265_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ae91d40862457c43c130aa081a66bcedca17dce7dce0f381143b244dd126bc12_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ce5c9ef5800ed30888dcb23aa2ed9cf56bd83767d572a51e3e3e1509a2539063_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:e0239a8ff86253729b9af04e6407283c51744497fea90d099afaceaa4fc823ec_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:27ecc916ce170d505d828742fa29d20143c4443343b101a2a9d75fe086b515f1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:350a8565fb297353c81571bad33f0fca5ab129560ad7f15de242db98c4709b3c_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:488df8c38e377719771c758b71f1e966d76bb03da6217e09c29c21fec12c437d_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:84ffa04b7ae504efc0037c3ae14c0e4d4f99057593a2db2bbbfcf92e526d2c7c_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:03484bd14253a7340f754a6f1aef5659cfd5a6844ffbdfb2f215321b6fc63644_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2dc033562cb43480543ff398284933993006741e83f453228a9902a2c9b3ff1d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:61c172961af1a895e9cb355573f1f8a780e7acecc505c58c18faeb9fc49efa66_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:a297d29025aa9d1e963daf0c4b076533da59ddd84825e79d6e6b0e921e8c2588_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:1607eb2595aa0679f571d81c19840cfaf923908553b05d479bd35b2290b1d7e6_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:6f998bb3b7d5311d8e74b25f8fcfe4ae65897270da3c0763ca2cb1d763135bc4_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:8214855b40028fdd2def40116f4585bd50f42ef0948713d63e163840079e8be7_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:e6e8f0a739c61bbd94a61bb75d81ef1af551a4e57ed4a64e583adce62c82af9c_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2228743"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service vulnerability was found in the Golang Go package caused by an uncontrolled resource consumption flaw. By persuading a victim to use a specially crafted certificate with large RSA keys, a remote attacker can cause a client/server to expend significant CPU time verifying signatures, resulting in a denial of service condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: crypto/tls: slow verification of certificate chains containing large RSA keys",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:66d6fed71915dce2d8b8386cf661590bd374e27baa26a7c2cddd1916386922ce_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:67167e08f0883c273e98810ad44288c4355ce2af13859021e2973c075c56cf9f_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:8596630dd1c175bf6dd29470c009e850d8b8fd465f3d9dcee8338a4aeca8dc64_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:be6bfe44af552d934c881db0177bee7e345d76442523b0ea0144610d5470ea45_ppc64le"
],
"known_not_affected": [
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:5da2ecf1149394e0c64af7c8e8a2684012590838031e4c733d6eff7f30cd6265_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ae91d40862457c43c130aa081a66bcedca17dce7dce0f381143b244dd126bc12_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ce5c9ef5800ed30888dcb23aa2ed9cf56bd83767d572a51e3e3e1509a2539063_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:e0239a8ff86253729b9af04e6407283c51744497fea90d099afaceaa4fc823ec_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:27ecc916ce170d505d828742fa29d20143c4443343b101a2a9d75fe086b515f1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:350a8565fb297353c81571bad33f0fca5ab129560ad7f15de242db98c4709b3c_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:488df8c38e377719771c758b71f1e966d76bb03da6217e09c29c21fec12c437d_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:84ffa04b7ae504efc0037c3ae14c0e4d4f99057593a2db2bbbfcf92e526d2c7c_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:03484bd14253a7340f754a6f1aef5659cfd5a6844ffbdfb2f215321b6fc63644_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2dc033562cb43480543ff398284933993006741e83f453228a9902a2c9b3ff1d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:61c172961af1a895e9cb355573f1f8a780e7acecc505c58c18faeb9fc49efa66_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:a297d29025aa9d1e963daf0c4b076533da59ddd84825e79d6e6b0e921e8c2588_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:1607eb2595aa0679f571d81c19840cfaf923908553b05d479bd35b2290b1d7e6_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:6f998bb3b7d5311d8e74b25f8fcfe4ae65897270da3c0763ca2cb1d763135bc4_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:8214855b40028fdd2def40116f4585bd50f42ef0948713d63e163840079e8be7_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:e6e8f0a739c61bbd94a61bb75d81ef1af551a4e57ed4a64e583adce62c82af9c_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-29409"
},
{
"category": "external",
"summary": "RHBZ#2228743",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2228743"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-29409",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29409"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-29409",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29409"
},
{
"category": "external",
"summary": "https://go.dev/cl/515257",
"url": "https://go.dev/cl/515257"
},
{
"category": "external",
"summary": "https://go.dev/issue/61460",
"url": "https://go.dev/issue/61460"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ",
"url": "https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-1987",
"url": "https://pkg.go.dev/vuln/GO-2023-1987"
}
],
"release_date": "2023-08-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-20T16:49:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:66d6fed71915dce2d8b8386cf661590bd374e27baa26a7c2cddd1916386922ce_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:67167e08f0883c273e98810ad44288c4355ce2af13859021e2973c075c56cf9f_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:8596630dd1c175bf6dd29470c009e850d8b8fd465f3d9dcee8338a4aeca8dc64_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:be6bfe44af552d934c881db0177bee7e345d76442523b0ea0144610d5470ea45_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:5974"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:5da2ecf1149394e0c64af7c8e8a2684012590838031e4c733d6eff7f30cd6265_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ae91d40862457c43c130aa081a66bcedca17dce7dce0f381143b244dd126bc12_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ce5c9ef5800ed30888dcb23aa2ed9cf56bd83767d572a51e3e3e1509a2539063_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:e0239a8ff86253729b9af04e6407283c51744497fea90d099afaceaa4fc823ec_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:27ecc916ce170d505d828742fa29d20143c4443343b101a2a9d75fe086b515f1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:350a8565fb297353c81571bad33f0fca5ab129560ad7f15de242db98c4709b3c_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:488df8c38e377719771c758b71f1e966d76bb03da6217e09c29c21fec12c437d_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:84ffa04b7ae504efc0037c3ae14c0e4d4f99057593a2db2bbbfcf92e526d2c7c_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:03484bd14253a7340f754a6f1aef5659cfd5a6844ffbdfb2f215321b6fc63644_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2dc033562cb43480543ff398284933993006741e83f453228a9902a2c9b3ff1d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:61c172961af1a895e9cb355573f1f8a780e7acecc505c58c18faeb9fc49efa66_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:a297d29025aa9d1e963daf0c4b076533da59ddd84825e79d6e6b0e921e8c2588_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:1607eb2595aa0679f571d81c19840cfaf923908553b05d479bd35b2290b1d7e6_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:6f998bb3b7d5311d8e74b25f8fcfe4ae65897270da3c0763ca2cb1d763135bc4_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:8214855b40028fdd2def40116f4585bd50f42ef0948713d63e163840079e8be7_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:e6e8f0a739c61bbd94a61bb75d81ef1af551a4e57ed4a64e583adce62c82af9c_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:66d6fed71915dce2d8b8386cf661590bd374e27baa26a7c2cddd1916386922ce_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:67167e08f0883c273e98810ad44288c4355ce2af13859021e2973c075c56cf9f_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:8596630dd1c175bf6dd29470c009e850d8b8fd465f3d9dcee8338a4aeca8dc64_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:be6bfe44af552d934c881db0177bee7e345d76442523b0ea0144610d5470ea45_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: crypto/tls: slow verification of certificate chains containing large RSA keys"
},
{
"acknowledgments": [
{
"names": [
"Takeshi Kaneko"
],
"organization": "GMO Cybersecurity by Ierae, Inc."
}
],
"cve": "CVE-2023-39318",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2023-09-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:5da2ecf1149394e0c64af7c8e8a2684012590838031e4c733d6eff7f30cd6265_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ae91d40862457c43c130aa081a66bcedca17dce7dce0f381143b244dd126bc12_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ce5c9ef5800ed30888dcb23aa2ed9cf56bd83767d572a51e3e3e1509a2539063_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:e0239a8ff86253729b9af04e6407283c51744497fea90d099afaceaa4fc823ec_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:27ecc916ce170d505d828742fa29d20143c4443343b101a2a9d75fe086b515f1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:350a8565fb297353c81571bad33f0fca5ab129560ad7f15de242db98c4709b3c_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:488df8c38e377719771c758b71f1e966d76bb03da6217e09c29c21fec12c437d_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:84ffa04b7ae504efc0037c3ae14c0e4d4f99057593a2db2bbbfcf92e526d2c7c_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:03484bd14253a7340f754a6f1aef5659cfd5a6844ffbdfb2f215321b6fc63644_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2dc033562cb43480543ff398284933993006741e83f453228a9902a2c9b3ff1d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:61c172961af1a895e9cb355573f1f8a780e7acecc505c58c18faeb9fc49efa66_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:a297d29025aa9d1e963daf0c4b076533da59ddd84825e79d6e6b0e921e8c2588_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:1607eb2595aa0679f571d81c19840cfaf923908553b05d479bd35b2290b1d7e6_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:6f998bb3b7d5311d8e74b25f8fcfe4ae65897270da3c0763ca2cb1d763135bc4_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:8214855b40028fdd2def40116f4585bd50f42ef0948713d63e163840079e8be7_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:e6e8f0a739c61bbd94a61bb75d81ef1af551a4e57ed4a64e583adce62c82af9c_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2237776"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Golang. The html/template package did not properly handle HMTL-like \"\u003c!--\" and \"--\u003e\" comment tokens, nor hashbang \"#!\" comment tokens, in \u003cscript\u003e contexts. This issue may cause the template parser to improperly interpret the contents of \u003cscript\u003e contexts, causing actions to be improperly escaped.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: html/template: improper handling of HTML-like comments within script contexts",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:66d6fed71915dce2d8b8386cf661590bd374e27baa26a7c2cddd1916386922ce_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:67167e08f0883c273e98810ad44288c4355ce2af13859021e2973c075c56cf9f_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:8596630dd1c175bf6dd29470c009e850d8b8fd465f3d9dcee8338a4aeca8dc64_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:be6bfe44af552d934c881db0177bee7e345d76442523b0ea0144610d5470ea45_ppc64le"
],
"known_not_affected": [
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:5da2ecf1149394e0c64af7c8e8a2684012590838031e4c733d6eff7f30cd6265_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ae91d40862457c43c130aa081a66bcedca17dce7dce0f381143b244dd126bc12_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ce5c9ef5800ed30888dcb23aa2ed9cf56bd83767d572a51e3e3e1509a2539063_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:e0239a8ff86253729b9af04e6407283c51744497fea90d099afaceaa4fc823ec_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:27ecc916ce170d505d828742fa29d20143c4443343b101a2a9d75fe086b515f1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:350a8565fb297353c81571bad33f0fca5ab129560ad7f15de242db98c4709b3c_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:488df8c38e377719771c758b71f1e966d76bb03da6217e09c29c21fec12c437d_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:84ffa04b7ae504efc0037c3ae14c0e4d4f99057593a2db2bbbfcf92e526d2c7c_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:03484bd14253a7340f754a6f1aef5659cfd5a6844ffbdfb2f215321b6fc63644_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2dc033562cb43480543ff398284933993006741e83f453228a9902a2c9b3ff1d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:61c172961af1a895e9cb355573f1f8a780e7acecc505c58c18faeb9fc49efa66_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:a297d29025aa9d1e963daf0c4b076533da59ddd84825e79d6e6b0e921e8c2588_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:1607eb2595aa0679f571d81c19840cfaf923908553b05d479bd35b2290b1d7e6_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:6f998bb3b7d5311d8e74b25f8fcfe4ae65897270da3c0763ca2cb1d763135bc4_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:8214855b40028fdd2def40116f4585bd50f42ef0948713d63e163840079e8be7_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:e6e8f0a739c61bbd94a61bb75d81ef1af551a4e57ed4a64e583adce62c82af9c_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39318"
},
{
"category": "external",
"summary": "RHBZ#2237776",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237776"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39318",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39318"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39318",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39318"
},
{
"category": "external",
"summary": "https://go.dev/cl/526156",
"url": "https://go.dev/cl/526156"
},
{
"category": "external",
"summary": "https://go.dev/issue/62196",
"url": "https://go.dev/issue/62196"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ",
"url": "https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ"
},
{
"category": "external",
"summary": "https://vuln.go.dev/ID/GO-2023-2041.json",
"url": "https://vuln.go.dev/ID/GO-2023-2041.json"
}
],
"release_date": "2023-09-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-20T16:49:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:66d6fed71915dce2d8b8386cf661590bd374e27baa26a7c2cddd1916386922ce_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:67167e08f0883c273e98810ad44288c4355ce2af13859021e2973c075c56cf9f_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:8596630dd1c175bf6dd29470c009e850d8b8fd465f3d9dcee8338a4aeca8dc64_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:be6bfe44af552d934c881db0177bee7e345d76442523b0ea0144610d5470ea45_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:5974"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:5da2ecf1149394e0c64af7c8e8a2684012590838031e4c733d6eff7f30cd6265_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ae91d40862457c43c130aa081a66bcedca17dce7dce0f381143b244dd126bc12_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ce5c9ef5800ed30888dcb23aa2ed9cf56bd83767d572a51e3e3e1509a2539063_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:e0239a8ff86253729b9af04e6407283c51744497fea90d099afaceaa4fc823ec_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:27ecc916ce170d505d828742fa29d20143c4443343b101a2a9d75fe086b515f1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:350a8565fb297353c81571bad33f0fca5ab129560ad7f15de242db98c4709b3c_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:488df8c38e377719771c758b71f1e966d76bb03da6217e09c29c21fec12c437d_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:84ffa04b7ae504efc0037c3ae14c0e4d4f99057593a2db2bbbfcf92e526d2c7c_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:03484bd14253a7340f754a6f1aef5659cfd5a6844ffbdfb2f215321b6fc63644_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2dc033562cb43480543ff398284933993006741e83f453228a9902a2c9b3ff1d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:61c172961af1a895e9cb355573f1f8a780e7acecc505c58c18faeb9fc49efa66_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:a297d29025aa9d1e963daf0c4b076533da59ddd84825e79d6e6b0e921e8c2588_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:1607eb2595aa0679f571d81c19840cfaf923908553b05d479bd35b2290b1d7e6_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:6f998bb3b7d5311d8e74b25f8fcfe4ae65897270da3c0763ca2cb1d763135bc4_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:8214855b40028fdd2def40116f4585bd50f42ef0948713d63e163840079e8be7_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:e6e8f0a739c61bbd94a61bb75d81ef1af551a4e57ed4a64e583adce62c82af9c_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:66d6fed71915dce2d8b8386cf661590bd374e27baa26a7c2cddd1916386922ce_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:67167e08f0883c273e98810ad44288c4355ce2af13859021e2973c075c56cf9f_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:8596630dd1c175bf6dd29470c009e850d8b8fd465f3d9dcee8338a4aeca8dc64_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:be6bfe44af552d934c881db0177bee7e345d76442523b0ea0144610d5470ea45_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: html/template: improper handling of HTML-like comments within script contexts"
},
{
"acknowledgments": [
{
"names": [
"Takeshi Kaneko"
],
"organization": "GMO Cybersecurity by Ierae, Inc."
