Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2023-44487 (GCVE-0-2023-44487)
Vulnerability from cvelistv5 – Published: 2023-10-10 00:00 – Updated: 2026-05-12 10:52
VLAI
EPSS
CISA KEV
Summary
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
Severity
7.5 (High)
SSVC
Exploitation: active
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- n/a
- CWE-400 - Uncontrolled Resource Consumption
Assigner
References
173 references
Impacted products
6 products
| Vendor | Product | Version | |
|---|---|---|---|
| ietf | http |
Affected:
2.0
cpe:2.3:a:ietf:http:2.0:*:*:*:*:*:*:* |
|
| Siemens | RUGGEDCOM APE1808 |
Affected:
0 , < *
(custom)
|
|
| Siemens | SIMATIC S7-1500 CPU 1518-4 PN/DP MFP |
Affected:
V3.1.5 , < *
(custom)
|
|
| Siemens | SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP |
Affected:
V3.1.5 , < *
(custom)
|
|
| Siemens | SINEC NMS |
Affected:
0 , < V3.0
(custom)
|
|
| Siemens | SIPLUS S7-1500 CPU 1518-4 PN/DP MFP |
Affected:
V3.1.5 , < *
(custom)
|
CISA KEV
Known Exploited Vulnerability - GCVE BCP-07 Compliant
KEV entry ID: 6386c9c4-033b-4ac4-b69d-cdc0288bae9a
Exploited: Yes
Timestamps
First Seen: 2023-10-10
Asserted: 2023-10-10
Scope
Notes: KEV entry: HTTP/2 Rapid Reset Attack Vulnerability | Affected: IETF / HTTP/2 | Description: HTTP/2 contains a rapid reset vulnerability that allows for a distributed denial-of-service attack (DDoS). | Required action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. | Due date: 2023-10-31 | Known ransomware campaign use (KEV): Unknown | Notes (KEV): This vulnerability affects a common open-source component, third-party library, or protocol used by different products. For more information, please see: HTTP/2 Rapid Reset Vulnerability, CVE-2023-44487 | CISA: https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487; https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/; https://nvd.nist.gov/vuln/detail/CVE-2023-44487
Evidence
Type: Vendor Report
Signal: Successful Exploitation
Confidence: 80%
Source: cisa-kev
Details
| Cwes | CWE-400 |
|---|---|
| Feed | CISA Known Exploited Vulnerabilities Catalog |
| Product | HTTP/2 |
| Due Date | 2023-10-31 |
| Date Added | 2023-10-10 |
| Vendorproject | IETF |
| Vulnerabilityname | HTTP/2 Rapid Reset Attack Vulnerability |
| Knownransomwarecampaignuse | Unknown |
References
Created: 2026-02-02 13:24 UTC
| Updated: 2026-02-06 07:53 UTC
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:ietf:http:2.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "http",
"vendor": "ietf",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-44487",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-23T20:34:21.334116Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2023-10-10",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-44487"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T23:05:35.187Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-44487"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-10-10T00:00:00.000Z",
"value": "CVE-2023-44487 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T21:08:27.383Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73"
},
{
"tags": [
"x_transferred"
],
"url": "https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/"
},
{
"tags": [
"x_transferred"
],
"url": "https://aws.amazon.com/security/security-bulletins/AWS-2023-011/"
},
{
"tags": [
"x_transferred"
],
"url": "https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
},
{
"tags": [
"x_transferred"
],
"url": "https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/"
},
{
"tags": [
"x_transferred"
],
"url": "https://news.ycombinator.com/item?id=37831062"
},
{
"tags": [
"x_transferred"
],
"url": "https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/envoyproxy/envoy/pull/30055"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/haproxy/haproxy/issues/2312"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/eclipse/jetty.project/issues/10679"
},
{
"tags": [
"x_transferred"
],
"url": "https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/nghttp2/nghttp2/pull/1961"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/alibaba/tengine/issues/1872"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2"
},
{
"tags": [
"x_transferred"
],
"url": "https://news.ycombinator.com/item?id=37830987"
},
{
"tags": [
"x_transferred"
],
"url": "https://news.ycombinator.com/item?id=37830998"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/caddyserver/caddy/issues/5877"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/bcdannyboy/CVE-2023-44487"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/grpc/grpc-go/pull/6703"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0"
},
{
"tags": [
"x_transferred"
],
"url": "https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://my.f5.com/manage/s/article/K000137106"
},
{
"tags": [
"x_transferred"
],
"url": "https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.proxmox.com/show_bug.cgi?id=4988"
},
{
"tags": [
"x_transferred"
],
"url": "https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9"
},
{
"tags": [
"x_transferred"
],
"url": "https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/microsoft/CBL-Mariner/pull/6381"
},
{
"tags": [
"x_transferred"
],
"url": "https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/facebook/proxygen/pull/466"
},
{
"tags": [
"x_transferred"
],
"url": "https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/micrictor/http2-rst-stream"
},
{
"tags": [
"x_transferred"
],
"url": "https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve"
},
{
"tags": [
"x_transferred"
],
"url": "https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/h2o/h2o/pull/3291"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/nodejs/node/pull/50121"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/dotnet/announcements/issues/277"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/golang/go/issues/63417"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/advisories/GHSA-vx74-f528-fxqg"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/apache/trafficserver/pull/10564"
},
{
"tags": [
"x_transferred"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487"
},
{
"tags": [
"x_transferred"
],
"url": "https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2023/10/10/6"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/opensearch-project/data-prepper/issues/3474"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/kubernetes/kubernetes/pull/121120"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/oqtane/oqtane.framework/discussions/3367"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/advisories/GHSA-xpw8-rcwv-8f8p"
},
{
"tags": [
"x_transferred"
],
"url": "https://netty.io/news/2023/10/10/4-1-100-Final.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/"
},
{
"tags": [
"x_transferred"
],
"url": "https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack"
},
{
"tags": [
"x_transferred"
],
"url": "https://news.ycombinator.com/item?id=37837043"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/kazu-yamamoto/http2/issues/93"
},
{
"tags": [
"x_transferred"
],
"url": "https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113"
},
{
"name": "DSA-5522",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5522"
},
{
"name": "DSA-5521",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5521"
},
{
"tags": [
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/cve-2023-44487"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/ninenines/cowboy/issues/1615"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/varnishcache/varnish-cache/issues/3996"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/tempesta-tech/tempesta/issues/1986"
},
{
"tags": [
"x_transferred"
],
"url": "https://blog.vespa.ai/cve-2023-44487/"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/etcd-io/etcd/issues/16740"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event"
},
{
"tags": [
"x_transferred"
],
"url": "https://istio.io/latest/news/security/istio-security-2023-004/"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/junkurihara/rust-rpxy/issues/97"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1216123"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"tags": [
"x_transferred"
],
"url": "https://ubuntu.com/security/CVE-2023-44487"
},
{
"tags": [
"x_transferred"
],
"url": "https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/advisories/GHSA-qppj-fm5r-hxr3"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/apache/httpd-site/pull/10"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/projectcontour/contour/pull/5826"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/line/armeria/pull/5232"
},
{
"tags": [
"x_transferred"
],
"url": "https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.paloaltonetworks.com/CVE-2023-44487"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/akka/akka-http/issues/4323"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/openresty/openresty/issues/930"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/apache/apisix/issues/10320"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/Azure/AKS/issues/3947"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/Kong/kong/discussions/11741"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/caddyserver/caddy/releases/tag/v2.7.5"
},
{
"name": "[debian-lts-announce] 20231013 [SECURITY] [DLA 3617-1] tomcat9 security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html"
},
{
"name": "[oss-security] 20231013 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/13/4"
},
{
"name": "[oss-security] 20231013 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/13/9"
},
{
"tags": [
"x_transferred"
],
"url": "https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html"
},
{
"name": "FEDORA-2023-ed2642fd58",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/"
},
{
"tags": [
"x_transferred"
],
"url": "https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/"
},
{
"name": "[debian-lts-announce] 20231016 [SECURITY] [DLA 3621-1] nghttp2 security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20231016-0001/"
},
{
"name": "[debian-lts-announce] 20231016 [SECURITY] [DLA 3617-2] tomcat9 regression update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html"
},
{
"name": "[oss-security] 20231018 Vulnerability in Jenkins",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/18/4"
},
{
"name": "[oss-security] 20231018 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/18/8"
},
{
"name": "[oss-security] 20231019 CVE-2023-45802: Apache HTTP Server: HTTP/2 stream memory not reclaimed right away on RST",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/19/6"
},
{
"name": "FEDORA-2023-54fadada12",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/"
},
{
"name": "FEDORA-2023-5ff7bf1dd8",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/"
},
{
"name": "[oss-security] 20231020 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/20/8"
},
{
"name": "FEDORA-2023-17efd3f2cd",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/"
},
{
"name": "FEDORA-2023-d5030c983c",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/"
},
{
"name": "FEDORA-2023-0259c3f26f",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/"
},
{
"name": "FEDORA-2023-2a9214af5f",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/"
},
{
"name": "FEDORA-2023-e9c04d81c1",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/"
},
{
"name": "FEDORA-2023-f66fc0f62a",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/"
},
{
"name": "FEDORA-2023-4d2fd884ea",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/"
},
{
"name": "FEDORA-2023-b2c50535cb",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/"
},
{
"name": "FEDORA-2023-fe53e13b5b",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/"
},
{
"name": "FEDORA-2023-4bf641255e",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/"
},
{
"name": "[debian-lts-announce] 20231030 [SECURITY] [DLA 3641-1] jetty9 security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html"
},
{
"name": "DSA-5540",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5540"
},
{
"name": "[debian-lts-announce] 20231031 [SECURITY] [DLA 3638-1] h2o security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715"
},
{
"name": "FEDORA-2023-1caffb88af",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/"
},
{
"name": "FEDORA-2023-3f70b8d406",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/"
},
{
"name": "FEDORA-2023-7b52921cae",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/"
},
{
"name": "FEDORA-2023-7934802344",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/"
},
{
"name": "FEDORA-2023-dbe64661af",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/"
},
{
"name": "FEDORA-2023-822aab0a5a",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/"
},
{
"name": "[debian-lts-announce] 20231105 [SECURITY] [DLA 3645-1] trafficserver security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html"
},
{
"name": "DSA-5549",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5549"
},
{
"name": "FEDORA-2023-c0c6a91330",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/"
},
{
"name": "FEDORA-2023-492b7be466",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/"
},
{
"name": "DSA-5558",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5558"
},
{
"name": "[debian-lts-announce] 20231119 [SECURITY] [DLA 3656-1] netty security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html"
},
{
"name": "GLSA-202311-09",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202311-09"
},
{
"name": "DSA-5570",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5570"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20240426-0007/"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20240621-0006/"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20240621-0007/"
},
{
"url": "https://www.vicarius.io/vsociety/posts/rapid-reset-cve-2023-44487-dos-in-http2-understanding-the-root-cause"
},
{
"url": "http://www.openwall.com/lists/oss-security/2025/08/13/6"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"defaultStatus": "unknown",
"product": "RUGGEDCOM APE1808",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V3.1.5",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V3.1.5",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V3.1.5",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V3.1.5",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINEC NMS",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1518-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V3.1.5",
"versionType": "custom"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T10:52:23.784Z",
"orgId": "0b142b55-0307-4c5a-b3c9-f314f3fb7c5e",
"shortName": "siemens-SADP"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-832273.html"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-341067.html"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-784301.html"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-915275.html"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-082556.html"
}
],
"x_adpType": "supplier"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-07T20:05:34.376Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73"
},
{
"url": "https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/"
},
{
"url": "https://aws.amazon.com/security/security-bulletins/AWS-2023-011/"
},
{
"url": "https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack"
},
{
"url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
},
{
"url": "https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/"
},
{
"url": "https://news.ycombinator.com/item?id=37831062"
},
{
"url": "https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/"
},
{
"url": "https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack"
},
{
"url": "https://github.com/envoyproxy/envoy/pull/30055"
},
{
"url": "https://github.com/haproxy/haproxy/issues/2312"
},
{
"url": "https://github.com/eclipse/jetty.project/issues/10679"
},
{
"url": "https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764"
},
{
"url": "https://github.com/nghttp2/nghttp2/pull/1961"
},
{
"url": "https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61"
},
{
"url": "https://github.com/alibaba/tengine/issues/1872"
},
{
"url": "https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2"
},
{
"url": "https://news.ycombinator.com/item?id=37830987"
},
{
"url": "https://news.ycombinator.com/item?id=37830998"
},
{
"url": "https://github.com/caddyserver/caddy/issues/5877"
},
{
"url": "https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/"
},
{
"url": "https://github.com/bcdannyboy/CVE-2023-44487"
},
{
"url": "https://github.com/grpc/grpc-go/pull/6703"
},
{
"url": "https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244"
},
{
"url": "https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0"
},
{
"url": "https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html"
},
{
"url": "https://my.f5.com/manage/s/article/K000137106"
},
{
"url": "https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/"
},
{
"url": "https://bugzilla.proxmox.com/show_bug.cgi?id=4988"
},
{
"url": "https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9"
},
{
"name": "[oss-security] 20231010 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/10/7"
},
{
"name": "[oss-security] 20231010 CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/10/6"
},
{
"url": "https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected"
},
{
"url": "https://github.com/microsoft/CBL-Mariner/pull/6381"
},
{
"url": "https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo"
},
{
"url": "https://github.com/facebook/proxygen/pull/466"
},
{
"url": "https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088"
},
{
"url": "https://github.com/micrictor/http2-rst-stream"
},
{
"url": "https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve"
},
{
"url": "https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/"
},
{
"url": "https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf"
},
{
"url": "https://github.com/h2o/h2o/pull/3291"
},
{
"url": "https://github.com/nodejs/node/pull/50121"
},
{
"url": "https://github.com/dotnet/announcements/issues/277"
},
{
"url": "https://github.com/golang/go/issues/63417"
},
{
"url": "https://github.com/advisories/GHSA-vx74-f528-fxqg"
},
{
"url": "https://github.com/apache/trafficserver/pull/10564"
},
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487"
},
{
"url": "https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14"
},
{
"url": "https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q"
},
{
"url": "https://www.openwall.com/lists/oss-security/2023/10/10/6"
},
{
"url": "https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487"
},
{
"url": "https://github.com/opensearch-project/data-prepper/issues/3474"
},
{
"url": "https://github.com/kubernetes/kubernetes/pull/121120"
},
{
"url": "https://github.com/oqtane/oqtane.framework/discussions/3367"
},
{
"url": "https://github.com/advisories/GHSA-xpw8-rcwv-8f8p"
},
{
"url": "https://netty.io/news/2023/10/10/4-1-100-Final.html"
},
{
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
},
{
"url": "https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/"
},
{
"url": "https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack"
},
{
"url": "https://news.ycombinator.com/item?id=37837043"
},
{
"url": "https://github.com/kazu-yamamoto/http2/issues/93"
},
{
"url": "https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html"
},
{
"url": "https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1"
},
{
"url": "https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113"
},
{
"name": "DSA-5522",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5522"
},
{
"name": "DSA-5521",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5521"
},
{
"url": "https://access.redhat.com/security/cve/cve-2023-44487"
},
{
"url": "https://github.com/ninenines/cowboy/issues/1615"
},
{
"url": "https://github.com/varnishcache/varnish-cache/issues/3996"
},
{
"url": "https://github.com/tempesta-tech/tempesta/issues/1986"
},
{
"url": "https://blog.vespa.ai/cve-2023-44487/"
},
{
"url": "https://github.com/etcd-io/etcd/issues/16740"
},
{
"url": "https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event"
},
{
"url": "https://istio.io/latest/news/security/istio-security-2023-004/"
},
{
"url": "https://github.com/junkurihara/rust-rpxy/issues/97"
},
{
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1216123"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"url": "https://ubuntu.com/security/CVE-2023-44487"
},
{
"url": "https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125"
},
{
"url": "https://github.com/advisories/GHSA-qppj-fm5r-hxr3"
},
{
"url": "https://github.com/apache/httpd-site/pull/10"
},
{
"url": "https://github.com/projectcontour/contour/pull/5826"
},
{
"url": "https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632"
},
{
"url": "https://github.com/line/armeria/pull/5232"
},
{
"url": "https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/"
},
{
"url": "https://security.paloaltonetworks.com/CVE-2023-44487"
},
{
"url": "https://github.com/akka/akka-http/issues/4323"
},
{
"url": "https://github.com/openresty/openresty/issues/930"
},
{
"url": "https://github.com/apache/apisix/issues/10320"
},
{
"url": "https://github.com/Azure/AKS/issues/3947"
},
{
"url": "https://github.com/Kong/kong/discussions/11741"
},
{
"url": "https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487"
},
{
"url": "https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/"
},
{
"url": "https://github.com/caddyserver/caddy/releases/tag/v2.7.5"
},
{
"name": "[debian-lts-announce] 20231013 [SECURITY] [DLA 3617-1] tomcat9 security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html"
},
{
"name": "[oss-security] 20231013 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/13/4"
},
{
"name": "[oss-security] 20231013 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/13/9"
},
{
"url": "https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/"
},
{
"url": "https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html"
},
{
"name": "FEDORA-2023-ed2642fd58",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/"
},
{
"url": "https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/"
},
{
"name": "[debian-lts-announce] 20231016 [SECURITY] [DLA 3621-1] nghttp2 security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html"
},
{
"url": "https://security.netapp.com/advisory/ntap-20231016-0001/"
},
{
"name": "[debian-lts-announce] 20231016 [SECURITY] [DLA 3617-2] tomcat9 regression update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html"
},
{
"name": "[oss-security] 20231018 Vulnerability in Jenkins",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/18/4"
},
{
"name": "[oss-security] 20231018 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/18/8"
},
{
"name": "[oss-security] 20231019 CVE-2023-45802: Apache HTTP Server: HTTP/2 stream memory not reclaimed right away on RST",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/19/6"
},
{
"name": "FEDORA-2023-54fadada12",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/"
},
{
"name": "FEDORA-2023-5ff7bf1dd8",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/"
},
{
"name": "[oss-security] 20231020 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/20/8"
},
{
"name": "FEDORA-2023-17efd3f2cd",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/"
},
{
"name": "FEDORA-2023-d5030c983c",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/"
},
{
"name": "FEDORA-2023-0259c3f26f",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/"
},
{
"name": "FEDORA-2023-2a9214af5f",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/"
},
{
"name": "FEDORA-2023-e9c04d81c1",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/"
},
{
"name": "FEDORA-2023-f66fc0f62a",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/"
},
{
"name": "FEDORA-2023-4d2fd884ea",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/"
},
{
"name": "FEDORA-2023-b2c50535cb",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/"
},
{
"name": "FEDORA-2023-fe53e13b5b",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/"
},
{
"name": "FEDORA-2023-4bf641255e",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/"
},
{
"name": "[debian-lts-announce] 20231030 [SECURITY] [DLA 3641-1] jetty9 security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html"
},
{
"name": "DSA-5540",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5540"
},
{
"name": "[debian-lts-announce] 20231031 [SECURITY] [DLA 3638-1] h2o security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html"
},
{
"url": "https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715"
},
{
"name": "FEDORA-2023-1caffb88af",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/"
},
{
"name": "FEDORA-2023-3f70b8d406",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/"
},
{
"name": "FEDORA-2023-7b52921cae",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/"
},
{
"name": "FEDORA-2023-7934802344",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/"
},
{
"name": "FEDORA-2023-dbe64661af",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/"
},
{
"name": "FEDORA-2023-822aab0a5a",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/"
},
{
"name": "[debian-lts-announce] 20231105 [SECURITY] [DLA 3645-1] trafficserver security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html"
},
{
"name": "DSA-5549",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5549"
},
{
"name": "FEDORA-2023-c0c6a91330",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/"
},
{
"name": "FEDORA-2023-492b7be466",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/"
},
{
"name": "DSA-5558",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5558"
},
{
"name": "[debian-lts-announce] 20231119 [SECURITY] [DLA 3656-1] netty security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html"
},
{
"name": "GLSA-202311-09",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202311-09"
},
{
"name": "DSA-5570",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5570"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240426-0007/"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240621-0006/"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240621-0007/"
},
{
"url": "https://github.com/grpc/grpc/releases/tag/v1.59.2"
},
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-http2-reset-d8Kf32vZ"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-44487",
"datePublished": "2023-10-10T00:00:00.000Z",
"dateReserved": "2023-09-29T00:00:00.000Z",
"dateUpdated": "2026-05-12T10:52:23.784Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"cisa_known_exploited": {
"cveID": "CVE-2023-44487",
"cwes": "[\"CWE-400\"]",
"dateAdded": "2023-10-10",
"dueDate": "2023-10-31",
"knownRansomwareCampaignUse": "Unknown",
"notes": "This vulnerability affects a common open-source component, third-party library, or protocol used by different products. For more information, please see: HTTP/2 Rapid Reset Vulnerability, CVE-2023-44487 | CISA: https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487; https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/; https://nvd.nist.gov/vuln/detail/CVE-2023-44487",
"product": "HTTP/2",
"requiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"shortDescription": "HTTP/2 contains a rapid reset vulnerability that allows for a distributed denial-of-service attack (DDoS).",
"vendorProject": "IETF",
"vulnerabilityName": "HTTP/2 Rapid Reset Attack Vulnerability"
},
"epss": {
"cve": "CVE-2023-44487",
"date": "2026-06-08",
"epss": "0.944",
"percentile": "0.99976"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2023-44487\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2023-10-10T14:15:10.883\",\"lastModified\":\"2026-05-12T15:10:32.260\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.\"},{\"lang\":\"es\",\"value\":\"El protocolo HTTP/2 permite una denegaci\u00f3n de servicio (consumo de recursos del servidor) porque la cancelaci\u00f3n de solicitudes puede restablecer muchas transmisiones r\u00e1pidamente, como se explot\u00f3 en la naturaleza entre agosto y octubre de 2023.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"cisaExploitAdd\":\"2023-10-10\",\"cisaActionDue\":\"2023-10-31\",\"cisaRequiredAction\":\"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.\",\"cisaVulnerabilityName\":\"HTTP/2 Rapid Reset Attack Vulnerability\",\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-400\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:simatic_s7-1500_cpu_1518f-4_pn\\\\/dp_mfp_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.1.5\",\"matchCriteriaId\":\"2A7548B8-3DF7-46D9-8A4F-87C38969D900\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:simatic_s7-1500_cpu_1518f-4_pn\\\\/dp_mfp:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5B1EE93D-BAD2-4B86-910C-8784FCC9F398\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:sinec_ins:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0\",\"matchCriteriaId\":\"C89891C1-DFD7-4E1F-80A9-7485D86A15B5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:sinec_ins:1.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"4664B195-AF14-4834-82B3-0B2C98020EB6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:sinec_ins:1.0:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"75BC588E-CDF0-404E-AD61-02093A1DF343\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:sinec_ins:1.0:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"A334F7B4-7283-4453-BAED-D2E01B7F8A6E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:sinec_ins:1.0:sp2_update_1:*:*:*:*:*:*\",\"matchCriteriaId\":\"A6BEA71C-CA81-4B5D-A688-2B21E62DC351\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:sinec_ins:1.0:sp2_update_2:*:*:*:*:*:*\",\"matchCriteriaId\":\"6B405F22-5517-49F5-A7CA-1E50D58DFC75\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:sinec_nms:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.0\",\"matchCriteriaId\":\"AE06B8AF-B36C-4743-A056-30712163F75B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:st7_scadaconnect:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.1\",\"matchCriteriaId\":\"BCBD17AE-C1AE-4ECF-A991-0FFBDD06D687\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:ruggedcom_ape1808_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"37FDCA69-9049-40B4-88AF-F476901022B6\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:ruggedcom_ape1808:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B89A6863-B602-4404-8D26-337FECABFFF0\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:simatic_s7-1500_cpu_1518-4_pn\\\\/dp_mfp_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.1.5\",\"matchCriteriaId\":\"99E36624-A573-47D9-B158-B18A8A822FBA\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:simatic_s7-1500_cpu_1518-4_pn\\\\/dp:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"40F38253-92F5-4A3A-AA07-292F7542D8A6\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:siplus_s7-1500_cpu_1518-4_pn\\\\/dp_mfp_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.1.5\",\"matchCriteriaId\":\"19F1C257-0EE6-47DE-B4BE-169F801FFDD8\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:siplus_s7-1500_cpu_1518-4_pn\\\\/dp_mfp:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E2F63E0A-126D-4A93-8159-45EB5E606F81\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ietf:http:2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D5200E35-222B-42E0-83E0-5B702684D992\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nghttp2:nghttp2:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.57.0\",\"matchCriteriaId\":\"C3BDC297-F023-4E87-8518-B84CCF9DD6A8\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netty:netty:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.1.100\",\"matchCriteriaId\":\"D12D5257-7ED2-400F-9EF7-40E0D3650C2B\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:envoyproxy:envoy:1.24.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1B058776-B5B7-4079-B0AF-23F40926DCEC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:envoyproxy:envoy:1.25.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D565975-EFD9-467C-B6E3-1866A4EF17A4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:envoyproxy:envoy:1.26.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D487271-1B5E-4F16-B0CB-A7B8908935C6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:envoyproxy:envoy:1.27.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BA6ED627-EFB3-4BDD-8ECC-C5947A1470B2\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"9.4.53\",\"matchCriteriaId\":\"A4A6F189-6C43-462D-85C9-B0EBDA8A4683\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.0.0\",\"versionEndExcluding\":\"10.0.17\",\"matchCriteriaId\":\"C993C920-85C0-4181-A95E-5D965A670738\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.0.0\",\"versionEndExcluding\":\"11.0.17\",\"matchCriteriaId\":\"08E79A8E-E12C-498F-AF4F-1AAA7135661E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"12.0.0\",\"versionEndExcluding\":\"12.0.2\",\"matchCriteriaId\":\"F138D800-9A3B-4C76-8A3C-4793083A1517\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:caddyserver:caddy:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.7.5\",\"matchCriteriaId\":\"6341DDDA-AD27-4087-9D59-0A212F0037B4\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.20.10\",\"matchCriteriaId\":\"328120E4-C031-44B4-9BE5-03B0CDAA066F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.21.0\",\"versionEndExcluding\":\"1.21.3\",\"matchCriteriaId\":\"5FD9AB15-E5F6-4DBC-9EC7-D0ABA705802A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:golang:http2:*:*:*:*:*:go:*:*\",\"versionEndExcluding\":\"0.17.0\",\"matchCriteriaId\":\"D7D2F801-6F65-4705-BCB9-D057EA54A707\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:golang:networking:*:*:*:*:*:go:*:*\",\"versionEndExcluding\":\"0.17.0\",\"matchCriteriaId\":\"801F25DA-F38C-4452-8E90-235A3B1A5FF0\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.5\",\"matchCriteriaId\":\"D93F04AD-DF14-48AB-9F13-8B2E491CF42E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"7522C760-7E07-406F-BF50-5656D5723C4F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndIncluding\":\"15.1.10\",\"matchCriteriaId\":\"3A7F605E-EB10-40FB-98D6-7E3A95E310BC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndIncluding\":\"16.1.4\",\"matchCriteriaId\":\"783E62F2-F867-48F1-B123-D1227C970674\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_access_policy_manager:17.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A8D90B7-A1AF-4EFB-B688-1563D81E5C6D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.5\",\"matchCriteriaId\":\"6603ED6A-3366-4572-AFCD-B3D4B1EC7606\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"88978E38-81D3-4EFE-8525-A300B101FA69\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndIncluding\":\"15.1.10\",\"matchCriteriaId\":\"0510296F-92D7-4388-AE3A-0D9799C2FC4D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndIncluding\":\"16.1.4\",\"matchCriteriaId\":\"D7698D6C-B1F7-43C1-BBA6-88E956356B3D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:17.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1A1CC91B-6920-4AF0-9EDD-DD3189E78F4D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.5\",\"matchCriteriaId\":\"05E452AA-A520-4CBE-8767-147772B69194\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"596FC5D5-7329-4E39-841E-CAE937C02219\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndIncluding\":\"15.1.10\",\"matchCriteriaId\":\"B3C7A168-F370-441E-8790-73014BCEC39F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndIncluding\":\"16.1.4\",\"matchCriteriaId\":\"CF16FD01-7704-40AB-ACB2-80A883804D22\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:17.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1769D69A-CB59-46B1-89B3-FB97DC6DEB9B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.5\",\"matchCriteriaId\":\"9167FEC1-2C37-4946-9657-B4E69301FB24\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"7B4B3442-E0C0-48CD-87AD-060E15C9801E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndIncluding\":\"15.1.10\",\"matchCriteriaId\":\"8FA85EC1-D91A-49DD-949B-2AF7AC813CA5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndIncluding\":\"16.1.4\",\"matchCriteriaId\":\"20662BB0-4C3D-4CF0-B068-3555C65DD06C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_analytics:17.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"59203EBF-C52A-45A1-B8DF-00E17E3EFB51\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.5\",\"matchCriteriaId\":\"7EC2324D-EC8B-41DF-88A7-819E53AAD0FC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"9B88F9D1-B54B-40C7-A18A-26C4A071D7EC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndIncluding\":\"15.1.10\",\"matchCriteriaId\":\"C8F39403-C259-4D6F-9E9A-53671017EEDB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndIncluding\":\"16.1.4\",\"matchCriteriaId\":\"220F2D38-FA82-45EF-B957-7678C9FEDBC1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_acceleration_manager:17.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C698C1C-A3DD-46E2-B05A-12F2604E7F85\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.5\",\"matchCriteriaId\":\"922AA845-530A-4B4B-9976-4CBC30C8A324\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"F938EB43-8373-47EB-B269-C6DF058A9244\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndIncluding\":\"15.1.10\",\"matchCriteriaId\":\"1771493E-ACAA-477F-8AB4-25DB12F6AD6E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndIncluding\":\"16.1.4\",\"matchCriteriaId\":\"5E86F3D5-65A4-48CE-A6A2-736BBB88E3F8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_security_manager:17.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"87670A74-34FE-45DF-A725-25B804C845B3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.5\",\"matchCriteriaId\":\"C7E422F6-C4C2-43AC-B137-0997B5739030\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"CC3F710F-DBCB-4976-9719-CF063DA22377\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndIncluding\":\"15.1.10\",\"matchCriteriaId\":\"4B9B76A1-7C5A-453F-A4ED-F1A81BCEBEB5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndIncluding\":\"16.1.4\",\"matchCriteriaId\":\"88EDFCD9-775C-48FA-9CDA-2B04DA8D0612\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:17.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"67DB21AE-DF53-442D-B492-C4ED9A20B105\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.5\",\"matchCriteriaId\":\"4C9FCBCB-9CE0-49E7-85C8-69E71D211912\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"112DFA85-90AD-478D-BD70-8C7C0C074F1B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndIncluding\":\"15.1.10\",\"matchCriteriaId\":\"DB704A1C-D8B7-48BB-A15A-C14DB591FE4A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndIncluding\":\"16.1.4\",\"matchCriteriaId\":\"21D51D9F-2840-4DEA-A007-D20111A1745C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_carrier-grade_nat:17.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7BC1D037-74D2-4F92-89AD-C90F6CBF440B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.5\",\"matchCriteriaId\":\"CAEF3EA4-7D5A-4B44-9CE3-258AEC745866\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"2FBCE2D1-9D93-415D-AB2C-2060307C305A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndIncluding\":\"15.1.10\",\"matchCriteriaId\":\"8070B469-8CC4-4D2F-97D7-12D0ABB963C1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndIncluding\":\"16.1.4\",\"matchCriteriaId\":\"A326597E-725D-45DE-BEF7-2ED92137B253\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:17.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7B235A78-649B-46C5-B24B-AB485A884654\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.5\",\"matchCriteriaId\":\"08B25AAB-A98C-4F89-9131-29E3A8C0ED23\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"ED9B976A-D3AD-4445-BF8A-067C3EBDFBB0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndIncluding\":\"15.1.10\",\"matchCriteriaId\":\"98D2CE1E-DED0-470A-AA78-C78EF769C38E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndIncluding\":\"16.1.4\",\"matchCriteriaId\":\"C966FABA-7199-4F0D-AB8C-4590FE9D2FFF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_domain_name_system:17.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"84D00768-E71B-4FF7-A7BF-F2C8CFBC900D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.5\",\"matchCriteriaId\":\"E3D2ABA3-D4A9-4267-B0DF-7C3BBEEAEB66\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"BC36311E-BB00-4750-85C8-51F5A2604F07\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndIncluding\":\"15.1.10\",\"matchCriteriaId\":\"A65D357E-4B40-42EC-9AAA-2B6CEF78C401\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndIncluding\":\"16.1.4\",\"matchCriteriaId\":\"D7EF9865-FE65-4DFB-BF21-62FBCE65FF1C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_fraud_protection_service:17.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ABBD10E8-6054-408F-9687-B9BF6375CA09\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.5\",\"matchCriteriaId\":\"E6018B01-048C-43BB-A78D-66910ED60CA9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"3A6A5686-5A8B-45D5-9165-BC99D2CCAC47\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndIncluding\":\"15.1.10\",\"matchCriteriaId\":\"5D2A121F-5BD2-4263-8ED3-1DDE25B5C306\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndIncluding\":\"16.1.4\",\"matchCriteriaId\":\"0A4F7BAD-3EDD-4DE0-AAB7-DE5ACA34DD79\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_global_traffic_manager:17.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"83794B04-87E2-4CA9-81F5-BB820D0F5395\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.5\",\"matchCriteriaId\":\"D9EC2237-117F-43BD-ADEC-516CF72E04EF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"F70D4B6F-65CF-48F4-9A07-072DFBCE53D9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndIncluding\":\"15.1.10\",\"matchCriteriaId\":\"29563719-1AF2-4BB8-8CCA-A0869F87795D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndIncluding\":\"16.1.4\",\"matchCriteriaId\":\"D24815DD-579A-46D1-B9F2-3BB2C56BC54D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_link_controller:17.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A6E7035-3299-474F-8F67-945EA9A059D0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.5\",\"matchCriteriaId\":\"0360F76D-E75E-4B05-A294-B47012323ED9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"7A4607BF-41AC-4E84-A110-74E085FF0445\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndIncluding\":\"15.1.10\",\"matchCriteriaId\":\"441CC945-7CA3-49C0-AE10-94725301E31D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndIncluding\":\"16.1.4\",\"matchCriteriaId\":\"46BA8E8A-6ED5-4FB2-8BBC-586AA031085A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_local_traffic_manager:17.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"56FB92F7-FF1E-425D-A5AB-9D9FB0BB9450\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_next:20.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"969C4F14-F6D6-46D6-B348-FC1463877680\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_next_service_proxy_for_kubernetes:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.5.0\",\"versionEndIncluding\":\"1.8.2\",\"matchCriteriaId\":\"41AD5040-1250-45F5-AB63-63F333D49BCC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.5\",\"matchCriteriaId\":\"8257AA59-C14D-4EC1-B22C-DFBB92CBC297\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"37DB32BB-F4BA-4FB5-94B1-55C3F06749CF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndIncluding\":\"15.1.10\",\"matchCriteriaId\":\"FFF5007E-761C-4697-8D34-C064DF0ABE8D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndIncluding\":\"16.1.4\",\"matchCriteriaId\":\"910441D3-90EF-4375-B007-D51120A60AB2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:17.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"667EB77B-DA13-4BA4-9371-EE3F3A109F38\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.5\",\"matchCriteriaId\":\"8A6F9699-A485-4614-8F38-5A556D31617E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"5A90F547-97A2-41EC-9FDF-25F869F0FA38\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndIncluding\":\"15.1.10\",\"matchCriteriaId\":\"E76E1B82-F1DC-4366-B388-DBDF16C586A0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndIncluding\":\"16.1.4\",\"matchCriteriaId\":\"660137F4-15A1-42D1-BBAC-99A1D5BB398B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_ssl_orchestrator:17.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C446827A-1F71-4FAD-9422-580642D26AD1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.5\",\"matchCriteriaId\":\"1932D32D-0E4B-4BBD-816F-6D47AB2E2F04\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"D47B7691-A95B-45C0-BAB4-27E047F3C379\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndIncluding\":\"15.1.10\",\"matchCriteriaId\":\"2CD1637D-0E42-4928-867A-BA0FDB6E8462\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndIncluding\":\"16.1.4\",\"matchCriteriaId\":\"3A599F90-F66B-4DF0-AD7D-D234F328BD59\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_webaccelerator:17.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3D1B2000-C3FE-4B4C-885A-A5076EB164E1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.5\",\"matchCriteriaId\":\"5326759A-AFB0-4A15-B4E9-3C9A2E5DB32A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"57D92D05-C67D-437E-88F3-DCC3F6B0ED2F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndIncluding\":\"15.1.10\",\"matchCriteriaId\":\"ECCB8C30-861E-4E48-A5F5-30EE523C1FB6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndIncluding\":\"16.1.4\",\"matchCriteriaId\":\"F5FEAD2A-3A58-432E-BEBB-6E3FDE24395F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_websafe:17.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8AB23AE6-245E-43D6-B832-933F8259F937\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.9.5\",\"versionEndIncluding\":\"1.25.2\",\"matchCriteriaId\":\"1188B4A9-2684-413C-83D1-E91C75AE0FCF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:nginx_ingress_controller:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.0.0\",\"versionEndIncluding\":\"2.4.2\",\"matchCriteriaId\":\"3337609D-5291-4A52-BC6A-6A8D4E60EB20\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:nginx_ingress_controller:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.0.0\",\"versionEndIncluding\":\"3.3.0\",\"matchCriteriaId\":\"6CF0ABD9-EB28-4966-8C31-EED7AFBF1527\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:nginx_plus:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"r25\",\"versionEndExcluding\":\"r29\",\"matchCriteriaId\":\"F291CB34-47A4-425A-A200-087CC295AEC8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:nginx_plus:r29:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"5892B558-EC3A-43FF-A1D5-B2D9F70796F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:nginx_plus:r30:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"96BF2B19-52C7-4051-BA58-CAE6F912B72F\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.5.0\",\"versionEndIncluding\":\"8.5.93\",\"matchCriteriaId\":\"ABD26B48-CC80-4FAE-BD3D-78DE4C80C92B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"9.0.0\",\"versionEndIncluding\":\"9.0.80\",\"matchCriteriaId\":\"F3EC20B6-B2AB-41F5-9BF9-D16C1FE67C34\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.1.0\",\"versionEndIncluding\":\"10.1.13\",\"matchCriteriaId\":\"0765CC3D-AB1A-4147-8900-EF4C105321F2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:11.0.0:milestone1:*:*:*:*:*:*\",\"matchCriteriaId\":\"D1AA7FF6-E8E7-4BF6-983E-0A99B0183008\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:11.0.0:milestone10:*:*:*:*:*:*\",\"matchCriteriaId\":\"57088BDD-A136-45EF-A8A1-2EBF79CEC2CE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:11.0.0:milestone11:*:*:*:*:*:*\",\"matchCriteriaId\":\"B32D1D7A-A04F-444E-8F45-BB9A9E4B0199\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:11.0.0:milestone2:*:*:*:*:*:*\",\"matchCriteriaId\":\"2AAD52CE-94F5-4F98-A027-9A7E68818CB6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:11.0.0:milestone3:*:*:*:*:*:*\",\"matchCriteriaId\":\"F1F981F5-035A-4EDD-8A9F-481EE8BC7FF7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:11.0.0:milestone4:*:*:*:*:*:*\",\"matchCriteriaId\":\"03A171AF-2EC8-4422-912C-547CDB58CAAA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:11.0.0:milestone5:*:*:*:*:*:*\",\"matchCriteriaId\":\"538E68C4-0BA4-495F-AEF8-4EF6EE7963CF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:11.0.0:milestone6:*:*:*:*:*:*\",\"matchCriteriaId\":\"49350A6E-5E1D-45B2-A874-3B8601B3ADCC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:11.0.0:milestone7:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F50942F-DF54-46C0-8371-9A476DD3EEA3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:11.0.0:milestone8:*:*:*:*:*:*\",\"matchCriteriaId\":\"D12C2C95-B79F-4AA4-8CE3-99A3EE7991AB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:11.0.0:milestone9:*:*:*:*:*:*\",\"matchCriteriaId\":\"98792138-DD56-42DF-9612-3BDC65EEC117\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:swiftnio_http\\\\/2:*:*:*:*:*:swift:*:*\",\"versionEndExcluding\":\"1.28.0\",\"matchCriteriaId\":\"08190072-3880-4EF5-B642-BA053090D95B\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:grpc:grpc:*:*:*:*:*:go:*:*\",\"versionEndExcluding\":\"1.56.3\",\"matchCriteriaId\":\"5F4CDEA9-CB47-4881-B096-DA896E2364F3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:grpc:grpc:*:*:*:*:*:-:*:*\",\"versionEndIncluding\":\"1.59.2\",\"matchCriteriaId\":\"E65AF7BC-7DAE-408A-8485-FBED22815F75\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:grpc:grpc:*:*:*:*:*:go:*:*\",\"versionStartIncluding\":\"1.58.0\",\"versionEndExcluding\":\"1.58.3\",\"matchCriteriaId\":\"DD868DDF-C889-4F36-B5E6-68B6D9EA48CC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:grpc:grpc:1.57.0:-:*:*:*:go:*:*\",\"matchCriteriaId\":\"FBD991E2-DB5A-4AAD-95BA-4B5ACB811C96\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.0.0\",\"versionEndExcluding\":\"6.0.23\",\"matchCriteriaId\":\"4496821E-BD55-4F31-AD9C-A3D66CBBD6BD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.0.0\",\"versionEndExcluding\":\"7.0.12\",\"matchCriteriaId\":\"8DF7ECF6-178D-433C-AA21-BAE9EF248F37\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:asp.net_core:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.0.0\",\"versionEndExcluding\":\"6.0.23\",\"matchCriteriaId\":\"1C3418F4-B8BF-4666-BB39-C188AB01F45C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:asp.net_core:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.0.0\",\"versionEndExcluding\":\"7.0.12\",\"matchCriteriaId\":\"1278DD1C-EFA9-4316-AD32-24C1B1FB0CEA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:azure_kubernetes_service:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2023-10-08\",\"matchCriteriaId\":\"3BDFB0FF-0F4A-4B7B-94E8-ED72A8106314\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"17.0\",\"versionEndExcluding\":\"17.2.20\",\"matchCriteriaId\":\"16A8F269-E07E-402F-BFD5-60F3988A5EAF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"17.4\",\"versionEndExcluding\":\"17.4.12\",\"matchCriteriaId\":\"C4B2B972-69E2-4D21-9A7C-B2AFF1D89EB8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"17.6\",\"versionEndExcluding\":\"17.6.8\",\"matchCriteriaId\":\"DA5834D4-F52F-41C0-AA11-C974FFEEA063\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"17.7\",\"versionEndExcluding\":\"17.7.5\",\"matchCriteriaId\":\"2166106F-ACD6-4C7B-B0CC-977B83CC5F73\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*\",\"versionEndExcluding\":\"10.0.14393.6351\",\"matchCriteriaId\":\"4CD49C41-6D90-47D3-AB4F-4A74169D3A8F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*\",\"versionEndExcluding\":\"10.0.14393.6351\",\"matchCriteriaId\":\"BAEFEE13-9CD7-46A2-8AF6-0A33C79C05F1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.0.17763.4974\",\"matchCriteriaId\":\"E500D59C-6597-45E9-A57B-BE26C0C231D3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.0.19044.3570\",\"matchCriteriaId\":\"C9F9A643-90C6-489C-98A0-D2739CE72F86\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.0.19045.3570\",\"matchCriteriaId\":\"1814619C-ED07-49E0-A50A-E28D824D43BC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.0.22000.2538\",\"matchCriteriaId\":\"100A27D3-87B0-4E72-83F6-7605E3F35E63\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.0.22621.2428\",\"matchCriteriaId\":\"C6A36795-0238-45C9-ABE6-3DCCF751915B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB79EE26-FC32-417D-A49C-A1A63165A968\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"821614DD-37DD-44E2-A8A4-FE8D23A33C3C\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"18.0.0\",\"versionEndExcluding\":\"18.18.2\",\"matchCriteriaId\":\"94BAB9EB-1527-4D9A-BADE-0708579536CF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"20.0.0\",\"versionEndExcluding\":\"20.8.1\",\"matchCriteriaId\":\"69843DE4-4721-4F0A-A9B7-0F6DF5AAA388\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:cbl-mariner:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2023-10-11\",\"matchCriteriaId\":\"B25279EF-C406-4133-99ED-0492703E0A4E\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:dena:h2o:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2023-10-10\",\"matchCriteriaId\":\"9FFFF84B-F35C-43DE-959A-A5D10C3AE9F5\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:facebook:proxygen:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2023.10.16.00\",\"matchCriteriaId\":\"9DCE8C89-7C22-48CA-AF22-B34C8AA2CB8C\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:apisix:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.6.1\",\"matchCriteriaId\":\"EDEB508E-0EBD-4450-9074-983DDF568AB4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.0.0\",\"versionEndExcluding\":\"8.1.9\",\"matchCriteriaId\":\"93A1A748-6C71-4191-8A16-A93E94E2CDE4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"9.0.0\",\"versionEndExcluding\":\"9.2.3\",\"matchCriteriaId\":\"4E4BCAF6-B246-41EC-9EE1-24296BFC4F5A\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:amazon:opensearch_data_prepper:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.5.0\",\"matchCriteriaId\":\"6F70360D-6214-46BA-AF82-6AB01E13E4E9\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA6FEEC2-9F11-4643-8827-749718254FED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"46D69DCC-AE4D-4EA5-861C-D60951444C6C\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:kazu-yamamoto:http2:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.2.2\",\"matchCriteriaId\":\"E2DA759E-1AF8-49D3-A3FC-1B426C13CA82\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:istio:istio:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.17.6\",\"matchCriteriaId\":\"28BE6F7B-AE66-4C8A-AAFA-F1262671E9BF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:istio:istio:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.18.0\",\"versionEndExcluding\":\"1.18.3\",\"matchCriteriaId\":\"F0C8E760-C8D2-483A-BBD4-6A6D292A3874\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:istio:istio:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.19.0\",\"versionEndExcluding\":\"1.19.1\",\"matchCriteriaId\":\"5D0F78BB-6A05-4C97-A8DB-E731B6CC8CC7\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:varnish_cache_project:varnish_cache:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2023-10-10\",\"matchCriteriaId\":\"050AE218-3871-44D6-94DA-12D84C2093CB\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:traefik:traefik:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.10.5\",\"matchCriteriaId\":\"B36BFFB0-C0EC-4926-A1DB-0B711C846A68\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:traefik:traefik:3.0.0:beta1:*:*:*:*:*:*\",\"matchCriteriaId\":\"376EAF9B-E994-4268-9704-0A45EA30270F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:traefik:traefik:3.0.0:beta2:*:*:*:*:*:*\",\"matchCriteriaId\":\"F3D08335-C291-4623-B80C-3B14C4D1FA32\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:traefik:traefik:3.0.0:beta3:*:*:*:*:*:*\",\"matchCriteriaId\":\"21033CEE-CEF5-4B0D-A565-4A6FC764AA6D\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:projectcontour:contour:*:*:*:*:*:kubernetes:*:*\",\"versionEndExcluding\":\"2023-10-11\",\"matchCriteriaId\":\"FC4C66B1-42C0-495D-AE63-2889DE0BED84\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:linkerd:linkerd:*:*:*:*:stable:kubernetes:*:*\",\"versionStartIncluding\":\"2.12.0\",\"versionEndIncluding\":\"2.12.5\",\"matchCriteriaId\":\"8633E263-F066-4DD8-A734-90207207A873\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:linkerd:linkerd:2.13.0:*:*:*:stable:kubernetes:*:*\",\"matchCriteriaId\":\"34A23BD9-A0F4-4D85-8011-EAC93C29B4E8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:linkerd:linkerd:2.13.1:*:*:*:stable:kubernetes:*:*\",\"matchCriteriaId\":\"27ED3533-A795-422F-B923-68BE071DC00D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:linkerd:linkerd:2.14.0:*:*:*:stable:kubernetes:*:*\",\"matchCriteriaId\":\"45F7E352-3208-4188-A5B1-906E00DF9896\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:linkerd:linkerd:2.14.1:*:*:*:stable:kubernetes:*:*\",\"matchCriteriaId\":\"DF89A8AD-66FE-439A-B732-CAAB304D765B\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:linecorp:armeria:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.26.0\",\"matchCriteriaId\":\"A400C637-AF18-4BEE-B57C-145261B65DEC\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:3scale_api_management_platform:2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"653A5B08-0D02-4362-A8B1-D00B24C6C6F2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:advanced_cluster_management_for_kubernetes:2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4B0E6B4B-BAA6-474E-A18C-72C9719CEC1F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:advanced_cluster_security:3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F0FD736A-8730-446A-BA3A-7B608DB62B0E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:advanced_cluster_security:4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F4C504B6-3902-46E2-82B7-48AEC9CDD48D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:ansible_automation_platform:2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7B4BE2D6-43C3-4065-A213-5DB1325DC78F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:build_of_optaplanner:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1D54F5AE-61EC-4434-9D5F-9394A3979894\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:build_of_quarkus:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE29B9D6-63DC-4779-ACE8-4E51E6A0AF37\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:ceph_storage:5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4E37E1B3-6F68-4502-85D6-68333643BDFF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:cert-manager_operator_for_red_hat_openshift:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D5A7736-A403-4617-8790-18E46CB74DA6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:certification_for_red_hat_enterprise_linux:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"33F13B03-69BF-4A8B-A0A0-7F47FD857461\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:certification_for_red_hat_enterprise_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9393119E-F018-463F-9548-60436F104195\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:cost_management:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DC45EE1E-2365-42D4-9D55-92FA24E5ED3A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:cryostat:2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E567CD9F-5A43-4D25-B911-B5D0440698F4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:decision_manager:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"68146098-58F8-417E-B165-5182527117C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:fence_agents_remediation_operator:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CB4D6790-63E5-4043-B8BE-B489D649061D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:integration_camel_for_spring_boot:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"78698F40-0777-4990-822D-02E1B5D0E2C0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:integration_camel_k:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B87C8AD3-8878-4546-86C2-BF411876648C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:integration_service_registry:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EF03BDE8-602D-4DEE-BA5B-5B20FDF47741\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_a-mq:7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A58966CB-36AF-4E64-AB39-BE3A0753E155\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_a-mq_streams:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"585BC540-073B-425B-B664-5EA4C00AFED6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_core_services:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9B453CF7-9AA6-4B94-A003-BF7AE0B82F53\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_data_grid:7.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD354E32-A8B0-484C-B4C6-9FBCD3430D2D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B142ACCC-F7A9-4A3B-BE60-0D6691D5058D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"72A54BDA-311C-413B-8E4D-388AD65A170A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_fuse:6.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A305F012-544E-4245-9D69-1C8CD37748B1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_fuse:7.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B40CCE4F-EA2C-453D-BB76-6388767E5C6D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:logging_subsystem_for_red_hat_openshift:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EF93A27E-AA2B-4C2E-9B8D-FE7267847326\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:machine_deletion_remediation_operator:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2B12A3A8-6456-481A-A0C9-524543FCC149\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:migration_toolkit_for_applications:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C2E7E3C-A507-4AB2-97E5-4944D8775CF7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:migration_toolkit_for_containers:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4E22EBF9-AA0D-4712-9D69-DD97679CE835\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:migration_toolkit_for_virtualization:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"941B114C-FBD7-42FF-B1D8-4EA30E99102C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:network_observability_operator:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"339CFB34-A795-49F9-BF6D-A00F3A1A4F63\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:node_healthcheck_operator:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8D044DBE-6F5A-4C53-828E-7B1A570CACFF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:node_maintenance_operator:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E23FA47F-B967-44AD-AB76-1BB2CAD3CA5B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift:-:*:*:*:*:aws:*:*\",\"matchCriteriaId\":\"65203CA1-5225-4E55-A187-6454C091F532\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_api_for_data_protection:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7BF8EFFB-5686-4F28-A68F-1A8854E098CE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"932D137F-528B-4526-9A89-CD59FA1AB0FE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_container_platform_assisted_installer:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5DA9B2E2-958B-478D-87D6-E5CDDCD44315\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_data_science:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B3F5FF1E-5DA3-4EC3-B41A-A362BDFC4C69\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_dev_spaces:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"99B8A88B-0B31-4CFF-AFD7-C9D3DDD5790D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_developer_tools_and_services:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"97321212-0E07-4CC2-A917-7B5F61AB9A5A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_distributed_tracing:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DF390236-3259-4C8F-891C-62ACC4386CD1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_gitops:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C0AAA300-691A-4957-8B69-F6888CC971B1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_pipelines:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"45937289-2D64-47CB-A750-5B4F0D4664A0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_sandboxed_containers:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B129311C-EB4B-4041-B85C-44D5E53FCAA3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_secondary_scheduler_operator:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F1AB54DB-3FB4-41CB-88ED-1400FD22AB85\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_serverless:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"77675CB7-67D7-44E9-B7FF-D224B3341AA5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_service_mesh:2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A76A2BCE-4AAE-46D7-93D6-2EDE0FC83145\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_virtualization:4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9C877879-B84B-471C-80CF-0656521CA8AB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openstack_platform:16.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DCC81071-B46D-4F5D-AC25-B4A4CCC20C73\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openstack_platform:16.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4B3000D2-35DF-4A93-9FC0-1AD3AB8349B8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openstack_platform:17.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E315FC5C-FF19-43C9-A58A-CF2A5FF13824\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:process_automation:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"20A6B40D-F991-4712-8E30-5FE008505CB7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:quay:3.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B1987BDA-0113-4603-B9BE-76647EB043F2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:run_once_duration_override_operator:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D482A3D2-6E9B-42BA-9926-35E5BDD5F3BF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:satellite:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"848C92A9-0677-442B-8D52-A448F2019903\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:self_node_remediation_operator:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6F564701-EDC1-43CF-BB9F-287D6992C6CB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:service_interconnect:1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"12B0CF2B-D1E1-4E20-846E-6F0D873499A9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:single_sign-on:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9EFEC7CA-8DDA-48A6-A7B6-1F1D14792890\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:support_for_spring_boot:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E8885C2C-7FB8-40CA-BCB9-B48C50BF2499\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:web_terminal:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9D88B140-D2A1-4A0A-A2E9-1A3B50C295AD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F4CFF558-3C47-480D-A2F0-BABF26042943\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F6FB57C-2BC7-487C-96DD-132683AEB35D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:service_telemetry_framework:1.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A903C3AD-2D25-45B5-BF4A-A5BEB2286627\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F4CFF558-3C47-480D-A2F0-BABF26042943\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E30D0E6F-4AE8-4284-8716-991DFA48CC5D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CC559B26-5DFC-4B7A-A27C-B77DE755DFF9\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:astra_control_center:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EC5EBD2A-32A3-46D5-B155-B44DCB7F6902\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F1BE6C1F-2565-4E97-92AA-16563E5660A5\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:akka:http_server:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.5.3\",\"matchCriteriaId\":\"C2792650-851F-4820-B003-06A4BEA092D7\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:konghq:kong_gateway:*:*:*:*:enterprise:*:*:*\",\"versionEndExcluding\":\"3.4.2\",\"matchCriteriaId\":\"9F6B63B9-F4C9-4A3F-9310-E0918E1070D1\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*\",\"versionEndIncluding\":\"2.414.2\",\"matchCriteriaId\":\"E6FF5F80-A991-43D4-B49F-D843E2BC5798\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:jenkins:*:*:*:*:-:*:*:*\",\"versionEndIncluding\":\"2.427\",\"matchCriteriaId\":\"54D25DA9-12D0-4F14-83E6-C69D0293AAB9\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:solr:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"9.4.0\",\"matchCriteriaId\":\"8E1AFFB9-C717-4727-B0C9-5A0C281710E2\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openresty:openresty:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.21.4.3\",\"matchCriteriaId\":\"25C85001-E0AB-4B01-8EE7-1D9C77CD956E\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:business_process_automation:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.2.003.009\",\"matchCriteriaId\":\"FB2BDBAC-8D19-4F81-8D31-6D0955A53D82\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:connected_mobile_experiences:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"11.1\",\"matchCriteriaId\":\"F98F9D27-6659-413F-8F29-4FDB0882AAC5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:crosswork_data_gateway:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.1.3\",\"matchCriteriaId\":\"C98BF315-C563-47C2-BAD1-63347A3D1008\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:crosswork_data_gateway:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.0.0\",\"versionEndExcluding\":\"5.0.2\",\"matchCriteriaId\":\"3F30E209-FA52-4D3B-9B88-4193EA388554\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:crosswork_situation_manager:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3178F3A5-A072-44E1-A225-B04BC536F4FB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:crosswork_zero_touch_provisioning:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.0.0\",\"matchCriteriaId\":\"AA2BE0F1-DD16-4876-8EBA-F187BD38B159\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:data_center_network_manager:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"796B6C58-2140-4105-A2A1-69865A194A75\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:enterprise_chat_and_email:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEA99DC6-EA03-469F-A8BE-7F96FDF0B333\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:expressway:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"x14.3.3\",\"matchCriteriaId\":\"6560DBF4-AFE6-4672-95DE-74A0B8F4170A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.4.2\",\"matchCriteriaId\":\"84785919-796D-41E5-B652-6B5765C81D4A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:iot_field_network_director:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.11.0\",\"matchCriteriaId\":\"92A74A1A-C69F-41E6-86D0-D6BB1C5D0A1E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:prime_access_registrar:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"9.3.3\",\"matchCriteriaId\":\"6FE7BA33-2AC0-4A85-97AD-6D77F20BA2AD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:prime_cable_provisioning:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.2.1\",\"matchCriteriaId\":\"4FE2F959-1084-48D1-B1F1-8182FC9862DD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:prime_infrastructure:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.10.4\",\"matchCriteriaId\":\"5CC17E6B-D7AB-40D7-AEC5-F5B555AC4D7F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:prime_network_registrar:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"11.2\",\"matchCriteriaId\":\"1BB6B48E-EA36-40A0-96D0-AF909BEC1147\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_dynamic_attributes_connector:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.2.0\",\"matchCriteriaId\":\"2CBED844-7F94-498C-836D-8593381A9657\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_malware_analytics:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.19.2\",\"matchCriteriaId\":\"C170DBA1-0899-4ECC-9A0D-8FEB1DA1B510\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:telepresence_video_communication_server:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"x14.3.3\",\"matchCriteriaId\":\"358FA1DC-63D3-49F6-AC07-9E277DD0D9DA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:ultra_cloud_core_-_policy_control_function:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2024.01.0\",\"matchCriteriaId\":\"BFF2D182-7599-4B81-B56B-F44EDA1384C0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:ultra_cloud_core_-_policy_control_function:2024.01.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4868BCCA-24DE-4F24-A8AF-B3A545C0396E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:ultra_cloud_core_-_serving_gateway_function:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2024.02.0\",\"matchCriteriaId\":\"194F7A1F-FD43-4FF7-9AE2-C13AA5567E8A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:ultra_cloud_core_-_session_management_function:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2024.02.0\",\"matchCriteriaId\":\"BEC75F99-C7F0-47EB-9032-C9D3A42EBA20\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_attendant_console_advanced:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B6638F4E-16F7-447D-B755-52640BCB1C61\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_contact_center_domain_manager:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AC34F742-530E-4AB4-8AFC-D1E088E256B4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_contact_center_enterprise:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D31CC0E9-8E21-436B-AB84-EA1B1BC60DCD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_contact_center_enterprise_-_live_data_server:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"12.6.2\",\"matchCriteriaId\":\"E22AD683-345B-4E16-BB9E-E9B1783E09AD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_contact_center_management_portal:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D5C0D694-9E24-4782-B35F-D7C3E3B0F2ED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:fog_director:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.22\",\"matchCriteriaId\":\"2955BEE9-F567-4006-B96D-92E10FF84DB4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"17.15.1\",\"matchCriteriaId\":\"67502878-DB20-4410-ABA0-A1C5705064CD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.11.2\",\"matchCriteriaId\":\"177DED2D-8089-4494-BDD9-7F84FC06CD5B\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:secure_web_appliance_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"15.1.0\",\"matchCriteriaId\":\"54A29FD3-4128-4333-8445-A7DD04A6ECF6\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:secure_web_appliance:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"67074526-9933-46B3-9FE3-A0BE73C5E8A7\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.2\\\\(7\\\\)\",\"matchCriteriaId\":\"EEB32D2E-AD9D-44A0-AEF7-689F7D2605C9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.3\\\\(1\\\\)\",\"versionEndExcluding\":\"10.3\\\\(5\\\\)\",\"matchCriteriaId\":\"0A236A0A-6956-4D79-B8E5-B2D0C79FAE88\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.4\\\\(1\\\\)\",\"versionEndExcluding\":\"10.4\\\\(2\\\\)\",\"matchCriteriaId\":\"BE71D34C-227A-4789-BA4D-79E5FDE311DB\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"528ED62B-D739-4E06-AC64-B506FD73BBAB\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3016q:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2D402AB0-BCFB-4F42-8C50-5DC930AEEC8B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FC2A6C31-438A-4CF5-A3F3-364B1672EB7D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"76C10D85-88AC-4A79-8866-BED88A0F8DF8\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3064-32t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"09AC2BAD-F536-48D0-A2F0-D4E290519EB6\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3064-x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ECC4FFCC-E886-49BC-9737-5B5BA2AAB14B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3064t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F4E8EE4-031D-47D3-A12E-EE5F792172EE\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3064x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"00CDD8C3-67D5-4E9F-9D48-A77B55DB0AB1\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3100:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"41C14CC9-C244-4B86-AEA6-C50BAD5DA9A6\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3100-v:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A8FF2EC4-0C09-4C00-9956-A2A4A894F63D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3100-z:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D14D4B4E-120E-4607-A4F1-447C7BF3052E\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3100v:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"15702ACB-29F3-412D-8805-E107E0729E35\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4E930332-CDDD-48D5-93BC-C22D693BBFA2\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_31108pv-v:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"29B34855-D8D2-4114-80D2-A4D159C62458\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7BF4B8FE-E134-4491-B5C2-C1CFEB64731B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F4226DA0-9371-401C-8247-E6E636A116C3\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7664666F-BCE4-4799-AEEA-3A73E6AD33F4\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D3DBBFE9-835C-4411-8492-6006E74BAC65\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B3293438-3D18-45A2-B093-2C3F65783336\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3132q-x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C97C29EE-9426-4BBE-8D84-AB5FF748703D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3132q-x\\\\/3132q-xl:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E142C18F-9FB5-4D96-866A-141D7D16CAF7\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8F43B770-D96C-44EA-BC12-9F39FC4317B9\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7817F4E6-B2DA-4F06-95A4-AF329F594C02\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3172pq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CED628B5-97A8-4B26-AA40-BEC854982157\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7BB9DD73-E31D-4921-A6D6-E14E04703588\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3172pq\\\\/pq-xl:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8EFC116A-627F-4E05-B631-651D161217C8\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4532F513-0543-4960-9877-01F23CA7BA1B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0B43502B-FD53-465A-B60F-6A359C6ACD99\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F3229124-B097-4AAC-8ACD-2F9C89DCC3AB\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3200:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"32A532C0-B0E3-484A-B356-88970E7D0248\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3232:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1C84D24C-2256-42AF-898A-221EBE9FE1E4\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"652A2849-668D-4156-88FB-C19844A59F33\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3232c_:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D008CA1C-6F5A-40EA-BB12-A9D84D5AF700\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"24FBE87B-8A4F-43A8-98A3-4A7D9C630937\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6ACD09AC-8B28-4ACB-967B-AB3D450BC137\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3400:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"43913A0E-50D5-47DD-94D8-DD3391633619\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7D397349-CCC6-479B-9273-FB1FFF4F34F2\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DC7286A7-780F-4A45-940A-4AD5C9D0F201\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_34200yc-sm:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CA52D5C1-13D8-4D23-B022-954CCEF491F1\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F7AF8D7-431B-43CE-840F-CC0817D159C0\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DAC204C8-1A5A-4E85-824E-DC9B8F6A802D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3500:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A8E1073F-D374-4311-8F12-AD8C72FAA293\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EAF5AF71-15DF-4151-A1CF-E138A7103FC8\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"10F80A72-AD54-4699-B8AE-82715F0B58E2\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3524-x\\\\/xl:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E505C0B1-2119-4C6A-BF96-C282C633D169\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9354B6A2-D7D6-442E-BF4C-FE8A336D9E94\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"088C0323-683A-44F5-8D42-FF6EC85D080E\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"74CB4002-7636-4382-B33E-FBA060A13C34\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3548-x\\\\/xl:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"915EF8F6-6039-4DD0-B875-30D911752B74\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"10CEBF73-3EE0-459A-86C5-F8F6243FE27C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3600:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"97217080-455C-48E4-8CE1-6D5B9485864F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"95D2C4C3-65CE-4612-A027-AF70CEFC3233\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"57572E4A-78D5-4D1A-938B-F05F01759612\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.2\\\\(7\\\\)\",\"matchCriteriaId\":\"EEB32D2E-AD9D-44A0-AEF7-689F7D2605C9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.3\\\\(1\\\\)\",\"versionEndExcluding\":\"10.3\\\\(5\\\\)\",\"matchCriteriaId\":\"0A236A0A-6956-4D79-B8E5-B2D0C79FAE88\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.4\\\\(1\\\\)\",\"versionEndExcluding\":\"10.4\\\\(2\\\\)\",\"matchCriteriaId\":\"BE71D34C-227A-4789-BA4D-79E5FDE311DB\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0CD9C1F1-8582-4F67-A77D-97CBFECB88B8\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9200:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"532CE4B0-A3C9-4613-AAAF-727817D06FB4\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9200yc:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"24CA1A59-2681-4507-AC74-53BD481099B9\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4283E433-7F8C-4410-B565-471415445811\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_92160yc_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AF9147C9-5D8B-40F5-9AAA-66A3495A0AD8\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9221c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FFB9FDE8-8533-4F65-BF32-4066D042B2F7\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F80AB6FB-32FD-43D7-A9F1-80FA47696210\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_92300yc_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3AA5389A-8AD1-476E-983A-54DF573C30F5\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D5B2E4C1-2627-4B9D-8E92-4B483F647651\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_92304qc_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C1B1A8F1-45B1-4E64-A254-7191FA93CB6D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9232e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"83DA8BFA-D7A2-476C-A6F5-CAE610033BC2\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"557ED31C-C26A-4FAE-8B14-D06B49F7F08B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"11411BFD-3F4D-4309-AB35-A3629A360FB0\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9236c_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB2FFD26-8255-4351-8594-29D2AEFC06EF\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E663DE91-C86D-48DC-B771-FA72A8DF7A7C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9272q_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"61E10975-B47E-4F4D-8096-AEC7B7733612\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9300:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"92E2CB2B-DA11-4CF7-9D57-3D4D48990DC0\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A90184B3-C82F-4CE5-B2AD-97D5E4690871\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93108tc-ex-24:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"40E40F42-632A-47DF-BE33-DC25B826310B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93108tc-ex_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2C67B7A6-9BB2-41FC-8FA3-8D0DF67CBC68\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93108tc-fx-24:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C47F6BF9-2ADB-41A4-8D7D-8BB00141BB23\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93108tc-fx3h:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"16C64136-89C2-443C-AF7B-BED81D3DE25A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93108tc-fx3p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BBEF7F26-BB47-44BD-872E-130820557C23\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07DE6F63-2C7D-415B-8C34-01EC05C062F3\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93120tx_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"182000E0-8204-4D8B-B7DE-B191AFE12E28\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93128:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F309E7B9-B828-4CD2-9D2B-8966EE5B9CC1\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F423E45D-A6DD-4305-9C6A-EAB26293E53A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93128tx_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BDC208BC-7E19-48C6-A20E-A79A51B7362C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9316d-gx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"102F91CD-DFB6-43D4-AE5B-DA157A696230\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E952A96A-0F48-4357-B7DD-1127D8827650\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93180lc-ex_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"084D0191-563B-4FF0-B589-F35DA118E1C6\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93180tc-ex:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B7DB6FC5-762A-4F16-AE8C-69330EFCF640\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F70D81F1-8B12-4474-9060-B4934D8A3873\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93180yc-ex-24:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5394DE31-3863-4CA9-B7B1-E5227183100D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93180yc-ex_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"968390BC-B430-4903-B614-13104BFAE635\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7349D69B-D8FA-4462-AA28-69DD18A652D9\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93180yc-fx-24:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FE4BB834-2C00-4384-A78E-AF3BCDDC58AF\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93180yc-fx3:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B0D30D52-837F-4FDA-B8E5-A9066E9C6D2F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93180yc-fx3h:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E6678B8A-D905-447E-BE7E-6BFB4CC5DAFE\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93180yc-fx3s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7CE49B45-F2E9-491D-9C29-1B46E9CE14E2\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93240tc-fx2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4BFAD21E-59EE-4CCE-8F1E-621D2EA50905\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"91231DC6-2773-4238-8C14-A346F213B5E5\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2DF88547-BAF4-47B0-9F60-80A30297FCEB\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9332d-gx2b:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"02C3CE6D-BD54-48B1-A188-8E53DA001424\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9332d-h2r:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"498991F7-39D6-428C-8C7D-DD8DC72A0346\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"113772B6-E9D2-4094-9468-3F4E1A87D07D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9332pq_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F7B90D36-5124-4669-8462-4EAF35B0F53D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C45A38D6-BED6-4FEF-AD87-A1E813695DE0\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F1FC2B1F-232E-4754-8076-CC82F3648730\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9336c-fx2-e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7CDD27C9-5EAF-4956-8AB7-740C84C9D4FC\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9336pq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F1127D2-12C0-454F-91EF-5EE334070D06\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9336pq_aci:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7D6EB963-E0F2-4A02-8765-AB2064BE19E9\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"785FD17C-F32E-4042-9DDE-A89B3AAE0334\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9336pq_aci_spine_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEAAF99B-5406-4722-81FB-A91CBAC2DF41\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9348d-gx2a:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"73DC1E93-561E-490C-AE0E-B02BAB9A7C8E\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9348gc-fx3:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"12DA2DE5-8ADA-4D6A-BC1A-9C06FA163B1C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93600cd-gx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2CF467E2-4567-426E-8F48-39669E0F514C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"63842B25-8C32-4988-BBBD-61E9CB09B4F3\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9364c-gx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"68EA1FEF-B6B6-49FE-A0A4-5387F76303F8\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9364d-gx2a:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"40D6DB7F-C025-4971-9615-73393ED61078\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4364ADB9-8162-451D-806A-B98924E6B2CF\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B53BCB42-ED61-4FCF-8068-CB467631C63C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9372px-e_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"737C724A-B6CD-4FF7-96E0-EBBF645D660E\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9372px_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7067AEC7-DFC8-4437-9338-C5165D9A8F36\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"49E0371B-FDE2-473C-AA59-47E1269D050F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"489D11EC-5A18-4F32-BC7C-AC1FCEC27222\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9372tx-e_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"71D4CF15-B293-4403-A1A9-96AD3933BAEF\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9372tx_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DBCC1515-2DBE-4DF2-8E83-29A869170F36\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1BC5293E-F2B4-46DC-85DA-167EA323FCFD\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9396px_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7282AAFF-ED18-4992-AC12-D953C35EC328\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EA022E77-6557-4A33-9A3A-D028E2DB669A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9396tx_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"360409CC-4172-4878-A76B-EA1C1F8C7A79\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9408:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D8D5D5E2-B40B-475D-9EF3-8441016E37E9\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9432pq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FDA8E1F0-74A6-4725-B6AA-A1112EFC5D0C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9500:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"63BE0266-1C00-4D6A-AD96-7F82532ABAA7\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9500_16-slot:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"73F59A4B-AE92-4533-8EDC-D1DD850309FF\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9500_4-slot:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"492A2C86-DD38-466B-9965-77629A73814F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9500_8-slot:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1FB7AA46-4018-4925-963E-719E1037F759\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9500_supervisor_a:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"31B9D1E4-10B9-4B6F-B848-D93ABF6486D6\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9500_supervisor_a\\\\+:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CB270C45-756E-400A-979F-D07D750C881A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9500_supervisor_b:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4E8A085C-2DBA-4269-AB01-B16019FBB4DA\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9500_supervisor_b\\\\+:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A79DD582-AF68-44F1-B640-766B46EF2BE2\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9500r:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B04484DA-AA59-4833-916E-6A8C96D34F0D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"768BE390-5ED5-48A7-9E80-C4DE8BA979B1\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9504_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D07B5399-44C7-468D-9D57-BB5B5E26CE50\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DDC2F709-AFBE-48EA-A3A2-DA1134534FB6\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9508_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B76FB64F-16F0-4B0B-B304-B46258D434BA\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7E02DC82-0D26-436F-BA64-73C958932B0A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9516_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2E128053-834B-4DD5-A517-D14B4FC2B56F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9536pq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"163743A1-09E7-4EC5-8ECA-79E4B9CE173B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9636pq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE340E4C-DC48-4FC8-921B-EE304DB5AE0A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9716d-gx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C367BBE0-D71F-4CB5-B50E-72B033E73FE1\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9736pq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"85E1D224-4751-4233-A127-A041068C804A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9800:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BD31B075-01B1-429E-83F4-B999356A0EB9\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9804:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A10C9C0A-C96A-4B45-90D0-6ED457EB5F4C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9808:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3284D16F-3275-4F8D-8AE4-D413DE19C4FA\"}]}]}],\"references\":[{\"url\":\"http://www.openwall.com/lists/oss-security/2023/10/10/6\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/10/10/7\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/10/13/4\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/10/13/9\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/10/18/4\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/10/18/8\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/10/19/6\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/10/20/8\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/security/cve/cve-2023-44487\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Press/Media Coverage\",\"Third Party Advisory\"]},{\"url\":\"https://aws.amazon.com/security/security-bulletins/AWS-2023-011/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Technical Description\",\"Vendor Advisory\"]},{\"url\":\"https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"Vendor Advisory\"]},{\"url\":\"https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack\",\"source\":\"cve@mitre.org\",\"tags\":[\"Press/Media Coverage\",\"Third Party Advisory\"]},{\"url\":\"https://blog.vespa.ai/cve-2023-44487/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://bugzilla.proxmox.com/show_bug.cgi?id=4988\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2242803\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"https://bugzilla.suse.com/show_bug.cgi?id=1216123\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Technical Description\",\"Vendor Advisory\"]},{\"url\":\"https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack\",\"source\":\"cve@mitre.org\",\"tags\":[\"Technical Description\",\"Vendor Advisory\"]},{\"url\":\"https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/Azure/AKS/issues/3947\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/Kong/kong/discussions/11741\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/advisories/GHSA-qppj-fm5r-hxr3\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://github.com/advisories/GHSA-vx74-f528-fxqg\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mitigation\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/advisories/GHSA-xpw8-rcwv-8f8p\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/akka/akka-http/issues/4323\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/alibaba/tengine/issues/1872\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/apache/apisix/issues/10320\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/apache/httpd-site/pull/10\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113\",\"source\":\"cve@mitre.org\",\"tags\":[\"Product\"]},{\"url\":\"https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Product\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/apache/trafficserver/pull/10564\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://github.com/bcdannyboy/CVE-2023-44487\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/caddyserver/caddy/issues/5877\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/caddyserver/caddy/releases/tag/v2.7.5\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/dotnet/announcements/issues/277\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Mitigation\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73\",\"source\":\"cve@mitre.org\",\"tags\":[\"Product\",\"Release Notes\"]},{\"url\":\"https://github.com/eclipse/jetty.project/issues/10679\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/envoyproxy/envoy/pull/30055\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/etcd-io/etcd/issues/16740\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/facebook/proxygen/pull/466\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/golang/go/issues/63417\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/grpc/grpc-go/pull/6703\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/grpc/grpc/releases/tag/v1.59.2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://github.com/h2o/h2o/pull/3291\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://github.com/haproxy/haproxy/issues/2312\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244\",\"source\":\"cve@mitre.org\",\"tags\":[\"Product\"]},{\"url\":\"https://github.com/junkurihara/rust-rpxy/issues/97\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/kazu-yamamoto/http2/issues/93\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/kubernetes/kubernetes/pull/121120\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/line/armeria/pull/5232\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/micrictor/http2-rst-stream\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/microsoft/CBL-Mariner/pull/6381\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/nghttp2/nghttp2/pull/1961\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/ninenines/cowboy/issues/1615\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/nodejs/node/pull/50121\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/openresty/openresty/issues/930\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/opensearch-project/data-prepper/issues/3474\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/oqtane/oqtane.framework/discussions/3367\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/projectcontour/contour/pull/5826\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/tempesta-tech/tempesta/issues/1986\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/varnishcache/varnish-cache/issues/3996\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"https://istio.io/latest/news/security/istio-security-2023-004/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mitigation\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://my.f5.com/manage/s/article/K000137106\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://netty.io/news/2023/10/10/4-1-100-Final.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"https://news.ycombinator.com/item?id=37830987\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://news.ycombinator.com/item?id=37830998\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Press/Media Coverage\"]},{\"url\":\"https://news.ycombinator.com/item?id=37831062\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://news.ycombinator.com/item?id=37837043\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-http2-reset-d8Kf32vZ\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202311-09\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20231016-0001/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20240426-0007/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20240621-0006/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20240621-0007/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.paloaltonetworks.com/CVE-2023-44487\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://ubuntu.com/security/CVE-2023-44487\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event\",\"source\":\"cve@mitre.org\",\"tags\":[\"Press/Media Coverage\",\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5521\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Vendor Advisory\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5522\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Vendor Advisory\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5540\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5549\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5558\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5570\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"Vendor Advisory\"]},{\"url\":\"https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mitigation\",\"Vendor Advisory\"]},{\"url\":\"https://www.openwall.com/lists/oss-security/2023/10/10/6\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack\",\"source\":\"cve@mitre.org\",\"tags\":[\"Press/Media Coverage\"]},{\"url\":\"https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Press/Media Coverage\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/10/13/4\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/10/13/9\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/10/18/4\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/10/18/8\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/10/19/6\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/10/20/8\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2025/08/13/6\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/security/cve/cve-2023-44487\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Press/Media Coverage\",\"Third Party Advisory\"]},{\"url\":\"https://aws.amazon.com/security/security-bulletins/AWS-2023-011/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Technical Description\",\"Vendor Advisory\"]},{\"url\":\"https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"Vendor Advisory\"]},{\"url\":\"https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Press/Media Coverage\",\"Third Party Advisory\"]},{\"url\":\"https://blog.vespa.ai/cve-2023-44487/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://bugzilla.proxmox.com/show_bug.cgi?id=4988\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2242803\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"https://bugzilla.suse.com/show_bug.cgi?id=1216123\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Technical Description\",\"Vendor Advisory\"]},{\"url\":\"https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Technical Description\",\"Vendor Advisory\"]},{\"url\":\"https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/Azure/AKS/issues/3947\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/Kong/kong/discussions/11741\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/advisories/GHSA-qppj-fm5r-hxr3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://github.com/advisories/GHSA-vx74-f528-fxqg\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mitigation\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/advisories/GHSA-xpw8-rcwv-8f8p\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/akka/akka-http/issues/4323\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/alibaba/tengine/issues/1872\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/apache/apisix/issues/10320\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/apache/httpd-site/pull/10\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Product\"]},{\"url\":\"https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Product\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/apache/trafficserver/pull/10564\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://github.com/bcdannyboy/CVE-2023-44487\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/caddyserver/caddy/issues/5877\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/caddyserver/caddy/releases/tag/v2.7.5\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/dotnet/announcements/issues/277\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Mitigation\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Product\",\"Release Notes\"]},{\"url\":\"https://github.com/eclipse/jetty.project/issues/10679\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/envoyproxy/envoy/pull/30055\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/etcd-io/etcd/issues/16740\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/facebook/proxygen/pull/466\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/golang/go/issues/63417\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/grpc/grpc-go/pull/6703\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/h2o/h2o/pull/3291\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://github.com/haproxy/haproxy/issues/2312\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Product\"]},{\"url\":\"https://github.com/junkurihara/rust-rpxy/issues/97\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/kazu-yamamoto/http2/issues/93\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/kubernetes/kubernetes/pull/121120\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/line/armeria/pull/5232\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/micrictor/http2-rst-stream\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/microsoft/CBL-Mariner/pull/6381\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/nghttp2/nghttp2/pull/1961\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/ninenines/cowboy/issues/1615\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/nodejs/node/pull/50121\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/openresty/openresty/issues/930\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/opensearch-project/data-prepper/issues/3474\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/oqtane/oqtane.framework/discussions/3367\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/projectcontour/contour/pull/5826\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/tempesta-tech/tempesta/issues/1986\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/varnishcache/varnish-cache/issues/3996\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"https://istio.io/latest/news/security/istio-security-2023-004/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mitigation\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://my.f5.com/manage/s/article/K000137106\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://netty.io/news/2023/10/10/4-1-100-Final.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"https://news.ycombinator.com/item?id=37830987\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://news.ycombinator.com/item?id=37830998\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Press/Media Coverage\"]},{\"url\":\"https://news.ycombinator.com/item?id=37831062\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://news.ycombinator.com/item?id=37837043\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202311-09\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20231016-0001/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20240426-0007/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20240621-0006/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20240621-0007/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.paloaltonetworks.com/CVE-2023-44487\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://ubuntu.com/security/CVE-2023-44487\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Press/Media Coverage\",\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5521\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Vendor Advisory\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5522\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Vendor Advisory\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5540\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5549\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5558\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5570\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"Vendor Advisory\"]},{\"url\":\"https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mitigation\",\"Vendor Advisory\"]},{\"url\":\"https://www.openwall.com/lists/oss-security/2023/10/10/6\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Press/Media Coverage\"]},{\"url\":\"https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Press/Media Coverage\",\"Third Party Advisory\"]},{\"url\":\"https://www.vicarius.io/vsociety/posts/rapid-reset-cve-2023-44487-dos-in-http2-understanding-the-root-cause\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/html/ssa-082556.html\",\"source\":\"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/html/ssa-341067.html\",\"source\":\"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/html/ssa-784301.html\",\"source\":\"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/html/ssa-832273.html\",\"source\":\"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/html/ssa-915275.html\",\"source\":\"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-44487\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"tags\":[\"US Government Resource\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://aws.amazon.com/security/security-bulletins/AWS-2023-011/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://news.ycombinator.com/item?id=37831062\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/envoyproxy/envoy/pull/30055\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/haproxy/haproxy/issues/2312\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/eclipse/jetty.project/issues/10679\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/nghttp2/nghttp2/pull/1961\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/alibaba/tengine/issues/1872\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://news.ycombinator.com/item?id=37830987\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://news.ycombinator.com/item?id=37830998\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/caddyserver/caddy/issues/5877\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/bcdannyboy/CVE-2023-44487\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/grpc/grpc-go/pull/6703\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://my.f5.com/manage/s/article/K000137106\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://bugzilla.proxmox.com/show_bug.cgi?id=4988\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/microsoft/CBL-Mariner/pull/6381\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/facebook/proxygen/pull/466\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/micrictor/http2-rst-stream\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/h2o/h2o/pull/3291\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/nodejs/node/pull/50121\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/dotnet/announcements/issues/277\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/golang/go/issues/63417\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/advisories/GHSA-vx74-f528-fxqg\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/apache/trafficserver/pull/10564\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.openwall.com/lists/oss-security/2023/10/10/6\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/opensearch-project/data-prepper/issues/3474\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/kubernetes/kubernetes/pull/121120\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/oqtane/oqtane.framework/discussions/3367\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/advisories/GHSA-xpw8-rcwv-8f8p\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://netty.io/news/2023/10/10/4-1-100-Final.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://news.ycombinator.com/item?id=37837043\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/kazu-yamamoto/http2/issues/93\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.debian.org/security/2023/dsa-5522\", \"name\": \"DSA-5522\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://www.debian.org/security/2023/dsa-5521\", \"name\": \"DSA-5521\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/security/cve/cve-2023-44487\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/ninenines/cowboy/issues/1615\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/varnishcache/varnish-cache/issues/3996\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/tempesta-tech/tempesta/issues/1986\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://blog.vespa.ai/cve-2023-44487/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/etcd-io/etcd/issues/16740\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://istio.io/latest/news/security/istio-security-2023-004/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/junkurihara/rust-rpxy/issues/97\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://bugzilla.suse.com/show_bug.cgi?id=1216123\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2242803\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://ubuntu.com/security/CVE-2023-44487\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/advisories/GHSA-qppj-fm5r-hxr3\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/apache/httpd-site/pull/10\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/projectcontour/contour/pull/5826\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/line/armeria/pull/5232\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://security.paloaltonetworks.com/CVE-2023-44487\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/akka/akka-http/issues/4323\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/openresty/openresty/issues/930\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/apache/apisix/issues/10320\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/Azure/AKS/issues/3947\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/Kong/kong/discussions/11741\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/caddyserver/caddy/releases/tag/v2.7.5\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html\", \"name\": \"[debian-lts-announce] 20231013 [SECURITY] [DLA 3617-1] tomcat9 security update\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/10/13/4\", \"name\": \"[oss-security] 20231013 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/10/13/9\", \"name\": \"[oss-security] 20231013 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/\", \"name\": \"FEDORA-2023-ed2642fd58\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html\", \"name\": \"[debian-lts-announce] 20231016 [SECURITY] [DLA 3621-1] nghttp2 security update\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20231016-0001/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html\", \"name\": \"[debian-lts-announce] 20231016 [SECURITY] [DLA 3617-2] tomcat9 regression update\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/10/18/4\", \"name\": \"[oss-security] 20231018 Vulnerability in Jenkins\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/10/18/8\", \"name\": \"[oss-security] 20231018 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/10/19/6\", \"name\": \"[oss-security] 20231019 CVE-2023-45802: Apache HTTP Server: HTTP/2 stream memory not reclaimed right away on RST\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/\", \"name\": \"FEDORA-2023-54fadada12\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/\", \"name\": \"FEDORA-2023-5ff7bf1dd8\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/10/20/8\", \"name\": \"[oss-security] 20231020 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/\", \"name\": \"FEDORA-2023-17efd3f2cd\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/\", \"name\": \"FEDORA-2023-d5030c983c\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/\", \"name\": \"FEDORA-2023-0259c3f26f\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/\", \"name\": \"FEDORA-2023-2a9214af5f\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/\", \"name\": \"FEDORA-2023-e9c04d81c1\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/\", \"name\": \"FEDORA-2023-f66fc0f62a\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/\", \"name\": \"FEDORA-2023-4d2fd884ea\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/\", \"name\": \"FEDORA-2023-b2c50535cb\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/\", \"name\": \"FEDORA-2023-fe53e13b5b\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/\", \"name\": \"FEDORA-2023-4bf641255e\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html\", \"name\": \"[debian-lts-announce] 20231030 [SECURITY] [DLA 3641-1] jetty9 security update\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://www.debian.org/security/2023/dsa-5540\", \"name\": \"DSA-5540\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html\", \"name\": \"[debian-lts-announce] 20231031 [SECURITY] [DLA 3638-1] h2o security update\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/\", \"name\": \"FEDORA-2023-1caffb88af\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/\", \"name\": \"FEDORA-2023-3f70b8d406\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/\", \"name\": \"FEDORA-2023-7b52921cae\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/\", \"name\": \"FEDORA-2023-7934802344\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/\", \"name\": \"FEDORA-2023-dbe64661af\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/\", \"name\": \"FEDORA-2023-822aab0a5a\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html\", \"name\": \"[debian-lts-announce] 20231105 [SECURITY] [DLA 3645-1] trafficserver security update\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://www.debian.org/security/2023/dsa-5549\", \"name\": \"DSA-5549\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/\", \"name\": \"FEDORA-2023-c0c6a91330\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/\", \"name\": \"FEDORA-2023-492b7be466\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://www.debian.org/security/2023/dsa-5558\", \"name\": \"DSA-5558\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html\", \"name\": \"[debian-lts-announce] 20231119 [SECURITY] [DLA 3656-1] netty security update\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://security.gentoo.org/glsa/202311-09\", \"name\": \"GLSA-202311-09\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://www.debian.org/security/2023/dsa-5570\", \"name\": \"DSA-5570\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240426-0007/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240621-0006/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240621-0007/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.vicarius.io/vsociety/posts/rapid-reset-cve-2023-44487-dos-in-http2-understanding-the-root-cause\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2025/08/13/6\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2025-11-04T21:08:27.383Z\"}}, {\"affected\": [{\"vendor\": \"Siemens\", \"product\": \"RUGGEDCOM APE1808\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC S7-1500 CPU 1518-4 PN/DP MFP\", \"versions\": [{\"status\": \"affected\", \"version\": \"V3.1.5\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC S7-1500 CPU 1518-4 PN/DP MFP\", \"versions\": [{\"status\": \"affected\", \"version\": \"V3.1.5\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP\", \"versions\": [{\"status\": \"affected\", \"version\": \"V3.1.5\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP\", \"versions\": [{\"status\": \"affected\", \"version\": \"V3.1.5\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SINEC NMS\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"V3.0\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIPLUS S7-1500 CPU 1518-4 PN/DP MFP\", \"versions\": [{\"status\": \"affected\", \"version\": \"V3.1.5\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}], \"x_adpType\": \"supplier\", \"references\": [{\"url\": \"https://cert-portal.siemens.com/productcert/html/ssa-832273.html\"}, {\"url\": \"https://cert-portal.siemens.com/productcert/html/ssa-341067.html\"}, {\"url\": \"https://cert-portal.siemens.com/productcert/html/ssa-784301.html\"}, {\"url\": \"https://cert-portal.siemens.com/productcert/html/ssa-915275.html\"}, {\"url\": \"https://cert-portal.siemens.com/productcert/html/ssa-082556.html\"}], \"providerMetadata\": {\"orgId\": \"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\", \"shortName\": \"siemens-SADP\", \"dateUpdated\": \"2026-05-12T10:52:23.784Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-44487\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-07-23T20:34:21.334116Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2023-10-10\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-44487\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:ietf:http:2.0:*:*:*:*:*:*:*\"], \"vendor\": \"ietf\", \"product\": \"http\", \"versions\": [{\"status\": \"affected\", \"version\": \"2.0\"}], \"defaultStatus\": \"unknown\"}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2023-10-10T00:00:00.000Z\", \"value\": \"CVE-2023-44487 added to CISA KEV\"}], \"references\": [{\"url\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-44487\", \"tags\": [\"government-resource\"]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-400\", \"description\": \"CWE-400 Uncontrolled Resource Consumption\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-07-16T18:31:22.372Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"n/a\", \"product\": \"n/a\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"references\": [{\"url\": \"https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73\"}, {\"url\": \"https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/\"}, {\"url\": \"https://aws.amazon.com/security/security-bulletins/AWS-2023-011/\"}, {\"url\": \"https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack\"}, {\"url\": \"https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\"}, {\"url\": \"https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/\"}, {\"url\": \"https://news.ycombinator.com/item?id=37831062\"}, {\"url\": \"https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/\"}, {\"url\": \"https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack\"}, {\"url\": \"https://github.com/envoyproxy/envoy/pull/30055\"}, {\"url\": \"https://github.com/haproxy/haproxy/issues/2312\"}, {\"url\": \"https://github.com/eclipse/jetty.project/issues/10679\"}, {\"url\": \"https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764\"}, {\"url\": \"https://github.com/nghttp2/nghttp2/pull/1961\"}, {\"url\": \"https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61\"}, {\"url\": \"https://github.com/alibaba/tengine/issues/1872\"}, {\"url\": \"https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2\"}, {\"url\": \"https://news.ycombinator.com/item?id=37830987\"}, {\"url\": \"https://news.ycombinator.com/item?id=37830998\"}, {\"url\": \"https://github.com/caddyserver/caddy/issues/5877\"}, {\"url\": \"https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/\"}, {\"url\": \"https://github.com/bcdannyboy/CVE-2023-44487\"}, {\"url\": \"https://github.com/grpc/grpc-go/pull/6703\"}, {\"url\": \"https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244\"}, {\"url\": \"https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0\"}, {\"url\": \"https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html\"}, {\"url\": \"https://my.f5.com/manage/s/article/K000137106\"}, {\"url\": \"https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/\"}, {\"url\": \"https://bugzilla.proxmox.com/show_bug.cgi?id=4988\"}, {\"url\": \"https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/10/10/7\", \"name\": \"[oss-security] 20231010 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations\", \"tags\": [\"mailing-list\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/10/10/6\", \"name\": \"[oss-security] 20231010 CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected\"}, {\"url\": \"https://github.com/microsoft/CBL-Mariner/pull/6381\"}, {\"url\": \"https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo\"}, {\"url\": \"https://github.com/facebook/proxygen/pull/466\"}, {\"url\": \"https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088\"}, {\"url\": \"https://github.com/micrictor/http2-rst-stream\"}, {\"url\": \"https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve\"}, {\"url\": \"https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/\"}, {\"url\": \"https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf\"}, {\"url\": \"https://github.com/h2o/h2o/pull/3291\"}, {\"url\": \"https://github.com/nodejs/node/pull/50121\"}, {\"url\": \"https://github.com/dotnet/announcements/issues/277\"}, {\"url\": \"https://github.com/golang/go/issues/63417\"}, {\"url\": \"https://github.com/advisories/GHSA-vx74-f528-fxqg\"}, {\"url\": \"https://github.com/apache/trafficserver/pull/10564\"}, {\"url\": \"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487\"}, {\"url\": \"https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14\"}, {\"url\": \"https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q\"}, {\"url\": \"https://www.openwall.com/lists/oss-security/2023/10/10/6\"}, {\"url\": \"https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\"}, {\"url\": \"https://github.com/opensearch-project/data-prepper/issues/3474\"}, {\"url\": \"https://github.com/kubernetes/kubernetes/pull/121120\"}, {\"url\": \"https://github.com/oqtane/oqtane.framework/discussions/3367\"}, {\"url\": \"https://github.com/advisories/GHSA-xpw8-rcwv-8f8p\"}, {\"url\": \"https://netty.io/news/2023/10/10/4-1-100-Final.html\"}, {\"url\": \"https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487\"}, {\"url\": \"https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/\"}, {\"url\": \"https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack\"}, {\"url\": \"https://news.ycombinator.com/item?id=37837043\"}, {\"url\": \"https://github.com/kazu-yamamoto/http2/issues/93\"}, {\"url\": \"https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html\"}, {\"url\": \"https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1\"}, {\"url\": \"https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113\"}, {\"url\": \"https://www.debian.org/security/2023/dsa-5522\", \"name\": \"DSA-5522\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://www.debian.org/security/2023/dsa-5521\", \"name\": \"DSA-5521\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://access.redhat.com/security/cve/cve-2023-44487\"}, {\"url\": \"https://github.com/ninenines/cowboy/issues/1615\"}, {\"url\": \"https://github.com/varnishcache/varnish-cache/issues/3996\"}, {\"url\": \"https://github.com/tempesta-tech/tempesta/issues/1986\"}, {\"url\": \"https://blog.vespa.ai/cve-2023-44487/\"}, {\"url\": \"https://github.com/etcd-io/etcd/issues/16740\"}, {\"url\": \"https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event\"}, {\"url\": \"https://istio.io/latest/news/security/istio-security-2023-004/\"}, {\"url\": \"https://github.com/junkurihara/rust-rpxy/issues/97\"}, {\"url\": \"https://bugzilla.suse.com/show_bug.cgi?id=1216123\"}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2242803\"}, {\"url\": \"https://ubuntu.com/security/CVE-2023-44487\"}, {\"url\": \"https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125\"}, {\"url\": \"https://github.com/advisories/GHSA-qppj-fm5r-hxr3\"}, {\"url\": \"https://github.com/apache/httpd-site/pull/10\"}, {\"url\": \"https://github.com/projectcontour/contour/pull/5826\"}, {\"url\": \"https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632\"}, {\"url\": \"https://github.com/line/armeria/pull/5232\"}, {\"url\": \"https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/\"}, {\"url\": \"https://security.paloaltonetworks.com/CVE-2023-44487\"}, {\"url\": \"https://github.com/akka/akka-http/issues/4323\"}, {\"url\": \"https://github.com/openresty/openresty/issues/930\"}, {\"url\": \"https://github.com/apache/apisix/issues/10320\"}, {\"url\": \"https://github.com/Azure/AKS/issues/3947\"}, {\"url\": \"https://github.com/Kong/kong/discussions/11741\"}, {\"url\": \"https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487\"}, {\"url\": \"https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/\"}, {\"url\": \"https://github.com/caddyserver/caddy/releases/tag/v2.7.5\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html\", \"name\": \"[debian-lts-announce] 20231013 [SECURITY] [DLA 3617-1] tomcat9 security update\", \"tags\": [\"mailing-list\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/10/13/4\", \"name\": \"[oss-security] 20231013 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations\", \"tags\": [\"mailing-list\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/10/13/9\", \"name\": \"[oss-security] 20231013 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/\"}, {\"url\": \"https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/\", \"name\": \"FEDORA-2023-ed2642fd58\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html\", \"name\": \"[debian-lts-announce] 20231016 [SECURITY] [DLA 3621-1] nghttp2 security update\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20231016-0001/\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html\", \"name\": \"[debian-lts-announce] 20231016 [SECURITY] [DLA 3617-2] tomcat9 regression update\", \"tags\": [\"mailing-list\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/10/18/4\", \"name\": \"[oss-security] 20231018 Vulnerability in Jenkins\", \"tags\": [\"mailing-list\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/10/18/8\", \"name\": \"[oss-security] 20231018 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations\", \"tags\": [\"mailing-list\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/10/19/6\", \"name\": \"[oss-security] 20231019 CVE-2023-45802: Apache HTTP Server: HTTP/2 stream memory not reclaimed right away on RST\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/\", \"name\": \"FEDORA-2023-54fadada12\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/\", \"name\": \"FEDORA-2023-5ff7bf1dd8\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/10/20/8\", \"name\": \"[oss-security] 20231020 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/\", \"name\": \"FEDORA-2023-17efd3f2cd\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/\", \"name\": \"FEDORA-2023-d5030c983c\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/\", \"name\": \"FEDORA-2023-0259c3f26f\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/\", \"name\": \"FEDORA-2023-2a9214af5f\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/\", \"name\": \"FEDORA-2023-e9c04d81c1\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/\", \"name\": \"FEDORA-2023-f66fc0f62a\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/\", \"name\": \"FEDORA-2023-4d2fd884ea\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/\", \"name\": \"FEDORA-2023-b2c50535cb\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/\", \"name\": \"FEDORA-2023-fe53e13b5b\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/\", \"name\": \"FEDORA-2023-4bf641255e\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html\", \"name\": \"[debian-lts-announce] 20231030 [SECURITY] [DLA 3641-1] jetty9 security update\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://www.debian.org/security/2023/dsa-5540\", \"name\": \"DSA-5540\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html\", \"name\": \"[debian-lts-announce] 20231031 [SECURITY] [DLA 3638-1] h2o security update\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/\", \"name\": \"FEDORA-2023-1caffb88af\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/\", \"name\": \"FEDORA-2023-3f70b8d406\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/\", \"name\": \"FEDORA-2023-7b52921cae\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/\", \"name\": \"FEDORA-2023-7934802344\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/\", \"name\": \"FEDORA-2023-dbe64661af\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/\", \"name\": \"FEDORA-2023-822aab0a5a\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html\", \"name\": \"[debian-lts-announce] 20231105 [SECURITY] [DLA 3645-1] trafficserver security update\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://www.debian.org/security/2023/dsa-5549\", \"name\": \"DSA-5549\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/\", \"name\": \"FEDORA-2023-c0c6a91330\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/\", \"name\": \"FEDORA-2023-492b7be466\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://www.debian.org/security/2023/dsa-5558\", \"name\": \"DSA-5558\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html\", \"name\": \"[debian-lts-announce] 20231119 [SECURITY] [DLA 3656-1] netty security update\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://security.gentoo.org/glsa/202311-09\", \"name\": \"GLSA-202311-09\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://www.debian.org/security/2023/dsa-5570\", \"name\": \"DSA-5570\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240426-0007/\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240621-0006/\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240621-0007/\"}, {\"url\": \"https://github.com/grpc/grpc/releases/tag/v1.59.2\"}, {\"url\": \"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-http2-reset-d8Kf32vZ\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"n/a\"}]}], \"providerMetadata\": {\"orgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"shortName\": \"mitre\", \"dateUpdated\": \"2025-06-07T20:05:34.376Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2023-44487\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-05-12T10:52:23.784Z\", \"dateReserved\": \"2023-09-29T00:00:00.000Z\", \"assignerOrgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"datePublished\": \"2023-10-10T00:00:00.000Z\", \"assignerShortName\": \"mitre\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
OPENSUSE-SU-2024:14442-1
Vulnerability from csaf_opensuse - Published: 2024-10-30 00:00 - Updated: 2024-10-30 00:00Summary
netty-4.1.114-1.1 on GA media
Severity
Important
Notes
Title of the patch: netty-4.1.114-1.1 on GA media
Description of the patch: These are all security issues fixed in the netty-4.1.114-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2024-14442
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
6.5 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.114-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.114-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.114-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.114-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-poms-4.1.114-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-poms-4.1.114-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-poms-4.1.114-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-poms-4.1.114-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.114-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.114-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.114-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.114-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-poms-4.1.114-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-poms-4.1.114-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-poms-4.1.114-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-poms-4.1.114-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.114-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.114-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.114-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.114-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-poms-4.1.114-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-poms-4.1.114-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-poms-4.1.114-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-poms-4.1.114-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.2 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.114-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.114-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.114-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.114-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-poms-4.1.114-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-poms-4.1.114-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-poms-4.1.114-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-poms-4.1.114-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.114-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.114-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.114-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.114-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-poms-4.1.114-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-poms-4.1.114-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-poms-4.1.114-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-poms-4.1.114-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.114-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.114-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.114-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.114-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-poms-4.1.114-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-poms-4.1.114-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-poms-4.1.114-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-poms-4.1.114-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.5 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.114-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.114-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.114-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.114-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-poms-4.1.114-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-poms-4.1.114-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-poms-4.1.114-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-poms-4.1.114-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.114-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.114-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.114-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.114-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-poms-4.1.114-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-poms-4.1.114-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-poms-4.1.114-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-poms-4.1.114-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.114-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.114-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.114-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.114-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-poms-4.1.114-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-poms-4.1.114-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-poms-4.1.114-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-poms-4.1.114-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
39 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "netty-4.1.114-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the netty-4.1.114-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-14442",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_14442-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2024:14442-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/TNFN6MBU4SQLAGX7GNFLRGTPGY3IBHZG/"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2024:14442-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/TNFN6MBU4SQLAGX7GNFLRGTPGY3IBHZG/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-21409 page",
"url": "https://www.suse.com/security/cve/CVE-2021-21409/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-37136 page",
"url": "https://www.suse.com/security/cve/CVE-2021-37136/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-37137 page",
"url": "https://www.suse.com/security/cve/CVE-2021-37137/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-24823 page",
"url": "https://www.suse.com/security/cve/CVE-2022-24823/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-41881 page",
"url": "https://www.suse.com/security/cve/CVE-2022-41881/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-41915 page",
"url": "https://www.suse.com/security/cve/CVE-2022-41915/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-34462 page",
"url": "https://www.suse.com/security/cve/CVE-2023-34462/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-44487 page",
"url": "https://www.suse.com/security/cve/CVE-2023-44487/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-29025 page",
"url": "https://www.suse.com/security/cve/CVE-2024-29025/"
}
],
"title": "netty-4.1.114-1.1 on GA media",
"tracking": {
"current_release_date": "2024-10-30T00:00:00Z",
"generator": {
"date": "2024-10-30T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:14442-1",
"initial_release_date": "2024-10-30T00:00:00Z",
"revision_history": [
{
"date": "2024-10-30T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "netty-4.1.114-1.1.aarch64",
"product": {
"name": "netty-4.1.114-1.1.aarch64",
"product_id": "netty-4.1.114-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "netty-javadoc-4.1.114-1.1.aarch64",
"product": {
"name": "netty-javadoc-4.1.114-1.1.aarch64",
"product_id": "netty-javadoc-4.1.114-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "netty-poms-4.1.114-1.1.aarch64",
"product": {
"name": "netty-poms-4.1.114-1.1.aarch64",
"product_id": "netty-poms-4.1.114-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "netty-4.1.114-1.1.ppc64le",
"product": {
"name": "netty-4.1.114-1.1.ppc64le",
"product_id": "netty-4.1.114-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "netty-javadoc-4.1.114-1.1.ppc64le",
"product": {
"name": "netty-javadoc-4.1.114-1.1.ppc64le",
"product_id": "netty-javadoc-4.1.114-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "netty-poms-4.1.114-1.1.ppc64le",
"product": {
"name": "netty-poms-4.1.114-1.1.ppc64le",
"product_id": "netty-poms-4.1.114-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "netty-4.1.114-1.1.s390x",
"product": {
"name": "netty-4.1.114-1.1.s390x",
"product_id": "netty-4.1.114-1.1.s390x"
}
},
{
"category": "product_version",
"name": "netty-javadoc-4.1.114-1.1.s390x",
"product": {
"name": "netty-javadoc-4.1.114-1.1.s390x",
"product_id": "netty-javadoc-4.1.114-1.1.s390x"
}
},
{
"category": "product_version",
"name": "netty-poms-4.1.114-1.1.s390x",
"product": {
"name": "netty-poms-4.1.114-1.1.s390x",
"product_id": "netty-poms-4.1.114-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "netty-4.1.114-1.1.x86_64",
"product": {
"name": "netty-4.1.114-1.1.x86_64",
"product_id": "netty-4.1.114-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "netty-javadoc-4.1.114-1.1.x86_64",
"product": {
"name": "netty-javadoc-4.1.114-1.1.x86_64",
"product_id": "netty-javadoc-4.1.114-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "netty-poms-4.1.114-1.1.x86_64",
"product": {
"name": "netty-poms-4.1.114-1.1.x86_64",
"product_id": "netty-poms-4.1.114-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "netty-4.1.114-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:netty-4.1.114-1.1.aarch64"
},
"product_reference": "netty-4.1.114-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "netty-4.1.114-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:netty-4.1.114-1.1.ppc64le"
},
"product_reference": "netty-4.1.114-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "netty-4.1.114-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:netty-4.1.114-1.1.s390x"
},
"product_reference": "netty-4.1.114-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "netty-4.1.114-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:netty-4.1.114-1.1.x86_64"
},
"product_reference": "netty-4.1.114-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "netty-javadoc-4.1.114-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.aarch64"
},
"product_reference": "netty-javadoc-4.1.114-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "netty-javadoc-4.1.114-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.ppc64le"
},
"product_reference": "netty-javadoc-4.1.114-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "netty-javadoc-4.1.114-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.s390x"
},
"product_reference": "netty-javadoc-4.1.114-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "netty-javadoc-4.1.114-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.x86_64"
},
"product_reference": "netty-javadoc-4.1.114-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "netty-poms-4.1.114-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:netty-poms-4.1.114-1.1.aarch64"
},
"product_reference": "netty-poms-4.1.114-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "netty-poms-4.1.114-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:netty-poms-4.1.114-1.1.ppc64le"
},
"product_reference": "netty-poms-4.1.114-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "netty-poms-4.1.114-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:netty-poms-4.1.114-1.1.s390x"
},
"product_reference": "netty-poms-4.1.114-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "netty-poms-4.1.114-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:netty-poms-4.1.114-1.1.x86_64"
},
"product_reference": "netty-poms-4.1.114-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-21409",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-21409"
}
],
"notes": [
{
"category": "general",
"text": "Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers \u0026 clients. In Netty (io.netty:netty-codec-http2) before version 4.1.61.Final there is a vulnerability that enables request smuggling. The content-length header is not correctly validated if the request only uses a single Http2HeaderFrame with the endStream set to to true. This could lead to request smuggling if the request is proxied to a remote peer and translated to HTTP/1.1. This is a followup of GHSA-wm47-8v5p-wjpj/CVE-2021-21295 which did miss to fix this one case. This was fixed as part of 4.1.61.Final.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:netty-4.1.114-1.1.aarch64",
"openSUSE Tumbleweed:netty-4.1.114-1.1.ppc64le",
"openSUSE Tumbleweed:netty-4.1.114-1.1.s390x",
"openSUSE Tumbleweed:netty-4.1.114-1.1.x86_64",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.aarch64",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.ppc64le",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.s390x",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.x86_64",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.aarch64",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.ppc64le",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.s390x",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-21409",
"url": "https://www.suse.com/security/cve/CVE-2021-21409"
},
{
"category": "external",
"summary": "SUSE Bug 1184203 for CVE-2021-21409",
"url": "https://bugzilla.suse.com/1184203"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:netty-4.1.114-1.1.aarch64",
"openSUSE Tumbleweed:netty-4.1.114-1.1.ppc64le",
"openSUSE Tumbleweed:netty-4.1.114-1.1.s390x",
"openSUSE Tumbleweed:netty-4.1.114-1.1.x86_64",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.aarch64",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.ppc64le",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.s390x",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.x86_64",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.aarch64",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.ppc64le",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.s390x",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:netty-4.1.114-1.1.aarch64",
"openSUSE Tumbleweed:netty-4.1.114-1.1.ppc64le",
"openSUSE Tumbleweed:netty-4.1.114-1.1.s390x",
"openSUSE Tumbleweed:netty-4.1.114-1.1.x86_64",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.aarch64",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.ppc64le",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.s390x",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.x86_64",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.aarch64",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.ppc64le",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.s390x",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-10-30T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2021-21409"
},
{
"cve": "CVE-2021-37136",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-37136"
}
],
"notes": [
{
"category": "general",
"text": "The Bzip2 decompression decoder function doesn\u0027t allow setting size restrictions on the decompressed output data (which affects the allocation size used during decompression). All users of Bzip2Decoder are affected. The malicious input can trigger an OOME and so a DoS attack",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:netty-4.1.114-1.1.aarch64",
"openSUSE Tumbleweed:netty-4.1.114-1.1.ppc64le",
"openSUSE Tumbleweed:netty-4.1.114-1.1.s390x",
"openSUSE Tumbleweed:netty-4.1.114-1.1.x86_64",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.aarch64",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.ppc64le",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.s390x",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.x86_64",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.aarch64",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.ppc64le",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.s390x",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-37136",
"url": "https://www.suse.com/security/cve/CVE-2021-37136"
},
{
"category": "external",
"summary": "SUSE Bug 1190610 for CVE-2021-37136",
"url": "https://bugzilla.suse.com/1190610"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:netty-4.1.114-1.1.aarch64",
"openSUSE Tumbleweed:netty-4.1.114-1.1.ppc64le",
"openSUSE Tumbleweed:netty-4.1.114-1.1.s390x",
"openSUSE Tumbleweed:netty-4.1.114-1.1.x86_64",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.aarch64",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.ppc64le",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.s390x",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.x86_64",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.aarch64",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.ppc64le",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.s390x",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:netty-4.1.114-1.1.aarch64",
"openSUSE Tumbleweed:netty-4.1.114-1.1.ppc64le",
"openSUSE Tumbleweed:netty-4.1.114-1.1.s390x",
"openSUSE Tumbleweed:netty-4.1.114-1.1.x86_64",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.aarch64",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.ppc64le",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.s390x",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.x86_64",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.aarch64",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.ppc64le",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.s390x",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-10-30T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2021-37136"
},
{
"cve": "CVE-2021-37137",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-37137"
}
],
"notes": [
{
"category": "general",
"text": "The Snappy frame decoder function doesn\u0027t restrict the chunk length which may lead to excessive memory usage. Beside this it also may buffer reserved skippable chunks until the whole chunk was received which may lead to excessive memory usage as well. This vulnerability can be triggered by supplying malicious input that decompresses to a very big size (via a network stream or a file) or by sending a huge skippable chunk.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:netty-4.1.114-1.1.aarch64",
"openSUSE Tumbleweed:netty-4.1.114-1.1.ppc64le",
"openSUSE Tumbleweed:netty-4.1.114-1.1.s390x",
"openSUSE Tumbleweed:netty-4.1.114-1.1.x86_64",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.aarch64",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.ppc64le",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.s390x",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.x86_64",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.aarch64",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.ppc64le",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.s390x",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-37137",
"url": "https://www.suse.com/security/cve/CVE-2021-37137"
},
{
"category": "external",
"summary": "SUSE Bug 1190613 for CVE-2021-37137",
"url": "https://bugzilla.suse.com/1190613"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:netty-4.1.114-1.1.aarch64",
"openSUSE Tumbleweed:netty-4.1.114-1.1.ppc64le",
"openSUSE Tumbleweed:netty-4.1.114-1.1.s390x",
"openSUSE Tumbleweed:netty-4.1.114-1.1.x86_64",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.aarch64",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.ppc64le",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.s390x",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.x86_64",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.aarch64",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.ppc64le",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.s390x",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:netty-4.1.114-1.1.aarch64",
"openSUSE Tumbleweed:netty-4.1.114-1.1.ppc64le",
"openSUSE Tumbleweed:netty-4.1.114-1.1.s390x",
"openSUSE Tumbleweed:netty-4.1.114-1.1.x86_64",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.aarch64",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.ppc64le",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.s390x",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.x86_64",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.aarch64",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.ppc64le",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.s390x",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-10-30T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2021-37137"
},
{
"cve": "CVE-2022-24823",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-24823"
}
],
"notes": [
{
"category": "general",
"text": "Netty is an open-source, asynchronous event-driven network application framework. The package `io.netty:netty-codec-http` prior to version 4.1.77.Final contains an insufficient fix for CVE-2021-21290. When Netty\u0027s multipart decoders are used local information disclosure can occur via the local system temporary directory if temporary storing uploads on the disk is enabled. This only impacts applications running on Java version 6 and lower. Additionally, this vulnerability impacts code running on Unix-like systems, and very old versions of Mac OSX and Windows as they all share the system temporary directory between all users. Version 4.1.77.Final contains a patch for this vulnerability. As a workaround, specify one\u0027s own `java.io.tmpdir` when starting the JVM or use DefaultHttpDataFactory.setBaseDir(...) to set the directory to something that is only readable by the current user.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:netty-4.1.114-1.1.aarch64",
"openSUSE Tumbleweed:netty-4.1.114-1.1.ppc64le",
"openSUSE Tumbleweed:netty-4.1.114-1.1.s390x",
"openSUSE Tumbleweed:netty-4.1.114-1.1.x86_64",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.aarch64",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.ppc64le",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.s390x",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.x86_64",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.aarch64",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.ppc64le",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.s390x",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-24823",
"url": "https://www.suse.com/security/cve/CVE-2022-24823"
},
{
"category": "external",
"summary": "SUSE Bug 1199338 for CVE-2022-24823",
"url": "https://bugzilla.suse.com/1199338"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:netty-4.1.114-1.1.aarch64",
"openSUSE Tumbleweed:netty-4.1.114-1.1.ppc64le",
"openSUSE Tumbleweed:netty-4.1.114-1.1.s390x",
"openSUSE Tumbleweed:netty-4.1.114-1.1.x86_64",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.aarch64",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.ppc64le",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.s390x",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.x86_64",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.aarch64",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.ppc64le",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.s390x",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:netty-4.1.114-1.1.aarch64",
"openSUSE Tumbleweed:netty-4.1.114-1.1.ppc64le",
"openSUSE Tumbleweed:netty-4.1.114-1.1.s390x",
"openSUSE Tumbleweed:netty-4.1.114-1.1.x86_64",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.aarch64",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.ppc64le",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.s390x",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.x86_64",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.aarch64",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.ppc64le",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.s390x",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-10-30T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2022-24823"
},
{
"cve": "CVE-2022-41881",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-41881"
}
],
"notes": [
{
"category": "general",
"text": "Netty project is an event-driven asynchronous network application framework. In versions prior to 4.1.86.Final, a StackOverflowError can be raised when parsing a malformed crafted message due to an infinite recursion. This issue is patched in version 4.1.86.Final. There is no workaround, except using a custom HaProxyMessageDecoder.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:netty-4.1.114-1.1.aarch64",
"openSUSE Tumbleweed:netty-4.1.114-1.1.ppc64le",
"openSUSE Tumbleweed:netty-4.1.114-1.1.s390x",
"openSUSE Tumbleweed:netty-4.1.114-1.1.x86_64",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.aarch64",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.ppc64le",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.s390x",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.x86_64",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.aarch64",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.ppc64le",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.s390x",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-41881",
"url": "https://www.suse.com/security/cve/CVE-2022-41881"
},
{
"category": "external",
"summary": "SUSE Bug 1206360 for CVE-2022-41881",
"url": "https://bugzilla.suse.com/1206360"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:netty-4.1.114-1.1.aarch64",
"openSUSE Tumbleweed:netty-4.1.114-1.1.ppc64le",
"openSUSE Tumbleweed:netty-4.1.114-1.1.s390x",
"openSUSE Tumbleweed:netty-4.1.114-1.1.x86_64",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.aarch64",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.ppc64le",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.s390x",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.x86_64",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.aarch64",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.ppc64le",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.s390x",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:netty-4.1.114-1.1.aarch64",
"openSUSE Tumbleweed:netty-4.1.114-1.1.ppc64le",
"openSUSE Tumbleweed:netty-4.1.114-1.1.s390x",
"openSUSE Tumbleweed:netty-4.1.114-1.1.x86_64",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.aarch64",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.ppc64le",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.s390x",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.x86_64",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.aarch64",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.ppc64le",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.s390x",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-10-30T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2022-41881"
},
{
"cve": "CVE-2022-41915",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-41915"
}
],
"notes": [
{
"category": "general",
"text": "Netty project is an event-driven asynchronous network application framework. Starting in version 4.1.83.Final and prior to 4.1.86.Final, when calling `DefaultHttpHeadesr.set` with an _iterator_ of values, header value validation was not performed, allowing malicious header values in the iterator to perform HTTP Response Splitting. This issue has been patched in version 4.1.86.Final. Integrators can work around the issue by changing the `DefaultHttpHeaders.set(CharSequence, Iterator\u003c?\u003e)` call, into a `remove()` call, and call `add()` in a loop over the iterator of values.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:netty-4.1.114-1.1.aarch64",
"openSUSE Tumbleweed:netty-4.1.114-1.1.ppc64le",
"openSUSE Tumbleweed:netty-4.1.114-1.1.s390x",
"openSUSE Tumbleweed:netty-4.1.114-1.1.x86_64",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.aarch64",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.ppc64le",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.s390x",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.x86_64",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.aarch64",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.ppc64le",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.s390x",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-41915",
"url": "https://www.suse.com/security/cve/CVE-2022-41915"
},
{
"category": "external",
"summary": "SUSE Bug 1206379 for CVE-2022-41915",
"url": "https://bugzilla.suse.com/1206379"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:netty-4.1.114-1.1.aarch64",
"openSUSE Tumbleweed:netty-4.1.114-1.1.ppc64le",
"openSUSE Tumbleweed:netty-4.1.114-1.1.s390x",
"openSUSE Tumbleweed:netty-4.1.114-1.1.x86_64",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.aarch64",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.ppc64le",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.s390x",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.x86_64",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.aarch64",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.ppc64le",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.s390x",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:netty-4.1.114-1.1.aarch64",
"openSUSE Tumbleweed:netty-4.1.114-1.1.ppc64le",
"openSUSE Tumbleweed:netty-4.1.114-1.1.s390x",
"openSUSE Tumbleweed:netty-4.1.114-1.1.x86_64",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.aarch64",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.ppc64le",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.s390x",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.x86_64",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.aarch64",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.ppc64le",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.s390x",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-10-30T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2022-41915"
},
{
"cve": "CVE-2023-34462",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-34462"
}
],
"notes": [
{
"category": "general",
"text": "Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers \u0026 clients. The `SniHandler` can allocate up to 16MB of heap for each channel during the TLS handshake. When the handler or the channel does not have an idle timeout, it can be used to make a TCP server using the `SniHandler` to allocate 16MB of heap. The `SniHandler` class is a handler that waits for the TLS handshake to configure a `SslHandler` according to the indicated server name by the `ClientHello` record. For this matter it allocates a `ByteBuf` using the value defined in the `ClientHello` record. Normally the value of the packet should be smaller than the handshake packet but there are not checks done here and the way the code is written, it is possible to craft a packet that makes the `SslClientHelloHandler`. This vulnerability has been fixed in version 4.1.94.Final.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:netty-4.1.114-1.1.aarch64",
"openSUSE Tumbleweed:netty-4.1.114-1.1.ppc64le",
"openSUSE Tumbleweed:netty-4.1.114-1.1.s390x",
"openSUSE Tumbleweed:netty-4.1.114-1.1.x86_64",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.aarch64",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.ppc64le",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.s390x",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.x86_64",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.aarch64",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.ppc64le",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.s390x",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-34462",
"url": "https://www.suse.com/security/cve/CVE-2023-34462"
},
{
"category": "external",
"summary": "SUSE Bug 1212637 for CVE-2023-34462",
"url": "https://bugzilla.suse.com/1212637"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:netty-4.1.114-1.1.aarch64",
"openSUSE Tumbleweed:netty-4.1.114-1.1.ppc64le",
"openSUSE Tumbleweed:netty-4.1.114-1.1.s390x",
"openSUSE Tumbleweed:netty-4.1.114-1.1.x86_64",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.aarch64",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.ppc64le",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.s390x",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.x86_64",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.aarch64",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.ppc64le",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.s390x",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:netty-4.1.114-1.1.aarch64",
"openSUSE Tumbleweed:netty-4.1.114-1.1.ppc64le",
"openSUSE Tumbleweed:netty-4.1.114-1.1.s390x",
"openSUSE Tumbleweed:netty-4.1.114-1.1.x86_64",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.aarch64",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.ppc64le",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.s390x",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.x86_64",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.aarch64",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.ppc64le",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.s390x",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-10-30T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-34462"
},
{
"cve": "CVE-2023-44487",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-44487"
}
],
"notes": [
{
"category": "general",
"text": "The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:netty-4.1.114-1.1.aarch64",
"openSUSE Tumbleweed:netty-4.1.114-1.1.ppc64le",
"openSUSE Tumbleweed:netty-4.1.114-1.1.s390x",
"openSUSE Tumbleweed:netty-4.1.114-1.1.x86_64",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.aarch64",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.ppc64le",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.s390x",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.x86_64",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.aarch64",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.ppc64le",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.s390x",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-44487",
"url": "https://www.suse.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "SUSE Bug 1216109 for CVE-2023-44487",
"url": "https://bugzilla.suse.com/1216109"
},
{
"category": "external",
"summary": "SUSE Bug 1216123 for CVE-2023-44487",
"url": "https://bugzilla.suse.com/1216123"
},
{
"category": "external",
"summary": "SUSE Bug 1216169 for CVE-2023-44487",
"url": "https://bugzilla.suse.com/1216169"
},
{
"category": "external",
"summary": "SUSE Bug 1216171 for CVE-2023-44487",
"url": "https://bugzilla.suse.com/1216171"
},
{
"category": "external",
"summary": "SUSE Bug 1216174 for CVE-2023-44487",
"url": "https://bugzilla.suse.com/1216174"
},
{
"category": "external",
"summary": "SUSE Bug 1216176 for CVE-2023-44487",
"url": "https://bugzilla.suse.com/1216176"
},
{
"category": "external",
"summary": "SUSE Bug 1216181 for CVE-2023-44487",
"url": "https://bugzilla.suse.com/1216181"
},
{
"category": "external",
"summary": "SUSE Bug 1216182 for CVE-2023-44487",
"url": "https://bugzilla.suse.com/1216182"
},
{
"category": "external",
"summary": "SUSE Bug 1216190 for CVE-2023-44487",
"url": "https://bugzilla.suse.com/1216190"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:netty-4.1.114-1.1.aarch64",
"openSUSE Tumbleweed:netty-4.1.114-1.1.ppc64le",
"openSUSE Tumbleweed:netty-4.1.114-1.1.s390x",
"openSUSE Tumbleweed:netty-4.1.114-1.1.x86_64",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.aarch64",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.ppc64le",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.s390x",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.x86_64",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.aarch64",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.ppc64le",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.s390x",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:netty-4.1.114-1.1.aarch64",
"openSUSE Tumbleweed:netty-4.1.114-1.1.ppc64le",
"openSUSE Tumbleweed:netty-4.1.114-1.1.s390x",
"openSUSE Tumbleweed:netty-4.1.114-1.1.x86_64",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.aarch64",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.ppc64le",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.s390x",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.x86_64",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.aarch64",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.ppc64le",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.s390x",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-10-30T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-44487"
},
{
"cve": "CVE-2024-29025",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-29025"
}
],
"notes": [
{
"category": "general",
"text": "Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers \u0026 clients. The `HttpPostRequestDecoder` can be tricked to accumulate data. While the decoder can store items on the disk if configured so, there are no limits to the number of fields the form can have, an attacher can send a chunked post consisting of many small fields that will be accumulated in the `bodyListHttpData` list. The decoder cumulates bytes in the `undecodedChunk` buffer until it can decode a field, this field can cumulate data without limits. This vulnerability is fixed in 4.1.108.Final.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:netty-4.1.114-1.1.aarch64",
"openSUSE Tumbleweed:netty-4.1.114-1.1.ppc64le",
"openSUSE Tumbleweed:netty-4.1.114-1.1.s390x",
"openSUSE Tumbleweed:netty-4.1.114-1.1.x86_64",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.aarch64",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.ppc64le",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.s390x",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.x86_64",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.aarch64",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.ppc64le",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.s390x",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-29025",
"url": "https://www.suse.com/security/cve/CVE-2024-29025"
},
{
"category": "external",
"summary": "SUSE Bug 1222045 for CVE-2024-29025",
"url": "https://bugzilla.suse.com/1222045"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:netty-4.1.114-1.1.aarch64",
"openSUSE Tumbleweed:netty-4.1.114-1.1.ppc64le",
"openSUSE Tumbleweed:netty-4.1.114-1.1.s390x",
"openSUSE Tumbleweed:netty-4.1.114-1.1.x86_64",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.aarch64",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.ppc64le",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.s390x",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.x86_64",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.aarch64",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.ppc64le",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.s390x",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:netty-4.1.114-1.1.aarch64",
"openSUSE Tumbleweed:netty-4.1.114-1.1.ppc64le",
"openSUSE Tumbleweed:netty-4.1.114-1.1.s390x",
"openSUSE Tumbleweed:netty-4.1.114-1.1.x86_64",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.aarch64",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.ppc64le",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.s390x",
"openSUSE Tumbleweed:netty-javadoc-4.1.114-1.1.x86_64",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.aarch64",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.ppc64le",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.s390x",
"openSUSE Tumbleweed:netty-poms-4.1.114-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-10-30T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2024-29025"
}
]
}
RHBA-2023:5806
Vulnerability from csaf_redhat - Published: 2023-10-17 19:03 - Updated: 2026-06-08 15:35Summary
Red Hat Bug Fix Advisory: Red Hat Ansible Automation Platform 2.4 Container Release Update
Severity
Important
Notes
Topic: An update is now available for Red Hat Ansible Automation Platform 2.4
Details: Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to individual teams, while automation developers retain the freedom to write tasks that leverage existing knowledge without the overhead. Ansible Automation Platform makes it possible for users across an organization to share, vet, and manage automation content by means of a simple, powerful, and agentless language.
Updates:
* Added a new subscription usage page to the controller UI to view historical usage of licenses (AAP-16983)
* Add scheduler deployment to handle more rulebook activations (AAP-16760)
* Upgraded Django to address CVE-2023-41164 automation-controller: Potential denial of service vulnerability in ``django.utils.encoding.uri_to_iri()`` (AAP-16193)
* EDA default and activation workers now have their own separate deployments, which can be scaled independently (AAP-15506)
* EDA application extra_settings are now correctly configured in the application settings (AAP-15073)
* Set default resource requests and limits for EDA based on performance data (AAP-13143)
* Operator is killing migration process if it's taking too long (https://issues.redhat.com/browse/AAP-17085)
* OS Updates
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-ui-rhel8@sha256:0d0b96befa8957940d289d905517a6e2ef687cc28c9e68c29acb7813a90a13a6_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
115 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-billing-rhel8-operator@sha256:3151364d2c3359a253e6f95fe296ad9842bcf859a4d05e65abc1283f7646f986_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-billing-rhel8@sha256:f650486925c3bb5ff56570543839ef8ab668c91bba11a30aeceba22b0cf25b3e_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-metrics-collector-rhel8@sha256:738e8ad888db5fa2205b9eb809b25ee98b77b47e7cb009d7aef94e0ab09c9492_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-ui-rhel8-operator@sha256:2826678e9aca4fc567567c36f0d7af6cc22ee85fcfb23d3552534712685d512d_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/aap-must-gather-rhel8@sha256:1ff8637546e4244650e7ad05e9e287c041198d4848a0834c4b505c73ec2adc40_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/aap-must-gather-rhel8@sha256:53a9a6779f8569b03faec060888f39d2d3f071d3a4af8269f66490abd8bfad7e_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/aap-must-gather-rhel8@sha256:ba77e7f17865da4d59f91b69ab58cbeafaa86debe50d2d6fb89e9812f4aed1c7_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/aap-must-gather-rhel8@sha256:d1730361a768cc0dc847958b872eac8befb5bcbe87d4fc18098b9ff4ed072cf3_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel8@sha256:0089971676a347149081311def7417185edfeac0fa0fb09bac556d1e4ac17971_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel8@sha256:0a5ae31195b5b32e8f0800a301ce0e1e282812af59c667c4b40af82a8ca09d62_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel8@sha256:73220bd2c0da0524f6eb6c7a88378ee9970a804a998f039fa14683cf5d7adf2f_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel8@sha256:9aa60f9acfd33709262f38091589521ef49674607e69a3baa6f3d9c9508a10fe_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel8@sha256:5cf9e0d8a0ad5b1492187b177751cede769b53dc830e5b1bc5dcdd110a71a397_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel8@sha256:6599eee6f2b0b8c08ea3dc49598f97aea3b53b456afcc410dd740c39bbfdcd63_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel8@sha256:697fa0ba756009f66eb78f1feb4f9597da4b2382644c76f7755d29dd70aecea2_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel8@sha256:dd8c5dc68cf8d71a563743040922540101be6c1b29c2f565e1352ece5b68377b_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:9273cfd468a23859d784dc3fbf2ad1abb04892e6a3f2ad55d8d2e7c623d0419f_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:99e842a1ca0ea2234c09a8a9466d936968ef36032c102e26fa761089528461e7_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:d2d4b79f72dfe3f646f27b2c35e5108ed3a3c867fd0b9c04d0193e6ec717ad75_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:d6ae7f3136a14984e33f46598f6e321ad72f3875e4c3f0a8c773e5046fb99f1a_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8-operator@sha256:013993b69238a181ef9be9c6cbd173f4af8280f6dc763e52a493e54e71069a01_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8-operator@sha256:07a798fdc9b88ce7332a1300475e3a56d439b55a7ad5e10fd8d4e036661841cd_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8-operator@sha256:2e252f02c2695856d19d90299e2f1cc2bf93d7304e48da306628b12f4d56b037_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8-operator@sha256:71dac652dd2a9588f1722c5147c8cc9cdb5c38d3cb3dc5a5e955c4cba6a3e57c_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8@sha256:11f4ad08d0d96223b17e08a5d07f0594d0d450fe94bd86ce6f57165d20eedfee_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8@sha256:6855d1b68735adde33f4ad83496e7ada4548e3fb1ad07cb7925dfb726d800da0_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8@sha256:c8fdd92c3c2c497ab1d4ba8c96759e8f2dfe7f023df6c5021dfed672c98d0621_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8@sha256:f346fa5d9a45ba329dc668e6a63672020fb579948b6c417ce76400e07ef928a5_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel8@sha256:1e2c70baa0950d9667715e4deda717db264ea07aaa097ed4c3e11025eb4c59a0_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel8@sha256:3407db77ac87aecdc3bd3d32294672192caadd5779858d9c1ca559eef0dcf431_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel8@sha256:6bf6294838abf4584f07500c9d61e7358d706f5754e1171e6a4184957e272d18_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel8@sha256:8c7d062a28b7e54510c1aa45598a6e7c0777962b0c5d1dd1eff77e2203aabc93_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel8@sha256:037b08f1cdf2bd0ba488ec02d6c4136171cadad65017f4331fb8e6d8b9ec8ffb_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel8@sha256:3abdaa6c02011ee543838612626d895980298d6e505e510f4a2b75e6ee0d6315_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel8@sha256:d4d8984a1e1191d58e402dfd9f7d80a1f3bf714b774cc0837809ccabbbbfdb03_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel8@sha256:dcdf4678c085dcb1014930901def587b01e780ce45a471f17a9c39de221b0757_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:4220b98f9d8e805a77a4a4ef95855b8f2c61467a02f686c7b547496831493746_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:683b9705958bb94e2f3fa8901c19ffd4d2a3967104fec3a969a46fa7e5702507_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:b533066a88203acca58a7355f379018eb270f0c932c35f8170e76bfe658ef84b_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:f9f8d32c2ab60ab6c30bfcdec7778f6eb67ba30015d9453afd67ab334c8c2fe5_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8@sha256:2bc05e35b21a826737e8bc523924d8137a531003d2ba2466243f4172708f2cbc_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8@sha256:3059b9a6c38deb5aac3fb60875214fe2dafe50cda028638816ec67741169ec73_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8@sha256:7d75552ba2d42b0f85695e9a71ff71dd781bce0452590d89c12a8fc9f1a501ff_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8@sha256:fd7e96d6b70e0a1b13f0f34e7f14d4de14d07f0db6c449c20e1211bc3982205e_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:56b46c50edef8f427dbc11d32c493ccc3b12df9dc9f553c2e8d3740313ae3cd1_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:7eeca90468dde408d820ffb7b530d0cef615fe6f4a7e852b47ff18028cc09ecc_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:88f5e52c33ca6ff00cb1fd37753a2b1f9e4b6b2a07977e68b71262a8d7a4c58b_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:ee508e6aaaf56c6ec9025d7650000a39a7b05319b570e6961eb72d20623793d9_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-29-rhel8@sha256:5685c052ba6b6d3eec7b7c740ba6b967e92f1fa22631dcf2fe048c57d16cf12a_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-cloud-services-rhel8@sha256:d0797635652c5d9044da6c9f3ecbcc174bf7a9823f1c72cde44830cfe4f5ff56_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-dellemc-openmanage-rhel8@sha256:628f7596505a9ab111cfcd1d3a1eb11e537dbf663d9b802e3cc94af8dbfa05d6_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-dellemc-openmanage-rhel8@sha256:894f470c00c9bffad51ba8e8aecac867345c6e3f90227d773699cf8ef25120eb_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel8@sha256:382c4b91e8c8b30b51d3168b4a16f7c75c96198f4699c301bd03d686c8e85ae7_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel8@sha256:5a2b269ebe2bbb5f27af823cc13c3ce06ade36f43480aa56d41d654d5ef139e3_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel8@sha256:63ea2ecffbf408183f3f37e4c1df4e3a77b9f4c0806d2ef3141d102470661e38_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel8@sha256:c4c7158dfc2c317c62aed28f6db21bc347aca92b8301a6cb932c1a5fbf3eac87_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel8@sha256:72098dcaf2cf2174557428f1121c5926b905dfaa0aad160d3064d171946f298e_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel8@sha256:97e133b817c1aac347642b414ca6cb108fec25434b945c398bae6763f1596c5e_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel8@sha256:a5641fd059a00dff89f846472bf2c139c15ac2908328b03f86ab67087a1dbcf4_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel8@sha256:adad7b24fba97c5649f320ebc72a6b6cbf280e552121a2081b0fe804b06ef78d_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8-operator@sha256:32fa50754404a12b4d4a58d4ef9def3f5e8225cb2cf1e56983df1677f621462e_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8-operator@sha256:ad9213450b9284c6e4323f9f8a5dfc42734ac95b67e5cd6a3afc3bd2945e993d_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8-operator@sha256:b3064c6ba7b2cf491ced94cd9b6545306cb7d59e2054a0d7042daaa3c062246e_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8-operator@sha256:f38fcf5efc4501f3111484cd9c5216f4014fcfd0088d4dd3ad6c14ad76dbe83a_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8@sha256:a27c12f79db64522884b304c30f40635c774f51596689670fd628f409a68663f_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8@sha256:ac2b684d7ac8e0b6f36fe2da22b2ed41bfb24f8e2f77e64117c186a3cdf2f21b_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8@sha256:df80c45631e780f58aaf85edddaf77ed82c0b41f0ad766db048615290eeb96a3_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8@sha256:fe2675bd2c51d62dfa3473653c00ddf55a1b64791f5029fe0b87087461b700a1_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-web-rhel8@sha256:01b5493444bc24c954ce86554d0ba8ca99b9db8c516901d0539e1b001ba78590_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-web-rhel8@sha256:0b7d67480c6a15e5a655573f2ac885d34df441978f8f595f8c4d9f5e93c052d1_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-web-rhel8@sha256:a44ffd3666281ab867c177915ddf48fdb59052a2d48f49284a598e8c80125d7b_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-web-rhel8@sha256:ff2db93490c489562bb8c37a247daf01e10c871e628b24cc4006dd2bd14473bb_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:13425b0194354a15d71f6bccd7b2e526ef4b2cd8c56b6aff91ebf4435bda20bc_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:893d04a458674590c81c2ef09fb222c36f47bee71ab3615d6bb73432c58d965b_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:964337aac284059c1abde17a9bd2c0d13fd5a149a91af19eb56944728f7f5584_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:9d429c6e5d72bf883362b1ae11f8b4ed3a9d468e77e2e29c8ff234df9e255db4_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:38bc442a6181a739b4c232d25abd7018dbce05083f3bf09ab7a071a3d2a4c7b4_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:8c80648871aee9d1c5450226d18b122a40fe188b1140fcb22800ecda41bb6343_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:cfbf2ddd1dce998575bf8e38cd38bbcc98b006ba918d5de8ea1621b5de4d3f67_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:de8830287e00c4062524ebc9e9a93896503101e6382f553c89cc0c1e7d15618f_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/cloud-addons-operator-bundle@sha256:bdc45dd15fcdf3d3956c6ddc2316a8e68490cc1d4249f95b01b231a0fb17debf_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/ee-containerized-installer-rhel8@sha256:797d37d3015ebbf5125f6e1d12d47774a276a42a3c18ccabab2bf1c466b001fd_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/ee-containerized-installer-rhel8@sha256:a4cdb956a90531672851a53c6691591c871513630c8d441b0061d0c187f62a99_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/platform-operator-bundle@sha256:5825e694ae618fd41f495a7d5b9f911da004a9649aa09ca66ad64d3812a884d9_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/platform-operator-bundle@sha256:8b8051faac5197c85088cdb2032576d7789ef251ffd8ea8fc2e525a199202ab0_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/platform-operator-bundle@sha256:d5d128596af42dddb7f3efa725050a35c07eae5e63a4bd8be7789857cf5d36f3_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/platform-operator-bundle@sha256:ecc912e9ab3146df86e7be7afbc077db49e74f913815c73521ae67893f452853_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel9@sha256:20092308c17687aa6059400af8d1772b8fe85207db9f9a5b6d259908e0b63aab_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel9@sha256:45ff186bff94f30a34c2fe59bc342d10bf47071567b9d09d1fa61bf08e72f1c4_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel9@sha256:a4a88494691f2fc7689d16a4da97a857e8b795e41ecf5fe09b09ebfc729511ce_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel9@sha256:eb2f2e5796823643b8b52b98976a04089cdc82ce32f3e4a348fc25dd12eff275_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel9@sha256:7ecc021d626a20acc20f73b28005c16a8d20c7640ec51dffdaff236440702172_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel9@sha256:8c34db5cc4c68c80db22a835c095d60e3988a3e6d1c82fb91cc8558b43a47b33_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel9@sha256:91f0cc9dd9261b7bff0484d3db8e499912fa1781aa71ad24c77d0809cccb03f4_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel9@sha256:cd96a0ece925ed1443c0797bc3baf992ed7ae087f5977df8728a4aab8940516f_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:035f8ce6c6f6ab88366d7d42ba587d75b60236433e01ce0349a40554ff0e1b05_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:11934bcc8a713da353d254164b6914b5769326534a2298f0ccb8642813da5f9a_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:b46fed769c86134a110f442dc56b0c8bfd0d469eb39649916db099f611ab3347_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:bc376892f777fade4e725e140ae195ee94bd2f3c8e97b86a2705cbe23fa1875e_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel9@sha256:7660d7f051c9ac00bf49f609bf1e24b8020d2cb8856b40cbecc13de54d55fed8_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel9@sha256:9b13ab56c30c5c77a21e00d2dfbad44f63c6ff7ac5acb6b8ba416f7fb2a0fc51_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel9@sha256:a562c54aa4ba7538aa2b1beab666cab689240f664f8c17bfd769560efbe3b626_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel9@sha256:f28e22e5da55ea626890aceb7ae4c391e192055a60a1beba9a98ac70ee1353ce_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel9@sha256:5bd5d0da12cc63b3221f508c203b0cde5b4628439d42c1a0303a31c217506936_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel9@sha256:da3031d8ff12b8df290c6da7c5451d0a797c24c0b2b0ce5cce943633d2352ee7_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel9@sha256:de1067b9be05a3acb9bb61458fb89e71acf01cad7a9439a638972bc0615a4d5a_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel9@sha256:f4fe61723e459bf8e8b8721cb463a89d77827f87ec835826b0866c617cb19ea7_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel9@sha256:49d5862f8abc4f05c837b26610604d32c07001af0a93993458b21e8f9adf534f_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel9@sha256:9bf9ff9e04832f353a8904f7f7826417abfe3891a927939a1cdfcfde30d1d10c_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel9@sha256:c35b05b413bc2090089219d476f0a1e2c56250fc09e190583e167bfcdce5bf35_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel9@sha256:d21ac96577006183a5cc592fb094cb2cf0f25aa687597d68984965ebcb1cb9a5_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel9@sha256:162dd2718a9d9fdf4e3558129a0a77094a7fd9731ab826c664b69ed955853ddd_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel9@sha256:23ed9a9439c4651417dd96d62776ca40582b54fc5da2955a72b047608c0d6c42_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel9@sha256:32d97ab01d3f3df3212c3e949d2630709ae05e4d0c56aafd6a720827234cf3e9_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel9@sha256:e49a3d2b7456a55b603e78b8ddec27665b6a957f5ac479aad50123f3f9bb1d42_s390x | — |