}
],
"cve": "CVE-2023-39319",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2023-09-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:5da2ecf1149394e0c64af7c8e8a2684012590838031e4c733d6eff7f30cd6265_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ae91d40862457c43c130aa081a66bcedca17dce7dce0f381143b244dd126bc12_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ce5c9ef5800ed30888dcb23aa2ed9cf56bd83767d572a51e3e3e1509a2539063_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:e0239a8ff86253729b9af04e6407283c51744497fea90d099afaceaa4fc823ec_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:27ecc916ce170d505d828742fa29d20143c4443343b101a2a9d75fe086b515f1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:350a8565fb297353c81571bad33f0fca5ab129560ad7f15de242db98c4709b3c_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:488df8c38e377719771c758b71f1e966d76bb03da6217e09c29c21fec12c437d_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:84ffa04b7ae504efc0037c3ae14c0e4d4f99057593a2db2bbbfcf92e526d2c7c_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:03484bd14253a7340f754a6f1aef5659cfd5a6844ffbdfb2f215321b6fc63644_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2dc033562cb43480543ff398284933993006741e83f453228a9902a2c9b3ff1d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:61c172961af1a895e9cb355573f1f8a780e7acecc505c58c18faeb9fc49efa66_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:a297d29025aa9d1e963daf0c4b076533da59ddd84825e79d6e6b0e921e8c2588_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:1607eb2595aa0679f571d81c19840cfaf923908553b05d479bd35b2290b1d7e6_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:6f998bb3b7d5311d8e74b25f8fcfe4ae65897270da3c0763ca2cb1d763135bc4_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:8214855b40028fdd2def40116f4585bd50f42ef0948713d63e163840079e8be7_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:e6e8f0a739c61bbd94a61bb75d81ef1af551a4e57ed4a64e583adce62c82af9c_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2237773"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Golang. The html/template package did not apply the proper rules for handling occurrences of \"\u003cscript\", \"\u003c!--\", and \"\u003c/script\" within JS literals in \u003cscript\u003e contexts. This issue may cause the template parser to improperly consider script contexts to be terminated early, causing actions to be improperly escaped.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: html/template: improper handling of special tags within script contexts",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:66d6fed71915dce2d8b8386cf661590bd374e27baa26a7c2cddd1916386922ce_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:67167e08f0883c273e98810ad44288c4355ce2af13859021e2973c075c56cf9f_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:8596630dd1c175bf6dd29470c009e850d8b8fd465f3d9dcee8338a4aeca8dc64_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:be6bfe44af552d934c881db0177bee7e345d76442523b0ea0144610d5470ea45_ppc64le"
],
"known_not_affected": [
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:5da2ecf1149394e0c64af7c8e8a2684012590838031e4c733d6eff7f30cd6265_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ae91d40862457c43c130aa081a66bcedca17dce7dce0f381143b244dd126bc12_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ce5c9ef5800ed30888dcb23aa2ed9cf56bd83767d572a51e3e3e1509a2539063_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:e0239a8ff86253729b9af04e6407283c51744497fea90d099afaceaa4fc823ec_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:27ecc916ce170d505d828742fa29d20143c4443343b101a2a9d75fe086b515f1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:350a8565fb297353c81571bad33f0fca5ab129560ad7f15de242db98c4709b3c_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:488df8c38e377719771c758b71f1e966d76bb03da6217e09c29c21fec12c437d_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:84ffa04b7ae504efc0037c3ae14c0e4d4f99057593a2db2bbbfcf92e526d2c7c_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:03484bd14253a7340f754a6f1aef5659cfd5a6844ffbdfb2f215321b6fc63644_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2dc033562cb43480543ff398284933993006741e83f453228a9902a2c9b3ff1d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:61c172961af1a895e9cb355573f1f8a780e7acecc505c58c18faeb9fc49efa66_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:a297d29025aa9d1e963daf0c4b076533da59ddd84825e79d6e6b0e921e8c2588_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:1607eb2595aa0679f571d81c19840cfaf923908553b05d479bd35b2290b1d7e6_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:6f998bb3b7d5311d8e74b25f8fcfe4ae65897270da3c0763ca2cb1d763135bc4_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:8214855b40028fdd2def40116f4585bd50f42ef0948713d63e163840079e8be7_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:e6e8f0a739c61bbd94a61bb75d81ef1af551a4e57ed4a64e583adce62c82af9c_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39319"
},
{
"category": "external",
"summary": "RHBZ#2237773",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237773"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39319",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39319"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39319",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39319"
},
{
"category": "external",
"summary": "https://go.dev/cl/526157",
"url": "https://go.dev/cl/526157"
},
{
"category": "external",
"summary": "https://go.dev/issue/62197",
"url": "https://go.dev/issue/62197"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ",
"url": "https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ"
},
{
"category": "external",
"summary": "https://vuln.go.dev/ID/GO-2023-2043.json",
"url": "https://vuln.go.dev/ID/GO-2023-2043.json"
}
],
"release_date": "2023-09-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-20T16:49:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:66d6fed71915dce2d8b8386cf661590bd374e27baa26a7c2cddd1916386922ce_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:67167e08f0883c273e98810ad44288c4355ce2af13859021e2973c075c56cf9f_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:8596630dd1c175bf6dd29470c009e850d8b8fd465f3d9dcee8338a4aeca8dc64_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:be6bfe44af552d934c881db0177bee7e345d76442523b0ea0144610d5470ea45_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:5974"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:5da2ecf1149394e0c64af7c8e8a2684012590838031e4c733d6eff7f30cd6265_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ae91d40862457c43c130aa081a66bcedca17dce7dce0f381143b244dd126bc12_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ce5c9ef5800ed30888dcb23aa2ed9cf56bd83767d572a51e3e3e1509a2539063_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:e0239a8ff86253729b9af04e6407283c51744497fea90d099afaceaa4fc823ec_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:27ecc916ce170d505d828742fa29d20143c4443343b101a2a9d75fe086b515f1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:350a8565fb297353c81571bad33f0fca5ab129560ad7f15de242db98c4709b3c_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:488df8c38e377719771c758b71f1e966d76bb03da6217e09c29c21fec12c437d_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:84ffa04b7ae504efc0037c3ae14c0e4d4f99057593a2db2bbbfcf92e526d2c7c_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:03484bd14253a7340f754a6f1aef5659cfd5a6844ffbdfb2f215321b6fc63644_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2dc033562cb43480543ff398284933993006741e83f453228a9902a2c9b3ff1d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:61c172961af1a895e9cb355573f1f8a780e7acecc505c58c18faeb9fc49efa66_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:a297d29025aa9d1e963daf0c4b076533da59ddd84825e79d6e6b0e921e8c2588_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:1607eb2595aa0679f571d81c19840cfaf923908553b05d479bd35b2290b1d7e6_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:6f998bb3b7d5311d8e74b25f8fcfe4ae65897270da3c0763ca2cb1d763135bc4_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:8214855b40028fdd2def40116f4585bd50f42ef0948713d63e163840079e8be7_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:e6e8f0a739c61bbd94a61bb75d81ef1af551a4e57ed4a64e583adce62c82af9c_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:66d6fed71915dce2d8b8386cf661590bd374e27baa26a7c2cddd1916386922ce_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:67167e08f0883c273e98810ad44288c4355ce2af13859021e2973c075c56cf9f_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:8596630dd1c175bf6dd29470c009e850d8b8fd465f3d9dcee8338a4aeca8dc64_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:be6bfe44af552d934c881db0177bee7e345d76442523b0ea0144610d5470ea45_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: html/template: improper handling of special tags within script contexts"
},
{
"acknowledgments": [
{
"names": [
"Martin Seemann"
]
}
],
"cve": "CVE-2023-39321",
"cwe": {
"id": "CWE-805",
"name": "Buffer Access with Incorrect Length Value"
},
"discovery_date": "2023-09-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:5da2ecf1149394e0c64af7c8e8a2684012590838031e4c733d6eff7f30cd6265_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ae91d40862457c43c130aa081a66bcedca17dce7dce0f381143b244dd126bc12_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ce5c9ef5800ed30888dcb23aa2ed9cf56bd83767d572a51e3e3e1509a2539063_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:e0239a8ff86253729b9af04e6407283c51744497fea90d099afaceaa4fc823ec_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:27ecc916ce170d505d828742fa29d20143c4443343b101a2a9d75fe086b515f1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:350a8565fb297353c81571bad33f0fca5ab129560ad7f15de242db98c4709b3c_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:488df8c38e377719771c758b71f1e966d76bb03da6217e09c29c21fec12c437d_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:84ffa04b7ae504efc0037c3ae14c0e4d4f99057593a2db2bbbfcf92e526d2c7c_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:03484bd14253a7340f754a6f1aef5659cfd5a6844ffbdfb2f215321b6fc63644_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2dc033562cb43480543ff398284933993006741e83f453228a9902a2c9b3ff1d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:61c172961af1a895e9cb355573f1f8a780e7acecc505c58c18faeb9fc49efa66_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:a297d29025aa9d1e963daf0c4b076533da59ddd84825e79d6e6b0e921e8c2588_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:1607eb2595aa0679f571d81c19840cfaf923908553b05d479bd35b2290b1d7e6_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:6f998bb3b7d5311d8e74b25f8fcfe4ae65897270da3c0763ca2cb1d763135bc4_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:8214855b40028fdd2def40116f4585bd50f42ef0948713d63e163840079e8be7_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:e6e8f0a739c61bbd94a61bb75d81ef1af551a4e57ed4a64e583adce62c82af9c_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2237777"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Golang. Processing an incomplete post-handshake message for a QUIC connection caused a panic.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: crypto/tls: panic when processing post-handshake message on QUIC connections",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The flaw has been marked as moderate instead of high like NVD \nQUICConn.HandleData buffers data and passes it to handlePostHandshakeMessage every time the buffer contains a complete message, while HandleData doesn\u0027t limit the amount of data it can buffer, a panic or denial of service would likely be lower severity,also in order to exploit this vulnerability, an attacker would have to smuggle partial handshake data which might be rejected altogether as per tls RFC specification.Therfore because of a lower severity denial of service and conditions that are beyond the scope of attackers control,we have marked this as moderate severity",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:66d6fed71915dce2d8b8386cf661590bd374e27baa26a7c2cddd1916386922ce_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:67167e08f0883c273e98810ad44288c4355ce2af13859021e2973c075c56cf9f_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:8596630dd1c175bf6dd29470c009e850d8b8fd465f3d9dcee8338a4aeca8dc64_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:be6bfe44af552d934c881db0177bee7e345d76442523b0ea0144610d5470ea45_ppc64le"
],
"known_not_affected": [
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:5da2ecf1149394e0c64af7c8e8a2684012590838031e4c733d6eff7f30cd6265_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ae91d40862457c43c130aa081a66bcedca17dce7dce0f381143b244dd126bc12_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ce5c9ef5800ed30888dcb23aa2ed9cf56bd83767d572a51e3e3e1509a2539063_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:e0239a8ff86253729b9af04e6407283c51744497fea90d099afaceaa4fc823ec_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:27ecc916ce170d505d828742fa29d20143c4443343b101a2a9d75fe086b515f1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:350a8565fb297353c81571bad33f0fca5ab129560ad7f15de242db98c4709b3c_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:488df8c38e377719771c758b71f1e966d76bb03da6217e09c29c21fec12c437d_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:84ffa04b7ae504efc0037c3ae14c0e4d4f99057593a2db2bbbfcf92e526d2c7c_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:03484bd14253a7340f754a6f1aef5659cfd5a6844ffbdfb2f215321b6fc63644_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2dc033562cb43480543ff398284933993006741e83f453228a9902a2c9b3ff1d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:61c172961af1a895e9cb355573f1f8a780e7acecc505c58c18faeb9fc49efa66_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:a297d29025aa9d1e963daf0c4b076533da59ddd84825e79d6e6b0e921e8c2588_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:1607eb2595aa0679f571d81c19840cfaf923908553b05d479bd35b2290b1d7e6_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:6f998bb3b7d5311d8e74b25f8fcfe4ae65897270da3c0763ca2cb1d763135bc4_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:8214855b40028fdd2def40116f4585bd50f42ef0948713d63e163840079e8be7_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:e6e8f0a739c61bbd94a61bb75d81ef1af551a4e57ed4a64e583adce62c82af9c_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39321"
},
{
"category": "external",
"summary": "RHBZ#2237777",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237777"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39321",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39321"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39321",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39321"
},
{
"category": "external",
"summary": "https://go.dev/cl/523039",
"url": "https://go.dev/cl/523039"
},
{
"category": "external",
"summary": "https://go.dev/issue/62266",
"url": "https://go.dev/issue/62266"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ",
"url": "https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ"
},
{
"category": "external",
"summary": "https://vuln.go.dev/ID/GO-2023-2044.json",
"url": "https://vuln.go.dev/ID/GO-2023-2044.json"
}
],
"release_date": "2023-09-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-20T16:49:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:66d6fed71915dce2d8b8386cf661590bd374e27baa26a7c2cddd1916386922ce_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:67167e08f0883c273e98810ad44288c4355ce2af13859021e2973c075c56cf9f_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:8596630dd1c175bf6dd29470c009e850d8b8fd465f3d9dcee8338a4aeca8dc64_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:be6bfe44af552d934c881db0177bee7e345d76442523b0ea0144610d5470ea45_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:5974"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:5da2ecf1149394e0c64af7c8e8a2684012590838031e4c733d6eff7f30cd6265_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ae91d40862457c43c130aa081a66bcedca17dce7dce0f381143b244dd126bc12_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ce5c9ef5800ed30888dcb23aa2ed9cf56bd83767d572a51e3e3e1509a2539063_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:e0239a8ff86253729b9af04e6407283c51744497fea90d099afaceaa4fc823ec_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:27ecc916ce170d505d828742fa29d20143c4443343b101a2a9d75fe086b515f1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:350a8565fb297353c81571bad33f0fca5ab129560ad7f15de242db98c4709b3c_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:488df8c38e377719771c758b71f1e966d76bb03da6217e09c29c21fec12c437d_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:84ffa04b7ae504efc0037c3ae14c0e4d4f99057593a2db2bbbfcf92e526d2c7c_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:03484bd14253a7340f754a6f1aef5659cfd5a6844ffbdfb2f215321b6fc63644_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2dc033562cb43480543ff398284933993006741e83f453228a9902a2c9b3ff1d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:61c172961af1a895e9cb355573f1f8a780e7acecc505c58c18faeb9fc49efa66_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:a297d29025aa9d1e963daf0c4b076533da59ddd84825e79d6e6b0e921e8c2588_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:1607eb2595aa0679f571d81c19840cfaf923908553b05d479bd35b2290b1d7e6_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:6f998bb3b7d5311d8e74b25f8fcfe4ae65897270da3c0763ca2cb1d763135bc4_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:8214855b40028fdd2def40116f4585bd50f42ef0948713d63e163840079e8be7_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:e6e8f0a739c61bbd94a61bb75d81ef1af551a4e57ed4a64e583adce62c82af9c_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:66d6fed71915dce2d8b8386cf661590bd374e27baa26a7c2cddd1916386922ce_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:67167e08f0883c273e98810ad44288c4355ce2af13859021e2973c075c56cf9f_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:8596630dd1c175bf6dd29470c009e850d8b8fd465f3d9dcee8338a4aeca8dc64_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:be6bfe44af552d934c881db0177bee7e345d76442523b0ea0144610d5470ea45_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: crypto/tls: panic when processing post-handshake message on QUIC connections"
},
{
"acknowledgments": [
{
"names": [
"Marten Seemann"
]
}
],
"cve": "CVE-2023-39322",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2023-09-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:5da2ecf1149394e0c64af7c8e8a2684012590838031e4c733d6eff7f30cd6265_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ae91d40862457c43c130aa081a66bcedca17dce7dce0f381143b244dd126bc12_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ce5c9ef5800ed30888dcb23aa2ed9cf56bd83767d572a51e3e3e1509a2539063_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:e0239a8ff86253729b9af04e6407283c51744497fea90d099afaceaa4fc823ec_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:27ecc916ce170d505d828742fa29d20143c4443343b101a2a9d75fe086b515f1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:350a8565fb297353c81571bad33f0fca5ab129560ad7f15de242db98c4709b3c_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:488df8c38e377719771c758b71f1e966d76bb03da6217e09c29c21fec12c437d_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:84ffa04b7ae504efc0037c3ae14c0e4d4f99057593a2db2bbbfcf92e526d2c7c_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:03484bd14253a7340f754a6f1aef5659cfd5a6844ffbdfb2f215321b6fc63644_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2dc033562cb43480543ff398284933993006741e83f453228a9902a2c9b3ff1d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:61c172961af1a895e9cb355573f1f8a780e7acecc505c58c18faeb9fc49efa66_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:a297d29025aa9d1e963daf0c4b076533da59ddd84825e79d6e6b0e921e8c2588_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:1607eb2595aa0679f571d81c19840cfaf923908553b05d479bd35b2290b1d7e6_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:6f998bb3b7d5311d8e74b25f8fcfe4ae65897270da3c0763ca2cb1d763135bc4_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:8214855b40028fdd2def40116f4585bd50f42ef0948713d63e163840079e8be7_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:e6e8f0a739c61bbd94a61bb75d81ef1af551a4e57ed4a64e583adce62c82af9c_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2237778"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Golang. QUIC connections do not set an upper bound on the amount of data buffered when reading post-handshake messages, allowing a malicious QUIC connection to cause unbounded memory growth. With the fix, connections now consistently reject messages larger than 65KiB in size.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: crypto/tls: lack of a limit on buffered post-handshake",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "A vulnerability was found in the Go QUIC protocol implementation in the logic that processes post-handshake messages. It is an uncontrolled resource consumption flaw, triggered when a malicious connection sends data without an enforced upper bound. This leads to unbounded memory growth, causing the service to crash and resulting in a denial of service.The single-dimensional impact of denial of service and the added complexity of whether the resource exhaustion would happen, being out of an attacker\u0027s control,this has been rated as moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:66d6fed71915dce2d8b8386cf661590bd374e27baa26a7c2cddd1916386922ce_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:67167e08f0883c273e98810ad44288c4355ce2af13859021e2973c075c56cf9f_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:8596630dd1c175bf6dd29470c009e850d8b8fd465f3d9dcee8338a4aeca8dc64_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:be6bfe44af552d934c881db0177bee7e345d76442523b0ea0144610d5470ea45_ppc64le"
],
"known_not_affected": [
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:5da2ecf1149394e0c64af7c8e8a2684012590838031e4c733d6eff7f30cd6265_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ae91d40862457c43c130aa081a66bcedca17dce7dce0f381143b244dd126bc12_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ce5c9ef5800ed30888dcb23aa2ed9cf56bd83767d572a51e3e3e1509a2539063_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:e0239a8ff86253729b9af04e6407283c51744497fea90d099afaceaa4fc823ec_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:27ecc916ce170d505d828742fa29d20143c4443343b101a2a9d75fe086b515f1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:350a8565fb297353c81571bad33f0fca5ab129560ad7f15de242db98c4709b3c_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:488df8c38e377719771c758b71f1e966d76bb03da6217e09c29c21fec12c437d_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:84ffa04b7ae504efc0037c3ae14c0e4d4f99057593a2db2bbbfcf92e526d2c7c_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:03484bd14253a7340f754a6f1aef5659cfd5a6844ffbdfb2f215321b6fc63644_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2dc033562cb43480543ff398284933993006741e83f453228a9902a2c9b3ff1d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:61c172961af1a895e9cb355573f1f8a780e7acecc505c58c18faeb9fc49efa66_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:a297d29025aa9d1e963daf0c4b076533da59ddd84825e79d6e6b0e921e8c2588_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:1607eb2595aa0679f571d81c19840cfaf923908553b05d479bd35b2290b1d7e6_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:6f998bb3b7d5311d8e74b25f8fcfe4ae65897270da3c0763ca2cb1d763135bc4_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:8214855b40028fdd2def40116f4585bd50f42ef0948713d63e163840079e8be7_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:e6e8f0a739c61bbd94a61bb75d81ef1af551a4e57ed4a64e583adce62c82af9c_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39322"
},
{
"category": "external",
"summary": "RHBZ#2237778",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237778"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39322"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39322",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39322"
},
{
"category": "external",
"summary": "https://go.dev/cl/523039",
"url": "https://go.dev/cl/523039"
},
{
"category": "external",
"summary": "https://go.dev/issue/62266",
"url": "https://go.dev/issue/62266"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ",
"url": "https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ"
},
{
"category": "external",
"summary": "https://vuln.go.dev/ID/GO-2023-2045.json",
"url": "https://vuln.go.dev/ID/GO-2023-2045.json"
}
],
"release_date": "2023-09-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-20T16:49:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:66d6fed71915dce2d8b8386cf661590bd374e27baa26a7c2cddd1916386922ce_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:67167e08f0883c273e98810ad44288c4355ce2af13859021e2973c075c56cf9f_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:8596630dd1c175bf6dd29470c009e850d8b8fd465f3d9dcee8338a4aeca8dc64_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:be6bfe44af552d934c881db0177bee7e345d76442523b0ea0144610d5470ea45_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:5974"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:5da2ecf1149394e0c64af7c8e8a2684012590838031e4c733d6eff7f30cd6265_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ae91d40862457c43c130aa081a66bcedca17dce7dce0f381143b244dd126bc12_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ce5c9ef5800ed30888dcb23aa2ed9cf56bd83767d572a51e3e3e1509a2539063_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:e0239a8ff86253729b9af04e6407283c51744497fea90d099afaceaa4fc823ec_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:27ecc916ce170d505d828742fa29d20143c4443343b101a2a9d75fe086b515f1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:350a8565fb297353c81571bad33f0fca5ab129560ad7f15de242db98c4709b3c_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:488df8c38e377719771c758b71f1e966d76bb03da6217e09c29c21fec12c437d_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:84ffa04b7ae504efc0037c3ae14c0e4d4f99057593a2db2bbbfcf92e526d2c7c_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:03484bd14253a7340f754a6f1aef5659cfd5a6844ffbdfb2f215321b6fc63644_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2dc033562cb43480543ff398284933993006741e83f453228a9902a2c9b3ff1d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:61c172961af1a895e9cb355573f1f8a780e7acecc505c58c18faeb9fc49efa66_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:a297d29025aa9d1e963daf0c4b076533da59ddd84825e79d6e6b0e921e8c2588_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:1607eb2595aa0679f571d81c19840cfaf923908553b05d479bd35b2290b1d7e6_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:6f998bb3b7d5311d8e74b25f8fcfe4ae65897270da3c0763ca2cb1d763135bc4_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:8214855b40028fdd2def40116f4585bd50f42ef0948713d63e163840079e8be7_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:e6e8f0a739c61bbd94a61bb75d81ef1af551a4e57ed4a64e583adce62c82af9c_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:66d6fed71915dce2d8b8386cf661590bd374e27baa26a7c2cddd1916386922ce_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:67167e08f0883c273e98810ad44288c4355ce2af13859021e2973c075c56cf9f_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:8596630dd1c175bf6dd29470c009e850d8b8fd465f3d9dcee8338a4aeca8dc64_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:be6bfe44af552d934c881db0177bee7e345d76442523b0ea0144610d5470ea45_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: crypto/tls: lack of a limit on buffered post-handshake"
},
{