Workaround
|
Threats
Impact
Important
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages. Security Bulletin https://access.redhat.com/security/vulnerabilities/RHSB-2023-003
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-ui-rhel8@sha256:0d0b96befa8957940d289d905517a6e2ef687cc28c9e68c29acb7813a90a13a6_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
115 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-billing-rhel8-operator@sha256:3151364d2c3359a253e6f95fe296ad9842bcf859a4d05e65abc1283f7646f986_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-billing-rhel8@sha256:f650486925c3bb5ff56570543839ef8ab668c91bba11a30aeceba22b0cf25b3e_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-metrics-collector-rhel8@sha256:738e8ad888db5fa2205b9eb809b25ee98b77b47e7cb009d7aef94e0ab09c9492_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-ui-rhel8-operator@sha256:2826678e9aca4fc567567c36f0d7af6cc22ee85fcfb23d3552534712685d512d_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/aap-must-gather-rhel8@sha256:1ff8637546e4244650e7ad05e9e287c041198d4848a0834c4b505c73ec2adc40_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/aap-must-gather-rhel8@sha256:53a9a6779f8569b03faec060888f39d2d3f071d3a4af8269f66490abd8bfad7e_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/aap-must-gather-rhel8@sha256:ba77e7f17865da4d59f91b69ab58cbeafaa86debe50d2d6fb89e9812f4aed1c7_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/aap-must-gather-rhel8@sha256:d1730361a768cc0dc847958b872eac8befb5bcbe87d4fc18098b9ff4ed072cf3_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel8@sha256:0089971676a347149081311def7417185edfeac0fa0fb09bac556d1e4ac17971_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel8@sha256:0a5ae31195b5b32e8f0800a301ce0e1e282812af59c667c4b40af82a8ca09d62_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel8@sha256:73220bd2c0da0524f6eb6c7a88378ee9970a804a998f039fa14683cf5d7adf2f_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel8@sha256:9aa60f9acfd33709262f38091589521ef49674607e69a3baa6f3d9c9508a10fe_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel8@sha256:5cf9e0d8a0ad5b1492187b177751cede769b53dc830e5b1bc5dcdd110a71a397_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel8@sha256:6599eee6f2b0b8c08ea3dc49598f97aea3b53b456afcc410dd740c39bbfdcd63_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel8@sha256:697fa0ba756009f66eb78f1feb4f9597da4b2382644c76f7755d29dd70aecea2_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel8@sha256:dd8c5dc68cf8d71a563743040922540101be6c1b29c2f565e1352ece5b68377b_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:9273cfd468a23859d784dc3fbf2ad1abb04892e6a3f2ad55d8d2e7c623d0419f_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:99e842a1ca0ea2234c09a8a9466d936968ef36032c102e26fa761089528461e7_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:d2d4b79f72dfe3f646f27b2c35e5108ed3a3c867fd0b9c04d0193e6ec717ad75_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:d6ae7f3136a14984e33f46598f6e321ad72f3875e4c3f0a8c773e5046fb99f1a_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8-operator@sha256:013993b69238a181ef9be9c6cbd173f4af8280f6dc763e52a493e54e71069a01_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8-operator@sha256:07a798fdc9b88ce7332a1300475e3a56d439b55a7ad5e10fd8d4e036661841cd_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8-operator@sha256:2e252f02c2695856d19d90299e2f1cc2bf93d7304e48da306628b12f4d56b037_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8-operator@sha256:71dac652dd2a9588f1722c5147c8cc9cdb5c38d3cb3dc5a5e955c4cba6a3e57c_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8@sha256:11f4ad08d0d96223b17e08a5d07f0594d0d450fe94bd86ce6f57165d20eedfee_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8@sha256:6855d1b68735adde33f4ad83496e7ada4548e3fb1ad07cb7925dfb726d800da0_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8@sha256:c8fdd92c3c2c497ab1d4ba8c96759e8f2dfe7f023df6c5021dfed672c98d0621_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8@sha256:f346fa5d9a45ba329dc668e6a63672020fb579948b6c417ce76400e07ef928a5_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel8@sha256:1e2c70baa0950d9667715e4deda717db264ea07aaa097ed4c3e11025eb4c59a0_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel8@sha256:3407db77ac87aecdc3bd3d32294672192caadd5779858d9c1ca559eef0dcf431_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel8@sha256:6bf6294838abf4584f07500c9d61e7358d706f5754e1171e6a4184957e272d18_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel8@sha256:8c7d062a28b7e54510c1aa45598a6e7c0777962b0c5d1dd1eff77e2203aabc93_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel8@sha256:037b08f1cdf2bd0ba488ec02d6c4136171cadad65017f4331fb8e6d8b9ec8ffb_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel8@sha256:3abdaa6c02011ee543838612626d895980298d6e505e510f4a2b75e6ee0d6315_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel8@sha256:d4d8984a1e1191d58e402dfd9f7d80a1f3bf714b774cc0837809ccabbbbfdb03_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel8@sha256:dcdf4678c085dcb1014930901def587b01e780ce45a471f17a9c39de221b0757_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:4220b98f9d8e805a77a4a4ef95855b8f2c61467a02f686c7b547496831493746_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:683b9705958bb94e2f3fa8901c19ffd4d2a3967104fec3a969a46fa7e5702507_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:b533066a88203acca58a7355f379018eb270f0c932c35f8170e76bfe658ef84b_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:f9f8d32c2ab60ab6c30bfcdec7778f6eb67ba30015d9453afd67ab334c8c2fe5_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8@sha256:2bc05e35b21a826737e8bc523924d8137a531003d2ba2466243f4172708f2cbc_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8@sha256:3059b9a6c38deb5aac3fb60875214fe2dafe50cda028638816ec67741169ec73_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8@sha256:7d75552ba2d42b0f85695e9a71ff71dd781bce0452590d89c12a8fc9f1a501ff_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8@sha256:fd7e96d6b70e0a1b13f0f34e7f14d4de14d07f0db6c449c20e1211bc3982205e_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:56b46c50edef8f427dbc11d32c493ccc3b12df9dc9f553c2e8d3740313ae3cd1_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:7eeca90468dde408d820ffb7b530d0cef615fe6f4a7e852b47ff18028cc09ecc_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:88f5e52c33ca6ff00cb1fd37753a2b1f9e4b6b2a07977e68b71262a8d7a4c58b_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:ee508e6aaaf56c6ec9025d7650000a39a7b05319b570e6961eb72d20623793d9_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-29-rhel8@sha256:5685c052ba6b6d3eec7b7c740ba6b967e92f1fa22631dcf2fe048c57d16cf12a_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-cloud-services-rhel8@sha256:d0797635652c5d9044da6c9f3ecbcc174bf7a9823f1c72cde44830cfe4f5ff56_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-dellemc-openmanage-rhel8@sha256:628f7596505a9ab111cfcd1d3a1eb11e537dbf663d9b802e3cc94af8dbfa05d6_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-dellemc-openmanage-rhel8@sha256:894f470c00c9bffad51ba8e8aecac867345c6e3f90227d773699cf8ef25120eb_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel8@sha256:382c4b91e8c8b30b51d3168b4a16f7c75c96198f4699c301bd03d686c8e85ae7_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel8@sha256:5a2b269ebe2bbb5f27af823cc13c3ce06ade36f43480aa56d41d654d5ef139e3_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel8@sha256:63ea2ecffbf408183f3f37e4c1df4e3a77b9f4c0806d2ef3141d102470661e38_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel8@sha256:c4c7158dfc2c317c62aed28f6db21bc347aca92b8301a6cb932c1a5fbf3eac87_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel8@sha256:72098dcaf2cf2174557428f1121c5926b905dfaa0aad160d3064d171946f298e_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel8@sha256:97e133b817c1aac347642b414ca6cb108fec25434b945c398bae6763f1596c5e_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel8@sha256:a5641fd059a00dff89f846472bf2c139c15ac2908328b03f86ab67087a1dbcf4_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel8@sha256:adad7b24fba97c5649f320ebc72a6b6cbf280e552121a2081b0fe804b06ef78d_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8-operator@sha256:32fa50754404a12b4d4a58d4ef9def3f5e8225cb2cf1e56983df1677f621462e_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8-operator@sha256:ad9213450b9284c6e4323f9f8a5dfc42734ac95b67e5cd6a3afc3bd2945e993d_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8-operator@sha256:b3064c6ba7b2cf491ced94cd9b6545306cb7d59e2054a0d7042daaa3c062246e_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8-operator@sha256:f38fcf5efc4501f3111484cd9c5216f4014fcfd0088d4dd3ad6c14ad76dbe83a_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8@sha256:a27c12f79db64522884b304c30f40635c774f51596689670fd628f409a68663f_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8@sha256:ac2b684d7ac8e0b6f36fe2da22b2ed41bfb24f8e2f77e64117c186a3cdf2f21b_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8@sha256:df80c45631e780f58aaf85edddaf77ed82c0b41f0ad766db048615290eeb96a3_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8@sha256:fe2675bd2c51d62dfa3473653c00ddf55a1b64791f5029fe0b87087461b700a1_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-web-rhel8@sha256:01b5493444bc24c954ce86554d0ba8ca99b9db8c516901d0539e1b001ba78590_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-web-rhel8@sha256:0b7d67480c6a15e5a655573f2ac885d34df441978f8f595f8c4d9f5e93c052d1_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-web-rhel8@sha256:a44ffd3666281ab867c177915ddf48fdb59052a2d48f49284a598e8c80125d7b_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-web-rhel8@sha256:ff2db93490c489562bb8c37a247daf01e10c871e628b24cc4006dd2bd14473bb_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:13425b0194354a15d71f6bccd7b2e526ef4b2cd8c56b6aff91ebf4435bda20bc_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:893d04a458674590c81c2ef09fb222c36f47bee71ab3615d6bb73432c58d965b_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:964337aac284059c1abde17a9bd2c0d13fd5a149a91af19eb56944728f7f5584_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:9d429c6e5d72bf883362b1ae11f8b4ed3a9d468e77e2e29c8ff234df9e255db4_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:38bc442a6181a739b4c232d25abd7018dbce05083f3bf09ab7a071a3d2a4c7b4_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:8c80648871aee9d1c5450226d18b122a40fe188b1140fcb22800ecda41bb6343_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:cfbf2ddd1dce998575bf8e38cd38bbcc98b006ba918d5de8ea1621b5de4d3f67_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:de8830287e00c4062524ebc9e9a93896503101e6382f553c89cc0c1e7d15618f_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/cloud-addons-operator-bundle@sha256:bdc45dd15fcdf3d3956c6ddc2316a8e68490cc1d4249f95b01b231a0fb17debf_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/ee-containerized-installer-rhel8@sha256:797d37d3015ebbf5125f6e1d12d47774a276a42a3c18ccabab2bf1c466b001fd_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/ee-containerized-installer-rhel8@sha256:a4cdb956a90531672851a53c6691591c871513630c8d441b0061d0c187f62a99_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/platform-operator-bundle@sha256:5825e694ae618fd41f495a7d5b9f911da004a9649aa09ca66ad64d3812a884d9_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/platform-operator-bundle@sha256:8b8051faac5197c85088cdb2032576d7789ef251ffd8ea8fc2e525a199202ab0_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/platform-operator-bundle@sha256:d5d128596af42dddb7f3efa725050a35c07eae5e63a4bd8be7789857cf5d36f3_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/platform-operator-bundle@sha256:ecc912e9ab3146df86e7be7afbc077db49e74f913815c73521ae67893f452853_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel9@sha256:20092308c17687aa6059400af8d1772b8fe85207db9f9a5b6d259908e0b63aab_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel9@sha256:45ff186bff94f30a34c2fe59bc342d10bf47071567b9d09d1fa61bf08e72f1c4_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel9@sha256:a4a88494691f2fc7689d16a4da97a857e8b795e41ecf5fe09b09ebfc729511ce_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel9@sha256:eb2f2e5796823643b8b52b98976a04089cdc82ce32f3e4a348fc25dd12eff275_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel9@sha256:7ecc021d626a20acc20f73b28005c16a8d20c7640ec51dffdaff236440702172_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel9@sha256:8c34db5cc4c68c80db22a835c095d60e3988a3e6d1c82fb91cc8558b43a47b33_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel9@sha256:91f0cc9dd9261b7bff0484d3db8e499912fa1781aa71ad24c77d0809cccb03f4_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel9@sha256:cd96a0ece925ed1443c0797bc3baf992ed7ae087f5977df8728a4aab8940516f_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:035f8ce6c6f6ab88366d7d42ba587d75b60236433e01ce0349a40554ff0e1b05_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:11934bcc8a713da353d254164b6914b5769326534a2298f0ccb8642813da5f9a_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:b46fed769c86134a110f442dc56b0c8bfd0d469eb39649916db099f611ab3347_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:bc376892f777fade4e725e140ae195ee94bd2f3c8e97b86a2705cbe23fa1875e_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel9@sha256:7660d7f051c9ac00bf49f609bf1e24b8020d2cb8856b40cbecc13de54d55fed8_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel9@sha256:9b13ab56c30c5c77a21e00d2dfbad44f63c6ff7ac5acb6b8ba416f7fb2a0fc51_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel9@sha256:a562c54aa4ba7538aa2b1beab666cab689240f664f8c17bfd769560efbe3b626_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel9@sha256:f28e22e5da55ea626890aceb7ae4c391e192055a60a1beba9a98ac70ee1353ce_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel9@sha256:5bd5d0da12cc63b3221f508c203b0cde5b4628439d42c1a0303a31c217506936_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel9@sha256:da3031d8ff12b8df290c6da7c5451d0a797c24c0b2b0ce5cce943633d2352ee7_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel9@sha256:de1067b9be05a3acb9bb61458fb89e71acf01cad7a9439a638972bc0615a4d5a_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel9@sha256:f4fe61723e459bf8e8b8721cb463a89d77827f87ec835826b0866c617cb19ea7_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel9@sha256:49d5862f8abc4f05c837b26610604d32c07001af0a93993458b21e8f9adf534f_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel9@sha256:9bf9ff9e04832f353a8904f7f7826417abfe3891a927939a1cdfcfde30d1d10c_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel9@sha256:c35b05b413bc2090089219d476f0a1e2c56250fc09e190583e167bfcdce5bf35_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel9@sha256:d21ac96577006183a5cc592fb094cb2cf0f25aa687597d68984965ebcb1cb9a5_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel9@sha256:162dd2718a9d9fdf4e3558129a0a77094a7fd9731ab826c664b69ed955853ddd_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel9@sha256:23ed9a9439c4651417dd96d62776ca40582b54fc5da2955a72b047608c0d6c42_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel9@sha256:32d97ab01d3f3df3212c3e949d2630709ae05e4d0c56aafd6a720827234cf3e9_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel9@sha256:e49a3d2b7456a55b603e78b8ddec27665b6a957f5ac479aad50123f3f9bb1d42_s390x | — |
Workaround
|
Threats
Exploit Status
CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Impact
Important
References
18 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat Ansible Automation Platform 2.4",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to individual teams, while automation developers retain the freedom to write tasks that leverage existing knowledge without the overhead. Ansible Automation Platform makes it possible for users across an organization to share, vet, and manage automation content by means of a simple, powerful, and agentless language.\n\nUpdates:\n* Added a new subscription usage page to the controller UI to view historical usage of licenses (AAP-16983)\n* Add scheduler deployment to handle more rulebook activations (AAP-16760)\n* Upgraded Django to address CVE-2023-41164 automation-controller: Potential denial of service vulnerability in ``django.utils.encoding.uri_to_iri()`` (AAP-16193)\n* EDA default and activation workers now have their own separate deployments, which can be scaled independently (AAP-15506)\n* EDA application extra_settings are now correctly configured in the application settings (AAP-15073)\n* Set default resource requests and limits for EDA based on performance data (AAP-13143)\n* Operator is killing migration process if it\u0027s taking too long (https://issues.redhat.com/browse/AAP-17085)\n* OS Updates",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHBA-2023:5806",
"url": "https://access.redhat.com/errata/RHBA-2023:5806"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhba-2023_5806.json"
}
],
"title": "Red Hat Bug Fix Advisory: Red Hat Ansible Automation Platform 2.4 Container Release Update",
"tracking": {
"current_release_date": "2026-06-08T15:35:03+00:00",
"generator": {
"date": "2026-06-08T15:35:03+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.2"
}
},
"id": "RHBA-2023:5806",
"initial_release_date": "2023-10-17T19:03:49+00:00",
"revision_history": [
{
"date": "2023-10-17T19:03:49+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-10-17T19:03:49+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-08T15:35:03+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product": {
"name": "Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Cloud-Billing",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ansible_automation_platform_cloud_billing:2.4::el8"
}
}
},
{
"category": "product_name",
"name": "Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product": {
"name": "Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ansible_automation_platform:2.4::el8"
}
}
},
{
"category": "product_name",
"name": "Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product": {
"name": "Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ansible_automation_platform:2.4::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Ansible Automation Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "ansible-automation-platform-24/aap-cloud-billing-rhel8@sha256:f650486925c3bb5ff56570543839ef8ab668c91bba11a30aeceba22b0cf25b3e_amd64",
"product": {
"name": "ansible-automation-platform-24/aap-cloud-billing-rhel8@sha256:f650486925c3bb5ff56570543839ef8ab668c91bba11a30aeceba22b0cf25b3e_amd64",
"product_id": "ansible-automation-platform-24/aap-cloud-billing-rhel8@sha256:f650486925c3bb5ff56570543839ef8ab668c91bba11a30aeceba22b0cf25b3e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/aap-cloud-billing-rhel8@sha256:f650486925c3bb5ff56570543839ef8ab668c91bba11a30aeceba22b0cf25b3e?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/aap-cloud-billing-rhel8\u0026tag=0.0.2-112"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/aap-cloud-billing-rhel8-operator@sha256:3151364d2c3359a253e6f95fe296ad9842bcf859a4d05e65abc1283f7646f986_amd64",
"product": {
"name": "ansible-automation-platform-24/aap-cloud-billing-rhel8-operator@sha256:3151364d2c3359a253e6f95fe296ad9842bcf859a4d05e65abc1283f7646f986_amd64",
"product_id": "ansible-automation-platform-24/aap-cloud-billing-rhel8-operator@sha256:3151364d2c3359a253e6f95fe296ad9842bcf859a4d05e65abc1283f7646f986_amd64",
"product_identification_helper": {
"purl": "pkg:oci/aap-cloud-billing-rhel8-operator@sha256:3151364d2c3359a253e6f95fe296ad9842bcf859a4d05e65abc1283f7646f986?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/aap-cloud-billing-rhel8-operator\u0026tag=1.0.2-24"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/aap-cloud-metrics-collector-rhel8@sha256:738e8ad888db5fa2205b9eb809b25ee98b77b47e7cb009d7aef94e0ab09c9492_amd64",
"product": {
"name": "ansible-automation-platform-24/aap-cloud-metrics-collector-rhel8@sha256:738e8ad888db5fa2205b9eb809b25ee98b77b47e7cb009d7aef94e0ab09c9492_amd64",
"product_id": "ansible-automation-platform-24/aap-cloud-metrics-collector-rhel8@sha256:738e8ad888db5fa2205b9eb809b25ee98b77b47e7cb009d7aef94e0ab09c9492_amd64",
"product_identification_helper": {
"purl": "pkg:oci/aap-cloud-metrics-collector-rhel8@sha256:738e8ad888db5fa2205b9eb809b25ee98b77b47e7cb009d7aef94e0ab09c9492?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/aap-cloud-metrics-collector-rhel8\u0026tag=1.0.2-15"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/aap-cloud-ui-rhel8@sha256:0d0b96befa8957940d289d905517a6e2ef687cc28c9e68c29acb7813a90a13a6_amd64",
"product": {
"name": "ansible-automation-platform-24/aap-cloud-ui-rhel8@sha256:0d0b96befa8957940d289d905517a6e2ef687cc28c9e68c29acb7813a90a13a6_amd64",
"product_id": "ansible-automation-platform-24/aap-cloud-ui-rhel8@sha256:0d0b96befa8957940d289d905517a6e2ef687cc28c9e68c29acb7813a90a13a6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/aap-cloud-ui-rhel8@sha256:0d0b96befa8957940d289d905517a6e2ef687cc28c9e68c29acb7813a90a13a6?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/aap-cloud-ui-rhel8\u0026tag=1.0.2-14"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/aap-cloud-ui-rhel8-operator@sha256:2826678e9aca4fc567567c36f0d7af6cc22ee85fcfb23d3552534712685d512d_amd64",
"product": {
"name": "ansible-automation-platform-24/aap-cloud-ui-rhel8-operator@sha256:2826678e9aca4fc567567c36f0d7af6cc22ee85fcfb23d3552534712685d512d_amd64",
"product_id": "ansible-automation-platform-24/aap-cloud-ui-rhel8-operator@sha256:2826678e9aca4fc567567c36f0d7af6cc22ee85fcfb23d3552534712685d512d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/aap-cloud-ui-rhel8-operator@sha256:2826678e9aca4fc567567c36f0d7af6cc22ee85fcfb23d3552534712685d512d?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/aap-cloud-ui-rhel8-operator\u0026tag=1.0.3-10"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/aap-must-gather-rhel8@sha256:1ff8637546e4244650e7ad05e9e287c041198d4848a0834c4b505c73ec2adc40_amd64",
"product": {
"name": "ansible-automation-platform-24/aap-must-gather-rhel8@sha256:1ff8637546e4244650e7ad05e9e287c041198d4848a0834c4b505c73ec2adc40_amd64",
"product_id": "ansible-automation-platform-24/aap-must-gather-rhel8@sha256:1ff8637546e4244650e7ad05e9e287c041198d4848a0834c4b505c73ec2adc40_amd64",
"product_identification_helper": {
"purl": "pkg:oci/aap-must-gather-rhel8@sha256:1ff8637546e4244650e7ad05e9e287c041198d4848a0834c4b505c73ec2adc40?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/aap-must-gather-rhel8\u0026tag=0.0.1-356"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform/platform-operator-bundle@sha256:5825e694ae618fd41f495a7d5b9f911da004a9649aa09ca66ad64d3812a884d9_amd64",
"product": {
"name": "ansible-automation-platform/platform-operator-bundle@sha256:5825e694ae618fd41f495a7d5b9f911da004a9649aa09ca66ad64d3812a884d9_amd64",
"product_id": "ansible-automation-platform/platform-operator-bundle@sha256:5825e694ae618fd41f495a7d5b9f911da004a9649aa09ca66ad64d3812a884d9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/platform-operator-bundle@sha256:5825e694ae618fd41f495a7d5b9f911da004a9649aa09ca66ad64d3812a884d9?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform/platform-operator-bundle\u0026tag=2.4-672"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/ansible-builder-rhel9@sha256:45ff186bff94f30a34c2fe59bc342d10bf47071567b9d09d1fa61bf08e72f1c4_amd64",
"product": {
"name": "ansible-automation-platform-24/ansible-builder-rhel9@sha256:45ff186bff94f30a34c2fe59bc342d10bf47071567b9d09d1fa61bf08e72f1c4_amd64",
"product_id": "ansible-automation-platform-24/ansible-builder-rhel9@sha256:45ff186bff94f30a34c2fe59bc342d10bf47071567b9d09d1fa61bf08e72f1c4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ansible-builder-rhel9@sha256:45ff186bff94f30a34c2fe59bc342d10bf47071567b9d09d1fa61bf08e72f1c4?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/ansible-builder-rhel9\u0026tag=3.0.0-111"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/ansible-builder-rhel8@sha256:0a5ae31195b5b32e8f0800a301ce0e1e282812af59c667c4b40af82a8ca09d62_amd64",
"product": {
"name": "ansible-automation-platform-24/ansible-builder-rhel8@sha256:0a5ae31195b5b32e8f0800a301ce0e1e282812af59c667c4b40af82a8ca09d62_amd64",
"product_id": "ansible-automation-platform-24/ansible-builder-rhel8@sha256:0a5ae31195b5b32e8f0800a301ce0e1e282812af59c667c4b40af82a8ca09d62_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ansible-builder-rhel8@sha256:0a5ae31195b5b32e8f0800a301ce0e1e282812af59c667c4b40af82a8ca09d62?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/ansible-builder-rhel8\u0026tag=3.0.0-112"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform/cloud-addons-operator-bundle@sha256:bdc45dd15fcdf3d3956c6ddc2316a8e68490cc1d4249f95b01b231a0fb17debf_amd64",
"product": {
"name": "ansible-automation-platform/cloud-addons-operator-bundle@sha256:bdc45dd15fcdf3d3956c6ddc2316a8e68490cc1d4249f95b01b231a0fb17debf_amd64",
"product_id": "ansible-automation-platform/cloud-addons-operator-bundle@sha256:bdc45dd15fcdf3d3956c6ddc2316a8e68490cc1d4249f95b01b231a0fb17debf_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cloud-addons-operator-bundle@sha256:bdc45dd15fcdf3d3956c6ddc2316a8e68490cc1d4249f95b01b231a0fb17debf?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform/cloud-addons-operator-bundle\u0026tag=2.4-402"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/ansible-python-base-rhel8@sha256:5cf9e0d8a0ad5b1492187b177751cede769b53dc830e5b1bc5dcdd110a71a397_amd64",
"product": {
"name": "ansible-automation-platform-24/ansible-python-base-rhel8@sha256:5cf9e0d8a0ad5b1492187b177751cede769b53dc830e5b1bc5dcdd110a71a397_amd64",
"product_id": "ansible-automation-platform-24/ansible-python-base-rhel8@sha256:5cf9e0d8a0ad5b1492187b177751cede769b53dc830e5b1bc5dcdd110a71a397_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ansible-python-base-rhel8@sha256:5cf9e0d8a0ad5b1492187b177751cede769b53dc830e5b1bc5dcdd110a71a397?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/ansible-python-base-rhel8\u0026tag=1.0.0-386"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/ansible-python-base-rhel9@sha256:7ecc021d626a20acc20f73b28005c16a8d20c7640ec51dffdaff236440702172_amd64",
"product": {
"name": "ansible-automation-platform-24/ansible-python-base-rhel9@sha256:7ecc021d626a20acc20f73b28005c16a8d20c7640ec51dffdaff236440702172_amd64",
"product_id": "ansible-automation-platform-24/ansible-python-base-rhel9@sha256:7ecc021d626a20acc20f73b28005c16a8d20c7640ec51dffdaff236440702172_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ansible-python-base-rhel9@sha256:7ecc021d626a20acc20f73b28005c16a8d20c7640ec51dffdaff236440702172?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/ansible-python-base-rhel9\u0026tag=1.0.0-387"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:99e842a1ca0ea2234c09a8a9466d936968ef36032c102e26fa761089528461e7_amd64",
"product": {
"name": "ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:99e842a1ca0ea2234c09a8a9466d936968ef36032c102e26fa761089528461e7_amd64",
"product_id": "ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:99e842a1ca0ea2234c09a8a9466d936968ef36032c102e26fa761089528461e7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ansible-python-toolkit-rhel8@sha256:99e842a1ca0ea2234c09a8a9466d936968ef36032c102e26fa761089528461e7?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/ansible-python-toolkit-rhel8\u0026tag=1.0.0-369"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:bc376892f777fade4e725e140ae195ee94bd2f3c8e97b86a2705cbe23fa1875e_amd64",
"product": {
"name": "ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:bc376892f777fade4e725e140ae195ee94bd2f3c8e97b86a2705cbe23fa1875e_amd64",
"product_id": "ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:bc376892f777fade4e725e140ae195ee94bd2f3c8e97b86a2705cbe23fa1875e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ansible-python-toolkit-rhel9@sha256:bc376892f777fade4e725e140ae195ee94bd2f3c8e97b86a2705cbe23fa1875e?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/ansible-python-toolkit-rhel9\u0026tag=1.0.0-368"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/controller-rhel8@sha256:11f4ad08d0d96223b17e08a5d07f0594d0d450fe94bd86ce6f57165d20eedfee_amd64",
"product": {
"name": "ansible-automation-platform-24/controller-rhel8@sha256:11f4ad08d0d96223b17e08a5d07f0594d0d450fe94bd86ce6f57165d20eedfee_amd64",
"product_id": "ansible-automation-platform-24/controller-rhel8@sha256:11f4ad08d0d96223b17e08a5d07f0594d0d450fe94bd86ce6f57165d20eedfee_amd64",
"product_identification_helper": {
"purl": "pkg:oci/controller-rhel8@sha256:11f4ad08d0d96223b17e08a5d07f0594d0d450fe94bd86ce6f57165d20eedfee?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/controller-rhel8\u0026tag=4.4.6-4"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/controller-rhel8-operator@sha256:07a798fdc9b88ce7332a1300475e3a56d439b55a7ad5e10fd8d4e036661841cd_amd64",
"product": {
"name": "ansible-automation-platform-24/controller-rhel8-operator@sha256:07a798fdc9b88ce7332a1300475e3a56d439b55a7ad5e10fd8d4e036661841cd_amd64",
"product_id": "ansible-automation-platform-24/controller-rhel8-operator@sha256:07a798fdc9b88ce7332a1300475e3a56d439b55a7ad5e10fd8d4e036661841cd_amd64",
"product_identification_helper": {
"purl": "pkg:oci/controller-rhel8-operator@sha256:07a798fdc9b88ce7332a1300475e3a56d439b55a7ad5e10fd8d4e036661841cd?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/controller-rhel8-operator\u0026tag=2.4-79"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/eda-controller-rhel8@sha256:fd7e96d6b70e0a1b13f0f34e7f14d4de14d07f0db6c449c20e1211bc3982205e_amd64",
"product": {
"name": "ansible-automation-platform-24/eda-controller-rhel8@sha256:fd7e96d6b70e0a1b13f0f34e7f14d4de14d07f0db6c449c20e1211bc3982205e_amd64",
"product_id": "ansible-automation-platform-24/eda-controller-rhel8@sha256:fd7e96d6b70e0a1b13f0f34e7f14d4de14d07f0db6c449c20e1211bc3982205e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/eda-controller-rhel8@sha256:fd7e96d6b70e0a1b13f0f34e7f14d4de14d07f0db6c449c20e1211bc3982205e?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/eda-controller-rhel8\u0026tag=1.0.1-16"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:f9f8d32c2ab60ab6c30bfcdec7778f6eb67ba30015d9453afd67ab334c8c2fe5_amd64",
"product": {
"name": "ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:f9f8d32c2ab60ab6c30bfcdec7778f6eb67ba30015d9453afd67ab334c8c2fe5_amd64",
"product_id": "ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:f9f8d32c2ab60ab6c30bfcdec7778f6eb67ba30015d9453afd67ab334c8c2fe5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/eda-controller-rhel8-operator@sha256:f9f8d32c2ab60ab6c30bfcdec7778f6eb67ba30015d9453afd67ab334c8c2fe5?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/eda-controller-rhel8-operator\u0026tag=2.4-86"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:56b46c50edef8f427dbc11d32c493ccc3b12df9dc9f553c2e8d3740313ae3cd1_amd64",
"product": {
"name": "ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:56b46c50edef8f427dbc11d32c493ccc3b12df9dc9f553c2e8d3740313ae3cd1_amd64",
"product_id": "ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:56b46c50edef8f427dbc11d32c493ccc3b12df9dc9f553c2e8d3740313ae3cd1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/eda-controller-ui-rhel8@sha256:56b46c50edef8f427dbc11d32c493ccc3b12df9dc9f553c2e8d3740313ae3cd1?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/eda-controller-ui-rhel8\u0026tag=1.0.1-16"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/hub-rhel8@sha256:ac2b684d7ac8e0b6f36fe2da22b2ed41bfb24f8e2f77e64117c186a3cdf2f21b_amd64",
"product": {
"name": "ansible-automation-platform-24/hub-rhel8@sha256:ac2b684d7ac8e0b6f36fe2da22b2ed41bfb24f8e2f77e64117c186a3cdf2f21b_amd64",
"product_id": "ansible-automation-platform-24/hub-rhel8@sha256:ac2b684d7ac8e0b6f36fe2da22b2ed41bfb24f8e2f77e64117c186a3cdf2f21b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/hub-rhel8@sha256:ac2b684d7ac8e0b6f36fe2da22b2ed41bfb24f8e2f77e64117c186a3cdf2f21b?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/hub-rhel8\u0026tag=4.7.3-15"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/hub-rhel8-operator@sha256:f38fcf5efc4501f3111484cd9c5216f4014fcfd0088d4dd3ad6c14ad76dbe83a_amd64",
"product": {
"name": "ansible-automation-platform-24/hub-rhel8-operator@sha256:f38fcf5efc4501f3111484cd9c5216f4014fcfd0088d4dd3ad6c14ad76dbe83a_amd64",
"product_id": "ansible-automation-platform-24/hub-rhel8-operator@sha256:f38fcf5efc4501f3111484cd9c5216f4014fcfd0088d4dd3ad6c14ad76dbe83a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/hub-rhel8-operator@sha256:f38fcf5efc4501f3111484cd9c5216f4014fcfd0088d4dd3ad6c14ad76dbe83a?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/hub-rhel8-operator\u0026tag=2.4-70"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/hub-web-rhel8@sha256:a44ffd3666281ab867c177915ddf48fdb59052a2d48f49284a598e8c80125d7b_amd64",
"product": {
"name": "ansible-automation-platform-24/hub-web-rhel8@sha256:a44ffd3666281ab867c177915ddf48fdb59052a2d48f49284a598e8c80125d7b_amd64",
"product_id": "ansible-automation-platform-24/hub-web-rhel8@sha256:a44ffd3666281ab867c177915ddf48fdb59052a2d48f49284a598e8c80125d7b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/hub-web-rhel8@sha256:a44ffd3666281ab867c177915ddf48fdb59052a2d48f49284a598e8c80125d7b?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/hub-web-rhel8\u0026tag=4.7.3-15"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/de-minimal-rhel9@sha256:a562c54aa4ba7538aa2b1beab666cab689240f664f8c17bfd769560efbe3b626_amd64",
"product": {
"name": "ansible-automation-platform-24/de-minimal-rhel9@sha256:a562c54aa4ba7538aa2b1beab666cab689240f664f8c17bfd769560efbe3b626_amd64",
"product_id": "ansible-automation-platform-24/de-minimal-rhel9@sha256:a562c54aa4ba7538aa2b1beab666cab689240f664f8c17bfd769560efbe3b626_amd64",
"product_identification_helper": {
"purl": "pkg:oci/de-minimal-rhel9@sha256:a562c54aa4ba7538aa2b1beab666cab689240f664f8c17bfd769560efbe3b626?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/de-minimal-rhel9\u0026tag=1.0.0-128"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/de-minimal-rhel8@sha256:8c7d062a28b7e54510c1aa45598a6e7c0777962b0c5d1dd1eff77e2203aabc93_amd64",
"product": {
"name": "ansible-automation-platform-24/de-minimal-rhel8@sha256:8c7d062a28b7e54510c1aa45598a6e7c0777962b0c5d1dd1eff77e2203aabc93_amd64",
"product_id": "ansible-automation-platform-24/de-minimal-rhel8@sha256:8c7d062a28b7e54510c1aa45598a6e7c0777962b0c5d1dd1eff77e2203aabc93_amd64",
"product_identification_helper": {
"purl": "pkg:oci/de-minimal-rhel8@sha256:8c7d062a28b7e54510c1aa45598a6e7c0777962b0c5d1dd1eff77e2203aabc93?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/de-minimal-rhel8\u0026tag=1.0.0-129"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/de-supported-rhel8@sha256:3abdaa6c02011ee543838612626d895980298d6e505e510f4a2b75e6ee0d6315_amd64",
"product": {
"name": "ansible-automation-platform-24/de-supported-rhel8@sha256:3abdaa6c02011ee543838612626d895980298d6e505e510f4a2b75e6ee0d6315_amd64",
"product_id": "ansible-automation-platform-24/de-supported-rhel8@sha256:3abdaa6c02011ee543838612626d895980298d6e505e510f4a2b75e6ee0d6315_amd64",
"product_identification_helper": {
"purl": "pkg:oci/de-supported-rhel8@sha256:3abdaa6c02011ee543838612626d895980298d6e505e510f4a2b75e6ee0d6315?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/de-supported-rhel8\u0026tag=1.0.0-135"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/de-supported-rhel9@sha256:f4fe61723e459bf8e8b8721cb463a89d77827f87ec835826b0866c617cb19ea7_amd64",
"product": {
"name": "ansible-automation-platform-24/de-supported-rhel9@sha256:f4fe61723e459bf8e8b8721cb463a89d77827f87ec835826b0866c617cb19ea7_amd64",
"product_id": "ansible-automation-platform-24/de-supported-rhel9@sha256:f4fe61723e459bf8e8b8721cb463a89d77827f87ec835826b0866c617cb19ea7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/de-supported-rhel9@sha256:f4fe61723e459bf8e8b8721cb463a89d77827f87ec835826b0866c617cb19ea7?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/de-supported-rhel9\u0026tag=1.0.0-134"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/ee-29-rhel8@sha256:5685c052ba6b6d3eec7b7c740ba6b967e92f1fa22631dcf2fe048c57d16cf12a_amd64",
"product": {
"name": "ansible-automation-platform-24/ee-29-rhel8@sha256:5685c052ba6b6d3eec7b7c740ba6b967e92f1fa22631dcf2fe048c57d16cf12a_amd64",
"product_id": "ansible-automation-platform-24/ee-29-rhel8@sha256:5685c052ba6b6d3eec7b7c740ba6b967e92f1fa22631dcf2fe048c57d16cf12a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ee-29-rhel8@sha256:5685c052ba6b6d3eec7b7c740ba6b967e92f1fa22631dcf2fe048c57d16cf12a?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/ee-29-rhel8\u0026tag=1.0.0-356"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/ee-cloud-services-rhel8@sha256:d0797635652c5d9044da6c9f3ecbcc174bf7a9823f1c72cde44830cfe4f5ff56_amd64",
"product": {
"name": "ansible-automation-platform-24/ee-cloud-services-rhel8@sha256:d0797635652c5d9044da6c9f3ecbcc174bf7a9823f1c72cde44830cfe4f5ff56_amd64",
"product_id": "ansible-automation-platform-24/ee-cloud-services-rhel8@sha256:d0797635652c5d9044da6c9f3ecbcc174bf7a9823f1c72cde44830cfe4f5ff56_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ee-cloud-services-rhel8@sha256:d0797635652c5d9044da6c9f3ecbcc174bf7a9823f1c72cde44830cfe4f5ff56?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/ee-cloud-services-rhel8\u0026tag=1.0.0-147"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform/ee-containerized-installer-rhel8@sha256:a4cdb956a90531672851a53c6691591c871513630c8d441b0061d0c187f62a99_amd64",
"product": {
"name": "ansible-automation-platform/ee-containerized-installer-rhel8@sha256:a4cdb956a90531672851a53c6691591c871513630c8d441b0061d0c187f62a99_amd64",
"product_id": "ansible-automation-platform/ee-containerized-installer-rhel8@sha256:a4cdb956a90531672851a53c6691591c871513630c8d441b0061d0c187f62a99_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ee-containerized-installer-rhel8@sha256:a4cdb956a90531672851a53c6691591c871513630c8d441b0061d0c187f62a99?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform/ee-containerized-installer-rhel8\u0026tag=1.2.3-13"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/ee-dellemc-openmanage-rhel8@sha256:894f470c00c9bffad51ba8e8aecac867345c6e3f90227d773699cf8ef25120eb_amd64",
"product": {
"name": "ansible-automation-platform-24/ee-dellemc-openmanage-rhel8@sha256:894f470c00c9bffad51ba8e8aecac867345c6e3f90227d773699cf8ef25120eb_amd64",
"product_id": "ansible-automation-platform-24/ee-dellemc-openmanage-rhel8@sha256:894f470c00c9bffad51ba8e8aecac867345c6e3f90227d773699cf8ef25120eb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ee-dellemc-openmanage-rhel8@sha256:894f470c00c9bffad51ba8e8aecac867345c6e3f90227d773699cf8ef25120eb?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/ee-dellemc-openmanage-rhel8\u0026tag=8.3.0-7"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/ee-minimal-rhel9@sha256:49d5862f8abc4f05c837b26610604d32c07001af0a93993458b21e8f9adf534f_amd64",
"product": {
"name": "ansible-automation-platform-24/ee-minimal-rhel9@sha256:49d5862f8abc4f05c837b26610604d32c07001af0a93993458b21e8f9adf534f_amd64",
"product_id": "ansible-automation-platform-24/ee-minimal-rhel9@sha256:49d5862f8abc4f05c837b26610604d32c07001af0a93993458b21e8f9adf534f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ee-minimal-rhel9@sha256:49d5862f8abc4f05c837b26610604d32c07001af0a93993458b21e8f9adf534f?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/ee-minimal-rhel9\u0026tag=1.0.0-451"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/ee-minimal-rhel8@sha256:c4c7158dfc2c317c62aed28f6db21bc347aca92b8301a6cb932c1a5fbf3eac87_amd64",
"product": {
"name": "ansible-automation-platform-24/ee-minimal-rhel8@sha256:c4c7158dfc2c317c62aed28f6db21bc347aca92b8301a6cb932c1a5fbf3eac87_amd64",
"product_id": "ansible-automation-platform-24/ee-minimal-rhel8@sha256:c4c7158dfc2c317c62aed28f6db21bc347aca92b8301a6cb932c1a5fbf3eac87_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ee-minimal-rhel8@sha256:c4c7158dfc2c317c62aed28f6db21bc347aca92b8301a6cb932c1a5fbf3eac87?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/ee-minimal-rhel8\u0026tag=1.0.0-450"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/ee-supported-rhel8@sha256:72098dcaf2cf2174557428f1121c5926b905dfaa0aad160d3064d171946f298e_amd64",
"product": {
"name": "ansible-automation-platform-24/ee-supported-rhel8@sha256:72098dcaf2cf2174557428f1121c5926b905dfaa0aad160d3064d171946f298e_amd64",
"product_id": "ansible-automation-platform-24/ee-supported-rhel8@sha256:72098dcaf2cf2174557428f1121c5926b905dfaa0aad160d3064d171946f298e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ee-supported-rhel8@sha256:72098dcaf2cf2174557428f1121c5926b905dfaa0aad160d3064d171946f298e?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/ee-supported-rhel8\u0026tag=1.0.0-436"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/ee-supported-rhel9@sha256:23ed9a9439c4651417dd96d62776ca40582b54fc5da2955a72b047608c0d6c42_amd64",
"product": {
"name": "ansible-automation-platform-24/ee-supported-rhel9@sha256:23ed9a9439c4651417dd96d62776ca40582b54fc5da2955a72b047608c0d6c42_amd64",
"product_id": "ansible-automation-platform-24/ee-supported-rhel9@sha256:23ed9a9439c4651417dd96d62776ca40582b54fc5da2955a72b047608c0d6c42_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ee-supported-rhel9@sha256:23ed9a9439c4651417dd96d62776ca40582b54fc5da2955a72b047608c0d6c42?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/ee-supported-rhel9\u0026tag=1.0.0-435"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:13425b0194354a15d71f6bccd7b2e526ef4b2cd8c56b6aff91ebf4435bda20bc_amd64",
"product": {
"name": "ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:13425b0194354a15d71f6bccd7b2e526ef4b2cd8c56b6aff91ebf4435bda20bc_amd64",
"product_id": "ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:13425b0194354a15d71f6bccd7b2e526ef4b2cd8c56b6aff91ebf4435bda20bc_amd64",
"product_identification_helper": {
"purl": "pkg:oci/platform-resource-rhel8-operator@sha256:13425b0194354a15d71f6bccd7b2e526ef4b2cd8c56b6aff91ebf4435bda20bc?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/platform-resource-rhel8-operator\u0026tag=2.4-68"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:cfbf2ddd1dce998575bf8e38cd38bbcc98b006ba918d5de8ea1621b5de4d3f67_amd64",
"product": {
"name": "ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:cfbf2ddd1dce998575bf8e38cd38bbcc98b006ba918d5de8ea1621b5de4d3f67_amd64",
"product_id": "ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:cfbf2ddd1dce998575bf8e38cd38bbcc98b006ba918d5de8ea1621b5de4d3f67_amd64",
"product_identification_helper": {
"purl": "pkg:oci/platform-resource-runner-rhel8@sha256:cfbf2ddd1dce998575bf8e38cd38bbcc98b006ba918d5de8ea1621b5de4d3f67?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/platform-resource-runner-rhel8\u0026tag=2.4-88"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "ansible-automation-platform-24/aap-must-gather-rhel8@sha256:d1730361a768cc0dc847958b872eac8befb5bcbe87d4fc18098b9ff4ed072cf3_ppc64le",
"product": {
"name": "ansible-automation-platform-24/aap-must-gather-rhel8@sha256:d1730361a768cc0dc847958b872eac8befb5bcbe87d4fc18098b9ff4ed072cf3_ppc64le",
"product_id": "ansible-automation-platform-24/aap-must-gather-rhel8@sha256:d1730361a768cc0dc847958b872eac8befb5bcbe87d4fc18098b9ff4ed072cf3_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/aap-must-gather-rhel8@sha256:d1730361a768cc0dc847958b872eac8befb5bcbe87d4fc18098b9ff4ed072cf3?arch=ppc64le\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/aap-must-gather-rhel8\u0026tag=0.0.1-356"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform/platform-operator-bundle@sha256:ecc912e9ab3146df86e7be7afbc077db49e74f913815c73521ae67893f452853_ppc64le",
"product": {
"name": "ansible-automation-platform/platform-operator-bundle@sha256:ecc912e9ab3146df86e7be7afbc077db49e74f913815c73521ae67893f452853_ppc64le",
"product_id": "ansible-automation-platform/platform-operator-bundle@sha256:ecc912e9ab3146df86e7be7afbc077db49e74f913815c73521ae67893f452853_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/platform-operator-bundle@sha256:ecc912e9ab3146df86e7be7afbc077db49e74f913815c73521ae67893f452853?arch=ppc64le\u0026repository_url=registry.redhat.io/ansible-automation-platform/platform-operator-bundle\u0026tag=2.4-672"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/ansible-builder-rhel9@sha256:eb2f2e5796823643b8b52b98976a04089cdc82ce32f3e4a348fc25dd12eff275_ppc64le",
"product": {
"name": "ansible-automation-platform-24/ansible-builder-rhel9@sha256:eb2f2e5796823643b8b52b98976a04089cdc82ce32f3e4a348fc25dd12eff275_ppc64le",
"product_id": "ansible-automation-platform-24/ansible-builder-rhel9@sha256:eb2f2e5796823643b8b52b98976a04089cdc82ce32f3e4a348fc25dd12eff275_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ansible-builder-rhel9@sha256:eb2f2e5796823643b8b52b98976a04089cdc82ce32f3e4a348fc25dd12eff275?arch=ppc64le\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/ansible-builder-rhel9\u0026tag=3.0.0-111"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/ansible-builder-rhel8@sha256:9aa60f9acfd33709262f38091589521ef49674607e69a3baa6f3d9c9508a10fe_ppc64le",
"product": {
"name": "ansible-automation-platform-24/ansible-builder-rhel8@sha256:9aa60f9acfd33709262f38091589521ef49674607e69a3baa6f3d9c9508a10fe_ppc64le",
"product_id": "ansible-automation-platform-24/ansible-builder-rhel8@sha256:9aa60f9acfd33709262f38091589521ef49674607e69a3baa6f3d9c9508a10fe_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ansible-builder-rhel8@sha256:9aa60f9acfd33709262f38091589521ef49674607e69a3baa6f3d9c9508a10fe?arch=ppc64le\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/ansible-builder-rhel8\u0026tag=3.0.0-112"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/ansible-python-base-rhel8@sha256:dd8c5dc68cf8d71a563743040922540101be6c1b29c2f565e1352ece5b68377b_ppc64le",
"product": {
"name": "ansible-automation-platform-24/ansible-python-base-rhel8@sha256:dd8c5dc68cf8d71a563743040922540101be6c1b29c2f565e1352ece5b68377b_ppc64le",
"product_id": "ansible-automation-platform-24/ansible-python-base-rhel8@sha256:dd8c5dc68cf8d71a563743040922540101be6c1b29c2f565e1352ece5b68377b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ansible-python-base-rhel8@sha256:dd8c5dc68cf8d71a563743040922540101be6c1b29c2f565e1352ece5b68377b?arch=ppc64le\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/ansible-python-base-rhel8\u0026tag=1.0.0-386"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/ansible-python-base-rhel9@sha256:91f0cc9dd9261b7bff0484d3db8e499912fa1781aa71ad24c77d0809cccb03f4_ppc64le",
"product": {
"name": "ansible-automation-platform-24/ansible-python-base-rhel9@sha256:91f0cc9dd9261b7bff0484d3db8e499912fa1781aa71ad24c77d0809cccb03f4_ppc64le",
"product_id": "ansible-automation-platform-24/ansible-python-base-rhel9@sha256:91f0cc9dd9261b7bff0484d3db8e499912fa1781aa71ad24c77d0809cccb03f4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ansible-python-base-rhel9@sha256:91f0cc9dd9261b7bff0484d3db8e499912fa1781aa71ad24c77d0809cccb03f4?arch=ppc64le\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/ansible-python-base-rhel9\u0026tag=1.0.0-387"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:d2d4b79f72dfe3f646f27b2c35e5108ed3a3c867fd0b9c04d0193e6ec717ad75_ppc64le",
"product": {
"name": "ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:d2d4b79f72dfe3f646f27b2c35e5108ed3a3c867fd0b9c04d0193e6ec717ad75_ppc64le",
"product_id": "ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:d2d4b79f72dfe3f646f27b2c35e5108ed3a3c867fd0b9c04d0193e6ec717ad75_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ansible-python-toolkit-rhel8@sha256:d2d4b79f72dfe3f646f27b2c35e5108ed3a3c867fd0b9c04d0193e6ec717ad75?arch=ppc64le\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/ansible-python-toolkit-rhel8\u0026tag=1.0.0-369"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:11934bcc8a713da353d254164b6914b5769326534a2298f0ccb8642813da5f9a_ppc64le",
"product": {
"name": "ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:11934bcc8a713da353d254164b6914b5769326534a2298f0ccb8642813da5f9a_ppc64le",
"product_id": "ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:11934bcc8a713da353d254164b6914b5769326534a2298f0ccb8642813da5f9a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ansible-python-toolkit-rhel9@sha256:11934bcc8a713da353d254164b6914b5769326534a2298f0ccb8642813da5f9a?arch=ppc64le\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/ansible-python-toolkit-rhel9\u0026tag=1.0.0-368"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/controller-rhel8@sha256:6855d1b68735adde33f4ad83496e7ada4548e3fb1ad07cb7925dfb726d800da0_ppc64le",
"product": {
"name": "ansible-automation-platform-24/controller-rhel8@sha256:6855d1b68735adde33f4ad83496e7ada4548e3fb1ad07cb7925dfb726d800da0_ppc64le",
"product_id": "ansible-automation-platform-24/controller-rhel8@sha256:6855d1b68735adde33f4ad83496e7ada4548e3fb1ad07cb7925dfb726d800da0_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/controller-rhel8@sha256:6855d1b68735adde33f4ad83496e7ada4548e3fb1ad07cb7925dfb726d800da0?arch=ppc64le\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/controller-rhel8\u0026tag=4.4.6-4"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/controller-rhel8-operator@sha256:2e252f02c2695856d19d90299e2f1cc2bf93d7304e48da306628b12f4d56b037_ppc64le",
"product": {
"name": "ansible-automation-platform-24/controller-rhel8-operator@sha256:2e252f02c2695856d19d90299e2f1cc2bf93d7304e48da306628b12f4d56b037_ppc64le",
"product_id": "ansible-automation-platform-24/controller-rhel8-operator@sha256:2e252f02c2695856d19d90299e2f1cc2bf93d7304e48da306628b12f4d56b037_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/controller-rhel8-operator@sha256:2e252f02c2695856d19d90299e2f1cc2bf93d7304e48da306628b12f4d56b037?arch=ppc64le\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/controller-rhel8-operator\u0026tag=2.4-79"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/eda-controller-rhel8@sha256:3059b9a6c38deb5aac3fb60875214fe2dafe50cda028638816ec67741169ec73_ppc64le",
"product": {
"name": "ansible-automation-platform-24/eda-controller-rhel8@sha256:3059b9a6c38deb5aac3fb60875214fe2dafe50cda028638816ec67741169ec73_ppc64le",
"product_id": "ansible-automation-platform-24/eda-controller-rhel8@sha256:3059b9a6c38deb5aac3fb60875214fe2dafe50cda028638816ec67741169ec73_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/eda-controller-rhel8@sha256:3059b9a6c38deb5aac3fb60875214fe2dafe50cda028638816ec67741169ec73?arch=ppc64le\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/eda-controller-rhel8\u0026tag=1.0.1-16"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:4220b98f9d8e805a77a4a4ef95855b8f2c61467a02f686c7b547496831493746_ppc64le",
"product": {
"name": "ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:4220b98f9d8e805a77a4a4ef95855b8f2c61467a02f686c7b547496831493746_ppc64le",
"product_id": "ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:4220b98f9d8e805a77a4a4ef95855b8f2c61467a02f686c7b547496831493746_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/eda-controller-rhel8-operator@sha256:4220b98f9d8e805a77a4a4ef95855b8f2c61467a02f686c7b547496831493746?arch=ppc64le\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/eda-controller-rhel8-operator\u0026tag=2.4-86"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:88f5e52c33ca6ff00cb1fd37753a2b1f9e4b6b2a07977e68b71262a8d7a4c58b_ppc64le",
"product": {
"name": "ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:88f5e52c33ca6ff00cb1fd37753a2b1f9e4b6b2a07977e68b71262a8d7a4c58b_ppc64le",
"product_id": "ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:88f5e52c33ca6ff00cb1fd37753a2b1f9e4b6b2a07977e68b71262a8d7a4c58b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/eda-controller-ui-rhel8@sha256:88f5e52c33ca6ff00cb1fd37753a2b1f9e4b6b2a07977e68b71262a8d7a4c58b?arch=ppc64le\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/eda-controller-ui-rhel8\u0026tag=1.0.1-16"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/hub-rhel8@sha256:df80c45631e780f58aaf85edddaf77ed82c0b41f0ad766db048615290eeb96a3_ppc64le",
"product": {
"name": "ansible-automation-platform-24/hub-rhel8@sha256:df80c45631e780f58aaf85edddaf77ed82c0b41f0ad766db048615290eeb96a3_ppc64le",
"product_id": "ansible-automation-platform-24/hub-rhel8@sha256:df80c45631e780f58aaf85edddaf77ed82c0b41f0ad766db048615290eeb96a3_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/hub-rhel8@sha256:df80c45631e780f58aaf85edddaf77ed82c0b41f0ad766db048615290eeb96a3?arch=ppc64le\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/hub-rhel8\u0026tag=4.7.3-15"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/hub-rhel8-operator@sha256:b3064c6ba7b2cf491ced94cd9b6545306cb7d59e2054a0d7042daaa3c062246e_ppc64le",
"product": {
"name": "ansible-automation-platform-24/hub-rhel8-operator@sha256:b3064c6ba7b2cf491ced94cd9b6545306cb7d59e2054a0d7042daaa3c062246e_ppc64le",
"product_id": "ansible-automation-platform-24/hub-rhel8-operator@sha256:b3064c6ba7b2cf491ced94cd9b6545306cb7d59e2054a0d7042daaa3c062246e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/hub-rhel8-operator@sha256:b3064c6ba7b2cf491ced94cd9b6545306cb7d59e2054a0d7042daaa3c062246e?arch=ppc64le\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/hub-rhel8-operator\u0026tag=2.4-70"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/hub-web-rhel8@sha256:01b5493444bc24c954ce86554d0ba8ca99b9db8c516901d0539e1b001ba78590_ppc64le",
"product": {
"name": "ansible-automation-platform-24/hub-web-rhel8@sha256:01b5493444bc24c954ce86554d0ba8ca99b9db8c516901d0539e1b001ba78590_ppc64le",
"product_id": "ansible-automation-platform-24/hub-web-rhel8@sha256:01b5493444bc24c954ce86554d0ba8ca99b9db8c516901d0539e1b001ba78590_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/hub-web-rhel8@sha256:01b5493444bc24c954ce86554d0ba8ca99b9db8c516901d0539e1b001ba78590?arch=ppc64le\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/hub-web-rhel8\u0026tag=4.7.3-15"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/de-minimal-rhel9@sha256:9b13ab56c30c5c77a21e00d2dfbad44f63c6ff7ac5acb6b8ba416f7fb2a0fc51_ppc64le",
"product": {
"name": "ansible-automation-platform-24/de-minimal-rhel9@sha256:9b13ab56c30c5c77a21e00d2dfbad44f63c6ff7ac5acb6b8ba416f7fb2a0fc51_ppc64le",
"product_id": "ansible-automation-platform-24/de-minimal-rhel9@sha256:9b13ab56c30c5c77a21e00d2dfbad44f63c6ff7ac5acb6b8ba416f7fb2a0fc51_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/de-minimal-rhel9@sha256:9b13ab56c30c5c77a21e00d2dfbad44f63c6ff7ac5acb6b8ba416f7fb2a0fc51?arch=ppc64le\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/de-minimal-rhel9\u0026tag=1.0.0-128"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/de-minimal-rhel8@sha256:3407db77ac87aecdc3bd3d32294672192caadd5779858d9c1ca559eef0dcf431_ppc64le",
"product": {
"name": "ansible-automation-platform-24/de-minimal-rhel8@sha256:3407db77ac87aecdc3bd3d32294672192caadd5779858d9c1ca559eef0dcf431_ppc64le",
"product_id": "ansible-automation-platform-24/de-minimal-rhel8@sha256:3407db77ac87aecdc3bd3d32294672192caadd5779858d9c1ca559eef0dcf431_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/de-minimal-rhel8@sha256:3407db77ac87aecdc3bd3d32294672192caadd5779858d9c1ca559eef0dcf431?arch=ppc64le\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/de-minimal-rhel8\u0026tag=1.0.0-129"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/de-supported-rhel8@sha256:037b08f1cdf2bd0ba488ec02d6c4136171cadad65017f4331fb8e6d8b9ec8ffb_ppc64le",
"product": {
"name": "ansible-automation-platform-24/de-supported-rhel8@sha256:037b08f1cdf2bd0ba488ec02d6c4136171cadad65017f4331fb8e6d8b9ec8ffb_ppc64le",
"product_id": "ansible-automation-platform-24/de-supported-rhel8@sha256:037b08f1cdf2bd0ba488ec02d6c4136171cadad65017f4331fb8e6d8b9ec8ffb_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/de-supported-rhel8@sha256:037b08f1cdf2bd0ba488ec02d6c4136171cadad65017f4331fb8e6d8b9ec8ffb?arch=ppc64le\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/de-supported-rhel8\u0026tag=1.0.0-135"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/de-supported-rhel9@sha256:da3031d8ff12b8df290c6da7c5451d0a797c24c0b2b0ce5cce943633d2352ee7_ppc64le",
"product": {
"name": "ansible-automation-platform-24/de-supported-rhel9@sha256:da3031d8ff12b8df290c6da7c5451d0a797c24c0b2b0ce5cce943633d2352ee7_ppc64le",
"product_id": "ansible-automation-platform-24/de-supported-rhel9@sha256:da3031d8ff12b8df290c6da7c5451d0a797c24c0b2b0ce5cce943633d2352ee7_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/de-supported-rhel9@sha256:da3031d8ff12b8df290c6da7c5451d0a797c24c0b2b0ce5cce943633d2352ee7?arch=ppc64le\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/de-supported-rhel9\u0026tag=1.0.0-134"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/ee-minimal-rhel9@sha256:c35b05b413bc2090089219d476f0a1e2c56250fc09e190583e167bfcdce5bf35_ppc64le",
"product": {
"name": "ansible-automation-platform-24/ee-minimal-rhel9@sha256:c35b05b413bc2090089219d476f0a1e2c56250fc09e190583e167bfcdce5bf35_ppc64le",
"product_id": "ansible-automation-platform-24/ee-minimal-rhel9@sha256:c35b05b413bc2090089219d476f0a1e2c56250fc09e190583e167bfcdce5bf35_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ee-minimal-rhel9@sha256:c35b05b413bc2090089219d476f0a1e2c56250fc09e190583e167bfcdce5bf35?arch=ppc64le\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/ee-minimal-rhel9\u0026tag=1.0.0-451"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/ee-minimal-rhel8@sha256:63ea2ecffbf408183f3f37e4c1df4e3a77b9f4c0806d2ef3141d102470661e38_ppc64le",
"product": {
"name": "ansible-automation-platform-24/ee-minimal-rhel8@sha256:63ea2ecffbf408183f3f37e4c1df4e3a77b9f4c0806d2ef3141d102470661e38_ppc64le",
"product_id": "ansible-automation-platform-24/ee-minimal-rhel8@sha256:63ea2ecffbf408183f3f37e4c1df4e3a77b9f4c0806d2ef3141d102470661e38_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ee-minimal-rhel8@sha256:63ea2ecffbf408183f3f37e4c1df4e3a77b9f4c0806d2ef3141d102470661e38?arch=ppc64le\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/ee-minimal-rhel8\u0026tag=1.0.0-450"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/ee-supported-rhel8@sha256:97e133b817c1aac347642b414ca6cb108fec25434b945c398bae6763f1596c5e_ppc64le",
"product": {
"name": "ansible-automation-platform-24/ee-supported-rhel8@sha256:97e133b817c1aac347642b414ca6cb108fec25434b945c398bae6763f1596c5e_ppc64le",
"product_id": "ansible-automation-platform-24/ee-supported-rhel8@sha256:97e133b817c1aac347642b414ca6cb108fec25434b945c398bae6763f1596c5e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ee-supported-rhel8@sha256:97e133b817c1aac347642b414ca6cb108fec25434b945c398bae6763f1596c5e?arch=ppc64le\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/ee-supported-rhel8\u0026tag=1.0.0-436"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/ee-supported-rhel9@sha256:162dd2718a9d9fdf4e3558129a0a77094a7fd9731ab826c664b69ed955853ddd_ppc64le",
"product": {
"name": "ansible-automation-platform-24/ee-supported-rhel9@sha256:162dd2718a9d9fdf4e3558129a0a77094a7fd9731ab826c664b69ed955853ddd_ppc64le",
"product_id": "ansible-automation-platform-24/ee-supported-rhel9@sha256:162dd2718a9d9fdf4e3558129a0a77094a7fd9731ab826c664b69ed955853ddd_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ee-supported-rhel9@sha256:162dd2718a9d9fdf4e3558129a0a77094a7fd9731ab826c664b69ed955853ddd?arch=ppc64le\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/ee-supported-rhel9\u0026tag=1.0.0-435"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:9d429c6e5d72bf883362b1ae11f8b4ed3a9d468e77e2e29c8ff234df9e255db4_ppc64le",
"product": {
"name": "ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:9d429c6e5d72bf883362b1ae11f8b4ed3a9d468e77e2e29c8ff234df9e255db4_ppc64le",
"product_id": "ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:9d429c6e5d72bf883362b1ae11f8b4ed3a9d468e77e2e29c8ff234df9e255db4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/platform-resource-rhel8-operator@sha256:9d429c6e5d72bf883362b1ae11f8b4ed3a9d468e77e2e29c8ff234df9e255db4?arch=ppc64le\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/platform-resource-rhel8-operator\u0026tag=2.4-68"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:38bc442a6181a739b4c232d25abd7018dbce05083f3bf09ab7a071a3d2a4c7b4_ppc64le",
"product": {
"name": "ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:38bc442a6181a739b4c232d25abd7018dbce05083f3bf09ab7a071a3d2a4c7b4_ppc64le",
"product_id": "ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:38bc442a6181a739b4c232d25abd7018dbce05083f3bf09ab7a071a3d2a4c7b4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/platform-resource-runner-rhel8@sha256:38bc442a6181a739b4c232d25abd7018dbce05083f3bf09ab7a071a3d2a4c7b4?arch=ppc64le\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/platform-resource-runner-rhel8\u0026tag=2.4-88"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "ansible-automation-platform-24/aap-must-gather-rhel8@sha256:ba77e7f17865da4d59f91b69ab58cbeafaa86debe50d2d6fb89e9812f4aed1c7_s390x",
"product": {
"name": "ansible-automation-platform-24/aap-must-gather-rhel8@sha256:ba77e7f17865da4d59f91b69ab58cbeafaa86debe50d2d6fb89e9812f4aed1c7_s390x",
"product_id": "ansible-automation-platform-24/aap-must-gather-rhel8@sha256:ba77e7f17865da4d59f91b69ab58cbeafaa86debe50d2d6fb89e9812f4aed1c7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/aap-must-gather-rhel8@sha256:ba77e7f17865da4d59f91b69ab58cbeafaa86debe50d2d6fb89e9812f4aed1c7?arch=s390x\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/aap-must-gather-rhel8\u0026tag=0.0.1-356"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform/platform-operator-bundle@sha256:8b8051faac5197c85088cdb2032576d7789ef251ffd8ea8fc2e525a199202ab0_s390x",
"product": {
"name": "ansible-automation-platform/platform-operator-bundle@sha256:8b8051faac5197c85088cdb2032576d7789ef251ffd8ea8fc2e525a199202ab0_s390x",
"product_id": "ansible-automation-platform/platform-operator-bundle@sha256:8b8051faac5197c85088cdb2032576d7789ef251ffd8ea8fc2e525a199202ab0_s390x",
"product_identification_helper": {
"purl": "pkg:oci/platform-operator-bundle@sha256:8b8051faac5197c85088cdb2032576d7789ef251ffd8ea8fc2e525a199202ab0?arch=s390x\u0026repository_url=registry.redhat.io/ansible-automation-platform/platform-operator-bundle\u0026tag=2.4-672"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/ansible-builder-rhel9@sha256:a4a88494691f2fc7689d16a4da97a857e8b795e41ecf5fe09b09ebfc729511ce_s390x",
"product": {
"name": "ansible-automation-platform-24/ansible-builder-rhel9@sha256:a4a88494691f2fc7689d16a4da97a857e8b795e41ecf5fe09b09ebfc729511ce_s390x",
"product_id": "ansible-automation-platform-24/ansible-builder-rhel9@sha256:a4a88494691f2fc7689d16a4da97a857e8b795e41ecf5fe09b09ebfc729511ce_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ansible-builder-rhel9@sha256:a4a88494691f2fc7689d16a4da97a857e8b795e41ecf5fe09b09ebfc729511ce?arch=s390x\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/ansible-builder-rhel9\u0026tag=3.0.0-111"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/ansible-builder-rhel8@sha256:73220bd2c0da0524f6eb6c7a88378ee9970a804a998f039fa14683cf5d7adf2f_s390x",
"product": {
"name": "ansible-automation-platform-24/ansible-builder-rhel8@sha256:73220bd2c0da0524f6eb6c7a88378ee9970a804a998f039fa14683cf5d7adf2f_s390x",
"product_id": "ansible-automation-platform-24/ansible-builder-rhel8@sha256:73220bd2c0da0524f6eb6c7a88378ee9970a804a998f039fa14683cf5d7adf2f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ansible-builder-rhel8@sha256:73220bd2c0da0524f6eb6c7a88378ee9970a804a998f039fa14683cf5d7adf2f?arch=s390x\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/ansible-builder-rhel8\u0026tag=3.0.0-112"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/ansible-python-base-rhel8@sha256:697fa0ba756009f66eb78f1feb4f9597da4b2382644c76f7755d29dd70aecea2_s390x",
"product": {
"name": "ansible-automation-platform-24/ansible-python-base-rhel8@sha256:697fa0ba756009f66eb78f1feb4f9597da4b2382644c76f7755d29dd70aecea2_s390x",
"product_id": "ansible-automation-platform-24/ansible-python-base-rhel8@sha256:697fa0ba756009f66eb78f1feb4f9597da4b2382644c76f7755d29dd70aecea2_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ansible-python-base-rhel8@sha256:697fa0ba756009f66eb78f1feb4f9597da4b2382644c76f7755d29dd70aecea2?arch=s390x\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/ansible-python-base-rhel8\u0026tag=1.0.0-386"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/ansible-python-base-rhel9@sha256:8c34db5cc4c68c80db22a835c095d60e3988a3e6d1c82fb91cc8558b43a47b33_s390x",
"product": {
"name": "ansible-automation-platform-24/ansible-python-base-rhel9@sha256:8c34db5cc4c68c80db22a835c095d60e3988a3e6d1c82fb91cc8558b43a47b33_s390x",
"product_id": "ansible-automation-platform-24/ansible-python-base-rhel9@sha256:8c34db5cc4c68c80db22a835c095d60e3988a3e6d1c82fb91cc8558b43a47b33_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ansible-python-base-rhel9@sha256:8c34db5cc4c68c80db22a835c095d60e3988a3e6d1c82fb91cc8558b43a47b33?arch=s390x\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/ansible-python-base-rhel9\u0026tag=1.0.0-387"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:9273cfd468a23859d784dc3fbf2ad1abb04892e6a3f2ad55d8d2e7c623d0419f_s390x",
"product": {
"name": "ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:9273cfd468a23859d784dc3fbf2ad1abb04892e6a3f2ad55d8d2e7c623d0419f_s390x",
"product_id": "ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:9273cfd468a23859d784dc3fbf2ad1abb04892e6a3f2ad55d8d2e7c623d0419f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ansible-python-toolkit-rhel8@sha256:9273cfd468a23859d784dc3fbf2ad1abb04892e6a3f2ad55d8d2e7c623d0419f?arch=s390x\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/ansible-python-toolkit-rhel8\u0026tag=1.0.0-369"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:b46fed769c86134a110f442dc56b0c8bfd0d469eb39649916db099f611ab3347_s390x",
"product": {
"name": "ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:b46fed769c86134a110f442dc56b0c8bfd0d469eb39649916db099f611ab3347_s390x",
"product_id": "ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:b46fed769c86134a110f442dc56b0c8bfd0d469eb39649916db099f611ab3347_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ansible-python-toolkit-rhel9@sha256:b46fed769c86134a110f442dc56b0c8bfd0d469eb39649916db099f611ab3347?arch=s390x\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/ansible-python-toolkit-rhel9\u0026tag=1.0.0-368"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/controller-rhel8@sha256:f346fa5d9a45ba329dc668e6a63672020fb579948b6c417ce76400e07ef928a5_s390x",
"product": {
"name": "ansible-automation-platform-24/controller-rhel8@sha256:f346fa5d9a45ba329dc668e6a63672020fb579948b6c417ce76400e07ef928a5_s390x",
"product_id": "ansible-automation-platform-24/controller-rhel8@sha256:f346fa5d9a45ba329dc668e6a63672020fb579948b6c417ce76400e07ef928a5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/controller-rhel8@sha256:f346fa5d9a45ba329dc668e6a63672020fb579948b6c417ce76400e07ef928a5?arch=s390x\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/controller-rhel8\u0026tag=4.4.6-4"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/controller-rhel8-operator@sha256:71dac652dd2a9588f1722c5147c8cc9cdb5c38d3cb3dc5a5e955c4cba6a3e57c_s390x",
"product": {
"name": "ansible-automation-platform-24/controller-rhel8-operator@sha256:71dac652dd2a9588f1722c5147c8cc9cdb5c38d3cb3dc5a5e955c4cba6a3e57c_s390x",
"product_id": "ansible-automation-platform-24/controller-rhel8-operator@sha256:71dac652dd2a9588f1722c5147c8cc9cdb5c38d3cb3dc5a5e955c4cba6a3e57c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/controller-rhel8-operator@sha256:71dac652dd2a9588f1722c5147c8cc9cdb5c38d3cb3dc5a5e955c4cba6a3e57c?arch=s390x\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/controller-rhel8-operator\u0026tag=2.4-79"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/eda-controller-rhel8@sha256:7d75552ba2d42b0f85695e9a71ff71dd781bce0452590d89c12a8fc9f1a501ff_s390x",
"product": {
"name": "ansible-automation-platform-24/eda-controller-rhel8@sha256:7d75552ba2d42b0f85695e9a71ff71dd781bce0452590d89c12a8fc9f1a501ff_s390x",
"product_id": "ansible-automation-platform-24/eda-controller-rhel8@sha256:7d75552ba2d42b0f85695e9a71ff71dd781bce0452590d89c12a8fc9f1a501ff_s390x",
"product_identification_helper": {
"purl": "pkg:oci/eda-controller-rhel8@sha256:7d75552ba2d42b0f85695e9a71ff71dd781bce0452590d89c12a8fc9f1a501ff?arch=s390x\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/eda-controller-rhel8\u0026tag=1.0.1-16"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:b533066a88203acca58a7355f379018eb270f0c932c35f8170e76bfe658ef84b_s390x",
"product": {
"name": "ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:b533066a88203acca58a7355f379018eb270f0c932c35f8170e76bfe658ef84b_s390x",
"product_id": "ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:b533066a88203acca58a7355f379018eb270f0c932c35f8170e76bfe658ef84b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/eda-controller-rhel8-operator@sha256:b533066a88203acca58a7355f379018eb270f0c932c35f8170e76bfe658ef84b?arch=s390x\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/eda-controller-rhel8-operator\u0026tag=2.4-86"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:7eeca90468dde408d820ffb7b530d0cef615fe6f4a7e852b47ff18028cc09ecc_s390x",
"product": {
"name": "ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:7eeca90468dde408d820ffb7b530d0cef615fe6f4a7e852b47ff18028cc09ecc_s390x",
"product_id": "ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:7eeca90468dde408d820ffb7b530d0cef615fe6f4a7e852b47ff18028cc09ecc_s390x",
"product_identification_helper": {
"purl": "pkg:oci/eda-controller-ui-rhel8@sha256:7eeca90468dde408d820ffb7b530d0cef615fe6f4a7e852b47ff18028cc09ecc?arch=s390x\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/eda-controller-ui-rhel8\u0026tag=1.0.1-16"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/hub-rhel8@sha256:fe2675bd2c51d62dfa3473653c00ddf55a1b64791f5029fe0b87087461b700a1_s390x",
"product": {
"name": "ansible-automation-platform-24/hub-rhel8@sha256:fe2675bd2c51d62dfa3473653c00ddf55a1b64791f5029fe0b87087461b700a1_s390x",
"product_id": "ansible-automation-platform-24/hub-rhel8@sha256:fe2675bd2c51d62dfa3473653c00ddf55a1b64791f5029fe0b87087461b700a1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/hub-rhel8@sha256:fe2675bd2c51d62dfa3473653c00ddf55a1b64791f5029fe0b87087461b700a1?arch=s390x\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/hub-rhel8\u0026tag=4.7.3-15"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/hub-rhel8-operator@sha256:32fa50754404a12b4d4a58d4ef9def3f5e8225cb2cf1e56983df1677f621462e_s390x",
"product": {
"name": "ansible-automation-platform-24/hub-rhel8-operator@sha256:32fa50754404a12b4d4a58d4ef9def3f5e8225cb2cf1e56983df1677f621462e_s390x",
"product_id": "ansible-automation-platform-24/hub-rhel8-operator@sha256:32fa50754404a12b4d4a58d4ef9def3f5e8225cb2cf1e56983df1677f621462e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/hub-rhel8-operator@sha256:32fa50754404a12b4d4a58d4ef9def3f5e8225cb2cf1e56983df1677f621462e?arch=s390x\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/hub-rhel8-operator\u0026tag=2.4-70"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/hub-web-rhel8@sha256:ff2db93490c489562bb8c37a247daf01e10c871e628b24cc4006dd2bd14473bb_s390x",
"product": {
"name": "ansible-automation-platform-24/hub-web-rhel8@sha256:ff2db93490c489562bb8c37a247daf01e10c871e628b24cc4006dd2bd14473bb_s390x",
"product_id": "ansible-automation-platform-24/hub-web-rhel8@sha256:ff2db93490c489562bb8c37a247daf01e10c871e628b24cc4006dd2bd14473bb_s390x",
"product_identification_helper": {
"purl": "pkg:oci/hub-web-rhel8@sha256:ff2db93490c489562bb8c37a247daf01e10c871e628b24cc4006dd2bd14473bb?arch=s390x\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/hub-web-rhel8\u0026tag=4.7.3-15"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/de-minimal-rhel9@sha256:7660d7f051c9ac00bf49f609bf1e24b8020d2cb8856b40cbecc13de54d55fed8_s390x",
"product": {
"name": "ansible-automation-platform-24/de-minimal-rhel9@sha256:7660d7f051c9ac00bf49f609bf1e24b8020d2cb8856b40cbecc13de54d55fed8_s390x",
"product_id": "ansible-automation-platform-24/de-minimal-rhel9@sha256:7660d7f051c9ac00bf49f609bf1e24b8020d2cb8856b40cbecc13de54d55fed8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/de-minimal-rhel9@sha256:7660d7f051c9ac00bf49f609bf1e24b8020d2cb8856b40cbecc13de54d55fed8?arch=s390x\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/de-minimal-rhel9\u0026tag=1.0.0-128"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/de-minimal-rhel8@sha256:6bf6294838abf4584f07500c9d61e7358d706f5754e1171e6a4184957e272d18_s390x",
"product": {
"name": "ansible-automation-platform-24/de-minimal-rhel8@sha256:6bf6294838abf4584f07500c9d61e7358d706f5754e1171e6a4184957e272d18_s390x",
"product_id": "ansible-automation-platform-24/de-minimal-rhel8@sha256:6bf6294838abf4584f07500c9d61e7358d706f5754e1171e6a4184957e272d18_s390x",
"product_identification_helper": {
"purl": "pkg:oci/de-minimal-rhel8@sha256:6bf6294838abf4584f07500c9d61e7358d706f5754e1171e6a4184957e272d18?arch=s390x\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/de-minimal-rhel8\u0026tag=1.0.0-129"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/de-supported-rhel8@sha256:dcdf4678c085dcb1014930901def587b01e780ce45a471f17a9c39de221b0757_s390x",
"product": {
"name": "ansible-automation-platform-24/de-supported-rhel8@sha256:dcdf4678c085dcb1014930901def587b01e780ce45a471f17a9c39de221b0757_s390x",
"product_id": "ansible-automation-platform-24/de-supported-rhel8@sha256:dcdf4678c085dcb1014930901def587b01e780ce45a471f17a9c39de221b0757_s390x",
"product_identification_helper": {
"purl": "pkg:oci/de-supported-rhel8@sha256:dcdf4678c085dcb1014930901def587b01e780ce45a471f17a9c39de221b0757?arch=s390x\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/de-supported-rhel8\u0026tag=1.0.0-135"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/de-supported-rhel9@sha256:5bd5d0da12cc63b3221f508c203b0cde5b4628439d42c1a0303a31c217506936_s390x",
"product": {
"name": "ansible-automation-platform-24/de-supported-rhel9@sha256:5bd5d0da12cc63b3221f508c203b0cde5b4628439d42c1a0303a31c217506936_s390x",
"product_id": "ansible-automation-platform-24/de-supported-rhel9@sha256:5bd5d0da12cc63b3221f508c203b0cde5b4628439d42c1a0303a31c217506936_s390x",
"product_identification_helper": {
"purl": "pkg:oci/de-supported-rhel9@sha256:5bd5d0da12cc63b3221f508c203b0cde5b4628439d42c1a0303a31c217506936?arch=s390x\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/de-supported-rhel9\u0026tag=1.0.0-134"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/ee-minimal-rhel9@sha256:d21ac96577006183a5cc592fb094cb2cf0f25aa687597d68984965ebcb1cb9a5_s390x",
"product": {
"name": "ansible-automation-platform-24/ee-minimal-rhel9@sha256:d21ac96577006183a5cc592fb094cb2cf0f25aa687597d68984965ebcb1cb9a5_s390x",
"product_id": "ansible-automation-platform-24/ee-minimal-rhel9@sha256:d21ac96577006183a5cc592fb094cb2cf0f25aa687597d68984965ebcb1cb9a5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ee-minimal-rhel9@sha256:d21ac96577006183a5cc592fb094cb2cf0f25aa687597d68984965ebcb1cb9a5?arch=s390x\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/ee-minimal-rhel9\u0026tag=1.0.0-451"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/ee-minimal-rhel8@sha256:382c4b91e8c8b30b51d3168b4a16f7c75c96198f4699c301bd03d686c8e85ae7_s390x",
"product": {
"name": "ansible-automation-platform-24/ee-minimal-rhel8@sha256:382c4b91e8c8b30b51d3168b4a16f7c75c96198f4699c301bd03d686c8e85ae7_s390x",
"product_id": "ansible-automation-platform-24/ee-minimal-rhel8@sha256:382c4b91e8c8b30b51d3168b4a16f7c75c96198f4699c301bd03d686c8e85ae7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ee-minimal-rhel8@sha256:382c4b91e8c8b30b51d3168b4a16f7c75c96198f4699c301bd03d686c8e85ae7?arch=s390x\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/ee-minimal-rhel8\u0026tag=1.0.0-450"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/ee-supported-rhel8@sha256:a5641fd059a00dff89f846472bf2c139c15ac2908328b03f86ab67087a1dbcf4_s390x",
"product": {
"name": "ansible-automation-platform-24/ee-supported-rhel8@sha256:a5641fd059a00dff89f846472bf2c139c15ac2908328b03f86ab67087a1dbcf4_s390x",
"product_id": "ansible-automation-platform-24/ee-supported-rhel8@sha256:a5641fd059a00dff89f846472bf2c139c15ac2908328b03f86ab67087a1dbcf4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ee-supported-rhel8@sha256:a5641fd059a00dff89f846472bf2c139c15ac2908328b03f86ab67087a1dbcf4?arch=s390x\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/ee-supported-rhel8\u0026tag=1.0.0-436"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/ee-supported-rhel9@sha256:e49a3d2b7456a55b603e78b8ddec27665b6a957f5ac479aad50123f3f9bb1d42_s390x",
"product": {
"name": "ansible-automation-platform-24/ee-supported-rhel9@sha256:e49a3d2b7456a55b603e78b8ddec27665b6a957f5ac479aad50123f3f9bb1d42_s390x",
"product_id": "ansible-automation-platform-24/ee-supported-rhel9@sha256:e49a3d2b7456a55b603e78b8ddec27665b6a957f5ac479aad50123f3f9bb1d42_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ee-supported-rhel9@sha256:e49a3d2b7456a55b603e78b8ddec27665b6a957f5ac479aad50123f3f9bb1d42?arch=s390x\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/ee-supported-rhel9\u0026tag=1.0.0-435"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:893d04a458674590c81c2ef09fb222c36f47bee71ab3615d6bb73432c58d965b_s390x",
"product": {
"name": "ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:893d04a458674590c81c2ef09fb222c36f47bee71ab3615d6bb73432c58d965b_s390x",
"product_id": "ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:893d04a458674590c81c2ef09fb222c36f47bee71ab3615d6bb73432c58d965b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/platform-resource-rhel8-operator@sha256:893d04a458674590c81c2ef09fb222c36f47bee71ab3615d6bb73432c58d965b?arch=s390x\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/platform-resource-rhel8-operator\u0026tag=2.4-68"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:de8830287e00c4062524ebc9e9a93896503101e6382f553c89cc0c1e7d15618f_s390x",
"product": {
"name": "ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:de8830287e00c4062524ebc9e9a93896503101e6382f553c89cc0c1e7d15618f_s390x",
"product_id": "ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:de8830287e00c4062524ebc9e9a93896503101e6382f553c89cc0c1e7d15618f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/platform-resource-runner-rhel8@sha256:de8830287e00c4062524ebc9e9a93896503101e6382f553c89cc0c1e7d15618f?arch=s390x\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/platform-resource-runner-rhel8\u0026tag=2.4-88"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "ansible-automation-platform-24/aap-must-gather-rhel8@sha256:53a9a6779f8569b03faec060888f39d2d3f071d3a4af8269f66490abd8bfad7e_arm64",
"product": {
"name": "ansible-automation-platform-24/aap-must-gather-rhel8@sha256:53a9a6779f8569b03faec060888f39d2d3f071d3a4af8269f66490abd8bfad7e_arm64",
"product_id": "ansible-automation-platform-24/aap-must-gather-rhel8@sha256:53a9a6779f8569b03faec060888f39d2d3f071d3a4af8269f66490abd8bfad7e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/aap-must-gather-rhel8@sha256:53a9a6779f8569b03faec060888f39d2d3f071d3a4af8269f66490abd8bfad7e?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/aap-must-gather-rhel8\u0026tag=0.0.1-356"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform/platform-operator-bundle@sha256:d5d128596af42dddb7f3efa725050a35c07eae5e63a4bd8be7789857cf5d36f3_arm64",
"product": {
"name": "ansible-automation-platform/platform-operator-bundle@sha256:d5d128596af42dddb7f3efa725050a35c07eae5e63a4bd8be7789857cf5d36f3_arm64",
"product_id": "ansible-automation-platform/platform-operator-bundle@sha256:d5d128596af42dddb7f3efa725050a35c07eae5e63a4bd8be7789857cf5d36f3_arm64",
"product_identification_helper": {
"purl": "pkg:oci/platform-operator-bundle@sha256:d5d128596af42dddb7f3efa725050a35c07eae5e63a4bd8be7789857cf5d36f3?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform/platform-operator-bundle\u0026tag=2.4-672"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/ansible-builder-rhel9@sha256:20092308c17687aa6059400af8d1772b8fe85207db9f9a5b6d259908e0b63aab_arm64",
"product": {
"name": "ansible-automation-platform-24/ansible-builder-rhel9@sha256:20092308c17687aa6059400af8d1772b8fe85207db9f9a5b6d259908e0b63aab_arm64",
"product_id": "ansible-automation-platform-24/ansible-builder-rhel9@sha256:20092308c17687aa6059400af8d1772b8fe85207db9f9a5b6d259908e0b63aab_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ansible-builder-rhel9@sha256:20092308c17687aa6059400af8d1772b8fe85207db9f9a5b6d259908e0b63aab?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/ansible-builder-rhel9\u0026tag=3.0.0-111"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/ansible-builder-rhel8@sha256:0089971676a347149081311def7417185edfeac0fa0fb09bac556d1e4ac17971_arm64",
"product": {
"name": "ansible-automation-platform-24/ansible-builder-rhel8@sha256:0089971676a347149081311def7417185edfeac0fa0fb09bac556d1e4ac17971_arm64",
"product_id": "ansible-automation-platform-24/ansible-builder-rhel8@sha256:0089971676a347149081311def7417185edfeac0fa0fb09bac556d1e4ac17971_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ansible-builder-rhel8@sha256:0089971676a347149081311def7417185edfeac0fa0fb09bac556d1e4ac17971?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/ansible-builder-rhel8\u0026tag=3.0.0-112"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/ansible-python-base-rhel8@sha256:6599eee6f2b0b8c08ea3dc49598f97aea3b53b456afcc410dd740c39bbfdcd63_arm64",
"product": {
"name": "ansible-automation-platform-24/ansible-python-base-rhel8@sha256:6599eee6f2b0b8c08ea3dc49598f97aea3b53b456afcc410dd740c39bbfdcd63_arm64",
"product_id": "ansible-automation-platform-24/ansible-python-base-rhel8@sha256:6599eee6f2b0b8c08ea3dc49598f97aea3b53b456afcc410dd740c39bbfdcd63_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ansible-python-base-rhel8@sha256:6599eee6f2b0b8c08ea3dc49598f97aea3b53b456afcc410dd740c39bbfdcd63?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/ansible-python-base-rhel8\u0026tag=1.0.0-386"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/ansible-python-base-rhel9@sha256:cd96a0ece925ed1443c0797bc3baf992ed7ae087f5977df8728a4aab8940516f_arm64",
"product": {
"name": "ansible-automation-platform-24/ansible-python-base-rhel9@sha256:cd96a0ece925ed1443c0797bc3baf992ed7ae087f5977df8728a4aab8940516f_arm64",
"product_id": "ansible-automation-platform-24/ansible-python-base-rhel9@sha256:cd96a0ece925ed1443c0797bc3baf992ed7ae087f5977df8728a4aab8940516f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ansible-python-base-rhel9@sha256:cd96a0ece925ed1443c0797bc3baf992ed7ae087f5977df8728a4aab8940516f?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/ansible-python-base-rhel9\u0026tag=1.0.0-387"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:d6ae7f3136a14984e33f46598f6e321ad72f3875e4c3f0a8c773e5046fb99f1a_arm64",
"product": {
"name": "ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:d6ae7f3136a14984e33f46598f6e321ad72f3875e4c3f0a8c773e5046fb99f1a_arm64",
"product_id": "ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:d6ae7f3136a14984e33f46598f6e321ad72f3875e4c3f0a8c773e5046fb99f1a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ansible-python-toolkit-rhel8@sha256:d6ae7f3136a14984e33f46598f6e321ad72f3875e4c3f0a8c773e5046fb99f1a?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/ansible-python-toolkit-rhel8\u0026tag=1.0.0-369"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:035f8ce6c6f6ab88366d7d42ba587d75b60236433e01ce0349a40554ff0e1b05_arm64",
"product": {
"name": "ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:035f8ce6c6f6ab88366d7d42ba587d75b60236433e01ce0349a40554ff0e1b05_arm64",
"product_id": "ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:035f8ce6c6f6ab88366d7d42ba587d75b60236433e01ce0349a40554ff0e1b05_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ansible-python-toolkit-rhel9@sha256:035f8ce6c6f6ab88366d7d42ba587d75b60236433e01ce0349a40554ff0e1b05?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/ansible-python-toolkit-rhel9\u0026tag=1.0.0-368"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/controller-rhel8@sha256:c8fdd92c3c2c497ab1d4ba8c96759e8f2dfe7f023df6c5021dfed672c98d0621_arm64",
"product": {
"name": "ansible-automation-platform-24/controller-rhel8@sha256:c8fdd92c3c2c497ab1d4ba8c96759e8f2dfe7f023df6c5021dfed672c98d0621_arm64",
"product_id": "ansible-automation-platform-24/controller-rhel8@sha256:c8fdd92c3c2c497ab1d4ba8c96759e8f2dfe7f023df6c5021dfed672c98d0621_arm64",
"product_identification_helper": {
"purl": "pkg:oci/controller-rhel8@sha256:c8fdd92c3c2c497ab1d4ba8c96759e8f2dfe7f023df6c5021dfed672c98d0621?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/controller-rhel8\u0026tag=4.4.6-4"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/controller-rhel8-operator@sha256:013993b69238a181ef9be9c6cbd173f4af8280f6dc763e52a493e54e71069a01_arm64",
"product": {
"name": "ansible-automation-platform-24/controller-rhel8-operator@sha256:013993b69238a181ef9be9c6cbd173f4af8280f6dc763e52a493e54e71069a01_arm64",
"product_id": "ansible-automation-platform-24/controller-rhel8-operator@sha256:013993b69238a181ef9be9c6cbd173f4af8280f6dc763e52a493e54e71069a01_arm64",
"product_identification_helper": {
"purl": "pkg:oci/controller-rhel8-operator@sha256:013993b69238a181ef9be9c6cbd173f4af8280f6dc763e52a493e54e71069a01?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/controller-rhel8-operator\u0026tag=2.4-79"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/eda-controller-rhel8@sha256:2bc05e35b21a826737e8bc523924d8137a531003d2ba2466243f4172708f2cbc_arm64",
"product": {
"name": "ansible-automation-platform-24/eda-controller-rhel8@sha256:2bc05e35b21a826737e8bc523924d8137a531003d2ba2466243f4172708f2cbc_arm64",
"product_id": "ansible-automation-platform-24/eda-controller-rhel8@sha256:2bc05e35b21a826737e8bc523924d8137a531003d2ba2466243f4172708f2cbc_arm64",
"product_identification_helper": {
"purl": "pkg:oci/eda-controller-rhel8@sha256:2bc05e35b21a826737e8bc523924d8137a531003d2ba2466243f4172708f2cbc?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/eda-controller-rhel8\u0026tag=1.0.1-16"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:683b9705958bb94e2f3fa8901c19ffd4d2a3967104fec3a969a46fa7e5702507_arm64",
"product": {
"name": "ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:683b9705958bb94e2f3fa8901c19ffd4d2a3967104fec3a969a46fa7e5702507_arm64",
"product_id": "ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:683b9705958bb94e2f3fa8901c19ffd4d2a3967104fec3a969a46fa7e5702507_arm64",
"product_identification_helper": {
"purl": "pkg:oci/eda-controller-rhel8-operator@sha256:683b9705958bb94e2f3fa8901c19ffd4d2a3967104fec3a969a46fa7e5702507?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/eda-controller-rhel8-operator\u0026tag=2.4-86"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:ee508e6aaaf56c6ec9025d7650000a39a7b05319b570e6961eb72d20623793d9_arm64",
"product": {
"name": "ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:ee508e6aaaf56c6ec9025d7650000a39a7b05319b570e6961eb72d20623793d9_arm64",
"product_id": "ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:ee508e6aaaf56c6ec9025d7650000a39a7b05319b570e6961eb72d20623793d9_arm64",
"product_identification_helper": {
"purl": "pkg:oci/eda-controller-ui-rhel8@sha256:ee508e6aaaf56c6ec9025d7650000a39a7b05319b570e6961eb72d20623793d9?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/eda-controller-ui-rhel8\u0026tag=1.0.1-16"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/hub-rhel8@sha256:a27c12f79db64522884b304c30f40635c774f51596689670fd628f409a68663f_arm64",
"product": {
"name": "ansible-automation-platform-24/hub-rhel8@sha256:a27c12f79db64522884b304c30f40635c774f51596689670fd628f409a68663f_arm64",
"product_id": "ansible-automation-platform-24/hub-rhel8@sha256:a27c12f79db64522884b304c30f40635c774f51596689670fd628f409a68663f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/hub-rhel8@sha256:a27c12f79db64522884b304c30f40635c774f51596689670fd628f409a68663f?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/hub-rhel8\u0026tag=4.7.3-15"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/hub-rhel8-operator@sha256:ad9213450b9284c6e4323f9f8a5dfc42734ac95b67e5cd6a3afc3bd2945e993d_arm64",
"product": {
"name": "ansible-automation-platform-24/hub-rhel8-operator@sha256:ad9213450b9284c6e4323f9f8a5dfc42734ac95b67e5cd6a3afc3bd2945e993d_arm64",
"product_id": "ansible-automation-platform-24/hub-rhel8-operator@sha256:ad9213450b9284c6e4323f9f8a5dfc42734ac95b67e5cd6a3afc3bd2945e993d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/hub-rhel8-operator@sha256:ad9213450b9284c6e4323f9f8a5dfc42734ac95b67e5cd6a3afc3bd2945e993d?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/hub-rhel8-operator\u0026tag=2.4-70"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/hub-web-rhel8@sha256:0b7d67480c6a15e5a655573f2ac885d34df441978f8f595f8c4d9f5e93c052d1_arm64",
"product": {
"name": "ansible-automation-platform-24/hub-web-rhel8@sha256:0b7d67480c6a15e5a655573f2ac885d34df441978f8f595f8c4d9f5e93c052d1_arm64",
"product_id": "ansible-automation-platform-24/hub-web-rhel8@sha256:0b7d67480c6a15e5a655573f2ac885d34df441978f8f595f8c4d9f5e93c052d1_arm64",
"product_identification_helper": {
"purl": "pkg:oci/hub-web-rhel8@sha256:0b7d67480c6a15e5a655573f2ac885d34df441978f8f595f8c4d9f5e93c052d1?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/hub-web-rhel8\u0026tag=4.7.3-15"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/de-minimal-rhel9@sha256:f28e22e5da55ea626890aceb7ae4c391e192055a60a1beba9a98ac70ee1353ce_arm64",
"product": {
"name": "ansible-automation-platform-24/de-minimal-rhel9@sha256:f28e22e5da55ea626890aceb7ae4c391e192055a60a1beba9a98ac70ee1353ce_arm64",
"product_id": "ansible-automation-platform-24/de-minimal-rhel9@sha256:f28e22e5da55ea626890aceb7ae4c391e192055a60a1beba9a98ac70ee1353ce_arm64",
"product_identification_helper": {
"purl": "pkg:oci/de-minimal-rhel9@sha256:f28e22e5da55ea626890aceb7ae4c391e192055a60a1beba9a98ac70ee1353ce?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/de-minimal-rhel9\u0026tag=1.0.0-128"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/de-minimal-rhel8@sha256:1e2c70baa0950d9667715e4deda717db264ea07aaa097ed4c3e11025eb4c59a0_arm64",
"product": {
"name": "ansible-automation-platform-24/de-minimal-rhel8@sha256:1e2c70baa0950d9667715e4deda717db264ea07aaa097ed4c3e11025eb4c59a0_arm64",
"product_id": "ansible-automation-platform-24/de-minimal-rhel8@sha256:1e2c70baa0950d9667715e4deda717db264ea07aaa097ed4c3e11025eb4c59a0_arm64",
"product_identification_helper": {
"purl": "pkg:oci/de-minimal-rhel8@sha256:1e2c70baa0950d9667715e4deda717db264ea07aaa097ed4c3e11025eb4c59a0?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/de-minimal-rhel8\u0026tag=1.0.0-129"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/de-supported-rhel8@sha256:d4d8984a1e1191d58e402dfd9f7d80a1f3bf714b774cc0837809ccabbbbfdb03_arm64",
"product": {
"name": "ansible-automation-platform-24/de-supported-rhel8@sha256:d4d8984a1e1191d58e402dfd9f7d80a1f3bf714b774cc0837809ccabbbbfdb03_arm64",
"product_id": "ansible-automation-platform-24/de-supported-rhel8@sha256:d4d8984a1e1191d58e402dfd9f7d80a1f3bf714b774cc0837809ccabbbbfdb03_arm64",
"product_identification_helper": {
"purl": "pkg:oci/de-supported-rhel8@sha256:d4d8984a1e1191d58e402dfd9f7d80a1f3bf714b774cc0837809ccabbbbfdb03?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/de-supported-rhel8\u0026tag=1.0.0-135"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/de-supported-rhel9@sha256:de1067b9be05a3acb9bb61458fb89e71acf01cad7a9439a638972bc0615a4d5a_arm64",
"product": {
"name": "ansible-automation-platform-24/de-supported-rhel9@sha256:de1067b9be05a3acb9bb61458fb89e71acf01cad7a9439a638972bc0615a4d5a_arm64",
"product_id": "ansible-automation-platform-24/de-supported-rhel9@sha256:de1067b9be05a3acb9bb61458fb89e71acf01cad7a9439a638972bc0615a4d5a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/de-supported-rhel9@sha256:de1067b9be05a3acb9bb61458fb89e71acf01cad7a9439a638972bc0615a4d5a?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/de-supported-rhel9\u0026tag=1.0.0-134"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform/ee-containerized-installer-rhel8@sha256:797d37d3015ebbf5125f6e1d12d47774a276a42a3c18ccabab2bf1c466b001fd_arm64",
"product": {
"name": "ansible-automation-platform/ee-containerized-installer-rhel8@sha256:797d37d3015ebbf5125f6e1d12d47774a276a42a3c18ccabab2bf1c466b001fd_arm64",
"product_id": "ansible-automation-platform/ee-containerized-installer-rhel8@sha256:797d37d3015ebbf5125f6e1d12d47774a276a42a3c18ccabab2bf1c466b001fd_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ee-containerized-installer-rhel8@sha256:797d37d3015ebbf5125f6e1d12d47774a276a42a3c18ccabab2bf1c466b001fd?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform/ee-containerized-installer-rhel8\u0026tag=1.2.3-13"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/ee-dellemc-openmanage-rhel8@sha256:628f7596505a9ab111cfcd1d3a1eb11e537dbf663d9b802e3cc94af8dbfa05d6_arm64",
"product": {
"name": "ansible-automation-platform-24/ee-dellemc-openmanage-rhel8@sha256:628f7596505a9ab111cfcd1d3a1eb11e537dbf663d9b802e3cc94af8dbfa05d6_arm64",
"product_id": "ansible-automation-platform-24/ee-dellemc-openmanage-rhel8@sha256:628f7596505a9ab111cfcd1d3a1eb11e537dbf663d9b802e3cc94af8dbfa05d6_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ee-dellemc-openmanage-rhel8@sha256:628f7596505a9ab111cfcd1d3a1eb11e537dbf663d9b802e3cc94af8dbfa05d6?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/ee-dellemc-openmanage-rhel8\u0026tag=8.3.0-7"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/ee-minimal-rhel9@sha256:9bf9ff9e04832f353a8904f7f7826417abfe3891a927939a1cdfcfde30d1d10c_arm64",
"product": {
"name": "ansible-automation-platform-24/ee-minimal-rhel9@sha256:9bf9ff9e04832f353a8904f7f7826417abfe3891a927939a1cdfcfde30d1d10c_arm64",
"product_id": "ansible-automation-platform-24/ee-minimal-rhel9@sha256:9bf9ff9e04832f353a8904f7f7826417abfe3891a927939a1cdfcfde30d1d10c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ee-minimal-rhel9@sha256:9bf9ff9e04832f353a8904f7f7826417abfe3891a927939a1cdfcfde30d1d10c?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/ee-minimal-rhel9\u0026tag=1.0.0-451"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/ee-minimal-rhel8@sha256:5a2b269ebe2bbb5f27af823cc13c3ce06ade36f43480aa56d41d654d5ef139e3_arm64",
"product": {
"name": "ansible-automation-platform-24/ee-minimal-rhel8@sha256:5a2b269ebe2bbb5f27af823cc13c3ce06ade36f43480aa56d41d654d5ef139e3_arm64",
"product_id": "ansible-automation-platform-24/ee-minimal-rhel8@sha256:5a2b269ebe2bbb5f27af823cc13c3ce06ade36f43480aa56d41d654d5ef139e3_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ee-minimal-rhel8@sha256:5a2b269ebe2bbb5f27af823cc13c3ce06ade36f43480aa56d41d654d5ef139e3?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/ee-minimal-rhel8\u0026tag=1.0.0-450"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/ee-supported-rhel8@sha256:adad7b24fba97c5649f320ebc72a6b6cbf280e552121a2081b0fe804b06ef78d_arm64",
"product": {
"name": "ansible-automation-platform-24/ee-supported-rhel8@sha256:adad7b24fba97c5649f320ebc72a6b6cbf280e552121a2081b0fe804b06ef78d_arm64",
"product_id": "ansible-automation-platform-24/ee-supported-rhel8@sha256:adad7b24fba97c5649f320ebc72a6b6cbf280e552121a2081b0fe804b06ef78d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ee-supported-rhel8@sha256:adad7b24fba97c5649f320ebc72a6b6cbf280e552121a2081b0fe804b06ef78d?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/ee-supported-rhel8\u0026tag=1.0.0-436"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/ee-supported-rhel9@sha256:32d97ab01d3f3df3212c3e949d2630709ae05e4d0c56aafd6a720827234cf3e9_arm64",
"product": {
"name": "ansible-automation-platform-24/ee-supported-rhel9@sha256:32d97ab01d3f3df3212c3e949d2630709ae05e4d0c56aafd6a720827234cf3e9_arm64",
"product_id": "ansible-automation-platform-24/ee-supported-rhel9@sha256:32d97ab01d3f3df3212c3e949d2630709ae05e4d0c56aafd6a720827234cf3e9_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ee-supported-rhel9@sha256:32d97ab01d3f3df3212c3e949d2630709ae05e4d0c56aafd6a720827234cf3e9?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/ee-supported-rhel9\u0026tag=1.0.0-435"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:964337aac284059c1abde17a9bd2c0d13fd5a149a91af19eb56944728f7f5584_arm64",
"product": {
"name": "ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:964337aac284059c1abde17a9bd2c0d13fd5a149a91af19eb56944728f7f5584_arm64",
"product_id": "ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:964337aac284059c1abde17a9bd2c0d13fd5a149a91af19eb56944728f7f5584_arm64",
"product_identification_helper": {
"purl": "pkg:oci/platform-resource-rhel8-operator@sha256:964337aac284059c1abde17a9bd2c0d13fd5a149a91af19eb56944728f7f5584?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/platform-resource-rhel8-operator\u0026tag=2.4-68"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:8c80648871aee9d1c5450226d18b122a40fe188b1140fcb22800ecda41bb6343_arm64",
"product": {
"name": "ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:8c80648871aee9d1c5450226d18b122a40fe188b1140fcb22800ecda41bb6343_arm64",
"product_id": "ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:8c80648871aee9d1c5450226d18b122a40fe188b1140fcb22800ecda41bb6343_arm64",
"product_identification_helper": {
"purl": "pkg:oci/platform-resource-runner-rhel8@sha256:8c80648871aee9d1c5450226d18b122a40fe188b1140fcb22800ecda41bb6343?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/platform-resource-runner-rhel8\u0026tag=2.4-88"
}
}
}
],
"category": "architecture",
"name": "arm64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/aap-cloud-billing-rhel8-operator@sha256:3151364d2c3359a253e6f95fe296ad9842bcf859a4d05e65abc1283f7646f986_amd64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-billing-rhel8-operator@sha256:3151364d2c3359a253e6f95fe296ad9842bcf859a4d05e65abc1283f7646f986_amd64"
},
"product_reference": "ansible-automation-platform-24/aap-cloud-billing-rhel8-operator@sha256:3151364d2c3359a253e6f95fe296ad9842bcf859a4d05e65abc1283f7646f986_amd64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Cloud-Billing"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/aap-cloud-billing-rhel8@sha256:f650486925c3bb5ff56570543839ef8ab668c91bba11a30aeceba22b0cf25b3e_amd64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-billing-rhel8@sha256:f650486925c3bb5ff56570543839ef8ab668c91bba11a30aeceba22b0cf25b3e_amd64"
},
"product_reference": "ansible-automation-platform-24/aap-cloud-billing-rhel8@sha256:f650486925c3bb5ff56570543839ef8ab668c91bba11a30aeceba22b0cf25b3e_amd64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Cloud-Billing"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/aap-cloud-metrics-collector-rhel8@sha256:738e8ad888db5fa2205b9eb809b25ee98b77b47e7cb009d7aef94e0ab09c9492_amd64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-metrics-collector-rhel8@sha256:738e8ad888db5fa2205b9eb809b25ee98b77b47e7cb009d7aef94e0ab09c9492_amd64"
},
"product_reference": "ansible-automation-platform-24/aap-cloud-metrics-collector-rhel8@sha256:738e8ad888db5fa2205b9eb809b25ee98b77b47e7cb009d7aef94e0ab09c9492_amd64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Cloud-Billing"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/aap-cloud-ui-rhel8-operator@sha256:2826678e9aca4fc567567c36f0d7af6cc22ee85fcfb23d3552534712685d512d_amd64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-ui-rhel8-operator@sha256:2826678e9aca4fc567567c36f0d7af6cc22ee85fcfb23d3552534712685d512d_amd64"
},
"product_reference": "ansible-automation-platform-24/aap-cloud-ui-rhel8-operator@sha256:2826678e9aca4fc567567c36f0d7af6cc22ee85fcfb23d3552534712685d512d_amd64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Cloud-Billing"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/aap-cloud-ui-rhel8@sha256:0d0b96befa8957940d289d905517a6e2ef687cc28c9e68c29acb7813a90a13a6_amd64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-ui-rhel8@sha256:0d0b96befa8957940d289d905517a6e2ef687cc28c9e68c29acb7813a90a13a6_amd64"
},
"product_reference": "ansible-automation-platform-24/aap-cloud-ui-rhel8@sha256:0d0b96befa8957940d289d905517a6e2ef687cc28c9e68c29acb7813a90a13a6_amd64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Cloud-Billing"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/aap-must-gather-rhel8@sha256:1ff8637546e4244650e7ad05e9e287c041198d4848a0834c4b505c73ec2adc40_amd64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/aap-must-gather-rhel8@sha256:1ff8637546e4244650e7ad05e9e287c041198d4848a0834c4b505c73ec2adc40_amd64"
},
"product_reference": "ansible-automation-platform-24/aap-must-gather-rhel8@sha256:1ff8637546e4244650e7ad05e9e287c041198d4848a0834c4b505c73ec2adc40_amd64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/aap-must-gather-rhel8@sha256:53a9a6779f8569b03faec060888f39d2d3f071d3a4af8269f66490abd8bfad7e_arm64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/aap-must-gather-rhel8@sha256:53a9a6779f8569b03faec060888f39d2d3f071d3a4af8269f66490abd8bfad7e_arm64"
},
"product_reference": "ansible-automation-platform-24/aap-must-gather-rhel8@sha256:53a9a6779f8569b03faec060888f39d2d3f071d3a4af8269f66490abd8bfad7e_arm64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/aap-must-gather-rhel8@sha256:ba77e7f17865da4d59f91b69ab58cbeafaa86debe50d2d6fb89e9812f4aed1c7_s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/aap-must-gather-rhel8@sha256:ba77e7f17865da4d59f91b69ab58cbeafaa86debe50d2d6fb89e9812f4aed1c7_s390x"
},
"product_reference": "ansible-automation-platform-24/aap-must-gather-rhel8@sha256:ba77e7f17865da4d59f91b69ab58cbeafaa86debe50d2d6fb89e9812f4aed1c7_s390x",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/aap-must-gather-rhel8@sha256:d1730361a768cc0dc847958b872eac8befb5bcbe87d4fc18098b9ff4ed072cf3_ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/aap-must-gather-rhel8@sha256:d1730361a768cc0dc847958b872eac8befb5bcbe87d4fc18098b9ff4ed072cf3_ppc64le"
},
"product_reference": "ansible-automation-platform-24/aap-must-gather-rhel8@sha256:d1730361a768cc0dc847958b872eac8befb5bcbe87d4fc18098b9ff4ed072cf3_ppc64le",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/ansible-builder-rhel8@sha256:0089971676a347149081311def7417185edfeac0fa0fb09bac556d1e4ac17971_arm64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel8@sha256:0089971676a347149081311def7417185edfeac0fa0fb09bac556d1e4ac17971_arm64"
},
"product_reference": "ansible-automation-platform-24/ansible-builder-rhel8@sha256:0089971676a347149081311def7417185edfeac0fa0fb09bac556d1e4ac17971_arm64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/ansible-builder-rhel8@sha256:0a5ae31195b5b32e8f0800a301ce0e1e282812af59c667c4b40af82a8ca09d62_amd64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel8@sha256:0a5ae31195b5b32e8f0800a301ce0e1e282812af59c667c4b40af82a8ca09d62_amd64"
},
"product_reference": "ansible-automation-platform-24/ansible-builder-rhel8@sha256:0a5ae31195b5b32e8f0800a301ce0e1e282812af59c667c4b40af82a8ca09d62_amd64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/ansible-builder-rhel8@sha256:73220bd2c0da0524f6eb6c7a88378ee9970a804a998f039fa14683cf5d7adf2f_s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel8@sha256:73220bd2c0da0524f6eb6c7a88378ee9970a804a998f039fa14683cf5d7adf2f_s390x"
},
"product_reference": "ansible-automation-platform-24/ansible-builder-rhel8@sha256:73220bd2c0da0524f6eb6c7a88378ee9970a804a998f039fa14683cf5d7adf2f_s390x",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/ansible-builder-rhel8@sha256:9aa60f9acfd33709262f38091589521ef49674607e69a3baa6f3d9c9508a10fe_ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel8@sha256:9aa60f9acfd33709262f38091589521ef49674607e69a3baa6f3d9c9508a10fe_ppc64le"
},
"product_reference": "ansible-automation-platform-24/ansible-builder-rhel8@sha256:9aa60f9acfd33709262f38091589521ef49674607e69a3baa6f3d9c9508a10fe_ppc64le",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/ansible-python-base-rhel8@sha256:5cf9e0d8a0ad5b1492187b177751cede769b53dc830e5b1bc5dcdd110a71a397_amd64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel8@sha256:5cf9e0d8a0ad5b1492187b177751cede769b53dc830e5b1bc5dcdd110a71a397_amd64"
},
"product_reference": "ansible-automation-platform-24/ansible-python-base-rhel8@sha256:5cf9e0d8a0ad5b1492187b177751cede769b53dc830e5b1bc5dcdd110a71a397_amd64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/ansible-python-base-rhel8@sha256:6599eee6f2b0b8c08ea3dc49598f97aea3b53b456afcc410dd740c39bbfdcd63_arm64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel8@sha256:6599eee6f2b0b8c08ea3dc49598f97aea3b53b456afcc410dd740c39bbfdcd63_arm64"
},
"product_reference": "ansible-automation-platform-24/ansible-python-base-rhel8@sha256:6599eee6f2b0b8c08ea3dc49598f97aea3b53b456afcc410dd740c39bbfdcd63_arm64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/ansible-python-base-rhel8@sha256:697fa0ba756009f66eb78f1feb4f9597da4b2382644c76f7755d29dd70aecea2_s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel8@sha256:697fa0ba756009f66eb78f1feb4f9597da4b2382644c76f7755d29dd70aecea2_s390x"
},
"product_reference": "ansible-automation-platform-24/ansible-python-base-rhel8@sha256:697fa0ba756009f66eb78f1feb4f9597da4b2382644c76f7755d29dd70aecea2_s390x",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/ansible-python-base-rhel8@sha256:dd8c5dc68cf8d71a563743040922540101be6c1b29c2f565e1352ece5b68377b_ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel8@sha256:dd8c5dc68cf8d71a563743040922540101be6c1b29c2f565e1352ece5b68377b_ppc64le"
},
"product_reference": "ansible-automation-platform-24/ansible-python-base-rhel8@sha256:dd8c5dc68cf8d71a563743040922540101be6c1b29c2f565e1352ece5b68377b_ppc64le",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:9273cfd468a23859d784dc3fbf2ad1abb04892e6a3f2ad55d8d2e7c623d0419f_s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:9273cfd468a23859d784dc3fbf2ad1abb04892e6a3f2ad55d8d2e7c623d0419f_s390x"
},
"product_reference": "ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:9273cfd468a23859d784dc3fbf2ad1abb04892e6a3f2ad55d8d2e7c623d0419f_s390x",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:99e842a1ca0ea2234c09a8a9466d936968ef36032c102e26fa761089528461e7_amd64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:99e842a1ca0ea2234c09a8a9466d936968ef36032c102e26fa761089528461e7_amd64"
},
"product_reference": "ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:99e842a1ca0ea2234c09a8a9466d936968ef36032c102e26fa761089528461e7_amd64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:d2d4b79f72dfe3f646f27b2c35e5108ed3a3c867fd0b9c04d0193e6ec717ad75_ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:d2d4b79f72dfe3f646f27b2c35e5108ed3a3c867fd0b9c04d0193e6ec717ad75_ppc64le"
},
"product_reference": "ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:d2d4b79f72dfe3f646f27b2c35e5108ed3a3c867fd0b9c04d0193e6ec717ad75_ppc64le",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:d6ae7f3136a14984e33f46598f6e321ad72f3875e4c3f0a8c773e5046fb99f1a_arm64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:d6ae7f3136a14984e33f46598f6e321ad72f3875e4c3f0a8c773e5046fb99f1a_arm64"
},
"product_reference": "ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:d6ae7f3136a14984e33f46598f6e321ad72f3875e4c3f0a8c773e5046fb99f1a_arm64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/controller-rhel8-operator@sha256:013993b69238a181ef9be9c6cbd173f4af8280f6dc763e52a493e54e71069a01_arm64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8-operator@sha256:013993b69238a181ef9be9c6cbd173f4af8280f6dc763e52a493e54e71069a01_arm64"
},
"product_reference": "ansible-automation-platform-24/controller-rhel8-operator@sha256:013993b69238a181ef9be9c6cbd173f4af8280f6dc763e52a493e54e71069a01_arm64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/controller-rhel8-operator@sha256:07a798fdc9b88ce7332a1300475e3a56d439b55a7ad5e10fd8d4e036661841cd_amd64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8-operator@sha256:07a798fdc9b88ce7332a1300475e3a56d439b55a7ad5e10fd8d4e036661841cd_amd64"
},
"product_reference": "ansible-automation-platform-24/controller-rhel8-operator@sha256:07a798fdc9b88ce7332a1300475e3a56d439b55a7ad5e10fd8d4e036661841cd_amd64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/controller-rhel8-operator@sha256:2e252f02c2695856d19d90299e2f1cc2bf93d7304e48da306628b12f4d56b037_ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8-operator@sha256:2e252f02c2695856d19d90299e2f1cc2bf93d7304e48da306628b12f4d56b037_ppc64le"
},
"product_reference": "ansible-automation-platform-24/controller-rhel8-operator@sha256:2e252f02c2695856d19d90299e2f1cc2bf93d7304e48da306628b12f4d56b037_ppc64le",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/controller-rhel8-operator@sha256:71dac652dd2a9588f1722c5147c8cc9cdb5c38d3cb3dc5a5e955c4cba6a3e57c_s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8-operator@sha256:71dac652dd2a9588f1722c5147c8cc9cdb5c38d3cb3dc5a5e955c4cba6a3e57c_s390x"
},
"product_reference": "ansible-automation-platform-24/controller-rhel8-operator@sha256:71dac652dd2a9588f1722c5147c8cc9cdb5c38d3cb3dc5a5e955c4cba6a3e57c_s390x",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/controller-rhel8@sha256:11f4ad08d0d96223b17e08a5d07f0594d0d450fe94bd86ce6f57165d20eedfee_amd64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8@sha256:11f4ad08d0d96223b17e08a5d07f0594d0d450fe94bd86ce6f57165d20eedfee_amd64"
},
"product_reference": "ansible-automation-platform-24/controller-rhel8@sha256:11f4ad08d0d96223b17e08a5d07f0594d0d450fe94bd86ce6f57165d20eedfee_amd64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/controller-rhel8@sha256:6855d1b68735adde33f4ad83496e7ada4548e3fb1ad07cb7925dfb726d800da0_ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8@sha256:6855d1b68735adde33f4ad83496e7ada4548e3fb1ad07cb7925dfb726d800da0_ppc64le"
},
"product_reference": "ansible-automation-platform-24/controller-rhel8@sha256:6855d1b68735adde33f4ad83496e7ada4548e3fb1ad07cb7925dfb726d800da0_ppc64le",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/controller-rhel8@sha256:c8fdd92c3c2c497ab1d4ba8c96759e8f2dfe7f023df6c5021dfed672c98d0621_arm64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8@sha256:c8fdd92c3c2c497ab1d4ba8c96759e8f2dfe7f023df6c5021dfed672c98d0621_arm64"
},
"product_reference": "ansible-automation-platform-24/controller-rhel8@sha256:c8fdd92c3c2c497ab1d4ba8c96759e8f2dfe7f023df6c5021dfed672c98d0621_arm64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/controller-rhel8@sha256:f346fa5d9a45ba329dc668e6a63672020fb579948b6c417ce76400e07ef928a5_s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8@sha256:f346fa5d9a45ba329dc668e6a63672020fb579948b6c417ce76400e07ef928a5_s390x"
},
"product_reference": "ansible-automation-platform-24/controller-rhel8@sha256:f346fa5d9a45ba329dc668e6a63672020fb579948b6c417ce76400e07ef928a5_s390x",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/de-minimal-rhel8@sha256:1e2c70baa0950d9667715e4deda717db264ea07aaa097ed4c3e11025eb4c59a0_arm64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel8@sha256:1e2c70baa0950d9667715e4deda717db264ea07aaa097ed4c3e11025eb4c59a0_arm64"
},
"product_reference": "ansible-automation-platform-24/de-minimal-rhel8@sha256:1e2c70baa0950d9667715e4deda717db264ea07aaa097ed4c3e11025eb4c59a0_arm64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/de-minimal-rhel8@sha256:3407db77ac87aecdc3bd3d32294672192caadd5779858d9c1ca559eef0dcf431_ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel8@sha256:3407db77ac87aecdc3bd3d32294672192caadd5779858d9c1ca559eef0dcf431_ppc64le"
},
"product_reference": "ansible-automation-platform-24/de-minimal-rhel8@sha256:3407db77ac87aecdc3bd3d32294672192caadd5779858d9c1ca559eef0dcf431_ppc64le",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/de-minimal-rhel8@sha256:6bf6294838abf4584f07500c9d61e7358d706f5754e1171e6a4184957e272d18_s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel8@sha256:6bf6294838abf4584f07500c9d61e7358d706f5754e1171e6a4184957e272d18_s390x"
},
"product_reference": "ansible-automation-platform-24/de-minimal-rhel8@sha256:6bf6294838abf4584f07500c9d61e7358d706f5754e1171e6a4184957e272d18_s390x",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/de-minimal-rhel8@sha256:8c7d062a28b7e54510c1aa45598a6e7c0777962b0c5d1dd1eff77e2203aabc93_amd64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel8@sha256:8c7d062a28b7e54510c1aa45598a6e7c0777962b0c5d1dd1eff77e2203aabc93_amd64"
},
"product_reference": "ansible-automation-platform-24/de-minimal-rhel8@sha256:8c7d062a28b7e54510c1aa45598a6e7c0777962b0c5d1dd1eff77e2203aabc93_amd64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/de-supported-rhel8@sha256:037b08f1cdf2bd0ba488ec02d6c4136171cadad65017f4331fb8e6d8b9ec8ffb_ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel8@sha256:037b08f1cdf2bd0ba488ec02d6c4136171cadad65017f4331fb8e6d8b9ec8ffb_ppc64le"
},
"product_reference": "ansible-automation-platform-24/de-supported-rhel8@sha256:037b08f1cdf2bd0ba488ec02d6c4136171cadad65017f4331fb8e6d8b9ec8ffb_ppc64le",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/de-supported-rhel8@sha256:3abdaa6c02011ee543838612626d895980298d6e505e510f4a2b75e6ee0d6315_amd64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel8@sha256:3abdaa6c02011ee543838612626d895980298d6e505e510f4a2b75e6ee0d6315_amd64"
},
"product_reference": "ansible-automation-platform-24/de-supported-rhel8@sha256:3abdaa6c02011ee543838612626d895980298d6e505e510f4a2b75e6ee0d6315_amd64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/de-supported-rhel8@sha256:d4d8984a1e1191d58e402dfd9f7d80a1f3bf714b774cc0837809ccabbbbfdb03_arm64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel8@sha256:d4d8984a1e1191d58e402dfd9f7d80a1f3bf714b774cc0837809ccabbbbfdb03_arm64"
},
"product_reference": "ansible-automation-platform-24/de-supported-rhel8@sha256:d4d8984a1e1191d58e402dfd9f7d80a1f3bf714b774cc0837809ccabbbbfdb03_arm64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/de-supported-rhel8@sha256:dcdf4678c085dcb1014930901def587b01e780ce45a471f17a9c39de221b0757_s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel8@sha256:dcdf4678c085dcb1014930901def587b01e780ce45a471f17a9c39de221b0757_s390x"
},
"product_reference": "ansible-automation-platform-24/de-supported-rhel8@sha256:dcdf4678c085dcb1014930901def587b01e780ce45a471f17a9c39de221b0757_s390x",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:4220b98f9d8e805a77a4a4ef95855b8f2c61467a02f686c7b547496831493746_ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:4220b98f9d8e805a77a4a4ef95855b8f2c61467a02f686c7b547496831493746_ppc64le"
},
"product_reference": "ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:4220b98f9d8e805a77a4a4ef95855b8f2c61467a02f686c7b547496831493746_ppc64le",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:683b9705958bb94e2f3fa8901c19ffd4d2a3967104fec3a969a46fa7e5702507_arm64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:683b9705958bb94e2f3fa8901c19ffd4d2a3967104fec3a969a46fa7e5702507_arm64"
},
"product_reference": "ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:683b9705958bb94e2f3fa8901c19ffd4d2a3967104fec3a969a46fa7e5702507_arm64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:b533066a88203acca58a7355f379018eb270f0c932c35f8170e76bfe658ef84b_s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:b533066a88203acca58a7355f379018eb270f0c932c35f8170e76bfe658ef84b_s390x"
},
"product_reference": "ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:b533066a88203acca58a7355f379018eb270f0c932c35f8170e76bfe658ef84b_s390x",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:f9f8d32c2ab60ab6c30bfcdec7778f6eb67ba30015d9453afd67ab334c8c2fe5_amd64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:f9f8d32c2ab60ab6c30bfcdec7778f6eb67ba30015d9453afd67ab334c8c2fe5_amd64"
},
"product_reference": "ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:f9f8d32c2ab60ab6c30bfcdec7778f6eb67ba30015d9453afd67ab334c8c2fe5_amd64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/eda-controller-rhel8@sha256:2bc05e35b21a826737e8bc523924d8137a531003d2ba2466243f4172708f2cbc_arm64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8@sha256:2bc05e35b21a826737e8bc523924d8137a531003d2ba2466243f4172708f2cbc_arm64"
},
"product_reference": "ansible-automation-platform-24/eda-controller-rhel8@sha256:2bc05e35b21a826737e8bc523924d8137a531003d2ba2466243f4172708f2cbc_arm64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/eda-controller-rhel8@sha256:3059b9a6c38deb5aac3fb60875214fe2dafe50cda028638816ec67741169ec73_ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8@sha256:3059b9a6c38deb5aac3fb60875214fe2dafe50cda028638816ec67741169ec73_ppc64le"
},
"product_reference": "ansible-automation-platform-24/eda-controller-rhel8@sha256:3059b9a6c38deb5aac3fb60875214fe2dafe50cda028638816ec67741169ec73_ppc64le",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/eda-controller-rhel8@sha256:7d75552ba2d42b0f85695e9a71ff71dd781bce0452590d89c12a8fc9f1a501ff_s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8@sha256:7d75552ba2d42b0f85695e9a71ff71dd781bce0452590d89c12a8fc9f1a501ff_s390x"
},
"product_reference": "ansible-automation-platform-24/eda-controller-rhel8@sha256:7d75552ba2d42b0f85695e9a71ff71dd781bce0452590d89c12a8fc9f1a501ff_s390x",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/eda-controller-rhel8@sha256:fd7e96d6b70e0a1b13f0f34e7f14d4de14d07f0db6c449c20e1211bc3982205e_amd64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8@sha256:fd7e96d6b70e0a1b13f0f34e7f14d4de14d07f0db6c449c20e1211bc3982205e_amd64"
},
"product_reference": "ansible-automation-platform-24/eda-controller-rhel8@sha256:fd7e96d6b70e0a1b13f0f34e7f14d4de14d07f0db6c449c20e1211bc3982205e_amd64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:56b46c50edef8f427dbc11d32c493ccc3b12df9dc9f553c2e8d3740313ae3cd1_amd64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:56b46c50edef8f427dbc11d32c493ccc3b12df9dc9f553c2e8d3740313ae3cd1_amd64"
},
"product_reference": "ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:56b46c50edef8f427dbc11d32c493ccc3b12df9dc9f553c2e8d3740313ae3cd1_amd64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:7eeca90468dde408d820ffb7b530d0cef615fe6f4a7e852b47ff18028cc09ecc_s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:7eeca90468dde408d820ffb7b530d0cef615fe6f4a7e852b47ff18028cc09ecc_s390x"
},
"product_reference": "ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:7eeca90468dde408d820ffb7b530d0cef615fe6f4a7e852b47ff18028cc09ecc_s390x",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:88f5e52c33ca6ff00cb1fd37753a2b1f9e4b6b2a07977e68b71262a8d7a4c58b_ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:88f5e52c33ca6ff00cb1fd37753a2b1f9e4b6b2a07977e68b71262a8d7a4c58b_ppc64le"
},
"product_reference": "ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:88f5e52c33ca6ff00cb1fd37753a2b1f9e4b6b2a07977e68b71262a8d7a4c58b_ppc64le",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:ee508e6aaaf56c6ec9025d7650000a39a7b05319b570e6961eb72d20623793d9_arm64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:ee508e6aaaf56c6ec9025d7650000a39a7b05319b570e6961eb72d20623793d9_arm64"
},
"product_reference": "ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:ee508e6aaaf56c6ec9025d7650000a39a7b05319b570e6961eb72d20623793d9_arm64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/ee-29-rhel8@sha256:5685c052ba6b6d3eec7b7c740ba6b967e92f1fa22631dcf2fe048c57d16cf12a_amd64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-29-rhel8@sha256:5685c052ba6b6d3eec7b7c740ba6b967e92f1fa22631dcf2fe048c57d16cf12a_amd64"
},
"product_reference": "ansible-automation-platform-24/ee-29-rhel8@sha256:5685c052ba6b6d3eec7b7c740ba6b967e92f1fa22631dcf2fe048c57d16cf12a_amd64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/ee-cloud-services-rhel8@sha256:d0797635652c5d9044da6c9f3ecbcc174bf7a9823f1c72cde44830cfe4f5ff56_amd64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-cloud-services-rhel8@sha256:d0797635652c5d9044da6c9f3ecbcc174bf7a9823f1c72cde44830cfe4f5ff56_amd64"
},
"product_reference": "ansible-automation-platform-24/ee-cloud-services-rhel8@sha256:d0797635652c5d9044da6c9f3ecbcc174bf7a9823f1c72cde44830cfe4f5ff56_amd64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/ee-dellemc-openmanage-rhel8@sha256:628f7596505a9ab111cfcd1d3a1eb11e537dbf663d9b802e3cc94af8dbfa05d6_arm64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-dellemc-openmanage-rhel8@sha256:628f7596505a9ab111cfcd1d3a1eb11e537dbf663d9b802e3cc94af8dbfa05d6_arm64"
},
"product_reference": "ansible-automation-platform-24/ee-dellemc-openmanage-rhel8@sha256:628f7596505a9ab111cfcd1d3a1eb11e537dbf663d9b802e3cc94af8dbfa05d6_arm64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/ee-dellemc-openmanage-rhel8@sha256:894f470c00c9bffad51ba8e8aecac867345c6e3f90227d773699cf8ef25120eb_amd64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-dellemc-openmanage-rhel8@sha256:894f470c00c9bffad51ba8e8aecac867345c6e3f90227d773699cf8ef25120eb_amd64"
},
"product_reference": "ansible-automation-platform-24/ee-dellemc-openmanage-rhel8@sha256:894f470c00c9bffad51ba8e8aecac867345c6e3f90227d773699cf8ef25120eb_amd64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/ee-minimal-rhel8@sha256:382c4b91e8c8b30b51d3168b4a16f7c75c96198f4699c301bd03d686c8e85ae7_s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel8@sha256:382c4b91e8c8b30b51d3168b4a16f7c75c96198f4699c301bd03d686c8e85ae7_s390x"
},
"product_reference": "ansible-automation-platform-24/ee-minimal-rhel8@sha256:382c4b91e8c8b30b51d3168b4a16f7c75c96198f4699c301bd03d686c8e85ae7_s390x",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/ee-minimal-rhel8@sha256:5a2b269ebe2bbb5f27af823cc13c3ce06ade36f43480aa56d41d654d5ef139e3_arm64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel8@sha256:5a2b269ebe2bbb5f27af823cc13c3ce06ade36f43480aa56d41d654d5ef139e3_arm64"
},
"product_reference": "ansible-automation-platform-24/ee-minimal-rhel8@sha256:5a2b269ebe2bbb5f27af823cc13c3ce06ade36f43480aa56d41d654d5ef139e3_arm64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/ee-minimal-rhel8@sha256:63ea2ecffbf408183f3f37e4c1df4e3a77b9f4c0806d2ef3141d102470661e38_ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel8@sha256:63ea2ecffbf408183f3f37e4c1df4e3a77b9f4c0806d2ef3141d102470661e38_ppc64le"
},
"product_reference": "ansible-automation-platform-24/ee-minimal-rhel8@sha256:63ea2ecffbf408183f3f37e4c1df4e3a77b9f4c0806d2ef3141d102470661e38_ppc64le",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/ee-minimal-rhel8@sha256:c4c7158dfc2c317c62aed28f6db21bc347aca92b8301a6cb932c1a5fbf3eac87_amd64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel8@sha256:c4c7158dfc2c317c62aed28f6db21bc347aca92b8301a6cb932c1a5fbf3eac87_amd64"
},
"product_reference": "ansible-automation-platform-24/ee-minimal-rhel8@sha256:c4c7158dfc2c317c62aed28f6db21bc347aca92b8301a6cb932c1a5fbf3eac87_amd64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/ee-supported-rhel8@sha256:72098dcaf2cf2174557428f1121c5926b905dfaa0aad160d3064d171946f298e_amd64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel8@sha256:72098dcaf2cf2174557428f1121c5926b905dfaa0aad160d3064d171946f298e_amd64"
},
"product_reference": "ansible-automation-platform-24/ee-supported-rhel8@sha256:72098dcaf2cf2174557428f1121c5926b905dfaa0aad160d3064d171946f298e_amd64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/ee-supported-rhel8@sha256:97e133b817c1aac347642b414ca6cb108fec25434b945c398bae6763f1596c5e_ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel8@sha256:97e133b817c1aac347642b414ca6cb108fec25434b945c398bae6763f1596c5e_ppc64le"
},
"product_reference": "ansible-automation-platform-24/ee-supported-rhel8@sha256:97e133b817c1aac347642b414ca6cb108fec25434b945c398bae6763f1596c5e_ppc64le",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/ee-supported-rhel8@sha256:a5641fd059a00dff89f846472bf2c139c15ac2908328b03f86ab67087a1dbcf4_s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel8@sha256:a5641fd059a00dff89f846472bf2c139c15ac2908328b03f86ab67087a1dbcf4_s390x"
},
"product_reference": "ansible-automation-platform-24/ee-supported-rhel8@sha256:a5641fd059a00dff89f846472bf2c139c15ac2908328b03f86ab67087a1dbcf4_s390x",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/ee-supported-rhel8@sha256:adad7b24fba97c5649f320ebc72a6b6cbf280e552121a2081b0fe804b06ef78d_arm64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel8@sha256:adad7b24fba97c5649f320ebc72a6b6cbf280e552121a2081b0fe804b06ef78d_arm64"
},
"product_reference": "ansible-automation-platform-24/ee-supported-rhel8@sha256:adad7b24fba97c5649f320ebc72a6b6cbf280e552121a2081b0fe804b06ef78d_arm64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/hub-rhel8-operator@sha256:32fa50754404a12b4d4a58d4ef9def3f5e8225cb2cf1e56983df1677f621462e_s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8-operator@sha256:32fa50754404a12b4d4a58d4ef9def3f5e8225cb2cf1e56983df1677f621462e_s390x"
},
"product_reference": "ansible-automation-platform-24/hub-rhel8-operator@sha256:32fa50754404a12b4d4a58d4ef9def3f5e8225cb2cf1e56983df1677f621462e_s390x",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/hub-rhel8-operator@sha256:ad9213450b9284c6e4323f9f8a5dfc42734ac95b67e5cd6a3afc3bd2945e993d_arm64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8-operator@sha256:ad9213450b9284c6e4323f9f8a5dfc42734ac95b67e5cd6a3afc3bd2945e993d_arm64"
},
"product_reference": "ansible-automation-platform-24/hub-rhel8-operator@sha256:ad9213450b9284c6e4323f9f8a5dfc42734ac95b67e5cd6a3afc3bd2945e993d_arm64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/hub-rhel8-operator@sha256:b3064c6ba7b2cf491ced94cd9b6545306cb7d59e2054a0d7042daaa3c062246e_ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8-operator@sha256:b3064c6ba7b2cf491ced94cd9b6545306cb7d59e2054a0d7042daaa3c062246e_ppc64le"
},
"product_reference": "ansible-automation-platform-24/hub-rhel8-operator@sha256:b3064c6ba7b2cf491ced94cd9b6545306cb7d59e2054a0d7042daaa3c062246e_ppc64le",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/hub-rhel8-operator@sha256:f38fcf5efc4501f3111484cd9c5216f4014fcfd0088d4dd3ad6c14ad76dbe83a_amd64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8-operator@sha256:f38fcf5efc4501f3111484cd9c5216f4014fcfd0088d4dd3ad6c14ad76dbe83a_amd64"
},
"product_reference": "ansible-automation-platform-24/hub-rhel8-operator@sha256:f38fcf5efc4501f3111484cd9c5216f4014fcfd0088d4dd3ad6c14ad76dbe83a_amd64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/hub-rhel8@sha256:a27c12f79db64522884b304c30f40635c774f51596689670fd628f409a68663f_arm64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8@sha256:a27c12f79db64522884b304c30f40635c774f51596689670fd628f409a68663f_arm64"
},
"product_reference": "ansible-automation-platform-24/hub-rhel8@sha256:a27c12f79db64522884b304c30f40635c774f51596689670fd628f409a68663f_arm64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/hub-rhel8@sha256:ac2b684d7ac8e0b6f36fe2da22b2ed41bfb24f8e2f77e64117c186a3cdf2f21b_amd64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8@sha256:ac2b684d7ac8e0b6f36fe2da22b2ed41bfb24f8e2f77e64117c186a3cdf2f21b_amd64"
},
"product_reference": "ansible-automation-platform-24/hub-rhel8@sha256:ac2b684d7ac8e0b6f36fe2da22b2ed41bfb24f8e2f77e64117c186a3cdf2f21b_amd64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/hub-rhel8@sha256:df80c45631e780f58aaf85edddaf77ed82c0b41f0ad766db048615290eeb96a3_ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8@sha256:df80c45631e780f58aaf85edddaf77ed82c0b41f0ad766db048615290eeb96a3_ppc64le"
},
"product_reference": "ansible-automation-platform-24/hub-rhel8@sha256:df80c45631e780f58aaf85edddaf77ed82c0b41f0ad766db048615290eeb96a3_ppc64le",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/hub-rhel8@sha256:fe2675bd2c51d62dfa3473653c00ddf55a1b64791f5029fe0b87087461b700a1_s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8@sha256:fe2675bd2c51d62dfa3473653c00ddf55a1b64791f5029fe0b87087461b700a1_s390x"
},
"product_reference": "ansible-automation-platform-24/hub-rhel8@sha256:fe2675bd2c51d62dfa3473653c00ddf55a1b64791f5029fe0b87087461b700a1_s390x",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/hub-web-rhel8@sha256:01b5493444bc24c954ce86554d0ba8ca99b9db8c516901d0539e1b001ba78590_ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-web-rhel8@sha256:01b5493444bc24c954ce86554d0ba8ca99b9db8c516901d0539e1b001ba78590_ppc64le"
},
"product_reference": "ansible-automation-platform-24/hub-web-rhel8@sha256:01b5493444bc24c954ce86554d0ba8ca99b9db8c516901d0539e1b001ba78590_ppc64le",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/hub-web-rhel8@sha256:0b7d67480c6a15e5a655573f2ac885d34df441978f8f595f8c4d9f5e93c052d1_arm64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-web-rhel8@sha256:0b7d67480c6a15e5a655573f2ac885d34df441978f8f595f8c4d9f5e93c052d1_arm64"
},
"product_reference": "ansible-automation-platform-24/hub-web-rhel8@sha256:0b7d67480c6a15e5a655573f2ac885d34df441978f8f595f8c4d9f5e93c052d1_arm64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/hub-web-rhel8@sha256:a44ffd3666281ab867c177915ddf48fdb59052a2d48f49284a598e8c80125d7b_amd64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-web-rhel8@sha256:a44ffd3666281ab867c177915ddf48fdb59052a2d48f49284a598e8c80125d7b_amd64"
},
"product_reference": "ansible-automation-platform-24/hub-web-rhel8@sha256:a44ffd3666281ab867c177915ddf48fdb59052a2d48f49284a598e8c80125d7b_amd64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/hub-web-rhel8@sha256:ff2db93490c489562bb8c37a247daf01e10c871e628b24cc4006dd2bd14473bb_s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-web-rhel8@sha256:ff2db93490c489562bb8c37a247daf01e10c871e628b24cc4006dd2bd14473bb_s390x"
},
"product_reference": "ansible-automation-platform-24/hub-web-rhel8@sha256:ff2db93490c489562bb8c37a247daf01e10c871e628b24cc4006dd2bd14473bb_s390x",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:13425b0194354a15d71f6bccd7b2e526ef4b2cd8c56b6aff91ebf4435bda20bc_amd64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:13425b0194354a15d71f6bccd7b2e526ef4b2cd8c56b6aff91ebf4435bda20bc_amd64"
},
"product_reference": "ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:13425b0194354a15d71f6bccd7b2e526ef4b2cd8c56b6aff91ebf4435bda20bc_amd64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:893d04a458674590c81c2ef09fb222c36f47bee71ab3615d6bb73432c58d965b_s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:893d04a458674590c81c2ef09fb222c36f47bee71ab3615d6bb73432c58d965b_s390x"
},
"product_reference": "ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:893d04a458674590c81c2ef09fb222c36f47bee71ab3615d6bb73432c58d965b_s390x",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:964337aac284059c1abde17a9bd2c0d13fd5a149a91af19eb56944728f7f5584_arm64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:964337aac284059c1abde17a9bd2c0d13fd5a149a91af19eb56944728f7f5584_arm64"
},
"product_reference": "ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:964337aac284059c1abde17a9bd2c0d13fd5a149a91af19eb56944728f7f5584_arm64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:9d429c6e5d72bf883362b1ae11f8b4ed3a9d468e77e2e29c8ff234df9e255db4_ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:9d429c6e5d72bf883362b1ae11f8b4ed3a9d468e77e2e29c8ff234df9e255db4_ppc64le"
},
"product_reference": "ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:9d429c6e5d72bf883362b1ae11f8b4ed3a9d468e77e2e29c8ff234df9e255db4_ppc64le",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:38bc442a6181a739b4c232d25abd7018dbce05083f3bf09ab7a071a3d2a4c7b4_ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:38bc442a6181a739b4c232d25abd7018dbce05083f3bf09ab7a071a3d2a4c7b4_ppc64le"
},
"product_reference": "ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:38bc442a6181a739b4c232d25abd7018dbce05083f3bf09ab7a071a3d2a4c7b4_ppc64le",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:8c80648871aee9d1c5450226d18b122a40fe188b1140fcb22800ecda41bb6343_arm64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:8c80648871aee9d1c5450226d18b122a40fe188b1140fcb22800ecda41bb6343_arm64"
},
"product_reference": "ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:8c80648871aee9d1c5450226d18b122a40fe188b1140fcb22800ecda41bb6343_arm64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:cfbf2ddd1dce998575bf8e38cd38bbcc98b006ba918d5de8ea1621b5de4d3f67_amd64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:cfbf2ddd1dce998575bf8e38cd38bbcc98b006ba918d5de8ea1621b5de4d3f67_amd64"
},
"product_reference": "ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:cfbf2ddd1dce998575bf8e38cd38bbcc98b006ba918d5de8ea1621b5de4d3f67_amd64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:de8830287e00c4062524ebc9e9a93896503101e6382f553c89cc0c1e7d15618f_s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:de8830287e00c4062524ebc9e9a93896503101e6382f553c89cc0c1e7d15618f_s390x"
},
"product_reference": "ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:de8830287e00c4062524ebc9e9a93896503101e6382f553c89cc0c1e7d15618f_s390x",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform/cloud-addons-operator-bundle@sha256:bdc45dd15fcdf3d3956c6ddc2316a8e68490cc1d4249f95b01b231a0fb17debf_amd64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/cloud-addons-operator-bundle@sha256:bdc45dd15fcdf3d3956c6ddc2316a8e68490cc1d4249f95b01b231a0fb17debf_amd64"
},
"product_reference": "ansible-automation-platform/cloud-addons-operator-bundle@sha256:bdc45dd15fcdf3d3956c6ddc2316a8e68490cc1d4249f95b01b231a0fb17debf_amd64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform/ee-containerized-installer-rhel8@sha256:797d37d3015ebbf5125f6e1d12d47774a276a42a3c18ccabab2bf1c466b001fd_arm64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/ee-containerized-installer-rhel8@sha256:797d37d3015ebbf5125f6e1d12d47774a276a42a3c18ccabab2bf1c466b001fd_arm64"
},
"product_reference": "ansible-automation-platform/ee-containerized-installer-rhel8@sha256:797d37d3015ebbf5125f6e1d12d47774a276a42a3c18ccabab2bf1c466b001fd_arm64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform/ee-containerized-installer-rhel8@sha256:a4cdb956a90531672851a53c6691591c871513630c8d441b0061d0c187f62a99_amd64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/ee-containerized-installer-rhel8@sha256:a4cdb956a90531672851a53c6691591c871513630c8d441b0061d0c187f62a99_amd64"
},
"product_reference": "ansible-automation-platform/ee-containerized-installer-rhel8@sha256:a4cdb956a90531672851a53c6691591c871513630c8d441b0061d0c187f62a99_amd64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform/platform-operator-bundle@sha256:5825e694ae618fd41f495a7d5b9f911da004a9649aa09ca66ad64d3812a884d9_amd64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/platform-operator-bundle@sha256:5825e694ae618fd41f495a7d5b9f911da004a9649aa09ca66ad64d3812a884d9_amd64"
},
"product_reference": "ansible-automation-platform/platform-operator-bundle@sha256:5825e694ae618fd41f495a7d5b9f911da004a9649aa09ca66ad64d3812a884d9_amd64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform/platform-operator-bundle@sha256:8b8051faac5197c85088cdb2032576d7789ef251ffd8ea8fc2e525a199202ab0_s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/platform-operator-bundle@sha256:8b8051faac5197c85088cdb2032576d7789ef251ffd8ea8fc2e525a199202ab0_s390x"
},
"product_reference": "ansible-automation-platform/platform-operator-bundle@sha256:8b8051faac5197c85088cdb2032576d7789ef251ffd8ea8fc2e525a199202ab0_s390x",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform/platform-operator-bundle@sha256:d5d128596af42dddb7f3efa725050a35c07eae5e63a4bd8be7789857cf5d36f3_arm64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/platform-operator-bundle@sha256:d5d128596af42dddb7f3efa725050a35c07eae5e63a4bd8be7789857cf5d36f3_arm64"
},
"product_reference": "ansible-automation-platform/platform-operator-bundle@sha256:d5d128596af42dddb7f3efa725050a35c07eae5e63a4bd8be7789857cf5d36f3_arm64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform/platform-operator-bundle@sha256:ecc912e9ab3146df86e7be7afbc077db49e74f913815c73521ae67893f452853_ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/platform-operator-bundle@sha256:ecc912e9ab3146df86e7be7afbc077db49e74f913815c73521ae67893f452853_ppc64le"
},
"product_reference": "ansible-automation-platform/platform-operator-bundle@sha256:ecc912e9ab3146df86e7be7afbc077db49e74f913815c73521ae67893f452853_ppc64le",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/ansible-builder-rhel9@sha256:20092308c17687aa6059400af8d1772b8fe85207db9f9a5b6d259908e0b63aab_arm64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel9@sha256:20092308c17687aa6059400af8d1772b8fe85207db9f9a5b6d259908e0b63aab_arm64"
},
"product_reference": "ansible-automation-platform-24/ansible-builder-rhel9@sha256:20092308c17687aa6059400af8d1772b8fe85207db9f9a5b6d259908e0b63aab_arm64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/ansible-builder-rhel9@sha256:45ff186bff94f30a34c2fe59bc342d10bf47071567b9d09d1fa61bf08e72f1c4_amd64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel9@sha256:45ff186bff94f30a34c2fe59bc342d10bf47071567b9d09d1fa61bf08e72f1c4_amd64"
},
"product_reference": "ansible-automation-platform-24/ansible-builder-rhel9@sha256:45ff186bff94f30a34c2fe59bc342d10bf47071567b9d09d1fa61bf08e72f1c4_amd64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/ansible-builder-rhel9@sha256:a4a88494691f2fc7689d16a4da97a857e8b795e41ecf5fe09b09ebfc729511ce_s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel9@sha256:a4a88494691f2fc7689d16a4da97a857e8b795e41ecf5fe09b09ebfc729511ce_s390x"
},
"product_reference": "ansible-automation-platform-24/ansible-builder-rhel9@sha256:a4a88494691f2fc7689d16a4da97a857e8b795e41ecf5fe09b09ebfc729511ce_s390x",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/ansible-builder-rhel9@sha256:eb2f2e5796823643b8b52b98976a04089cdc82ce32f3e4a348fc25dd12eff275_ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel9@sha256:eb2f2e5796823643b8b52b98976a04089cdc82ce32f3e4a348fc25dd12eff275_ppc64le"
},
"product_reference": "ansible-automation-platform-24/ansible-builder-rhel9@sha256:eb2f2e5796823643b8b52b98976a04089cdc82ce32f3e4a348fc25dd12eff275_ppc64le",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/ansible-python-base-rhel9@sha256:7ecc021d626a20acc20f73b28005c16a8d20c7640ec51dffdaff236440702172_amd64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel9@sha256:7ecc021d626a20acc20f73b28005c16a8d20c7640ec51dffdaff236440702172_amd64"
},
"product_reference": "ansible-automation-platform-24/ansible-python-base-rhel9@sha256:7ecc021d626a20acc20f73b28005c16a8d20c7640ec51dffdaff236440702172_amd64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/ansible-python-base-rhel9@sha256:8c34db5cc4c68c80db22a835c095d60e3988a3e6d1c82fb91cc8558b43a47b33_s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel9@sha256:8c34db5cc4c68c80db22a835c095d60e3988a3e6d1c82fb91cc8558b43a47b33_s390x"
},
"product_reference": "ansible-automation-platform-24/ansible-python-base-rhel9@sha256:8c34db5cc4c68c80db22a835c095d60e3988a3e6d1c82fb91cc8558b43a47b33_s390x",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/ansible-python-base-rhel9@sha256:91f0cc9dd9261b7bff0484d3db8e499912fa1781aa71ad24c77d0809cccb03f4_ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel9@sha256:91f0cc9dd9261b7bff0484d3db8e499912fa1781aa71ad24c77d0809cccb03f4_ppc64le"
},
"product_reference": "ansible-automation-platform-24/ansible-python-base-rhel9@sha256:91f0cc9dd9261b7bff0484d3db8e499912fa1781aa71ad24c77d0809cccb03f4_ppc64le",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/ansible-python-base-rhel9@sha256:cd96a0ece925ed1443c0797bc3baf992ed7ae087f5977df8728a4aab8940516f_arm64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel9@sha256:cd96a0ece925ed1443c0797bc3baf992ed7ae087f5977df8728a4aab8940516f_arm64"
},
"product_reference": "ansible-automation-platform-24/ansible-python-base-rhel9@sha256:cd96a0ece925ed1443c0797bc3baf992ed7ae087f5977df8728a4aab8940516f_arm64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:035f8ce6c6f6ab88366d7d42ba587d75b60236433e01ce0349a40554ff0e1b05_arm64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:035f8ce6c6f6ab88366d7d42ba587d75b60236433e01ce0349a40554ff0e1b05_arm64"
},
"product_reference": "ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:035f8ce6c6f6ab88366d7d42ba587d75b60236433e01ce0349a40554ff0e1b05_arm64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:11934bcc8a713da353d254164b6914b5769326534a2298f0ccb8642813da5f9a_ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:11934bcc8a713da353d254164b6914b5769326534a2298f0ccb8642813da5f9a_ppc64le"
},
"product_reference": "ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:11934bcc8a713da353d254164b6914b5769326534a2298f0ccb8642813da5f9a_ppc64le",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:b46fed769c86134a110f442dc56b0c8bfd0d469eb39649916db099f611ab3347_s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:b46fed769c86134a110f442dc56b0c8bfd0d469eb39649916db099f611ab3347_s390x"
},
"product_reference": "ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:b46fed769c86134a110f442dc56b0c8bfd0d469eb39649916db099f611ab3347_s390x",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:bc376892f777fade4e725e140ae195ee94bd2f3c8e97b86a2705cbe23fa1875e_amd64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:bc376892f777fade4e725e140ae195ee94bd2f3c8e97b86a2705cbe23fa1875e_amd64"
},
"product_reference": "ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:bc376892f777fade4e725e140ae195ee94bd2f3c8e97b86a2705cbe23fa1875e_amd64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/de-minimal-rhel9@sha256:7660d7f051c9ac00bf49f609bf1e24b8020d2cb8856b40cbecc13de54d55fed8_s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel9@sha256:7660d7f051c9ac00bf49f609bf1e24b8020d2cb8856b40cbecc13de54d55fed8_s390x"
},
"product_reference": "ansible-automation-platform-24/de-minimal-rhel9@sha256:7660d7f051c9ac00bf49f609bf1e24b8020d2cb8856b40cbecc13de54d55fed8_s390x",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/de-minimal-rhel9@sha256:9b13ab56c30c5c77a21e00d2dfbad44f63c6ff7ac5acb6b8ba416f7fb2a0fc51_ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel9@sha256:9b13ab56c30c5c77a21e00d2dfbad44f63c6ff7ac5acb6b8ba416f7fb2a0fc51_ppc64le"
},
"product_reference": "ansible-automation-platform-24/de-minimal-rhel9@sha256:9b13ab56c30c5c77a21e00d2dfbad44f63c6ff7ac5acb6b8ba416f7fb2a0fc51_ppc64le",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/de-minimal-rhel9@sha256:a562c54aa4ba7538aa2b1beab666cab689240f664f8c17bfd769560efbe3b626_amd64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel9@sha256:a562c54aa4ba7538aa2b1beab666cab689240f664f8c17bfd769560efbe3b626_amd64"
},
"product_reference": "ansible-automation-platform-24/de-minimal-rhel9@sha256:a562c54aa4ba7538aa2b1beab666cab689240f664f8c17bfd769560efbe3b626_amd64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/de-minimal-rhel9@sha256:f28e22e5da55ea626890aceb7ae4c391e192055a60a1beba9a98ac70ee1353ce_arm64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel9@sha256:f28e22e5da55ea626890aceb7ae4c391e192055a60a1beba9a98ac70ee1353ce_arm64"
},
"product_reference": "ansible-automation-platform-24/de-minimal-rhel9@sha256:f28e22e5da55ea626890aceb7ae4c391e192055a60a1beba9a98ac70ee1353ce_arm64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/de-supported-rhel9@sha256:5bd5d0da12cc63b3221f508c203b0cde5b4628439d42c1a0303a31c217506936_s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel9@sha256:5bd5d0da12cc63b3221f508c203b0cde5b4628439d42c1a0303a31c217506936_s390x"
},
"product_reference": "ansible-automation-platform-24/de-supported-rhel9@sha256:5bd5d0da12cc63b3221f508c203b0cde5b4628439d42c1a0303a31c217506936_s390x",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/de-supported-rhel9@sha256:da3031d8ff12b8df290c6da7c5451d0a797c24c0b2b0ce5cce943633d2352ee7_ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel9@sha256:da3031d8ff12b8df290c6da7c5451d0a797c24c0b2b0ce5cce943633d2352ee7_ppc64le"
},
"product_reference": "ansible-automation-platform-24/de-supported-rhel9@sha256:da3031d8ff12b8df290c6da7c5451d0a797c24c0b2b0ce5cce943633d2352ee7_ppc64le",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/de-supported-rhel9@sha256:de1067b9be05a3acb9bb61458fb89e71acf01cad7a9439a638972bc0615a4d5a_arm64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel9@sha256:de1067b9be05a3acb9bb61458fb89e71acf01cad7a9439a638972bc0615a4d5a_arm64"
},
"product_reference": "ansible-automation-platform-24/de-supported-rhel9@sha256:de1067b9be05a3acb9bb61458fb89e71acf01cad7a9439a638972bc0615a4d5a_arm64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/de-supported-rhel9@sha256:f4fe61723e459bf8e8b8721cb463a89d77827f87ec835826b0866c617cb19ea7_amd64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel9@sha256:f4fe61723e459bf8e8b8721cb463a89d77827f87ec835826b0866c617cb19ea7_amd64"
},
"product_reference": "ansible-automation-platform-24/de-supported-rhel9@sha256:f4fe61723e459bf8e8b8721cb463a89d77827f87ec835826b0866c617cb19ea7_amd64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/ee-minimal-rhel9@sha256:49d5862f8abc4f05c837b26610604d32c07001af0a93993458b21e8f9adf534f_amd64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel9@sha256:49d5862f8abc4f05c837b26610604d32c07001af0a93993458b21e8f9adf534f_amd64"
},
"product_reference": "ansible-automation-platform-24/ee-minimal-rhel9@sha256:49d5862f8abc4f05c837b26610604d32c07001af0a93993458b21e8f9adf534f_amd64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/ee-minimal-rhel9@sha256:9bf9ff9e04832f353a8904f7f7826417abfe3891a927939a1cdfcfde30d1d10c_arm64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel9@sha256:9bf9ff9e04832f353a8904f7f7826417abfe3891a927939a1cdfcfde30d1d10c_arm64"
},
"product_reference": "ansible-automation-platform-24/ee-minimal-rhel9@sha256:9bf9ff9e04832f353a8904f7f7826417abfe3891a927939a1cdfcfde30d1d10c_arm64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/ee-minimal-rhel9@sha256:c35b05b413bc2090089219d476f0a1e2c56250fc09e190583e167bfcdce5bf35_ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel9@sha256:c35b05b413bc2090089219d476f0a1e2c56250fc09e190583e167bfcdce5bf35_ppc64le"
},
"product_reference": "ansible-automation-platform-24/ee-minimal-rhel9@sha256:c35b05b413bc2090089219d476f0a1e2c56250fc09e190583e167bfcdce5bf35_ppc64le",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/ee-minimal-rhel9@sha256:d21ac96577006183a5cc592fb094cb2cf0f25aa687597d68984965ebcb1cb9a5_s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel9@sha256:d21ac96577006183a5cc592fb094cb2cf0f25aa687597d68984965ebcb1cb9a5_s390x"
},
"product_reference": "ansible-automation-platform-24/ee-minimal-rhel9@sha256:d21ac96577006183a5cc592fb094cb2cf0f25aa687597d68984965ebcb1cb9a5_s390x",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/ee-supported-rhel9@sha256:162dd2718a9d9fdf4e3558129a0a77094a7fd9731ab826c664b69ed955853ddd_ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel9@sha256:162dd2718a9d9fdf4e3558129a0a77094a7fd9731ab826c664b69ed955853ddd_ppc64le"
},
"product_reference": "ansible-automation-platform-24/ee-supported-rhel9@sha256:162dd2718a9d9fdf4e3558129a0a77094a7fd9731ab826c664b69ed955853ddd_ppc64le",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/ee-supported-rhel9@sha256:23ed9a9439c4651417dd96d62776ca40582b54fc5da2955a72b047608c0d6c42_amd64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel9@sha256:23ed9a9439c4651417dd96d62776ca40582b54fc5da2955a72b047608c0d6c42_amd64"
},
"product_reference": "ansible-automation-platform-24/ee-supported-rhel9@sha256:23ed9a9439c4651417dd96d62776ca40582b54fc5da2955a72b047608c0d6c42_amd64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/ee-supported-rhel9@sha256:32d97ab01d3f3df3212c3e949d2630709ae05e4d0c56aafd6a720827234cf3e9_arm64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel9@sha256:32d97ab01d3f3df3212c3e949d2630709ae05e4d0c56aafd6a720827234cf3e9_arm64"
},
"product_reference": "ansible-automation-platform-24/ee-supported-rhel9@sha256:32d97ab01d3f3df3212c3e949d2630709ae05e4d0c56aafd6a720827234cf3e9_arm64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/ee-supported-rhel9@sha256:e49a3d2b7456a55b603e78b8ddec27665b6a957f5ac479aad50123f3f9bb1d42_s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel9@sha256:e49a3d2b7456a55b603e78b8ddec27665b6a957f5ac479aad50123f3f9bb1d42_s390x"
},
"product_reference": "ansible-automation-platform-24/ee-supported-rhel9@sha256:e49a3d2b7456a55b603e78b8ddec27665b6a957f5ac479aad50123f3f9bb1d42_s390x",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-39325",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-10T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-billing-rhel8-operator@sha256:3151364d2c3359a253e6f95fe296ad9842bcf859a4d05e65abc1283f7646f986_amd64",
"8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-billing-rhel8@sha256:f650486925c3bb5ff56570543839ef8ab668c91bba11a30aeceba22b0cf25b3e_amd64",
"8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-metrics-collector-rhel8@sha256:738e8ad888db5fa2205b9eb809b25ee98b77b47e7cb009d7aef94e0ab09c9492_amd64",
"8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-ui-rhel8-operator@sha256:2826678e9aca4fc567567c36f0d7af6cc22ee85fcfb23d3552534712685d512d_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/aap-must-gather-rhel8@sha256:1ff8637546e4244650e7ad05e9e287c041198d4848a0834c4b505c73ec2adc40_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/aap-must-gather-rhel8@sha256:53a9a6779f8569b03faec060888f39d2d3f071d3a4af8269f66490abd8bfad7e_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/aap-must-gather-rhel8@sha256:ba77e7f17865da4d59f91b69ab58cbeafaa86debe50d2d6fb89e9812f4aed1c7_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/aap-must-gather-rhel8@sha256:d1730361a768cc0dc847958b872eac8befb5bcbe87d4fc18098b9ff4ed072cf3_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel8@sha256:0089971676a347149081311def7417185edfeac0fa0fb09bac556d1e4ac17971_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel8@sha256:0a5ae31195b5b32e8f0800a301ce0e1e282812af59c667c4b40af82a8ca09d62_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel8@sha256:73220bd2c0da0524f6eb6c7a88378ee9970a804a998f039fa14683cf5d7adf2f_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel8@sha256:9aa60f9acfd33709262f38091589521ef49674607e69a3baa6f3d9c9508a10fe_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel8@sha256:5cf9e0d8a0ad5b1492187b177751cede769b53dc830e5b1bc5dcdd110a71a397_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel8@sha256:6599eee6f2b0b8c08ea3dc49598f97aea3b53b456afcc410dd740c39bbfdcd63_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel8@sha256:697fa0ba756009f66eb78f1feb4f9597da4b2382644c76f7755d29dd70aecea2_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel8@sha256:dd8c5dc68cf8d71a563743040922540101be6c1b29c2f565e1352ece5b68377b_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:9273cfd468a23859d784dc3fbf2ad1abb04892e6a3f2ad55d8d2e7c623d0419f_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:99e842a1ca0ea2234c09a8a9466d936968ef36032c102e26fa761089528461e7_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:d2d4b79f72dfe3f646f27b2c35e5108ed3a3c867fd0b9c04d0193e6ec717ad75_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:d6ae7f3136a14984e33f46598f6e321ad72f3875e4c3f0a8c773e5046fb99f1a_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8-operator@sha256:013993b69238a181ef9be9c6cbd173f4af8280f6dc763e52a493e54e71069a01_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8-operator@sha256:07a798fdc9b88ce7332a1300475e3a56d439b55a7ad5e10fd8d4e036661841cd_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8-operator@sha256:2e252f02c2695856d19d90299e2f1cc2bf93d7304e48da306628b12f4d56b037_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8-operator@sha256:71dac652dd2a9588f1722c5147c8cc9cdb5c38d3cb3dc5a5e955c4cba6a3e57c_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8@sha256:11f4ad08d0d96223b17e08a5d07f0594d0d450fe94bd86ce6f57165d20eedfee_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8@sha256:6855d1b68735adde33f4ad83496e7ada4548e3fb1ad07cb7925dfb726d800da0_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8@sha256:c8fdd92c3c2c497ab1d4ba8c96759e8f2dfe7f023df6c5021dfed672c98d0621_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8@sha256:f346fa5d9a45ba329dc668e6a63672020fb579948b6c417ce76400e07ef928a5_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel8@sha256:1e2c70baa0950d9667715e4deda717db264ea07aaa097ed4c3e11025eb4c59a0_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel8@sha256:3407db77ac87aecdc3bd3d32294672192caadd5779858d9c1ca559eef0dcf431_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel8@sha256:6bf6294838abf4584f07500c9d61e7358d706f5754e1171e6a4184957e272d18_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel8@sha256:8c7d062a28b7e54510c1aa45598a6e7c0777962b0c5d1dd1eff77e2203aabc93_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel8@sha256:037b08f1cdf2bd0ba488ec02d6c4136171cadad65017f4331fb8e6d8b9ec8ffb_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel8@sha256:3abdaa6c02011ee543838612626d895980298d6e505e510f4a2b75e6ee0d6315_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel8@sha256:d4d8984a1e1191d58e402dfd9f7d80a1f3bf714b774cc0837809ccabbbbfdb03_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel8@sha256:dcdf4678c085dcb1014930901def587b01e780ce45a471f17a9c39de221b0757_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:4220b98f9d8e805a77a4a4ef95855b8f2c61467a02f686c7b547496831493746_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:683b9705958bb94e2f3fa8901c19ffd4d2a3967104fec3a969a46fa7e5702507_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:b533066a88203acca58a7355f379018eb270f0c932c35f8170e76bfe658ef84b_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:f9f8d32c2ab60ab6c30bfcdec7778f6eb67ba30015d9453afd67ab334c8c2fe5_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8@sha256:2bc05e35b21a826737e8bc523924d8137a531003d2ba2466243f4172708f2cbc_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8@sha256:3059b9a6c38deb5aac3fb60875214fe2dafe50cda028638816ec67741169ec73_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8@sha256:7d75552ba2d42b0f85695e9a71ff71dd781bce0452590d89c12a8fc9f1a501ff_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8@sha256:fd7e96d6b70e0a1b13f0f34e7f14d4de14d07f0db6c449c20e1211bc3982205e_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:56b46c50edef8f427dbc11d32c493ccc3b12df9dc9f553c2e8d3740313ae3cd1_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:7eeca90468dde408d820ffb7b530d0cef615fe6f4a7e852b47ff18028cc09ecc_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:88f5e52c33ca6ff00cb1fd37753a2b1f9e4b6b2a07977e68b71262a8d7a4c58b_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:ee508e6aaaf56c6ec9025d7650000a39a7b05319b570e6961eb72d20623793d9_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-29-rhel8@sha256:5685c052ba6b6d3eec7b7c740ba6b967e92f1fa22631dcf2fe048c57d16cf12a_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-cloud-services-rhel8@sha256:d0797635652c5d9044da6c9f3ecbcc174bf7a9823f1c72cde44830cfe4f5ff56_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-dellemc-openmanage-rhel8@sha256:628f7596505a9ab111cfcd1d3a1eb11e537dbf663d9b802e3cc94af8dbfa05d6_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-dellemc-openmanage-rhel8@sha256:894f470c00c9bffad51ba8e8aecac867345c6e3f90227d773699cf8ef25120eb_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel8@sha256:382c4b91e8c8b30b51d3168b4a16f7c75c96198f4699c301bd03d686c8e85ae7_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel8@sha256:5a2b269ebe2bbb5f27af823cc13c3ce06ade36f43480aa56d41d654d5ef139e3_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel8@sha256:63ea2ecffbf408183f3f37e4c1df4e3a77b9f4c0806d2ef3141d102470661e38_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel8@sha256:c4c7158dfc2c317c62aed28f6db21bc347aca92b8301a6cb932c1a5fbf3eac87_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel8@sha256:72098dcaf2cf2174557428f1121c5926b905dfaa0aad160d3064d171946f298e_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel8@sha256:97e133b817c1aac347642b414ca6cb108fec25434b945c398bae6763f1596c5e_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel8@sha256:a5641fd059a00dff89f846472bf2c139c15ac2908328b03f86ab67087a1dbcf4_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel8@sha256:adad7b24fba97c5649f320ebc72a6b6cbf280e552121a2081b0fe804b06ef78d_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8-operator@sha256:32fa50754404a12b4d4a58d4ef9def3f5e8225cb2cf1e56983df1677f621462e_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8-operator@sha256:ad9213450b9284c6e4323f9f8a5dfc42734ac95b67e5cd6a3afc3bd2945e993d_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8-operator@sha256:b3064c6ba7b2cf491ced94cd9b6545306cb7d59e2054a0d7042daaa3c062246e_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8-operator@sha256:f38fcf5efc4501f3111484cd9c5216f4014fcfd0088d4dd3ad6c14ad76dbe83a_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8@sha256:a27c12f79db64522884b304c30f40635c774f51596689670fd628f409a68663f_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8@sha256:ac2b684d7ac8e0b6f36fe2da22b2ed41bfb24f8e2f77e64117c186a3cdf2f21b_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8@sha256:df80c45631e780f58aaf85edddaf77ed82c0b41f0ad766db048615290eeb96a3_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8@sha256:fe2675bd2c51d62dfa3473653c00ddf55a1b64791f5029fe0b87087461b700a1_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-web-rhel8@sha256:01b5493444bc24c954ce86554d0ba8ca99b9db8c516901d0539e1b001ba78590_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-web-rhel8@sha256:0b7d67480c6a15e5a655573f2ac885d34df441978f8f595f8c4d9f5e93c052d1_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-web-rhel8@sha256:a44ffd3666281ab867c177915ddf48fdb59052a2d48f49284a598e8c80125d7b_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-web-rhel8@sha256:ff2db93490c489562bb8c37a247daf01e10c871e628b24cc4006dd2bd14473bb_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:13425b0194354a15d71f6bccd7b2e526ef4b2cd8c56b6aff91ebf4435bda20bc_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:893d04a458674590c81c2ef09fb222c36f47bee71ab3615d6bb73432c58d965b_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:964337aac284059c1abde17a9bd2c0d13fd5a149a91af19eb56944728f7f5584_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:9d429c6e5d72bf883362b1ae11f8b4ed3a9d468e77e2e29c8ff234df9e255db4_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:38bc442a6181a739b4c232d25abd7018dbce05083f3bf09ab7a071a3d2a4c7b4_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:8c80648871aee9d1c5450226d18b122a40fe188b1140fcb22800ecda41bb6343_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:cfbf2ddd1dce998575bf8e38cd38bbcc98b006ba918d5de8ea1621b5de4d3f67_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:de8830287e00c4062524ebc9e9a93896503101e6382f553c89cc0c1e7d15618f_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/cloud-addons-operator-bundle@sha256:bdc45dd15fcdf3d3956c6ddc2316a8e68490cc1d4249f95b01b231a0fb17debf_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/ee-containerized-installer-rhel8@sha256:797d37d3015ebbf5125f6e1d12d47774a276a42a3c18ccabab2bf1c466b001fd_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/ee-containerized-installer-rhel8@sha256:a4cdb956a90531672851a53c6691591c871513630c8d441b0061d0c187f62a99_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/platform-operator-bundle@sha256:5825e694ae618fd41f495a7d5b9f911da004a9649aa09ca66ad64d3812a884d9_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/platform-operator-bundle@sha256:8b8051faac5197c85088cdb2032576d7789ef251ffd8ea8fc2e525a199202ab0_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/platform-operator-bundle@sha256:d5d128596af42dddb7f3efa725050a35c07eae5e63a4bd8be7789857cf5d36f3_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/platform-operator-bundle@sha256:ecc912e9ab3146df86e7be7afbc077db49e74f913815c73521ae67893f452853_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel9@sha256:20092308c17687aa6059400af8d1772b8fe85207db9f9a5b6d259908e0b63aab_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel9@sha256:45ff186bff94f30a34c2fe59bc342d10bf47071567b9d09d1fa61bf08e72f1c4_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel9@sha256:a4a88494691f2fc7689d16a4da97a857e8b795e41ecf5fe09b09ebfc729511ce_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel9@sha256:eb2f2e5796823643b8b52b98976a04089cdc82ce32f3e4a348fc25dd12eff275_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel9@sha256:7ecc021d626a20acc20f73b28005c16a8d20c7640ec51dffdaff236440702172_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel9@sha256:8c34db5cc4c68c80db22a835c095d60e3988a3e6d1c82fb91cc8558b43a47b33_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel9@sha256:91f0cc9dd9261b7bff0484d3db8e499912fa1781aa71ad24c77d0809cccb03f4_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel9@sha256:cd96a0ece925ed1443c0797bc3baf992ed7ae087f5977df8728a4aab8940516f_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:035f8ce6c6f6ab88366d7d42ba587d75b60236433e01ce0349a40554ff0e1b05_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:11934bcc8a713da353d254164b6914b5769326534a2298f0ccb8642813da5f9a_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:b46fed769c86134a110f442dc56b0c8bfd0d469eb39649916db099f611ab3347_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:bc376892f777fade4e725e140ae195ee94bd2f3c8e97b86a2705cbe23fa1875e_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel9@sha256:7660d7f051c9ac00bf49f609bf1e24b8020d2cb8856b40cbecc13de54d55fed8_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel9@sha256:9b13ab56c30c5c77a21e00d2dfbad44f63c6ff7ac5acb6b8ba416f7fb2a0fc51_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel9@sha256:a562c54aa4ba7538aa2b1beab666cab689240f664f8c17bfd769560efbe3b626_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel9@sha256:f28e22e5da55ea626890aceb7ae4c391e192055a60a1beba9a98ac70ee1353ce_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel9@sha256:5bd5d0da12cc63b3221f508c203b0cde5b4628439d42c1a0303a31c217506936_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel9@sha256:da3031d8ff12b8df290c6da7c5451d0a797c24c0b2b0ce5cce943633d2352ee7_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel9@sha256:de1067b9be05a3acb9bb61458fb89e71acf01cad7a9439a638972bc0615a4d5a_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel9@sha256:f4fe61723e459bf8e8b8721cb463a89d77827f87ec835826b0866c617cb19ea7_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel9@sha256:49d5862f8abc4f05c837b26610604d32c07001af0a93993458b21e8f9adf534f_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel9@sha256:9bf9ff9e04832f353a8904f7f7826417abfe3891a927939a1cdfcfde30d1d10c_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel9@sha256:c35b05b413bc2090089219d476f0a1e2c56250fc09e190583e167bfcdce5bf35_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel9@sha256:d21ac96577006183a5cc592fb094cb2cf0f25aa687597d68984965ebcb1cb9a5_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel9@sha256:162dd2718a9d9fdf4e3558129a0a77094a7fd9731ab826c664b69ed955853ddd_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel9@sha256:23ed9a9439c4651417dd96d62776ca40582b54fc5da2955a72b047608c0d6c42_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel9@sha256:32d97ab01d3f3df3212c3e949d2630709ae05e4d0c56aafd6a720827234cf3e9_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel9@sha256:e49a3d2b7456a55b603e78b8ddec27665b6a957f5ac479aad50123f3f9bb1d42_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2243296"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE is related to CVE-2023-44487.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nAs go-lang vendors its dependencies, a package may contain a library with a known vulnerability, solely because of lower tier libraries including it as a part of its dependencies, but the vulnerable code is not reachable at runtime. In such cases the issue is not exploitable. We classify these situations as \u201cNot affected\u201d or \u201cWill not fix,\u201d depending on the risk of breaking other unrelated packages.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-ui-rhel8@sha256:0d0b96befa8957940d289d905517a6e2ef687cc28c9e68c29acb7813a90a13a6_amd64"
],
"known_not_affected": [
"8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-billing-rhel8-operator@sha256:3151364d2c3359a253e6f95fe296ad9842bcf859a4d05e65abc1283f7646f986_amd64",
"8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-billing-rhel8@sha256:f650486925c3bb5ff56570543839ef8ab668c91bba11a30aeceba22b0cf25b3e_amd64",
"8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-metrics-collector-rhel8@sha256:738e8ad888db5fa2205b9eb809b25ee98b77b47e7cb009d7aef94e0ab09c9492_amd64",
"8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-ui-rhel8-operator@sha256:2826678e9aca4fc567567c36f0d7af6cc22ee85fcfb23d3552534712685d512d_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/aap-must-gather-rhel8@sha256:1ff8637546e4244650e7ad05e9e287c041198d4848a0834c4b505c73ec2adc40_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/aap-must-gather-rhel8@sha256:53a9a6779f8569b03faec060888f39d2d3f071d3a4af8269f66490abd8bfad7e_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/aap-must-gather-rhel8@sha256:ba77e7f17865da4d59f91b69ab58cbeafaa86debe50d2d6fb89e9812f4aed1c7_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/aap-must-gather-rhel8@sha256:d1730361a768cc0dc847958b872eac8befb5bcbe87d4fc18098b9ff4ed072cf3_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel8@sha256:0089971676a347149081311def7417185edfeac0fa0fb09bac556d1e4ac17971_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel8@sha256:0a5ae31195b5b32e8f0800a301ce0e1e282812af59c667c4b40af82a8ca09d62_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel8@sha256:73220bd2c0da0524f6eb6c7a88378ee9970a804a998f039fa14683cf5d7adf2f_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel8@sha256:9aa60f9acfd33709262f38091589521ef49674607e69a3baa6f3d9c9508a10fe_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel8@sha256:5cf9e0d8a0ad5b1492187b177751cede769b53dc830e5b1bc5dcdd110a71a397_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel8@sha256:6599eee6f2b0b8c08ea3dc49598f97aea3b53b456afcc410dd740c39bbfdcd63_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel8@sha256:697fa0ba756009f66eb78f1feb4f9597da4b2382644c76f7755d29dd70aecea2_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel8@sha256:dd8c5dc68cf8d71a563743040922540101be6c1b29c2f565e1352ece5b68377b_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:9273cfd468a23859d784dc3fbf2ad1abb04892e6a3f2ad55d8d2e7c623d0419f_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:99e842a1ca0ea2234c09a8a9466d936968ef36032c102e26fa761089528461e7_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:d2d4b79f72dfe3f646f27b2c35e5108ed3a3c867fd0b9c04d0193e6ec717ad75_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:d6ae7f3136a14984e33f46598f6e321ad72f3875e4c3f0a8c773e5046fb99f1a_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8-operator@sha256:013993b69238a181ef9be9c6cbd173f4af8280f6dc763e52a493e54e71069a01_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8-operator@sha256:07a798fdc9b88ce7332a1300475e3a56d439b55a7ad5e10fd8d4e036661841cd_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8-operator@sha256:2e252f02c2695856d19d90299e2f1cc2bf93d7304e48da306628b12f4d56b037_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8-operator@sha256:71dac652dd2a9588f1722c5147c8cc9cdb5c38d3cb3dc5a5e955c4cba6a3e57c_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8@sha256:11f4ad08d0d96223b17e08a5d07f0594d0d450fe94bd86ce6f57165d20eedfee_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8@sha256:6855d1b68735adde33f4ad83496e7ada4548e3fb1ad07cb7925dfb726d800da0_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8@sha256:c8fdd92c3c2c497ab1d4ba8c96759e8f2dfe7f023df6c5021dfed672c98d0621_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8@sha256:f346fa5d9a45ba329dc668e6a63672020fb579948b6c417ce76400e07ef928a5_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel8@sha256:1e2c70baa0950d9667715e4deda717db264ea07aaa097ed4c3e11025eb4c59a0_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel8@sha256:3407db77ac87aecdc3bd3d32294672192caadd5779858d9c1ca559eef0dcf431_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel8@sha256:6bf6294838abf4584f07500c9d61e7358d706f5754e1171e6a4184957e272d18_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel8@sha256:8c7d062a28b7e54510c1aa45598a6e7c0777962b0c5d1dd1eff77e2203aabc93_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel8@sha256:037b08f1cdf2bd0ba488ec02d6c4136171cadad65017f4331fb8e6d8b9ec8ffb_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel8@sha256:3abdaa6c02011ee543838612626d895980298d6e505e510f4a2b75e6ee0d6315_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel8@sha256:d4d8984a1e1191d58e402dfd9f7d80a1f3bf714b774cc0837809ccabbbbfdb03_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel8@sha256:dcdf4678c085dcb1014930901def587b01e780ce45a471f17a9c39de221b0757_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:4220b98f9d8e805a77a4a4ef95855b8f2c61467a02f686c7b547496831493746_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:683b9705958bb94e2f3fa8901c19ffd4d2a3967104fec3a969a46fa7e5702507_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:b533066a88203acca58a7355f379018eb270f0c932c35f8170e76bfe658ef84b_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:f9f8d32c2ab60ab6c30bfcdec7778f6eb67ba30015d9453afd67ab334c8c2fe5_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8@sha256:2bc05e35b21a826737e8bc523924d8137a531003d2ba2466243f4172708f2cbc_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8@sha256:3059b9a6c38deb5aac3fb60875214fe2dafe50cda028638816ec67741169ec73_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8@sha256:7d75552ba2d42b0f85695e9a71ff71dd781bce0452590d89c12a8fc9f1a501ff_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8@sha256:fd7e96d6b70e0a1b13f0f34e7f14d4de14d07f0db6c449c20e1211bc3982205e_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:56b46c50edef8f427dbc11d32c493ccc3b12df9dc9f553c2e8d3740313ae3cd1_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:7eeca90468dde408d820ffb7b530d0cef615fe6f4a7e852b47ff18028cc09ecc_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:88f5e52c33ca6ff00cb1fd37753a2b1f9e4b6b2a07977e68b71262a8d7a4c58b_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:ee508e6aaaf56c6ec9025d7650000a39a7b05319b570e6961eb72d20623793d9_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-29-rhel8@sha256:5685c052ba6b6d3eec7b7c740ba6b967e92f1fa22631dcf2fe048c57d16cf12a_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-cloud-services-rhel8@sha256:d0797635652c5d9044da6c9f3ecbcc174bf7a9823f1c72cde44830cfe4f5ff56_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-dellemc-openmanage-rhel8@sha256:628f7596505a9ab111cfcd1d3a1eb11e537dbf663d9b802e3cc94af8dbfa05d6_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-dellemc-openmanage-rhel8@sha256:894f470c00c9bffad51ba8e8aecac867345c6e3f90227d773699cf8ef25120eb_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel8@sha256:382c4b91e8c8b30b51d3168b4a16f7c75c96198f4699c301bd03d686c8e85ae7_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel8@sha256:5a2b269ebe2bbb5f27af823cc13c3ce06ade36f43480aa56d41d654d5ef139e3_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel8@sha256:63ea2ecffbf408183f3f37e4c1df4e3a77b9f4c0806d2ef3141d102470661e38_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel8@sha256:c4c7158dfc2c317c62aed28f6db21bc347aca92b8301a6cb932c1a5fbf3eac87_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel8@sha256:72098dcaf2cf2174557428f1121c5926b905dfaa0aad160d3064d171946f298e_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel8@sha256:97e133b817c1aac347642b414ca6cb108fec25434b945c398bae6763f1596c5e_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel8@sha256:a5641fd059a00dff89f846472bf2c139c15ac2908328b03f86ab67087a1dbcf4_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel8@sha256:adad7b24fba97c5649f320ebc72a6b6cbf280e552121a2081b0fe804b06ef78d_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8-operator@sha256:32fa50754404a12b4d4a58d4ef9def3f5e8225cb2cf1e56983df1677f621462e_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8-operator@sha256:ad9213450b9284c6e4323f9f8a5dfc42734ac95b67e5cd6a3afc3bd2945e993d_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8-operator@sha256:b3064c6ba7b2cf491ced94cd9b6545306cb7d59e2054a0d7042daaa3c062246e_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8-operator@sha256:f38fcf5efc4501f3111484cd9c5216f4014fcfd0088d4dd3ad6c14ad76dbe83a_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8@sha256:a27c12f79db64522884b304c30f40635c774f51596689670fd628f409a68663f_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8@sha256:ac2b684d7ac8e0b6f36fe2da22b2ed41bfb24f8e2f77e64117c186a3cdf2f21b_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8@sha256:df80c45631e780f58aaf85edddaf77ed82c0b41f0ad766db048615290eeb96a3_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8@sha256:fe2675bd2c51d62dfa3473653c00ddf55a1b64791f5029fe0b87087461b700a1_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-web-rhel8@sha256:01b5493444bc24c954ce86554d0ba8ca99b9db8c516901d0539e1b001ba78590_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-web-rhel8@sha256:0b7d67480c6a15e5a655573f2ac885d34df441978f8f595f8c4d9f5e93c052d1_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-web-rhel8@sha256:a44ffd3666281ab867c177915ddf48fdb59052a2d48f49284a598e8c80125d7b_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-web-rhel8@sha256:ff2db93490c489562bb8c37a247daf01e10c871e628b24cc4006dd2bd14473bb_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:13425b0194354a15d71f6bccd7b2e526ef4b2cd8c56b6aff91ebf4435bda20bc_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:893d04a458674590c81c2ef09fb222c36f47bee71ab3615d6bb73432c58d965b_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:964337aac284059c1abde17a9bd2c0d13fd5a149a91af19eb56944728f7f5584_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:9d429c6e5d72bf883362b1ae11f8b4ed3a9d468e77e2e29c8ff234df9e255db4_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:38bc442a6181a739b4c232d25abd7018dbce05083f3bf09ab7a071a3d2a4c7b4_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:8c80648871aee9d1c5450226d18b122a40fe188b1140fcb22800ecda41bb6343_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:cfbf2ddd1dce998575bf8e38cd38bbcc98b006ba918d5de8ea1621b5de4d3f67_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:de8830287e00c4062524ebc9e9a93896503101e6382f553c89cc0c1e7d15618f_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/cloud-addons-operator-bundle@sha256:bdc45dd15fcdf3d3956c6ddc2316a8e68490cc1d4249f95b01b231a0fb17debf_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/ee-containerized-installer-rhel8@sha256:797d37d3015ebbf5125f6e1d12d47774a276a42a3c18ccabab2bf1c466b001fd_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/ee-containerized-installer-rhel8@sha256:a4cdb956a90531672851a53c6691591c871513630c8d441b0061d0c187f62a99_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/platform-operator-bundle@sha256:5825e694ae618fd41f495a7d5b9f911da004a9649aa09ca66ad64d3812a884d9_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/platform-operator-bundle@sha256:8b8051faac5197c85088cdb2032576d7789ef251ffd8ea8fc2e525a199202ab0_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/platform-operator-bundle@sha256:d5d128596af42dddb7f3efa725050a35c07eae5e63a4bd8be7789857cf5d36f3_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/platform-operator-bundle@sha256:ecc912e9ab3146df86e7be7afbc077db49e74f913815c73521ae67893f452853_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel9@sha256:20092308c17687aa6059400af8d1772b8fe85207db9f9a5b6d259908e0b63aab_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel9@sha256:45ff186bff94f30a34c2fe59bc342d10bf47071567b9d09d1fa61bf08e72f1c4_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel9@sha256:a4a88494691f2fc7689d16a4da97a857e8b795e41ecf5fe09b09ebfc729511ce_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel9@sha256:eb2f2e5796823643b8b52b98976a04089cdc82ce32f3e4a348fc25dd12eff275_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel9@sha256:7ecc021d626a20acc20f73b28005c16a8d20c7640ec51dffdaff236440702172_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel9@sha256:8c34db5cc4c68c80db22a835c095d60e3988a3e6d1c82fb91cc8558b43a47b33_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel9@sha256:91f0cc9dd9261b7bff0484d3db8e499912fa1781aa71ad24c77d0809cccb03f4_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel9@sha256:cd96a0ece925ed1443c0797bc3baf992ed7ae087f5977df8728a4aab8940516f_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:035f8ce6c6f6ab88366d7d42ba587d75b60236433e01ce0349a40554ff0e1b05_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:11934bcc8a713da353d254164b6914b5769326534a2298f0ccb8642813da5f9a_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:b46fed769c86134a110f442dc56b0c8bfd0d469eb39649916db099f611ab3347_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:bc376892f777fade4e725e140ae195ee94bd2f3c8e97b86a2705cbe23fa1875e_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel9@sha256:7660d7f051c9ac00bf49f609bf1e24b8020d2cb8856b40cbecc13de54d55fed8_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel9@sha256:9b13ab56c30c5c77a21e00d2dfbad44f63c6ff7ac5acb6b8ba416f7fb2a0fc51_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel9@sha256:a562c54aa4ba7538aa2b1beab666cab689240f664f8c17bfd769560efbe3b626_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel9@sha256:f28e22e5da55ea626890aceb7ae4c391e192055a60a1beba9a98ac70ee1353ce_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel9@sha256:5bd5d0da12cc63b3221f508c203b0cde5b4628439d42c1a0303a31c217506936_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel9@sha256:da3031d8ff12b8df290c6da7c5451d0a797c24c0b2b0ce5cce943633d2352ee7_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel9@sha256:de1067b9be05a3acb9bb61458fb89e71acf01cad7a9439a638972bc0615a4d5a_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel9@sha256:f4fe61723e459bf8e8b8721cb463a89d77827f87ec835826b0866c617cb19ea7_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel9@sha256:49d5862f8abc4f05c837b26610604d32c07001af0a93993458b21e8f9adf534f_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel9@sha256:9bf9ff9e04832f353a8904f7f7826417abfe3891a927939a1cdfcfde30d1d10c_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel9@sha256:c35b05b413bc2090089219d476f0a1e2c56250fc09e190583e167bfcdce5bf35_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel9@sha256:d21ac96577006183a5cc592fb094cb2cf0f25aa687597d68984965ebcb1cb9a5_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel9@sha256:162dd2718a9d9fdf4e3558129a0a77094a7fd9731ab826c664b69ed955853ddd_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel9@sha256:23ed9a9439c4651417dd96d62776ca40582b54fc5da2955a72b047608c0d6c42_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel9@sha256:32d97ab01d3f3df3212c3e949d2630709ae05e4d0c56aafd6a720827234cf3e9_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel9@sha256:e49a3d2b7456a55b603e78b8ddec27665b6a957f5ac479aad50123f3f9bb1d42_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39325"
},
{
"category": "external",
"summary": "RHBZ#2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2023-44487",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://go.dev/issue/63417",
"url": "https://go.dev/issue/63417"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-17T19:03:49+00:00",
"details": "Red Hat Ansible Automation Platform",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-ui-rhel8@sha256:0d0b96befa8957940d289d905517a6e2ef687cc28c9e68c29acb7813a90a13a6_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2023:5806"
},
{
"category": "workaround",
"details": "The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-billing-rhel8-operator@sha256:3151364d2c3359a253e6f95fe296ad9842bcf859a4d05e65abc1283f7646f986_amd64",
"8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-billing-rhel8@sha256:f650486925c3bb5ff56570543839ef8ab668c91bba11a30aeceba22b0cf25b3e_amd64",
"8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-metrics-collector-rhel8@sha256:738e8ad888db5fa2205b9eb809b25ee98b77b47e7cb009d7aef94e0ab09c9492_amd64",
"8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-ui-rhel8-operator@sha256:2826678e9aca4fc567567c36f0d7af6cc22ee85fcfb23d3552534712685d512d_amd64",
"8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-ui-rhel8@sha256:0d0b96befa8957940d289d905517a6e2ef687cc28c9e68c29acb7813a90a13a6_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/aap-must-gather-rhel8@sha256:1ff8637546e4244650e7ad05e9e287c041198d4848a0834c4b505c73ec2adc40_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/aap-must-gather-rhel8@sha256:53a9a6779f8569b03faec060888f39d2d3f071d3a4af8269f66490abd8bfad7e_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/aap-must-gather-rhel8@sha256:ba77e7f17865da4d59f91b69ab58cbeafaa86debe50d2d6fb89e9812f4aed1c7_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/aap-must-gather-rhel8@sha256:d1730361a768cc0dc847958b872eac8befb5bcbe87d4fc18098b9ff4ed072cf3_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel8@sha256:0089971676a347149081311def7417185edfeac0fa0fb09bac556d1e4ac17971_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel8@sha256:0a5ae31195b5b32e8f0800a301ce0e1e282812af59c667c4b40af82a8ca09d62_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel8@sha256:73220bd2c0da0524f6eb6c7a88378ee9970a804a998f039fa14683cf5d7adf2f_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel8@sha256:9aa60f9acfd33709262f38091589521ef49674607e69a3baa6f3d9c9508a10fe_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel8@sha256:5cf9e0d8a0ad5b1492187b177751cede769b53dc830e5b1bc5dcdd110a71a397_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel8@sha256:6599eee6f2b0b8c08ea3dc49598f97aea3b53b456afcc410dd740c39bbfdcd63_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel8@sha256:697fa0ba756009f66eb78f1feb4f9597da4b2382644c76f7755d29dd70aecea2_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel8@sha256:dd8c5dc68cf8d71a563743040922540101be6c1b29c2f565e1352ece5b68377b_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:9273cfd468a23859d784dc3fbf2ad1abb04892e6a3f2ad55d8d2e7c623d0419f_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:99e842a1ca0ea2234c09a8a9466d936968ef36032c102e26fa761089528461e7_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:d2d4b79f72dfe3f646f27b2c35e5108ed3a3c867fd0b9c04d0193e6ec717ad75_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:d6ae7f3136a14984e33f46598f6e321ad72f3875e4c3f0a8c773e5046fb99f1a_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8-operator@sha256:013993b69238a181ef9be9c6cbd173f4af8280f6dc763e52a493e54e71069a01_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8-operator@sha256:07a798fdc9b88ce7332a1300475e3a56d439b55a7ad5e10fd8d4e036661841cd_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8-operator@sha256:2e252f02c2695856d19d90299e2f1cc2bf93d7304e48da306628b12f4d56b037_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8-operator@sha256:71dac652dd2a9588f1722c5147c8cc9cdb5c38d3cb3dc5a5e955c4cba6a3e57c_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8@sha256:11f4ad08d0d96223b17e08a5d07f0594d0d450fe94bd86ce6f57165d20eedfee_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8@sha256:6855d1b68735adde33f4ad83496e7ada4548e3fb1ad07cb7925dfb726d800da0_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8@sha256:c8fdd92c3c2c497ab1d4ba8c96759e8f2dfe7f023df6c5021dfed672c98d0621_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8@sha256:f346fa5d9a45ba329dc668e6a63672020fb579948b6c417ce76400e07ef928a5_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel8@sha256:1e2c70baa0950d9667715e4deda717db264ea07aaa097ed4c3e11025eb4c59a0_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel8@sha256:3407db77ac87aecdc3bd3d32294672192caadd5779858d9c1ca559eef0dcf431_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel8@sha256:6bf6294838abf4584f07500c9d61e7358d706f5754e1171e6a4184957e272d18_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel8@sha256:8c7d062a28b7e54510c1aa45598a6e7c0777962b0c5d1dd1eff77e2203aabc93_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel8@sha256:037b08f1cdf2bd0ba488ec02d6c4136171cadad65017f4331fb8e6d8b9ec8ffb_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel8@sha256:3abdaa6c02011ee543838612626d895980298d6e505e510f4a2b75e6ee0d6315_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel8@sha256:d4d8984a1e1191d58e402dfd9f7d80a1f3bf714b774cc0837809ccabbbbfdb03_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel8@sha256:dcdf4678c085dcb1014930901def587b01e780ce45a471f17a9c39de221b0757_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:4220b98f9d8e805a77a4a4ef95855b8f2c61467a02f686c7b547496831493746_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:683b9705958bb94e2f3fa8901c19ffd4d2a3967104fec3a969a46fa7e5702507_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:b533066a88203acca58a7355f379018eb270f0c932c35f8170e76bfe658ef84b_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:f9f8d32c2ab60ab6c30bfcdec7778f6eb67ba30015d9453afd67ab334c8c2fe5_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8@sha256:2bc05e35b21a826737e8bc523924d8137a531003d2ba2466243f4172708f2cbc_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8@sha256:3059b9a6c38deb5aac3fb60875214fe2dafe50cda028638816ec67741169ec73_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8@sha256:7d75552ba2d42b0f85695e9a71ff71dd781bce0452590d89c12a8fc9f1a501ff_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8@sha256:fd7e96d6b70e0a1b13f0f34e7f14d4de14d07f0db6c449c20e1211bc3982205e_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:56b46c50edef8f427dbc11d32c493ccc3b12df9dc9f553c2e8d3740313ae3cd1_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:7eeca90468dde408d820ffb7b530d0cef615fe6f4a7e852b47ff18028cc09ecc_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:88f5e52c33ca6ff00cb1fd37753a2b1f9e4b6b2a07977e68b71262a8d7a4c58b_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:ee508e6aaaf56c6ec9025d7650000a39a7b05319b570e6961eb72d20623793d9_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-29-rhel8@sha256:5685c052ba6b6d3eec7b7c740ba6b967e92f1fa22631dcf2fe048c57d16cf12a_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-cloud-services-rhel8@sha256:d0797635652c5d9044da6c9f3ecbcc174bf7a9823f1c72cde44830cfe4f5ff56_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-dellemc-openmanage-rhel8@sha256:628f7596505a9ab111cfcd1d3a1eb11e537dbf663d9b802e3cc94af8dbfa05d6_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-dellemc-openmanage-rhel8@sha256:894f470c00c9bffad51ba8e8aecac867345c6e3f90227d773699cf8ef25120eb_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel8@sha256:382c4b91e8c8b30b51d3168b4a16f7c75c96198f4699c301bd03d686c8e85ae7_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel8@sha256:5a2b269ebe2bbb5f27af823cc13c3ce06ade36f43480aa56d41d654d5ef139e3_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel8@sha256:63ea2ecffbf408183f3f37e4c1df4e3a77b9f4c0806d2ef3141d102470661e38_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel8@sha256:c4c7158dfc2c317c62aed28f6db21bc347aca92b8301a6cb932c1a5fbf3eac87_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel8@sha256:72098dcaf2cf2174557428f1121c5926b905dfaa0aad160d3064d171946f298e_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel8@sha256:97e133b817c1aac347642b414ca6cb108fec25434b945c398bae6763f1596c5e_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel8@sha256:a5641fd059a00dff89f846472bf2c139c15ac2908328b03f86ab67087a1dbcf4_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel8@sha256:adad7b24fba97c5649f320ebc72a6b6cbf280e552121a2081b0fe804b06ef78d_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8-operator@sha256:32fa50754404a12b4d4a58d4ef9def3f5e8225cb2cf1e56983df1677f621462e_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8-operator@sha256:ad9213450b9284c6e4323f9f8a5dfc42734ac95b67e5cd6a3afc3bd2945e993d_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8-operator@sha256:b3064c6ba7b2cf491ced94cd9b6545306cb7d59e2054a0d7042daaa3c062246e_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8-operator@sha256:f38fcf5efc4501f3111484cd9c5216f4014fcfd0088d4dd3ad6c14ad76dbe83a_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8@sha256:a27c12f79db64522884b304c30f40635c774f51596689670fd628f409a68663f_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8@sha256:ac2b684d7ac8e0b6f36fe2da22b2ed41bfb24f8e2f77e64117c186a3cdf2f21b_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8@sha256:df80c45631e780f58aaf85edddaf77ed82c0b41f0ad766db048615290eeb96a3_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8@sha256:fe2675bd2c51d62dfa3473653c00ddf55a1b64791f5029fe0b87087461b700a1_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-web-rhel8@sha256:01b5493444bc24c954ce86554d0ba8ca99b9db8c516901d0539e1b001ba78590_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-web-rhel8@sha256:0b7d67480c6a15e5a655573f2ac885d34df441978f8f595f8c4d9f5e93c052d1_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-web-rhel8@sha256:a44ffd3666281ab867c177915ddf48fdb59052a2d48f49284a598e8c80125d7b_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-web-rhel8@sha256:ff2db93490c489562bb8c37a247daf01e10c871e628b24cc4006dd2bd14473bb_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:13425b0194354a15d71f6bccd7b2e526ef4b2cd8c56b6aff91ebf4435bda20bc_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:893d04a458674590c81c2ef09fb222c36f47bee71ab3615d6bb73432c58d965b_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:964337aac284059c1abde17a9bd2c0d13fd5a149a91af19eb56944728f7f5584_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:9d429c6e5d72bf883362b1ae11f8b4ed3a9d468e77e2e29c8ff234df9e255db4_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:38bc442a6181a739b4c232d25abd7018dbce05083f3bf09ab7a071a3d2a4c7b4_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:8c80648871aee9d1c5450226d18b122a40fe188b1140fcb22800ecda41bb6343_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:cfbf2ddd1dce998575bf8e38cd38bbcc98b006ba918d5de8ea1621b5de4d3f67_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:de8830287e00c4062524ebc9e9a93896503101e6382f553c89cc0c1e7d15618f_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/cloud-addons-operator-bundle@sha256:bdc45dd15fcdf3d3956c6ddc2316a8e68490cc1d4249f95b01b231a0fb17debf_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/ee-containerized-installer-rhel8@sha256:797d37d3015ebbf5125f6e1d12d47774a276a42a3c18ccabab2bf1c466b001fd_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/ee-containerized-installer-rhel8@sha256:a4cdb956a90531672851a53c6691591c871513630c8d441b0061d0c187f62a99_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/platform-operator-bundle@sha256:5825e694ae618fd41f495a7d5b9f911da004a9649aa09ca66ad64d3812a884d9_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/platform-operator-bundle@sha256:8b8051faac5197c85088cdb2032576d7789ef251ffd8ea8fc2e525a199202ab0_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/platform-operator-bundle@sha256:d5d128596af42dddb7f3efa725050a35c07eae5e63a4bd8be7789857cf5d36f3_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/platform-operator-bundle@sha256:ecc912e9ab3146df86e7be7afbc077db49e74f913815c73521ae67893f452853_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel9@sha256:20092308c17687aa6059400af8d1772b8fe85207db9f9a5b6d259908e0b63aab_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel9@sha256:45ff186bff94f30a34c2fe59bc342d10bf47071567b9d09d1fa61bf08e72f1c4_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel9@sha256:a4a88494691f2fc7689d16a4da97a857e8b795e41ecf5fe09b09ebfc729511ce_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel9@sha256:eb2f2e5796823643b8b52b98976a04089cdc82ce32f3e4a348fc25dd12eff275_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel9@sha256:7ecc021d626a20acc20f73b28005c16a8d20c7640ec51dffdaff236440702172_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel9@sha256:8c34db5cc4c68c80db22a835c095d60e3988a3e6d1c82fb91cc8558b43a47b33_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel9@sha256:91f0cc9dd9261b7bff0484d3db8e499912fa1781aa71ad24c77d0809cccb03f4_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel9@sha256:cd96a0ece925ed1443c0797bc3baf992ed7ae087f5977df8728a4aab8940516f_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:035f8ce6c6f6ab88366d7d42ba587d75b60236433e01ce0349a40554ff0e1b05_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:11934bcc8a713da353d254164b6914b5769326534a2298f0ccb8642813da5f9a_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:b46fed769c86134a110f442dc56b0c8bfd0d469eb39649916db099f611ab3347_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:bc376892f777fade4e725e140ae195ee94bd2f3c8e97b86a2705cbe23fa1875e_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel9@sha256:7660d7f051c9ac00bf49f609bf1e24b8020d2cb8856b40cbecc13de54d55fed8_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel9@sha256:9b13ab56c30c5c77a21e00d2dfbad44f63c6ff7ac5acb6b8ba416f7fb2a0fc51_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel9@sha256:a562c54aa4ba7538aa2b1beab666cab689240f664f8c17bfd769560efbe3b626_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel9@sha256:f28e22e5da55ea626890aceb7ae4c391e192055a60a1beba9a98ac70ee1353ce_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel9@sha256:5bd5d0da12cc63b3221f508c203b0cde5b4628439d42c1a0303a31c217506936_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel9@sha256:da3031d8ff12b8df290c6da7c5451d0a797c24c0b2b0ce5cce943633d2352ee7_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel9@sha256:de1067b9be05a3acb9bb61458fb89e71acf01cad7a9439a638972bc0615a4d5a_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel9@sha256:f4fe61723e459bf8e8b8721cb463a89d77827f87ec835826b0866c617cb19ea7_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel9@sha256:49d5862f8abc4f05c837b26610604d32c07001af0a93993458b21e8f9adf534f_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel9@sha256:9bf9ff9e04832f353a8904f7f7826417abfe3891a927939a1cdfcfde30d1d10c_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel9@sha256:c35b05b413bc2090089219d476f0a1e2c56250fc09e190583e167bfcdce5bf35_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel9@sha256:d21ac96577006183a5cc592fb094cb2cf0f25aa687597d68984965ebcb1cb9a5_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel9@sha256:162dd2718a9d9fdf4e3558129a0a77094a7fd9731ab826c664b69ed955853ddd_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel9@sha256:23ed9a9439c4651417dd96d62776ca40582b54fc5da2955a72b047608c0d6c42_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel9@sha256:32d97ab01d3f3df3212c3e949d2630709ae05e4d0c56aafd6a720827234cf3e9_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel9@sha256:e49a3d2b7456a55b603e78b8ddec27665b6a957f5ac479aad50123f3f9bb1d42_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-billing-rhel8-operator@sha256:3151364d2c3359a253e6f95fe296ad9842bcf859a4d05e65abc1283f7646f986_amd64",