"cve": "CVE-2023-39325",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-10T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:1607eb2595aa0679f571d81c19840cfaf923908553b05d479bd35b2290b1d7e6_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:6f998bb3b7d5311d8e74b25f8fcfe4ae65897270da3c0763ca2cb1d763135bc4_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:8214855b40028fdd2def40116f4585bd50f42ef0948713d63e163840079e8be7_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:e6e8f0a739c61bbd94a61bb75d81ef1af551a4e57ed4a64e583adce62c82af9c_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2243296"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE is related to CVE-2023-44487.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nAs go-lang vendors its dependencies, a package may contain a library with a known vulnerability, solely because of lower tier libraries including it as a part of its dependencies, but the vulnerable code is not reachable at runtime. In such cases the issue is not exploitable. We classify these situations as \u201cNot affected\u201d or \u201cWill not fix,\u201d depending on the risk of breaking other unrelated packages.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:5da2ecf1149394e0c64af7c8e8a2684012590838031e4c733d6eff7f30cd6265_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ae91d40862457c43c130aa081a66bcedca17dce7dce0f381143b244dd126bc12_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ce5c9ef5800ed30888dcb23aa2ed9cf56bd83767d572a51e3e3e1509a2539063_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:e0239a8ff86253729b9af04e6407283c51744497fea90d099afaceaa4fc823ec_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:27ecc916ce170d505d828742fa29d20143c4443343b101a2a9d75fe086b515f1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:350a8565fb297353c81571bad33f0fca5ab129560ad7f15de242db98c4709b3c_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:488df8c38e377719771c758b71f1e966d76bb03da6217e09c29c21fec12c437d_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:84ffa04b7ae504efc0037c3ae14c0e4d4f99057593a2db2bbbfcf92e526d2c7c_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:03484bd14253a7340f754a6f1aef5659cfd5a6844ffbdfb2f215321b6fc63644_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2dc033562cb43480543ff398284933993006741e83f453228a9902a2c9b3ff1d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:61c172961af1a895e9cb355573f1f8a780e7acecc505c58c18faeb9fc49efa66_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:a297d29025aa9d1e963daf0c4b076533da59ddd84825e79d6e6b0e921e8c2588_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:66d6fed71915dce2d8b8386cf661590bd374e27baa26a7c2cddd1916386922ce_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:67167e08f0883c273e98810ad44288c4355ce2af13859021e2973c075c56cf9f_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:8596630dd1c175bf6dd29470c009e850d8b8fd465f3d9dcee8338a4aeca8dc64_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:be6bfe44af552d934c881db0177bee7e345d76442523b0ea0144610d5470ea45_ppc64le"
],
"known_not_affected": [
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:1607eb2595aa0679f571d81c19840cfaf923908553b05d479bd35b2290b1d7e6_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:6f998bb3b7d5311d8e74b25f8fcfe4ae65897270da3c0763ca2cb1d763135bc4_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:8214855b40028fdd2def40116f4585bd50f42ef0948713d63e163840079e8be7_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:e6e8f0a739c61bbd94a61bb75d81ef1af551a4e57ed4a64e583adce62c82af9c_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39325"
},
{
"category": "external",
"summary": "RHBZ#2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2023-44487",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://go.dev/issue/63417",
"url": "https://go.dev/issue/63417"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-20T16:49:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:5da2ecf1149394e0c64af7c8e8a2684012590838031e4c733d6eff7f30cd6265_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ae91d40862457c43c130aa081a66bcedca17dce7dce0f381143b244dd126bc12_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ce5c9ef5800ed30888dcb23aa2ed9cf56bd83767d572a51e3e3e1509a2539063_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:e0239a8ff86253729b9af04e6407283c51744497fea90d099afaceaa4fc823ec_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:27ecc916ce170d505d828742fa29d20143c4443343b101a2a9d75fe086b515f1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:350a8565fb297353c81571bad33f0fca5ab129560ad7f15de242db98c4709b3c_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:488df8c38e377719771c758b71f1e966d76bb03da6217e09c29c21fec12c437d_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:84ffa04b7ae504efc0037c3ae14c0e4d4f99057593a2db2bbbfcf92e526d2c7c_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:03484bd14253a7340f754a6f1aef5659cfd5a6844ffbdfb2f215321b6fc63644_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2dc033562cb43480543ff398284933993006741e83f453228a9902a2c9b3ff1d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:61c172961af1a895e9cb355573f1f8a780e7acecc505c58c18faeb9fc49efa66_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:a297d29025aa9d1e963daf0c4b076533da59ddd84825e79d6e6b0e921e8c2588_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:66d6fed71915dce2d8b8386cf661590bd374e27baa26a7c2cddd1916386922ce_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:67167e08f0883c273e98810ad44288c4355ce2af13859021e2973c075c56cf9f_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:8596630dd1c175bf6dd29470c009e850d8b8fd465f3d9dcee8338a4aeca8dc64_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:be6bfe44af552d934c881db0177bee7e345d76442523b0ea0144610d5470ea45_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:5974"
},
{
"category": "workaround",
"details": "The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:5da2ecf1149394e0c64af7c8e8a2684012590838031e4c733d6eff7f30cd6265_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ae91d40862457c43c130aa081a66bcedca17dce7dce0f381143b244dd126bc12_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ce5c9ef5800ed30888dcb23aa2ed9cf56bd83767d572a51e3e3e1509a2539063_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:e0239a8ff86253729b9af04e6407283c51744497fea90d099afaceaa4fc823ec_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:27ecc916ce170d505d828742fa29d20143c4443343b101a2a9d75fe086b515f1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:350a8565fb297353c81571bad33f0fca5ab129560ad7f15de242db98c4709b3c_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:488df8c38e377719771c758b71f1e966d76bb03da6217e09c29c21fec12c437d_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:84ffa04b7ae504efc0037c3ae14c0e4d4f99057593a2db2bbbfcf92e526d2c7c_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:03484bd14253a7340f754a6f1aef5659cfd5a6844ffbdfb2f215321b6fc63644_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2dc033562cb43480543ff398284933993006741e83f453228a9902a2c9b3ff1d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:61c172961af1a895e9cb355573f1f8a780e7acecc505c58c18faeb9fc49efa66_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:a297d29025aa9d1e963daf0c4b076533da59ddd84825e79d6e6b0e921e8c2588_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:1607eb2595aa0679f571d81c19840cfaf923908553b05d479bd35b2290b1d7e6_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:6f998bb3b7d5311d8e74b25f8fcfe4ae65897270da3c0763ca2cb1d763135bc4_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:8214855b40028fdd2def40116f4585bd50f42ef0948713d63e163840079e8be7_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:e6e8f0a739c61bbd94a61bb75d81ef1af551a4e57ed4a64e583adce62c82af9c_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:66d6fed71915dce2d8b8386cf661590bd374e27baa26a7c2cddd1916386922ce_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:67167e08f0883c273e98810ad44288c4355ce2af13859021e2973c075c56cf9f_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:8596630dd1c175bf6dd29470c009e850d8b8fd465f3d9dcee8338a4aeca8dc64_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:be6bfe44af552d934c881db0177bee7e345d76442523b0ea0144610d5470ea45_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:5da2ecf1149394e0c64af7c8e8a2684012590838031e4c733d6eff7f30cd6265_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ae91d40862457c43c130aa081a66bcedca17dce7dce0f381143b244dd126bc12_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ce5c9ef5800ed30888dcb23aa2ed9cf56bd83767d572a51e3e3e1509a2539063_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:e0239a8ff86253729b9af04e6407283c51744497fea90d099afaceaa4fc823ec_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:27ecc916ce170d505d828742fa29d20143c4443343b101a2a9d75fe086b515f1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:350a8565fb297353c81571bad33f0fca5ab129560ad7f15de242db98c4709b3c_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:488df8c38e377719771c758b71f1e966d76bb03da6217e09c29c21fec12c437d_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:84ffa04b7ae504efc0037c3ae14c0e4d4f99057593a2db2bbbfcf92e526d2c7c_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:03484bd14253a7340f754a6f1aef5659cfd5a6844ffbdfb2f215321b6fc63644_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2dc033562cb43480543ff398284933993006741e83f453228a9902a2c9b3ff1d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:61c172961af1a895e9cb355573f1f8a780e7acecc505c58c18faeb9fc49efa66_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:a297d29025aa9d1e963daf0c4b076533da59ddd84825e79d6e6b0e921e8c2588_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:1607eb2595aa0679f571d81c19840cfaf923908553b05d479bd35b2290b1d7e6_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:6f998bb3b7d5311d8e74b25f8fcfe4ae65897270da3c0763ca2cb1d763135bc4_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:8214855b40028fdd2def40116f4585bd50f42ef0948713d63e163840079e8be7_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:e6e8f0a739c61bbd94a61bb75d81ef1af551a4e57ed4a64e583adce62c82af9c_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:66d6fed71915dce2d8b8386cf661590bd374e27baa26a7c2cddd1916386922ce_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:67167e08f0883c273e98810ad44288c4355ce2af13859021e2973c075c56cf9f_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:8596630dd1c175bf6dd29470c009e850d8b8fd465f3d9dcee8338a4aeca8dc64_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:be6bfe44af552d934c881db0177bee7e345d76442523b0ea0144610d5470ea45_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)"
},
{
"cve": "CVE-2023-44487",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:5da2ecf1149394e0c64af7c8e8a2684012590838031e4c733d6eff7f30cd6265_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ae91d40862457c43c130aa081a66bcedca17dce7dce0f381143b244dd126bc12_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ce5c9ef5800ed30888dcb23aa2ed9cf56bd83767d572a51e3e3e1509a2539063_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:e0239a8ff86253729b9af04e6407283c51744497fea90d099afaceaa4fc823ec_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:27ecc916ce170d505d828742fa29d20143c4443343b101a2a9d75fe086b515f1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:350a8565fb297353c81571bad33f0fca5ab129560ad7f15de242db98c4709b3c_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:488df8c38e377719771c758b71f1e966d76bb03da6217e09c29c21fec12c437d_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:84ffa04b7ae504efc0037c3ae14c0e4d4f99057593a2db2bbbfcf92e526d2c7c_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:03484bd14253a7340f754a6f1aef5659cfd5a6844ffbdfb2f215321b6fc63644_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2dc033562cb43480543ff398284933993006741e83f453228a9902a2c9b3ff1d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:61c172961af1a895e9cb355573f1f8a780e7acecc505c58c18faeb9fc49efa66_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:a297d29025aa9d1e963daf0c4b076533da59ddd84825e79d6e6b0e921e8c2588_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:1607eb2595aa0679f571d81c19840cfaf923908553b05d479bd35b2290b1d7e6_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:6f998bb3b7d5311d8e74b25f8fcfe4ae65897270da3c0763ca2cb1d763135bc4_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:8214855b40028fdd2def40116f4585bd50f42ef0948713d63e163840079e8be7_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:e6e8f0a739c61bbd94a61bb75d81ef1af551a4e57ed4a64e583adce62c82af9c_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2242803"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages.\r\n\r\nSecurity Bulletin\r\nhttps://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "NGINX has been marked as Moderate Impact because, for performance and resource consumption reasons, NGINX limits the number of concurrent streams to a default of 128. In addition, to optimally balance network and server performance, NGINX allows the client to persist HTTP connections for up to 1000 requests by default using an HTTP keepalive.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nrhc component is no longer impacted by CVE-2023-44487 \u0026 CVE-2023-39325.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:66d6fed71915dce2d8b8386cf661590bd374e27baa26a7c2cddd1916386922ce_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:67167e08f0883c273e98810ad44288c4355ce2af13859021e2973c075c56cf9f_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:8596630dd1c175bf6dd29470c009e850d8b8fd465f3d9dcee8338a4aeca8dc64_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:be6bfe44af552d934c881db0177bee7e345d76442523b0ea0144610d5470ea45_ppc64le"
],
"known_not_affected": [
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:5da2ecf1149394e0c64af7c8e8a2684012590838031e4c733d6eff7f30cd6265_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ae91d40862457c43c130aa081a66bcedca17dce7dce0f381143b244dd126bc12_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ce5c9ef5800ed30888dcb23aa2ed9cf56bd83767d572a51e3e3e1509a2539063_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:e0239a8ff86253729b9af04e6407283c51744497fea90d099afaceaa4fc823ec_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:27ecc916ce170d505d828742fa29d20143c4443343b101a2a9d75fe086b515f1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:350a8565fb297353c81571bad33f0fca5ab129560ad7f15de242db98c4709b3c_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:488df8c38e377719771c758b71f1e966d76bb03da6217e09c29c21fec12c437d_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:84ffa04b7ae504efc0037c3ae14c0e4d4f99057593a2db2bbbfcf92e526d2c7c_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:03484bd14253a7340f754a6f1aef5659cfd5a6844ffbdfb2f215321b6fc63644_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2dc033562cb43480543ff398284933993006741e83f453228a9902a2c9b3ff1d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:61c172961af1a895e9cb355573f1f8a780e7acecc505c58c18faeb9fc49efa66_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:a297d29025aa9d1e963daf0c4b076533da59ddd84825e79d6e6b0e921e8c2588_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:1607eb2595aa0679f571d81c19840cfaf923908553b05d479bd35b2290b1d7e6_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:6f998bb3b7d5311d8e74b25f8fcfe4ae65897270da3c0763ca2cb1d763135bc4_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:8214855b40028fdd2def40116f4585bd50f42ef0948713d63e163840079e8be7_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:e6e8f0a739c61bbd94a61bb75d81ef1af551a4e57ed4a64e583adce62c82af9c_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "RHBZ#2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://github.com/dotnet/announcements/issues/277",