"8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-billing-rhel8@sha256:f650486925c3bb5ff56570543839ef8ab668c91bba11a30aeceba22b0cf25b3e_amd64",
"8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-metrics-collector-rhel8@sha256:738e8ad888db5fa2205b9eb809b25ee98b77b47e7cb009d7aef94e0ab09c9492_amd64",
"8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-ui-rhel8-operator@sha256:2826678e9aca4fc567567c36f0d7af6cc22ee85fcfb23d3552534712685d512d_amd64",
"8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-ui-rhel8@sha256:0d0b96befa8957940d289d905517a6e2ef687cc28c9e68c29acb7813a90a13a6_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/aap-must-gather-rhel8@sha256:1ff8637546e4244650e7ad05e9e287c041198d4848a0834c4b505c73ec2adc40_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/aap-must-gather-rhel8@sha256:53a9a6779f8569b03faec060888f39d2d3f071d3a4af8269f66490abd8bfad7e_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/aap-must-gather-rhel8@sha256:ba77e7f17865da4d59f91b69ab58cbeafaa86debe50d2d6fb89e9812f4aed1c7_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/aap-must-gather-rhel8@sha256:d1730361a768cc0dc847958b872eac8befb5bcbe87d4fc18098b9ff4ed072cf3_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel8@sha256:0089971676a347149081311def7417185edfeac0fa0fb09bac556d1e4ac17971_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel8@sha256:0a5ae31195b5b32e8f0800a301ce0e1e282812af59c667c4b40af82a8ca09d62_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel8@sha256:73220bd2c0da0524f6eb6c7a88378ee9970a804a998f039fa14683cf5d7adf2f_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel8@sha256:9aa60f9acfd33709262f38091589521ef49674607e69a3baa6f3d9c9508a10fe_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel8@sha256:5cf9e0d8a0ad5b1492187b177751cede769b53dc830e5b1bc5dcdd110a71a397_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel8@sha256:6599eee6f2b0b8c08ea3dc49598f97aea3b53b456afcc410dd740c39bbfdcd63_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel8@sha256:697fa0ba756009f66eb78f1feb4f9597da4b2382644c76f7755d29dd70aecea2_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel8@sha256:dd8c5dc68cf8d71a563743040922540101be6c1b29c2f565e1352ece5b68377b_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:9273cfd468a23859d784dc3fbf2ad1abb04892e6a3f2ad55d8d2e7c623d0419f_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:99e842a1ca0ea2234c09a8a9466d936968ef36032c102e26fa761089528461e7_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:d2d4b79f72dfe3f646f27b2c35e5108ed3a3c867fd0b9c04d0193e6ec717ad75_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:d6ae7f3136a14984e33f46598f6e321ad72f3875e4c3f0a8c773e5046fb99f1a_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8-operator@sha256:013993b69238a181ef9be9c6cbd173f4af8280f6dc763e52a493e54e71069a01_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8-operator@sha256:07a798fdc9b88ce7332a1300475e3a56d439b55a7ad5e10fd8d4e036661841cd_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8-operator@sha256:2e252f02c2695856d19d90299e2f1cc2bf93d7304e48da306628b12f4d56b037_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8-operator@sha256:71dac652dd2a9588f1722c5147c8cc9cdb5c38d3cb3dc5a5e955c4cba6a3e57c_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8@sha256:11f4ad08d0d96223b17e08a5d07f0594d0d450fe94bd86ce6f57165d20eedfee_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8@sha256:6855d1b68735adde33f4ad83496e7ada4548e3fb1ad07cb7925dfb726d800da0_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8@sha256:c8fdd92c3c2c497ab1d4ba8c96759e8f2dfe7f023df6c5021dfed672c98d0621_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8@sha256:f346fa5d9a45ba329dc668e6a63672020fb579948b6c417ce76400e07ef928a5_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel8@sha256:1e2c70baa0950d9667715e4deda717db264ea07aaa097ed4c3e11025eb4c59a0_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel8@sha256:3407db77ac87aecdc3bd3d32294672192caadd5779858d9c1ca559eef0dcf431_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel8@sha256:6bf6294838abf4584f07500c9d61e7358d706f5754e1171e6a4184957e272d18_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel8@sha256:8c7d062a28b7e54510c1aa45598a6e7c0777962b0c5d1dd1eff77e2203aabc93_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel8@sha256:037b08f1cdf2bd0ba488ec02d6c4136171cadad65017f4331fb8e6d8b9ec8ffb_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel8@sha256:3abdaa6c02011ee543838612626d895980298d6e505e510f4a2b75e6ee0d6315_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel8@sha256:d4d8984a1e1191d58e402dfd9f7d80a1f3bf714b774cc0837809ccabbbbfdb03_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel8@sha256:dcdf4678c085dcb1014930901def587b01e780ce45a471f17a9c39de221b0757_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:4220b98f9d8e805a77a4a4ef95855b8f2c61467a02f686c7b547496831493746_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:683b9705958bb94e2f3fa8901c19ffd4d2a3967104fec3a969a46fa7e5702507_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:b533066a88203acca58a7355f379018eb270f0c932c35f8170e76bfe658ef84b_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:f9f8d32c2ab60ab6c30bfcdec7778f6eb67ba30015d9453afd67ab334c8c2fe5_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8@sha256:2bc05e35b21a826737e8bc523924d8137a531003d2ba2466243f4172708f2cbc_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8@sha256:3059b9a6c38deb5aac3fb60875214fe2dafe50cda028638816ec67741169ec73_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8@sha256:7d75552ba2d42b0f85695e9a71ff71dd781bce0452590d89c12a8fc9f1a501ff_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8@sha256:fd7e96d6b70e0a1b13f0f34e7f14d4de14d07f0db6c449c20e1211bc3982205e_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:56b46c50edef8f427dbc11d32c493ccc3b12df9dc9f553c2e8d3740313ae3cd1_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:7eeca90468dde408d820ffb7b530d0cef615fe6f4a7e852b47ff18028cc09ecc_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:88f5e52c33ca6ff00cb1fd37753a2b1f9e4b6b2a07977e68b71262a8d7a4c58b_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:ee508e6aaaf56c6ec9025d7650000a39a7b05319b570e6961eb72d20623793d9_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-29-rhel8@sha256:5685c052ba6b6d3eec7b7c740ba6b967e92f1fa22631dcf2fe048c57d16cf12a_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-cloud-services-rhel8@sha256:d0797635652c5d9044da6c9f3ecbcc174bf7a9823f1c72cde44830cfe4f5ff56_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-dellemc-openmanage-rhel8@sha256:628f7596505a9ab111cfcd1d3a1eb11e537dbf663d9b802e3cc94af8dbfa05d6_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-dellemc-openmanage-rhel8@sha256:894f470c00c9bffad51ba8e8aecac867345c6e3f90227d773699cf8ef25120eb_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel8@sha256:382c4b91e8c8b30b51d3168b4a16f7c75c96198f4699c301bd03d686c8e85ae7_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel8@sha256:5a2b269ebe2bbb5f27af823cc13c3ce06ade36f43480aa56d41d654d5ef139e3_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel8@sha256:63ea2ecffbf408183f3f37e4c1df4e3a77b9f4c0806d2ef3141d102470661e38_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel8@sha256:c4c7158dfc2c317c62aed28f6db21bc347aca92b8301a6cb932c1a5fbf3eac87_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel8@sha256:72098dcaf2cf2174557428f1121c5926b905dfaa0aad160d3064d171946f298e_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel8@sha256:97e133b817c1aac347642b414ca6cb108fec25434b945c398bae6763f1596c5e_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel8@sha256:a5641fd059a00dff89f846472bf2c139c15ac2908328b03f86ab67087a1dbcf4_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel8@sha256:adad7b24fba97c5649f320ebc72a6b6cbf280e552121a2081b0fe804b06ef78d_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8-operator@sha256:32fa50754404a12b4d4a58d4ef9def3f5e8225cb2cf1e56983df1677f621462e_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8-operator@sha256:ad9213450b9284c6e4323f9f8a5dfc42734ac95b67e5cd6a3afc3bd2945e993d_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8-operator@sha256:b3064c6ba7b2cf491ced94cd9b6545306cb7d59e2054a0d7042daaa3c062246e_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8-operator@sha256:f38fcf5efc4501f3111484cd9c5216f4014fcfd0088d4dd3ad6c14ad76dbe83a_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8@sha256:a27c12f79db64522884b304c30f40635c774f51596689670fd628f409a68663f_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8@sha256:ac2b684d7ac8e0b6f36fe2da22b2ed41bfb24f8e2f77e64117c186a3cdf2f21b_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8@sha256:df80c45631e780f58aaf85edddaf77ed82c0b41f0ad766db048615290eeb96a3_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8@sha256:fe2675bd2c51d62dfa3473653c00ddf55a1b64791f5029fe0b87087461b700a1_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-web-rhel8@sha256:01b5493444bc24c954ce86554d0ba8ca99b9db8c516901d0539e1b001ba78590_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-web-rhel8@sha256:0b7d67480c6a15e5a655573f2ac885d34df441978f8f595f8c4d9f5e93c052d1_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-web-rhel8@sha256:a44ffd3666281ab867c177915ddf48fdb59052a2d48f49284a598e8c80125d7b_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-web-rhel8@sha256:ff2db93490c489562bb8c37a247daf01e10c871e628b24cc4006dd2bd14473bb_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:13425b0194354a15d71f6bccd7b2e526ef4b2cd8c56b6aff91ebf4435bda20bc_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:893d04a458674590c81c2ef09fb222c36f47bee71ab3615d6bb73432c58d965b_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:964337aac284059c1abde17a9bd2c0d13fd5a149a91af19eb56944728f7f5584_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:9d429c6e5d72bf883362b1ae11f8b4ed3a9d468e77e2e29c8ff234df9e255db4_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:38bc442a6181a739b4c232d25abd7018dbce05083f3bf09ab7a071a3d2a4c7b4_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:8c80648871aee9d1c5450226d18b122a40fe188b1140fcb22800ecda41bb6343_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:cfbf2ddd1dce998575bf8e38cd38bbcc98b006ba918d5de8ea1621b5de4d3f67_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:de8830287e00c4062524ebc9e9a93896503101e6382f553c89cc0c1e7d15618f_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/cloud-addons-operator-bundle@sha256:bdc45dd15fcdf3d3956c6ddc2316a8e68490cc1d4249f95b01b231a0fb17debf_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/ee-containerized-installer-rhel8@sha256:797d37d3015ebbf5125f6e1d12d47774a276a42a3c18ccabab2bf1c466b001fd_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/ee-containerized-installer-rhel8@sha256:a4cdb956a90531672851a53c6691591c871513630c8d441b0061d0c187f62a99_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/platform-operator-bundle@sha256:5825e694ae618fd41f495a7d5b9f911da004a9649aa09ca66ad64d3812a884d9_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/platform-operator-bundle@sha256:8b8051faac5197c85088cdb2032576d7789ef251ffd8ea8fc2e525a199202ab0_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/platform-operator-bundle@sha256:d5d128596af42dddb7f3efa725050a35c07eae5e63a4bd8be7789857cf5d36f3_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/platform-operator-bundle@sha256:ecc912e9ab3146df86e7be7afbc077db49e74f913815c73521ae67893f452853_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel9@sha256:20092308c17687aa6059400af8d1772b8fe85207db9f9a5b6d259908e0b63aab_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel9@sha256:45ff186bff94f30a34c2fe59bc342d10bf47071567b9d09d1fa61bf08e72f1c4_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel9@sha256:a4a88494691f2fc7689d16a4da97a857e8b795e41ecf5fe09b09ebfc729511ce_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel9@sha256:eb2f2e5796823643b8b52b98976a04089cdc82ce32f3e4a348fc25dd12eff275_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel9@sha256:7ecc021d626a20acc20f73b28005c16a8d20c7640ec51dffdaff236440702172_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel9@sha256:8c34db5cc4c68c80db22a835c095d60e3988a3e6d1c82fb91cc8558b43a47b33_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel9@sha256:91f0cc9dd9261b7bff0484d3db8e499912fa1781aa71ad24c77d0809cccb03f4_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel9@sha256:cd96a0ece925ed1443c0797bc3baf992ed7ae087f5977df8728a4aab8940516f_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:035f8ce6c6f6ab88366d7d42ba587d75b60236433e01ce0349a40554ff0e1b05_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:11934bcc8a713da353d254164b6914b5769326534a2298f0ccb8642813da5f9a_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:b46fed769c86134a110f442dc56b0c8bfd0d469eb39649916db099f611ab3347_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:bc376892f777fade4e725e140ae195ee94bd2f3c8e97b86a2705cbe23fa1875e_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel9@sha256:7660d7f051c9ac00bf49f609bf1e24b8020d2cb8856b40cbecc13de54d55fed8_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel9@sha256:9b13ab56c30c5c77a21e00d2dfbad44f63c6ff7ac5acb6b8ba416f7fb2a0fc51_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel9@sha256:a562c54aa4ba7538aa2b1beab666cab689240f664f8c17bfd769560efbe3b626_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel9@sha256:f28e22e5da55ea626890aceb7ae4c391e192055a60a1beba9a98ac70ee1353ce_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel9@sha256:5bd5d0da12cc63b3221f508c203b0cde5b4628439d42c1a0303a31c217506936_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel9@sha256:da3031d8ff12b8df290c6da7c5451d0a797c24c0b2b0ce5cce943633d2352ee7_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel9@sha256:de1067b9be05a3acb9bb61458fb89e71acf01cad7a9439a638972bc0615a4d5a_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel9@sha256:f4fe61723e459bf8e8b8721cb463a89d77827f87ec835826b0866c617cb19ea7_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel9@sha256:49d5862f8abc4f05c837b26610604d32c07001af0a93993458b21e8f9adf534f_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel9@sha256:9bf9ff9e04832f353a8904f7f7826417abfe3891a927939a1cdfcfde30d1d10c_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel9@sha256:c35b05b413bc2090089219d476f0a1e2c56250fc09e190583e167bfcdce5bf35_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel9@sha256:d21ac96577006183a5cc592fb094cb2cf0f25aa687597d68984965ebcb1cb9a5_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel9@sha256:162dd2718a9d9fdf4e3558129a0a77094a7fd9731ab826c664b69ed955853ddd_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel9@sha256:23ed9a9439c4651417dd96d62776ca40582b54fc5da2955a72b047608c0d6c42_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel9@sha256:32d97ab01d3f3df3212c3e949d2630709ae05e4d0c56aafd6a720827234cf3e9_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel9@sha256:e49a3d2b7456a55b603e78b8ddec27665b6a957f5ac479aad50123f3f9bb1d42_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)"
},
{
"cve": "CVE-2023-44487",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-billing-rhel8-operator@sha256:3151364d2c3359a253e6f95fe296ad9842bcf859a4d05e65abc1283f7646f986_amd64",
"8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-billing-rhel8@sha256:f650486925c3bb5ff56570543839ef8ab668c91bba11a30aeceba22b0cf25b3e_amd64",
"8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-metrics-collector-rhel8@sha256:738e8ad888db5fa2205b9eb809b25ee98b77b47e7cb009d7aef94e0ab09c9492_amd64",
"8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-ui-rhel8-operator@sha256:2826678e9aca4fc567567c36f0d7af6cc22ee85fcfb23d3552534712685d512d_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/aap-must-gather-rhel8@sha256:1ff8637546e4244650e7ad05e9e287c041198d4848a0834c4b505c73ec2adc40_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/aap-must-gather-rhel8@sha256:53a9a6779f8569b03faec060888f39d2d3f071d3a4af8269f66490abd8bfad7e_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/aap-must-gather-rhel8@sha256:ba77e7f17865da4d59f91b69ab58cbeafaa86debe50d2d6fb89e9812f4aed1c7_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/aap-must-gather-rhel8@sha256:d1730361a768cc0dc847958b872eac8befb5bcbe87d4fc18098b9ff4ed072cf3_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel8@sha256:0089971676a347149081311def7417185edfeac0fa0fb09bac556d1e4ac17971_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel8@sha256:0a5ae31195b5b32e8f0800a301ce0e1e282812af59c667c4b40af82a8ca09d62_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel8@sha256:73220bd2c0da0524f6eb6c7a88378ee9970a804a998f039fa14683cf5d7adf2f_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel8@sha256:9aa60f9acfd33709262f38091589521ef49674607e69a3baa6f3d9c9508a10fe_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel8@sha256:5cf9e0d8a0ad5b1492187b177751cede769b53dc830e5b1bc5dcdd110a71a397_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel8@sha256:6599eee6f2b0b8c08ea3dc49598f97aea3b53b456afcc410dd740c39bbfdcd63_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel8@sha256:697fa0ba756009f66eb78f1feb4f9597da4b2382644c76f7755d29dd70aecea2_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel8@sha256:dd8c5dc68cf8d71a563743040922540101be6c1b29c2f565e1352ece5b68377b_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:9273cfd468a23859d784dc3fbf2ad1abb04892e6a3f2ad55d8d2e7c623d0419f_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:99e842a1ca0ea2234c09a8a9466d936968ef36032c102e26fa761089528461e7_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:d2d4b79f72dfe3f646f27b2c35e5108ed3a3c867fd0b9c04d0193e6ec717ad75_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:d6ae7f3136a14984e33f46598f6e321ad72f3875e4c3f0a8c773e5046fb99f1a_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8-operator@sha256:013993b69238a181ef9be9c6cbd173f4af8280f6dc763e52a493e54e71069a01_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8-operator@sha256:07a798fdc9b88ce7332a1300475e3a56d439b55a7ad5e10fd8d4e036661841cd_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8-operator@sha256:2e252f02c2695856d19d90299e2f1cc2bf93d7304e48da306628b12f4d56b037_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8-operator@sha256:71dac652dd2a9588f1722c5147c8cc9cdb5c38d3cb3dc5a5e955c4cba6a3e57c_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8@sha256:11f4ad08d0d96223b17e08a5d07f0594d0d450fe94bd86ce6f57165d20eedfee_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8@sha256:6855d1b68735adde33f4ad83496e7ada4548e3fb1ad07cb7925dfb726d800da0_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8@sha256:c8fdd92c3c2c497ab1d4ba8c96759e8f2dfe7f023df6c5021dfed672c98d0621_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8@sha256:f346fa5d9a45ba329dc668e6a63672020fb579948b6c417ce76400e07ef928a5_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel8@sha256:1e2c70baa0950d9667715e4deda717db264ea07aaa097ed4c3e11025eb4c59a0_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel8@sha256:3407db77ac87aecdc3bd3d32294672192caadd5779858d9c1ca559eef0dcf431_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel8@sha256:6bf6294838abf4584f07500c9d61e7358d706f5754e1171e6a4184957e272d18_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel8@sha256:8c7d062a28b7e54510c1aa45598a6e7c0777962b0c5d1dd1eff77e2203aabc93_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel8@sha256:037b08f1cdf2bd0ba488ec02d6c4136171cadad65017f4331fb8e6d8b9ec8ffb_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel8@sha256:3abdaa6c02011ee543838612626d895980298d6e505e510f4a2b75e6ee0d6315_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel8@sha256:d4d8984a1e1191d58e402dfd9f7d80a1f3bf714b774cc0837809ccabbbbfdb03_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel8@sha256:dcdf4678c085dcb1014930901def587b01e780ce45a471f17a9c39de221b0757_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:4220b98f9d8e805a77a4a4ef95855b8f2c61467a02f686c7b547496831493746_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:683b9705958bb94e2f3fa8901c19ffd4d2a3967104fec3a969a46fa7e5702507_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:b533066a88203acca58a7355f379018eb270f0c932c35f8170e76bfe658ef84b_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:f9f8d32c2ab60ab6c30bfcdec7778f6eb67ba30015d9453afd67ab334c8c2fe5_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8@sha256:2bc05e35b21a826737e8bc523924d8137a531003d2ba2466243f4172708f2cbc_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8@sha256:3059b9a6c38deb5aac3fb60875214fe2dafe50cda028638816ec67741169ec73_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8@sha256:7d75552ba2d42b0f85695e9a71ff71dd781bce0452590d89c12a8fc9f1a501ff_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8@sha256:fd7e96d6b70e0a1b13f0f34e7f14d4de14d07f0db6c449c20e1211bc3982205e_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:56b46c50edef8f427dbc11d32c493ccc3b12df9dc9f553c2e8d3740313ae3cd1_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:7eeca90468dde408d820ffb7b530d0cef615fe6f4a7e852b47ff18028cc09ecc_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:88f5e52c33ca6ff00cb1fd37753a2b1f9e4b6b2a07977e68b71262a8d7a4c58b_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:ee508e6aaaf56c6ec9025d7650000a39a7b05319b570e6961eb72d20623793d9_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-29-rhel8@sha256:5685c052ba6b6d3eec7b7c740ba6b967e92f1fa22631dcf2fe048c57d16cf12a_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-cloud-services-rhel8@sha256:d0797635652c5d9044da6c9f3ecbcc174bf7a9823f1c72cde44830cfe4f5ff56_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-dellemc-openmanage-rhel8@sha256:628f7596505a9ab111cfcd1d3a1eb11e537dbf663d9b802e3cc94af8dbfa05d6_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-dellemc-openmanage-rhel8@sha256:894f470c00c9bffad51ba8e8aecac867345c6e3f90227d773699cf8ef25120eb_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel8@sha256:382c4b91e8c8b30b51d3168b4a16f7c75c96198f4699c301bd03d686c8e85ae7_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel8@sha256:5a2b269ebe2bbb5f27af823cc13c3ce06ade36f43480aa56d41d654d5ef139e3_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel8@sha256:63ea2ecffbf408183f3f37e4c1df4e3a77b9f4c0806d2ef3141d102470661e38_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel8@sha256:c4c7158dfc2c317c62aed28f6db21bc347aca92b8301a6cb932c1a5fbf3eac87_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel8@sha256:72098dcaf2cf2174557428f1121c5926b905dfaa0aad160d3064d171946f298e_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel8@sha256:97e133b817c1aac347642b414ca6cb108fec25434b945c398bae6763f1596c5e_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel8@sha256:a5641fd059a00dff89f846472bf2c139c15ac2908328b03f86ab67087a1dbcf4_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel8@sha256:adad7b24fba97c5649f320ebc72a6b6cbf280e552121a2081b0fe804b06ef78d_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8-operator@sha256:32fa50754404a12b4d4a58d4ef9def3f5e8225cb2cf1e56983df1677f621462e_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8-operator@sha256:ad9213450b9284c6e4323f9f8a5dfc42734ac95b67e5cd6a3afc3bd2945e993d_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8-operator@sha256:b3064c6ba7b2cf491ced94cd9b6545306cb7d59e2054a0d7042daaa3c062246e_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8-operator@sha256:f38fcf5efc4501f3111484cd9c5216f4014fcfd0088d4dd3ad6c14ad76dbe83a_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8@sha256:a27c12f79db64522884b304c30f40635c774f51596689670fd628f409a68663f_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8@sha256:ac2b684d7ac8e0b6f36fe2da22b2ed41bfb24f8e2f77e64117c186a3cdf2f21b_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8@sha256:df80c45631e780f58aaf85edddaf77ed82c0b41f0ad766db048615290eeb96a3_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8@sha256:fe2675bd2c51d62dfa3473653c00ddf55a1b64791f5029fe0b87087461b700a1_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-web-rhel8@sha256:01b5493444bc24c954ce86554d0ba8ca99b9db8c516901d0539e1b001ba78590_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-web-rhel8@sha256:0b7d67480c6a15e5a655573f2ac885d34df441978f8f595f8c4d9f5e93c052d1_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-web-rhel8@sha256:a44ffd3666281ab867c177915ddf48fdb59052a2d48f49284a598e8c80125d7b_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-web-rhel8@sha256:ff2db93490c489562bb8c37a247daf01e10c871e628b24cc4006dd2bd14473bb_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:13425b0194354a15d71f6bccd7b2e526ef4b2cd8c56b6aff91ebf4435bda20bc_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:893d04a458674590c81c2ef09fb222c36f47bee71ab3615d6bb73432c58d965b_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:964337aac284059c1abde17a9bd2c0d13fd5a149a91af19eb56944728f7f5584_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:9d429c6e5d72bf883362b1ae11f8b4ed3a9d468e77e2e29c8ff234df9e255db4_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:38bc442a6181a739b4c232d25abd7018dbce05083f3bf09ab7a071a3d2a4c7b4_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:8c80648871aee9d1c5450226d18b122a40fe188b1140fcb22800ecda41bb6343_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:cfbf2ddd1dce998575bf8e38cd38bbcc98b006ba918d5de8ea1621b5de4d3f67_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:de8830287e00c4062524ebc9e9a93896503101e6382f553c89cc0c1e7d15618f_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/cloud-addons-operator-bundle@sha256:bdc45dd15fcdf3d3956c6ddc2316a8e68490cc1d4249f95b01b231a0fb17debf_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/ee-containerized-installer-rhel8@sha256:797d37d3015ebbf5125f6e1d12d47774a276a42a3c18ccabab2bf1c466b001fd_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/ee-containerized-installer-rhel8@sha256:a4cdb956a90531672851a53c6691591c871513630c8d441b0061d0c187f62a99_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/platform-operator-bundle@sha256:5825e694ae618fd41f495a7d5b9f911da004a9649aa09ca66ad64d3812a884d9_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/platform-operator-bundle@sha256:8b8051faac5197c85088cdb2032576d7789ef251ffd8ea8fc2e525a199202ab0_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/platform-operator-bundle@sha256:d5d128596af42dddb7f3efa725050a35c07eae5e63a4bd8be7789857cf5d36f3_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/platform-operator-bundle@sha256:ecc912e9ab3146df86e7be7afbc077db49e74f913815c73521ae67893f452853_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel9@sha256:20092308c17687aa6059400af8d1772b8fe85207db9f9a5b6d259908e0b63aab_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel9@sha256:45ff186bff94f30a34c2fe59bc342d10bf47071567b9d09d1fa61bf08e72f1c4_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel9@sha256:a4a88494691f2fc7689d16a4da97a857e8b795e41ecf5fe09b09ebfc729511ce_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel9@sha256:eb2f2e5796823643b8b52b98976a04089cdc82ce32f3e4a348fc25dd12eff275_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel9@sha256:7ecc021d626a20acc20f73b28005c16a8d20c7640ec51dffdaff236440702172_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel9@sha256:8c34db5cc4c68c80db22a835c095d60e3988a3e6d1c82fb91cc8558b43a47b33_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel9@sha256:91f0cc9dd9261b7bff0484d3db8e499912fa1781aa71ad24c77d0809cccb03f4_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel9@sha256:cd96a0ece925ed1443c0797bc3baf992ed7ae087f5977df8728a4aab8940516f_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:035f8ce6c6f6ab88366d7d42ba587d75b60236433e01ce0349a40554ff0e1b05_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:11934bcc8a713da353d254164b6914b5769326534a2298f0ccb8642813da5f9a_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:b46fed769c86134a110f442dc56b0c8bfd0d469eb39649916db099f611ab3347_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:bc376892f777fade4e725e140ae195ee94bd2f3c8e97b86a2705cbe23fa1875e_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel9@sha256:7660d7f051c9ac00bf49f609bf1e24b8020d2cb8856b40cbecc13de54d55fed8_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel9@sha256:9b13ab56c30c5c77a21e00d2dfbad44f63c6ff7ac5acb6b8ba416f7fb2a0fc51_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel9@sha256:a562c54aa4ba7538aa2b1beab666cab689240f664f8c17bfd769560efbe3b626_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel9@sha256:f28e22e5da55ea626890aceb7ae4c391e192055a60a1beba9a98ac70ee1353ce_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel9@sha256:5bd5d0da12cc63b3221f508c203b0cde5b4628439d42c1a0303a31c217506936_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel9@sha256:da3031d8ff12b8df290c6da7c5451d0a797c24c0b2b0ce5cce943633d2352ee7_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel9@sha256:de1067b9be05a3acb9bb61458fb89e71acf01cad7a9439a638972bc0615a4d5a_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel9@sha256:f4fe61723e459bf8e8b8721cb463a89d77827f87ec835826b0866c617cb19ea7_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel9@sha256:49d5862f8abc4f05c837b26610604d32c07001af0a93993458b21e8f9adf534f_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel9@sha256:9bf9ff9e04832f353a8904f7f7826417abfe3891a927939a1cdfcfde30d1d10c_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel9@sha256:c35b05b413bc2090089219d476f0a1e2c56250fc09e190583e167bfcdce5bf35_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel9@sha256:d21ac96577006183a5cc592fb094cb2cf0f25aa687597d68984965ebcb1cb9a5_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel9@sha256:162dd2718a9d9fdf4e3558129a0a77094a7fd9731ab826c664b69ed955853ddd_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel9@sha256:23ed9a9439c4651417dd96d62776ca40582b54fc5da2955a72b047608c0d6c42_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel9@sha256:32d97ab01d3f3df3212c3e949d2630709ae05e4d0c56aafd6a720827234cf3e9_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel9@sha256:e49a3d2b7456a55b603e78b8ddec27665b6a957f5ac479aad50123f3f9bb1d42_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2242803"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages.\r\n\r\nSecurity Bulletin\r\nhttps://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "NGINX has been marked as Moderate Impact because, for performance and resource consumption reasons, NGINX limits the number of concurrent streams to a default of 128. In addition, to optimally balance network and server performance, NGINX allows the client to persist HTTP connections for up to 1000 requests by default using an HTTP keepalive.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nrhc component is no longer impacted by CVE-2023-44487 \u0026 CVE-2023-39325.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-ui-rhel8@sha256:0d0b96befa8957940d289d905517a6e2ef687cc28c9e68c29acb7813a90a13a6_amd64"
],
"known_not_affected": [
"8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-billing-rhel8-operator@sha256:3151364d2c3359a253e6f95fe296ad9842bcf859a4d05e65abc1283f7646f986_amd64",
"8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-billing-rhel8@sha256:f650486925c3bb5ff56570543839ef8ab668c91bba11a30aeceba22b0cf25b3e_amd64",
"8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-metrics-collector-rhel8@sha256:738e8ad888db5fa2205b9eb809b25ee98b77b47e7cb009d7aef94e0ab09c9492_amd64",
"8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-ui-rhel8-operator@sha256:2826678e9aca4fc567567c36f0d7af6cc22ee85fcfb23d3552534712685d512d_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/aap-must-gather-rhel8@sha256:1ff8637546e4244650e7ad05e9e287c041198d4848a0834c4b505c73ec2adc40_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/aap-must-gather-rhel8@sha256:53a9a6779f8569b03faec060888f39d2d3f071d3a4af8269f66490abd8bfad7e_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/aap-must-gather-rhel8@sha256:ba77e7f17865da4d59f91b69ab58cbeafaa86debe50d2d6fb89e9812f4aed1c7_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/aap-must-gather-rhel8@sha256:d1730361a768cc0dc847958b872eac8befb5bcbe87d4fc18098b9ff4ed072cf3_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel8@sha256:0089971676a347149081311def7417185edfeac0fa0fb09bac556d1e4ac17971_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel8@sha256:0a5ae31195b5b32e8f0800a301ce0e1e282812af59c667c4b40af82a8ca09d62_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel8@sha256:73220bd2c0da0524f6eb6c7a88378ee9970a804a998f039fa14683cf5d7adf2f_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel8@sha256:9aa60f9acfd33709262f38091589521ef49674607e69a3baa6f3d9c9508a10fe_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel8@sha256:5cf9e0d8a0ad5b1492187b177751cede769b53dc830e5b1bc5dcdd110a71a397_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel8@sha256:6599eee6f2b0b8c08ea3dc49598f97aea3b53b456afcc410dd740c39bbfdcd63_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel8@sha256:697fa0ba756009f66eb78f1feb4f9597da4b2382644c76f7755d29dd70aecea2_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel8@sha256:dd8c5dc68cf8d71a563743040922540101be6c1b29c2f565e1352ece5b68377b_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:9273cfd468a23859d784dc3fbf2ad1abb04892e6a3f2ad55d8d2e7c623d0419f_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:99e842a1ca0ea2234c09a8a9466d936968ef36032c102e26fa761089528461e7_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:d2d4b79f72dfe3f646f27b2c35e5108ed3a3c867fd0b9c04d0193e6ec717ad75_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:d6ae7f3136a14984e33f46598f6e321ad72f3875e4c3f0a8c773e5046fb99f1a_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8-operator@sha256:013993b69238a181ef9be9c6cbd173f4af8280f6dc763e52a493e54e71069a01_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8-operator@sha256:07a798fdc9b88ce7332a1300475e3a56d439b55a7ad5e10fd8d4e036661841cd_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8-operator@sha256:2e252f02c2695856d19d90299e2f1cc2bf93d7304e48da306628b12f4d56b037_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8-operator@sha256:71dac652dd2a9588f1722c5147c8cc9cdb5c38d3cb3dc5a5e955c4cba6a3e57c_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8@sha256:11f4ad08d0d96223b17e08a5d07f0594d0d450fe94bd86ce6f57165d20eedfee_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8@sha256:6855d1b68735adde33f4ad83496e7ada4548e3fb1ad07cb7925dfb726d800da0_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8@sha256:c8fdd92c3c2c497ab1d4ba8c96759e8f2dfe7f023df6c5021dfed672c98d0621_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8@sha256:f346fa5d9a45ba329dc668e6a63672020fb579948b6c417ce76400e07ef928a5_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel8@sha256:1e2c70baa0950d9667715e4deda717db264ea07aaa097ed4c3e11025eb4c59a0_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel8@sha256:3407db77ac87aecdc3bd3d32294672192caadd5779858d9c1ca559eef0dcf431_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel8@sha256:6bf6294838abf4584f07500c9d61e7358d706f5754e1171e6a4184957e272d18_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel8@sha256:8c7d062a28b7e54510c1aa45598a6e7c0777962b0c5d1dd1eff77e2203aabc93_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel8@sha256:037b08f1cdf2bd0ba488ec02d6c4136171cadad65017f4331fb8e6d8b9ec8ffb_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel8@sha256:3abdaa6c02011ee543838612626d895980298d6e505e510f4a2b75e6ee0d6315_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel8@sha256:d4d8984a1e1191d58e402dfd9f7d80a1f3bf714b774cc0837809ccabbbbfdb03_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel8@sha256:dcdf4678c085dcb1014930901def587b01e780ce45a471f17a9c39de221b0757_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:4220b98f9d8e805a77a4a4ef95855b8f2c61467a02f686c7b547496831493746_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:683b9705958bb94e2f3fa8901c19ffd4d2a3967104fec3a969a46fa7e5702507_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:b533066a88203acca58a7355f379018eb270f0c932c35f8170e76bfe658ef84b_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:f9f8d32c2ab60ab6c30bfcdec7778f6eb67ba30015d9453afd67ab334c8c2fe5_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8@sha256:2bc05e35b21a826737e8bc523924d8137a531003d2ba2466243f4172708f2cbc_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8@sha256:3059b9a6c38deb5aac3fb60875214fe2dafe50cda028638816ec67741169ec73_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8@sha256:7d75552ba2d42b0f85695e9a71ff71dd781bce0452590d89c12a8fc9f1a501ff_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8@sha256:fd7e96d6b70e0a1b13f0f34e7f14d4de14d07f0db6c449c20e1211bc3982205e_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:56b46c50edef8f427dbc11d32c493ccc3b12df9dc9f553c2e8d3740313ae3cd1_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:7eeca90468dde408d820ffb7b530d0cef615fe6f4a7e852b47ff18028cc09ecc_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:88f5e52c33ca6ff00cb1fd37753a2b1f9e4b6b2a07977e68b71262a8d7a4c58b_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:ee508e6aaaf56c6ec9025d7650000a39a7b05319b570e6961eb72d20623793d9_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-29-rhel8@sha256:5685c052ba6b6d3eec7b7c740ba6b967e92f1fa22631dcf2fe048c57d16cf12a_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-cloud-services-rhel8@sha256:d0797635652c5d9044da6c9f3ecbcc174bf7a9823f1c72cde44830cfe4f5ff56_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-dellemc-openmanage-rhel8@sha256:628f7596505a9ab111cfcd1d3a1eb11e537dbf663d9b802e3cc94af8dbfa05d6_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-dellemc-openmanage-rhel8@sha256:894f470c00c9bffad51ba8e8aecac867345c6e3f90227d773699cf8ef25120eb_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel8@sha256:382c4b91e8c8b30b51d3168b4a16f7c75c96198f4699c301bd03d686c8e85ae7_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel8@sha256:5a2b269ebe2bbb5f27af823cc13c3ce06ade36f43480aa56d41d654d5ef139e3_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel8@sha256:63ea2ecffbf408183f3f37e4c1df4e3a77b9f4c0806d2ef3141d102470661e38_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel8@sha256:c4c7158dfc2c317c62aed28f6db21bc347aca92b8301a6cb932c1a5fbf3eac87_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel8@sha256:72098dcaf2cf2174557428f1121c5926b905dfaa0aad160d3064d171946f298e_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel8@sha256:97e133b817c1aac347642b414ca6cb108fec25434b945c398bae6763f1596c5e_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel8@sha256:a5641fd059a00dff89f846472bf2c139c15ac2908328b03f86ab67087a1dbcf4_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel8@sha256:adad7b24fba97c5649f320ebc72a6b6cbf280e552121a2081b0fe804b06ef78d_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8-operator@sha256:32fa50754404a12b4d4a58d4ef9def3f5e8225cb2cf1e56983df1677f621462e_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8-operator@sha256:ad9213450b9284c6e4323f9f8a5dfc42734ac95b67e5cd6a3afc3bd2945e993d_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8-operator@sha256:b3064c6ba7b2cf491ced94cd9b6545306cb7d59e2054a0d7042daaa3c062246e_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8-operator@sha256:f38fcf5efc4501f3111484cd9c5216f4014fcfd0088d4dd3ad6c14ad76dbe83a_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8@sha256:a27c12f79db64522884b304c30f40635c774f51596689670fd628f409a68663f_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8@sha256:ac2b684d7ac8e0b6f36fe2da22b2ed41bfb24f8e2f77e64117c186a3cdf2f21b_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8@sha256:df80c45631e780f58aaf85edddaf77ed82c0b41f0ad766db048615290eeb96a3_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8@sha256:fe2675bd2c51d62dfa3473653c00ddf55a1b64791f5029fe0b87087461b700a1_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-web-rhel8@sha256:01b5493444bc24c954ce86554d0ba8ca99b9db8c516901d0539e1b001ba78590_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-web-rhel8@sha256:0b7d67480c6a15e5a655573f2ac885d34df441978f8f595f8c4d9f5e93c052d1_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-web-rhel8@sha256:a44ffd3666281ab867c177915ddf48fdb59052a2d48f49284a598e8c80125d7b_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-web-rhel8@sha256:ff2db93490c489562bb8c37a247daf01e10c871e628b24cc4006dd2bd14473bb_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:13425b0194354a15d71f6bccd7b2e526ef4b2cd8c56b6aff91ebf4435bda20bc_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:893d04a458674590c81c2ef09fb222c36f47bee71ab3615d6bb73432c58d965b_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:964337aac284059c1abde17a9bd2c0d13fd5a149a91af19eb56944728f7f5584_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:9d429c6e5d72bf883362b1ae11f8b4ed3a9d468e77e2e29c8ff234df9e255db4_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:38bc442a6181a739b4c232d25abd7018dbce05083f3bf09ab7a071a3d2a4c7b4_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:8c80648871aee9d1c5450226d18b122a40fe188b1140fcb22800ecda41bb6343_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:cfbf2ddd1dce998575bf8e38cd38bbcc98b006ba918d5de8ea1621b5de4d3f67_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:de8830287e00c4062524ebc9e9a93896503101e6382f553c89cc0c1e7d15618f_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/cloud-addons-operator-bundle@sha256:bdc45dd15fcdf3d3956c6ddc2316a8e68490cc1d4249f95b01b231a0fb17debf_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/ee-containerized-installer-rhel8@sha256:797d37d3015ebbf5125f6e1d12d47774a276a42a3c18ccabab2bf1c466b001fd_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/ee-containerized-installer-rhel8@sha256:a4cdb956a90531672851a53c6691591c871513630c8d441b0061d0c187f62a99_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/platform-operator-bundle@sha256:5825e694ae618fd41f495a7d5b9f911da004a9649aa09ca66ad64d3812a884d9_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/platform-operator-bundle@sha256:8b8051faac5197c85088cdb2032576d7789ef251ffd8ea8fc2e525a199202ab0_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/platform-operator-bundle@sha256:d5d128596af42dddb7f3efa725050a35c07eae5e63a4bd8be7789857cf5d36f3_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/platform-operator-bundle@sha256:ecc912e9ab3146df86e7be7afbc077db49e74f913815c73521ae67893f452853_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel9@sha256:20092308c17687aa6059400af8d1772b8fe85207db9f9a5b6d259908e0b63aab_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel9@sha256:45ff186bff94f30a34c2fe59bc342d10bf47071567b9d09d1fa61bf08e72f1c4_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel9@sha256:a4a88494691f2fc7689d16a4da97a857e8b795e41ecf5fe09b09ebfc729511ce_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel9@sha256:eb2f2e5796823643b8b52b98976a04089cdc82ce32f3e4a348fc25dd12eff275_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel9@sha256:7ecc021d626a20acc20f73b28005c16a8d20c7640ec51dffdaff236440702172_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel9@sha256:8c34db5cc4c68c80db22a835c095d60e3988a3e6d1c82fb91cc8558b43a47b33_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel9@sha256:91f0cc9dd9261b7bff0484d3db8e499912fa1781aa71ad24c77d0809cccb03f4_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel9@sha256:cd96a0ece925ed1443c0797bc3baf992ed7ae087f5977df8728a4aab8940516f_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:035f8ce6c6f6ab88366d7d42ba587d75b60236433e01ce0349a40554ff0e1b05_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:11934bcc8a713da353d254164b6914b5769326534a2298f0ccb8642813da5f9a_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:b46fed769c86134a110f442dc56b0c8bfd0d469eb39649916db099f611ab3347_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:bc376892f777fade4e725e140ae195ee94bd2f3c8e97b86a2705cbe23fa1875e_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel9@sha256:7660d7f051c9ac00bf49f609bf1e24b8020d2cb8856b40cbecc13de54d55fed8_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel9@sha256:9b13ab56c30c5c77a21e00d2dfbad44f63c6ff7ac5acb6b8ba416f7fb2a0fc51_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel9@sha256:a562c54aa4ba7538aa2b1beab666cab689240f664f8c17bfd769560efbe3b626_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel9@sha256:f28e22e5da55ea626890aceb7ae4c391e192055a60a1beba9a98ac70ee1353ce_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel9@sha256:5bd5d0da12cc63b3221f508c203b0cde5b4628439d42c1a0303a31c217506936_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel9@sha256:da3031d8ff12b8df290c6da7c5451d0a797c24c0b2b0ce5cce943633d2352ee7_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel9@sha256:de1067b9be05a3acb9bb61458fb89e71acf01cad7a9439a638972bc0615a4d5a_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel9@sha256:f4fe61723e459bf8e8b8721cb463a89d77827f87ec835826b0866c617cb19ea7_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel9@sha256:49d5862f8abc4f05c837b26610604d32c07001af0a93993458b21e8f9adf534f_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel9@sha256:9bf9ff9e04832f353a8904f7f7826417abfe3891a927939a1cdfcfde30d1d10c_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel9@sha256:c35b05b413bc2090089219d476f0a1e2c56250fc09e190583e167bfcdce5bf35_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel9@sha256:d21ac96577006183a5cc592fb094cb2cf0f25aa687597d68984965ebcb1cb9a5_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel9@sha256:162dd2718a9d9fdf4e3558129a0a77094a7fd9731ab826c664b69ed955853ddd_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel9@sha256:23ed9a9439c4651417dd96d62776ca40582b54fc5da2955a72b047608c0d6c42_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel9@sha256:32d97ab01d3f3df3212c3e949d2630709ae05e4d0c56aafd6a720827234cf3e9_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel9@sha256:e49a3d2b7456a55b603e78b8ddec27665b6a957f5ac479aad50123f3f9bb1d42_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "RHBZ#2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://github.com/dotnet/announcements/issues/277",
"url": "https://github.com/dotnet/announcements/issues/277"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
},
{
"category": "external",
"summary": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/",
"url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-17T19:03:49+00:00",
"details": "Red Hat Ansible Automation Platform",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-ui-rhel8@sha256:0d0b96befa8957940d289d905517a6e2ef687cc28c9e68c29acb7813a90a13a6_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2023:5806"
},
{
"category": "workaround",
"details": "Users are strongly urged to update their software as soon as fixes are available. \nThere are several mitigation approaches for this flaw. \n\n1. If circumstances permit, users may disable http2 endpoints to circumvent the flaw altogether until a fix is available.\n2. IP-based blocking or flood protection and rate control tools may be used at network endpoints to filter incoming traffic.\n3. Several package specific mitigations are also available. \n a. nginx: https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\n b. netty: https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p\n c. haproxy: https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\n d. nghttp2: https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg\n e. golang: The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-billing-rhel8-operator@sha256:3151364d2c3359a253e6f95fe296ad9842bcf859a4d05e65abc1283f7646f986_amd64",
"8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-billing-rhel8@sha256:f650486925c3bb5ff56570543839ef8ab668c91bba11a30aeceba22b0cf25b3e_amd64",
"8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-metrics-collector-rhel8@sha256:738e8ad888db5fa2205b9eb809b25ee98b77b47e7cb009d7aef94e0ab09c9492_amd64",
"8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-ui-rhel8-operator@sha256:2826678e9aca4fc567567c36f0d7af6cc22ee85fcfb23d3552534712685d512d_amd64",
"8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-ui-rhel8@sha256:0d0b96befa8957940d289d905517a6e2ef687cc28c9e68c29acb7813a90a13a6_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/aap-must-gather-rhel8@sha256:1ff8637546e4244650e7ad05e9e287c041198d4848a0834c4b505c73ec2adc40_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/aap-must-gather-rhel8@sha256:53a9a6779f8569b03faec060888f39d2d3f071d3a4af8269f66490abd8bfad7e_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/aap-must-gather-rhel8@sha256:ba77e7f17865da4d59f91b69ab58cbeafaa86debe50d2d6fb89e9812f4aed1c7_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/aap-must-gather-rhel8@sha256:d1730361a768cc0dc847958b872eac8befb5bcbe87d4fc18098b9ff4ed072cf3_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel8@sha256:0089971676a347149081311def7417185edfeac0fa0fb09bac556d1e4ac17971_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel8@sha256:0a5ae31195b5b32e8f0800a301ce0e1e282812af59c667c4b40af82a8ca09d62_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel8@sha256:73220bd2c0da0524f6eb6c7a88378ee9970a804a998f039fa14683cf5d7adf2f_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel8@sha256:9aa60f9acfd33709262f38091589521ef49674607e69a3baa6f3d9c9508a10fe_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel8@sha256:5cf9e0d8a0ad5b1492187b177751cede769b53dc830e5b1bc5dcdd110a71a397_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel8@sha256:6599eee6f2b0b8c08ea3dc49598f97aea3b53b456afcc410dd740c39bbfdcd63_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel8@sha256:697fa0ba756009f66eb78f1feb4f9597da4b2382644c76f7755d29dd70aecea2_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel8@sha256:dd8c5dc68cf8d71a563743040922540101be6c1b29c2f565e1352ece5b68377b_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:9273cfd468a23859d784dc3fbf2ad1abb04892e6a3f2ad55d8d2e7c623d0419f_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:99e842a1ca0ea2234c09a8a9466d936968ef36032c102e26fa761089528461e7_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:d2d4b79f72dfe3f646f27b2c35e5108ed3a3c867fd0b9c04d0193e6ec717ad75_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:d6ae7f3136a14984e33f46598f6e321ad72f3875e4c3f0a8c773e5046fb99f1a_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8-operator@sha256:013993b69238a181ef9be9c6cbd173f4af8280f6dc763e52a493e54e71069a01_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8-operator@sha256:07a798fdc9b88ce7332a1300475e3a56d439b55a7ad5e10fd8d4e036661841cd_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8-operator@sha256:2e252f02c2695856d19d90299e2f1cc2bf93d7304e48da306628b12f4d56b037_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8-operator@sha256:71dac652dd2a9588f1722c5147c8cc9cdb5c38d3cb3dc5a5e955c4cba6a3e57c_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8@sha256:11f4ad08d0d96223b17e08a5d07f0594d0d450fe94bd86ce6f57165d20eedfee_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8@sha256:6855d1b68735adde33f4ad83496e7ada4548e3fb1ad07cb7925dfb726d800da0_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8@sha256:c8fdd92c3c2c497ab1d4ba8c96759e8f2dfe7f023df6c5021dfed672c98d0621_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8@sha256:f346fa5d9a45ba329dc668e6a63672020fb579948b6c417ce76400e07ef928a5_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel8@sha256:1e2c70baa0950d9667715e4deda717db264ea07aaa097ed4c3e11025eb4c59a0_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel8@sha256:3407db77ac87aecdc3bd3d32294672192caadd5779858d9c1ca559eef0dcf431_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel8@sha256:6bf6294838abf4584f07500c9d61e7358d706f5754e1171e6a4184957e272d18_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel8@sha256:8c7d062a28b7e54510c1aa45598a6e7c0777962b0c5d1dd1eff77e2203aabc93_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel8@sha256:037b08f1cdf2bd0ba488ec02d6c4136171cadad65017f4331fb8e6d8b9ec8ffb_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel8@sha256:3abdaa6c02011ee543838612626d895980298d6e505e510f4a2b75e6ee0d6315_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel8@sha256:d4d8984a1e1191d58e402dfd9f7d80a1f3bf714b774cc0837809ccabbbbfdb03_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel8@sha256:dcdf4678c085dcb1014930901def587b01e780ce45a471f17a9c39de221b0757_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:4220b98f9d8e805a77a4a4ef95855b8f2c61467a02f686c7b547496831493746_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:683b9705958bb94e2f3fa8901c19ffd4d2a3967104fec3a969a46fa7e5702507_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:b533066a88203acca58a7355f379018eb270f0c932c35f8170e76bfe658ef84b_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:f9f8d32c2ab60ab6c30bfcdec7778f6eb67ba30015d9453afd67ab334c8c2fe5_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8@sha256:2bc05e35b21a826737e8bc523924d8137a531003d2ba2466243f4172708f2cbc_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8@sha256:3059b9a6c38deb5aac3fb60875214fe2dafe50cda028638816ec67741169ec73_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8@sha256:7d75552ba2d42b0f85695e9a71ff71dd781bce0452590d89c12a8fc9f1a501ff_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8@sha256:fd7e96d6b70e0a1b13f0f34e7f14d4de14d07f0db6c449c20e1211bc3982205e_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:56b46c50edef8f427dbc11d32c493ccc3b12df9dc9f553c2e8d3740313ae3cd1_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:7eeca90468dde408d820ffb7b530d0cef615fe6f4a7e852b47ff18028cc09ecc_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:88f5e52c33ca6ff00cb1fd37753a2b1f9e4b6b2a07977e68b71262a8d7a4c58b_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:ee508e6aaaf56c6ec9025d7650000a39a7b05319b570e6961eb72d20623793d9_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-29-rhel8@sha256:5685c052ba6b6d3eec7b7c740ba6b967e92f1fa22631dcf2fe048c57d16cf12a_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-cloud-services-rhel8@sha256:d0797635652c5d9044da6c9f3ecbcc174bf7a9823f1c72cde44830cfe4f5ff56_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-dellemc-openmanage-rhel8@sha256:628f7596505a9ab111cfcd1d3a1eb11e537dbf663d9b802e3cc94af8dbfa05d6_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-dellemc-openmanage-rhel8@sha256:894f470c00c9bffad51ba8e8aecac867345c6e3f90227d773699cf8ef25120eb_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel8@sha256:382c4b91e8c8b30b51d3168b4a16f7c75c96198f4699c301bd03d686c8e85ae7_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel8@sha256:5a2b269ebe2bbb5f27af823cc13c3ce06ade36f43480aa56d41d654d5ef139e3_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel8@sha256:63ea2ecffbf408183f3f37e4c1df4e3a77b9f4c0806d2ef3141d102470661e38_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel8@sha256:c4c7158dfc2c317c62aed28f6db21bc347aca92b8301a6cb932c1a5fbf3eac87_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel8@sha256:72098dcaf2cf2174557428f1121c5926b905dfaa0aad160d3064d171946f298e_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel8@sha256:97e133b817c1aac347642b414ca6cb108fec25434b945c398bae6763f1596c5e_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel8@sha256:a5641fd059a00dff89f846472bf2c139c15ac2908328b03f86ab67087a1dbcf4_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel8@sha256:adad7b24fba97c5649f320ebc72a6b6cbf280e552121a2081b0fe804b06ef78d_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8-operator@sha256:32fa50754404a12b4d4a58d4ef9def3f5e8225cb2cf1e56983df1677f621462e_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8-operator@sha256:ad9213450b9284c6e4323f9f8a5dfc42734ac95b67e5cd6a3afc3bd2945e993d_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8-operator@sha256:b3064c6ba7b2cf491ced94cd9b6545306cb7d59e2054a0d7042daaa3c062246e_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8-operator@sha256:f38fcf5efc4501f3111484cd9c5216f4014fcfd0088d4dd3ad6c14ad76dbe83a_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8@sha256:a27c12f79db64522884b304c30f40635c774f51596689670fd628f409a68663f_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8@sha256:ac2b684d7ac8e0b6f36fe2da22b2ed41bfb24f8e2f77e64117c186a3cdf2f21b_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8@sha256:df80c45631e780f58aaf85edddaf77ed82c0b41f0ad766db048615290eeb96a3_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8@sha256:fe2675bd2c51d62dfa3473653c00ddf55a1b64791f5029fe0b87087461b700a1_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-web-rhel8@sha256:01b5493444bc24c954ce86554d0ba8ca99b9db8c516901d0539e1b001ba78590_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-web-rhel8@sha256:0b7d67480c6a15e5a655573f2ac885d34df441978f8f595f8c4d9f5e93c052d1_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-web-rhel8@sha256:a44ffd3666281ab867c177915ddf48fdb59052a2d48f49284a598e8c80125d7b_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-web-rhel8@sha256:ff2db93490c489562bb8c37a247daf01e10c871e628b24cc4006dd2bd14473bb_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:13425b0194354a15d71f6bccd7b2e526ef4b2cd8c56b6aff91ebf4435bda20bc_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:893d04a458674590c81c2ef09fb222c36f47bee71ab3615d6bb73432c58d965b_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:964337aac284059c1abde17a9bd2c0d13fd5a149a91af19eb56944728f7f5584_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:9d429c6e5d72bf883362b1ae11f8b4ed3a9d468e77e2e29c8ff234df9e255db4_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:38bc442a6181a739b4c232d25abd7018dbce05083f3bf09ab7a071a3d2a4c7b4_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:8c80648871aee9d1c5450226d18b122a40fe188b1140fcb22800ecda41bb6343_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:cfbf2ddd1dce998575bf8e38cd38bbcc98b006ba918d5de8ea1621b5de4d3f67_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:de8830287e00c4062524ebc9e9a93896503101e6382f553c89cc0c1e7d15618f_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/cloud-addons-operator-bundle@sha256:bdc45dd15fcdf3d3956c6ddc2316a8e68490cc1d4249f95b01b231a0fb17debf_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/ee-containerized-installer-rhel8@sha256:797d37d3015ebbf5125f6e1d12d47774a276a42a3c18ccabab2bf1c466b001fd_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/ee-containerized-installer-rhel8@sha256:a4cdb956a90531672851a53c6691591c871513630c8d441b0061d0c187f62a99_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/platform-operator-bundle@sha256:5825e694ae618fd41f495a7d5b9f911da004a9649aa09ca66ad64d3812a884d9_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/platform-operator-bundle@sha256:8b8051faac5197c85088cdb2032576d7789ef251ffd8ea8fc2e525a199202ab0_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/platform-operator-bundle@sha256:d5d128596af42dddb7f3efa725050a35c07eae5e63a4bd8be7789857cf5d36f3_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/platform-operator-bundle@sha256:ecc912e9ab3146df86e7be7afbc077db49e74f913815c73521ae67893f452853_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel9@sha256:20092308c17687aa6059400af8d1772b8fe85207db9f9a5b6d259908e0b63aab_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel9@sha256:45ff186bff94f30a34c2fe59bc342d10bf47071567b9d09d1fa61bf08e72f1c4_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel9@sha256:a4a88494691f2fc7689d16a4da97a857e8b795e41ecf5fe09b09ebfc729511ce_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel9@sha256:eb2f2e5796823643b8b52b98976a04089cdc82ce32f3e4a348fc25dd12eff275_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel9@sha256:7ecc021d626a20acc20f73b28005c16a8d20c7640ec51dffdaff236440702172_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel9@sha256:8c34db5cc4c68c80db22a835c095d60e3988a3e6d1c82fb91cc8558b43a47b33_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel9@sha256:91f0cc9dd9261b7bff0484d3db8e499912fa1781aa71ad24c77d0809cccb03f4_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel9@sha256:cd96a0ece925ed1443c0797bc3baf992ed7ae087f5977df8728a4aab8940516f_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:035f8ce6c6f6ab88366d7d42ba587d75b60236433e01ce0349a40554ff0e1b05_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:11934bcc8a713da353d254164b6914b5769326534a2298f0ccb8642813da5f9a_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:b46fed769c86134a110f442dc56b0c8bfd0d469eb39649916db099f611ab3347_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:bc376892f777fade4e725e140ae195ee94bd2f3c8e97b86a2705cbe23fa1875e_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel9@sha256:7660d7f051c9ac00bf49f609bf1e24b8020d2cb8856b40cbecc13de54d55fed8_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel9@sha256:9b13ab56c30c5c77a21e00d2dfbad44f63c6ff7ac5acb6b8ba416f7fb2a0fc51_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel9@sha256:a562c54aa4ba7538aa2b1beab666cab689240f664f8c17bfd769560efbe3b626_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel9@sha256:f28e22e5da55ea626890aceb7ae4c391e192055a60a1beba9a98ac70ee1353ce_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel9@sha256:5bd5d0da12cc63b3221f508c203b0cde5b4628439d42c1a0303a31c217506936_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel9@sha256:da3031d8ff12b8df290c6da7c5451d0a797c24c0b2b0ce5cce943633d2352ee7_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel9@sha256:de1067b9be05a3acb9bb61458fb89e71acf01cad7a9439a638972bc0615a4d5a_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel9@sha256:f4fe61723e459bf8e8b8721cb463a89d77827f87ec835826b0866c617cb19ea7_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel9@sha256:49d5862f8abc4f05c837b26610604d32c07001af0a93993458b21e8f9adf534f_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel9@sha256:9bf9ff9e04832f353a8904f7f7826417abfe3891a927939a1cdfcfde30d1d10c_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel9@sha256:c35b05b413bc2090089219d476f0a1e2c56250fc09e190583e167bfcdce5bf35_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel9@sha256:d21ac96577006183a5cc592fb094cb2cf0f25aa687597d68984965ebcb1cb9a5_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel9@sha256:162dd2718a9d9fdf4e3558129a0a77094a7fd9731ab826c664b69ed955853ddd_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel9@sha256:23ed9a9439c4651417dd96d62776ca40582b54fc5da2955a72b047608c0d6c42_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel9@sha256:32d97ab01d3f3df3212c3e949d2630709ae05e4d0c56aafd6a720827234cf3e9_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel9@sha256:e49a3d2b7456a55b603e78b8ddec27665b6a957f5ac479aad50123f3f9bb1d42_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-billing-rhel8-operator@sha256:3151364d2c3359a253e6f95fe296ad9842bcf859a4d05e65abc1283f7646f986_amd64",
"8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-billing-rhel8@sha256:f650486925c3bb5ff56570543839ef8ab668c91bba11a30aeceba22b0cf25b3e_amd64",
"8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-metrics-collector-rhel8@sha256:738e8ad888db5fa2205b9eb809b25ee98b77b47e7cb009d7aef94e0ab09c9492_amd64",
"8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-ui-rhel8-operator@sha256:2826678e9aca4fc567567c36f0d7af6cc22ee85fcfb23d3552534712685d512d_amd64",
"8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-ui-rhel8@sha256:0d0b96befa8957940d289d905517a6e2ef687cc28c9e68c29acb7813a90a13a6_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/aap-must-gather-rhel8@sha256:1ff8637546e4244650e7ad05e9e287c041198d4848a0834c4b505c73ec2adc40_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/aap-must-gather-rhel8@sha256:53a9a6779f8569b03faec060888f39d2d3f071d3a4af8269f66490abd8bfad7e_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/aap-must-gather-rhel8@sha256:ba77e7f17865da4d59f91b69ab58cbeafaa86debe50d2d6fb89e9812f4aed1c7_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/aap-must-gather-rhel8@sha256:d1730361a768cc0dc847958b872eac8befb5bcbe87d4fc18098b9ff4ed072cf3_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel8@sha256:0089971676a347149081311def7417185edfeac0fa0fb09bac556d1e4ac17971_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel8@sha256:0a5ae31195b5b32e8f0800a301ce0e1e282812af59c667c4b40af82a8ca09d62_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel8@sha256:73220bd2c0da0524f6eb6c7a88378ee9970a804a998f039fa14683cf5d7adf2f_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel8@sha256:9aa60f9acfd33709262f38091589521ef49674607e69a3baa6f3d9c9508a10fe_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel8@sha256:5cf9e0d8a0ad5b1492187b177751cede769b53dc830e5b1bc5dcdd110a71a397_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel8@sha256:6599eee6f2b0b8c08ea3dc49598f97aea3b53b456afcc410dd740c39bbfdcd63_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel8@sha256:697fa0ba756009f66eb78f1feb4f9597da4b2382644c76f7755d29dd70aecea2_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel8@sha256:dd8c5dc68cf8d71a563743040922540101be6c1b29c2f565e1352ece5b68377b_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:9273cfd468a23859d784dc3fbf2ad1abb04892e6a3f2ad55d8d2e7c623d0419f_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:99e842a1ca0ea2234c09a8a9466d936968ef36032c102e26fa761089528461e7_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:d2d4b79f72dfe3f646f27b2c35e5108ed3a3c867fd0b9c04d0193e6ec717ad75_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:d6ae7f3136a14984e33f46598f6e321ad72f3875e4c3f0a8c773e5046fb99f1a_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8-operator@sha256:013993b69238a181ef9be9c6cbd173f4af8280f6dc763e52a493e54e71069a01_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8-operator@sha256:07a798fdc9b88ce7332a1300475e3a56d439b55a7ad5e10fd8d4e036661841cd_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8-operator@sha256:2e252f02c2695856d19d90299e2f1cc2bf93d7304e48da306628b12f4d56b037_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8-operator@sha256:71dac652dd2a9588f1722c5147c8cc9cdb5c38d3cb3dc5a5e955c4cba6a3e57c_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8@sha256:11f4ad08d0d96223b17e08a5d07f0594d0d450fe94bd86ce6f57165d20eedfee_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8@sha256:6855d1b68735adde33f4ad83496e7ada4548e3fb1ad07cb7925dfb726d800da0_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8@sha256:c8fdd92c3c2c497ab1d4ba8c96759e8f2dfe7f023df6c5021dfed672c98d0621_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8@sha256:f346fa5d9a45ba329dc668e6a63672020fb579948b6c417ce76400e07ef928a5_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel8@sha256:1e2c70baa0950d9667715e4deda717db264ea07aaa097ed4c3e11025eb4c59a0_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel8@sha256:3407db77ac87aecdc3bd3d32294672192caadd5779858d9c1ca559eef0dcf431_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel8@sha256:6bf6294838abf4584f07500c9d61e7358d706f5754e1171e6a4184957e272d18_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel8@sha256:8c7d062a28b7e54510c1aa45598a6e7c0777962b0c5d1dd1eff77e2203aabc93_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel8@sha256:037b08f1cdf2bd0ba488ec02d6c4136171cadad65017f4331fb8e6d8b9ec8ffb_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel8@sha256:3abdaa6c02011ee543838612626d895980298d6e505e510f4a2b75e6ee0d6315_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel8@sha256:d4d8984a1e1191d58e402dfd9f7d80a1f3bf714b774cc0837809ccabbbbfdb03_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel8@sha256:dcdf4678c085dcb1014930901def587b01e780ce45a471f17a9c39de221b0757_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:4220b98f9d8e805a77a4a4ef95855b8f2c61467a02f686c7b547496831493746_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:683b9705958bb94e2f3fa8901c19ffd4d2a3967104fec3a969a46fa7e5702507_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:b533066a88203acca58a7355f379018eb270f0c932c35f8170e76bfe658ef84b_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:f9f8d32c2ab60ab6c30bfcdec7778f6eb67ba30015d9453afd67ab334c8c2fe5_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8@sha256:2bc05e35b21a826737e8bc523924d8137a531003d2ba2466243f4172708f2cbc_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8@sha256:3059b9a6c38deb5aac3fb60875214fe2dafe50cda028638816ec67741169ec73_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8@sha256:7d75552ba2d42b0f85695e9a71ff71dd781bce0452590d89c12a8fc9f1a501ff_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8@sha256:fd7e96d6b70e0a1b13f0f34e7f14d4de14d07f0db6c449c20e1211bc3982205e_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:56b46c50edef8f427dbc11d32c493ccc3b12df9dc9f553c2e8d3740313ae3cd1_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:7eeca90468dde408d820ffb7b530d0cef615fe6f4a7e852b47ff18028cc09ecc_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:88f5e52c33ca6ff00cb1fd37753a2b1f9e4b6b2a07977e68b71262a8d7a4c58b_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:ee508e6aaaf56c6ec9025d7650000a39a7b05319b570e6961eb72d20623793d9_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-29-rhel8@sha256:5685c052ba6b6d3eec7b7c740ba6b967e92f1fa22631dcf2fe048c57d16cf12a_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-cloud-services-rhel8@sha256:d0797635652c5d9044da6c9f3ecbcc174bf7a9823f1c72cde44830cfe4f5ff56_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-dellemc-openmanage-rhel8@sha256:628f7596505a9ab111cfcd1d3a1eb11e537dbf663d9b802e3cc94af8dbfa05d6_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-dellemc-openmanage-rhel8@sha256:894f470c00c9bffad51ba8e8aecac867345c6e3f90227d773699cf8ef25120eb_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel8@sha256:382c4b91e8c8b30b51d3168b4a16f7c75c96198f4699c301bd03d686c8e85ae7_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel8@sha256:5a2b269ebe2bbb5f27af823cc13c3ce06ade36f43480aa56d41d654d5ef139e3_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel8@sha256:63ea2ecffbf408183f3f37e4c1df4e3a77b9f4c0806d2ef3141d102470661e38_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel8@sha256:c4c7158dfc2c317c62aed28f6db21bc347aca92b8301a6cb932c1a5fbf3eac87_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel8@sha256:72098dcaf2cf2174557428f1121c5926b905dfaa0aad160d3064d171946f298e_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel8@sha256:97e133b817c1aac347642b414ca6cb108fec25434b945c398bae6763f1596c5e_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel8@sha256:a5641fd059a00dff89f846472bf2c139c15ac2908328b03f86ab67087a1dbcf4_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel8@sha256:adad7b24fba97c5649f320ebc72a6b6cbf280e552121a2081b0fe804b06ef78d_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8-operator@sha256:32fa50754404a12b4d4a58d4ef9def3f5e8225cb2cf1e56983df1677f621462e_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8-operator@sha256:ad9213450b9284c6e4323f9f8a5dfc42734ac95b67e5cd6a3afc3bd2945e993d_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8-operator@sha256:b3064c6ba7b2cf491ced94cd9b6545306cb7d59e2054a0d7042daaa3c062246e_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8-operator@sha256:f38fcf5efc4501f3111484cd9c5216f4014fcfd0088d4dd3ad6c14ad76dbe83a_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8@sha256:a27c12f79db64522884b304c30f40635c774f51596689670fd628f409a68663f_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8@sha256:ac2b684d7ac8e0b6f36fe2da22b2ed41bfb24f8e2f77e64117c186a3cdf2f21b_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8@sha256:df80c45631e780f58aaf85edddaf77ed82c0b41f0ad766db048615290eeb96a3_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8@sha256:fe2675bd2c51d62dfa3473653c00ddf55a1b64791f5029fe0b87087461b700a1_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-web-rhel8@sha256:01b5493444bc24c954ce86554d0ba8ca99b9db8c516901d0539e1b001ba78590_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-web-rhel8@sha256:0b7d67480c6a15e5a655573f2ac885d34df441978f8f595f8c4d9f5e93c052d1_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-web-rhel8@sha256:a44ffd3666281ab867c177915ddf48fdb59052a2d48f49284a598e8c80125d7b_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-web-rhel8@sha256:ff2db93490c489562bb8c37a247daf01e10c871e628b24cc4006dd2bd14473bb_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:13425b0194354a15d71f6bccd7b2e526ef4b2cd8c56b6aff91ebf4435bda20bc_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:893d04a458674590c81c2ef09fb222c36f47bee71ab3615d6bb73432c58d965b_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:964337aac284059c1abde17a9bd2c0d13fd5a149a91af19eb56944728f7f5584_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:9d429c6e5d72bf883362b1ae11f8b4ed3a9d468e77e2e29c8ff234df9e255db4_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:38bc442a6181a739b4c232d25abd7018dbce05083f3bf09ab7a071a3d2a4c7b4_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:8c80648871aee9d1c5450226d18b122a40fe188b1140fcb22800ecda41bb6343_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:cfbf2ddd1dce998575bf8e38cd38bbcc98b006ba918d5de8ea1621b5de4d3f67_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:de8830287e00c4062524ebc9e9a93896503101e6382f553c89cc0c1e7d15618f_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/cloud-addons-operator-bundle@sha256:bdc45dd15fcdf3d3956c6ddc2316a8e68490cc1d4249f95b01b231a0fb17debf_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/ee-containerized-installer-rhel8@sha256:797d37d3015ebbf5125f6e1d12d47774a276a42a3c18ccabab2bf1c466b001fd_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/ee-containerized-installer-rhel8@sha256:a4cdb956a90531672851a53c6691591c871513630c8d441b0061d0c187f62a99_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/platform-operator-bundle@sha256:5825e694ae618fd41f495a7d5b9f911da004a9649aa09ca66ad64d3812a884d9_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/platform-operator-bundle@sha256:8b8051faac5197c85088cdb2032576d7789ef251ffd8ea8fc2e525a199202ab0_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/platform-operator-bundle@sha256:d5d128596af42dddb7f3efa725050a35c07eae5e63a4bd8be7789857cf5d36f3_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/platform-operator-bundle@sha256:ecc912e9ab3146df86e7be7afbc077db49e74f913815c73521ae67893f452853_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel9@sha256:20092308c17687aa6059400af8d1772b8fe85207db9f9a5b6d259908e0b63aab_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel9@sha256:45ff186bff94f30a34c2fe59bc342d10bf47071567b9d09d1fa61bf08e72f1c4_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel9@sha256:a4a88494691f2fc7689d16a4da97a857e8b795e41ecf5fe09b09ebfc729511ce_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel9@sha256:eb2f2e5796823643b8b52b98976a04089cdc82ce32f3e4a348fc25dd12eff275_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel9@sha256:7ecc021d626a20acc20f73b28005c16a8d20c7640ec51dffdaff236440702172_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel9@sha256:8c34db5cc4c68c80db22a835c095d60e3988a3e6d1c82fb91cc8558b43a47b33_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel9@sha256:91f0cc9dd9261b7bff0484d3db8e499912fa1781aa71ad24c77d0809cccb03f4_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel9@sha256:cd96a0ece925ed1443c0797bc3baf992ed7ae087f5977df8728a4aab8940516f_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:035f8ce6c6f6ab88366d7d42ba587d75b60236433e01ce0349a40554ff0e1b05_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:11934bcc8a713da353d254164b6914b5769326534a2298f0ccb8642813da5f9a_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:b46fed769c86134a110f442dc56b0c8bfd0d469eb39649916db099f611ab3347_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:bc376892f777fade4e725e140ae195ee94bd2f3c8e97b86a2705cbe23fa1875e_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel9@sha256:7660d7f051c9ac00bf49f609bf1e24b8020d2cb8856b40cbecc13de54d55fed8_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel9@sha256:9b13ab56c30c5c77a21e00d2dfbad44f63c6ff7ac5acb6b8ba416f7fb2a0fc51_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel9@sha256:a562c54aa4ba7538aa2b1beab666cab689240f664f8c17bfd769560efbe3b626_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel9@sha256:f28e22e5da55ea626890aceb7ae4c391e192055a60a1beba9a98ac70ee1353ce_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel9@sha256:5bd5d0da12cc63b3221f508c203b0cde5b4628439d42c1a0303a31c217506936_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel9@sha256:da3031d8ff12b8df290c6da7c5451d0a797c24c0b2b0ce5cce943633d2352ee7_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel9@sha256:de1067b9be05a3acb9bb61458fb89e71acf01cad7a9439a638972bc0615a4d5a_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel9@sha256:f4fe61723e459bf8e8b8721cb463a89d77827f87ec835826b0866c617cb19ea7_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel9@sha256:49d5862f8abc4f05c837b26610604d32c07001af0a93993458b21e8f9adf534f_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel9@sha256:9bf9ff9e04832f353a8904f7f7826417abfe3891a927939a1cdfcfde30d1d10c_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel9@sha256:c35b05b413bc2090089219d476f0a1e2c56250fc09e190583e167bfcdce5bf35_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel9@sha256:d21ac96577006183a5cc592fb094cb2cf0f25aa687597d68984965ebcb1cb9a5_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel9@sha256:162dd2718a9d9fdf4e3558129a0a77094a7fd9731ab826c664b69ed955853ddd_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel9@sha256:23ed9a9439c4651417dd96d62776ca40582b54fc5da2955a72b047608c0d6c42_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel9@sha256:32d97ab01d3f3df3212c3e949d2630709ae05e4d0c56aafd6a720827234cf3e9_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel9@sha256:e49a3d2b7456a55b603e78b8ddec27665b6a957f5ac479aad50123f3f9bb1d42_s390x"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-10-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)"
}
]
}
RHBA-2023:5949
Vulnerability from csaf_redhat - Published: 2023-10-19 21:42 - Updated: 2026-06-02 15:03Summary
Red Hat Bug Fix Advisory: Red Hat Integration - Service Registry 2.4.4 SP1 OpenShift images
Severity
Important
Notes
Topic: 2.4.4 SP1 release of Red Hat Integration - Service Registry.
Details: This advisory makes available an update to the Red Hat Integration - Service Registry images.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages. Security Bulletin https://access.redhat.com/security/vulnerabilities/RHSB-2023-003
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-Middleware:integration/service-registry-kafkasql-rhel8@sha256:f928407fd0731cdee2705bb1a900dfbbe4ac3be66b3389ce3ebeea1077eaf168_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-Middleware:integration/service-registry-rhel8-operator-metadata@sha256:d1072a41462dc4d8635781987395dcb81f1c93461d13c749bf86ef725d2deda4_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-Middleware:integration/service-registry-rhel8-operator@sha256:f985db86e9edfa151b0cc60955169bda69a67f71e49b7c021b3569a1d53b76f5_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-Middleware:integration/service-registry-sql-rhel8@sha256:6755c8dde41180c6b18493d3dc80bd8628667b8e9c0c92ac150fc2583fa82d14_amd64 | — |
Vendor Fix
fix
Workaround
|
Threats
Exploit Status
CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Impact
Important
References
12 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "2.4.4 SP1 release of Red Hat Integration - Service Registry.",
"title": "Topic"
},
{
"category": "general",
"text": "This advisory makes available an update to the Red Hat Integration - Service Registry images.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHBA-2023:5949",
"url": "https://access.redhat.com/errata/RHBA-2023:5949"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhba-2023_5949.json"
}
],
"title": "Red Hat Bug Fix Advisory: Red Hat Integration - Service Registry 2.4.4 SP1 OpenShift images",
"tracking": {
"current_release_date": "2026-06-02T15:03:44+00:00",
"generator": {
"date": "2026-06-02T15:03:44+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHBA-2023:5949",
"initial_release_date": "2023-10-19T21:42:15+00:00",
"revision_history": [
{
"date": "2023-10-19T21:42:15+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-10-19T21:42:15+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-02T15:03:44+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Middleware Containers for OpenShift",
"product": {
"name": "Middleware Containers for OpenShift",
"product_id": "8Base-RHOSE-Middleware",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhosemc:1.0::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "integration/service-registry-kafkasql-rhel8@sha256:f928407fd0731cdee2705bb1a900dfbbe4ac3be66b3389ce3ebeea1077eaf168_amd64",
"product": {
"name": "integration/service-registry-kafkasql-rhel8@sha256:f928407fd0731cdee2705bb1a900dfbbe4ac3be66b3389ce3ebeea1077eaf168_amd64",
"product_id": "integration/service-registry-kafkasql-rhel8@sha256:f928407fd0731cdee2705bb1a900dfbbe4ac3be66b3389ce3ebeea1077eaf168_amd64",
"product_identification_helper": {
"purl": "pkg:oci/service-registry-kafkasql-rhel8@sha256:f928407fd0731cdee2705bb1a900dfbbe4ac3be66b3389ce3ebeea1077eaf168?arch=amd64\u0026repository_url=registry.redhat.io/integration/service-registry-kafkasql-rhel8\u0026tag=2.4.4-6"
}
}
},
{
"category": "product_version",
"name": "integration/service-registry-rhel8-operator-metadata@sha256:d1072a41462dc4d8635781987395dcb81f1c93461d13c749bf86ef725d2deda4_amd64",
"product": {
"name": "integration/service-registry-rhel8-operator-metadata@sha256:d1072a41462dc4d8635781987395dcb81f1c93461d13c749bf86ef725d2deda4_amd64",
"product_id": "integration/service-registry-rhel8-operator-metadata@sha256:d1072a41462dc4d8635781987395dcb81f1c93461d13c749bf86ef725d2deda4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/service-registry-rhel8-operator-metadata@sha256:d1072a41462dc4d8635781987395dcb81f1c93461d13c749bf86ef725d2deda4?arch=amd64\u0026repository_url=registry.redhat.io/integration/service-registry-rhel8-operator-metadata\u0026tag=2.2.2-2"
}
}
},
{
"category": "product_version",
"name": "integration/service-registry-rhel8-operator@sha256:f985db86e9edfa151b0cc60955169bda69a67f71e49b7c021b3569a1d53b76f5_amd64",
"product": {
"name": "integration/service-registry-rhel8-operator@sha256:f985db86e9edfa151b0cc60955169bda69a67f71e49b7c021b3569a1d53b76f5_amd64",
"product_id": "integration/service-registry-rhel8-operator@sha256:f985db86e9edfa151b0cc60955169bda69a67f71e49b7c021b3569a1d53b76f5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/service-registry-rhel8-operator@sha256:f985db86e9edfa151b0cc60955169bda69a67f71e49b7c021b3569a1d53b76f5?arch=amd64\u0026repository_url=registry.redhat.io/integration/service-registry-rhel8-operator\u0026tag=2.2.2-2"
}
}
},
{
"category": "product_version",
"name": "integration/service-registry-sql-rhel8@sha256:6755c8dde41180c6b18493d3dc80bd8628667b8e9c0c92ac150fc2583fa82d14_amd64",
"product": {
"name": "integration/service-registry-sql-rhel8@sha256:6755c8dde41180c6b18493d3dc80bd8628667b8e9c0c92ac150fc2583fa82d14_amd64",
"product_id": "integration/service-registry-sql-rhel8@sha256:6755c8dde41180c6b18493d3dc80bd8628667b8e9c0c92ac150fc2583fa82d14_amd64",
"product_identification_helper": {
"purl": "pkg:oci/service-registry-sql-rhel8@sha256:6755c8dde41180c6b18493d3dc80bd8628667b8e9c0c92ac150fc2583fa82d14?arch=amd64\u0026repository_url=registry.redhat.io/integration/service-registry-sql-rhel8\u0026tag=2.4.4-6"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "integration/service-registry-kafkasql-rhel8@sha256:f928407fd0731cdee2705bb1a900dfbbe4ac3be66b3389ce3ebeea1077eaf168_amd64 as a component of Middleware Containers for OpenShift",
"product_id": "8Base-RHOSE-Middleware:integration/service-registry-kafkasql-rhel8@sha256:f928407fd0731cdee2705bb1a900dfbbe4ac3be66b3389ce3ebeea1077eaf168_amd64"
},
"product_reference": "integration/service-registry-kafkasql-rhel8@sha256:f928407fd0731cdee2705bb1a900dfbbe4ac3be66b3389ce3ebeea1077eaf168_amd64",
"relates_to_product_reference": "8Base-RHOSE-Middleware"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "integration/service-registry-rhel8-operator-metadata@sha256:d1072a41462dc4d8635781987395dcb81f1c93461d13c749bf86ef725d2deda4_amd64 as a component of Middleware Containers for OpenShift",
"product_id": "8Base-RHOSE-Middleware:integration/service-registry-rhel8-operator-metadata@sha256:d1072a41462dc4d8635781987395dcb81f1c93461d13c749bf86ef725d2deda4_amd64"
},
"product_reference": "integration/service-registry-rhel8-operator-metadata@sha256:d1072a41462dc4d8635781987395dcb81f1c93461d13c749bf86ef725d2deda4_amd64",
"relates_to_product_reference": "8Base-RHOSE-Middleware"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "integration/service-registry-rhel8-operator@sha256:f985db86e9edfa151b0cc60955169bda69a67f71e49b7c021b3569a1d53b76f5_amd64 as a component of Middleware Containers for OpenShift",
"product_id": "8Base-RHOSE-Middleware:integration/service-registry-rhel8-operator@sha256:f985db86e9edfa151b0cc60955169bda69a67f71e49b7c021b3569a1d53b76f5_amd64"
},
"product_reference": "integration/service-registry-rhel8-operator@sha256:f985db86e9edfa151b0cc60955169bda69a67f71e49b7c021b3569a1d53b76f5_amd64",
"relates_to_product_reference": "8Base-RHOSE-Middleware"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "integration/service-registry-sql-rhel8@sha256:6755c8dde41180c6b18493d3dc80bd8628667b8e9c0c92ac150fc2583fa82d14_amd64 as a component of Middleware Containers for OpenShift",
"product_id": "8Base-RHOSE-Middleware:integration/service-registry-sql-rhel8@sha256:6755c8dde41180c6b18493d3dc80bd8628667b8e9c0c92ac150fc2583fa82d14_amd64"
},
"product_reference": "integration/service-registry-sql-rhel8@sha256:6755c8dde41180c6b18493d3dc80bd8628667b8e9c0c92ac150fc2583fa82d14_amd64",
"relates_to_product_reference": "8Base-RHOSE-Middleware"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-44487",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2242803"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages.\r\n\r\nSecurity Bulletin\r\nhttps://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "NGINX has been marked as Moderate Impact because, for performance and resource consumption reasons, NGINX limits the number of concurrent streams to a default of 128. In addition, to optimally balance network and server performance, NGINX allows the client to persist HTTP connections for up to 1000 requests by default using an HTTP keepalive.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nrhc component is no longer impacted by CVE-2023-44487 \u0026 CVE-2023-39325.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-Middleware:integration/service-registry-kafkasql-rhel8@sha256:f928407fd0731cdee2705bb1a900dfbbe4ac3be66b3389ce3ebeea1077eaf168_amd64",
"8Base-RHOSE-Middleware:integration/service-registry-rhel8-operator-metadata@sha256:d1072a41462dc4d8635781987395dcb81f1c93461d13c749bf86ef725d2deda4_amd64",
"8Base-RHOSE-Middleware:integration/service-registry-rhel8-operator@sha256:f985db86e9edfa151b0cc60955169bda69a67f71e49b7c021b3569a1d53b76f5_amd64",
"8Base-RHOSE-Middleware:integration/service-registry-sql-rhel8@sha256:6755c8dde41180c6b18493d3dc80bd8628667b8e9c0c92ac150fc2583fa82d14_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "RHBZ#2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://github.com/dotnet/announcements/issues/277",
"url": "https://github.com/dotnet/announcements/issues/277"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
},
{
"category": "external",
"summary": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/",
"url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-19T21:42:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSE-Middleware:integration/service-registry-kafkasql-rhel8@sha256:f928407fd0731cdee2705bb1a900dfbbe4ac3be66b3389ce3ebeea1077eaf168_amd64",
"8Base-RHOSE-Middleware:integration/service-registry-rhel8-operator-metadata@sha256:d1072a41462dc4d8635781987395dcb81f1c93461d13c749bf86ef725d2deda4_amd64",
"8Base-RHOSE-Middleware:integration/service-registry-rhel8-operator@sha256:f985db86e9edfa151b0cc60955169bda69a67f71e49b7c021b3569a1d53b76f5_amd64",
"8Base-RHOSE-Middleware:integration/service-registry-sql-rhel8@sha256:6755c8dde41180c6b18493d3dc80bd8628667b8e9c0c92ac150fc2583fa82d14_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2023:5949"
},
{
"category": "workaround",
"details": "Users are strongly urged to update their software as soon as fixes are available. \nThere are several mitigation approaches for this flaw. \n\n1. If circumstances permit, users may disable http2 endpoints to circumvent the flaw altogether until a fix is available.\n2. IP-based blocking or flood protection and rate control tools may be used at network endpoints to filter incoming traffic.\n3. Several package specific mitigations are also available. \n a. nginx: https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\n b. netty: https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p\n c. haproxy: https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\n d. nghttp2: https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg\n e. golang: The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"8Base-RHOSE-Middleware:integration/service-registry-kafkasql-rhel8@sha256:f928407fd0731cdee2705bb1a900dfbbe4ac3be66b3389ce3ebeea1077eaf168_amd64",
"8Base-RHOSE-Middleware:integration/service-registry-rhel8-operator-metadata@sha256:d1072a41462dc4d8635781987395dcb81f1c93461d13c749bf86ef725d2deda4_amd64",
"8Base-RHOSE-Middleware:integration/service-registry-rhel8-operator@sha256:f985db86e9edfa151b0cc60955169bda69a67f71e49b7c021b3569a1d53b76f5_amd64",
"8Base-RHOSE-Middleware:integration/service-registry-sql-rhel8@sha256:6755c8dde41180c6b18493d3dc80bd8628667b8e9c0c92ac150fc2583fa82d14_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-Middleware:integration/service-registry-kafkasql-rhel8@sha256:f928407fd0731cdee2705bb1a900dfbbe4ac3be66b3389ce3ebeea1077eaf168_amd64",
"8Base-RHOSE-Middleware:integration/service-registry-rhel8-operator-metadata@sha256:d1072a41462dc4d8635781987395dcb81f1c93461d13c749bf86ef725d2deda4_amd64",
"8Base-RHOSE-Middleware:integration/service-registry-rhel8-operator@sha256:f985db86e9edfa151b0cc60955169bda69a67f71e49b7c021b3569a1d53b76f5_amd64",
"8Base-RHOSE-Middleware:integration/service-registry-sql-rhel8@sha256:6755c8dde41180c6b18493d3dc80bd8628667b8e9c0c92ac150fc2583fa82d14_amd64"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-10-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)"
}
]
}
RHBA-2023:6078
Vulnerability from csaf_redhat - Published: 2023-10-24 12:12 - Updated: 2026-06-08 15:35Summary
Red Hat Bug Fix Advisory: MTV 2.5.2 Images
Severity
Important
Notes
Topic: Updated Release packages that fix several bugs and add various enhancements are now available.