"url": "https://github.com/dotnet/announcements/issues/277"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
},
{
"category": "external",
"summary": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/",
"url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-20T16:49:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:66d6fed71915dce2d8b8386cf661590bd374e27baa26a7c2cddd1916386922ce_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:67167e08f0883c273e98810ad44288c4355ce2af13859021e2973c075c56cf9f_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:8596630dd1c175bf6dd29470c009e850d8b8fd465f3d9dcee8338a4aeca8dc64_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:be6bfe44af552d934c881db0177bee7e345d76442523b0ea0144610d5470ea45_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:5974"
},
{
"category": "workaround",
"details": "Users are strongly urged to update their software as soon as fixes are available. \nThere are several mitigation approaches for this flaw. \n\n1. If circumstances permit, users may disable http2 endpoints to circumvent the flaw altogether until a fix is available.\n2. IP-based blocking or flood protection and rate control tools may be used at network endpoints to filter incoming traffic.\n3. Several package specific mitigations are also available. \n a. nginx: https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\n b. netty: https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p\n c. haproxy: https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\n d. nghttp2: https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg\n e. golang: The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:5da2ecf1149394e0c64af7c8e8a2684012590838031e4c733d6eff7f30cd6265_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ae91d40862457c43c130aa081a66bcedca17dce7dce0f381143b244dd126bc12_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ce5c9ef5800ed30888dcb23aa2ed9cf56bd83767d572a51e3e3e1509a2539063_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:e0239a8ff86253729b9af04e6407283c51744497fea90d099afaceaa4fc823ec_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:27ecc916ce170d505d828742fa29d20143c4443343b101a2a9d75fe086b515f1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:350a8565fb297353c81571bad33f0fca5ab129560ad7f15de242db98c4709b3c_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:488df8c38e377719771c758b71f1e966d76bb03da6217e09c29c21fec12c437d_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:84ffa04b7ae504efc0037c3ae14c0e4d4f99057593a2db2bbbfcf92e526d2c7c_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:03484bd14253a7340f754a6f1aef5659cfd5a6844ffbdfb2f215321b6fc63644_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2dc033562cb43480543ff398284933993006741e83f453228a9902a2c9b3ff1d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:61c172961af1a895e9cb355573f1f8a780e7acecc505c58c18faeb9fc49efa66_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:a297d29025aa9d1e963daf0c4b076533da59ddd84825e79d6e6b0e921e8c2588_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:1607eb2595aa0679f571d81c19840cfaf923908553b05d479bd35b2290b1d7e6_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:6f998bb3b7d5311d8e74b25f8fcfe4ae65897270da3c0763ca2cb1d763135bc4_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:8214855b40028fdd2def40116f4585bd50f42ef0948713d63e163840079e8be7_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:e6e8f0a739c61bbd94a61bb75d81ef1af551a4e57ed4a64e583adce62c82af9c_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:66d6fed71915dce2d8b8386cf661590bd374e27baa26a7c2cddd1916386922ce_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:67167e08f0883c273e98810ad44288c4355ce2af13859021e2973c075c56cf9f_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:8596630dd1c175bf6dd29470c009e850d8b8fd465f3d9dcee8338a4aeca8dc64_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:be6bfe44af552d934c881db0177bee7e345d76442523b0ea0144610d5470ea45_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:5da2ecf1149394e0c64af7c8e8a2684012590838031e4c733d6eff7f30cd6265_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ae91d40862457c43c130aa081a66bcedca17dce7dce0f381143b244dd126bc12_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ce5c9ef5800ed30888dcb23aa2ed9cf56bd83767d572a51e3e3e1509a2539063_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:e0239a8ff86253729b9af04e6407283c51744497fea90d099afaceaa4fc823ec_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:27ecc916ce170d505d828742fa29d20143c4443343b101a2a9d75fe086b515f1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:350a8565fb297353c81571bad33f0fca5ab129560ad7f15de242db98c4709b3c_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:488df8c38e377719771c758b71f1e966d76bb03da6217e09c29c21fec12c437d_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:84ffa04b7ae504efc0037c3ae14c0e4d4f99057593a2db2bbbfcf92e526d2c7c_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:03484bd14253a7340f754a6f1aef5659cfd5a6844ffbdfb2f215321b6fc63644_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2dc033562cb43480543ff398284933993006741e83f453228a9902a2c9b3ff1d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:61c172961af1a895e9cb355573f1f8a780e7acecc505c58c18faeb9fc49efa66_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:a297d29025aa9d1e963daf0c4b076533da59ddd84825e79d6e6b0e921e8c2588_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:1607eb2595aa0679f571d81c19840cfaf923908553b05d479bd35b2290b1d7e6_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:6f998bb3b7d5311d8e74b25f8fcfe4ae65897270da3c0763ca2cb1d763135bc4_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:8214855b40028fdd2def40116f4585bd50f42ef0948713d63e163840079e8be7_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:e6e8f0a739c61bbd94a61bb75d81ef1af551a4e57ed4a64e583adce62c82af9c_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:66d6fed71915dce2d8b8386cf661590bd374e27baa26a7c2cddd1916386922ce_amd64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:67167e08f0883c273e98810ad44288c4355ce2af13859021e2973c075c56cf9f_s390x",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:8596630dd1c175bf6dd29470c009e850d8b8fd465f3d9dcee8338a4aeca8dc64_arm64",
"9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:be6bfe44af552d934c881db0177bee7e345d76442523b0ea0144610d5470ea45_ppc64le"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-10-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)"
}
]
}
RHSA-2023:5976
Vulnerability from csaf_redhat - Published: 2023-10-20 17:18 - Updated: 2026-06-05 13:08Summary
Red Hat Security Advisory: Service Telemetry Framework 1.5.2 security update
Severity
Important
Notes
Topic: An update is now available for Service Telemetry Framework 1.5.2.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Security Fix(es):
* golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) (CVE-2023-39325)
* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)
* golang: crypto/tls: large handshake records may cause panics (CVE-2022-41724)
* golang: crypto/internal/nistec: specific unreduced P-256 scalars produce incorrect results (CVE-2023-24532)
* golang: net/http, net/textproto: denial of service from excessive memory allocation (CVE-2023-24534)
* golang: net/http: insufficient sanitization of Host header (CVE-2023-29406)
* golang: crypto/tls: slow verification of certificate chains containing large RSA keys (CVE-2023-29409)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in Golang Go, where it is vulnerable to a denial of service caused when processing large TLS handshake records. By sending specially-crafted TLS handshake records, a remote, authenticated attacker can cause a denial of service condition.
7.5 (High)
Affected products
Fixed
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:e261f596dc4f13cf45981d4415cb17d0314c66ad105b5aa31898f7364185233b_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:583b8fc7bd18b79b146274c0b6ca0e8ebc14e7dfb389bd2a01fcf18744ab7d40_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:627b664de828007e469d329253e50ff91cea19ead36353d11d313b6692913d07_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:1725eae2e4232e99412c73e6e4b6eabab8f8ce7f13e2106701974c5cfeeb5830_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-STF-1.5:stf/sg-core-rhel8@sha256:d870784a543045e6b14519df1658864fa0ea22885465bd6630232aeaa1f9ee7e_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:f8bb700696897363678fcd0ce466fd9e9ffcddad263476a42673d516724b9767_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9c3256a9e48b535413e4a4633d1404adbea0239c644569032cd63f991c5051ec_amd64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the crypto/internal/nistec golang library. The ScalarMult and ScalarBaseMult methods of the P256 Curve may return an incorrect result if called with some specific unreduced scalars, such as a scalar larger than the order of the curve. This does not impact usages of crypto/ecdsa or crypto/ecdh.
5.3 (Medium)
Affected products
Fixed
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:e261f596dc4f13cf45981d4415cb17d0314c66ad105b5aa31898f7364185233b_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:583b8fc7bd18b79b146274c0b6ca0e8ebc14e7dfb389bd2a01fcf18744ab7d40_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:627b664de828007e469d329253e50ff91cea19ead36353d11d313b6692913d07_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:1725eae2e4232e99412c73e6e4b6eabab8f8ce7f13e2106701974c5cfeeb5830_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-STF-1.5:stf/sg-core-rhel8@sha256:d870784a543045e6b14519df1658864fa0ea22885465bd6630232aeaa1f9ee7e_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:f8bb700696897363678fcd0ce466fd9e9ffcddad263476a42673d516724b9767_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9c3256a9e48b535413e4a4633d1404adbea0239c644569032cd63f991c5051ec_amd64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in Golang Go, where it is vulnerable to a denial of service caused by memory exhaustion in the common function in HTTP and MIME header parsing. By sending a specially crafted request, a remote attacker can cause a denial of service.
7.5 (High)
Affected products
Fixed
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:e261f596dc4f13cf45981d4415cb17d0314c66ad105b5aa31898f7364185233b_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:583b8fc7bd18b79b146274c0b6ca0e8ebc14e7dfb389bd2a01fcf18744ab7d40_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:627b664de828007e469d329253e50ff91cea19ead36353d11d313b6692913d07_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:1725eae2e4232e99412c73e6e4b6eabab8f8ce7f13e2106701974c5cfeeb5830_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-STF-1.5:stf/sg-core-rhel8@sha256:d870784a543045e6b14519df1658864fa0ea22885465bd6630232aeaa1f9ee7e_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:f8bb700696897363678fcd0ce466fd9e9ffcddad263476a42673d516724b9767_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9c3256a9e48b535413e4a4633d1404adbea0239c644569032cd63f991c5051ec_amd64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in Golang, where it is vulnerable to HTTP header injection caused by improper content validation of the Host header by the HTTP/1 client. A remote attacker can inject arbitrary HTTP headers by persuading a victim to visit a specially crafted Web page. This flaw allows the attacker to conduct various attacks against the vulnerable system, including Cross-site scripting, cache poisoning, or session hijacking.
6.5 (Medium)
Affected products
Fixed
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:e261f596dc4f13cf45981d4415cb17d0314c66ad105b5aa31898f7364185233b_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:583b8fc7bd18b79b146274c0b6ca0e8ebc14e7dfb389bd2a01fcf18744ab7d40_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:627b664de828007e469d329253e50ff91cea19ead36353d11d313b6692913d07_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:1725eae2e4232e99412c73e6e4b6eabab8f8ce7f13e2106701974c5cfeeb5830_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-STF-1.5:stf/sg-core-rhel8@sha256:d870784a543045e6b14519df1658864fa0ea22885465bd6630232aeaa1f9ee7e_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:f8bb700696897363678fcd0ce466fd9e9ffcddad263476a42673d516724b9767_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9c3256a9e48b535413e4a4633d1404adbea0239c644569032cd63f991c5051ec_amd64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A denial of service vulnerability was found in the Golang Go package caused by an uncontrolled resource consumption flaw. By persuading a victim to use a specially crafted certificate with large RSA keys, a remote attacker can cause a client/server to expend significant CPU time verifying signatures, resulting in a denial of service condition.
5.3 (Medium)
Affected products
Fixed
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:e261f596dc4f13cf45981d4415cb17d0314c66ad105b5aa31898f7364185233b_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:583b8fc7bd18b79b146274c0b6ca0e8ebc14e7dfb389bd2a01fcf18744ab7d40_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:627b664de828007e469d329253e50ff91cea19ead36353d11d313b6692913d07_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:1725eae2e4232e99412c73e6e4b6eabab8f8ce7f13e2106701974c5cfeeb5830_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-STF-1.5:stf/sg-core-rhel8@sha256:d870784a543045e6b14519df1658864fa0ea22885465bd6630232aeaa1f9ee7e_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:f8bb700696897363678fcd0ce466fd9e9ffcddad263476a42673d516724b9767_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9c3256a9e48b535413e4a4633d1404adbea0239c644569032cd63f991c5051ec_amd64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.