Details: Migration Toolkit for Virtualization 2.5.2 Images
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of requests.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:8fbc5262ebc5791a156ecc4afa539bb6d72bfe3ecf28e7ebaab12aab63e472e3_amd64 | — |
Vendor Fix
fix
|
Known not affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:e1e3b4adafebe14f5c1c17b8b81c921c8c2daf77bf22ffef9f0a2e1ac1a32d5f_amd64 | — | ||
| Unresolved product id: 8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:cfd662d50e649898951b9dc21bb8bd533ccbe4daa9ae9eb1ea365ae9bfdf39e0_amd64 | — | ||
| Unresolved product id: 8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:86e6fc987f49aa419b0c7f15276559c4e0958adc9385d80deef228dfb9bcf0ba_amd64 | — | ||
| Unresolved product id: 8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:bd5cf5ff33a900a8f7b8b4fc52ada3af737d42793b27e63f5cc7c36b11a21189_amd64 | — | ||
| Unresolved product id: 8Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:fd9758985cb3ab4fe6bddf1b989b0cc7803d9bf79883dfe3a02c6c3644fcc891_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-api-rhel9@sha256:7a25dd92fb3949f6b231d8019dda8ee2432ce1708cf746fdc805f335d19119e8_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:8d9c4e66535b0b3c6921cbf819c7d86dedaa9076fc05b9f00e9002b6fb1c5b1d_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:ba513f372d1eccbc1a96c0934384021b5cd228533435bcfb70dd584e65f5abec_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-operator-bundle@sha256:9ec2a9e288b742ea9d71f13e055a4ede1b34e5e251aa662c65a83747a6603462_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-ova-provider-server-rhel9@sha256:53f0fa129b04bcb7ea8f80e6136fbaf189460b29bdd123398f456a4d2a32de3f_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:110ebc02ca7aca24ff830e8073af8062434ca8dc8ff1239b92c24e84d6cf08c3_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:7481185531e6bba394f769c0e73bfc431e0d763afd23c59bacc8ec32875b0af3_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:094c261ca283ee4fcf58e79cc93e61da6e0759c82a157f3169c4390a7e7f1f74_amd64 | — |
Threats
Impact
Moderate
A flaw was found in Gin-Gonic Gin. This flaw allows a remote attacker to bypass security restrictions caused by improper input validation. An attacker can perform cache poisoning attacks by sending a specially-crafted request using the X-Forwarded-Prefix header.
7.3 (High)
Affected products
Fixed
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:e1e3b4adafebe14f5c1c17b8b81c921c8c2daf77bf22ffef9f0a2e1ac1a32d5f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:8fbc5262ebc5791a156ecc4afa539bb6d72bfe3ecf28e7ebaab12aab63e472e3_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:cfd662d50e649898951b9dc21bb8bd533ccbe4daa9ae9eb1ea365ae9bfdf39e0_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:86e6fc987f49aa419b0c7f15276559c4e0958adc9385d80deef228dfb9bcf0ba_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:bd5cf5ff33a900a8f7b8b4fc52ada3af737d42793b27e63f5cc7c36b11a21189_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:fd9758985cb3ab4fe6bddf1b989b0cc7803d9bf79883dfe3a02c6c3644fcc891_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-api-rhel9@sha256:7a25dd92fb3949f6b231d8019dda8ee2432ce1708cf746fdc805f335d19119e8_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:8d9c4e66535b0b3c6921cbf819c7d86dedaa9076fc05b9f00e9002b6fb1c5b1d_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:ba513f372d1eccbc1a96c0934384021b5cd228533435bcfb70dd584e65f5abec_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-operator-bundle@sha256:9ec2a9e288b742ea9d71f13e055a4ede1b34e5e251aa662c65a83747a6603462_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-ova-provider-server-rhel9@sha256:53f0fa129b04bcb7ea8f80e6136fbaf189460b29bdd123398f456a4d2a32de3f_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:110ebc02ca7aca24ff830e8073af8062434ca8dc8ff1239b92c24e84d6cf08c3_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:7481185531e6bba394f769c0e73bfc431e0d763afd23c59bacc8ec32875b0af3_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:094c261ca283ee4fcf58e79cc93e61da6e0759c82a157f3169c4390a7e7f1f74_amd64 | — |
Workaround
|
Threats
Impact
Moderate
A flaw was found in the graphql package. Affected versions of this package are vulnerable to Denial of Service (DoS) due to insufficient checks in the OverlappingFieldsCanBeMergedRule.ts file when parsing large queries. This issue may allow an attacker to degrade system performance.
5.3 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:8d9c4e66535b0b3c6921cbf819c7d86dedaa9076fc05b9f00e9002b6fb1c5b1d_amd64 | — |
Vendor Fix
fix
|
Known not affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:e1e3b4adafebe14f5c1c17b8b81c921c8c2daf77bf22ffef9f0a2e1ac1a32d5f_amd64 | — | ||
| Unresolved product id: 8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:cfd662d50e649898951b9dc21bb8bd533ccbe4daa9ae9eb1ea365ae9bfdf39e0_amd64 | — | ||
| Unresolved product id: 8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:86e6fc987f49aa419b0c7f15276559c4e0958adc9385d80deef228dfb9bcf0ba_amd64 | — | ||
| Unresolved product id: 8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:bd5cf5ff33a900a8f7b8b4fc52ada3af737d42793b27e63f5cc7c36b11a21189_amd64 | — | ||
| Unresolved product id: 8Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:fd9758985cb3ab4fe6bddf1b989b0cc7803d9bf79883dfe3a02c6c3644fcc891_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-api-rhel9@sha256:7a25dd92fb3949f6b231d8019dda8ee2432ce1708cf746fdc805f335d19119e8_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:8fbc5262ebc5791a156ecc4afa539bb6d72bfe3ecf28e7ebaab12aab63e472e3_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:ba513f372d1eccbc1a96c0934384021b5cd228533435bcfb70dd584e65f5abec_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-operator-bundle@sha256:9ec2a9e288b742ea9d71f13e055a4ede1b34e5e251aa662c65a83747a6603462_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-ova-provider-server-rhel9@sha256:53f0fa129b04bcb7ea8f80e6136fbaf189460b29bdd123398f456a4d2a32de3f_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:110ebc02ca7aca24ff830e8073af8062434ca8dc8ff1239b92c24e84d6cf08c3_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:7481185531e6bba394f769c0e73bfc431e0d763afd23c59bacc8ec32875b0af3_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:094c261ca283ee4fcf58e79cc93e61da6e0759c82a157f3169c4390a7e7f1f74_amd64 | — |
Threats
Impact
Moderate
A flaw was found in the Gin-Gonic Gin Web Framework. Affected versions of this package could allow a remote attacker to bypass security restrictions caused by improper input validation by the filename parameter of the Context.FileAttachment function. An attacker can modify the Content-Disposition header by using a specially-crafted attachment file name.
4.3 (Medium)
Affected products
Fixed
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:e1e3b4adafebe14f5c1c17b8b81c921c8c2daf77bf22ffef9f0a2e1ac1a32d5f_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:8fbc5262ebc5791a156ecc4afa539bb6d72bfe3ecf28e7ebaab12aab63e472e3_amd64 | — |
Vendor Fix
fix
|
Known not affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:cfd662d50e649898951b9dc21bb8bd533ccbe4daa9ae9eb1ea365ae9bfdf39e0_amd64 | — | ||
| Unresolved product id: 8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:86e6fc987f49aa419b0c7f15276559c4e0958adc9385d80deef228dfb9bcf0ba_amd64 | — | ||
| Unresolved product id: 8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:bd5cf5ff33a900a8f7b8b4fc52ada3af737d42793b27e63f5cc7c36b11a21189_amd64 | — | ||
| Unresolved product id: 8Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:fd9758985cb3ab4fe6bddf1b989b0cc7803d9bf79883dfe3a02c6c3644fcc891_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-api-rhel9@sha256:7a25dd92fb3949f6b231d8019dda8ee2432ce1708cf746fdc805f335d19119e8_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:8d9c4e66535b0b3c6921cbf819c7d86dedaa9076fc05b9f00e9002b6fb1c5b1d_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:ba513f372d1eccbc1a96c0934384021b5cd228533435bcfb70dd584e65f5abec_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-operator-bundle@sha256:9ec2a9e288b742ea9d71f13e055a4ede1b34e5e251aa662c65a83747a6603462_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-ova-provider-server-rhel9@sha256:53f0fa129b04bcb7ea8f80e6136fbaf189460b29bdd123398f456a4d2a32de3f_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:110ebc02ca7aca24ff830e8073af8062434ca8dc8ff1239b92c24e84d6cf08c3_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:7481185531e6bba394f769c0e73bfc431e0d763afd23c59bacc8ec32875b0af3_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:094c261ca283ee4fcf58e79cc93e61da6e0759c82a157f3169c4390a7e7f1f74_amd64 | — |
Threats
Impact
Moderate
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.
7.5 (High)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:e1e3b4adafebe14f5c1c17b8b81c921c8c2daf77bf22ffef9f0a2e1ac1a32d5f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-api-rhel9@sha256:7a25dd92fb3949f6b231d8019dda8ee2432ce1708cf746fdc805f335d19119e8_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:7481185531e6bba394f769c0e73bfc431e0d763afd23c59bacc8ec32875b0af3_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:cfd662d50e649898951b9dc21bb8bd533ccbe4daa9ae9eb1ea365ae9bfdf39e0_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:86e6fc987f49aa419b0c7f15276559c4e0958adc9385d80deef228dfb9bcf0ba_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:bd5cf5ff33a900a8f7b8b4fc52ada3af737d42793b27e63f5cc7c36b11a21189_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:fd9758985cb3ab4fe6bddf1b989b0cc7803d9bf79883dfe3a02c6c3644fcc891_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:8d9c4e66535b0b3c6921cbf819c7d86dedaa9076fc05b9f00e9002b6fb1c5b1d_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:8fbc5262ebc5791a156ecc4afa539bb6d72bfe3ecf28e7ebaab12aab63e472e3_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:ba513f372d1eccbc1a96c0934384021b5cd228533435bcfb70dd584e65f5abec_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-operator-bundle@sha256:9ec2a9e288b742ea9d71f13e055a4ede1b34e5e251aa662c65a83747a6603462_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-ova-provider-server-rhel9@sha256:53f0fa129b04bcb7ea8f80e6136fbaf189460b29bdd123398f456a4d2a32de3f_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:110ebc02ca7aca24ff830e8073af8062434ca8dc8ff1239b92c24e84d6cf08c3_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:094c261ca283ee4fcf58e79cc93e61da6e0759c82a157f3169c4390a7e7f1f74_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages. Security Bulletin https://access.redhat.com/security/vulnerabilities/RHSB-2023-003
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-api-rhel9@sha256:7a25dd92fb3949f6b231d8019dda8ee2432ce1708cf746fdc805f335d19119e8_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:e1e3b4adafebe14f5c1c17b8b81c921c8c2daf77bf22ffef9f0a2e1ac1a32d5f_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:cfd662d50e649898951b9dc21bb8bd533ccbe4daa9ae9eb1ea365ae9bfdf39e0_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:86e6fc987f49aa419b0c7f15276559c4e0958adc9385d80deef228dfb9bcf0ba_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:bd5cf5ff33a900a8f7b8b4fc52ada3af737d42793b27e63f5cc7c36b11a21189_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:fd9758985cb3ab4fe6bddf1b989b0cc7803d9bf79883dfe3a02c6c3644fcc891_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:8d9c4e66535b0b3c6921cbf819c7d86dedaa9076fc05b9f00e9002b6fb1c5b1d_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:8fbc5262ebc5791a156ecc4afa539bb6d72bfe3ecf28e7ebaab12aab63e472e3_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:ba513f372d1eccbc1a96c0934384021b5cd228533435bcfb70dd584e65f5abec_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-operator-bundle@sha256:9ec2a9e288b742ea9d71f13e055a4ede1b34e5e251aa662c65a83747a6603462_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-ova-provider-server-rhel9@sha256:53f0fa129b04bcb7ea8f80e6136fbaf189460b29bdd123398f456a4d2a32de3f_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:110ebc02ca7aca24ff830e8073af8062434ca8dc8ff1239b92c24e84d6cf08c3_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:7481185531e6bba394f769c0e73bfc431e0d763afd23c59bacc8ec32875b0af3_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:094c261ca283ee4fcf58e79cc93e61da6e0759c82a157f3169c4390a7e7f1f74_amd64 | — |
Workaround
|
Threats
Exploit Status
CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Impact
Important
References
47 references
Acknowledgments
Catena Cyber
Philippe Antoine
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated Release packages that fix several bugs and add various enhancements are now available.",
"title": "Topic"
},
{
"category": "general",
"text": "Migration Toolkit for Virtualization 2.5.2 Images",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHBA-2023:6078",
"url": "https://access.redhat.com/errata/RHBA-2023:6078"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhba-2023_6078.json"
}
],
"title": "Red Hat Bug Fix Advisory: MTV 2.5.2 Images",
"tracking": {
"current_release_date": "2026-06-08T15:35:04+00:00",
"generator": {
"date": "2026-06-08T15:35:04+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.2"
}
},
"id": "RHBA-2023:6078",
"initial_release_date": "2023-10-24T12:12:11+00:00",
"revision_history": [
{
"date": "2023-10-24T12:12:11+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-10-24T12:12:11+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-08T15:35:04+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "8Base-MTV-2.5",
"product": {
"name": "8Base-MTV-2.5",
"product_id": "9Base-MTV-2.5",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:migration_toolkit_virtualization:2.5::el9"
}
}
},
{
"category": "product_name",
"name": "8Base-MTV-2.5",
"product": {
"name": "8Base-MTV-2.5",
"product_id": "8Base-MTV-2.5",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:migration_toolkit_virtualization:2.5::el8"
}
}
}
],
"category": "product_family",
"name": "Migration Toolkit for Virtualization"
},
{
"branches": [
{
"category": "product_version",
"name": "migration-toolkit-virtualization/mtv-api-rhel9@sha256:7a25dd92fb3949f6b231d8019dda8ee2432ce1708cf746fdc805f335d19119e8_amd64",
"product": {
"name": "migration-toolkit-virtualization/mtv-api-rhel9@sha256:7a25dd92fb3949f6b231d8019dda8ee2432ce1708cf746fdc805f335d19119e8_amd64",
"product_id": "migration-toolkit-virtualization/mtv-api-rhel9@sha256:7a25dd92fb3949f6b231d8019dda8ee2432ce1708cf746fdc805f335d19119e8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mtv-api-rhel9@sha256:7a25dd92fb3949f6b231d8019dda8ee2432ce1708cf746fdc805f335d19119e8?arch=amd64\u0026repository_url=registry.redhat.io/migration-toolkit-virtualization/mtv-api-rhel9\u0026tag=2.5.2-5"
}
}
},
{
"category": "product_version",
"name": "migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:8d9c4e66535b0b3c6921cbf819c7d86dedaa9076fc05b9f00e9002b6fb1c5b1d_amd64",
"product": {
"name": "migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:8d9c4e66535b0b3c6921cbf819c7d86dedaa9076fc05b9f00e9002b6fb1c5b1d_amd64",
"product_id": "migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:8d9c4e66535b0b3c6921cbf819c7d86dedaa9076fc05b9f00e9002b6fb1c5b1d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mtv-console-plugin-rhel9@sha256:8d9c4e66535b0b3c6921cbf819c7d86dedaa9076fc05b9f00e9002b6fb1c5b1d?arch=amd64\u0026repository_url=registry.redhat.io/migration-toolkit-virtualization/mtv-console-plugin-rhel9\u0026tag=2.5.2-5"
}
}
},
{
"category": "product_version",
"name": "migration-toolkit-virtualization/mtv-controller-rhel9@sha256:8fbc5262ebc5791a156ecc4afa539bb6d72bfe3ecf28e7ebaab12aab63e472e3_amd64",
"product": {
"name": "migration-toolkit-virtualization/mtv-controller-rhel9@sha256:8fbc5262ebc5791a156ecc4afa539bb6d72bfe3ecf28e7ebaab12aab63e472e3_amd64",
"product_id": "migration-toolkit-virtualization/mtv-controller-rhel9@sha256:8fbc5262ebc5791a156ecc4afa539bb6d72bfe3ecf28e7ebaab12aab63e472e3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mtv-controller-rhel9@sha256:8fbc5262ebc5791a156ecc4afa539bb6d72bfe3ecf28e7ebaab12aab63e472e3?arch=amd64\u0026repository_url=registry.redhat.io/migration-toolkit-virtualization/mtv-controller-rhel9\u0026tag=2.5.2-5"
}
}
},
{
"category": "product_version",
"name": "migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:e1e3b4adafebe14f5c1c17b8b81c921c8c2daf77bf22ffef9f0a2e1ac1a32d5f_amd64",
"product": {
"name": "migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:e1e3b4adafebe14f5c1c17b8b81c921c8c2daf77bf22ffef9f0a2e1ac1a32d5f_amd64",
"product_id": "migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:e1e3b4adafebe14f5c1c17b8b81c921c8c2daf77bf22ffef9f0a2e1ac1a32d5f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mtv-must-gather-api-rhel8@sha256:e1e3b4adafebe14f5c1c17b8b81c921c8c2daf77bf22ffef9f0a2e1ac1a32d5f?arch=amd64\u0026repository_url=registry.redhat.io/migration-toolkit-virtualization/mtv-must-gather-api-rhel8\u0026tag=2.5.2-6"
}
}
},
{
"category": "product_version",
"name": "migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:cfd662d50e649898951b9dc21bb8bd533ccbe4daa9ae9eb1ea365ae9bfdf39e0_amd64",
"product": {
"name": "migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:cfd662d50e649898951b9dc21bb8bd533ccbe4daa9ae9eb1ea365ae9bfdf39e0_amd64",
"product_id": "migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:cfd662d50e649898951b9dc21bb8bd533ccbe4daa9ae9eb1ea365ae9bfdf39e0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mtv-must-gather-rhel8@sha256:cfd662d50e649898951b9dc21bb8bd533ccbe4daa9ae9eb1ea365ae9bfdf39e0?arch=amd64\u0026repository_url=registry.redhat.io/migration-toolkit-virtualization/mtv-must-gather-rhel8\u0026tag=2.5.2-4"
}
}
},
{
"category": "product_version",
"name": "migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:ba513f372d1eccbc1a96c0934384021b5cd228533435bcfb70dd584e65f5abec_amd64",
"product": {
"name": "migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:ba513f372d1eccbc1a96c0934384021b5cd228533435bcfb70dd584e65f5abec_amd64",
"product_id": "migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:ba513f372d1eccbc1a96c0934384021b5cd228533435bcfb70dd584e65f5abec_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mtv-openstack-populator-rhel9@sha256:ba513f372d1eccbc1a96c0934384021b5cd228533435bcfb70dd584e65f5abec?arch=amd64\u0026repository_url=registry.redhat.io/migration-toolkit-virtualization/mtv-openstack-populator-rhel9\u0026tag=2.5.2-5"
}
}
},
{
"category": "product_version",
"name": "migration-toolkit-virtualization/mtv-operator-bundle@sha256:9ec2a9e288b742ea9d71f13e055a4ede1b34e5e251aa662c65a83747a6603462_amd64",
"product": {
"name": "migration-toolkit-virtualization/mtv-operator-bundle@sha256:9ec2a9e288b742ea9d71f13e055a4ede1b34e5e251aa662c65a83747a6603462_amd64",
"product_id": "migration-toolkit-virtualization/mtv-operator-bundle@sha256:9ec2a9e288b742ea9d71f13e055a4ede1b34e5e251aa662c65a83747a6603462_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mtv-operator-bundle@sha256:9ec2a9e288b742ea9d71f13e055a4ede1b34e5e251aa662c65a83747a6603462?arch=amd64\u0026repository_url=registry.redhat.io/migration-toolkit-virtualization/mtv-operator-bundle\u0026tag=2.5.2-20"
}
}
},
{
"category": "product_version",
"name": "migration-toolkit-virtualization/mtv-rhel8-operator@sha256:86e6fc987f49aa419b0c7f15276559c4e0958adc9385d80deef228dfb9bcf0ba_amd64",
"product": {
"name": "migration-toolkit-virtualization/mtv-rhel8-operator@sha256:86e6fc987f49aa419b0c7f15276559c4e0958adc9385d80deef228dfb9bcf0ba_amd64",
"product_id": "migration-toolkit-virtualization/mtv-rhel8-operator@sha256:86e6fc987f49aa419b0c7f15276559c4e0958adc9385d80deef228dfb9bcf0ba_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mtv-rhel8-operator@sha256:86e6fc987f49aa419b0c7f15276559c4e0958adc9385d80deef228dfb9bcf0ba?arch=amd64\u0026repository_url=registry.redhat.io/migration-toolkit-virtualization/mtv-rhel8-operator\u0026tag=2.5.2-3"
}
}
},
{
"category": "product_version",
"name": "migration-toolkit-virtualization/mtv-ova-provider-server-rhel9@sha256:53f0fa129b04bcb7ea8f80e6136fbaf189460b29bdd123398f456a4d2a32de3f_amd64",
"product": {
"name": "migration-toolkit-virtualization/mtv-ova-provider-server-rhel9@sha256:53f0fa129b04bcb7ea8f80e6136fbaf189460b29bdd123398f456a4d2a32de3f_amd64",
"product_id": "migration-toolkit-virtualization/mtv-ova-provider-server-rhel9@sha256:53f0fa129b04bcb7ea8f80e6136fbaf189460b29bdd123398f456a4d2a32de3f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mtv-ova-provider-server-rhel9@sha256:53f0fa129b04bcb7ea8f80e6136fbaf189460b29bdd123398f456a4d2a32de3f?arch=amd64\u0026repository_url=registry.redhat.io/migration-toolkit-virtualization/mtv-ova-provider-server-rhel9\u0026tag=2.5.2-5"
}
}
},
{
"category": "product_version",
"name": "migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:110ebc02ca7aca24ff830e8073af8062434ca8dc8ff1239b92c24e84d6cf08c3_amd64",
"product": {
"name": "migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:110ebc02ca7aca24ff830e8073af8062434ca8dc8ff1239b92c24e84d6cf08c3_amd64",
"product_id": "migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:110ebc02ca7aca24ff830e8073af8062434ca8dc8ff1239b92c24e84d6cf08c3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mtv-populator-controller-rhel9@sha256:110ebc02ca7aca24ff830e8073af8062434ca8dc8ff1239b92c24e84d6cf08c3?arch=amd64\u0026repository_url=registry.redhat.io/migration-toolkit-virtualization/mtv-populator-controller-rhel9\u0026tag=2.5.2-5"
}
}
},
{
"category": "product_version",
"name": "migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:bd5cf5ff33a900a8f7b8b4fc52ada3af737d42793b27e63f5cc7c36b11a21189_amd64",
"product": {
"name": "migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:bd5cf5ff33a900a8f7b8b4fc52ada3af737d42793b27e63f5cc7c36b11a21189_amd64",
"product_id": "migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:bd5cf5ff33a900a8f7b8b4fc52ada3af737d42793b27e63f5cc7c36b11a21189_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mtv-rhv-populator-rhel8@sha256:bd5cf5ff33a900a8f7b8b4fc52ada3af737d42793b27e63f5cc7c36b11a21189?arch=amd64\u0026repository_url=registry.redhat.io/migration-toolkit-virtualization/mtv-rhv-populator-rhel8\u0026tag=2.5.2-4"
}
}
},
{
"category": "product_version",
"name": "migration-toolkit-virtualization/mtv-validation-rhel9@sha256:7481185531e6bba394f769c0e73bfc431e0d763afd23c59bacc8ec32875b0af3_amd64",
"product": {
"name": "migration-toolkit-virtualization/mtv-validation-rhel9@sha256:7481185531e6bba394f769c0e73bfc431e0d763afd23c59bacc8ec32875b0af3_amd64",
"product_id": "migration-toolkit-virtualization/mtv-validation-rhel9@sha256:7481185531e6bba394f769c0e73bfc431e0d763afd23c59bacc8ec32875b0af3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mtv-validation-rhel9@sha256:7481185531e6bba394f769c0e73bfc431e0d763afd23c59bacc8ec32875b0af3?arch=amd64\u0026repository_url=registry.redhat.io/migration-toolkit-virtualization/mtv-validation-rhel9\u0026tag=2.5.2-5"
}
}
},
{
"category": "product_version",
"name": "migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:094c261ca283ee4fcf58e79cc93e61da6e0759c82a157f3169c4390a7e7f1f74_amd64",
"product": {
"name": "migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:094c261ca283ee4fcf58e79cc93e61da6e0759c82a157f3169c4390a7e7f1f74_amd64",
"product_id": "migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:094c261ca283ee4fcf58e79cc93e61da6e0759c82a157f3169c4390a7e7f1f74_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mtv-virt-v2v-rhel9@sha256:094c261ca283ee4fcf58e79cc93e61da6e0759c82a157f3169c4390a7e7f1f74?arch=amd64\u0026repository_url=registry.redhat.io/migration-toolkit-virtualization/mtv-virt-v2v-rhel9\u0026tag=2.5.2-5"
}
}
},
{
"category": "product_version",
"name": "migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:fd9758985cb3ab4fe6bddf1b989b0cc7803d9bf79883dfe3a02c6c3644fcc891_amd64",
"product": {
"name": "migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:fd9758985cb3ab4fe6bddf1b989b0cc7803d9bf79883dfe3a02c6c3644fcc891_amd64",
"product_id": "migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:fd9758985cb3ab4fe6bddf1b989b0cc7803d9bf79883dfe3a02c6c3644fcc891_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mtv-virt-v2v-warm-rhel8@sha256:fd9758985cb3ab4fe6bddf1b989b0cc7803d9bf79883dfe3a02c6c3644fcc891?arch=amd64\u0026repository_url=registry.redhat.io/migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8\u0026tag=2.5.2-2"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:e1e3b4adafebe14f5c1c17b8b81c921c8c2daf77bf22ffef9f0a2e1ac1a32d5f_amd64 as a component of 8Base-MTV-2.5",
"product_id": "8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:e1e3b4adafebe14f5c1c17b8b81c921c8c2daf77bf22ffef9f0a2e1ac1a32d5f_amd64"
},
"product_reference": "migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:e1e3b4adafebe14f5c1c17b8b81c921c8c2daf77bf22ffef9f0a2e1ac1a32d5f_amd64",
"relates_to_product_reference": "8Base-MTV-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:cfd662d50e649898951b9dc21bb8bd533ccbe4daa9ae9eb1ea365ae9bfdf39e0_amd64 as a component of 8Base-MTV-2.5",
"product_id": "8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:cfd662d50e649898951b9dc21bb8bd533ccbe4daa9ae9eb1ea365ae9bfdf39e0_amd64"
},
"product_reference": "migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:cfd662d50e649898951b9dc21bb8bd533ccbe4daa9ae9eb1ea365ae9bfdf39e0_amd64",
"relates_to_product_reference": "8Base-MTV-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "migration-toolkit-virtualization/mtv-rhel8-operator@sha256:86e6fc987f49aa419b0c7f15276559c4e0958adc9385d80deef228dfb9bcf0ba_amd64 as a component of 8Base-MTV-2.5",
"product_id": "8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:86e6fc987f49aa419b0c7f15276559c4e0958adc9385d80deef228dfb9bcf0ba_amd64"
},
"product_reference": "migration-toolkit-virtualization/mtv-rhel8-operator@sha256:86e6fc987f49aa419b0c7f15276559c4e0958adc9385d80deef228dfb9bcf0ba_amd64",
"relates_to_product_reference": "8Base-MTV-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:bd5cf5ff33a900a8f7b8b4fc52ada3af737d42793b27e63f5cc7c36b11a21189_amd64 as a component of 8Base-MTV-2.5",
"product_id": "8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:bd5cf5ff33a900a8f7b8b4fc52ada3af737d42793b27e63f5cc7c36b11a21189_amd64"
},
"product_reference": "migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:bd5cf5ff33a900a8f7b8b4fc52ada3af737d42793b27e63f5cc7c36b11a21189_amd64",
"relates_to_product_reference": "8Base-MTV-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:fd9758985cb3ab4fe6bddf1b989b0cc7803d9bf79883dfe3a02c6c3644fcc891_amd64 as a component of 8Base-MTV-2.5",
"product_id": "8Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:fd9758985cb3ab4fe6bddf1b989b0cc7803d9bf79883dfe3a02c6c3644fcc891_amd64"
},
"product_reference": "migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:fd9758985cb3ab4fe6bddf1b989b0cc7803d9bf79883dfe3a02c6c3644fcc891_amd64",
"relates_to_product_reference": "8Base-MTV-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "migration-toolkit-virtualization/mtv-api-rhel9@sha256:7a25dd92fb3949f6b231d8019dda8ee2432ce1708cf746fdc805f335d19119e8_amd64 as a component of 8Base-MTV-2.5",
"product_id": "9Base-MTV-2.5:migration-toolkit-virtualization/mtv-api-rhel9@sha256:7a25dd92fb3949f6b231d8019dda8ee2432ce1708cf746fdc805f335d19119e8_amd64"
},
"product_reference": "migration-toolkit-virtualization/mtv-api-rhel9@sha256:7a25dd92fb3949f6b231d8019dda8ee2432ce1708cf746fdc805f335d19119e8_amd64",
"relates_to_product_reference": "9Base-MTV-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:8d9c4e66535b0b3c6921cbf819c7d86dedaa9076fc05b9f00e9002b6fb1c5b1d_amd64 as a component of 8Base-MTV-2.5",
"product_id": "9Base-MTV-2.5:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:8d9c4e66535b0b3c6921cbf819c7d86dedaa9076fc05b9f00e9002b6fb1c5b1d_amd64"
},
"product_reference": "migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:8d9c4e66535b0b3c6921cbf819c7d86dedaa9076fc05b9f00e9002b6fb1c5b1d_amd64",
"relates_to_product_reference": "9Base-MTV-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "migration-toolkit-virtualization/mtv-controller-rhel9@sha256:8fbc5262ebc5791a156ecc4afa539bb6d72bfe3ecf28e7ebaab12aab63e472e3_amd64 as a component of 8Base-MTV-2.5",
"product_id": "9Base-MTV-2.5:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:8fbc5262ebc5791a156ecc4afa539bb6d72bfe3ecf28e7ebaab12aab63e472e3_amd64"
},
"product_reference": "migration-toolkit-virtualization/mtv-controller-rhel9@sha256:8fbc5262ebc5791a156ecc4afa539bb6d72bfe3ecf28e7ebaab12aab63e472e3_amd64",
"relates_to_product_reference": "9Base-MTV-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:ba513f372d1eccbc1a96c0934384021b5cd228533435bcfb70dd584e65f5abec_amd64 as a component of 8Base-MTV-2.5",
"product_id": "9Base-MTV-2.5:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:ba513f372d1eccbc1a96c0934384021b5cd228533435bcfb70dd584e65f5abec_amd64"
},
"product_reference": "migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:ba513f372d1eccbc1a96c0934384021b5cd228533435bcfb70dd584e65f5abec_amd64",
"relates_to_product_reference": "9Base-MTV-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "migration-toolkit-virtualization/mtv-operator-bundle@sha256:9ec2a9e288b742ea9d71f13e055a4ede1b34e5e251aa662c65a83747a6603462_amd64 as a component of 8Base-MTV-2.5",
"product_id": "9Base-MTV-2.5:migration-toolkit-virtualization/mtv-operator-bundle@sha256:9ec2a9e288b742ea9d71f13e055a4ede1b34e5e251aa662c65a83747a6603462_amd64"
},
"product_reference": "migration-toolkit-virtualization/mtv-operator-bundle@sha256:9ec2a9e288b742ea9d71f13e055a4ede1b34e5e251aa662c65a83747a6603462_amd64",
"relates_to_product_reference": "9Base-MTV-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "migration-toolkit-virtualization/mtv-ova-provider-server-rhel9@sha256:53f0fa129b04bcb7ea8f80e6136fbaf189460b29bdd123398f456a4d2a32de3f_amd64 as a component of 8Base-MTV-2.5",
"product_id": "9Base-MTV-2.5:migration-toolkit-virtualization/mtv-ova-provider-server-rhel9@sha256:53f0fa129b04bcb7ea8f80e6136fbaf189460b29bdd123398f456a4d2a32de3f_amd64"
},
"product_reference": "migration-toolkit-virtualization/mtv-ova-provider-server-rhel9@sha256:53f0fa129b04bcb7ea8f80e6136fbaf189460b29bdd123398f456a4d2a32de3f_amd64",
"relates_to_product_reference": "9Base-MTV-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:110ebc02ca7aca24ff830e8073af8062434ca8dc8ff1239b92c24e84d6cf08c3_amd64 as a component of 8Base-MTV-2.5",
"product_id": "9Base-MTV-2.5:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:110ebc02ca7aca24ff830e8073af8062434ca8dc8ff1239b92c24e84d6cf08c3_amd64"
},
"product_reference": "migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:110ebc02ca7aca24ff830e8073af8062434ca8dc8ff1239b92c24e84d6cf08c3_amd64",
"relates_to_product_reference": "9Base-MTV-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "migration-toolkit-virtualization/mtv-validation-rhel9@sha256:7481185531e6bba394f769c0e73bfc431e0d763afd23c59bacc8ec32875b0af3_amd64 as a component of 8Base-MTV-2.5",
"product_id": "9Base-MTV-2.5:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:7481185531e6bba394f769c0e73bfc431e0d763afd23c59bacc8ec32875b0af3_amd64"
},
"product_reference": "migration-toolkit-virtualization/mtv-validation-rhel9@sha256:7481185531e6bba394f769c0e73bfc431e0d763afd23c59bacc8ec32875b0af3_amd64",
"relates_to_product_reference": "9Base-MTV-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:094c261ca283ee4fcf58e79cc93e61da6e0759c82a157f3169c4390a7e7f1f74_amd64 as a component of 8Base-MTV-2.5",
"product_id": "9Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:094c261ca283ee4fcf58e79cc93e61da6e0759c82a157f3169c4390a7e7f1f74_amd64"
},
"product_reference": "migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:094c261ca283ee4fcf58e79cc93e61da6e0759c82a157f3169c4390a7e7f1f74_amd64",
"relates_to_product_reference": "9Base-MTV-2.5"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Philippe Antoine"
],
"organization": "Catena Cyber"
}
],
"cve": "CVE-2022-41723",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-03-14T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:e1e3b4adafebe14f5c1c17b8b81c921c8c2daf77bf22ffef9f0a2e1ac1a32d5f_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:cfd662d50e649898951b9dc21bb8bd533ccbe4daa9ae9eb1ea365ae9bfdf39e0_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:86e6fc987f49aa419b0c7f15276559c4e0958adc9385d80deef228dfb9bcf0ba_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:bd5cf5ff33a900a8f7b8b4fc52ada3af737d42793b27e63f5cc7c36b11a21189_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:fd9758985cb3ab4fe6bddf1b989b0cc7803d9bf79883dfe3a02c6c3644fcc891_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-api-rhel9@sha256:7a25dd92fb3949f6b231d8019dda8ee2432ce1708cf746fdc805f335d19119e8_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:8d9c4e66535b0b3c6921cbf819c7d86dedaa9076fc05b9f00e9002b6fb1c5b1d_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:ba513f372d1eccbc1a96c0934384021b5cd228533435bcfb70dd584e65f5abec_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-operator-bundle@sha256:9ec2a9e288b742ea9d71f13e055a4ede1b34e5e251aa662c65a83747a6603462_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-ova-provider-server-rhel9@sha256:53f0fa129b04bcb7ea8f80e6136fbaf189460b29bdd123398f456a4d2a32de3f_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:110ebc02ca7aca24ff830e8073af8062434ca8dc8ff1239b92c24e84d6cf08c3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:7481185531e6bba394f769c0e73bfc431e0d763afd23c59bacc8ec32875b0af3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:094c261ca283ee4fcf58e79cc93e61da6e0759c82a157f3169c4390a7e7f1f74_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2178358"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of requests.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Within OpenShift Container Platform, the maximum impact of this vulnerability is a denial of service against an individual container so the impact could not cascade across the entire infrastructure, this vulnerability is rated Moderate impact.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:8fbc5262ebc5791a156ecc4afa539bb6d72bfe3ecf28e7ebaab12aab63e472e3_amd64"
],
"known_not_affected": [
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:e1e3b4adafebe14f5c1c17b8b81c921c8c2daf77bf22ffef9f0a2e1ac1a32d5f_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:cfd662d50e649898951b9dc21bb8bd533ccbe4daa9ae9eb1ea365ae9bfdf39e0_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:86e6fc987f49aa419b0c7f15276559c4e0958adc9385d80deef228dfb9bcf0ba_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:bd5cf5ff33a900a8f7b8b4fc52ada3af737d42793b27e63f5cc7c36b11a21189_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:fd9758985cb3ab4fe6bddf1b989b0cc7803d9bf79883dfe3a02c6c3644fcc891_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-api-rhel9@sha256:7a25dd92fb3949f6b231d8019dda8ee2432ce1708cf746fdc805f335d19119e8_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:8d9c4e66535b0b3c6921cbf819c7d86dedaa9076fc05b9f00e9002b6fb1c5b1d_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:ba513f372d1eccbc1a96c0934384021b5cd228533435bcfb70dd584e65f5abec_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-operator-bundle@sha256:9ec2a9e288b742ea9d71f13e055a4ede1b34e5e251aa662c65a83747a6603462_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-ova-provider-server-rhel9@sha256:53f0fa129b04bcb7ea8f80e6136fbaf189460b29bdd123398f456a4d2a32de3f_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:110ebc02ca7aca24ff830e8073af8062434ca8dc8ff1239b92c24e84d6cf08c3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:7481185531e6bba394f769c0e73bfc431e0d763afd23c59bacc8ec32875b0af3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:094c261ca283ee4fcf58e79cc93e61da6e0759c82a157f3169c4390a7e7f1f74_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41723"
},
{
"category": "external",
"summary": "RHBZ#2178358",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178358"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41723",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41723"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41723",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41723"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h",
"url": "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h"
},
{
"category": "external",
"summary": "https://go.dev/cl/468135",
"url": "https://go.dev/cl/468135"
},
{
"category": "external",
"summary": "https://go.dev/cl/468295",
"url": "https://go.dev/cl/468295"
},
{
"category": "external",
"summary": "https://go.dev/issue/57855",
"url": "https://go.dev/issue/57855"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E",
"url": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-1571",
"url": "https://pkg.go.dev/vuln/GO-2023-1571"
},
{
"category": "external",
"summary": "https://vuln.go.dev/ID/GO-2023-1571.json",
"url": "https://vuln.go.dev/ID/GO-2023-1571.json"
}
],
"release_date": "2023-02-17T14:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-24T12:12:11+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:8fbc5262ebc5791a156ecc4afa539bb6d72bfe3ecf28e7ebaab12aab63e472e3_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2023:6078"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:e1e3b4adafebe14f5c1c17b8b81c921c8c2daf77bf22ffef9f0a2e1ac1a32d5f_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:cfd662d50e649898951b9dc21bb8bd533ccbe4daa9ae9eb1ea365ae9bfdf39e0_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:86e6fc987f49aa419b0c7f15276559c4e0958adc9385d80deef228dfb9bcf0ba_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:bd5cf5ff33a900a8f7b8b4fc52ada3af737d42793b27e63f5cc7c36b11a21189_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:fd9758985cb3ab4fe6bddf1b989b0cc7803d9bf79883dfe3a02c6c3644fcc891_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-api-rhel9@sha256:7a25dd92fb3949f6b231d8019dda8ee2432ce1708cf746fdc805f335d19119e8_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:8d9c4e66535b0b3c6921cbf819c7d86dedaa9076fc05b9f00e9002b6fb1c5b1d_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:8fbc5262ebc5791a156ecc4afa539bb6d72bfe3ecf28e7ebaab12aab63e472e3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:ba513f372d1eccbc1a96c0934384021b5cd228533435bcfb70dd584e65f5abec_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-operator-bundle@sha256:9ec2a9e288b742ea9d71f13e055a4ede1b34e5e251aa662c65a83747a6603462_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-ova-provider-server-rhel9@sha256:53f0fa129b04bcb7ea8f80e6136fbaf189460b29bdd123398f456a4d2a32de3f_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:110ebc02ca7aca24ff830e8073af8062434ca8dc8ff1239b92c24e84d6cf08c3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:7481185531e6bba394f769c0e73bfc431e0d763afd23c59bacc8ec32875b0af3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:094c261ca283ee4fcf58e79cc93e61da6e0759c82a157f3169c4390a7e7f1f74_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding"
},
{
"cve": "CVE-2023-26125",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2023-05-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:cfd662d50e649898951b9dc21bb8bd533ccbe4daa9ae9eb1ea365ae9bfdf39e0_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:86e6fc987f49aa419b0c7f15276559c4e0958adc9385d80deef228dfb9bcf0ba_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:bd5cf5ff33a900a8f7b8b4fc52ada3af737d42793b27e63f5cc7c36b11a21189_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:fd9758985cb3ab4fe6bddf1b989b0cc7803d9bf79883dfe3a02c6c3644fcc891_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-api-rhel9@sha256:7a25dd92fb3949f6b231d8019dda8ee2432ce1708cf746fdc805f335d19119e8_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:8d9c4e66535b0b3c6921cbf819c7d86dedaa9076fc05b9f00e9002b6fb1c5b1d_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:ba513f372d1eccbc1a96c0934384021b5cd228533435bcfb70dd584e65f5abec_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-operator-bundle@sha256:9ec2a9e288b742ea9d71f13e055a4ede1b34e5e251aa662c65a83747a6603462_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-ova-provider-server-rhel9@sha256:53f0fa129b04bcb7ea8f80e6136fbaf189460b29bdd123398f456a4d2a32de3f_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:110ebc02ca7aca24ff830e8073af8062434ca8dc8ff1239b92c24e84d6cf08c3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:7481185531e6bba394f769c0e73bfc431e0d763afd23c59bacc8ec32875b0af3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:094c261ca283ee4fcf58e79cc93e61da6e0759c82a157f3169c4390a7e7f1f74_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2203769"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Gin-Gonic Gin. This flaw allows a remote attacker to bypass security restrictions caused by improper input validation. An attacker can perform cache poisoning attacks by sending a specially-crafted request using the X-Forwarded-Prefix header.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang-github-gin-gonic-gin: Improper Input Validation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:e1e3b4adafebe14f5c1c17b8b81c921c8c2daf77bf22ffef9f0a2e1ac1a32d5f_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:8fbc5262ebc5791a156ecc4afa539bb6d72bfe3ecf28e7ebaab12aab63e472e3_amd64"
],
"known_not_affected": [
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:cfd662d50e649898951b9dc21bb8bd533ccbe4daa9ae9eb1ea365ae9bfdf39e0_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:86e6fc987f49aa419b0c7f15276559c4e0958adc9385d80deef228dfb9bcf0ba_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:bd5cf5ff33a900a8f7b8b4fc52ada3af737d42793b27e63f5cc7c36b11a21189_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:fd9758985cb3ab4fe6bddf1b989b0cc7803d9bf79883dfe3a02c6c3644fcc891_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-api-rhel9@sha256:7a25dd92fb3949f6b231d8019dda8ee2432ce1708cf746fdc805f335d19119e8_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:8d9c4e66535b0b3c6921cbf819c7d86dedaa9076fc05b9f00e9002b6fb1c5b1d_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:ba513f372d1eccbc1a96c0934384021b5cd228533435bcfb70dd584e65f5abec_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-operator-bundle@sha256:9ec2a9e288b742ea9d71f13e055a4ede1b34e5e251aa662c65a83747a6603462_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-ova-provider-server-rhel9@sha256:53f0fa129b04bcb7ea8f80e6136fbaf189460b29bdd123398f456a4d2a32de3f_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:110ebc02ca7aca24ff830e8073af8062434ca8dc8ff1239b92c24e84d6cf08c3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:7481185531e6bba394f769c0e73bfc431e0d763afd23c59bacc8ec32875b0af3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:094c261ca283ee4fcf58e79cc93e61da6e0759c82a157f3169c4390a7e7f1f74_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-26125"
},
{
"category": "external",
"summary": "RHBZ#2203769",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2203769"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-26125",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26125"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-26125",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-26125"
},
{
"category": "external",
"summary": "https://www.postgresql.org/support/security/CVE-2023-2454/",
"url": "https://www.postgresql.org/support/security/CVE-2023-2454/"
}
],
"release_date": "2023-05-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-24T12:12:11+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:e1e3b4adafebe14f5c1c17b8b81c921c8c2daf77bf22ffef9f0a2e1ac1a32d5f_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:8fbc5262ebc5791a156ecc4afa539bb6d72bfe3ecf28e7ebaab12aab63e472e3_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2023:6078"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:e1e3b4adafebe14f5c1c17b8b81c921c8c2daf77bf22ffef9f0a2e1ac1a32d5f_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:cfd662d50e649898951b9dc21bb8bd533ccbe4daa9ae9eb1ea365ae9bfdf39e0_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:86e6fc987f49aa419b0c7f15276559c4e0958adc9385d80deef228dfb9bcf0ba_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:bd5cf5ff33a900a8f7b8b4fc52ada3af737d42793b27e63f5cc7c36b11a21189_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:fd9758985cb3ab4fe6bddf1b989b0cc7803d9bf79883dfe3a02c6c3644fcc891_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-api-rhel9@sha256:7a25dd92fb3949f6b231d8019dda8ee2432ce1708cf746fdc805f335d19119e8_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:8d9c4e66535b0b3c6921cbf819c7d86dedaa9076fc05b9f00e9002b6fb1c5b1d_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:8fbc5262ebc5791a156ecc4afa539bb6d72bfe3ecf28e7ebaab12aab63e472e3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:ba513f372d1eccbc1a96c0934384021b5cd228533435bcfb70dd584e65f5abec_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-operator-bundle@sha256:9ec2a9e288b742ea9d71f13e055a4ede1b34e5e251aa662c65a83747a6603462_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-ova-provider-server-rhel9@sha256:53f0fa129b04bcb7ea8f80e6136fbaf189460b29bdd123398f456a4d2a32de3f_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:110ebc02ca7aca24ff830e8073af8062434ca8dc8ff1239b92c24e84d6cf08c3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:7481185531e6bba394f769c0e73bfc431e0d763afd23c59bacc8ec32875b0af3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:094c261ca283ee4fcf58e79cc93e61da6e0759c82a157f3169c4390a7e7f1f74_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:e1e3b4adafebe14f5c1c17b8b81c921c8c2daf77bf22ffef9f0a2e1ac1a32d5f_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:cfd662d50e649898951b9dc21bb8bd533ccbe4daa9ae9eb1ea365ae9bfdf39e0_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:86e6fc987f49aa419b0c7f15276559c4e0958adc9385d80deef228dfb9bcf0ba_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:bd5cf5ff33a900a8f7b8b4fc52ada3af737d42793b27e63f5cc7c36b11a21189_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:fd9758985cb3ab4fe6bddf1b989b0cc7803d9bf79883dfe3a02c6c3644fcc891_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-api-rhel9@sha256:7a25dd92fb3949f6b231d8019dda8ee2432ce1708cf746fdc805f335d19119e8_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:8d9c4e66535b0b3c6921cbf819c7d86dedaa9076fc05b9f00e9002b6fb1c5b1d_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:8fbc5262ebc5791a156ecc4afa539bb6d72bfe3ecf28e7ebaab12aab63e472e3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:ba513f372d1eccbc1a96c0934384021b5cd228533435bcfb70dd584e65f5abec_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-operator-bundle@sha256:9ec2a9e288b742ea9d71f13e055a4ede1b34e5e251aa662c65a83747a6603462_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-ova-provider-server-rhel9@sha256:53f0fa129b04bcb7ea8f80e6136fbaf189460b29bdd123398f456a4d2a32de3f_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:110ebc02ca7aca24ff830e8073af8062434ca8dc8ff1239b92c24e84d6cf08c3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:7481185531e6bba394f769c0e73bfc431e0d763afd23c59bacc8ec32875b0af3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:094c261ca283ee4fcf58e79cc93e61da6e0759c82a157f3169c4390a7e7f1f74_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang-github-gin-gonic-gin: Improper Input Validation"
},
{
"cve": "CVE-2023-26144",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-09-20T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:e1e3b4adafebe14f5c1c17b8b81c921c8c2daf77bf22ffef9f0a2e1ac1a32d5f_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:cfd662d50e649898951b9dc21bb8bd533ccbe4daa9ae9eb1ea365ae9bfdf39e0_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:86e6fc987f49aa419b0c7f15276559c4e0958adc9385d80deef228dfb9bcf0ba_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:bd5cf5ff33a900a8f7b8b4fc52ada3af737d42793b27e63f5cc7c36b11a21189_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:fd9758985cb3ab4fe6bddf1b989b0cc7803d9bf79883dfe3a02c6c3644fcc891_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-api-rhel9@sha256:7a25dd92fb3949f6b231d8019dda8ee2432ce1708cf746fdc805f335d19119e8_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:8fbc5262ebc5791a156ecc4afa539bb6d72bfe3ecf28e7ebaab12aab63e472e3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:ba513f372d1eccbc1a96c0934384021b5cd228533435bcfb70dd584e65f5abec_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-operator-bundle@sha256:9ec2a9e288b742ea9d71f13e055a4ede1b34e5e251aa662c65a83747a6603462_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-ova-provider-server-rhel9@sha256:53f0fa129b04bcb7ea8f80e6136fbaf189460b29bdd123398f456a4d2a32de3f_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:110ebc02ca7aca24ff830e8073af8062434ca8dc8ff1239b92c24e84d6cf08c3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:7481185531e6bba394f769c0e73bfc431e0d763afd23c59bacc8ec32875b0af3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:094c261ca283ee4fcf58e79cc93e61da6e0759c82a157f3169c4390a7e7f1f74_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2239924"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the graphql package. Affected versions of this package are vulnerable to Denial of Service (DoS) due to insufficient checks in the OverlappingFieldsCanBeMergedRule.ts file when parsing large queries. This issue may allow an attacker to degrade system performance.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "graphql: Insufficient checks in the OverlappingFieldsCanBeMergedRule.ts file when parsing large queries",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:8d9c4e66535b0b3c6921cbf819c7d86dedaa9076fc05b9f00e9002b6fb1c5b1d_amd64"
],
"known_not_affected": [
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:e1e3b4adafebe14f5c1c17b8b81c921c8c2daf77bf22ffef9f0a2e1ac1a32d5f_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:cfd662d50e649898951b9dc21bb8bd533ccbe4daa9ae9eb1ea365ae9bfdf39e0_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:86e6fc987f49aa419b0c7f15276559c4e0958adc9385d80deef228dfb9bcf0ba_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:bd5cf5ff33a900a8f7b8b4fc52ada3af737d42793b27e63f5cc7c36b11a21189_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:fd9758985cb3ab4fe6bddf1b989b0cc7803d9bf79883dfe3a02c6c3644fcc891_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-api-rhel9@sha256:7a25dd92fb3949f6b231d8019dda8ee2432ce1708cf746fdc805f335d19119e8_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:8fbc5262ebc5791a156ecc4afa539bb6d72bfe3ecf28e7ebaab12aab63e472e3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:ba513f372d1eccbc1a96c0934384021b5cd228533435bcfb70dd584e65f5abec_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-operator-bundle@sha256:9ec2a9e288b742ea9d71f13e055a4ede1b34e5e251aa662c65a83747a6603462_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-ova-provider-server-rhel9@sha256:53f0fa129b04bcb7ea8f80e6136fbaf189460b29bdd123398f456a4d2a32de3f_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:110ebc02ca7aca24ff830e8073af8062434ca8dc8ff1239b92c24e84d6cf08c3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:7481185531e6bba394f769c0e73bfc431e0d763afd23c59bacc8ec32875b0af3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:094c261ca283ee4fcf58e79cc93e61da6e0759c82a157f3169c4390a7e7f1f74_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-26144"
},
{
"category": "external",
"summary": "RHBZ#2239924",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2239924"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-26144",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26144"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-26144",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-26144"
},
{
"category": "external",
"summary": "https://github.com/graphql/graphql-js/commit/f94b511386c7e47bd0380dcd56553dc063320226",
"url": "https://github.com/graphql/graphql-js/commit/f94b511386c7e47bd0380dcd56553dc063320226"
},
{
"category": "external",
"summary": "https://github.com/graphql/graphql-js/issues/3955",
"url": "https://github.com/graphql/graphql-js/issues/3955"
},
{
"category": "external",
"summary": "https://github.com/graphql/graphql-js/pull/3972",
"url": "https://github.com/graphql/graphql-js/pull/3972"
},
{
"category": "external",
"summary": "https://github.com/graphql/graphql-js/releases/tag/v16.8.1",
"url": "https://github.com/graphql/graphql-js/releases/tag/v16.8.1"
},
{
"category": "external",
"summary": "https://security.snyk.io/vuln/SNYK-JS-GRAPHQL-5905181",
"url": "https://security.snyk.io/vuln/SNYK-JS-GRAPHQL-5905181"
}
],
"release_date": "2023-09-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-24T12:12:11+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:8d9c4e66535b0b3c6921cbf819c7d86dedaa9076fc05b9f00e9002b6fb1c5b1d_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2023:6078"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:e1e3b4adafebe14f5c1c17b8b81c921c8c2daf77bf22ffef9f0a2e1ac1a32d5f_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:cfd662d50e649898951b9dc21bb8bd533ccbe4daa9ae9eb1ea365ae9bfdf39e0_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:86e6fc987f49aa419b0c7f15276559c4e0958adc9385d80deef228dfb9bcf0ba_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:bd5cf5ff33a900a8f7b8b4fc52ada3af737d42793b27e63f5cc7c36b11a21189_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:fd9758985cb3ab4fe6bddf1b989b0cc7803d9bf79883dfe3a02c6c3644fcc891_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-api-rhel9@sha256:7a25dd92fb3949f6b231d8019dda8ee2432ce1708cf746fdc805f335d19119e8_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:8d9c4e66535b0b3c6921cbf819c7d86dedaa9076fc05b9f00e9002b6fb1c5b1d_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:8fbc5262ebc5791a156ecc4afa539bb6d72bfe3ecf28e7ebaab12aab63e472e3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:ba513f372d1eccbc1a96c0934384021b5cd228533435bcfb70dd584e65f5abec_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-operator-bundle@sha256:9ec2a9e288b742ea9d71f13e055a4ede1b34e5e251aa662c65a83747a6603462_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-ova-provider-server-rhel9@sha256:53f0fa129b04bcb7ea8f80e6136fbaf189460b29bdd123398f456a4d2a32de3f_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:110ebc02ca7aca24ff830e8073af8062434ca8dc8ff1239b92c24e84d6cf08c3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:7481185531e6bba394f769c0e73bfc431e0d763afd23c59bacc8ec32875b0af3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:094c261ca283ee4fcf58e79cc93e61da6e0759c82a157f3169c4390a7e7f1f74_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "graphql: Insufficient checks in the OverlappingFieldsCanBeMergedRule.ts file when parsing large queries"
},
{
"cve": "CVE-2023-29401",
"cwe": {
"id": "CWE-494",
"name": "Download of Code Without Integrity Check"
},
"discovery_date": "2023-06-23T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:cfd662d50e649898951b9dc21bb8bd533ccbe4daa9ae9eb1ea365ae9bfdf39e0_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:86e6fc987f49aa419b0c7f15276559c4e0958adc9385d80deef228dfb9bcf0ba_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:bd5cf5ff33a900a8f7b8b4fc52ada3af737d42793b27e63f5cc7c36b11a21189_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:fd9758985cb3ab4fe6bddf1b989b0cc7803d9bf79883dfe3a02c6c3644fcc891_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-api-rhel9@sha256:7a25dd92fb3949f6b231d8019dda8ee2432ce1708cf746fdc805f335d19119e8_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:8d9c4e66535b0b3c6921cbf819c7d86dedaa9076fc05b9f00e9002b6fb1c5b1d_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:ba513f372d1eccbc1a96c0934384021b5cd228533435bcfb70dd584e65f5abec_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-operator-bundle@sha256:9ec2a9e288b742ea9d71f13e055a4ede1b34e5e251aa662c65a83747a6603462_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-ova-provider-server-rhel9@sha256:53f0fa129b04bcb7ea8f80e6136fbaf189460b29bdd123398f456a4d2a32de3f_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:110ebc02ca7aca24ff830e8073af8062434ca8dc8ff1239b92c24e84d6cf08c3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:7481185531e6bba394f769c0e73bfc431e0d763afd23c59bacc8ec32875b0af3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:094c261ca283ee4fcf58e79cc93e61da6e0759c82a157f3169c4390a7e7f1f74_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2216957"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Gin-Gonic Gin Web Framework. Affected versions of this package could allow a remote attacker to bypass security restrictions caused by improper input validation by the filename parameter of the Context.FileAttachment function. An attacker can modify the Content-Disposition header by using a specially-crafted attachment file name.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang-github-gin-gonic-gin: Gin Web Framework does not properly sanitize filename parameter of Context.FileAttachment function",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:e1e3b4adafebe14f5c1c17b8b81c921c8c2daf77bf22ffef9f0a2e1ac1a32d5f_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:8fbc5262ebc5791a156ecc4afa539bb6d72bfe3ecf28e7ebaab12aab63e472e3_amd64"
],
"known_not_affected": [
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:cfd662d50e649898951b9dc21bb8bd533ccbe4daa9ae9eb1ea365ae9bfdf39e0_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:86e6fc987f49aa419b0c7f15276559c4e0958adc9385d80deef228dfb9bcf0ba_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:bd5cf5ff33a900a8f7b8b4fc52ada3af737d42793b27e63f5cc7c36b11a21189_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:fd9758985cb3ab4fe6bddf1b989b0cc7803d9bf79883dfe3a02c6c3644fcc891_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-api-rhel9@sha256:7a25dd92fb3949f6b231d8019dda8ee2432ce1708cf746fdc805f335d19119e8_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:8d9c4e66535b0b3c6921cbf819c7d86dedaa9076fc05b9f00e9002b6fb1c5b1d_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:ba513f372d1eccbc1a96c0934384021b5cd228533435bcfb70dd584e65f5abec_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-operator-bundle@sha256:9ec2a9e288b742ea9d71f13e055a4ede1b34e5e251aa662c65a83747a6603462_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-ova-provider-server-rhel9@sha256:53f0fa129b04bcb7ea8f80e6136fbaf189460b29bdd123398f456a4d2a32de3f_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:110ebc02ca7aca24ff830e8073af8062434ca8dc8ff1239b92c24e84d6cf08c3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:7481185531e6bba394f769c0e73bfc431e0d763afd23c59bacc8ec32875b0af3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:094c261ca283ee4fcf58e79cc93e61da6e0759c82a157f3169c4390a7e7f1f74_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-29401"
},
{
"category": "external",
"summary": "RHBZ#2216957",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2216957"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-29401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29401"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-29401",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29401"
}
],
"release_date": "2023-06-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-24T12:12:11+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:e1e3b4adafebe14f5c1c17b8b81c921c8c2daf77bf22ffef9f0a2e1ac1a32d5f_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:8fbc5262ebc5791a156ecc4afa539bb6d72bfe3ecf28e7ebaab12aab63e472e3_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2023:6078"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:e1e3b4adafebe14f5c1c17b8b81c921c8c2daf77bf22ffef9f0a2e1ac1a32d5f_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:cfd662d50e649898951b9dc21bb8bd533ccbe4daa9ae9eb1ea365ae9bfdf39e0_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:86e6fc987f49aa419b0c7f15276559c4e0958adc9385d80deef228dfb9bcf0ba_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:bd5cf5ff33a900a8f7b8b4fc52ada3af737d42793b27e63f5cc7c36b11a21189_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:fd9758985cb3ab4fe6bddf1b989b0cc7803d9bf79883dfe3a02c6c3644fcc891_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-api-rhel9@sha256:7a25dd92fb3949f6b231d8019dda8ee2432ce1708cf746fdc805f335d19119e8_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:8d9c4e66535b0b3c6921cbf819c7d86dedaa9076fc05b9f00e9002b6fb1c5b1d_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:8fbc5262ebc5791a156ecc4afa539bb6d72bfe3ecf28e7ebaab12aab63e472e3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:ba513f372d1eccbc1a96c0934384021b5cd228533435bcfb70dd584e65f5abec_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-operator-bundle@sha256:9ec2a9e288b742ea9d71f13e055a4ede1b34e5e251aa662c65a83747a6603462_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-ova-provider-server-rhel9@sha256:53f0fa129b04bcb7ea8f80e6136fbaf189460b29bdd123398f456a4d2a32de3f_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:110ebc02ca7aca24ff830e8073af8062434ca8dc8ff1239b92c24e84d6cf08c3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:7481185531e6bba394f769c0e73bfc431e0d763afd23c59bacc8ec32875b0af3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:094c261ca283ee4fcf58e79cc93e61da6e0759c82a157f3169c4390a7e7f1f74_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang-github-gin-gonic-gin: Gin Web Framework does not properly sanitize filename parameter of Context.FileAttachment function"
},
{
"cve": "CVE-2023-39325",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-10T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:cfd662d50e649898951b9dc21bb8bd533ccbe4daa9ae9eb1ea365ae9bfdf39e0_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:86e6fc987f49aa419b0c7f15276559c4e0958adc9385d80deef228dfb9bcf0ba_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:bd5cf5ff33a900a8f7b8b4fc52ada3af737d42793b27e63f5cc7c36b11a21189_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:fd9758985cb3ab4fe6bddf1b989b0cc7803d9bf79883dfe3a02c6c3644fcc891_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:8d9c4e66535b0b3c6921cbf819c7d86dedaa9076fc05b9f00e9002b6fb1c5b1d_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:8fbc5262ebc5791a156ecc4afa539bb6d72bfe3ecf28e7ebaab12aab63e472e3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:ba513f372d1eccbc1a96c0934384021b5cd228533435bcfb70dd584e65f5abec_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-operator-bundle@sha256:9ec2a9e288b742ea9d71f13e055a4ede1b34e5e251aa662c65a83747a6603462_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-ova-provider-server-rhel9@sha256:53f0fa129b04bcb7ea8f80e6136fbaf189460b29bdd123398f456a4d2a32de3f_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:110ebc02ca7aca24ff830e8073af8062434ca8dc8ff1239b92c24e84d6cf08c3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:094c261ca283ee4fcf58e79cc93e61da6e0759c82a157f3169c4390a7e7f1f74_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2243296"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE is related to CVE-2023-44487.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nAs go-lang vendors its dependencies, a package may contain a library with a known vulnerability, solely because of lower tier libraries including it as a part of its dependencies, but the vulnerable code is not reachable at runtime. In such cases the issue is not exploitable. We classify these situations as \u201cNot affected\u201d or \u201cWill not fix,\u201d depending on the risk of breaking other unrelated packages.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:e1e3b4adafebe14f5c1c17b8b81c921c8c2daf77bf22ffef9f0a2e1ac1a32d5f_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-api-rhel9@sha256:7a25dd92fb3949f6b231d8019dda8ee2432ce1708cf746fdc805f335d19119e8_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:7481185531e6bba394f769c0e73bfc431e0d763afd23c59bacc8ec32875b0af3_amd64"
],
"known_not_affected": [
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:cfd662d50e649898951b9dc21bb8bd533ccbe4daa9ae9eb1ea365ae9bfdf39e0_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:86e6fc987f49aa419b0c7f15276559c4e0958adc9385d80deef228dfb9bcf0ba_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:bd5cf5ff33a900a8f7b8b4fc52ada3af737d42793b27e63f5cc7c36b11a21189_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:fd9758985cb3ab4fe6bddf1b989b0cc7803d9bf79883dfe3a02c6c3644fcc891_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:8d9c4e66535b0b3c6921cbf819c7d86dedaa9076fc05b9f00e9002b6fb1c5b1d_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:8fbc5262ebc5791a156ecc4afa539bb6d72bfe3ecf28e7ebaab12aab63e472e3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:ba513f372d1eccbc1a96c0934384021b5cd228533435bcfb70dd584e65f5abec_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-operator-bundle@sha256:9ec2a9e288b742ea9d71f13e055a4ede1b34e5e251aa662c65a83747a6603462_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-ova-provider-server-rhel9@sha256:53f0fa129b04bcb7ea8f80e6136fbaf189460b29bdd123398f456a4d2a32de3f_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:110ebc02ca7aca24ff830e8073af8062434ca8dc8ff1239b92c24e84d6cf08c3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:094c261ca283ee4fcf58e79cc93e61da6e0759c82a157f3169c4390a7e7f1f74_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39325"
},
{
"category": "external",
"summary": "RHBZ#2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2023-44487",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://go.dev/issue/63417",
"url": "https://go.dev/issue/63417"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-24T12:12:11+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:e1e3b4adafebe14f5c1c17b8b81c921c8c2daf77bf22ffef9f0a2e1ac1a32d5f_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-api-rhel9@sha256:7a25dd92fb3949f6b231d8019dda8ee2432ce1708cf746fdc805f335d19119e8_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:7481185531e6bba394f769c0e73bfc431e0d763afd23c59bacc8ec32875b0af3_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2023:6078"
},
{
"category": "workaround",
"details": "The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:e1e3b4adafebe14f5c1c17b8b81c921c8c2daf77bf22ffef9f0a2e1ac1a32d5f_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:cfd662d50e649898951b9dc21bb8bd533ccbe4daa9ae9eb1ea365ae9bfdf39e0_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:86e6fc987f49aa419b0c7f15276559c4e0958adc9385d80deef228dfb9bcf0ba_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:bd5cf5ff33a900a8f7b8b4fc52ada3af737d42793b27e63f5cc7c36b11a21189_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:fd9758985cb3ab4fe6bddf1b989b0cc7803d9bf79883dfe3a02c6c3644fcc891_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-api-rhel9@sha256:7a25dd92fb3949f6b231d8019dda8ee2432ce1708cf746fdc805f335d19119e8_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:8d9c4e66535b0b3c6921cbf819c7d86dedaa9076fc05b9f00e9002b6fb1c5b1d_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:8fbc5262ebc5791a156ecc4afa539bb6d72bfe3ecf28e7ebaab12aab63e472e3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:ba513f372d1eccbc1a96c0934384021b5cd228533435bcfb70dd584e65f5abec_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-operator-bundle@sha256:9ec2a9e288b742ea9d71f13e055a4ede1b34e5e251aa662c65a83747a6603462_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-ova-provider-server-rhel9@sha256:53f0fa129b04bcb7ea8f80e6136fbaf189460b29bdd123398f456a4d2a32de3f_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:110ebc02ca7aca24ff830e8073af8062434ca8dc8ff1239b92c24e84d6cf08c3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:7481185531e6bba394f769c0e73bfc431e0d763afd23c59bacc8ec32875b0af3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:094c261ca283ee4fcf58e79cc93e61da6e0759c82a157f3169c4390a7e7f1f74_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:e1e3b4adafebe14f5c1c17b8b81c921c8c2daf77bf22ffef9f0a2e1ac1a32d5f_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:cfd662d50e649898951b9dc21bb8bd533ccbe4daa9ae9eb1ea365ae9bfdf39e0_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:86e6fc987f49aa419b0c7f15276559c4e0958adc9385d80deef228dfb9bcf0ba_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:bd5cf5ff33a900a8f7b8b4fc52ada3af737d42793b27e63f5cc7c36b11a21189_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:fd9758985cb3ab4fe6bddf1b989b0cc7803d9bf79883dfe3a02c6c3644fcc891_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-api-rhel9@sha256:7a25dd92fb3949f6b231d8019dda8ee2432ce1708cf746fdc805f335d19119e8_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:8d9c4e66535b0b3c6921cbf819c7d86dedaa9076fc05b9f00e9002b6fb1c5b1d_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:8fbc5262ebc5791a156ecc4afa539bb6d72bfe3ecf28e7ebaab12aab63e472e3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:ba513f372d1eccbc1a96c0934384021b5cd228533435bcfb70dd584e65f5abec_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-operator-bundle@sha256:9ec2a9e288b742ea9d71f13e055a4ede1b34e5e251aa662c65a83747a6603462_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-ova-provider-server-rhel9@sha256:53f0fa129b04bcb7ea8f80e6136fbaf189460b29bdd123398f456a4d2a32de3f_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:110ebc02ca7aca24ff830e8073af8062434ca8dc8ff1239b92c24e84d6cf08c3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:7481185531e6bba394f769c0e73bfc431e0d763afd23c59bacc8ec32875b0af3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:094c261ca283ee4fcf58e79cc93e61da6e0759c82a157f3169c4390a7e7f1f74_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)"
},
{
"cve": "CVE-2023-44487",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:e1e3b4adafebe14f5c1c17b8b81c921c8c2daf77bf22ffef9f0a2e1ac1a32d5f_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:cfd662d50e649898951b9dc21bb8bd533ccbe4daa9ae9eb1ea365ae9bfdf39e0_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:86e6fc987f49aa419b0c7f15276559c4e0958adc9385d80deef228dfb9bcf0ba_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:bd5cf5ff33a900a8f7b8b4fc52ada3af737d42793b27e63f5cc7c36b11a21189_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:fd9758985cb3ab4fe6bddf1b989b0cc7803d9bf79883dfe3a02c6c3644fcc891_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:8d9c4e66535b0b3c6921cbf819c7d86dedaa9076fc05b9f00e9002b6fb1c5b1d_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:8fbc5262ebc5791a156ecc4afa539bb6d72bfe3ecf28e7ebaab12aab63e472e3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:ba513f372d1eccbc1a96c0934384021b5cd228533435bcfb70dd584e65f5abec_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-operator-bundle@sha256:9ec2a9e288b742ea9d71f13e055a4ede1b34e5e251aa662c65a83747a6603462_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-ova-provider-server-rhel9@sha256:53f0fa129b04bcb7ea8f80e6136fbaf189460b29bdd123398f456a4d2a32de3f_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:110ebc02ca7aca24ff830e8073af8062434ca8dc8ff1239b92c24e84d6cf08c3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:7481185531e6bba394f769c0e73bfc431e0d763afd23c59bacc8ec32875b0af3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:094c261ca283ee4fcf58e79cc93e61da6e0759c82a157f3169c4390a7e7f1f74_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2242803"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages.\r\n\r\nSecurity Bulletin\r\nhttps://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "NGINX has been marked as Moderate Impact because, for performance and resource consumption reasons, NGINX limits the number of concurrent streams to a default of 128. In addition, to optimally balance network and server performance, NGINX allows the client to persist HTTP connections for up to 1000 requests by default using an HTTP keepalive.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nrhc component is no longer impacted by CVE-2023-44487 \u0026 CVE-2023-39325.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-api-rhel9@sha256:7a25dd92fb3949f6b231d8019dda8ee2432ce1708cf746fdc805f335d19119e8_amd64"
],
"known_not_affected": [
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:e1e3b4adafebe14f5c1c17b8b81c921c8c2daf77bf22ffef9f0a2e1ac1a32d5f_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:cfd662d50e649898951b9dc21bb8bd533ccbe4daa9ae9eb1ea365ae9bfdf39e0_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:86e6fc987f49aa419b0c7f15276559c4e0958adc9385d80deef228dfb9bcf0ba_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:bd5cf5ff33a900a8f7b8b4fc52ada3af737d42793b27e63f5cc7c36b11a21189_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:fd9758985cb3ab4fe6bddf1b989b0cc7803d9bf79883dfe3a02c6c3644fcc891_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:8d9c4e66535b0b3c6921cbf819c7d86dedaa9076fc05b9f00e9002b6fb1c5b1d_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:8fbc5262ebc5791a156ecc4afa539bb6d72bfe3ecf28e7ebaab12aab63e472e3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:ba513f372d1eccbc1a96c0934384021b5cd228533435bcfb70dd584e65f5abec_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-operator-bundle@sha256:9ec2a9e288b742ea9d71f13e055a4ede1b34e5e251aa662c65a83747a6603462_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-ova-provider-server-rhel9@sha256:53f0fa129b04bcb7ea8f80e6136fbaf189460b29bdd123398f456a4d2a32de3f_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:110ebc02ca7aca24ff830e8073af8062434ca8dc8ff1239b92c24e84d6cf08c3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:7481185531e6bba394f769c0e73bfc431e0d763afd23c59bacc8ec32875b0af3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:094c261ca283ee4fcf58e79cc93e61da6e0759c82a157f3169c4390a7e7f1f74_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "RHBZ#2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://github.com/dotnet/announcements/issues/277",
"url": "https://github.com/dotnet/announcements/issues/277"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
},
{
"category": "external",
"summary": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/",
"url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-24T12:12:11+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-api-rhel9@sha256:7a25dd92fb3949f6b231d8019dda8ee2432ce1708cf746fdc805f335d19119e8_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2023:6078"
},
{
"category": "workaround",
"details": "Users are strongly urged to update their software as soon as fixes are available. \nThere are several mitigation approaches for this flaw. \n\n1. If circumstances permit, users may disable http2 endpoints to circumvent the flaw altogether until a fix is available.\n2. IP-based blocking or flood protection and rate control tools may be used at network endpoints to filter incoming traffic.\n3. Several package specific mitigations are also available. \n a. nginx: https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\n b. netty: https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p\n c. haproxy: https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\n d. nghttp2: https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg\n e. golang: The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:e1e3b4adafebe14f5c1c17b8b81c921c8c2daf77bf22ffef9f0a2e1ac1a32d5f_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:cfd662d50e649898951b9dc21bb8bd533ccbe4daa9ae9eb1ea365ae9bfdf39e0_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:86e6fc987f49aa419b0c7f15276559c4e0958adc9385d80deef228dfb9bcf0ba_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:bd5cf5ff33a900a8f7b8b4fc52ada3af737d42793b27e63f5cc7c36b11a21189_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:fd9758985cb3ab4fe6bddf1b989b0cc7803d9bf79883dfe3a02c6c3644fcc891_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-api-rhel9@sha256:7a25dd92fb3949f6b231d8019dda8ee2432ce1708cf746fdc805f335d19119e8_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:8d9c4e66535b0b3c6921cbf819c7d86dedaa9076fc05b9f00e9002b6fb1c5b1d_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:8fbc5262ebc5791a156ecc4afa539bb6d72bfe3ecf28e7ebaab12aab63e472e3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:ba513f372d1eccbc1a96c0934384021b5cd228533435bcfb70dd584e65f5abec_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-operator-bundle@sha256:9ec2a9e288b742ea9d71f13e055a4ede1b34e5e251aa662c65a83747a6603462_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-ova-provider-server-rhel9@sha256:53f0fa129b04bcb7ea8f80e6136fbaf189460b29bdd123398f456a4d2a32de3f_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:110ebc02ca7aca24ff830e8073af8062434ca8dc8ff1239b92c24e84d6cf08c3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:7481185531e6bba394f769c0e73bfc431e0d763afd23c59bacc8ec32875b0af3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:094c261ca283ee4fcf58e79cc93e61da6e0759c82a157f3169c4390a7e7f1f74_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:e1e3b4adafebe14f5c1c17b8b81c921c8c2daf77bf22ffef9f0a2e1ac1a32d5f_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:cfd662d50e649898951b9dc21bb8bd533ccbe4daa9ae9eb1ea365ae9bfdf39e0_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:86e6fc987f49aa419b0c7f15276559c4e0958adc9385d80deef228dfb9bcf0ba_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:bd5cf5ff33a900a8f7b8b4fc52ada3af737d42793b27e63f5cc7c36b11a21189_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:fd9758985cb3ab4fe6bddf1b989b0cc7803d9bf79883dfe3a02c6c3644fcc891_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-api-rhel9@sha256:7a25dd92fb3949f6b231d8019dda8ee2432ce1708cf746fdc805f335d19119e8_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:8d9c4e66535b0b3c6921cbf819c7d86dedaa9076fc05b9f00e9002b6fb1c5b1d_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:8fbc5262ebc5791a156ecc4afa539bb6d72bfe3ecf28e7ebaab12aab63e472e3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:ba513f372d1eccbc1a96c0934384021b5cd228533435bcfb70dd584e65f5abec_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-operator-bundle@sha256:9ec2a9e288b742ea9d71f13e055a4ede1b34e5e251aa662c65a83747a6603462_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-ova-provider-server-rhel9@sha256:53f0fa129b04bcb7ea8f80e6136fbaf189460b29bdd123398f456a4d2a32de3f_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:110ebc02ca7aca24ff830e8073af8062434ca8dc8ff1239b92c24e84d6cf08c3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:7481185531e6bba394f769c0e73bfc431e0d763afd23c59bacc8ec32875b0af3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:094c261ca283ee4fcf58e79cc93e61da6e0759c82a157f3169c4390a7e7f1f74_amd64"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-10-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)"
}
]
}
RHBA-2023:6109
Vulnerability from csaf_redhat - Published: 2023-10-25 12:32 - Updated: 2026-06-08 15:35Summary
Red Hat Bug Fix Advisory: MTV 2.4.3 Images
Severity
Important
Notes
Topic: Updated Release packages that fix several bugs and add various enhancements are now available.
Details: Migration Toolkit for Virtualization 2.4.3 Images
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the golang package. The JoinPath doesn't remove the ../ path components appended to a domain that is not terminated by a slash, possibly leading to a directory traversal attack.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64 | — |
Vendor Fix
fix
|
Known not affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64 | — | ||
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64 | — | ||
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64 | — | ||
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64 | — | ||
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64 | — | ||
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64 | — |
Threats
Impact
Moderate
A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of requests.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64 | — |
Vendor Fix
fix
|
Known not affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64 | — | ||
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64 | — | ||
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64 | — | ||
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64 | — | ||
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64 | — |
Threats
Impact
Moderate
A flaw was found in Golang Go, where it is vulnerable to a denial of service caused when processing large TLS handshake records. By sending specially-crafted TLS handshake records, a remote, authenticated attacker can cause a denial of service condition.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64 | — |
Vendor Fix
fix
|
Known not affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64 | — | ||
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64 | — | ||
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64 | — | ||
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64 | — | ||
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64 | — | ||
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64 | — |
Threats
Impact
Moderate
A flaw was found in Go, where it is vulnerable to a denial of service caused by an excessive resource consumption flaw in the net/http and mime/multipart packages. By sending a specially-crafted request, a remote attacker can cause a denial of service.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64 | — |
Vendor Fix
fix
|
Known not affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64 | — | ||
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64 | — | ||
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64 | — | ||
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64 | — | ||
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64 | — | ||
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64 | — |
Threats
Impact
Moderate
A flaw was found in the Golang HTML package where it is vulnerable to Cross-site scripting caused by the improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially crafted URL to execute a script in a victim's web browser within the security context of the hosting website once the URL is clicked. The flaw allows an attacker to steal the victim's cookie-based authentication credentials.
6.1 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64 | — |
Vendor Fix
fix
|
Known not affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64 | — | ||
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64 | — | ||
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64 | — | ||
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64 | — | ||
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64 | — |
Threats
Impact
Moderate
A flaw was found in Golang Go, where it is vulnerable to a denial of service caused by memory exhaustion in the common function in HTTP and MIME header parsing. By sending a specially crafted request, a remote attacker can cause a denial of service.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64 | — |
Vendor Fix
fix
|
Known not affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64 | — | ||
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64 | — | ||
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64 | — | ||
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64 | — | ||
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64 | — | ||
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64 | — |
Threats
Impact
Moderate
A flaw was found in Golang Go, where it is vulnerable to a denial of service caused by an issue during multipart form parsing. By sending a specially crafted input, a remote attacker can consume large amounts of CPU and memory, resulting in a denial of service.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64 | — |
Workaround
|
Threats
Impact
Moderate
A flaw was found in Golang Go, where it is vulnerable to a denial of service caused by an infinite loop due to integer overflow when calling any of the Parse functions. By sending a specially crafted input, a remote attacker can cause a denial of service.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64 | — |
Workaround
|
Threats
Impact
Moderate
A flaw was found in Golang Go. This flaw allows a remote attacker to execute arbitrary code on the system, caused by not properly considering backticks (`) as Javascript string delimiters. By sending a specially crafted request, an attacker execute arbitrary code on the system.
9.8 (Critical)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64 | — |
Workaround
|
Threats
Impact
Moderate
A flaw was found in golang where angle brackets (<>) were not considered dangerous characters when inserted into CSS contexts. Templates containing multiple actions separated by a '/' character could result in the CSS context unexpectedly closing, allowing for the injection of unexpected HMTL if executed with untrusted input.
7.3 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64 | — |
Workaround
|
Threats
Impact
Moderate
A flaw was found in golang. Templates containing actions in unquoted HTML attributes, for example, "attr={{.}}") executed with empty input, could result in output that has unexpected results when parsed due to HTML normalization rules. This issue may allow the injection of arbitrary attributes into tags.
7.3 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64 | — |
Workaround
|
Threats
Impact
Moderate
A denial of service vulnerability was found in the Golang Go package caused by an uncontrolled resource consumption flaw. By persuading a victim to use a specially crafted certificate with large RSA keys, a remote attacker can cause a client/server to expend significant CPU time verifying signatures, resulting in a denial of service condition.
5.3 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64 | — |
Vendor Fix
fix
|
Known not affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64 | — | ||
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64 | — | ||
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64 | — | ||
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64 | — | ||
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64 | — |
Threats
Impact
Moderate
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.