7.5 (High)
Affected products
Fixed
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:e261f596dc4f13cf45981d4415cb17d0314c66ad105b5aa31898f7364185233b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:583b8fc7bd18b79b146274c0b6ca0e8ebc14e7dfb389bd2a01fcf18744ab7d40_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:627b664de828007e469d329253e50ff91cea19ead36353d11d313b6692913d07_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:1725eae2e4232e99412c73e6e4b6eabab8f8ce7f13e2106701974c5cfeeb5830_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-STF-1.5:stf/sg-core-rhel8@sha256:d870784a543045e6b14519df1658864fa0ea22885465bd6630232aeaa1f9ee7e_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:f8bb700696897363678fcd0ce466fd9e9ffcddad263476a42673d516724b9767_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9c3256a9e48b535413e4a4633d1404adbea0239c644569032cd63f991c5051ec_amd64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages. Security Bulletin https://access.redhat.com/security/vulnerabilities/RHSB-2023-003
7.5 (High)
Affected products
Fixed
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:e261f596dc4f13cf45981d4415cb17d0314c66ad105b5aa31898f7364185233b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:583b8fc7bd18b79b146274c0b6ca0e8ebc14e7dfb389bd2a01fcf18744ab7d40_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:627b664de828007e469d329253e50ff91cea19ead36353d11d313b6692913d07_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:1725eae2e4232e99412c73e6e4b6eabab8f8ce7f13e2106701974c5cfeeb5830_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-STF-1.5:stf/sg-core-rhel8@sha256:d870784a543045e6b14519df1658864fa0ea22885465bd6630232aeaa1f9ee7e_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:f8bb700696897363678fcd0ce466fd9e9ffcddad263476a42673d516724b9767_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9c3256a9e48b535413e4a4633d1404adbea0239c644569032cd63f991c5051ec_amd64 | — |
Vendor Fix
fix
Workaround
|
Threats
Exploit Status
CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Impact
Important
References
62 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Service Telemetry Framework 1.5.2.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Security Fix(es):\n\n* golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) (CVE-2023-39325)\n\n* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)\n\n* golang: crypto/tls: large handshake records may cause panics (CVE-2022-41724)\n\n* golang: crypto/internal/nistec: specific unreduced P-256 scalars produce incorrect results (CVE-2023-24532)\n\n* golang: net/http, net/textproto: denial of service from excessive memory allocation (CVE-2023-24534)\n\n* golang: net/http: insufficient sanitization of Host header (CVE-2023-29406)\n\n* golang: crypto/tls: slow verification of certificate chains containing large RSA keys (CVE-2023-29409)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:5976",
"url": "https://access.redhat.com/errata/RHSA-2023:5976"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "2178492",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178492"
},
{
"category": "external",
"summary": "2184483",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2184483"
},
{
"category": "external",
"summary": "2222167",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2222167"
},
{
"category": "external",
"summary": "2223355",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2223355"
},
{
"category": "external",
"summary": "2228743",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2228743"
},
{
"category": "external",
"summary": "2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_5976.json"
}
],
"title": "Red Hat Security Advisory: Service Telemetry Framework 1.5.2 security update",
"tracking": {
"current_release_date": "2026-06-05T13:08:08+00:00",
"generator": {
"date": "2026-06-05T13:08:08+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.2"
}
},
"id": "RHSA-2023:5976",
"initial_release_date": "2023-10-20T17:18:33+00:00",
"revision_history": [
{
"date": "2023-10-20T17:18:33+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-10-20T17:18:33+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-05T13:08:08+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Service Telemetry Framework 1.5 for RHEL 8",
"product": {
"name": "Service Telemetry Framework 1.5 for RHEL 8",
"product_id": "8Base-STF-1.5",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:stf:1.5::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenStack Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "stf/prometheus-webhook-snmp-rhel8@sha256:e261f596dc4f13cf45981d4415cb17d0314c66ad105b5aa31898f7364185233b_amd64",
"product": {
"name": "stf/prometheus-webhook-snmp-rhel8@sha256:e261f596dc4f13cf45981d4415cb17d0314c66ad105b5aa31898f7364185233b_amd64",
"product_id": "stf/prometheus-webhook-snmp-rhel8@sha256:e261f596dc4f13cf45981d4415cb17d0314c66ad105b5aa31898f7364185233b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/prometheus-webhook-snmp-rhel8@sha256:e261f596dc4f13cf45981d4415cb17d0314c66ad105b5aa31898f7364185233b?arch=amd64\u0026repository_url=registry.redhat.io/stf/prometheus-webhook-snmp-rhel8\u0026tag=1.5.2-8"
}
}
},
{
"category": "product_version",
"name": "stf/service-telemetry-operator-bundle@sha256:583b8fc7bd18b79b146274c0b6ca0e8ebc14e7dfb389bd2a01fcf18744ab7d40_amd64",
"product": {
"name": "stf/service-telemetry-operator-bundle@sha256:583b8fc7bd18b79b146274c0b6ca0e8ebc14e7dfb389bd2a01fcf18744ab7d40_amd64",
"product_id": "stf/service-telemetry-operator-bundle@sha256:583b8fc7bd18b79b146274c0b6ca0e8ebc14e7dfb389bd2a01fcf18744ab7d40_amd64",
"product_identification_helper": {
"purl": "pkg:oci/service-telemetry-operator-bundle@sha256:583b8fc7bd18b79b146274c0b6ca0e8ebc14e7dfb389bd2a01fcf18744ab7d40?arch=amd64\u0026repository_url=registry.redhat.io/stf/service-telemetry-operator-bundle\u0026tag=1.5.1697612918-1"
}
}
},
{
"category": "product_version",
"name": "stf/service-telemetry-rhel8-operator@sha256:627b664de828007e469d329253e50ff91cea19ead36353d11d313b6692913d07_amd64",
"product": {
"name": "stf/service-telemetry-rhel8-operator@sha256:627b664de828007e469d329253e50ff91cea19ead36353d11d313b6692913d07_amd64",
"product_id": "stf/service-telemetry-rhel8-operator@sha256:627b664de828007e469d329253e50ff91cea19ead36353d11d313b6692913d07_amd64",
"product_identification_helper": {
"purl": "pkg:oci/service-telemetry-rhel8-operator@sha256:627b664de828007e469d329253e50ff91cea19ead36353d11d313b6692913d07?arch=amd64\u0026repository_url=registry.redhat.io/stf/service-telemetry-rhel8-operator\u0026tag=1.5.1-8"
}
}
},
{
"category": "product_version",
"name": "stf/sg-bridge-rhel8@sha256:1725eae2e4232e99412c73e6e4b6eabab8f8ce7f13e2106701974c5cfeeb5830_amd64",
"product": {
"name": "stf/sg-bridge-rhel8@sha256:1725eae2e4232e99412c73e6e4b6eabab8f8ce7f13e2106701974c5cfeeb5830_amd64",
"product_id": "stf/sg-bridge-rhel8@sha256:1725eae2e4232e99412c73e6e4b6eabab8f8ce7f13e2106701974c5cfeeb5830_amd64",
"product_identification_helper": {
"purl": "pkg:oci/sg-bridge-rhel8@sha256:1725eae2e4232e99412c73e6e4b6eabab8f8ce7f13e2106701974c5cfeeb5830?arch=amd64\u0026repository_url=registry.redhat.io/stf/sg-bridge-rhel8\u0026tag=1.5.0-18"
}
}
},
{
"category": "product_version",
"name": "stf/sg-core-rhel8@sha256:d870784a543045e6b14519df1658864fa0ea22885465bd6630232aeaa1f9ee7e_amd64",
"product": {
"name": "stf/sg-core-rhel8@sha256:d870784a543045e6b14519df1658864fa0ea22885465bd6630232aeaa1f9ee7e_amd64",
"product_id": "stf/sg-core-rhel8@sha256:d870784a543045e6b14519df1658864fa0ea22885465bd6630232aeaa1f9ee7e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/sg-core-rhel8@sha256:d870784a543045e6b14519df1658864fa0ea22885465bd6630232aeaa1f9ee7e?arch=amd64\u0026repository_url=registry.redhat.io/stf/sg-core-rhel8\u0026tag=5.1.1-8"
}
}
},
{
"category": "product_version",
"name": "stf/smart-gateway-operator-bundle@sha256:f8bb700696897363678fcd0ce466fd9e9ffcddad263476a42673d516724b9767_amd64",
"product": {
"name": "stf/smart-gateway-operator-bundle@sha256:f8bb700696897363678fcd0ce466fd9e9ffcddad263476a42673d516724b9767_amd64",
"product_id": "stf/smart-gateway-operator-bundle@sha256:f8bb700696897363678fcd0ce466fd9e9ffcddad263476a42673d516724b9767_amd64",
"product_identification_helper": {
"purl": "pkg:oci/smart-gateway-operator-bundle@sha256:f8bb700696897363678fcd0ce466fd9e9ffcddad263476a42673d516724b9767?arch=amd64\u0026repository_url=registry.redhat.io/stf/smart-gateway-operator-bundle\u0026tag=5.0.1697612918-1"
}
}
},
{
"category": "product_version",
"name": "stf/smart-gateway-rhel8-operator@sha256:9c3256a9e48b535413e4a4633d1404adbea0239c644569032cd63f991c5051ec_amd64",
"product": {
"name": "stf/smart-gateway-rhel8-operator@sha256:9c3256a9e48b535413e4a4633d1404adbea0239c644569032cd63f991c5051ec_amd64",
"product_id": "stf/smart-gateway-rhel8-operator@sha256:9c3256a9e48b535413e4a4633d1404adbea0239c644569032cd63f991c5051ec_amd64",
"product_identification_helper": {
"purl": "pkg:oci/smart-gateway-rhel8-operator@sha256:9c3256a9e48b535413e4a4633d1404adbea0239c644569032cd63f991c5051ec?arch=amd64\u0026repository_url=registry.redhat.io/stf/smart-gateway-rhel8-operator\u0026tag=5.0.1-9"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "stf/prometheus-webhook-snmp-rhel8@sha256:e261f596dc4f13cf45981d4415cb17d0314c66ad105b5aa31898f7364185233b_amd64 as a component of Service Telemetry Framework 1.5 for RHEL 8",
"product_id": "8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:e261f596dc4f13cf45981d4415cb17d0314c66ad105b5aa31898f7364185233b_amd64"
},
"product_reference": "stf/prometheus-webhook-snmp-rhel8@sha256:e261f596dc4f13cf45981d4415cb17d0314c66ad105b5aa31898f7364185233b_amd64",
"relates_to_product_reference": "8Base-STF-1.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stf/service-telemetry-operator-bundle@sha256:583b8fc7bd18b79b146274c0b6ca0e8ebc14e7dfb389bd2a01fcf18744ab7d40_amd64 as a component of Service Telemetry Framework 1.5 for RHEL 8",
"product_id": "8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:583b8fc7bd18b79b146274c0b6ca0e8ebc14e7dfb389bd2a01fcf18744ab7d40_amd64"
},
"product_reference": "stf/service-telemetry-operator-bundle@sha256:583b8fc7bd18b79b146274c0b6ca0e8ebc14e7dfb389bd2a01fcf18744ab7d40_amd64",
"relates_to_product_reference": "8Base-STF-1.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stf/service-telemetry-rhel8-operator@sha256:627b664de828007e469d329253e50ff91cea19ead36353d11d313b6692913d07_amd64 as a component of Service Telemetry Framework 1.5 for RHEL 8",
"product_id": "8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:627b664de828007e469d329253e50ff91cea19ead36353d11d313b6692913d07_amd64"
},
"product_reference": "stf/service-telemetry-rhel8-operator@sha256:627b664de828007e469d329253e50ff91cea19ead36353d11d313b6692913d07_amd64",
"relates_to_product_reference": "8Base-STF-1.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stf/sg-bridge-rhel8@sha256:1725eae2e4232e99412c73e6e4b6eabab8f8ce7f13e2106701974c5cfeeb5830_amd64 as a component of Service Telemetry Framework 1.5 for RHEL 8",
"product_id": "8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:1725eae2e4232e99412c73e6e4b6eabab8f8ce7f13e2106701974c5cfeeb5830_amd64"
},
"product_reference": "stf/sg-bridge-rhel8@sha256:1725eae2e4232e99412c73e6e4b6eabab8f8ce7f13e2106701974c5cfeeb5830_amd64",
"relates_to_product_reference": "8Base-STF-1.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stf/sg-core-rhel8@sha256:d870784a543045e6b14519df1658864fa0ea22885465bd6630232aeaa1f9ee7e_amd64 as a component of Service Telemetry Framework 1.5 for RHEL 8",
"product_id": "8Base-STF-1.5:stf/sg-core-rhel8@sha256:d870784a543045e6b14519df1658864fa0ea22885465bd6630232aeaa1f9ee7e_amd64"
},
"product_reference": "stf/sg-core-rhel8@sha256:d870784a543045e6b14519df1658864fa0ea22885465bd6630232aeaa1f9ee7e_amd64",
"relates_to_product_reference": "8Base-STF-1.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stf/smart-gateway-operator-bundle@sha256:f8bb700696897363678fcd0ce466fd9e9ffcddad263476a42673d516724b9767_amd64 as a component of Service Telemetry Framework 1.5 for RHEL 8",
"product_id": "8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:f8bb700696897363678fcd0ce466fd9e9ffcddad263476a42673d516724b9767_amd64"
},
"product_reference": "stf/smart-gateway-operator-bundle@sha256:f8bb700696897363678fcd0ce466fd9e9ffcddad263476a42673d516724b9767_amd64",
"relates_to_product_reference": "8Base-STF-1.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stf/smart-gateway-rhel8-operator@sha256:9c3256a9e48b535413e4a4633d1404adbea0239c644569032cd63f991c5051ec_amd64 as a component of Service Telemetry Framework 1.5 for RHEL 8",
"product_id": "8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9c3256a9e48b535413e4a4633d1404adbea0239c644569032cd63f991c5051ec_amd64"
},
"product_reference": "stf/smart-gateway-rhel8-operator@sha256:9c3256a9e48b535413e4a4633d1404adbea0239c644569032cd63f991c5051ec_amd64",
"relates_to_product_reference": "8Base-STF-1.5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-41724",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-03-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2178492"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Golang Go, where it is vulnerable to a denial of service caused when processing large TLS handshake records. By sending specially-crafted TLS handshake records, a remote, authenticated attacker can cause a denial of service condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: crypto/tls: large handshake records may cause panics",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The opportunity for a denial of service is limited to the golang runtime. In the case of the OpenShift Container Platform, this would be restricted within each individual container. There are multiple layers of guide rails (Golang\u2019s Garbage Collector; OpenShift\u2019s resource constraints imposed at the container and cluster levels) which would require a malicious user to continue submitting attacks for there to be any enduring impact. They would also need access to external server resources to be able to send a massive volume of requests to cause a significant impact on server operations.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:e261f596dc4f13cf45981d4415cb17d0314c66ad105b5aa31898f7364185233b_amd64",
"8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:583b8fc7bd18b79b146274c0b6ca0e8ebc14e7dfb389bd2a01fcf18744ab7d40_amd64",
"8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:627b664de828007e469d329253e50ff91cea19ead36353d11d313b6692913d07_amd64",
"8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:1725eae2e4232e99412c73e6e4b6eabab8f8ce7f13e2106701974c5cfeeb5830_amd64",
"8Base-STF-1.5:stf/sg-core-rhel8@sha256:d870784a543045e6b14519df1658864fa0ea22885465bd6630232aeaa1f9ee7e_amd64",
"8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:f8bb700696897363678fcd0ce466fd9e9ffcddad263476a42673d516724b9767_amd64",
"8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9c3256a9e48b535413e4a4633d1404adbea0239c644569032cd63f991c5051ec_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41724"
},
{
"category": "external",
"summary": "RHBZ#2178492",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178492"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41724",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41724"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41724",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41724"
},
{
"category": "external",
"summary": "https://go.dev/cl/468125",
"url": "https://go.dev/cl/468125"
},
{
"category": "external",
"summary": "https://go.dev/issue/58001",
"url": "https://go.dev/issue/58001"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E",
"url": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-1570",
"url": "https://pkg.go.dev/vuln/GO-2023-1570"
}
],
"release_date": "2023-02-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-20T17:18:33+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:e261f596dc4f13cf45981d4415cb17d0314c66ad105b5aa31898f7364185233b_amd64",
"8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:583b8fc7bd18b79b146274c0b6ca0e8ebc14e7dfb389bd2a01fcf18744ab7d40_amd64",
"8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:627b664de828007e469d329253e50ff91cea19ead36353d11d313b6692913d07_amd64",
"8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:1725eae2e4232e99412c73e6e4b6eabab8f8ce7f13e2106701974c5cfeeb5830_amd64",
"8Base-STF-1.5:stf/sg-core-rhel8@sha256:d870784a543045e6b14519df1658864fa0ea22885465bd6630232aeaa1f9ee7e_amd64",
"8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:f8bb700696897363678fcd0ce466fd9e9ffcddad263476a42673d516724b9767_amd64",
"8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9c3256a9e48b535413e4a4633d1404adbea0239c644569032cd63f991c5051ec_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:5976"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:e261f596dc4f13cf45981d4415cb17d0314c66ad105b5aa31898f7364185233b_amd64",
"8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:583b8fc7bd18b79b146274c0b6ca0e8ebc14e7dfb389bd2a01fcf18744ab7d40_amd64",
"8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:627b664de828007e469d329253e50ff91cea19ead36353d11d313b6692913d07_amd64",
"8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:1725eae2e4232e99412c73e6e4b6eabab8f8ce7f13e2106701974c5cfeeb5830_amd64",
"8Base-STF-1.5:stf/sg-core-rhel8@sha256:d870784a543045e6b14519df1658864fa0ea22885465bd6630232aeaa1f9ee7e_amd64",
"8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:f8bb700696897363678fcd0ce466fd9e9ffcddad263476a42673d516724b9767_amd64",
"8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9c3256a9e48b535413e4a4633d1404adbea0239c644569032cd63f991c5051ec_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: crypto/tls: large handshake records may cause panics"
},
{
"cve": "CVE-2023-24532",
"cwe": {
"id": "CWE-682",
"name": "Incorrect Calculation"
},
"discovery_date": "2023-07-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2223355"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the crypto/internal/nistec golang library. The ScalarMult and ScalarBaseMult methods of the P256 Curve may return an incorrect result if called with some specific unreduced scalars, such as a scalar larger than the order of the curve. This does not impact usages of crypto/ecdsa or crypto/ecdh.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: crypto/internal/nistec: specific unreduced P-256 scalars produce incorrect results",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:e261f596dc4f13cf45981d4415cb17d0314c66ad105b5aa31898f7364185233b_amd64",
"8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:583b8fc7bd18b79b146274c0b6ca0e8ebc14e7dfb389bd2a01fcf18744ab7d40_amd64",
"8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:627b664de828007e469d329253e50ff91cea19ead36353d11d313b6692913d07_amd64",
"8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:1725eae2e4232e99412c73e6e4b6eabab8f8ce7f13e2106701974c5cfeeb5830_amd64",
"8Base-STF-1.5:stf/sg-core-rhel8@sha256:d870784a543045e6b14519df1658864fa0ea22885465bd6630232aeaa1f9ee7e_amd64",
"8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:f8bb700696897363678fcd0ce466fd9e9ffcddad263476a42673d516724b9767_amd64",
"8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9c3256a9e48b535413e4a4633d1404adbea0239c644569032cd63f991c5051ec_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-24532"
},
{
"category": "external",
"summary": "RHBZ#2223355",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2223355"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-24532",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24532"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-24532",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24532"
},
{
"category": "external",
"summary": "https://go.dev/cl/471255",
"url": "https://go.dev/cl/471255"
},
{
"category": "external",
"summary": "https://go.dev/issue/58647",
"url": "https://go.dev/issue/58647"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/3-TpUx48iQY",
"url": "https://groups.google.com/g/golang-announce/c/3-TpUx48iQY"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-1621",
"url": "https://pkg.go.dev/vuln/GO-2023-1621"
}
],
"release_date": "2023-03-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-20T17:18:33+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:e261f596dc4f13cf45981d4415cb17d0314c66ad105b5aa31898f7364185233b_amd64",
"8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:583b8fc7bd18b79b146274c0b6ca0e8ebc14e7dfb389bd2a01fcf18744ab7d40_amd64",
"8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:627b664de828007e469d329253e50ff91cea19ead36353d11d313b6692913d07_amd64",
"8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:1725eae2e4232e99412c73e6e4b6eabab8f8ce7f13e2106701974c5cfeeb5830_amd64",
"8Base-STF-1.5:stf/sg-core-rhel8@sha256:d870784a543045e6b14519df1658864fa0ea22885465bd6630232aeaa1f9ee7e_amd64",
"8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:f8bb700696897363678fcd0ce466fd9e9ffcddad263476a42673d516724b9767_amd64",
"8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9c3256a9e48b535413e4a4633d1404adbea0239c644569032cd63f991c5051ec_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:5976"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:e261f596dc4f13cf45981d4415cb17d0314c66ad105b5aa31898f7364185233b_amd64",
"8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:583b8fc7bd18b79b146274c0b6ca0e8ebc14e7dfb389bd2a01fcf18744ab7d40_amd64",
"8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:627b664de828007e469d329253e50ff91cea19ead36353d11d313b6692913d07_amd64",
"8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:1725eae2e4232e99412c73e6e4b6eabab8f8ce7f13e2106701974c5cfeeb5830_amd64",
"8Base-STF-1.5:stf/sg-core-rhel8@sha256:d870784a543045e6b14519df1658864fa0ea22885465bd6630232aeaa1f9ee7e_amd64",
"8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:f8bb700696897363678fcd0ce466fd9e9ffcddad263476a42673d516724b9767_amd64",
"8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9c3256a9e48b535413e4a4633d1404adbea0239c644569032cd63f991c5051ec_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: crypto/internal/nistec: specific unreduced P-256 scalars produce incorrect results"
},
{
"cve": "CVE-2023-24534",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-04-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2184483"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Golang Go, where it is vulnerable to a denial of service caused by memory exhaustion in the common function in HTTP and MIME header parsing. By sending a specially crafted request, a remote attacker can cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http, net/textproto: denial of service from excessive memory allocation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:e261f596dc4f13cf45981d4415cb17d0314c66ad105b5aa31898f7364185233b_amd64",
"8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:583b8fc7bd18b79b146274c0b6ca0e8ebc14e7dfb389bd2a01fcf18744ab7d40_amd64",
"8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:627b664de828007e469d329253e50ff91cea19ead36353d11d313b6692913d07_amd64",
"8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:1725eae2e4232e99412c73e6e4b6eabab8f8ce7f13e2106701974c5cfeeb5830_amd64",
"8Base-STF-1.5:stf/sg-core-rhel8@sha256:d870784a543045e6b14519df1658864fa0ea22885465bd6630232aeaa1f9ee7e_amd64",
"8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:f8bb700696897363678fcd0ce466fd9e9ffcddad263476a42673d516724b9767_amd64",
"8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9c3256a9e48b535413e4a4633d1404adbea0239c644569032cd63f991c5051ec_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-24534"
},
{
"category": "external",
"summary": "RHBZ#2184483",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2184483"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-24534",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24534"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-24534",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24534"
},
{
"category": "external",
"summary": "https://go.dev/issue/58975",
"url": "https://go.dev/issue/58975"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/Xdv6JL9ENs8",
"url": "https://groups.google.com/g/golang-announce/c/Xdv6JL9ENs8"
}
],
"release_date": "2023-04-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-20T17:18:33+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:e261f596dc4f13cf45981d4415cb17d0314c66ad105b5aa31898f7364185233b_amd64",
"8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:583b8fc7bd18b79b146274c0b6ca0e8ebc14e7dfb389bd2a01fcf18744ab7d40_amd64",
"8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:627b664de828007e469d329253e50ff91cea19ead36353d11d313b6692913d07_amd64",
"8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:1725eae2e4232e99412c73e6e4b6eabab8f8ce7f13e2106701974c5cfeeb5830_amd64",
"8Base-STF-1.5:stf/sg-core-rhel8@sha256:d870784a543045e6b14519df1658864fa0ea22885465bd6630232aeaa1f9ee7e_amd64",
"8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:f8bb700696897363678fcd0ce466fd9e9ffcddad263476a42673d516724b9767_amd64",
"8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9c3256a9e48b535413e4a4633d1404adbea0239c644569032cd63f991c5051ec_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:5976"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:e261f596dc4f13cf45981d4415cb17d0314c66ad105b5aa31898f7364185233b_amd64",
"8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:583b8fc7bd18b79b146274c0b6ca0e8ebc14e7dfb389bd2a01fcf18744ab7d40_amd64",
"8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:627b664de828007e469d329253e50ff91cea19ead36353d11d313b6692913d07_amd64",
"8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:1725eae2e4232e99412c73e6e4b6eabab8f8ce7f13e2106701974c5cfeeb5830_amd64",
"8Base-STF-1.5:stf/sg-core-rhel8@sha256:d870784a543045e6b14519df1658864fa0ea22885465bd6630232aeaa1f9ee7e_amd64",
"8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:f8bb700696897363678fcd0ce466fd9e9ffcddad263476a42673d516724b9767_amd64",
"8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9c3256a9e48b535413e4a4633d1404adbea0239c644569032cd63f991c5051ec_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http, net/textproto: denial of service from excessive memory allocation"
},
{
"cve": "CVE-2023-29406",
"cwe": {
"id": "CWE-113",
"name": "Improper Neutralization of CRLF Sequences in HTTP Headers (\u0027HTTP Request/Response Splitting\u0027)"
},
"discovery_date": "2023-07-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2222167"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Golang, where it is vulnerable to HTTP header injection caused by improper content validation of the Host header by the HTTP/1 client. A remote attacker can inject arbitrary HTTP headers by persuading a victim to visit a specially crafted Web page. This flaw allows the attacker to conduct various attacks against the vulnerable system, including Cross-site scripting, cache poisoning, or session hijacking.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http: insufficient sanitization of Host header",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:e261f596dc4f13cf45981d4415cb17d0314c66ad105b5aa31898f7364185233b_amd64",
"8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:583b8fc7bd18b79b146274c0b6ca0e8ebc14e7dfb389bd2a01fcf18744ab7d40_amd64",
"8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:627b664de828007e469d329253e50ff91cea19ead36353d11d313b6692913d07_amd64",
"8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:1725eae2e4232e99412c73e6e4b6eabab8f8ce7f13e2106701974c5cfeeb5830_amd64",
"8Base-STF-1.5:stf/sg-core-rhel8@sha256:d870784a543045e6b14519df1658864fa0ea22885465bd6630232aeaa1f9ee7e_amd64",
"8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:f8bb700696897363678fcd0ce466fd9e9ffcddad263476a42673d516724b9767_amd64",
"8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9c3256a9e48b535413e4a4633d1404adbea0239c644569032cd63f991c5051ec_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-29406"
},
{
"category": "external",
"summary": "RHBZ#2222167",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2222167"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-29406",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29406"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-29406",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29406"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/2q13H6LEEx0",
"url": "https://groups.google.com/g/golang-announce/c/2q13H6LEEx0"
}
],
"release_date": "2023-07-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-20T17:18:33+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:e261f596dc4f13cf45981d4415cb17d0314c66ad105b5aa31898f7364185233b_amd64",
"8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:583b8fc7bd18b79b146274c0b6ca0e8ebc14e7dfb389bd2a01fcf18744ab7d40_amd64",
"8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:627b664de828007e469d329253e50ff91cea19ead36353d11d313b6692913d07_amd64",
"8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:1725eae2e4232e99412c73e6e4b6eabab8f8ce7f13e2106701974c5cfeeb5830_amd64",
"8Base-STF-1.5:stf/sg-core-rhel8@sha256:d870784a543045e6b14519df1658864fa0ea22885465bd6630232aeaa1f9ee7e_amd64",
"8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:f8bb700696897363678fcd0ce466fd9e9ffcddad263476a42673d516724b9767_amd64",
"8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9c3256a9e48b535413e4a4633d1404adbea0239c644569032cd63f991c5051ec_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:5976"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:e261f596dc4f13cf45981d4415cb17d0314c66ad105b5aa31898f7364185233b_amd64",
"8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:583b8fc7bd18b79b146274c0b6ca0e8ebc14e7dfb389bd2a01fcf18744ab7d40_amd64",
"8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:627b664de828007e469d329253e50ff91cea19ead36353d11d313b6692913d07_amd64",
"8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:1725eae2e4232e99412c73e6e4b6eabab8f8ce7f13e2106701974c5cfeeb5830_amd64",