7.5 (High)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages. Security Bulletin https://access.redhat.com/security/vulnerabilities/RHSB-2023-003
7.5 (High)
Affected products
Fixed
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64 | — |
Workaround
|
Threats
Exploit Status
CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Impact
Important
References
96 references
Acknowledgments
Catena Cyber
Philippe Antoine
Mattermost
Juho Nurminen
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated Release packages that fix several bugs and add various enhancements are now available.",
"title": "Topic"
},
{
"category": "general",
"text": "Migration Toolkit for Virtualization 2.4.3 Images",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHBA-2023:6109",
"url": "https://access.redhat.com/errata/RHBA-2023:6109"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhba-2023_6109.json"
}
],
"title": "Red Hat Bug Fix Advisory: MTV 2.4.3 Images",
"tracking": {
"current_release_date": "2026-06-08T15:35:04+00:00",
"generator": {
"date": "2026-06-08T15:35:04+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.2"
}
},
"id": "RHBA-2023:6109",
"initial_release_date": "2023-10-25T12:32:35+00:00",
"revision_history": [
{
"date": "2023-10-25T12:32:35+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-10-25T12:32:35+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-08T15:35:04+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "8Base-MTV-2.4",
"product": {
"name": "8Base-MTV-2.4",
"product_id": "9Base-MTV-2.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:migration_toolkit_virtualization:2.4::el9"
}
}
},
{
"category": "product_name",
"name": "8Base-MTV-2.4",
"product": {
"name": "8Base-MTV-2.4",
"product_id": "8Base-MTV-2.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:migration_toolkit_virtualization:2.4::el8"
}
}
}
],
"category": "product_family",
"name": "Migration Toolkit for Virtualization"
},
{
"branches": [
{
"category": "product_version",
"name": "migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"product": {
"name": "migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"product_id": "migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747?arch=amd64\u0026repository_url=registry.redhat.io/migration-toolkit-virtualization/mtv-api-rhel9\u0026tag=2.4.3-5"
}
}
},
{
"category": "product_version",
"name": "migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"product": {
"name": "migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"product_id": "migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c?arch=amd64\u0026repository_url=registry.redhat.io/migration-toolkit-virtualization/mtv-console-plugin-rhel9\u0026tag=2.4.3-3"
}
}
},
{
"category": "product_version",
"name": "migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64",
"product": {
"name": "migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64",
"product_id": "migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d?arch=amd64\u0026repository_url=registry.redhat.io/migration-toolkit-virtualization/mtv-controller-rhel9\u0026tag=2.4.3-5"
}
}
},
{
"category": "product_version",
"name": "migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"product": {
"name": "migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"product_id": "migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223?arch=amd64\u0026repository_url=registry.redhat.io/migration-toolkit-virtualization/mtv-must-gather-api-rhel8\u0026tag=2.4.3-5"
}
}
},
{
"category": "product_version",
"name": "migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"product": {
"name": "migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"product_id": "migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa?arch=amd64\u0026repository_url=registry.redhat.io/migration-toolkit-virtualization/mtv-must-gather-rhel8\u0026tag=2.4.3-6"
}
}
},
{
"category": "product_version",
"name": "migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"product": {
"name": "migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"product_id": "migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63?arch=amd64\u0026repository_url=registry.redhat.io/migration-toolkit-virtualization/mtv-openstack-populator-rhel9\u0026tag=2.4.3-5"
}
}
},
{
"category": "product_version",
"name": "migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"product": {
"name": "migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"product_id": "migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741?arch=amd64\u0026repository_url=registry.redhat.io/migration-toolkit-virtualization/mtv-operator-bundle\u0026tag=2.4.3-12"
}
}
},
{
"category": "product_version",
"name": "migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"product": {
"name": "migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"product_id": "migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb?arch=amd64\u0026repository_url=registry.redhat.io/migration-toolkit-virtualization/mtv-rhel8-operator\u0026tag=2.4.3-3"
}
}
},
{
"category": "product_version",
"name": "migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"product": {
"name": "migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"product_id": "migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301?arch=amd64\u0026repository_url=registry.redhat.io/migration-toolkit-virtualization/mtv-populator-controller-rhel9\u0026tag=2.4.3-5"
}
}
},
{
"category": "product_version",
"name": "migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"product": {
"name": "migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"product_id": "migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b?arch=amd64\u0026repository_url=registry.redhat.io/migration-toolkit-virtualization/mtv-rhv-populator-rhel8\u0026tag=2.4.3-4"
}
}
},
{
"category": "product_version",
"name": "migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"product": {
"name": "migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"product_id": "migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff?arch=amd64\u0026repository_url=registry.redhat.io/migration-toolkit-virtualization/mtv-ui-rhel8\u0026tag=2.4.3-2"
}
}
},
{
"category": "product_version",
"name": "migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"product": {
"name": "migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"product_id": "migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed?arch=amd64\u0026repository_url=registry.redhat.io/migration-toolkit-virtualization/mtv-validation-rhel9\u0026tag=2.4.3-5"
}
}
},
{
"category": "product_version",
"name": "migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64",
"product": {
"name": "migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64",
"product_id": "migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7?arch=amd64\u0026repository_url=registry.redhat.io/migration-toolkit-virtualization/mtv-virt-v2v-rhel9\u0026tag=2.4.3-4"
}
}
},
{
"category": "product_version",
"name": "migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"product": {
"name": "migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"product_id": "migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c?arch=amd64\u0026repository_url=registry.redhat.io/migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8\u0026tag=2.4.3-3"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64 as a component of 8Base-MTV-2.4",
"product_id": "8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64"
},
"product_reference": "migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"relates_to_product_reference": "8Base-MTV-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64 as a component of 8Base-MTV-2.4",
"product_id": "8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64"
},
"product_reference": "migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"relates_to_product_reference": "8Base-MTV-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64 as a component of 8Base-MTV-2.4",
"product_id": "8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64"
},
"product_reference": "migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"relates_to_product_reference": "8Base-MTV-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64 as a component of 8Base-MTV-2.4",
"product_id": "8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64"
},
"product_reference": "migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"relates_to_product_reference": "8Base-MTV-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64 as a component of 8Base-MTV-2.4",
"product_id": "8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64"
},
"product_reference": "migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"relates_to_product_reference": "8Base-MTV-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64 as a component of 8Base-MTV-2.4",
"product_id": "8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64"
},
"product_reference": "migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"relates_to_product_reference": "8Base-MTV-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64 as a component of 8Base-MTV-2.4",
"product_id": "9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64"
},
"product_reference": "migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"relates_to_product_reference": "9Base-MTV-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64 as a component of 8Base-MTV-2.4",
"product_id": "9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64"
},
"product_reference": "migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"relates_to_product_reference": "9Base-MTV-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64 as a component of 8Base-MTV-2.4",
"product_id": "9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64"
},
"product_reference": "migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64",
"relates_to_product_reference": "9Base-MTV-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64 as a component of 8Base-MTV-2.4",
"product_id": "9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64"
},
"product_reference": "migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"relates_to_product_reference": "9Base-MTV-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64 as a component of 8Base-MTV-2.4",
"product_id": "9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64"
},
"product_reference": "migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"relates_to_product_reference": "9Base-MTV-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64 as a component of 8Base-MTV-2.4",
"product_id": "9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64"
},
"product_reference": "migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"relates_to_product_reference": "9Base-MTV-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64 as a component of 8Base-MTV-2.4",
"product_id": "9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64"
},
"product_reference": "migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"relates_to_product_reference": "9Base-MTV-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64 as a component of 8Base-MTV-2.4",
"product_id": "9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
},
"product_reference": "migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64",
"relates_to_product_reference": "9Base-MTV-2.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-32190",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2022-09-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2124668"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the golang package. The JoinPath doesn\u0027t remove the ../ path components appended to a domain that is not terminated by a slash, possibly leading to a directory traversal attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/url: JoinPath does not strip relative path components in all circumstances",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The vulnerable functions, JoinPath and URL.JoinPath was introduced in upstream go1.19, whereas, RHEL ships go1.17 and go1.18 versions, which does not contain the vulnerable code. Hence, packages shipped with RHEL-8, RHEL-9 are not affected.\n\nAll Y stream releases of OpenShift Container Platform 4 run on RHEL-8 or RHEL-9, so OCP 4 is also not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64"
],
"known_not_affected": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-32190"
},
{
"category": "external",
"summary": "RHBZ#2124668",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124668"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-32190",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32190"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-32190",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32190"
},
{
"category": "external",
"summary": "https://go.dev/issue/54385",
"url": "https://go.dev/issue/54385"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ",
"url": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ"
}
],
"release_date": "2022-09-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-25T12:32:35+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\n https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2023:6109"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/url: JoinPath does not strip relative path components in all circumstances"
},
{
"acknowledgments": [
{
"names": [
"Philippe Antoine"
],
"organization": "Catena Cyber"
}
],
"cve": "CVE-2022-41723",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-03-14T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2178358"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of requests.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Within OpenShift Container Platform, the maximum impact of this vulnerability is a denial of service against an individual container so the impact could not cascade across the entire infrastructure, this vulnerability is rated Moderate impact.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64"
],
"known_not_affected": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41723"
},
{
"category": "external",
"summary": "RHBZ#2178358",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178358"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41723",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41723"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41723",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41723"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h",
"url": "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h"
},
{
"category": "external",
"summary": "https://go.dev/cl/468135",
"url": "https://go.dev/cl/468135"
},
{
"category": "external",
"summary": "https://go.dev/cl/468295",
"url": "https://go.dev/cl/468295"
},
{
"category": "external",
"summary": "https://go.dev/issue/57855",
"url": "https://go.dev/issue/57855"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E",
"url": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-1571",
"url": "https://pkg.go.dev/vuln/GO-2023-1571"
},
{
"category": "external",
"summary": "https://vuln.go.dev/ID/GO-2023-1571.json",
"url": "https://vuln.go.dev/ID/GO-2023-1571.json"
}
],
"release_date": "2023-02-17T14:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-25T12:32:35+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\n https://access.redhat.com/articles/11258",
"product_ids": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2023:6109"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding"
},
{
"cve": "CVE-2022-41724",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-03-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2178492"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Golang Go, where it is vulnerable to a denial of service caused when processing large TLS handshake records. By sending specially-crafted TLS handshake records, a remote, authenticated attacker can cause a denial of service condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: crypto/tls: large handshake records may cause panics",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The opportunity for a denial of service is limited to the golang runtime. In the case of the OpenShift Container Platform, this would be restricted within each individual container. There are multiple layers of guide rails (Golang\u2019s Garbage Collector; OpenShift\u2019s resource constraints imposed at the container and cluster levels) which would require a malicious user to continue submitting attacks for there to be any enduring impact. They would also need access to external server resources to be able to send a massive volume of requests to cause a significant impact on server operations.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64"
],
"known_not_affected": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41724"
},
{
"category": "external",
"summary": "RHBZ#2178492",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178492"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41724",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41724"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41724",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41724"
},
{
"category": "external",
"summary": "https://go.dev/cl/468125",
"url": "https://go.dev/cl/468125"
},
{
"category": "external",
"summary": "https://go.dev/issue/58001",
"url": "https://go.dev/issue/58001"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E",
"url": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-1570",
"url": "https://pkg.go.dev/vuln/GO-2023-1570"
}
],
"release_date": "2023-02-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-25T12:32:35+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\n https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2023:6109"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: crypto/tls: large handshake records may cause panics"
},
{
"cve": "CVE-2022-41725",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-03-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2178488"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go, where it is vulnerable to a denial of service caused by an excessive resource consumption flaw in the net/http and mime/multipart packages. By sending a specially-crafted request, a remote attacker can cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http, mime/multipart: denial of service from excessive resource consumption",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The opportunity for a Denial of Service is limited to the golang runtime. In the case of the OpenShift Container Platform, this would be restricted within each individual container. There are multiple layers of guide rails (Golang\u2019s Garbage Collector; OpenShift\u2019s resource constraints imposed at the container and cluster levels) which would require a malicious user to continue submitting attacks for there to be any enduring impact. They would also need access to external server resources to be able to send a massive volume of requests to cause a significant impact on server operations.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64"
],
"known_not_affected": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41725"
},
{
"category": "external",
"summary": "RHBZ#2178488",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178488"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41725",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41725"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41725",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41725"
},
{
"category": "external",
"summary": "https://go.dev/cl/468124",
"url": "https://go.dev/cl/468124"
},
{
"category": "external",
"summary": "https://go.dev/issue/58006",
"url": "https://go.dev/issue/58006"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E",
"url": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-1569",
"url": "https://pkg.go.dev/vuln/GO-2023-1569"
}
],
"release_date": "2023-02-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-25T12:32:35+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\n https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2023:6109"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http, mime/multipart: denial of service from excessive resource consumption"
},
{
"cve": "CVE-2023-3978",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2023-08-03T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2228689"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Golang HTML package where it is vulnerable to Cross-site scripting caused by the improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially crafted URL to execute a script in a victim\u0027s web browser within the security context of the hosting website once the URL is clicked. The flaw allows an attacker to steal the victim\u0027s cookie-based authentication credentials.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/net/html: Cross site scripting",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64"
],
"known_not_affected": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-3978"
},
{
"category": "external",
"summary": "RHBZ#2228689",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2228689"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-3978",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3978"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-3978",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-3978"
},
{
"category": "external",
"summary": "https://go.dev/cl/514896",
"url": "https://go.dev/cl/514896"
},
{
"category": "external",
"summary": "https://go.dev/issue/61615",
"url": "https://go.dev/issue/61615"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-1988",
"url": "https://pkg.go.dev/vuln/GO-2023-1988"
}
],
"release_date": "2023-08-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-25T12:32:35+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\n https://access.redhat.com/articles/11258",
"product_ids": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2023:6109"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang.org/x/net/html: Cross site scripting"
},
{
"cve": "CVE-2023-24534",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-04-04T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2184483"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Golang Go, where it is vulnerable to a denial of service caused by memory exhaustion in the common function in HTTP and MIME header parsing. By sending a specially crafted request, a remote attacker can cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http, net/textproto: denial of service from excessive memory allocation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64"
],
"known_not_affected": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-24534"
},
{
"category": "external",
"summary": "RHBZ#2184483",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2184483"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-24534",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24534"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-24534",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24534"
},
{
"category": "external",
"summary": "https://go.dev/issue/58975",
"url": "https://go.dev/issue/58975"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/Xdv6JL9ENs8",
"url": "https://groups.google.com/g/golang-announce/c/Xdv6JL9ENs8"
}
],
"release_date": "2023-04-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-25T12:32:35+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\n https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2023:6109"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http, net/textproto: denial of service from excessive memory allocation"
},
{
"cve": "CVE-2023-24536",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-04-04T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2184482"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Golang Go, where it is vulnerable to a denial of service caused by an issue during multipart form parsing. By sending a specially crafted input, a remote attacker can consume large amounts of CPU and memory, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http, net/textproto, mime/multipart: denial of service from excessive resource consumption",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For Red Hat Enterprise Linux,\n\n* Conmon uses Go in unit testing, but not functionally in the package. Go is used only in test files, hence, not in the actual code, thus, conmon is not-affected.\n* The CVE refers to multipart form parsing routine mime/multipart.Reader.ReadForm, which is not used in Grafana, hence it is not-affected.\n* Butane does not parse multipart forms, hence, it is also not-affected.\nRedhat has marked this vulnerability as moderate as this vulnerability could lead to a potential denial of service when all the resource of a system is consumed which is technically not a clear case of denial of service.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64"
],
"known_not_affected": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-24536"
},
{
"category": "external",
"summary": "RHBZ#2184482",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2184482"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-24536",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24536"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-24536",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24536"
},
{
"category": "external",
"summary": "https://go.dev/issue/59153",
"url": "https://go.dev/issue/59153"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/Xdv6JL9ENs8",
"url": "https://groups.google.com/g/golang-announce/c/Xdv6JL9ENs8"
}
],
"release_date": "2023-04-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-25T12:32:35+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\n https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2023:6109"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http, net/textproto, mime/multipart: denial of service from excessive resource consumption"
},
{
"cve": "CVE-2023-24537",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2023-04-04T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2184484"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Golang Go, where it is vulnerable to a denial of service caused by an infinite loop due to integer overflow when calling any of the Parse functions. By sending a specially crafted input, a remote attacker can cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: go/parser: Infinite loop in parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability has been rated Moderate because it allows denial of service condition in Go\u2019s source code parser when processing specially crafted input containing //line directives with excessively large line numbers. Exploitation can cause the parser to enter an infinite loop, consuming CPU resources and rendering services unresponsive. While this issue does not permit code execution or data access, it poses a significant availability impact for systems processing untrusted Go source input.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64"
],
"known_not_affected": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-24537"
},
{
"category": "external",
"summary": "RHBZ#2184484",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2184484"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-24537",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24537"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-24537",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24537"
},
{
"category": "external",
"summary": "https://github.com/golang/go/issues/59180",
"url": "https://github.com/golang/go/issues/59180"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/Xdv6JL9ENs8",
"url": "https://groups.google.com/g/golang-announce/c/Xdv6JL9ENs8"
}
],
"release_date": "2023-04-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-25T12:32:35+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\n https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2023:6109"
},
{
"category": "workaround",
"details": "To mitigate this issue, upgrade Go to version 1.19.8, 1.20.3, or later, where the vulnerability has been addressed.",
"product_ids": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: go/parser: Infinite loop in parsing"
},
{
"cve": "CVE-2023-24538",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2023-04-04T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2184481"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Golang Go. This flaw allows a remote attacker to execute arbitrary code on the system, caused by not properly considering backticks (`) as Javascript string delimiters. By sending a specially crafted request, an attacker execute arbitrary code on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: html/template: backticks not treated as string delimiters",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The described issue involving Go templates and JavaScript template literals poses a moderate severity rather than an important one due to several mitigating factors. Firstly, the vulnerability requires specific conditions to be met: the presence of Go templates within JavaScript template literals. This limits the scope of affected codebases, reducing the likelihood of exploitation. Additionally, the decision to disallow such interactions in future releases of Go indicates a proactive approach to addressing the issue. Furthermore, the affected packages or components within Red Hat Enterprise Linux, such as Conmon, Grafana, and the RHC package, have been assessed and determined not to be impacted due to their specific usage patterns. So the limited scope of affected systems and the absence of exploitation vectors in specific components within Red Hat Enterprise Linux contribute to categorizing the severity of the issue as moderate.\n\nFor Red Hat Enterprise Linux,\n\n* Conmon uses go in unit testing, but not functionally in the package. Go is used only in test files, hence, not in the actual code, thus, conmon is not affected.\n* The Go templates in Grafana do not contain any javascript. Thus, it is not affected.\n* The rhc package do not make use of html/template. Hence, it is also not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64"
],
"known_not_affected": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-24538"
},
{
"category": "external",
"summary": "RHBZ#2184481",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2184481"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-24538",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24538"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-24538",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24538"
},
{
"category": "external",
"summary": "https://github.com/golang/go/issues/59234",
"url": "https://github.com/golang/go/issues/59234"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/Xdv6JL9ENs8",
"url": "https://groups.google.com/g/golang-announce/c/Xdv6JL9ENs8"
}
],
"release_date": "2023-04-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-25T12:32:35+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\n https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2023:6109"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: html/template: backticks not treated as string delimiters"
},
{
"acknowledgments": [
{
"names": [
"Juho Nurminen"
],
"organization": "Mattermost"
}
],
"cve": "CVE-2023-24539",
"cwe": {
"id": "CWE-176",
"name": "Improper Handling of Unicode Encoding"
},
"discovery_date": "2023-05-07T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2196026"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang where angle brackets (\u003c\u003e) were not considered dangerous characters when inserted into CSS contexts. Templates containing multiple actions separated by a \u0027/\u0027 character could result in the CSS context unexpectedly closing, allowing for the injection of unexpected HMTL if executed with untrusted input.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: html/template: improper sanitization of CSS values",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For Red Hat Enterprise Linux,\n\n* Conmon uses go in unit testing, but not functionally in the package. Go is used only in test files, not in the actual code. Thus, conmon is not affected.\n* The Go templates in Grafana do not contain any javascript. Thus, it is not affected.\n* Ignition does not make use of html/template.\n\nIn Red Hat Advanced Cluster Management for Kubernetes (RHACM), the affected containers are behind OpenShift OAuth authentication. This restricts access to the vulnerable golang html/templates to authenticated users only, therefore, the impact is low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64"
],
"known_not_affected": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-24539"
},
{
"category": "external",
"summary": "RHBZ#2196026",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2196026"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-24539",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24539"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-24539",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24539"
},
{
"category": "external",
"summary": "https://github.com/golang/go/issues/59720",
"url": "https://github.com/golang/go/issues/59720"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/MEb0UyuSMsU",
"url": "https://groups.google.com/g/golang-announce/c/MEb0UyuSMsU"
}
],
"release_date": "2023-04-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-25T12:32:35+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\n https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2023:6109"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: html/template: improper sanitization of CSS values"
},
{
"acknowledgments": [
{
"names": [
"Juho Nurminen"
],
"organization": "Mattermost"
}
],
"cve": "CVE-2023-29400",
"cwe": {
"id": "CWE-176",
"name": "Improper Handling of Unicode Encoding"
},
"discovery_date": "2023-05-07T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2196029"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. Templates containing actions in unquoted HTML attributes, for example, \"attr={{.}}\") executed with empty input, could result in output that has unexpected results when parsed due to HTML normalization rules. This issue may allow the injection of arbitrary attributes into tags.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: html/template: improper handling of empty HTML attributes",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For Red Hat Enterprise Linux,\n\n* Conmon uses go in unit testing, but not functionally in the package. Go is used only in test files, not in the actual code. Thus, conmon is not affected.\n* The Go templates in Grafana do not contain any javascript. Thus, it is not affected.\n* Ignition does not make use of html/template.\n\nIn OpenShift Container Platform and Red Hat Advanced Cluster Management for Kubernetes (RHACM), the affected containers are behind OAuth authentication. This restricts access to the vulnerable golang html/templates to authenticated users, reducing the impact to low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64"
],
"known_not_affected": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-29400"
},
{
"category": "external",
"summary": "RHBZ#2196029",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2196029"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-29400",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29400"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-29400",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29400"
},
{
"category": "external",
"summary": "https://go.dev/issue/59722",
"url": "https://go.dev/issue/59722"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/MEb0UyuSMsU",
"url": "https://groups.google.com/g/golang-announce/c/MEb0UyuSMsU"
}
],
"release_date": "2023-04-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-25T12:32:35+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\n https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2023:6109"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: html/template: improper handling of empty HTML attributes"
},
{
"cve": "CVE-2023-29409",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-08-03T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2228743"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service vulnerability was found in the Golang Go package caused by an uncontrolled resource consumption flaw. By persuading a victim to use a specially crafted certificate with large RSA keys, a remote attacker can cause a client/server to expend significant CPU time verifying signatures, resulting in a denial of service condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: crypto/tls: slow verification of certificate chains containing large RSA keys",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64"
],
"known_not_affected": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-29409"
},
{
"category": "external",
"summary": "RHBZ#2228743",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2228743"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-29409",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29409"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-29409",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29409"
},
{
"category": "external",
"summary": "https://go.dev/cl/515257",
"url": "https://go.dev/cl/515257"
},
{
"category": "external",
"summary": "https://go.dev/issue/61460",
"url": "https://go.dev/issue/61460"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ",
"url": "https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-1987",
"url": "https://pkg.go.dev/vuln/GO-2023-1987"
}
],
"release_date": "2023-08-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-25T12:32:35+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\n https://access.redhat.com/articles/11258",
"product_ids": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2023:6109"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: crypto/tls: slow verification of certificate chains containing large RSA keys"
},
{
"cve": "CVE-2023-39325",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-10T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2243296"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE is related to CVE-2023-44487.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nAs go-lang vendors its dependencies, a package may contain a library with a known vulnerability, solely because of lower tier libraries including it as a part of its dependencies, but the vulnerable code is not reachable at runtime. In such cases the issue is not exploitable. We classify these situations as \u201cNot affected\u201d or \u201cWill not fix,\u201d depending on the risk of breaking other unrelated packages.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64"
],
"known_not_affected": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39325"
},
{
"category": "external",
"summary": "RHBZ#2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2023-44487",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://go.dev/issue/63417",
"url": "https://go.dev/issue/63417"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-25T12:32:35+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\n https://access.redhat.com/articles/11258",
"product_ids": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2023:6109"
},
{
"category": "workaround",
"details": "The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)"
},
{
"cve": "CVE-2023-44487",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2242803"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages.\r\n\r\nSecurity Bulletin\r\nhttps://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "NGINX has been marked as Moderate Impact because, for performance and resource consumption reasons, NGINX limits the number of concurrent streams to a default of 128. In addition, to optimally balance network and server performance, NGINX allows the client to persist HTTP connections for up to 1000 requests by default using an HTTP keepalive.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nrhc component is no longer impacted by CVE-2023-44487 \u0026 CVE-2023-39325.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64"
],
"known_not_affected": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "RHBZ#2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://github.com/dotnet/announcements/issues/277",
"url": "https://github.com/dotnet/announcements/issues/277"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
},
{
"category": "external",
"summary": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/",
"url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-25T12:32:35+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\n https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2023:6109"
},
{
"category": "workaround",
"details": "Users are strongly urged to update their software as soon as fixes are available. \nThere are several mitigation approaches for this flaw. \n\n1. If circumstances permit, users may disable http2 endpoints to circumvent the flaw altogether until a fix is available.\n2. IP-based blocking or flood protection and rate control tools may be used at network endpoints to filter incoming traffic.\n3. Several package specific mitigations are also available. \n a. nginx: https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\n b. netty: https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p\n c. haproxy: https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\n d. nghttp2: https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg\n e. golang: The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-10-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)"
}
]
}
RHBA-2023:6254
Vulnerability from csaf_redhat - Published: 2023-11-02 00:10 - Updated: 2026-06-08 15:35Summary
Red Hat Bug Fix Advisory: OpenShift Container Platform Assisted Installer version 2.26.1 release
Severity
Important
Notes
Topic: Assisted Installer version 2.26.1 is now available for Red Hat OpenShift Container Platform.
Details: Red Hat OpenShift Container Platform is Red Hat's cloud computing
Kubernetes application platform solution designed for on-premise or private cloud deployments.
This advisory contains the container images for Red Hat OpenShift Container Platform related to the Assisted Installer.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-rhel8@sha256:6f242c9c58eb6b963043634deb588c7650b4d9d920b552875cc38c7339dbe971_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-rhel8@sha256:87d17df6b11851fc76fc59baeb116f9b0476e295df7ae4a19dcc4cba28884450_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-rhel8@sha256:daec8e0db2c276cd52a80115da4a52715f27584ea0d699ba9583786dfae2bf3b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-rhel8@sha256:e74ce2a65fefa286b1583aaad613736035c7052fe8d4bf53d315365c61696dba_ppc64le | — |
Vendor Fix
fix
Workaround
|
Known not affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-agent-rhel8@sha256:84e3c5280d8c0629324b3fbe9e82ac21c7f464a6f64ccb3a6155b24c37bf9040_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-agent-rhel8@sha256:9310948fdff425c553994efbc1d5ecac61ca9a4b2236e4f2d4bcf1805a3ff983_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-agent-rhel8@sha256:aac4a97cf6e5d6956e31336b1e19a7006a6a88dbd3bd96e6ba331bd59085e2ce_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-agent-rhel8@sha256:c6ee2abb6cca7244a282b8e6b3235e8df8b2864d39fe19919cb3db9047acb943_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:323987cc958f26387ebc08a488478e05d634fadc92fc9bf01a3027126b19e251_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:a404b59ec107bc7c1c7d9d19251d44136daf1c3ced06d8f2847fdf0451778562_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:c102491e8a8b7b8a40e09a9206cc3291cecedf5ab13ec1ef9cf3fcdeb1ff00b7_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:d87f95f5c685d893fc10b447345964a16731fe5bb2b95dc5a5494c7fc7f0d37c_ppc64le | — |
Workaround
|
Threats
Impact
Important
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages. Security Bulletin https://access.redhat.com/security/vulnerabilities/RHSB-2023-003
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-rhel8@sha256:6f242c9c58eb6b963043634deb588c7650b4d9d920b552875cc38c7339dbe971_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-rhel8@sha256:87d17df6b11851fc76fc59baeb116f9b0476e295df7ae4a19dcc4cba28884450_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-rhel8@sha256:daec8e0db2c276cd52a80115da4a52715f27584ea0d699ba9583786dfae2bf3b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-rhel8@sha256:e74ce2a65fefa286b1583aaad613736035c7052fe8d4bf53d315365c61696dba_ppc64le | — |
Vendor Fix
fix
Workaround
|
Known not affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-agent-rhel8@sha256:84e3c5280d8c0629324b3fbe9e82ac21c7f464a6f64ccb3a6155b24c37bf9040_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-agent-rhel8@sha256:9310948fdff425c553994efbc1d5ecac61ca9a4b2236e4f2d4bcf1805a3ff983_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-agent-rhel8@sha256:aac4a97cf6e5d6956e31336b1e19a7006a6a88dbd3bd96e6ba331bd59085e2ce_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-agent-rhel8@sha256:c6ee2abb6cca7244a282b8e6b3235e8df8b2864d39fe19919cb3db9047acb943_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:323987cc958f26387ebc08a488478e05d634fadc92fc9bf01a3027126b19e251_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:a404b59ec107bc7c1c7d9d19251d44136daf1c3ced06d8f2847fdf0451778562_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:c102491e8a8b7b8a40e09a9206cc3291cecedf5ab13ec1ef9cf3fcdeb1ff00b7_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:d87f95f5c685d893fc10b447345964a16731fe5bb2b95dc5a5494c7fc7f0d37c_ppc64le | — |
Workaround
|
Threats
Exploit Status
CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Impact
Important
References
24 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Assisted Installer version 2.26.1 is now available for Red Hat OpenShift Container Platform.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing\nKubernetes application platform solution designed for on-premise or private cloud deployments.\n\nThis advisory contains the container images for Red Hat OpenShift Container Platform related to the Assisted Installer.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHBA-2023:6254",
"url": "https://access.redhat.com/errata/RHBA-2023:6254"
},
{
"category": "external",
"summary": "MGMT-13692",
"url": "https://issues.redhat.com/browse/MGMT-13692"
},
{
"category": "external",
"summary": "MGMT-15984",
"url": "https://issues.redhat.com/browse/MGMT-15984"
},
{
"category": "external",
"summary": "MGMT-16011",
"url": "https://issues.redhat.com/browse/MGMT-16011"
},
{
"category": "external",
"summary": "MGMT-16037",
"url": "https://issues.redhat.com/browse/MGMT-16037"
},
{
"category": "external",
"summary": "MGMT-16039",
"url": "https://issues.redhat.com/browse/MGMT-16039"
},
{
"category": "external",
"summary": "MGMT-16045",
"url": "https://issues.redhat.com/browse/MGMT-16045"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhba-2023_6254.json"
}
],
"title": "Red Hat Bug Fix Advisory: OpenShift Container Platform Assisted Installer version 2.26.1 release",
"tracking": {
"current_release_date": "2026-06-08T15:35:05+00:00",
"generator": {
"date": "2026-06-08T15:35:05+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.2"
}
},
"id": "RHBA-2023:6254",
"initial_release_date": "2023-11-02T00:10:43+00:00",
"revision_history": [
{
"date": "2023-11-02T00:10:43+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-11-02T00:10:43+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-08T15:35:05+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Assisted Installer 2.0",
"product": {
"name": "Red Hat Assisted Installer 2.0",
"product_id": "8Base-RHAI-2.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:assisted_installer:2.0::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "rhai-tech-preview/assisted-installer-agent-rhel8@sha256:aac4a97cf6e5d6956e31336b1e19a7006a6a88dbd3bd96e6ba331bd59085e2ce_arm64",
"product": {
"name": "rhai-tech-preview/assisted-installer-agent-rhel8@sha256:aac4a97cf6e5d6956e31336b1e19a7006a6a88dbd3bd96e6ba331bd59085e2ce_arm64",
"product_id": "rhai-tech-preview/assisted-installer-agent-rhel8@sha256:aac4a97cf6e5d6956e31336b1e19a7006a6a88dbd3bd96e6ba331bd59085e2ce_arm64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-agent-rhel8@sha256:aac4a97cf6e5d6956e31336b1e19a7006a6a88dbd3bd96e6ba331bd59085e2ce?arch=arm64\u0026repository_url=registry.redhat.io/rhai-tech-preview/assisted-installer-agent-rhel8\u0026tag=v1.0.0-292"
}
}
},
{
"category": "product_version",
"name": "rhai-tech-preview/assisted-installer-rhel8@sha256:6f242c9c58eb6b963043634deb588c7650b4d9d920b552875cc38c7339dbe971_arm64",
"product": {
"name": "rhai-tech-preview/assisted-installer-rhel8@sha256:6f242c9c58eb6b963043634deb588c7650b4d9d920b552875cc38c7339dbe971_arm64",
"product_id": "rhai-tech-preview/assisted-installer-rhel8@sha256:6f242c9c58eb6b963043634deb588c7650b4d9d920b552875cc38c7339dbe971_arm64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-rhel8@sha256:6f242c9c58eb6b963043634deb588c7650b4d9d920b552875cc38c7339dbe971?arch=arm64\u0026repository_url=registry.redhat.io/rhai-tech-preview/assisted-installer-rhel8\u0026tag=v1.0.0-300"
}
}
},
{
"category": "product_version",
"name": "rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:a404b59ec107bc7c1c7d9d19251d44136daf1c3ced06d8f2847fdf0451778562_arm64",
"product": {
"name": "rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:a404b59ec107bc7c1c7d9d19251d44136daf1c3ced06d8f2847fdf0451778562_arm64",
"product_id": "rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:a404b59ec107bc7c1c7d9d19251d44136daf1c3ced06d8f2847fdf0451778562_arm64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-reporter-rhel8@sha256:a404b59ec107bc7c1c7d9d19251d44136daf1c3ced06d8f2847fdf0451778562?arch=arm64\u0026repository_url=registry.redhat.io/rhai-tech-preview/assisted-installer-reporter-rhel8\u0026tag=v1.0.0-375"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "rhai-tech-preview/assisted-installer-agent-rhel8@sha256:9310948fdff425c553994efbc1d5ecac61ca9a4b2236e4f2d4bcf1805a3ff983_ppc64le",
"product": {
"name": "rhai-tech-preview/assisted-installer-agent-rhel8@sha256:9310948fdff425c553994efbc1d5ecac61ca9a4b2236e4f2d4bcf1805a3ff983_ppc64le",
"product_id": "rhai-tech-preview/assisted-installer-agent-rhel8@sha256:9310948fdff425c553994efbc1d5ecac61ca9a4b2236e4f2d4bcf1805a3ff983_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-agent-rhel8@sha256:9310948fdff425c553994efbc1d5ecac61ca9a4b2236e4f2d4bcf1805a3ff983?arch=ppc64le\u0026repository_url=registry.redhat.io/rhai-tech-preview/assisted-installer-agent-rhel8\u0026tag=v1.0.0-292"
}
}
},
{
"category": "product_version",
"name": "rhai-tech-preview/assisted-installer-rhel8@sha256:e74ce2a65fefa286b1583aaad613736035c7052fe8d4bf53d315365c61696dba_ppc64le",
"product": {
"name": "rhai-tech-preview/assisted-installer-rhel8@sha256:e74ce2a65fefa286b1583aaad613736035c7052fe8d4bf53d315365c61696dba_ppc64le",
"product_id": "rhai-tech-preview/assisted-installer-rhel8@sha256:e74ce2a65fefa286b1583aaad613736035c7052fe8d4bf53d315365c61696dba_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-rhel8@sha256:e74ce2a65fefa286b1583aaad613736035c7052fe8d4bf53d315365c61696dba?arch=ppc64le\u0026repository_url=registry.redhat.io/rhai-tech-preview/assisted-installer-rhel8\u0026tag=v1.0.0-300"
}
}
},
{
"category": "product_version",
"name": "rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:d87f95f5c685d893fc10b447345964a16731fe5bb2b95dc5a5494c7fc7f0d37c_ppc64le",
"product": {
"name": "rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:d87f95f5c685d893fc10b447345964a16731fe5bb2b95dc5a5494c7fc7f0d37c_ppc64le",
"product_id": "rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:d87f95f5c685d893fc10b447345964a16731fe5bb2b95dc5a5494c7fc7f0d37c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-reporter-rhel8@sha256:d87f95f5c685d893fc10b447345964a16731fe5bb2b95dc5a5494c7fc7f0d37c?arch=ppc64le\u0026repository_url=registry.redhat.io/rhai-tech-preview/assisted-installer-reporter-rhel8\u0026tag=v1.0.0-375"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "rhai-tech-preview/assisted-installer-agent-rhel8@sha256:c6ee2abb6cca7244a282b8e6b3235e8df8b2864d39fe19919cb3db9047acb943_s390x",
"product": {
"name": "rhai-tech-preview/assisted-installer-agent-rhel8@sha256:c6ee2abb6cca7244a282b8e6b3235e8df8b2864d39fe19919cb3db9047acb943_s390x",
"product_id": "rhai-tech-preview/assisted-installer-agent-rhel8@sha256:c6ee2abb6cca7244a282b8e6b3235e8df8b2864d39fe19919cb3db9047acb943_s390x",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-agent-rhel8@sha256:c6ee2abb6cca7244a282b8e6b3235e8df8b2864d39fe19919cb3db9047acb943?arch=s390x\u0026repository_url=registry.redhat.io/rhai-tech-preview/assisted-installer-agent-rhel8\u0026tag=v1.0.0-292"
}
}
},
{
"category": "product_version",
"name": "rhai-tech-preview/assisted-installer-rhel8@sha256:87d17df6b11851fc76fc59baeb116f9b0476e295df7ae4a19dcc4cba28884450_s390x",
"product": {
"name": "rhai-tech-preview/assisted-installer-rhel8@sha256:87d17df6b11851fc76fc59baeb116f9b0476e295df7ae4a19dcc4cba28884450_s390x",
"product_id": "rhai-tech-preview/assisted-installer-rhel8@sha256:87d17df6b11851fc76fc59baeb116f9b0476e295df7ae4a19dcc4cba28884450_s390x",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-rhel8@sha256:87d17df6b11851fc76fc59baeb116f9b0476e295df7ae4a19dcc4cba28884450?arch=s390x\u0026repository_url=registry.redhat.io/rhai-tech-preview/assisted-installer-rhel8\u0026tag=v1.0.0-300"
}
}
},
{
"category": "product_version",
"name": "rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:c102491e8a8b7b8a40e09a9206cc3291cecedf5ab13ec1ef9cf3fcdeb1ff00b7_s390x",
"product": {
"name": "rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:c102491e8a8b7b8a40e09a9206cc3291cecedf5ab13ec1ef9cf3fcdeb1ff00b7_s390x",
"product_id": "rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:c102491e8a8b7b8a40e09a9206cc3291cecedf5ab13ec1ef9cf3fcdeb1ff00b7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-reporter-rhel8@sha256:c102491e8a8b7b8a40e09a9206cc3291cecedf5ab13ec1ef9cf3fcdeb1ff00b7?arch=s390x\u0026repository_url=registry.redhat.io/rhai-tech-preview/assisted-installer-reporter-rhel8\u0026tag=v1.0.0-375"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "rhai-tech-preview/assisted-installer-agent-rhel8@sha256:84e3c5280d8c0629324b3fbe9e82ac21c7f464a6f64ccb3a6155b24c37bf9040_amd64",
"product": {
"name": "rhai-tech-preview/assisted-installer-agent-rhel8@sha256:84e3c5280d8c0629324b3fbe9e82ac21c7f464a6f64ccb3a6155b24c37bf9040_amd64",
"product_id": "rhai-tech-preview/assisted-installer-agent-rhel8@sha256:84e3c5280d8c0629324b3fbe9e82ac21c7f464a6f64ccb3a6155b24c37bf9040_amd64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-agent-rhel8@sha256:84e3c5280d8c0629324b3fbe9e82ac21c7f464a6f64ccb3a6155b24c37bf9040?arch=amd64\u0026repository_url=registry.redhat.io/rhai-tech-preview/assisted-installer-agent-rhel8\u0026tag=v1.0.0-292"
}
}
},
{
"category": "product_version",
"name": "rhai-tech-preview/assisted-installer-rhel8@sha256:daec8e0db2c276cd52a80115da4a52715f27584ea0d699ba9583786dfae2bf3b_amd64",
"product": {
"name": "rhai-tech-preview/assisted-installer-rhel8@sha256:daec8e0db2c276cd52a80115da4a52715f27584ea0d699ba9583786dfae2bf3b_amd64",
"product_id": "rhai-tech-preview/assisted-installer-rhel8@sha256:daec8e0db2c276cd52a80115da4a52715f27584ea0d699ba9583786dfae2bf3b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-rhel8@sha256:daec8e0db2c276cd52a80115da4a52715f27584ea0d699ba9583786dfae2bf3b?arch=amd64\u0026repository_url=registry.redhat.io/rhai-tech-preview/assisted-installer-rhel8\u0026tag=v1.0.0-300"
}
}
},
{
"category": "product_version",
"name": "rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:323987cc958f26387ebc08a488478e05d634fadc92fc9bf01a3027126b19e251_amd64",
"product": {
"name": "rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:323987cc958f26387ebc08a488478e05d634fadc92fc9bf01a3027126b19e251_amd64",
"product_id": "rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:323987cc958f26387ebc08a488478e05d634fadc92fc9bf01a3027126b19e251_amd64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-reporter-rhel8@sha256:323987cc958f26387ebc08a488478e05d634fadc92fc9bf01a3027126b19e251?arch=amd64\u0026repository_url=registry.redhat.io/rhai-tech-preview/assisted-installer-reporter-rhel8\u0026tag=v1.0.0-375"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "rhai-tech-preview/assisted-installer-agent-rhel8@sha256:84e3c5280d8c0629324b3fbe9e82ac21c7f464a6f64ccb3a6155b24c37bf9040_amd64 as a component of Red Hat Assisted Installer 2.0",
"product_id": "8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-agent-rhel8@sha256:84e3c5280d8c0629324b3fbe9e82ac21c7f464a6f64ccb3a6155b24c37bf9040_amd64"
},
"product_reference": "rhai-tech-preview/assisted-installer-agent-rhel8@sha256:84e3c5280d8c0629324b3fbe9e82ac21c7f464a6f64ccb3a6155b24c37bf9040_amd64",
"relates_to_product_reference": "8Base-RHAI-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhai-tech-preview/assisted-installer-agent-rhel8@sha256:9310948fdff425c553994efbc1d5ecac61ca9a4b2236e4f2d4bcf1805a3ff983_ppc64le as a component of Red Hat Assisted Installer 2.0",
"product_id": "8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-agent-rhel8@sha256:9310948fdff425c553994efbc1d5ecac61ca9a4b2236e4f2d4bcf1805a3ff983_ppc64le"
},
"product_reference": "rhai-tech-preview/assisted-installer-agent-rhel8@sha256:9310948fdff425c553994efbc1d5ecac61ca9a4b2236e4f2d4bcf1805a3ff983_ppc64le",
"relates_to_product_reference": "8Base-RHAI-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhai-tech-preview/assisted-installer-agent-rhel8@sha256:aac4a97cf6e5d6956e31336b1e19a7006a6a88dbd3bd96e6ba331bd59085e2ce_arm64 as a component of Red Hat Assisted Installer 2.0",
"product_id": "8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-agent-rhel8@sha256:aac4a97cf6e5d6956e31336b1e19a7006a6a88dbd3bd96e6ba331bd59085e2ce_arm64"
},
"product_reference": "rhai-tech-preview/assisted-installer-agent-rhel8@sha256:aac4a97cf6e5d6956e31336b1e19a7006a6a88dbd3bd96e6ba331bd59085e2ce_arm64",
"relates_to_product_reference": "8Base-RHAI-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhai-tech-preview/assisted-installer-agent-rhel8@sha256:c6ee2abb6cca7244a282b8e6b3235e8df8b2864d39fe19919cb3db9047acb943_s390x as a component of Red Hat Assisted Installer 2.0",
"product_id": "8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-agent-rhel8@sha256:c6ee2abb6cca7244a282b8e6b3235e8df8b2864d39fe19919cb3db9047acb943_s390x"
},
"product_reference": "rhai-tech-preview/assisted-installer-agent-rhel8@sha256:c6ee2abb6cca7244a282b8e6b3235e8df8b2864d39fe19919cb3db9047acb943_s390x",
"relates_to_product_reference": "8Base-RHAI-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:323987cc958f26387ebc08a488478e05d634fadc92fc9bf01a3027126b19e251_amd64 as a component of Red Hat Assisted Installer 2.0",
"product_id": "8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:323987cc958f26387ebc08a488478e05d634fadc92fc9bf01a3027126b19e251_amd64"
},
"product_reference": "rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:323987cc958f26387ebc08a488478e05d634fadc92fc9bf01a3027126b19e251_amd64",
"relates_to_product_reference": "8Base-RHAI-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:a404b59ec107bc7c1c7d9d19251d44136daf1c3ced06d8f2847fdf0451778562_arm64 as a component of Red Hat Assisted Installer 2.0",
"product_id": "8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:a404b59ec107bc7c1c7d9d19251d44136daf1c3ced06d8f2847fdf0451778562_arm64"
},
"product_reference": "rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:a404b59ec107bc7c1c7d9d19251d44136daf1c3ced06d8f2847fdf0451778562_arm64",
"relates_to_product_reference": "8Base-RHAI-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:c102491e8a8b7b8a40e09a9206cc3291cecedf5ab13ec1ef9cf3fcdeb1ff00b7_s390x as a component of Red Hat Assisted Installer 2.0",
"product_id": "8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:c102491e8a8b7b8a40e09a9206cc3291cecedf5ab13ec1ef9cf3fcdeb1ff00b7_s390x"
},
"product_reference": "rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:c102491e8a8b7b8a40e09a9206cc3291cecedf5ab13ec1ef9cf3fcdeb1ff00b7_s390x",
"relates_to_product_reference": "8Base-RHAI-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:d87f95f5c685d893fc10b447345964a16731fe5bb2b95dc5a5494c7fc7f0d37c_ppc64le as a component of Red Hat Assisted Installer 2.0",
"product_id": "8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:d87f95f5c685d893fc10b447345964a16731fe5bb2b95dc5a5494c7fc7f0d37c_ppc64le"
},
"product_reference": "rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:d87f95f5c685d893fc10b447345964a16731fe5bb2b95dc5a5494c7fc7f0d37c_ppc64le",
"relates_to_product_reference": "8Base-RHAI-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhai-tech-preview/assisted-installer-rhel8@sha256:6f242c9c58eb6b963043634deb588c7650b4d9d920b552875cc38c7339dbe971_arm64 as a component of Red Hat Assisted Installer 2.0",
"product_id": "8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-rhel8@sha256:6f242c9c58eb6b963043634deb588c7650b4d9d920b552875cc38c7339dbe971_arm64"
},
"product_reference": "rhai-tech-preview/assisted-installer-rhel8@sha256:6f242c9c58eb6b963043634deb588c7650b4d9d920b552875cc38c7339dbe971_arm64",
"relates_to_product_reference": "8Base-RHAI-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhai-tech-preview/assisted-installer-rhel8@sha256:87d17df6b11851fc76fc59baeb116f9b0476e295df7ae4a19dcc4cba28884450_s390x as a component of Red Hat Assisted Installer 2.0",
"product_id": "8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-rhel8@sha256:87d17df6b11851fc76fc59baeb116f9b0476e295df7ae4a19dcc4cba28884450_s390x"
},
"product_reference": "rhai-tech-preview/assisted-installer-rhel8@sha256:87d17df6b11851fc76fc59baeb116f9b0476e295df7ae4a19dcc4cba28884450_s390x",
"relates_to_product_reference": "8Base-RHAI-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhai-tech-preview/assisted-installer-rhel8@sha256:daec8e0db2c276cd52a80115da4a52715f27584ea0d699ba9583786dfae2bf3b_amd64 as a component of Red Hat Assisted Installer 2.0",
"product_id": "8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-rhel8@sha256:daec8e0db2c276cd52a80115da4a52715f27584ea0d699ba9583786dfae2bf3b_amd64"
},
"product_reference": "rhai-tech-preview/assisted-installer-rhel8@sha256:daec8e0db2c276cd52a80115da4a52715f27584ea0d699ba9583786dfae2bf3b_amd64",
"relates_to_product_reference": "8Base-RHAI-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhai-tech-preview/assisted-installer-rhel8@sha256:e74ce2a65fefa286b1583aaad613736035c7052fe8d4bf53d315365c61696dba_ppc64le as a component of Red Hat Assisted Installer 2.0",
"product_id": "8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-rhel8@sha256:e74ce2a65fefa286b1583aaad613736035c7052fe8d4bf53d315365c61696dba_ppc64le"
},
"product_reference": "rhai-tech-preview/assisted-installer-rhel8@sha256:e74ce2a65fefa286b1583aaad613736035c7052fe8d4bf53d315365c61696dba_ppc64le",
"relates_to_product_reference": "8Base-RHAI-2.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-39325",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-10T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-agent-rhel8@sha256:84e3c5280d8c0629324b3fbe9e82ac21c7f464a6f64ccb3a6155b24c37bf9040_amd64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-agent-rhel8@sha256:9310948fdff425c553994efbc1d5ecac61ca9a4b2236e4f2d4bcf1805a3ff983_ppc64le",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-agent-rhel8@sha256:aac4a97cf6e5d6956e31336b1e19a7006a6a88dbd3bd96e6ba331bd59085e2ce_arm64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-agent-rhel8@sha256:c6ee2abb6cca7244a282b8e6b3235e8df8b2864d39fe19919cb3db9047acb943_s390x",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:323987cc958f26387ebc08a488478e05d634fadc92fc9bf01a3027126b19e251_amd64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:a404b59ec107bc7c1c7d9d19251d44136daf1c3ced06d8f2847fdf0451778562_arm64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:c102491e8a8b7b8a40e09a9206cc3291cecedf5ab13ec1ef9cf3fcdeb1ff00b7_s390x",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:d87f95f5c685d893fc10b447345964a16731fe5bb2b95dc5a5494c7fc7f0d37c_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2243296"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE is related to CVE-2023-44487.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nAs go-lang vendors its dependencies, a package may contain a library with a known vulnerability, solely because of lower tier libraries including it as a part of its dependencies, but the vulnerable code is not reachable at runtime. In such cases the issue is not exploitable. We classify these situations as \u201cNot affected\u201d or \u201cWill not fix,\u201d depending on the risk of breaking other unrelated packages.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-rhel8@sha256:6f242c9c58eb6b963043634deb588c7650b4d9d920b552875cc38c7339dbe971_arm64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-rhel8@sha256:87d17df6b11851fc76fc59baeb116f9b0476e295df7ae4a19dcc4cba28884450_s390x",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-rhel8@sha256:daec8e0db2c276cd52a80115da4a52715f27584ea0d699ba9583786dfae2bf3b_amd64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-rhel8@sha256:e74ce2a65fefa286b1583aaad613736035c7052fe8d4bf53d315365c61696dba_ppc64le"
],
"known_not_affected": [
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-agent-rhel8@sha256:84e3c5280d8c0629324b3fbe9e82ac21c7f464a6f64ccb3a6155b24c37bf9040_amd64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-agent-rhel8@sha256:9310948fdff425c553994efbc1d5ecac61ca9a4b2236e4f2d4bcf1805a3ff983_ppc64le",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-agent-rhel8@sha256:aac4a97cf6e5d6956e31336b1e19a7006a6a88dbd3bd96e6ba331bd59085e2ce_arm64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-agent-rhel8@sha256:c6ee2abb6cca7244a282b8e6b3235e8df8b2864d39fe19919cb3db9047acb943_s390x",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:323987cc958f26387ebc08a488478e05d634fadc92fc9bf01a3027126b19e251_amd64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:a404b59ec107bc7c1c7d9d19251d44136daf1c3ced06d8f2847fdf0451778562_arm64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:c102491e8a8b7b8a40e09a9206cc3291cecedf5ab13ec1ef9cf3fcdeb1ff00b7_s390x",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:d87f95f5c685d893fc10b447345964a16731fe5bb2b95dc5a5494c7fc7f0d37c_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39325"
},
{
"category": "external",
"summary": "RHBZ#2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2023-44487",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://go.dev/issue/63417",
"url": "https://go.dev/issue/63417"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-02T00:10:43+00:00",
"details": "For OpenShift Container Platform 4.14, see the following documentation for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.14/release_notes/ocp-4-14-release-notes.html",
"product_ids": [
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-rhel8@sha256:6f242c9c58eb6b963043634deb588c7650b4d9d920b552875cc38c7339dbe971_arm64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-rhel8@sha256:87d17df6b11851fc76fc59baeb116f9b0476e295df7ae4a19dcc4cba28884450_s390x",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-rhel8@sha256:daec8e0db2c276cd52a80115da4a52715f27584ea0d699ba9583786dfae2bf3b_amd64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-rhel8@sha256:e74ce2a65fefa286b1583aaad613736035c7052fe8d4bf53d315365c61696dba_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2023:6254"
},
{
"category": "workaround",
"details": "The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-agent-rhel8@sha256:84e3c5280d8c0629324b3fbe9e82ac21c7f464a6f64ccb3a6155b24c37bf9040_amd64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-agent-rhel8@sha256:9310948fdff425c553994efbc1d5ecac61ca9a4b2236e4f2d4bcf1805a3ff983_ppc64le",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-agent-rhel8@sha256:aac4a97cf6e5d6956e31336b1e19a7006a6a88dbd3bd96e6ba331bd59085e2ce_arm64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-agent-rhel8@sha256:c6ee2abb6cca7244a282b8e6b3235e8df8b2864d39fe19919cb3db9047acb943_s390x",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:323987cc958f26387ebc08a488478e05d634fadc92fc9bf01a3027126b19e251_amd64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:a404b59ec107bc7c1c7d9d19251d44136daf1c3ced06d8f2847fdf0451778562_arm64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:c102491e8a8b7b8a40e09a9206cc3291cecedf5ab13ec1ef9cf3fcdeb1ff00b7_s390x",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:d87f95f5c685d893fc10b447345964a16731fe5bb2b95dc5a5494c7fc7f0d37c_ppc64le",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-rhel8@sha256:6f242c9c58eb6b963043634deb588c7650b4d9d920b552875cc38c7339dbe971_arm64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-rhel8@sha256:87d17df6b11851fc76fc59baeb116f9b0476e295df7ae4a19dcc4cba28884450_s390x",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-rhel8@sha256:daec8e0db2c276cd52a80115da4a52715f27584ea0d699ba9583786dfae2bf3b_amd64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-rhel8@sha256:e74ce2a65fefa286b1583aaad613736035c7052fe8d4bf53d315365c61696dba_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-agent-rhel8@sha256:84e3c5280d8c0629324b3fbe9e82ac21c7f464a6f64ccb3a6155b24c37bf9040_amd64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-agent-rhel8@sha256:9310948fdff425c553994efbc1d5ecac61ca9a4b2236e4f2d4bcf1805a3ff983_ppc64le",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-agent-rhel8@sha256:aac4a97cf6e5d6956e31336b1e19a7006a6a88dbd3bd96e6ba331bd59085e2ce_arm64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-agent-rhel8@sha256:c6ee2abb6cca7244a282b8e6b3235e8df8b2864d39fe19919cb3db9047acb943_s390x",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:323987cc958f26387ebc08a488478e05d634fadc92fc9bf01a3027126b19e251_amd64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:a404b59ec107bc7c1c7d9d19251d44136daf1c3ced06d8f2847fdf0451778562_arm64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:c102491e8a8b7b8a40e09a9206cc3291cecedf5ab13ec1ef9cf3fcdeb1ff00b7_s390x",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:d87f95f5c685d893fc10b447345964a16731fe5bb2b95dc5a5494c7fc7f0d37c_ppc64le",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-rhel8@sha256:6f242c9c58eb6b963043634deb588c7650b4d9d920b552875cc38c7339dbe971_arm64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-rhel8@sha256:87d17df6b11851fc76fc59baeb116f9b0476e295df7ae4a19dcc4cba28884450_s390x",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-rhel8@sha256:daec8e0db2c276cd52a80115da4a52715f27584ea0d699ba9583786dfae2bf3b_amd64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-rhel8@sha256:e74ce2a65fefa286b1583aaad613736035c7052fe8d4bf53d315365c61696dba_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)"
},
{
"cve": "CVE-2023-44487",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-agent-rhel8@sha256:84e3c5280d8c0629324b3fbe9e82ac21c7f464a6f64ccb3a6155b24c37bf9040_amd64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-agent-rhel8@sha256:9310948fdff425c553994efbc1d5ecac61ca9a4b2236e4f2d4bcf1805a3ff983_ppc64le",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-agent-rhel8@sha256:aac4a97cf6e5d6956e31336b1e19a7006a6a88dbd3bd96e6ba331bd59085e2ce_arm64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-agent-rhel8@sha256:c6ee2abb6cca7244a282b8e6b3235e8df8b2864d39fe19919cb3db9047acb943_s390x",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:323987cc958f26387ebc08a488478e05d634fadc92fc9bf01a3027126b19e251_amd64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:a404b59ec107bc7c1c7d9d19251d44136daf1c3ced06d8f2847fdf0451778562_arm64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:c102491e8a8b7b8a40e09a9206cc3291cecedf5ab13ec1ef9cf3fcdeb1ff00b7_s390x",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:d87f95f5c685d893fc10b447345964a16731fe5bb2b95dc5a5494c7fc7f0d37c_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2242803"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages.\r\n\r\nSecurity Bulletin\r\nhttps://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "NGINX has been marked as Moderate Impact because, for performance and resource consumption reasons, NGINX limits the number of concurrent streams to a default of 128. In addition, to optimally balance network and server performance, NGINX allows the client to persist HTTP connections for up to 1000 requests by default using an HTTP keepalive.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nrhc component is no longer impacted by CVE-2023-44487 \u0026 CVE-2023-39325.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-rhel8@sha256:6f242c9c58eb6b963043634deb588c7650b4d9d920b552875cc38c7339dbe971_arm64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-rhel8@sha256:87d17df6b11851fc76fc59baeb116f9b0476e295df7ae4a19dcc4cba28884450_s390x",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-rhel8@sha256:daec8e0db2c276cd52a80115da4a52715f27584ea0d699ba9583786dfae2bf3b_amd64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-rhel8@sha256:e74ce2a65fefa286b1583aaad613736035c7052fe8d4bf53d315365c61696dba_ppc64le"
],
"known_not_affected": [
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-agent-rhel8@sha256:84e3c5280d8c0629324b3fbe9e82ac21c7f464a6f64ccb3a6155b24c37bf9040_amd64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-agent-rhel8@sha256:9310948fdff425c553994efbc1d5ecac61ca9a4b2236e4f2d4bcf1805a3ff983_ppc64le",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-agent-rhel8@sha256:aac4a97cf6e5d6956e31336b1e19a7006a6a88dbd3bd96e6ba331bd59085e2ce_arm64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-agent-rhel8@sha256:c6ee2abb6cca7244a282b8e6b3235e8df8b2864d39fe19919cb3db9047acb943_s390x",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:323987cc958f26387ebc08a488478e05d634fadc92fc9bf01a3027126b19e251_amd64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:a404b59ec107bc7c1c7d9d19251d44136daf1c3ced06d8f2847fdf0451778562_arm64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:c102491e8a8b7b8a40e09a9206cc3291cecedf5ab13ec1ef9cf3fcdeb1ff00b7_s390x",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:d87f95f5c685d893fc10b447345964a16731fe5bb2b95dc5a5494c7fc7f0d37c_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "RHBZ#2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://github.com/dotnet/announcements/issues/277",
"url": "https://github.com/dotnet/announcements/issues/277"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
},
{
"category": "external",
"summary": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/",
"url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-02T00:10:43+00:00",
"details": "For OpenShift Container Platform 4.14, see the following documentation for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.14/release_notes/ocp-4-14-release-notes.html",
"product_ids": [
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-rhel8@sha256:6f242c9c58eb6b963043634deb588c7650b4d9d920b552875cc38c7339dbe971_arm64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-rhel8@sha256:87d17df6b11851fc76fc59baeb116f9b0476e295df7ae4a19dcc4cba28884450_s390x",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-rhel8@sha256:daec8e0db2c276cd52a80115da4a52715f27584ea0d699ba9583786dfae2bf3b_amd64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-rhel8@sha256:e74ce2a65fefa286b1583aaad613736035c7052fe8d4bf53d315365c61696dba_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2023:6254"
},
{
"category": "workaround",
"details": "Users are strongly urged to update their software as soon as fixes are available. \nThere are several mitigation approaches for this flaw. \n\n1. If circumstances permit, users may disable http2 endpoints to circumvent the flaw altogether until a fix is available.\n2. IP-based blocking or flood protection and rate control tools may be used at network endpoints to filter incoming traffic.\n3. Several package specific mitigations are also available. \n a. nginx: https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\n b. netty: https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p\n c. haproxy: https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\n d. nghttp2: https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg\n e. golang: The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-agent-rhel8@sha256:84e3c5280d8c0629324b3fbe9e82ac21c7f464a6f64ccb3a6155b24c37bf9040_amd64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-agent-rhel8@sha256:9310948fdff425c553994efbc1d5ecac61ca9a4b2236e4f2d4bcf1805a3ff983_ppc64le",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-agent-rhel8@sha256:aac4a97cf6e5d6956e31336b1e19a7006a6a88dbd3bd96e6ba331bd59085e2ce_arm64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-agent-rhel8@sha256:c6ee2abb6cca7244a282b8e6b3235e8df8b2864d39fe19919cb3db9047acb943_s390x",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:323987cc958f26387ebc08a488478e05d634fadc92fc9bf01a3027126b19e251_amd64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:a404b59ec107bc7c1c7d9d19251d44136daf1c3ced06d8f2847fdf0451778562_arm64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:c102491e8a8b7b8a40e09a9206cc3291cecedf5ab13ec1ef9cf3fcdeb1ff00b7_s390x",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:d87f95f5c685d893fc10b447345964a16731fe5bb2b95dc5a5494c7fc7f0d37c_ppc64le",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-rhel8@sha256:6f242c9c58eb6b963043634deb588c7650b4d9d920b552875cc38c7339dbe971_arm64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-rhel8@sha256:87d17df6b11851fc76fc59baeb116f9b0476e295df7ae4a19dcc4cba28884450_s390x",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-rhel8@sha256:daec8e0db2c276cd52a80115da4a52715f27584ea0d699ba9583786dfae2bf3b_amd64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-rhel8@sha256:e74ce2a65fefa286b1583aaad613736035c7052fe8d4bf53d315365c61696dba_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-agent-rhel8@sha256:84e3c5280d8c0629324b3fbe9e82ac21c7f464a6f64ccb3a6155b24c37bf9040_amd64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-agent-rhel8@sha256:9310948fdff425c553994efbc1d5ecac61ca9a4b2236e4f2d4bcf1805a3ff983_ppc64le",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-agent-rhel8@sha256:aac4a97cf6e5d6956e31336b1e19a7006a6a88dbd3bd96e6ba331bd59085e2ce_arm64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-agent-rhel8@sha256:c6ee2abb6cca7244a282b8e6b3235e8df8b2864d39fe19919cb3db9047acb943_s390x",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:323987cc958f26387ebc08a488478e05d634fadc92fc9bf01a3027126b19e251_amd64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:a404b59ec107bc7c1c7d9d19251d44136daf1c3ced06d8f2847fdf0451778562_arm64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:c102491e8a8b7b8a40e09a9206cc3291cecedf5ab13ec1ef9cf3fcdeb1ff00b7_s390x",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:d87f95f5c685d893fc10b447345964a16731fe5bb2b95dc5a5494c7fc7f0d37c_ppc64le",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-rhel8@sha256:6f242c9c58eb6b963043634deb588c7650b4d9d920b552875cc38c7339dbe971_arm64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-rhel8@sha256:87d17df6b11851fc76fc59baeb116f9b0476e295df7ae4a19dcc4cba28884450_s390x",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-rhel8@sha256:daec8e0db2c276cd52a80115da4a52715f27584ea0d699ba9583786dfae2bf3b_amd64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-rhel8@sha256:e74ce2a65fefa286b1583aaad613736035c7052fe8d4bf53d315365c61696dba_ppc64le"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-10-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)"
}
]
}
RHBA-2023:6863
Vulnerability from csaf_redhat - Published: 2023-11-09 18:33 - Updated: 2026-06-08 15:35Summary
Red Hat Bug Fix Advisory: LVMS 4.14.z Bug Fix and Enhancement update
Severity
Important
Notes
Topic: Updated container images that fix multiple bugs are now available
for LVMS 4.14.z.
Details: Logical volume manager storage (LVMS) uses the TopoLVM CSI driver to
dynamically provision local storage on single node OpenShift clusters.
Logical volume manager storage creates thin-provisioned volumes using the
Logical Volume Manager and provides dynamic provisioning of block storage
on a single node OpenShift cluster with limited resources.