"8Base-STF-1.5:stf/sg-core-rhel8@sha256:d870784a543045e6b14519df1658864fa0ea22885465bd6630232aeaa1f9ee7e_amd64",
"8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:f8bb700696897363678fcd0ce466fd9e9ffcddad263476a42673d516724b9767_amd64",
"8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9c3256a9e48b535413e4a4633d1404adbea0239c644569032cd63f991c5051ec_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http: insufficient sanitization of Host header"
},
{
"cve": "CVE-2023-29409",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-08-03T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2228743"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service vulnerability was found in the Golang Go package caused by an uncontrolled resource consumption flaw. By persuading a victim to use a specially crafted certificate with large RSA keys, a remote attacker can cause a client/server to expend significant CPU time verifying signatures, resulting in a denial of service condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: crypto/tls: slow verification of certificate chains containing large RSA keys",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:e261f596dc4f13cf45981d4415cb17d0314c66ad105b5aa31898f7364185233b_amd64",
"8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:583b8fc7bd18b79b146274c0b6ca0e8ebc14e7dfb389bd2a01fcf18744ab7d40_amd64",
"8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:627b664de828007e469d329253e50ff91cea19ead36353d11d313b6692913d07_amd64",
"8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:1725eae2e4232e99412c73e6e4b6eabab8f8ce7f13e2106701974c5cfeeb5830_amd64",
"8Base-STF-1.5:stf/sg-core-rhel8@sha256:d870784a543045e6b14519df1658864fa0ea22885465bd6630232aeaa1f9ee7e_amd64",
"8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:f8bb700696897363678fcd0ce466fd9e9ffcddad263476a42673d516724b9767_amd64",
"8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9c3256a9e48b535413e4a4633d1404adbea0239c644569032cd63f991c5051ec_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-29409"
},
{
"category": "external",
"summary": "RHBZ#2228743",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2228743"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-29409",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29409"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-29409",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29409"
},
{
"category": "external",
"summary": "https://go.dev/cl/515257",
"url": "https://go.dev/cl/515257"
},
{
"category": "external",
"summary": "https://go.dev/issue/61460",
"url": "https://go.dev/issue/61460"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ",
"url": "https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-1987",
"url": "https://pkg.go.dev/vuln/GO-2023-1987"
}
],
"release_date": "2023-08-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-20T17:18:33+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:e261f596dc4f13cf45981d4415cb17d0314c66ad105b5aa31898f7364185233b_amd64",
"8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:583b8fc7bd18b79b146274c0b6ca0e8ebc14e7dfb389bd2a01fcf18744ab7d40_amd64",
"8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:627b664de828007e469d329253e50ff91cea19ead36353d11d313b6692913d07_amd64",
"8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:1725eae2e4232e99412c73e6e4b6eabab8f8ce7f13e2106701974c5cfeeb5830_amd64",
"8Base-STF-1.5:stf/sg-core-rhel8@sha256:d870784a543045e6b14519df1658864fa0ea22885465bd6630232aeaa1f9ee7e_amd64",
"8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:f8bb700696897363678fcd0ce466fd9e9ffcddad263476a42673d516724b9767_amd64",
"8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9c3256a9e48b535413e4a4633d1404adbea0239c644569032cd63f991c5051ec_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:5976"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:e261f596dc4f13cf45981d4415cb17d0314c66ad105b5aa31898f7364185233b_amd64",
"8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:583b8fc7bd18b79b146274c0b6ca0e8ebc14e7dfb389bd2a01fcf18744ab7d40_amd64",
"8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:627b664de828007e469d329253e50ff91cea19ead36353d11d313b6692913d07_amd64",
"8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:1725eae2e4232e99412c73e6e4b6eabab8f8ce7f13e2106701974c5cfeeb5830_amd64",
"8Base-STF-1.5:stf/sg-core-rhel8@sha256:d870784a543045e6b14519df1658864fa0ea22885465bd6630232aeaa1f9ee7e_amd64",
"8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:f8bb700696897363678fcd0ce466fd9e9ffcddad263476a42673d516724b9767_amd64",
"8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9c3256a9e48b535413e4a4633d1404adbea0239c644569032cd63f991c5051ec_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: crypto/tls: slow verification of certificate chains containing large RSA keys"
},
{
"cve": "CVE-2023-39325",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2243296"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE is related to CVE-2023-44487.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nAs go-lang vendors its dependencies, a package may contain a library with a known vulnerability, solely because of lower tier libraries including it as a part of its dependencies, but the vulnerable code is not reachable at runtime. In such cases the issue is not exploitable. We classify these situations as \u201cNot affected\u201d or \u201cWill not fix,\u201d depending on the risk of breaking other unrelated packages.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:e261f596dc4f13cf45981d4415cb17d0314c66ad105b5aa31898f7364185233b_amd64",
"8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:583b8fc7bd18b79b146274c0b6ca0e8ebc14e7dfb389bd2a01fcf18744ab7d40_amd64",
"8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:627b664de828007e469d329253e50ff91cea19ead36353d11d313b6692913d07_amd64",
"8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:1725eae2e4232e99412c73e6e4b6eabab8f8ce7f13e2106701974c5cfeeb5830_amd64",
"8Base-STF-1.5:stf/sg-core-rhel8@sha256:d870784a543045e6b14519df1658864fa0ea22885465bd6630232aeaa1f9ee7e_amd64",
"8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:f8bb700696897363678fcd0ce466fd9e9ffcddad263476a42673d516724b9767_amd64",
"8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9c3256a9e48b535413e4a4633d1404adbea0239c644569032cd63f991c5051ec_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39325"
},
{
"category": "external",
"summary": "RHBZ#2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2023-44487",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://go.dev/issue/63417",
"url": "https://go.dev/issue/63417"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-20T17:18:33+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:e261f596dc4f13cf45981d4415cb17d0314c66ad105b5aa31898f7364185233b_amd64",
"8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:583b8fc7bd18b79b146274c0b6ca0e8ebc14e7dfb389bd2a01fcf18744ab7d40_amd64",
"8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:627b664de828007e469d329253e50ff91cea19ead36353d11d313b6692913d07_amd64",
"8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:1725eae2e4232e99412c73e6e4b6eabab8f8ce7f13e2106701974c5cfeeb5830_amd64",
"8Base-STF-1.5:stf/sg-core-rhel8@sha256:d870784a543045e6b14519df1658864fa0ea22885465bd6630232aeaa1f9ee7e_amd64",
"8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:f8bb700696897363678fcd0ce466fd9e9ffcddad263476a42673d516724b9767_amd64",
"8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9c3256a9e48b535413e4a4633d1404adbea0239c644569032cd63f991c5051ec_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:5976"
},
{
"category": "workaround",
"details": "The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:e261f596dc4f13cf45981d4415cb17d0314c66ad105b5aa31898f7364185233b_amd64",
"8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:583b8fc7bd18b79b146274c0b6ca0e8ebc14e7dfb389bd2a01fcf18744ab7d40_amd64",
"8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:627b664de828007e469d329253e50ff91cea19ead36353d11d313b6692913d07_amd64",
"8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:1725eae2e4232e99412c73e6e4b6eabab8f8ce7f13e2106701974c5cfeeb5830_amd64",
"8Base-STF-1.5:stf/sg-core-rhel8@sha256:d870784a543045e6b14519df1658864fa0ea22885465bd6630232aeaa1f9ee7e_amd64",
"8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:f8bb700696897363678fcd0ce466fd9e9ffcddad263476a42673d516724b9767_amd64",
"8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9c3256a9e48b535413e4a4633d1404adbea0239c644569032cd63f991c5051ec_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:e261f596dc4f13cf45981d4415cb17d0314c66ad105b5aa31898f7364185233b_amd64",
"8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:583b8fc7bd18b79b146274c0b6ca0e8ebc14e7dfb389bd2a01fcf18744ab7d40_amd64",
"8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:627b664de828007e469d329253e50ff91cea19ead36353d11d313b6692913d07_amd64",
"8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:1725eae2e4232e99412c73e6e4b6eabab8f8ce7f13e2106701974c5cfeeb5830_amd64",
"8Base-STF-1.5:stf/sg-core-rhel8@sha256:d870784a543045e6b14519df1658864fa0ea22885465bd6630232aeaa1f9ee7e_amd64",
"8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:f8bb700696897363678fcd0ce466fd9e9ffcddad263476a42673d516724b9767_amd64",
"8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9c3256a9e48b535413e4a4633d1404adbea0239c644569032cd63f991c5051ec_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)"
},
{
"cve": "CVE-2023-44487",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2242803"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages.\r\n\r\nSecurity Bulletin\r\nhttps://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "NGINX has been marked as Moderate Impact because, for performance and resource consumption reasons, NGINX limits the number of concurrent streams to a default of 128. In addition, to optimally balance network and server performance, NGINX allows the client to persist HTTP connections for up to 1000 requests by default using an HTTP keepalive.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nrhc component is no longer impacted by CVE-2023-44487 \u0026 CVE-2023-39325.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:e261f596dc4f13cf45981d4415cb17d0314c66ad105b5aa31898f7364185233b_amd64",
"8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:583b8fc7bd18b79b146274c0b6ca0e8ebc14e7dfb389bd2a01fcf18744ab7d40_amd64",
"8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:627b664de828007e469d329253e50ff91cea19ead36353d11d313b6692913d07_amd64",
"8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:1725eae2e4232e99412c73e6e4b6eabab8f8ce7f13e2106701974c5cfeeb5830_amd64",
"8Base-STF-1.5:stf/sg-core-rhel8@sha256:d870784a543045e6b14519df1658864fa0ea22885465bd6630232aeaa1f9ee7e_amd64",
"8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:f8bb700696897363678fcd0ce466fd9e9ffcddad263476a42673d516724b9767_amd64",
"8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9c3256a9e48b535413e4a4633d1404adbea0239c644569032cd63f991c5051ec_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "RHBZ#2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://github.com/dotnet/announcements/issues/277",
"url": "https://github.com/dotnet/announcements/issues/277"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
},
{
"category": "external",
"summary": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/",
"url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-20T17:18:33+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:e261f596dc4f13cf45981d4415cb17d0314c66ad105b5aa31898f7364185233b_amd64",
"8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:583b8fc7bd18b79b146274c0b6ca0e8ebc14e7dfb389bd2a01fcf18744ab7d40_amd64",
"8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:627b664de828007e469d329253e50ff91cea19ead36353d11d313b6692913d07_amd64",
"8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:1725eae2e4232e99412c73e6e4b6eabab8f8ce7f13e2106701974c5cfeeb5830_amd64",
"8Base-STF-1.5:stf/sg-core-rhel8@sha256:d870784a543045e6b14519df1658864fa0ea22885465bd6630232aeaa1f9ee7e_amd64",
"8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:f8bb700696897363678fcd0ce466fd9e9ffcddad263476a42673d516724b9767_amd64",
"8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9c3256a9e48b535413e4a4633d1404adbea0239c644569032cd63f991c5051ec_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:5976"
},
{
"category": "workaround",
"details": "Users are strongly urged to update their software as soon as fixes are available. \nThere are several mitigation approaches for this flaw. \n\n1. If circumstances permit, users may disable http2 endpoints to circumvent the flaw altogether until a fix is available.\n2. IP-based blocking or flood protection and rate control tools may be used at network endpoints to filter incoming traffic.\n3. Several package specific mitigations are also available. \n a. nginx: https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\n b. netty: https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p\n c. haproxy: https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\n d. nghttp2: https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg\n e. golang: The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:e261f596dc4f13cf45981d4415cb17d0314c66ad105b5aa31898f7364185233b_amd64",
"8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:583b8fc7bd18b79b146274c0b6ca0e8ebc14e7dfb389bd2a01fcf18744ab7d40_amd64",
"8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:627b664de828007e469d329253e50ff91cea19ead36353d11d313b6692913d07_amd64",
"8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:1725eae2e4232e99412c73e6e4b6eabab8f8ce7f13e2106701974c5cfeeb5830_amd64",
"8Base-STF-1.5:stf/sg-core-rhel8@sha256:d870784a543045e6b14519df1658864fa0ea22885465bd6630232aeaa1f9ee7e_amd64",
"8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:f8bb700696897363678fcd0ce466fd9e9ffcddad263476a42673d516724b9767_amd64",
"8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9c3256a9e48b535413e4a4633d1404adbea0239c644569032cd63f991c5051ec_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:e261f596dc4f13cf45981d4415cb17d0314c66ad105b5aa31898f7364185233b_amd64",
"8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:583b8fc7bd18b79b146274c0b6ca0e8ebc14e7dfb389bd2a01fcf18744ab7d40_amd64",
"8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:627b664de828007e469d329253e50ff91cea19ead36353d11d313b6692913d07_amd64",
"8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:1725eae2e4232e99412c73e6e4b6eabab8f8ce7f13e2106701974c5cfeeb5830_amd64",
"8Base-STF-1.5:stf/sg-core-rhel8@sha256:d870784a543045e6b14519df1658864fa0ea22885465bd6630232aeaa1f9ee7e_amd64",
"8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:f8bb700696897363678fcd0ce466fd9e9ffcddad263476a42673d516724b9767_amd64",
"8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9c3256a9e48b535413e4a4633d1404adbea0239c644569032cd63f991c5051ec_amd64"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-10-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…