Users of LVMS are advised to upgrade to the latest version of the LVMS in
OpenShift Container Platform, which fixes these bugs and adds these
enhancements.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-LVMS-4.14:lvms4/topolvm-rhel9@sha256:0897e589f2dd003f58e09ce1fef3288cc3f682a24096f0991b3dfdd217ff5c34_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-LVMS-4.14:lvms4/topolvm-rhel9@sha256:cd9546b5a46c6e36327a972f26938d8cdc734649d61ed02648eed33dd29d9633_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-LVMS-4.14:lvms4/topolvm-rhel9@sha256:e97314d049510baa9d1021ac848f0826be1310cc870e6bd57aa3ef41cf8a0cc4_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-LVMS-4.14:lvms4/topolvm-rhel9@sha256:edb27e93b14212d79c959a1a325310d31496f53fac846049393f25ea18ec1349_ppc64le | — |
Vendor Fix
fix
Workaround
|
Known not affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-LVMS-4.14:lvms4/lvms-must-gather-rhel9@sha256:3abc7f735860ae910e9fcd5d1e419af66911ebd6a502ad85c2e2753536749cdb_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-LVMS-4.14:lvms4/lvms-must-gather-rhel9@sha256:a83ab3e4e4174243bba1fbe96052ec8a5f0c4c5f74d8ecb04f5647796736f348_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-LVMS-4.14:lvms4/lvms-must-gather-rhel9@sha256:bfaee17835e1411c3e916e992a510641d2ddaaa2a4a85243b6f27fec541eae3a_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-LVMS-4.14:lvms4/lvms-must-gather-rhel9@sha256:e21c0af48138064f6904e2fb459b76239c9f3e1dffddac5dfc55e0f38eea5559_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-LVMS-4.14:lvms4/lvms-operator-bundle@sha256:0523ba33f11bf19e68a53ca564e78132d0ac5f819ac3cf52cbac0b5cc426053d_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-LVMS-4.14:lvms4/lvms-operator-bundle@sha256:8f9e651d7cbfd546991f05a5e05ac8331fbd5ec676f227e12bb13f2f4fd670d3_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-LVMS-4.14:lvms4/lvms-operator-bundle@sha256:b67d52a00937fb779cc98c18c1d8d21797363b19b6f4da04c1df0508698ac7cd_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-LVMS-4.14:lvms4/lvms-operator-bundle@sha256:c683e4da500bbb8753b184e43377bf7525fb6ffb20750a6695973025d3bce221_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-LVMS-4.14:lvms4/lvms-rhel9-operator@sha256:73c2e385e0d1c1e120362af30c9fa161975b47307e4c771468365b7a3a3a365a_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-LVMS-4.14:lvms4/lvms-rhel9-operator@sha256:7c0183f3a8d40a6e24e3f5ae28dbeecea7f09e866b8704a70b676639835d12af_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-LVMS-4.14:lvms4/lvms-rhel9-operator@sha256:9c47279574868a772f7d14d9de8da670df5101287a5486347b9bd00586e78c17_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-LVMS-4.14:lvms4/lvms-rhel9-operator@sha256:a3cdbde1cbc51deb706c99935de6737bda7ef1b4f54fc3ba59a18696285c9a6c_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages. Security Bulletin https://access.redhat.com/security/vulnerabilities/RHSB-2023-003
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-LVMS-4.14:lvms4/topolvm-rhel9@sha256:0897e589f2dd003f58e09ce1fef3288cc3f682a24096f0991b3dfdd217ff5c34_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-LVMS-4.14:lvms4/topolvm-rhel9@sha256:cd9546b5a46c6e36327a972f26938d8cdc734649d61ed02648eed33dd29d9633_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-LVMS-4.14:lvms4/topolvm-rhel9@sha256:e97314d049510baa9d1021ac848f0826be1310cc870e6bd57aa3ef41cf8a0cc4_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-LVMS-4.14:lvms4/topolvm-rhel9@sha256:edb27e93b14212d79c959a1a325310d31496f53fac846049393f25ea18ec1349_ppc64le | — |
Vendor Fix
fix
Workaround
|
Known not affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-LVMS-4.14:lvms4/lvms-must-gather-rhel9@sha256:3abc7f735860ae910e9fcd5d1e419af66911ebd6a502ad85c2e2753536749cdb_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-LVMS-4.14:lvms4/lvms-must-gather-rhel9@sha256:a83ab3e4e4174243bba1fbe96052ec8a5f0c4c5f74d8ecb04f5647796736f348_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-LVMS-4.14:lvms4/lvms-must-gather-rhel9@sha256:bfaee17835e1411c3e916e992a510641d2ddaaa2a4a85243b6f27fec541eae3a_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-LVMS-4.14:lvms4/lvms-must-gather-rhel9@sha256:e21c0af48138064f6904e2fb459b76239c9f3e1dffddac5dfc55e0f38eea5559_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-LVMS-4.14:lvms4/lvms-operator-bundle@sha256:0523ba33f11bf19e68a53ca564e78132d0ac5f819ac3cf52cbac0b5cc426053d_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-LVMS-4.14:lvms4/lvms-operator-bundle@sha256:8f9e651d7cbfd546991f05a5e05ac8331fbd5ec676f227e12bb13f2f4fd670d3_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-LVMS-4.14:lvms4/lvms-operator-bundle@sha256:b67d52a00937fb779cc98c18c1d8d21797363b19b6f4da04c1df0508698ac7cd_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-LVMS-4.14:lvms4/lvms-operator-bundle@sha256:c683e4da500bbb8753b184e43377bf7525fb6ffb20750a6695973025d3bce221_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-LVMS-4.14:lvms4/lvms-rhel9-operator@sha256:73c2e385e0d1c1e120362af30c9fa161975b47307e4c771468365b7a3a3a365a_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-LVMS-4.14:lvms4/lvms-rhel9-operator@sha256:7c0183f3a8d40a6e24e3f5ae28dbeecea7f09e866b8704a70b676639835d12af_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-LVMS-4.14:lvms4/lvms-rhel9-operator@sha256:9c47279574868a772f7d14d9de8da670df5101287a5486347b9bd00586e78c17_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-LVMS-4.14:lvms4/lvms-rhel9-operator@sha256:a3cdbde1cbc51deb706c99935de6737bda7ef1b4f54fc3ba59a18696285c9a6c_amd64 | — |
Workaround
|
Threats
Exploit Status
CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Impact
Important
References
20 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated container images that fix multiple bugs are now available\nfor LVMS 4.14.z.",
"title": "Topic"
},
{
"category": "general",
"text": "Logical volume manager storage (LVMS) uses the TopoLVM CSI driver to\ndynamically provision local storage on single node OpenShift clusters.\n\nLogical volume manager storage creates thin-provisioned volumes using the\nLogical Volume Manager and provides dynamic provisioning of block storage\non a single node OpenShift cluster with limited resources.\n\nUsers of LVMS are advised to upgrade to the latest version of the LVMS in\nOpenShift Container Platform, which fixes these bugs and adds these\nenhancements.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHBA-2023:6863",
"url": "https://access.redhat.com/errata/RHBA-2023:6863"
},
{
"category": "external",
"summary": "OCPBUGS-17180",
"url": "https://issues.redhat.com/browse/OCPBUGS-17180"
},
{
"category": "external",
"summary": "OCPEDGE-591",
"url": "https://issues.redhat.com/browse/OCPEDGE-591"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhba-2023_6863.json"
}
],
"title": "Red Hat Bug Fix Advisory: LVMS 4.14.z Bug Fix and Enhancement update",
"tracking": {
"current_release_date": "2026-06-08T15:35:08+00:00",
"generator": {
"date": "2026-06-08T15:35:08+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.2"
}
},
"id": "RHBA-2023:6863",
"initial_release_date": "2023-11-09T18:33:40+00:00",
"revision_history": [
{
"date": "2023-11-09T18:33:40+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-11-09T18:33:40+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-08T15:35:08+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "LVMS 4.14 for RHEL 9",
"product": {
"name": "LVMS 4.14 for RHEL 9",
"product_id": "9Base-LVMS-4.14",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:lvms:4.14::el9"
}
}
}
],
"category": "product_family",
"name": "logical volume manager storage"
},
{
"branches": [
{
"category": "product_version",
"name": "lvms4/lvms-must-gather-rhel9@sha256:e21c0af48138064f6904e2fb459b76239c9f3e1dffddac5dfc55e0f38eea5559_amd64",
"product": {
"name": "lvms4/lvms-must-gather-rhel9@sha256:e21c0af48138064f6904e2fb459b76239c9f3e1dffddac5dfc55e0f38eea5559_amd64",
"product_id": "lvms4/lvms-must-gather-rhel9@sha256:e21c0af48138064f6904e2fb459b76239c9f3e1dffddac5dfc55e0f38eea5559_amd64",
"product_identification_helper": {
"purl": "pkg:oci/lvms-must-gather-rhel9@sha256:e21c0af48138064f6904e2fb459b76239c9f3e1dffddac5dfc55e0f38eea5559?arch=amd64\u0026repository_url=registry.redhat.io/lvms4/lvms-must-gather-rhel9\u0026tag=v4.14.1-3"
}
}
},
{
"category": "product_version",
"name": "lvms4/lvms-operator-bundle@sha256:b67d52a00937fb779cc98c18c1d8d21797363b19b6f4da04c1df0508698ac7cd_amd64",
"product": {
"name": "lvms4/lvms-operator-bundle@sha256:b67d52a00937fb779cc98c18c1d8d21797363b19b6f4da04c1df0508698ac7cd_amd64",
"product_id": "lvms4/lvms-operator-bundle@sha256:b67d52a00937fb779cc98c18c1d8d21797363b19b6f4da04c1df0508698ac7cd_amd64",
"product_identification_helper": {
"purl": "pkg:oci/lvms-operator-bundle@sha256:b67d52a00937fb779cc98c18c1d8d21797363b19b6f4da04c1df0508698ac7cd?arch=amd64\u0026repository_url=registry.redhat.io/lvms4/lvms-operator-bundle\u0026tag=v4.14.1-4"
}
}
},
{
"category": "product_version",
"name": "lvms4/lvms-rhel9-operator@sha256:a3cdbde1cbc51deb706c99935de6737bda7ef1b4f54fc3ba59a18696285c9a6c_amd64",
"product": {
"name": "lvms4/lvms-rhel9-operator@sha256:a3cdbde1cbc51deb706c99935de6737bda7ef1b4f54fc3ba59a18696285c9a6c_amd64",
"product_id": "lvms4/lvms-rhel9-operator@sha256:a3cdbde1cbc51deb706c99935de6737bda7ef1b4f54fc3ba59a18696285c9a6c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/lvms-rhel9-operator@sha256:a3cdbde1cbc51deb706c99935de6737bda7ef1b4f54fc3ba59a18696285c9a6c?arch=amd64\u0026repository_url=registry.redhat.io/lvms4/lvms-rhel9-operator\u0026tag=v4.14.1-3"
}
}
},
{
"category": "product_version",
"name": "lvms4/topolvm-rhel9@sha256:e97314d049510baa9d1021ac848f0826be1310cc870e6bd57aa3ef41cf8a0cc4_amd64",
"product": {
"name": "lvms4/topolvm-rhel9@sha256:e97314d049510baa9d1021ac848f0826be1310cc870e6bd57aa3ef41cf8a0cc4_amd64",
"product_id": "lvms4/topolvm-rhel9@sha256:e97314d049510baa9d1021ac848f0826be1310cc870e6bd57aa3ef41cf8a0cc4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/topolvm-rhel9@sha256:e97314d049510baa9d1021ac848f0826be1310cc870e6bd57aa3ef41cf8a0cc4?arch=amd64\u0026repository_url=registry.redhat.io/lvms4/topolvm-rhel9\u0026tag=v4.14.1-2"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "lvms4/lvms-must-gather-rhel9@sha256:bfaee17835e1411c3e916e992a510641d2ddaaa2a4a85243b6f27fec541eae3a_ppc64le",
"product": {
"name": "lvms4/lvms-must-gather-rhel9@sha256:bfaee17835e1411c3e916e992a510641d2ddaaa2a4a85243b6f27fec541eae3a_ppc64le",
"product_id": "lvms4/lvms-must-gather-rhel9@sha256:bfaee17835e1411c3e916e992a510641d2ddaaa2a4a85243b6f27fec541eae3a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/lvms-must-gather-rhel9@sha256:bfaee17835e1411c3e916e992a510641d2ddaaa2a4a85243b6f27fec541eae3a?arch=ppc64le\u0026repository_url=registry.redhat.io/lvms4/lvms-must-gather-rhel9\u0026tag=v4.14.1-3"
}
}
},
{
"category": "product_version",
"name": "lvms4/lvms-operator-bundle@sha256:c683e4da500bbb8753b184e43377bf7525fb6ffb20750a6695973025d3bce221_ppc64le",
"product": {
"name": "lvms4/lvms-operator-bundle@sha256:c683e4da500bbb8753b184e43377bf7525fb6ffb20750a6695973025d3bce221_ppc64le",
"product_id": "lvms4/lvms-operator-bundle@sha256:c683e4da500bbb8753b184e43377bf7525fb6ffb20750a6695973025d3bce221_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/lvms-operator-bundle@sha256:c683e4da500bbb8753b184e43377bf7525fb6ffb20750a6695973025d3bce221?arch=ppc64le\u0026repository_url=registry.redhat.io/lvms4/lvms-operator-bundle\u0026tag=v4.14.1-4"
}
}
},
{
"category": "product_version",
"name": "lvms4/lvms-rhel9-operator@sha256:9c47279574868a772f7d14d9de8da670df5101287a5486347b9bd00586e78c17_ppc64le",
"product": {
"name": "lvms4/lvms-rhel9-operator@sha256:9c47279574868a772f7d14d9de8da670df5101287a5486347b9bd00586e78c17_ppc64le",
"product_id": "lvms4/lvms-rhel9-operator@sha256:9c47279574868a772f7d14d9de8da670df5101287a5486347b9bd00586e78c17_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/lvms-rhel9-operator@sha256:9c47279574868a772f7d14d9de8da670df5101287a5486347b9bd00586e78c17?arch=ppc64le\u0026repository_url=registry.redhat.io/lvms4/lvms-rhel9-operator\u0026tag=v4.14.1-3"
}
}
},
{
"category": "product_version",
"name": "lvms4/topolvm-rhel9@sha256:edb27e93b14212d79c959a1a325310d31496f53fac846049393f25ea18ec1349_ppc64le",
"product": {
"name": "lvms4/topolvm-rhel9@sha256:edb27e93b14212d79c959a1a325310d31496f53fac846049393f25ea18ec1349_ppc64le",
"product_id": "lvms4/topolvm-rhel9@sha256:edb27e93b14212d79c959a1a325310d31496f53fac846049393f25ea18ec1349_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/topolvm-rhel9@sha256:edb27e93b14212d79c959a1a325310d31496f53fac846049393f25ea18ec1349?arch=ppc64le\u0026repository_url=registry.redhat.io/lvms4/topolvm-rhel9\u0026tag=v4.14.1-2"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "lvms4/lvms-must-gather-rhel9@sha256:3abc7f735860ae910e9fcd5d1e419af66911ebd6a502ad85c2e2753536749cdb_s390x",
"product": {
"name": "lvms4/lvms-must-gather-rhel9@sha256:3abc7f735860ae910e9fcd5d1e419af66911ebd6a502ad85c2e2753536749cdb_s390x",
"product_id": "lvms4/lvms-must-gather-rhel9@sha256:3abc7f735860ae910e9fcd5d1e419af66911ebd6a502ad85c2e2753536749cdb_s390x",
"product_identification_helper": {
"purl": "pkg:oci/lvms-must-gather-rhel9@sha256:3abc7f735860ae910e9fcd5d1e419af66911ebd6a502ad85c2e2753536749cdb?arch=s390x\u0026repository_url=registry.redhat.io/lvms4/lvms-must-gather-rhel9\u0026tag=v4.14.1-3"
}
}
},
{
"category": "product_version",
"name": "lvms4/lvms-operator-bundle@sha256:8f9e651d7cbfd546991f05a5e05ac8331fbd5ec676f227e12bb13f2f4fd670d3_s390x",
"product": {
"name": "lvms4/lvms-operator-bundle@sha256:8f9e651d7cbfd546991f05a5e05ac8331fbd5ec676f227e12bb13f2f4fd670d3_s390x",
"product_id": "lvms4/lvms-operator-bundle@sha256:8f9e651d7cbfd546991f05a5e05ac8331fbd5ec676f227e12bb13f2f4fd670d3_s390x",
"product_identification_helper": {
"purl": "pkg:oci/lvms-operator-bundle@sha256:8f9e651d7cbfd546991f05a5e05ac8331fbd5ec676f227e12bb13f2f4fd670d3?arch=s390x\u0026repository_url=registry.redhat.io/lvms4/lvms-operator-bundle\u0026tag=v4.14.1-4"
}
}
},
{
"category": "product_version",
"name": "lvms4/lvms-rhel9-operator@sha256:7c0183f3a8d40a6e24e3f5ae28dbeecea7f09e866b8704a70b676639835d12af_s390x",
"product": {
"name": "lvms4/lvms-rhel9-operator@sha256:7c0183f3a8d40a6e24e3f5ae28dbeecea7f09e866b8704a70b676639835d12af_s390x",
"product_id": "lvms4/lvms-rhel9-operator@sha256:7c0183f3a8d40a6e24e3f5ae28dbeecea7f09e866b8704a70b676639835d12af_s390x",
"product_identification_helper": {
"purl": "pkg:oci/lvms-rhel9-operator@sha256:7c0183f3a8d40a6e24e3f5ae28dbeecea7f09e866b8704a70b676639835d12af?arch=s390x\u0026repository_url=registry.redhat.io/lvms4/lvms-rhel9-operator\u0026tag=v4.14.1-3"
}
}
},
{
"category": "product_version",
"name": "lvms4/topolvm-rhel9@sha256:cd9546b5a46c6e36327a972f26938d8cdc734649d61ed02648eed33dd29d9633_s390x",
"product": {
"name": "lvms4/topolvm-rhel9@sha256:cd9546b5a46c6e36327a972f26938d8cdc734649d61ed02648eed33dd29d9633_s390x",
"product_id": "lvms4/topolvm-rhel9@sha256:cd9546b5a46c6e36327a972f26938d8cdc734649d61ed02648eed33dd29d9633_s390x",
"product_identification_helper": {
"purl": "pkg:oci/topolvm-rhel9@sha256:cd9546b5a46c6e36327a972f26938d8cdc734649d61ed02648eed33dd29d9633?arch=s390x\u0026repository_url=registry.redhat.io/lvms4/topolvm-rhel9\u0026tag=v4.14.1-2"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "lvms4/lvms-must-gather-rhel9@sha256:a83ab3e4e4174243bba1fbe96052ec8a5f0c4c5f74d8ecb04f5647796736f348_arm64",
"product": {
"name": "lvms4/lvms-must-gather-rhel9@sha256:a83ab3e4e4174243bba1fbe96052ec8a5f0c4c5f74d8ecb04f5647796736f348_arm64",
"product_id": "lvms4/lvms-must-gather-rhel9@sha256:a83ab3e4e4174243bba1fbe96052ec8a5f0c4c5f74d8ecb04f5647796736f348_arm64",
"product_identification_helper": {
"purl": "pkg:oci/lvms-must-gather-rhel9@sha256:a83ab3e4e4174243bba1fbe96052ec8a5f0c4c5f74d8ecb04f5647796736f348?arch=arm64\u0026repository_url=registry.redhat.io/lvms4/lvms-must-gather-rhel9\u0026tag=v4.14.1-3"
}
}
},
{
"category": "product_version",
"name": "lvms4/lvms-operator-bundle@sha256:0523ba33f11bf19e68a53ca564e78132d0ac5f819ac3cf52cbac0b5cc426053d_arm64",
"product": {
"name": "lvms4/lvms-operator-bundle@sha256:0523ba33f11bf19e68a53ca564e78132d0ac5f819ac3cf52cbac0b5cc426053d_arm64",
"product_id": "lvms4/lvms-operator-bundle@sha256:0523ba33f11bf19e68a53ca564e78132d0ac5f819ac3cf52cbac0b5cc426053d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/lvms-operator-bundle@sha256:0523ba33f11bf19e68a53ca564e78132d0ac5f819ac3cf52cbac0b5cc426053d?arch=arm64\u0026repository_url=registry.redhat.io/lvms4/lvms-operator-bundle\u0026tag=v4.14.1-4"
}
}
},
{
"category": "product_version",
"name": "lvms4/lvms-rhel9-operator@sha256:73c2e385e0d1c1e120362af30c9fa161975b47307e4c771468365b7a3a3a365a_arm64",
"product": {
"name": "lvms4/lvms-rhel9-operator@sha256:73c2e385e0d1c1e120362af30c9fa161975b47307e4c771468365b7a3a3a365a_arm64",
"product_id": "lvms4/lvms-rhel9-operator@sha256:73c2e385e0d1c1e120362af30c9fa161975b47307e4c771468365b7a3a3a365a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/lvms-rhel9-operator@sha256:73c2e385e0d1c1e120362af30c9fa161975b47307e4c771468365b7a3a3a365a?arch=arm64\u0026repository_url=registry.redhat.io/lvms4/lvms-rhel9-operator\u0026tag=v4.14.1-3"
}
}
},
{
"category": "product_version",
"name": "lvms4/topolvm-rhel9@sha256:0897e589f2dd003f58e09ce1fef3288cc3f682a24096f0991b3dfdd217ff5c34_arm64",
"product": {
"name": "lvms4/topolvm-rhel9@sha256:0897e589f2dd003f58e09ce1fef3288cc3f682a24096f0991b3dfdd217ff5c34_arm64",
"product_id": "lvms4/topolvm-rhel9@sha256:0897e589f2dd003f58e09ce1fef3288cc3f682a24096f0991b3dfdd217ff5c34_arm64",
"product_identification_helper": {
"purl": "pkg:oci/topolvm-rhel9@sha256:0897e589f2dd003f58e09ce1fef3288cc3f682a24096f0991b3dfdd217ff5c34?arch=arm64\u0026repository_url=registry.redhat.io/lvms4/topolvm-rhel9\u0026tag=v4.14.1-2"
}
}
}
],
"category": "architecture",
"name": "arm64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "lvms4/lvms-must-gather-rhel9@sha256:3abc7f735860ae910e9fcd5d1e419af66911ebd6a502ad85c2e2753536749cdb_s390x as a component of LVMS 4.14 for RHEL 9",
"product_id": "9Base-LVMS-4.14:lvms4/lvms-must-gather-rhel9@sha256:3abc7f735860ae910e9fcd5d1e419af66911ebd6a502ad85c2e2753536749cdb_s390x"
},
"product_reference": "lvms4/lvms-must-gather-rhel9@sha256:3abc7f735860ae910e9fcd5d1e419af66911ebd6a502ad85c2e2753536749cdb_s390x",
"relates_to_product_reference": "9Base-LVMS-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "lvms4/lvms-must-gather-rhel9@sha256:a83ab3e4e4174243bba1fbe96052ec8a5f0c4c5f74d8ecb04f5647796736f348_arm64 as a component of LVMS 4.14 for RHEL 9",
"product_id": "9Base-LVMS-4.14:lvms4/lvms-must-gather-rhel9@sha256:a83ab3e4e4174243bba1fbe96052ec8a5f0c4c5f74d8ecb04f5647796736f348_arm64"
},
"product_reference": "lvms4/lvms-must-gather-rhel9@sha256:a83ab3e4e4174243bba1fbe96052ec8a5f0c4c5f74d8ecb04f5647796736f348_arm64",
"relates_to_product_reference": "9Base-LVMS-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "lvms4/lvms-must-gather-rhel9@sha256:bfaee17835e1411c3e916e992a510641d2ddaaa2a4a85243b6f27fec541eae3a_ppc64le as a component of LVMS 4.14 for RHEL 9",
"product_id": "9Base-LVMS-4.14:lvms4/lvms-must-gather-rhel9@sha256:bfaee17835e1411c3e916e992a510641d2ddaaa2a4a85243b6f27fec541eae3a_ppc64le"
},
"product_reference": "lvms4/lvms-must-gather-rhel9@sha256:bfaee17835e1411c3e916e992a510641d2ddaaa2a4a85243b6f27fec541eae3a_ppc64le",
"relates_to_product_reference": "9Base-LVMS-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "lvms4/lvms-must-gather-rhel9@sha256:e21c0af48138064f6904e2fb459b76239c9f3e1dffddac5dfc55e0f38eea5559_amd64 as a component of LVMS 4.14 for RHEL 9",
"product_id": "9Base-LVMS-4.14:lvms4/lvms-must-gather-rhel9@sha256:e21c0af48138064f6904e2fb459b76239c9f3e1dffddac5dfc55e0f38eea5559_amd64"
},
"product_reference": "lvms4/lvms-must-gather-rhel9@sha256:e21c0af48138064f6904e2fb459b76239c9f3e1dffddac5dfc55e0f38eea5559_amd64",
"relates_to_product_reference": "9Base-LVMS-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "lvms4/lvms-operator-bundle@sha256:0523ba33f11bf19e68a53ca564e78132d0ac5f819ac3cf52cbac0b5cc426053d_arm64 as a component of LVMS 4.14 for RHEL 9",
"product_id": "9Base-LVMS-4.14:lvms4/lvms-operator-bundle@sha256:0523ba33f11bf19e68a53ca564e78132d0ac5f819ac3cf52cbac0b5cc426053d_arm64"
},
"product_reference": "lvms4/lvms-operator-bundle@sha256:0523ba33f11bf19e68a53ca564e78132d0ac5f819ac3cf52cbac0b5cc426053d_arm64",
"relates_to_product_reference": "9Base-LVMS-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "lvms4/lvms-operator-bundle@sha256:8f9e651d7cbfd546991f05a5e05ac8331fbd5ec676f227e12bb13f2f4fd670d3_s390x as a component of LVMS 4.14 for RHEL 9",
"product_id": "9Base-LVMS-4.14:lvms4/lvms-operator-bundle@sha256:8f9e651d7cbfd546991f05a5e05ac8331fbd5ec676f227e12bb13f2f4fd670d3_s390x"
},
"product_reference": "lvms4/lvms-operator-bundle@sha256:8f9e651d7cbfd546991f05a5e05ac8331fbd5ec676f227e12bb13f2f4fd670d3_s390x",
"relates_to_product_reference": "9Base-LVMS-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "lvms4/lvms-operator-bundle@sha256:b67d52a00937fb779cc98c18c1d8d21797363b19b6f4da04c1df0508698ac7cd_amd64 as a component of LVMS 4.14 for RHEL 9",
"product_id": "9Base-LVMS-4.14:lvms4/lvms-operator-bundle@sha256:b67d52a00937fb779cc98c18c1d8d21797363b19b6f4da04c1df0508698ac7cd_amd64"
},
"product_reference": "lvms4/lvms-operator-bundle@sha256:b67d52a00937fb779cc98c18c1d8d21797363b19b6f4da04c1df0508698ac7cd_amd64",
"relates_to_product_reference": "9Base-LVMS-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "lvms4/lvms-operator-bundle@sha256:c683e4da500bbb8753b184e43377bf7525fb6ffb20750a6695973025d3bce221_ppc64le as a component of LVMS 4.14 for RHEL 9",
"product_id": "9Base-LVMS-4.14:lvms4/lvms-operator-bundle@sha256:c683e4da500bbb8753b184e43377bf7525fb6ffb20750a6695973025d3bce221_ppc64le"
},
"product_reference": "lvms4/lvms-operator-bundle@sha256:c683e4da500bbb8753b184e43377bf7525fb6ffb20750a6695973025d3bce221_ppc64le",
"relates_to_product_reference": "9Base-LVMS-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "lvms4/lvms-rhel9-operator@sha256:73c2e385e0d1c1e120362af30c9fa161975b47307e4c771468365b7a3a3a365a_arm64 as a component of LVMS 4.14 for RHEL 9",
"product_id": "9Base-LVMS-4.14:lvms4/lvms-rhel9-operator@sha256:73c2e385e0d1c1e120362af30c9fa161975b47307e4c771468365b7a3a3a365a_arm64"
},
"product_reference": "lvms4/lvms-rhel9-operator@sha256:73c2e385e0d1c1e120362af30c9fa161975b47307e4c771468365b7a3a3a365a_arm64",
"relates_to_product_reference": "9Base-LVMS-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "lvms4/lvms-rhel9-operator@sha256:7c0183f3a8d40a6e24e3f5ae28dbeecea7f09e866b8704a70b676639835d12af_s390x as a component of LVMS 4.14 for RHEL 9",
"product_id": "9Base-LVMS-4.14:lvms4/lvms-rhel9-operator@sha256:7c0183f3a8d40a6e24e3f5ae28dbeecea7f09e866b8704a70b676639835d12af_s390x"
},
"product_reference": "lvms4/lvms-rhel9-operator@sha256:7c0183f3a8d40a6e24e3f5ae28dbeecea7f09e866b8704a70b676639835d12af_s390x",
"relates_to_product_reference": "9Base-LVMS-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "lvms4/lvms-rhel9-operator@sha256:9c47279574868a772f7d14d9de8da670df5101287a5486347b9bd00586e78c17_ppc64le as a component of LVMS 4.14 for RHEL 9",
"product_id": "9Base-LVMS-4.14:lvms4/lvms-rhel9-operator@sha256:9c47279574868a772f7d14d9de8da670df5101287a5486347b9bd00586e78c17_ppc64le"
},
"product_reference": "lvms4/lvms-rhel9-operator@sha256:9c47279574868a772f7d14d9de8da670df5101287a5486347b9bd00586e78c17_ppc64le",
"relates_to_product_reference": "9Base-LVMS-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "lvms4/lvms-rhel9-operator@sha256:a3cdbde1cbc51deb706c99935de6737bda7ef1b4f54fc3ba59a18696285c9a6c_amd64 as a component of LVMS 4.14 for RHEL 9",
"product_id": "9Base-LVMS-4.14:lvms4/lvms-rhel9-operator@sha256:a3cdbde1cbc51deb706c99935de6737bda7ef1b4f54fc3ba59a18696285c9a6c_amd64"
},
"product_reference": "lvms4/lvms-rhel9-operator@sha256:a3cdbde1cbc51deb706c99935de6737bda7ef1b4f54fc3ba59a18696285c9a6c_amd64",
"relates_to_product_reference": "9Base-LVMS-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "lvms4/topolvm-rhel9@sha256:0897e589f2dd003f58e09ce1fef3288cc3f682a24096f0991b3dfdd217ff5c34_arm64 as a component of LVMS 4.14 for RHEL 9",
"product_id": "9Base-LVMS-4.14:lvms4/topolvm-rhel9@sha256:0897e589f2dd003f58e09ce1fef3288cc3f682a24096f0991b3dfdd217ff5c34_arm64"
},
"product_reference": "lvms4/topolvm-rhel9@sha256:0897e589f2dd003f58e09ce1fef3288cc3f682a24096f0991b3dfdd217ff5c34_arm64",
"relates_to_product_reference": "9Base-LVMS-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "lvms4/topolvm-rhel9@sha256:cd9546b5a46c6e36327a972f26938d8cdc734649d61ed02648eed33dd29d9633_s390x as a component of LVMS 4.14 for RHEL 9",
"product_id": "9Base-LVMS-4.14:lvms4/topolvm-rhel9@sha256:cd9546b5a46c6e36327a972f26938d8cdc734649d61ed02648eed33dd29d9633_s390x"
},
"product_reference": "lvms4/topolvm-rhel9@sha256:cd9546b5a46c6e36327a972f26938d8cdc734649d61ed02648eed33dd29d9633_s390x",
"relates_to_product_reference": "9Base-LVMS-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "lvms4/topolvm-rhel9@sha256:e97314d049510baa9d1021ac848f0826be1310cc870e6bd57aa3ef41cf8a0cc4_amd64 as a component of LVMS 4.14 for RHEL 9",
"product_id": "9Base-LVMS-4.14:lvms4/topolvm-rhel9@sha256:e97314d049510baa9d1021ac848f0826be1310cc870e6bd57aa3ef41cf8a0cc4_amd64"
},
"product_reference": "lvms4/topolvm-rhel9@sha256:e97314d049510baa9d1021ac848f0826be1310cc870e6bd57aa3ef41cf8a0cc4_amd64",
"relates_to_product_reference": "9Base-LVMS-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "lvms4/topolvm-rhel9@sha256:edb27e93b14212d79c959a1a325310d31496f53fac846049393f25ea18ec1349_ppc64le as a component of LVMS 4.14 for RHEL 9",
"product_id": "9Base-LVMS-4.14:lvms4/topolvm-rhel9@sha256:edb27e93b14212d79c959a1a325310d31496f53fac846049393f25ea18ec1349_ppc64le"
},
"product_reference": "lvms4/topolvm-rhel9@sha256:edb27e93b14212d79c959a1a325310d31496f53fac846049393f25ea18ec1349_ppc64le",
"relates_to_product_reference": "9Base-LVMS-4.14"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-39325",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-10T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-LVMS-4.14:lvms4/lvms-must-gather-rhel9@sha256:3abc7f735860ae910e9fcd5d1e419af66911ebd6a502ad85c2e2753536749cdb_s390x",
"9Base-LVMS-4.14:lvms4/lvms-must-gather-rhel9@sha256:a83ab3e4e4174243bba1fbe96052ec8a5f0c4c5f74d8ecb04f5647796736f348_arm64",
"9Base-LVMS-4.14:lvms4/lvms-must-gather-rhel9@sha256:bfaee17835e1411c3e916e992a510641d2ddaaa2a4a85243b6f27fec541eae3a_ppc64le",
"9Base-LVMS-4.14:lvms4/lvms-must-gather-rhel9@sha256:e21c0af48138064f6904e2fb459b76239c9f3e1dffddac5dfc55e0f38eea5559_amd64",
"9Base-LVMS-4.14:lvms4/lvms-operator-bundle@sha256:0523ba33f11bf19e68a53ca564e78132d0ac5f819ac3cf52cbac0b5cc426053d_arm64",
"9Base-LVMS-4.14:lvms4/lvms-operator-bundle@sha256:8f9e651d7cbfd546991f05a5e05ac8331fbd5ec676f227e12bb13f2f4fd670d3_s390x",
"9Base-LVMS-4.14:lvms4/lvms-operator-bundle@sha256:b67d52a00937fb779cc98c18c1d8d21797363b19b6f4da04c1df0508698ac7cd_amd64",
"9Base-LVMS-4.14:lvms4/lvms-operator-bundle@sha256:c683e4da500bbb8753b184e43377bf7525fb6ffb20750a6695973025d3bce221_ppc64le",
"9Base-LVMS-4.14:lvms4/lvms-rhel9-operator@sha256:73c2e385e0d1c1e120362af30c9fa161975b47307e4c771468365b7a3a3a365a_arm64",
"9Base-LVMS-4.14:lvms4/lvms-rhel9-operator@sha256:7c0183f3a8d40a6e24e3f5ae28dbeecea7f09e866b8704a70b676639835d12af_s390x",
"9Base-LVMS-4.14:lvms4/lvms-rhel9-operator@sha256:9c47279574868a772f7d14d9de8da670df5101287a5486347b9bd00586e78c17_ppc64le",
"9Base-LVMS-4.14:lvms4/lvms-rhel9-operator@sha256:a3cdbde1cbc51deb706c99935de6737bda7ef1b4f54fc3ba59a18696285c9a6c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2243296"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE is related to CVE-2023-44487.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nAs go-lang vendors its dependencies, a package may contain a library with a known vulnerability, solely because of lower tier libraries including it as a part of its dependencies, but the vulnerable code is not reachable at runtime. In such cases the issue is not exploitable. We classify these situations as \u201cNot affected\u201d or \u201cWill not fix,\u201d depending on the risk of breaking other unrelated packages.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-LVMS-4.14:lvms4/topolvm-rhel9@sha256:0897e589f2dd003f58e09ce1fef3288cc3f682a24096f0991b3dfdd217ff5c34_arm64",
"9Base-LVMS-4.14:lvms4/topolvm-rhel9@sha256:cd9546b5a46c6e36327a972f26938d8cdc734649d61ed02648eed33dd29d9633_s390x",
"9Base-LVMS-4.14:lvms4/topolvm-rhel9@sha256:e97314d049510baa9d1021ac848f0826be1310cc870e6bd57aa3ef41cf8a0cc4_amd64",
"9Base-LVMS-4.14:lvms4/topolvm-rhel9@sha256:edb27e93b14212d79c959a1a325310d31496f53fac846049393f25ea18ec1349_ppc64le"
],
"known_not_affected": [
"9Base-LVMS-4.14:lvms4/lvms-must-gather-rhel9@sha256:3abc7f735860ae910e9fcd5d1e419af66911ebd6a502ad85c2e2753536749cdb_s390x",
"9Base-LVMS-4.14:lvms4/lvms-must-gather-rhel9@sha256:a83ab3e4e4174243bba1fbe96052ec8a5f0c4c5f74d8ecb04f5647796736f348_arm64",
"9Base-LVMS-4.14:lvms4/lvms-must-gather-rhel9@sha256:bfaee17835e1411c3e916e992a510641d2ddaaa2a4a85243b6f27fec541eae3a_ppc64le",
"9Base-LVMS-4.14:lvms4/lvms-must-gather-rhel9@sha256:e21c0af48138064f6904e2fb459b76239c9f3e1dffddac5dfc55e0f38eea5559_amd64",
"9Base-LVMS-4.14:lvms4/lvms-operator-bundle@sha256:0523ba33f11bf19e68a53ca564e78132d0ac5f819ac3cf52cbac0b5cc426053d_arm64",
"9Base-LVMS-4.14:lvms4/lvms-operator-bundle@sha256:8f9e651d7cbfd546991f05a5e05ac8331fbd5ec676f227e12bb13f2f4fd670d3_s390x",
"9Base-LVMS-4.14:lvms4/lvms-operator-bundle@sha256:b67d52a00937fb779cc98c18c1d8d21797363b19b6f4da04c1df0508698ac7cd_amd64",
"9Base-LVMS-4.14:lvms4/lvms-operator-bundle@sha256:c683e4da500bbb8753b184e43377bf7525fb6ffb20750a6695973025d3bce221_ppc64le",
"9Base-LVMS-4.14:lvms4/lvms-rhel9-operator@sha256:73c2e385e0d1c1e120362af30c9fa161975b47307e4c771468365b7a3a3a365a_arm64",
"9Base-LVMS-4.14:lvms4/lvms-rhel9-operator@sha256:7c0183f3a8d40a6e24e3f5ae28dbeecea7f09e866b8704a70b676639835d12af_s390x",
"9Base-LVMS-4.14:lvms4/lvms-rhel9-operator@sha256:9c47279574868a772f7d14d9de8da670df5101287a5486347b9bd00586e78c17_ppc64le",
"9Base-LVMS-4.14:lvms4/lvms-rhel9-operator@sha256:a3cdbde1cbc51deb706c99935de6737bda7ef1b4f54fc3ba59a18696285c9a6c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39325"
},
{
"category": "external",
"summary": "RHBZ#2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2023-44487",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://go.dev/issue/63417",
"url": "https://go.dev/issue/63417"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-09T18:33:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-LVMS-4.14:lvms4/topolvm-rhel9@sha256:0897e589f2dd003f58e09ce1fef3288cc3f682a24096f0991b3dfdd217ff5c34_arm64",
"9Base-LVMS-4.14:lvms4/topolvm-rhel9@sha256:cd9546b5a46c6e36327a972f26938d8cdc734649d61ed02648eed33dd29d9633_s390x",
"9Base-LVMS-4.14:lvms4/topolvm-rhel9@sha256:e97314d049510baa9d1021ac848f0826be1310cc870e6bd57aa3ef41cf8a0cc4_amd64",
"9Base-LVMS-4.14:lvms4/topolvm-rhel9@sha256:edb27e93b14212d79c959a1a325310d31496f53fac846049393f25ea18ec1349_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2023:6863"
},
{
"category": "workaround",
"details": "The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"9Base-LVMS-4.14:lvms4/lvms-must-gather-rhel9@sha256:3abc7f735860ae910e9fcd5d1e419af66911ebd6a502ad85c2e2753536749cdb_s390x",
"9Base-LVMS-4.14:lvms4/lvms-must-gather-rhel9@sha256:a83ab3e4e4174243bba1fbe96052ec8a5f0c4c5f74d8ecb04f5647796736f348_arm64",
"9Base-LVMS-4.14:lvms4/lvms-must-gather-rhel9@sha256:bfaee17835e1411c3e916e992a510641d2ddaaa2a4a85243b6f27fec541eae3a_ppc64le",
"9Base-LVMS-4.14:lvms4/lvms-must-gather-rhel9@sha256:e21c0af48138064f6904e2fb459b76239c9f3e1dffddac5dfc55e0f38eea5559_amd64",
"9Base-LVMS-4.14:lvms4/lvms-operator-bundle@sha256:0523ba33f11bf19e68a53ca564e78132d0ac5f819ac3cf52cbac0b5cc426053d_arm64",
"9Base-LVMS-4.14:lvms4/lvms-operator-bundle@sha256:8f9e651d7cbfd546991f05a5e05ac8331fbd5ec676f227e12bb13f2f4fd670d3_s390x",
"9Base-LVMS-4.14:lvms4/lvms-operator-bundle@sha256:b67d52a00937fb779cc98c18c1d8d21797363b19b6f4da04c1df0508698ac7cd_amd64",
"9Base-LVMS-4.14:lvms4/lvms-operator-bundle@sha256:c683e4da500bbb8753b184e43377bf7525fb6ffb20750a6695973025d3bce221_ppc64le",
"9Base-LVMS-4.14:lvms4/lvms-rhel9-operator@sha256:73c2e385e0d1c1e120362af30c9fa161975b47307e4c771468365b7a3a3a365a_arm64",
"9Base-LVMS-4.14:lvms4/lvms-rhel9-operator@sha256:7c0183f3a8d40a6e24e3f5ae28dbeecea7f09e866b8704a70b676639835d12af_s390x",
"9Base-LVMS-4.14:lvms4/lvms-rhel9-operator@sha256:9c47279574868a772f7d14d9de8da670df5101287a5486347b9bd00586e78c17_ppc64le",
"9Base-LVMS-4.14:lvms4/lvms-rhel9-operator@sha256:a3cdbde1cbc51deb706c99935de6737bda7ef1b4f54fc3ba59a18696285c9a6c_amd64",
"9Base-LVMS-4.14:lvms4/topolvm-rhel9@sha256:0897e589f2dd003f58e09ce1fef3288cc3f682a24096f0991b3dfdd217ff5c34_arm64",
"9Base-LVMS-4.14:lvms4/topolvm-rhel9@sha256:cd9546b5a46c6e36327a972f26938d8cdc734649d61ed02648eed33dd29d9633_s390x",
"9Base-LVMS-4.14:lvms4/topolvm-rhel9@sha256:e97314d049510baa9d1021ac848f0826be1310cc870e6bd57aa3ef41cf8a0cc4_amd64",
"9Base-LVMS-4.14:lvms4/topolvm-rhel9@sha256:edb27e93b14212d79c959a1a325310d31496f53fac846049393f25ea18ec1349_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-LVMS-4.14:lvms4/lvms-must-gather-rhel9@sha256:3abc7f735860ae910e9fcd5d1e419af66911ebd6a502ad85c2e2753536749cdb_s390x",
"9Base-LVMS-4.14:lvms4/lvms-must-gather-rhel9@sha256:a83ab3e4e4174243bba1fbe96052ec8a5f0c4c5f74d8ecb04f5647796736f348_arm64",
"9Base-LVMS-4.14:lvms4/lvms-must-gather-rhel9@sha256:bfaee17835e1411c3e916e992a510641d2ddaaa2a4a85243b6f27fec541eae3a_ppc64le",
"9Base-LVMS-4.14:lvms4/lvms-must-gather-rhel9@sha256:e21c0af48138064f6904e2fb459b76239c9f3e1dffddac5dfc55e0f38eea5559_amd64",
"9Base-LVMS-4.14:lvms4/lvms-operator-bundle@sha256:0523ba33f11bf19e68a53ca564e78132d0ac5f819ac3cf52cbac0b5cc426053d_arm64",
"9Base-LVMS-4.14:lvms4/lvms-operator-bundle@sha256:8f9e651d7cbfd546991f05a5e05ac8331fbd5ec676f227e12bb13f2f4fd670d3_s390x",
"9Base-LVMS-4.14:lvms4/lvms-operator-bundle@sha256:b67d52a00937fb779cc98c18c1d8d21797363b19b6f4da04c1df0508698ac7cd_amd64",
"9Base-LVMS-4.14:lvms4/lvms-operator-bundle@sha256:c683e4da500bbb8753b184e43377bf7525fb6ffb20750a6695973025d3bce221_ppc64le",
"9Base-LVMS-4.14:lvms4/lvms-rhel9-operator@sha256:73c2e385e0d1c1e120362af30c9fa161975b47307e4c771468365b7a3a3a365a_arm64",
"9Base-LVMS-4.14:lvms4/lvms-rhel9-operator@sha256:7c0183f3a8d40a6e24e3f5ae28dbeecea7f09e866b8704a70b676639835d12af_s390x",
"9Base-LVMS-4.14:lvms4/lvms-rhel9-operator@sha256:9c47279574868a772f7d14d9de8da670df5101287a5486347b9bd00586e78c17_ppc64le",
"9Base-LVMS-4.14:lvms4/lvms-rhel9-operator@sha256:a3cdbde1cbc51deb706c99935de6737bda7ef1b4f54fc3ba59a18696285c9a6c_amd64",
"9Base-LVMS-4.14:lvms4/topolvm-rhel9@sha256:0897e589f2dd003f58e09ce1fef3288cc3f682a24096f0991b3dfdd217ff5c34_arm64",
"9Base-LVMS-4.14:lvms4/topolvm-rhel9@sha256:cd9546b5a46c6e36327a972f26938d8cdc734649d61ed02648eed33dd29d9633_s390x",
"9Base-LVMS-4.14:lvms4/topolvm-rhel9@sha256:e97314d049510baa9d1021ac848f0826be1310cc870e6bd57aa3ef41cf8a0cc4_amd64",
"9Base-LVMS-4.14:lvms4/topolvm-rhel9@sha256:edb27e93b14212d79c959a1a325310d31496f53fac846049393f25ea18ec1349_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)"
},
{
"cve": "CVE-2023-44487",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-LVMS-4.14:lvms4/lvms-must-gather-rhel9@sha256:3abc7f735860ae910e9fcd5d1e419af66911ebd6a502ad85c2e2753536749cdb_s390x",
"9Base-LVMS-4.14:lvms4/lvms-must-gather-rhel9@sha256:a83ab3e4e4174243bba1fbe96052ec8a5f0c4c5f74d8ecb04f5647796736f348_arm64",
"9Base-LVMS-4.14:lvms4/lvms-must-gather-rhel9@sha256:bfaee17835e1411c3e916e992a510641d2ddaaa2a4a85243b6f27fec541eae3a_ppc64le",
"9Base-LVMS-4.14:lvms4/lvms-must-gather-rhel9@sha256:e21c0af48138064f6904e2fb459b76239c9f3e1dffddac5dfc55e0f38eea5559_amd64",
"9Base-LVMS-4.14:lvms4/lvms-operator-bundle@sha256:0523ba33f11bf19e68a53ca564e78132d0ac5f819ac3cf52cbac0b5cc426053d_arm64",
"9Base-LVMS-4.14:lvms4/lvms-operator-bundle@sha256:8f9e651d7cbfd546991f05a5e05ac8331fbd5ec676f227e12bb13f2f4fd670d3_s390x",
"9Base-LVMS-4.14:lvms4/lvms-operator-bundle@sha256:b67d52a00937fb779cc98c18c1d8d21797363b19b6f4da04c1df0508698ac7cd_amd64",
"9Base-LVMS-4.14:lvms4/lvms-operator-bundle@sha256:c683e4da500bbb8753b184e43377bf7525fb6ffb20750a6695973025d3bce221_ppc64le",
"9Base-LVMS-4.14:lvms4/lvms-rhel9-operator@sha256:73c2e385e0d1c1e120362af30c9fa161975b47307e4c771468365b7a3a3a365a_arm64",
"9Base-LVMS-4.14:lvms4/lvms-rhel9-operator@sha256:7c0183f3a8d40a6e24e3f5ae28dbeecea7f09e866b8704a70b676639835d12af_s390x",
"9Base-LVMS-4.14:lvms4/lvms-rhel9-operator@sha256:9c47279574868a772f7d14d9de8da670df5101287a5486347b9bd00586e78c17_ppc64le",
"9Base-LVMS-4.14:lvms4/lvms-rhel9-operator@sha256:a3cdbde1cbc51deb706c99935de6737bda7ef1b4f54fc3ba59a18696285c9a6c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2242803"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages.\r\n\r\nSecurity Bulletin\r\nhttps://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "NGINX has been marked as Moderate Impact because, for performance and resource consumption reasons, NGINX limits the number of concurrent streams to a default of 128. In addition, to optimally balance network and server performance, NGINX allows the client to persist HTTP connections for up to 1000 requests by default using an HTTP keepalive.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nrhc component is no longer impacted by CVE-2023-44487 \u0026 CVE-2023-39325.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-LVMS-4.14:lvms4/topolvm-rhel9@sha256:0897e589f2dd003f58e09ce1fef3288cc3f682a24096f0991b3dfdd217ff5c34_arm64",
"9Base-LVMS-4.14:lvms4/topolvm-rhel9@sha256:cd9546b5a46c6e36327a972f26938d8cdc734649d61ed02648eed33dd29d9633_s390x",
"9Base-LVMS-4.14:lvms4/topolvm-rhel9@sha256:e97314d049510baa9d1021ac848f0826be1310cc870e6bd57aa3ef41cf8a0cc4_amd64",
"9Base-LVMS-4.14:lvms4/topolvm-rhel9@sha256:edb27e93b14212d79c959a1a325310d31496f53fac846049393f25ea18ec1349_ppc64le"
],
"known_not_affected": [
"9Base-LVMS-4.14:lvms4/lvms-must-gather-rhel9@sha256:3abc7f735860ae910e9fcd5d1e419af66911ebd6a502ad85c2e2753536749cdb_s390x",
"9Base-LVMS-4.14:lvms4/lvms-must-gather-rhel9@sha256:a83ab3e4e4174243bba1fbe96052ec8a5f0c4c5f74d8ecb04f5647796736f348_arm64",
"9Base-LVMS-4.14:lvms4/lvms-must-gather-rhel9@sha256:bfaee17835e1411c3e916e992a510641d2ddaaa2a4a85243b6f27fec541eae3a_ppc64le",
"9Base-LVMS-4.14:lvms4/lvms-must-gather-rhel9@sha256:e21c0af48138064f6904e2fb459b76239c9f3e1dffddac5dfc55e0f38eea5559_amd64",
"9Base-LVMS-4.14:lvms4/lvms-operator-bundle@sha256:0523ba33f11bf19e68a53ca564e78132d0ac5f819ac3cf52cbac0b5cc426053d_arm64",
"9Base-LVMS-4.14:lvms4/lvms-operator-bundle@sha256:8f9e651d7cbfd546991f05a5e05ac8331fbd5ec676f227e12bb13f2f4fd670d3_s390x",
"9Base-LVMS-4.14:lvms4/lvms-operator-bundle@sha256:b67d52a00937fb779cc98c18c1d8d21797363b19b6f4da04c1df0508698ac7cd_amd64",
"9Base-LVMS-4.14:lvms4/lvms-operator-bundle@sha256:c683e4da500bbb8753b184e43377bf7525fb6ffb20750a6695973025d3bce221_ppc64le",
"9Base-LVMS-4.14:lvms4/lvms-rhel9-operator@sha256:73c2e385e0d1c1e120362af30c9fa161975b47307e4c771468365b7a3a3a365a_arm64",
"9Base-LVMS-4.14:lvms4/lvms-rhel9-operator@sha256:7c0183f3a8d40a6e24e3f5ae28dbeecea7f09e866b8704a70b676639835d12af_s390x",
"9Base-LVMS-4.14:lvms4/lvms-rhel9-operator@sha256:9c47279574868a772f7d14d9de8da670df5101287a5486347b9bd00586e78c17_ppc64le",
"9Base-LVMS-4.14:lvms4/lvms-rhel9-operator@sha256:a3cdbde1cbc51deb706c99935de6737bda7ef1b4f54fc3ba59a18696285c9a6c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "RHBZ#2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://github.com/dotnet/announcements/issues/277",
"url": "https://github.com/dotnet/announcements/issues/277"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
},
{
"category": "external",
"summary": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/",
"url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-09T18:33:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-LVMS-4.14:lvms4/topolvm-rhel9@sha256:0897e589f2dd003f58e09ce1fef3288cc3f682a24096f0991b3dfdd217ff5c34_arm64",
"9Base-LVMS-4.14:lvms4/topolvm-rhel9@sha256:cd9546b5a46c6e36327a972f26938d8cdc734649d61ed02648eed33dd29d9633_s390x",
"9Base-LVMS-4.14:lvms4/topolvm-rhel9@sha256:e97314d049510baa9d1021ac848f0826be1310cc870e6bd57aa3ef41cf8a0cc4_amd64",
"9Base-LVMS-4.14:lvms4/topolvm-rhel9@sha256:edb27e93b14212d79c959a1a325310d31496f53fac846049393f25ea18ec1349_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2023:6863"
},
{
"category": "workaround",
"details": "Users are strongly urged to update their software as soon as fixes are available. \nThere are several mitigation approaches for this flaw. \n\n1. If circumstances permit, users may disable http2 endpoints to circumvent the flaw altogether until a fix is available.\n2. IP-based blocking or flood protection and rate control tools may be used at network endpoints to filter incoming traffic.\n3. Several package specific mitigations are also available. \n a. nginx: https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\n b. netty: https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p\n c. haproxy: https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\n d. nghttp2: https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg\n e. golang: The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"9Base-LVMS-4.14:lvms4/lvms-must-gather-rhel9@sha256:3abc7f735860ae910e9fcd5d1e419af66911ebd6a502ad85c2e2753536749cdb_s390x",
"9Base-LVMS-4.14:lvms4/lvms-must-gather-rhel9@sha256:a83ab3e4e4174243bba1fbe96052ec8a5f0c4c5f74d8ecb04f5647796736f348_arm64",
"9Base-LVMS-4.14:lvms4/lvms-must-gather-rhel9@sha256:bfaee17835e1411c3e916e992a510641d2ddaaa2a4a85243b6f27fec541eae3a_ppc64le",
"9Base-LVMS-4.14:lvms4/lvms-must-gather-rhel9@sha256:e21c0af48138064f6904e2fb459b76239c9f3e1dffddac5dfc55e0f38eea5559_amd64",
"9Base-LVMS-4.14:lvms4/lvms-operator-bundle@sha256:0523ba33f11bf19e68a53ca564e78132d0ac5f819ac3cf52cbac0b5cc426053d_arm64",
"9Base-LVMS-4.14:lvms4/lvms-operator-bundle@sha256:8f9e651d7cbfd546991f05a5e05ac8331fbd5ec676f227e12bb13f2f4fd670d3_s390x",
"9Base-LVMS-4.14:lvms4/lvms-operator-bundle@sha256:b67d52a00937fb779cc98c18c1d8d21797363b19b6f4da04c1df0508698ac7cd_amd64",
"9Base-LVMS-4.14:lvms4/lvms-operator-bundle@sha256:c683e4da500bbb8753b184e43377bf7525fb6ffb20750a6695973025d3bce221_ppc64le",
"9Base-LVMS-4.14:lvms4/lvms-rhel9-operator@sha256:73c2e385e0d1c1e120362af30c9fa161975b47307e4c771468365b7a3a3a365a_arm64",
"9Base-LVMS-4.14:lvms4/lvms-rhel9-operator@sha256:7c0183f3a8d40a6e24e3f5ae28dbeecea7f09e866b8704a70b676639835d12af_s390x",
"9Base-LVMS-4.14:lvms4/lvms-rhel9-operator@sha256:9c47279574868a772f7d14d9de8da670df5101287a5486347b9bd00586e78c17_ppc64le",
"9Base-LVMS-4.14:lvms4/lvms-rhel9-operator@sha256:a3cdbde1cbc51deb706c99935de6737bda7ef1b4f54fc3ba59a18696285c9a6c_amd64",
"9Base-LVMS-4.14:lvms4/topolvm-rhel9@sha256:0897e589f2dd003f58e09ce1fef3288cc3f682a24096f0991b3dfdd217ff5c34_arm64",
"9Base-LVMS-4.14:lvms4/topolvm-rhel9@sha256:cd9546b5a46c6e36327a972f26938d8cdc734649d61ed02648eed33dd29d9633_s390x",
"9Base-LVMS-4.14:lvms4/topolvm-rhel9@sha256:e97314d049510baa9d1021ac848f0826be1310cc870e6bd57aa3ef41cf8a0cc4_amd64",
"9Base-LVMS-4.14:lvms4/topolvm-rhel9@sha256:edb27e93b14212d79c959a1a325310d31496f53fac846049393f25ea18ec1349_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-LVMS-4.14:lvms4/lvms-must-gather-rhel9@sha256:3abc7f735860ae910e9fcd5d1e419af66911ebd6a502ad85c2e2753536749cdb_s390x",
"9Base-LVMS-4.14:lvms4/lvms-must-gather-rhel9@sha256:a83ab3e4e4174243bba1fbe96052ec8a5f0c4c5f74d8ecb04f5647796736f348_arm64",
"9Base-LVMS-4.14:lvms4/lvms-must-gather-rhel9@sha256:bfaee17835e1411c3e916e992a510641d2ddaaa2a4a85243b6f27fec541eae3a_ppc64le",
"9Base-LVMS-4.14:lvms4/lvms-must-gather-rhel9@sha256:e21c0af48138064f6904e2fb459b76239c9f3e1dffddac5dfc55e0f38eea5559_amd64",
"9Base-LVMS-4.14:lvms4/lvms-operator-bundle@sha256:0523ba33f11bf19e68a53ca564e78132d0ac5f819ac3cf52cbac0b5cc426053d_arm64",
"9Base-LVMS-4.14:lvms4/lvms-operator-bundle@sha256:8f9e651d7cbfd546991f05a5e05ac8331fbd5ec676f227e12bb13f2f4fd670d3_s390x",
"9Base-LVMS-4.14:lvms4/lvms-operator-bundle@sha256:b67d52a00937fb779cc98c18c1d8d21797363b19b6f4da04c1df0508698ac7cd_amd64",
"9Base-LVMS-4.14:lvms4/lvms-operator-bundle@sha256:c683e4da500bbb8753b184e43377bf7525fb6ffb20750a6695973025d3bce221_ppc64le",
"9Base-LVMS-4.14:lvms4/lvms-rhel9-operator@sha256:73c2e385e0d1c1e120362af30c9fa161975b47307e4c771468365b7a3a3a365a_arm64",
"9Base-LVMS-4.14:lvms4/lvms-rhel9-operator@sha256:7c0183f3a8d40a6e24e3f5ae28dbeecea7f09e866b8704a70b676639835d12af_s390x",
"9Base-LVMS-4.14:lvms4/lvms-rhel9-operator@sha256:9c47279574868a772f7d14d9de8da670df5101287a5486347b9bd00586e78c17_ppc64le",
"9Base-LVMS-4.14:lvms4/lvms-rhel9-operator@sha256:a3cdbde1cbc51deb706c99935de6737bda7ef1b4f54fc3ba59a18696285c9a6c_amd64",
"9Base-LVMS-4.14:lvms4/topolvm-rhel9@sha256:0897e589f2dd003f58e09ce1fef3288cc3f682a24096f0991b3dfdd217ff5c34_arm64",
"9Base-LVMS-4.14:lvms4/topolvm-rhel9@sha256:cd9546b5a46c6e36327a972f26938d8cdc734649d61ed02648eed33dd29d9633_s390x",
"9Base-LVMS-4.14:lvms4/topolvm-rhel9@sha256:e97314d049510baa9d1021ac848f0826be1310cc870e6bd57aa3ef41cf8a0cc4_amd64",
"9Base-LVMS-4.14:lvms4/topolvm-rhel9@sha256:edb27e93b14212d79c959a1a325310d31496f53fac846049393f25ea18ec1349_ppc64le"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-10-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)"
}
]
}
RHBA-2023:7492
Vulnerability from csaf_redhat - Published: 2023-11-27 10:05 - Updated: 2026-06-02 15:03Summary
Red Hat Bug Fix Advisory: RHODS 2.4 - Red Hat OpenShift Data Science
Severity
Important
Notes
Topic: Updated images are now available for Red Hat OpenShift Data Science.
Details: Release of RHODS 2.4 provides these changes:
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages. Security Bulletin https://access.redhat.com/security/vulnerabilities/RHSB-2023-003
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHODS-2.4:rhods/odh-mm-rest-proxy-rhel8@sha256:b3c796a289fb12ac59ce60e75a4266045bf071e91a022ba5a9c935f077df602d_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHODS-2.4:rhods/odh-codeflare-operator-rhel8@sha256:dd14914e92bde9e834b5b806e296ed210e9e45c1e71d3ca8d07492a967e41646_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHODS-2.4:rhods/odh-dashboard-rhel8@sha256:4fb3e19665921164a9e3efbb83da2493af197e9511198bec2ef26be458bbe4af_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHODS-2.4:rhods/odh-data-science-pipelines-operator-controller-rhel8@sha256:4f1511effdf68329a092cc8de8879b99e6b412fe5e54dac78c0d1702cbe22615_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHODS-2.4:rhods/odh-kf-notebook-controller-rhel8@sha256:18bdde1e5d61663b56fad3135d046ab29d45ddde030059d2332dbe08f33baa22_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHODS-2.4:rhods/odh-kuberay-operator-controller-rhel8@sha256:6031c4b0cd16ad69e8ddffa27850797f2fcbed37453dc5eadcfc51fddd4fe16e_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHODS-2.4:rhods/odh-ml-pipelines-api-server-rhel8@sha256:e93464874ea15a531ded124b911ef31f8f7eaa4a714e61b793ce4fcc70465dba_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHODS-2.4:rhods/odh-ml-pipelines-artifact-manager-rhel8@sha256:3ad91b1853e45873885fdd8dcde094e5c0712a4ea93f2bf30c415c4153710e22_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHODS-2.4:rhods/odh-ml-pipelines-cache-rhel8@sha256:d8d6dade3fff4d7312d86226534279638fc981865394a75986bf1a7ff72752f4_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHODS-2.4:rhods/odh-ml-pipelines-persistenceagent-rhel8@sha256:e543aaee276a4571c3a06505b0007ae2a435848dd417ee8e47b54481106f119f_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHODS-2.4:rhods/odh-ml-pipelines-scheduledworkflow-rhel8@sha256:75a02edd646967593afd87f874bb207b22529af22b9e98be27781007186fe886_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHODS-2.4:rhods/odh-model-controller-rhel8@sha256:9808224f80f414b8af05cbfb1a6f3a292077d35ac1f403534c505f5bede517c5_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHODS-2.4:rhods/odh-modelmesh-rhel8@sha256:d7605432021879d043f95602b77bc99804211e0e240628fd4fb285550df61fbc_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHODS-2.4:rhods/odh-modelmesh-runtime-adapter-rhel8@sha256:f99fb510544a7e72137e48f0dca08949159786658ed8a3b3b74cc1d132fd1d35_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHODS-2.4:rhods/odh-modelmesh-serving-controller-rhel8@sha256:0f60f7523db4bf6c18bf69984e56ce632ceb1f0b4e868e73ef653b43e5034f75_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHODS-2.4:rhods/odh-notebook-controller-rhel8@sha256:19daaa5932e1297efc469eae97f0b7f1fb4b652d44aa828e3d3bcf5e9dfdc9b4_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHODS-2.4:rhods/odh-operator-base-rhel8@sha256:e33814ce6b42423bb9a8237c6a4b5f58bbbd9239b8335f3fca85ad86fdc39a37_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHODS-2.4:rhods/odh-operator-bundle@sha256:b637a02d23bd8364cc8914421049eb60169c163ac70bff2f33591df1a1193002_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHODS-2.4:rhods/odh-rhel8-operator@sha256:00d56a2984ee01fa81cbe838567e448ce8acced37f7ff919e6e50cf951082ef2_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHODS-2.4:rhods/odh-trustyai-service-operator-rhel8@sha256:c6a5d496f39aa30dbc90dee4cb81f6e54d1db3c8d388315b78782d631c5746ca_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHODS-2.4:rhods/odh-trustyai-service-rhel8@sha256:77d74af5cd5819cee3341505a3d329fbf622ad892df67faa85f4e6a40ccc6322_amd64 | — |
Workaround
|
Threats
Exploit Status
CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Impact
Important
References
25 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated images are now available for Red Hat OpenShift Data Science.",
"title": "Topic"
},
{
"category": "general",
"text": "Release of RHODS 2.4 provides these changes:",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHBA-2023:7492",
"url": "https://access.redhat.com/errata/RHBA-2023:7492"
},
{
"category": "external",
"summary": "FAI-982",
"url": "https://issues.redhat.com/browse/FAI-982"
},
{
"category": "external",
"summary": "FAI-983",
"url": "https://issues.redhat.com/browse/FAI-983"
},
{
"category": "external",
"summary": "FAI-984",
"url": "https://issues.redhat.com/browse/FAI-984"
},
{
"category": "external",
"summary": "RHOAIENG-228",
"url": "https://issues.redhat.com/browse/RHOAIENG-228"
},
{
"category": "external",
"summary": "RHODS-12782",
"url": "https://issues.redhat.com/browse/RHODS-12782"
},
{
"category": "external",
"summary": "RHODS-12783",
"url": "https://issues.redhat.com/browse/RHODS-12783"
},
{
"category": "external",
"summary": "RHODS-12784",
"url": "https://issues.redhat.com/browse/RHODS-12784"
},
{
"category": "external",
"summary": "RHODS-12785",
"url": "https://issues.redhat.com/browse/RHODS-12785"
},
{
"category": "external",
"summary": "RHODS-12787",
"url": "https://issues.redhat.com/browse/RHODS-12787"
},
{
"category": "external",
"summary": "RHODS-12834",
"url": "https://issues.redhat.com/browse/RHODS-12834"
},
{
"category": "external",
"summary": "RHODS-12860",
"url": "https://issues.redhat.com/browse/RHODS-12860"
},
{
"category": "external",
"summary": "RHODS-2",
"url": "https://issues.redhat.com/browse/RHODS-2"
},
{
"category": "external",
"summary": "RHODS-4050",
"url": "https://issues.redhat.com/browse/RHODS-4050"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhba-2023_7492.json"
}
],
"title": "Red Hat Bug Fix Advisory: RHODS 2.4 - Red Hat OpenShift Data Science",
"tracking": {
"current_release_date": "2026-06-02T15:03:40+00:00",
"generator": {
"date": "2026-06-02T15:03:40+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHBA-2023:7492",
"initial_release_date": "2023-11-27T10:05:54+00:00",
"revision_history": [
{
"date": "2023-11-27T10:05:54+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-11-27T10:05:54+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-02T15:03:40+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHODS-2.4-RHEL-8",
"product": {
"name": "RHODS-2.4-RHEL-8",
"product_id": "8Base-RHODS-2.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_data_science:2.4::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Data Science"
},
{
"branches": [
{
"category": "product_version",
"name": "rhods/odh-codeflare-operator-rhel8@sha256:dd14914e92bde9e834b5b806e296ed210e9e45c1e71d3ca8d07492a967e41646_amd64",
"product": {
"name": "rhods/odh-codeflare-operator-rhel8@sha256:dd14914e92bde9e834b5b806e296ed210e9e45c1e71d3ca8d07492a967e41646_amd64",
"product_id": "rhods/odh-codeflare-operator-rhel8@sha256:dd14914e92bde9e834b5b806e296ed210e9e45c1e71d3ca8d07492a967e41646_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-codeflare-operator-rhel8@sha256:dd14914e92bde9e834b5b806e296ed210e9e45c1e71d3ca8d07492a967e41646?arch=amd64\u0026repository_url=registry.redhat.io/rhods/odh-codeflare-operator-rhel8\u0026tag=v2.4.0-17"
}
}
},
{
"category": "product_version",
"name": "rhods/odh-dashboard-rhel8@sha256:4fb3e19665921164a9e3efbb83da2493af197e9511198bec2ef26be458bbe4af_amd64",
"product": {
"name": "rhods/odh-dashboard-rhel8@sha256:4fb3e19665921164a9e3efbb83da2493af197e9511198bec2ef26be458bbe4af_amd64",
"product_id": "rhods/odh-dashboard-rhel8@sha256:4fb3e19665921164a9e3efbb83da2493af197e9511198bec2ef26be458bbe4af_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-dashboard-rhel8@sha256:4fb3e19665921164a9e3efbb83da2493af197e9511198bec2ef26be458bbe4af?arch=amd64\u0026repository_url=registry.redhat.io/rhods/odh-dashboard-rhel8\u0026tag=v2.4.0-16"
}
}
},
{
"category": "product_version",
"name": "rhods/odh-data-science-pipelines-operator-controller-rhel8@sha256:4f1511effdf68329a092cc8de8879b99e6b412fe5e54dac78c0d1702cbe22615_amd64",
"product": {
"name": "rhods/odh-data-science-pipelines-operator-controller-rhel8@sha256:4f1511effdf68329a092cc8de8879b99e6b412fe5e54dac78c0d1702cbe22615_amd64",
"product_id": "rhods/odh-data-science-pipelines-operator-controller-rhel8@sha256:4f1511effdf68329a092cc8de8879b99e6b412fe5e54dac78c0d1702cbe22615_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-data-science-pipelines-operator-controller-rhel8@sha256:4f1511effdf68329a092cc8de8879b99e6b412fe5e54dac78c0d1702cbe22615?arch=amd64\u0026repository_url=registry.redhat.io/rhods/odh-data-science-pipelines-operator-controller-rhel8\u0026tag=v2.4.0-16"
}
}
},
{
"category": "product_version",
"name": "rhods/odh-kf-notebook-controller-rhel8@sha256:18bdde1e5d61663b56fad3135d046ab29d45ddde030059d2332dbe08f33baa22_amd64",
"product": {
"name": "rhods/odh-kf-notebook-controller-rhel8@sha256:18bdde1e5d61663b56fad3135d046ab29d45ddde030059d2332dbe08f33baa22_amd64",
"product_id": "rhods/odh-kf-notebook-controller-rhel8@sha256:18bdde1e5d61663b56fad3135d046ab29d45ddde030059d2332dbe08f33baa22_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-kf-notebook-controller-rhel8@sha256:18bdde1e5d61663b56fad3135d046ab29d45ddde030059d2332dbe08f33baa22?arch=amd64\u0026repository_url=registry.redhat.io/rhods/odh-kf-notebook-controller-rhel8\u0026tag=v2.4.0-17"
}
}
},
{
"category": "product_version",
"name": "rhods/odh-kuberay-operator-controller-rhel8@sha256:6031c4b0cd16ad69e8ddffa27850797f2fcbed37453dc5eadcfc51fddd4fe16e_amd64",
"product": {
"name": "rhods/odh-kuberay-operator-controller-rhel8@sha256:6031c4b0cd16ad69e8ddffa27850797f2fcbed37453dc5eadcfc51fddd4fe16e_amd64",
"product_id": "rhods/odh-kuberay-operator-controller-rhel8@sha256:6031c4b0cd16ad69e8ddffa27850797f2fcbed37453dc5eadcfc51fddd4fe16e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-kuberay-operator-controller-rhel8@sha256:6031c4b0cd16ad69e8ddffa27850797f2fcbed37453dc5eadcfc51fddd4fe16e?arch=amd64\u0026repository_url=registry.redhat.io/rhods/odh-kuberay-operator-controller-rhel8\u0026tag=v2.4.0-16"
}
}
},
{
"category": "product_version",
"name": "rhods/odh-ml-pipelines-api-server-rhel8@sha256:e93464874ea15a531ded124b911ef31f8f7eaa4a714e61b793ce4fcc70465dba_amd64",
"product": {
"name": "rhods/odh-ml-pipelines-api-server-rhel8@sha256:e93464874ea15a531ded124b911ef31f8f7eaa4a714e61b793ce4fcc70465dba_amd64",
"product_id": "rhods/odh-ml-pipelines-api-server-rhel8@sha256:e93464874ea15a531ded124b911ef31f8f7eaa4a714e61b793ce4fcc70465dba_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-ml-pipelines-api-server-rhel8@sha256:e93464874ea15a531ded124b911ef31f8f7eaa4a714e61b793ce4fcc70465dba?arch=amd64\u0026repository_url=registry.redhat.io/rhods/odh-ml-pipelines-api-server-rhel8\u0026tag=v2.4.0-16"
}
}
},
{
"category": "product_version",
"name": "rhods/odh-ml-pipelines-artifact-manager-rhel8@sha256:3ad91b1853e45873885fdd8dcde094e5c0712a4ea93f2bf30c415c4153710e22_amd64",
"product": {
"name": "rhods/odh-ml-pipelines-artifact-manager-rhel8@sha256:3ad91b1853e45873885fdd8dcde094e5c0712a4ea93f2bf30c415c4153710e22_amd64",
"product_id": "rhods/odh-ml-pipelines-artifact-manager-rhel8@sha256:3ad91b1853e45873885fdd8dcde094e5c0712a4ea93f2bf30c415c4153710e22_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-ml-pipelines-artifact-manager-rhel8@sha256:3ad91b1853e45873885fdd8dcde094e5c0712a4ea93f2bf30c415c4153710e22?arch=amd64\u0026repository_url=registry.redhat.io/rhods/odh-ml-pipelines-artifact-manager-rhel8\u0026tag=v2.4.0-15"
}
}
},
{
"category": "product_version",
"name": "rhods/odh-ml-pipelines-cache-rhel8@sha256:d8d6dade3fff4d7312d86226534279638fc981865394a75986bf1a7ff72752f4_amd64",
"product": {
"name": "rhods/odh-ml-pipelines-cache-rhel8@sha256:d8d6dade3fff4d7312d86226534279638fc981865394a75986bf1a7ff72752f4_amd64",
"product_id": "rhods/odh-ml-pipelines-cache-rhel8@sha256:d8d6dade3fff4d7312d86226534279638fc981865394a75986bf1a7ff72752f4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-ml-pipelines-cache-rhel8@sha256:d8d6dade3fff4d7312d86226534279638fc981865394a75986bf1a7ff72752f4?arch=amd64\u0026repository_url=registry.redhat.io/rhods/odh-ml-pipelines-cache-rhel8\u0026tag=v2.4.0-16"
}
}
},
{
"category": "product_version",
"name": "rhods/odh-ml-pipelines-persistenceagent-rhel8@sha256:e543aaee276a4571c3a06505b0007ae2a435848dd417ee8e47b54481106f119f_amd64",
"product": {
"name": "rhods/odh-ml-pipelines-persistenceagent-rhel8@sha256:e543aaee276a4571c3a06505b0007ae2a435848dd417ee8e47b54481106f119f_amd64",
"product_id": "rhods/odh-ml-pipelines-persistenceagent-rhel8@sha256:e543aaee276a4571c3a06505b0007ae2a435848dd417ee8e47b54481106f119f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-ml-pipelines-persistenceagent-rhel8@sha256:e543aaee276a4571c3a06505b0007ae2a435848dd417ee8e47b54481106f119f?arch=amd64\u0026repository_url=registry.redhat.io/rhods/odh-ml-pipelines-persistenceagent-rhel8\u0026tag=v2.4.0-16"
}
}
},
{
"category": "product_version",
"name": "rhods/odh-ml-pipelines-scheduledworkflow-rhel8@sha256:75a02edd646967593afd87f874bb207b22529af22b9e98be27781007186fe886_amd64",
"product": {
"name": "rhods/odh-ml-pipelines-scheduledworkflow-rhel8@sha256:75a02edd646967593afd87f874bb207b22529af22b9e98be27781007186fe886_amd64",
"product_id": "rhods/odh-ml-pipelines-scheduledworkflow-rhel8@sha256:75a02edd646967593afd87f874bb207b22529af22b9e98be27781007186fe886_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-ml-pipelines-scheduledworkflow-rhel8@sha256:75a02edd646967593afd87f874bb207b22529af22b9e98be27781007186fe886?arch=amd64\u0026repository_url=registry.redhat.io/rhods/odh-ml-pipelines-scheduledworkflow-rhel8\u0026tag=v2.4.0-16"
}
}
},
{
"category": "product_version",
"name": "rhods/odh-mm-rest-proxy-rhel8@sha256:b3c796a289fb12ac59ce60e75a4266045bf071e91a022ba5a9c935f077df602d_amd64",
"product": {
"name": "rhods/odh-mm-rest-proxy-rhel8@sha256:b3c796a289fb12ac59ce60e75a4266045bf071e91a022ba5a9c935f077df602d_amd64",
"product_id": "rhods/odh-mm-rest-proxy-rhel8@sha256:b3c796a289fb12ac59ce60e75a4266045bf071e91a022ba5a9c935f077df602d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-mm-rest-proxy-rhel8@sha256:b3c796a289fb12ac59ce60e75a4266045bf071e91a022ba5a9c935f077df602d?arch=amd64\u0026repository_url=registry.redhat.io/rhods/odh-mm-rest-proxy-rhel8\u0026tag=v2.4.0-16"
}
}
},
{
"category": "product_version",
"name": "rhods/odh-model-controller-rhel8@sha256:9808224f80f414b8af05cbfb1a6f3a292077d35ac1f403534c505f5bede517c5_amd64",
"product": {
"name": "rhods/odh-model-controller-rhel8@sha256:9808224f80f414b8af05cbfb1a6f3a292077d35ac1f403534c505f5bede517c5_amd64",
"product_id": "rhods/odh-model-controller-rhel8@sha256:9808224f80f414b8af05cbfb1a6f3a292077d35ac1f403534c505f5bede517c5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-model-controller-rhel8@sha256:9808224f80f414b8af05cbfb1a6f3a292077d35ac1f403534c505f5bede517c5?arch=amd64\u0026repository_url=registry.redhat.io/rhods/odh-model-controller-rhel8\u0026tag=v2.4.0-16"
}
}
},
{
"category": "product_version",
"name": "rhods/odh-modelmesh-rhel8@sha256:d7605432021879d043f95602b77bc99804211e0e240628fd4fb285550df61fbc_amd64",
"product": {
"name": "rhods/odh-modelmesh-rhel8@sha256:d7605432021879d043f95602b77bc99804211e0e240628fd4fb285550df61fbc_amd64",
"product_id": "rhods/odh-modelmesh-rhel8@sha256:d7605432021879d043f95602b77bc99804211e0e240628fd4fb285550df61fbc_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-modelmesh-rhel8@sha256:d7605432021879d043f95602b77bc99804211e0e240628fd4fb285550df61fbc?arch=amd64\u0026repository_url=registry.redhat.io/rhods/odh-modelmesh-rhel8\u0026tag=v2.4.0-33"
}
}
},
{
"category": "product_version",
"name": "rhods/odh-modelmesh-runtime-adapter-rhel8@sha256:f99fb510544a7e72137e48f0dca08949159786658ed8a3b3b74cc1d132fd1d35_amd64",
"product": {
"name": "rhods/odh-modelmesh-runtime-adapter-rhel8@sha256:f99fb510544a7e72137e48f0dca08949159786658ed8a3b3b74cc1d132fd1d35_amd64",
"product_id": "rhods/odh-modelmesh-runtime-adapter-rhel8@sha256:f99fb510544a7e72137e48f0dca08949159786658ed8a3b3b74cc1d132fd1d35_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-modelmesh-runtime-adapter-rhel8@sha256:f99fb510544a7e72137e48f0dca08949159786658ed8a3b3b74cc1d132fd1d35?arch=amd64\u0026repository_url=registry.redhat.io/rhods/odh-modelmesh-runtime-adapter-rhel8\u0026tag=v2.4.0-17"
}
}
},
{
"category": "product_version",
"name": "rhods/odh-modelmesh-serving-controller-rhel8@sha256:0f60f7523db4bf6c18bf69984e56ce632ceb1f0b4e868e73ef653b43e5034f75_amd64",
"product": {
"name": "rhods/odh-modelmesh-serving-controller-rhel8@sha256:0f60f7523db4bf6c18bf69984e56ce632ceb1f0b4e868e73ef653b43e5034f75_amd64",
"product_id": "rhods/odh-modelmesh-serving-controller-rhel8@sha256:0f60f7523db4bf6c18bf69984e56ce632ceb1f0b4e868e73ef653b43e5034f75_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-modelmesh-serving-controller-rhel8@sha256:0f60f7523db4bf6c18bf69984e56ce632ceb1f0b4e868e73ef653b43e5034f75?arch=amd64\u0026repository_url=registry.redhat.io/rhods/odh-modelmesh-serving-controller-rhel8\u0026tag=v2.4.0-16"
}
}
},
{
"category": "product_version",
"name": "rhods/odh-notebook-controller-rhel8@sha256:19daaa5932e1297efc469eae97f0b7f1fb4b652d44aa828e3d3bcf5e9dfdc9b4_amd64",
"product": {
"name": "rhods/odh-notebook-controller-rhel8@sha256:19daaa5932e1297efc469eae97f0b7f1fb4b652d44aa828e3d3bcf5e9dfdc9b4_amd64",
"product_id": "rhods/odh-notebook-controller-rhel8@sha256:19daaa5932e1297efc469eae97f0b7f1fb4b652d44aa828e3d3bcf5e9dfdc9b4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-notebook-controller-rhel8@sha256:19daaa5932e1297efc469eae97f0b7f1fb4b652d44aa828e3d3bcf5e9dfdc9b4?arch=amd64\u0026repository_url=registry.redhat.io/rhods/odh-notebook-controller-rhel8\u0026tag=v2.4.0-17"
}
}
},
{
"category": "product_version",
"name": "rhods/odh-operator-base-rhel8@sha256:e33814ce6b42423bb9a8237c6a4b5f58bbbd9239b8335f3fca85ad86fdc39a37_amd64",
"product": {
"name": "rhods/odh-operator-base-rhel8@sha256:e33814ce6b42423bb9a8237c6a4b5f58bbbd9239b8335f3fca85ad86fdc39a37_amd64",
"product_id": "rhods/odh-operator-base-rhel8@sha256:e33814ce6b42423bb9a8237c6a4b5f58bbbd9239b8335f3fca85ad86fdc39a37_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-operator-base-rhel8@sha256:e33814ce6b42423bb9a8237c6a4b5f58bbbd9239b8335f3fca85ad86fdc39a37?arch=amd64\u0026repository_url=registry.redhat.io/rhods/odh-operator-base-rhel8\u0026tag=v2.4.0-35"
}
}
},
{
"category": "product_version",
"name": "rhods/odh-operator-bundle@sha256:b637a02d23bd8364cc8914421049eb60169c163ac70bff2f33591df1a1193002_amd64",
"product": {
"name": "rhods/odh-operator-bundle@sha256:b637a02d23bd8364cc8914421049eb60169c163ac70bff2f33591df1a1193002_amd64",
"product_id": "rhods/odh-operator-bundle@sha256:b637a02d23bd8364cc8914421049eb60169c163ac70bff2f33591df1a1193002_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-operator-bundle@sha256:b637a02d23bd8364cc8914421049eb60169c163ac70bff2f33591df1a1193002?arch=amd64\u0026repository_url=registry.redhat.io/rhods/odh-operator-bundle\u0026tag=v2.4.0-64"
}
}
},
{
"category": "product_version",
"name": "rhods/odh-rhel8-operator@sha256:00d56a2984ee01fa81cbe838567e448ce8acced37f7ff919e6e50cf951082ef2_amd64",
"product": {
"name": "rhods/odh-rhel8-operator@sha256:00d56a2984ee01fa81cbe838567e448ce8acced37f7ff919e6e50cf951082ef2_amd64",
"product_id": "rhods/odh-rhel8-operator@sha256:00d56a2984ee01fa81cbe838567e448ce8acced37f7ff919e6e50cf951082ef2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-rhel8-operator@sha256:00d56a2984ee01fa81cbe838567e448ce8acced37f7ff919e6e50cf951082ef2?arch=amd64\u0026repository_url=registry.redhat.io/rhods/odh-rhel8-operator\u0026tag=v2.4.0-46"
}
}
},
{
"category": "product_version",
"name": "rhods/odh-trustyai-service-rhel8@sha256:77d74af5cd5819cee3341505a3d329fbf622ad892df67faa85f4e6a40ccc6322_amd64",
"product": {
"name": "rhods/odh-trustyai-service-rhel8@sha256:77d74af5cd5819cee3341505a3d329fbf622ad892df67faa85f4e6a40ccc6322_amd64",
"product_id": "rhods/odh-trustyai-service-rhel8@sha256:77d74af5cd5819cee3341505a3d329fbf622ad892df67faa85f4e6a40ccc6322_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-trustyai-service-rhel8@sha256:77d74af5cd5819cee3341505a3d329fbf622ad892df67faa85f4e6a40ccc6322?arch=amd64\u0026repository_url=registry.redhat.io/rhods/odh-trustyai-service-rhel8\u0026tag=v2.4.0-34"
}
}
},
{
"category": "product_version",
"name": "rhods/odh-trustyai-service-operator-rhel8@sha256:c6a5d496f39aa30dbc90dee4cb81f6e54d1db3c8d388315b78782d631c5746ca_amd64",
"product": {
"name": "rhods/odh-trustyai-service-operator-rhel8@sha256:c6a5d496f39aa30dbc90dee4cb81f6e54d1db3c8d388315b78782d631c5746ca_amd64",
"product_id": "rhods/odh-trustyai-service-operator-rhel8@sha256:c6a5d496f39aa30dbc90dee4cb81f6e54d1db3c8d388315b78782d631c5746ca_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-trustyai-service-operator-rhel8@sha256:c6a5d496f39aa30dbc90dee4cb81f6e54d1db3c8d388315b78782d631c5746ca?arch=amd64\u0026repository_url=registry.redhat.io/rhods/odh-trustyai-service-operator-rhel8\u0026tag=v2.4.0-16"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "rhods/odh-codeflare-operator-rhel8@sha256:dd14914e92bde9e834b5b806e296ed210e9e45c1e71d3ca8d07492a967e41646_amd64 as a component of RHODS-2.4-RHEL-8",
"product_id": "8Base-RHODS-2.4:rhods/odh-codeflare-operator-rhel8@sha256:dd14914e92bde9e834b5b806e296ed210e9e45c1e71d3ca8d07492a967e41646_amd64"
},
"product_reference": "rhods/odh-codeflare-operator-rhel8@sha256:dd14914e92bde9e834b5b806e296ed210e9e45c1e71d3ca8d07492a967e41646_amd64",
"relates_to_product_reference": "8Base-RHODS-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhods/odh-dashboard-rhel8@sha256:4fb3e19665921164a9e3efbb83da2493af197e9511198bec2ef26be458bbe4af_amd64 as a component of RHODS-2.4-RHEL-8",
"product_id": "8Base-RHODS-2.4:rhods/odh-dashboard-rhel8@sha256:4fb3e19665921164a9e3efbb83da2493af197e9511198bec2ef26be458bbe4af_amd64"
},
"product_reference": "rhods/odh-dashboard-rhel8@sha256:4fb3e19665921164a9e3efbb83da2493af197e9511198bec2ef26be458bbe4af_amd64",
"relates_to_product_reference": "8Base-RHODS-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhods/odh-data-science-pipelines-operator-controller-rhel8@sha256:4f1511effdf68329a092cc8de8879b99e6b412fe5e54dac78c0d1702cbe22615_amd64 as a component of RHODS-2.4-RHEL-8",
"product_id": "8Base-RHODS-2.4:rhods/odh-data-science-pipelines-operator-controller-rhel8@sha256:4f1511effdf68329a092cc8de8879b99e6b412fe5e54dac78c0d1702cbe22615_amd64"
},
"product_reference": "rhods/odh-data-science-pipelines-operator-controller-rhel8@sha256:4f1511effdf68329a092cc8de8879b99e6b412fe5e54dac78c0d1702cbe22615_amd64",
"relates_to_product_reference": "8Base-RHODS-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhods/odh-kf-notebook-controller-rhel8@sha256:18bdde1e5d61663b56fad3135d046ab29d45ddde030059d2332dbe08f33baa22_amd64 as a component of RHODS-2.4-RHEL-8",
"product_id": "8Base-RHODS-2.4:rhods/odh-kf-notebook-controller-rhel8@sha256:18bdde1e5d61663b56fad3135d046ab29d45ddde030059d2332dbe08f33baa22_amd64"
},
"product_reference": "rhods/odh-kf-notebook-controller-rhel8@sha256:18bdde1e5d61663b56fad3135d046ab29d45ddde030059d2332dbe08f33baa22_amd64",
"relates_to_product_reference": "8Base-RHODS-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhods/odh-kuberay-operator-controller-rhel8@sha256:6031c4b0cd16ad69e8ddffa27850797f2fcbed37453dc5eadcfc51fddd4fe16e_amd64 as a component of RHODS-2.4-RHEL-8",
"product_id": "8Base-RHODS-2.4:rhods/odh-kuberay-operator-controller-rhel8@sha256:6031c4b0cd16ad69e8ddffa27850797f2fcbed37453dc5eadcfc51fddd4fe16e_amd64"
},
"product_reference": "rhods/odh-kuberay-operator-controller-rhel8@sha256:6031c4b0cd16ad69e8ddffa27850797f2fcbed37453dc5eadcfc51fddd4fe16e_amd64",
"relates_to_product_reference": "8Base-RHODS-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhods/odh-ml-pipelines-api-server-rhel8@sha256:e93464874ea15a531ded124b911ef31f8f7eaa4a714e61b793ce4fcc70465dba_amd64 as a component of RHODS-2.4-RHEL-8",
"product_id": "8Base-RHODS-2.4:rhods/odh-ml-pipelines-api-server-rhel8@sha256:e93464874ea15a531ded124b911ef31f8f7eaa4a714e61b793ce4fcc70465dba_amd64"
},
"product_reference": "rhods/odh-ml-pipelines-api-server-rhel8@sha256:e93464874ea15a531ded124b911ef31f8f7eaa4a714e61b793ce4fcc70465dba_amd64",
"relates_to_product_reference": "8Base-RHODS-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhods/odh-ml-pipelines-artifact-manager-rhel8@sha256:3ad91b1853e45873885fdd8dcde094e5c0712a4ea93f2bf30c415c4153710e22_amd64 as a component of RHODS-2.4-RHEL-8",
"product_id": "8Base-RHODS-2.4:rhods/odh-ml-pipelines-artifact-manager-rhel8@sha256:3ad91b1853e45873885fdd8dcde094e5c0712a4ea93f2bf30c415c4153710e22_amd64"
},
"product_reference": "rhods/odh-ml-pipelines-artifact-manager-rhel8@sha256:3ad91b1853e45873885fdd8dcde094e5c0712a4ea93f2bf30c415c4153710e22_amd64",
"relates_to_product_reference": "8Base-RHODS-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhods/odh-ml-pipelines-cache-rhel8@sha256:d8d6dade3fff4d7312d86226534279638fc981865394a75986bf1a7ff72752f4_amd64 as a component of RHODS-2.4-RHEL-8",
"product_id": "8Base-RHODS-2.4:rhods/odh-ml-pipelines-cache-rhel8@sha256:d8d6dade3fff4d7312d86226534279638fc981865394a75986bf1a7ff72752f4_amd64"
},
"product_reference": "rhods/odh-ml-pipelines-cache-rhel8@sha256:d8d6dade3fff4d7312d86226534279638fc981865394a75986bf1a7ff72752f4_amd64",
"relates_to_product_reference": "8Base-RHODS-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhods/odh-ml-pipelines-persistenceagent-rhel8@sha256:e543aaee276a4571c3a06505b0007ae2a435848dd417ee8e47b54481106f119f_amd64 as a component of RHODS-2.4-RHEL-8",
"product_id": "8Base-RHODS-2.4:rhods/odh-ml-pipelines-persistenceagent-rhel8@sha256:e543aaee276a4571c3a06505b0007ae2a435848dd417ee8e47b54481106f119f_amd64"
},
"product_reference": "rhods/odh-ml-pipelines-persistenceagent-rhel8@sha256:e543aaee276a4571c3a06505b0007ae2a435848dd417ee8e47b54481106f119f_amd64",
"relates_to_product_reference": "8Base-RHODS-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhods/odh-ml-pipelines-scheduledworkflow-rhel8@sha256:75a02edd646967593afd87f874bb207b22529af22b9e98be27781007186fe886_amd64 as a component of RHODS-2.4-RHEL-8",
"product_id": "8Base-RHODS-2.4:rhods/odh-ml-pipelines-scheduledworkflow-rhel8@sha256:75a02edd646967593afd87f874bb207b22529af22b9e98be27781007186fe886_amd64"
},
"product_reference": "rhods/odh-ml-pipelines-scheduledworkflow-rhel8@sha256:75a02edd646967593afd87f874bb207b22529af22b9e98be27781007186fe886_amd64",
"relates_to_product_reference": "8Base-RHODS-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhods/odh-mm-rest-proxy-rhel8@sha256:b3c796a289fb12ac59ce60e75a4266045bf071e91a022ba5a9c935f077df602d_amd64 as a component of RHODS-2.4-RHEL-8",
"product_id": "8Base-RHODS-2.4:rhods/odh-mm-rest-proxy-rhel8@sha256:b3c796a289fb12ac59ce60e75a4266045bf071e91a022ba5a9c935f077df602d_amd64"
},
"product_reference": "rhods/odh-mm-rest-proxy-rhel8@sha256:b3c796a289fb12ac59ce60e75a4266045bf071e91a022ba5a9c935f077df602d_amd64",
"relates_to_product_reference": "8Base-RHODS-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhods/odh-model-controller-rhel8@sha256:9808224f80f414b8af05cbfb1a6f3a292077d35ac1f403534c505f5bede517c5_amd64 as a component of RHODS-2.4-RHEL-8",
"product_id": "8Base-RHODS-2.4:rhods/odh-model-controller-rhel8@sha256:9808224f80f414b8af05cbfb1a6f3a292077d35ac1f403534c505f5bede517c5_amd64"
},
"product_reference": "rhods/odh-model-controller-rhel8@sha256:9808224f80f414b8af05cbfb1a6f3a292077d35ac1f403534c505f5bede517c5_amd64",
"relates_to_product_reference": "8Base-RHODS-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhods/odh-modelmesh-rhel8@sha256:d7605432021879d043f95602b77bc99804211e0e240628fd4fb285550df61fbc_amd64 as a component of RHODS-2.4-RHEL-8",
"product_id": "8Base-RHODS-2.4:rhods/odh-modelmesh-rhel8@sha256:d7605432021879d043f95602b77bc99804211e0e240628fd4fb285550df61fbc_amd64"
},
"product_reference": "rhods/odh-modelmesh-rhel8@sha256:d7605432021879d043f95602b77bc99804211e0e240628fd4fb285550df61fbc_amd64",
"relates_to_product_reference": "8Base-RHODS-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhods/odh-modelmesh-runtime-adapter-rhel8@sha256:f99fb510544a7e72137e48f0dca08949159786658ed8a3b3b74cc1d132fd1d35_amd64 as a component of RHODS-2.4-RHEL-8",
"product_id": "8Base-RHODS-2.4:rhods/odh-modelmesh-runtime-adapter-rhel8@sha256:f99fb510544a7e72137e48f0dca08949159786658ed8a3b3b74cc1d132fd1d35_amd64"
},
"product_reference": "rhods/odh-modelmesh-runtime-adapter-rhel8@sha256:f99fb510544a7e72137e48f0dca08949159786658ed8a3b3b74cc1d132fd1d35_amd64",
"relates_to_product_reference": "8Base-RHODS-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhods/odh-modelmesh-serving-controller-rhel8@sha256:0f60f7523db4bf6c18bf69984e56ce632ceb1f0b4e868e73ef653b43e5034f75_amd64 as a component of RHODS-2.4-RHEL-8",
"product_id": "8Base-RHODS-2.4:rhods/odh-modelmesh-serving-controller-rhel8@sha256:0f60f7523db4bf6c18bf69984e56ce632ceb1f0b4e868e73ef653b43e5034f75_amd64"
},
"product_reference": "rhods/odh-modelmesh-serving-controller-rhel8@sha256:0f60f7523db4bf6c18bf69984e56ce632ceb1f0b4e868e73ef653b43e5034f75_amd64",
"relates_to_product_reference": "8Base-RHODS-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhods/odh-notebook-controller-rhel8@sha256:19daaa5932e1297efc469eae97f0b7f1fb4b652d44aa828e3d3bcf5e9dfdc9b4_amd64 as a component of RHODS-2.4-RHEL-8",
"product_id": "8Base-RHODS-2.4:rhods/odh-notebook-controller-rhel8@sha256:19daaa5932e1297efc469eae97f0b7f1fb4b652d44aa828e3d3bcf5e9dfdc9b4_amd64"
},
"product_reference": "rhods/odh-notebook-controller-rhel8@sha256:19daaa5932e1297efc469eae97f0b7f1fb4b652d44aa828e3d3bcf5e9dfdc9b4_amd64",
"relates_to_product_reference": "8Base-RHODS-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhods/odh-operator-base-rhel8@sha256:e33814ce6b42423bb9a8237c6a4b5f58bbbd9239b8335f3fca85ad86fdc39a37_amd64 as a component of RHODS-2.4-RHEL-8",
"product_id": "8Base-RHODS-2.4:rhods/odh-operator-base-rhel8@sha256:e33814ce6b42423bb9a8237c6a4b5f58bbbd9239b8335f3fca85ad86fdc39a37_amd64"
},
"product_reference": "rhods/odh-operator-base-rhel8@sha256:e33814ce6b42423bb9a8237c6a4b5f58bbbd9239b8335f3fca85ad86fdc39a37_amd64",
"relates_to_product_reference": "8Base-RHODS-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhods/odh-operator-bundle@sha256:b637a02d23bd8364cc8914421049eb60169c163ac70bff2f33591df1a1193002_amd64 as a component of RHODS-2.4-RHEL-8",
"product_id": "8Base-RHODS-2.4:rhods/odh-operator-bundle@sha256:b637a02d23bd8364cc8914421049eb60169c163ac70bff2f33591df1a1193002_amd64"
},
"product_reference": "rhods/odh-operator-bundle@sha256:b637a02d23bd8364cc8914421049eb60169c163ac70bff2f33591df1a1193002_amd64",
"relates_to_product_reference": "8Base-RHODS-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhods/odh-rhel8-operator@sha256:00d56a2984ee01fa81cbe838567e448ce8acced37f7ff919e6e50cf951082ef2_amd64 as a component of RHODS-2.4-RHEL-8",
"product_id": "8Base-RHODS-2.4:rhods/odh-rhel8-operator@sha256:00d56a2984ee01fa81cbe838567e448ce8acced37f7ff919e6e50cf951082ef2_amd64"
},
"product_reference": "rhods/odh-rhel8-operator@sha256:00d56a2984ee01fa81cbe838567e448ce8acced37f7ff919e6e50cf951082ef2_amd64",
"relates_to_product_reference": "8Base-RHODS-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhods/odh-trustyai-service-operator-rhel8@sha256:c6a5d496f39aa30dbc90dee4cb81f6e54d1db3c8d388315b78782d631c5746ca_amd64 as a component of RHODS-2.4-RHEL-8",
"product_id": "8Base-RHODS-2.4:rhods/odh-trustyai-service-operator-rhel8@sha256:c6a5d496f39aa30dbc90dee4cb81f6e54d1db3c8d388315b78782d631c5746ca_amd64"
},
"product_reference": "rhods/odh-trustyai-service-operator-rhel8@sha256:c6a5d496f39aa30dbc90dee4cb81f6e54d1db3c8d388315b78782d631c5746ca_amd64",
"relates_to_product_reference": "8Base-RHODS-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhods/odh-trustyai-service-rhel8@sha256:77d74af5cd5819cee3341505a3d329fbf622ad892df67faa85f4e6a40ccc6322_amd64 as a component of RHODS-2.4-RHEL-8",
"product_id": "8Base-RHODS-2.4:rhods/odh-trustyai-service-rhel8@sha256:77d74af5cd5819cee3341505a3d329fbf622ad892df67faa85f4e6a40ccc6322_amd64"
},
"product_reference": "rhods/odh-trustyai-service-rhel8@sha256:77d74af5cd5819cee3341505a3d329fbf622ad892df67faa85f4e6a40ccc6322_amd64",
"relates_to_product_reference": "8Base-RHODS-2.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-44487",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHODS-2.4:rhods/odh-codeflare-operator-rhel8@sha256:dd14914e92bde9e834b5b806e296ed210e9e45c1e71d3ca8d07492a967e41646_amd64",
"8Base-RHODS-2.4:rhods/odh-dashboard-rhel8@sha256:4fb3e19665921164a9e3efbb83da2493af197e9511198bec2ef26be458bbe4af_amd64",
"8Base-RHODS-2.4:rhods/odh-data-science-pipelines-operator-controller-rhel8@sha256:4f1511effdf68329a092cc8de8879b99e6b412fe5e54dac78c0d1702cbe22615_amd64",
"8Base-RHODS-2.4:rhods/odh-kf-notebook-controller-rhel8@sha256:18bdde1e5d61663b56fad3135d046ab29d45ddde030059d2332dbe08f33baa22_amd64",
"8Base-RHODS-2.4:rhods/odh-kuberay-operator-controller-rhel8@sha256:6031c4b0cd16ad69e8ddffa27850797f2fcbed37453dc5eadcfc51fddd4fe16e_amd64",
"8Base-RHODS-2.4:rhods/odh-ml-pipelines-api-server-rhel8@sha256:e93464874ea15a531ded124b911ef31f8f7eaa4a714e61b793ce4fcc70465dba_amd64",
"8Base-RHODS-2.4:rhods/odh-ml-pipelines-artifact-manager-rhel8@sha256:3ad91b1853e45873885fdd8dcde094e5c0712a4ea93f2bf30c415c4153710e22_amd64",
"8Base-RHODS-2.4:rhods/odh-ml-pipelines-cache-rhel8@sha256:d8d6dade3fff4d7312d86226534279638fc981865394a75986bf1a7ff72752f4_amd64",
"8Base-RHODS-2.4:rhods/odh-ml-pipelines-persistenceagent-rhel8@sha256:e543aaee276a4571c3a06505b0007ae2a435848dd417ee8e47b54481106f119f_amd64",
"8Base-RHODS-2.4:rhods/odh-ml-pipelines-scheduledworkflow-rhel8@sha256:75a02edd646967593afd87f874bb207b22529af22b9e98be27781007186fe886_amd64",
"8Base-RHODS-2.4:rhods/odh-model-controller-rhel8@sha256:9808224f80f414b8af05cbfb1a6f3a292077d35ac1f403534c505f5bede517c5_amd64",
"8Base-RHODS-2.4:rhods/odh-modelmesh-rhel8@sha256:d7605432021879d043f95602b77bc99804211e0e240628fd4fb285550df61fbc_amd64",
"8Base-RHODS-2.4:rhods/odh-modelmesh-runtime-adapter-rhel8@sha256:f99fb510544a7e72137e48f0dca08949159786658ed8a3b3b74cc1d132fd1d35_amd64",
"8Base-RHODS-2.4:rhods/odh-modelmesh-serving-controller-rhel8@sha256:0f60f7523db4bf6c18bf69984e56ce632ceb1f0b4e868e73ef653b43e5034f75_amd64",
"8Base-RHODS-2.4:rhods/odh-notebook-controller-rhel8@sha256:19daaa5932e1297efc469eae97f0b7f1fb4b652d44aa828e3d3bcf5e9dfdc9b4_amd64",
"8Base-RHODS-2.4:rhods/odh-operator-base-rhel8@sha256:e33814ce6b42423bb9a8237c6a4b5f58bbbd9239b8335f3fca85ad86fdc39a37_amd64",
"8Base-RHODS-2.4:rhods/odh-operator-bundle@sha256:b637a02d23bd8364cc8914421049eb60169c163ac70bff2f33591df1a1193002_amd64",
"8Base-RHODS-2.4:rhods/odh-rhel8-operator@sha256:00d56a2984ee01fa81cbe838567e448ce8acced37f7ff919e6e50cf951082ef2_amd64",
"8Base-RHODS-2.4:rhods/odh-trustyai-service-operator-rhel8@sha256:c6a5d496f39aa30dbc90dee4cb81f6e54d1db3c8d388315b78782d631c5746ca_amd64",
"8Base-RHODS-2.4:rhods/odh-trustyai-service-rhel8@sha256:77d74af5cd5819cee3341505a3d329fbf622ad892df67faa85f4e6a40ccc6322_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2242803"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages.\r\n\r\nSecurity Bulletin\r\nhttps://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "NGINX has been marked as Moderate Impact because, for performance and resource consumption reasons, NGINX limits the number of concurrent streams to a default of 128. In addition, to optimally balance network and server performance, NGINX allows the client to persist HTTP connections for up to 1000 requests by default using an HTTP keepalive.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nrhc component is no longer impacted by CVE-2023-44487 \u0026 CVE-2023-39325.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHODS-2.4:rhods/odh-mm-rest-proxy-rhel8@sha256:b3c796a289fb12ac59ce60e75a4266045bf071e91a022ba5a9c935f077df602d_amd64"
],
"known_not_affected": [
"8Base-RHODS-2.4:rhods/odh-codeflare-operator-rhel8@sha256:dd14914e92bde9e834b5b806e296ed210e9e45c1e71d3ca8d07492a967e41646_amd64",
"8Base-RHODS-2.4:rhods/odh-dashboard-rhel8@sha256:4fb3e19665921164a9e3efbb83da2493af197e9511198bec2ef26be458bbe4af_amd64",
"8Base-RHODS-2.4:rhods/odh-data-science-pipelines-operator-controller-rhel8@sha256:4f1511effdf68329a092cc8de8879b99e6b412fe5e54dac78c0d1702cbe22615_amd64",
"8Base-RHODS-2.4:rhods/odh-kf-notebook-controller-rhel8@sha256:18bdde1e5d61663b56fad3135d046ab29d45ddde030059d2332dbe08f33baa22_amd64",
"8Base-RHODS-2.4:rhods/odh-kuberay-operator-controller-rhel8@sha256:6031c4b0cd16ad69e8ddffa27850797f2fcbed37453dc5eadcfc51fddd4fe16e_amd64",
"8Base-RHODS-2.4:rhods/odh-ml-pipelines-api-server-rhel8@sha256:e93464874ea15a531ded124b911ef31f8f7eaa4a714e61b793ce4fcc70465dba_amd64",
"8Base-RHODS-2.4:rhods/odh-ml-pipelines-artifact-manager-rhel8@sha256:3ad91b1853e45873885fdd8dcde094e5c0712a4ea93f2bf30c415c4153710e22_amd64",
"8Base-RHODS-2.4:rhods/odh-ml-pipelines-cache-rhel8@sha256:d8d6dade3fff4d7312d86226534279638fc981865394a75986bf1a7ff72752f4_amd64",
"8Base-RHODS-2.4:rhods/odh-ml-pipelines-persistenceagent-rhel8@sha256:e543aaee276a4571c3a06505b0007ae2a435848dd417ee8e47b54481106f119f_amd64",
"8Base-RHODS-2.4:rhods/odh-ml-pipelines-scheduledworkflow-rhel8@sha256:75a02edd646967593afd87f874bb207b22529af22b9e98be27781007186fe886_amd64",
"8Base-RHODS-2.4:rhods/odh-model-controller-rhel8@sha256:9808224f80f414b8af05cbfb1a6f3a292077d35ac1f403534c505f5bede517c5_amd64",
"8Base-RHODS-2.4:rhods/odh-modelmesh-rhel8@sha256:d7605432021879d043f95602b77bc99804211e0e240628fd4fb285550df61fbc_amd64",
"8Base-RHODS-2.4:rhods/odh-modelmesh-runtime-adapter-rhel8@sha256:f99fb510544a7e72137e48f0dca08949159786658ed8a3b3b74cc1d132fd1d35_amd64",
"8Base-RHODS-2.4:rhods/odh-modelmesh-serving-controller-rhel8@sha256:0f60f7523db4bf6c18bf69984e56ce632ceb1f0b4e868e73ef653b43e5034f75_amd64",
"8Base-RHODS-2.4:rhods/odh-notebook-controller-rhel8@sha256:19daaa5932e1297efc469eae97f0b7f1fb4b652d44aa828e3d3bcf5e9dfdc9b4_amd64",
"8Base-RHODS-2.4:rhods/odh-operator-base-rhel8@sha256:e33814ce6b42423bb9a8237c6a4b5f58bbbd9239b8335f3fca85ad86fdc39a37_amd64",
"8Base-RHODS-2.4:rhods/odh-operator-bundle@sha256:b637a02d23bd8364cc8914421049eb60169c163ac70bff2f33591df1a1193002_amd64",
"8Base-RHODS-2.4:rhods/odh-rhel8-operator@sha256:00d56a2984ee01fa81cbe838567e448ce8acced37f7ff919e6e50cf951082ef2_amd64",
"8Base-RHODS-2.4:rhods/odh-trustyai-service-operator-rhel8@sha256:c6a5d496f39aa30dbc90dee4cb81f6e54d1db3c8d388315b78782d631c5746ca_amd64",
"8Base-RHODS-2.4:rhods/odh-trustyai-service-rhel8@sha256:77d74af5cd5819cee3341505a3d329fbf622ad892df67faa85f4e6a40ccc6322_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "RHBZ#2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://github.com/dotnet/announcements/issues/277",
"url": "https://github.com/dotnet/announcements/issues/277"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
},
{
"category": "external",
"summary": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/",
"url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-27T10:05:54+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHODS-2.4:rhods/odh-mm-rest-proxy-rhel8@sha256:b3c796a289fb12ac59ce60e75a4266045bf071e91a022ba5a9c935f077df602d_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2023:7492"
},
{
"category": "workaround",
"details": "Users are strongly urged to update their software as soon as fixes are available. \nThere are several mitigation approaches for this flaw. \n\n1. If circumstances permit, users may disable http2 endpoints to circumvent the flaw altogether until a fix is available.\n2. IP-based blocking or flood protection and rate control tools may be used at network endpoints to filter incoming traffic.\n3. Several package specific mitigations are also available. \n a. nginx: https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\n b. netty: https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p\n c. haproxy: https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\n d. nghttp2: https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg\n e. golang: The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"8Base-RHODS-2.4:rhods/odh-codeflare-operator-rhel8@sha256:dd14914e92bde9e834b5b806e296ed210e9e45c1e71d3ca8d07492a967e41646_amd64",
"8Base-RHODS-2.4:rhods/odh-dashboard-rhel8@sha256:4fb3e19665921164a9e3efbb83da2493af197e9511198bec2ef26be458bbe4af_amd64",
"8Base-RHODS-2.4:rhods/odh-data-science-pipelines-operator-controller-rhel8@sha256:4f1511effdf68329a092cc8de8879b99e6b412fe5e54dac78c0d1702cbe22615_amd64",
"8Base-RHODS-2.4:rhods/odh-kf-notebook-controller-rhel8@sha256:18bdde1e5d61663b56fad3135d046ab29d45ddde030059d2332dbe08f33baa22_amd64",
"8Base-RHODS-2.4:rhods/odh-kuberay-operator-controller-rhel8@sha256:6031c4b0cd16ad69e8ddffa27850797f2fcbed37453dc5eadcfc51fddd4fe16e_amd64",
"8Base-RHODS-2.4:rhods/odh-ml-pipelines-api-server-rhel8@sha256:e93464874ea15a531ded124b911ef31f8f7eaa4a714e61b793ce4fcc70465dba_amd64",
"8Base-RHODS-2.4:rhods/odh-ml-pipelines-artifact-manager-rhel8@sha256:3ad91b1853e45873885fdd8dcde094e5c0712a4ea93f2bf30c415c4153710e22_amd64",
"8Base-RHODS-2.4:rhods/odh-ml-pipelines-cache-rhel8@sha256:d8d6dade3fff4d7312d86226534279638fc981865394a75986bf1a7ff72752f4_amd64",
"8Base-RHODS-2.4:rhods/odh-ml-pipelines-persistenceagent-rhel8@sha256:e543aaee276a4571c3a06505b0007ae2a435848dd417ee8e47b54481106f119f_amd64",
"8Base-RHODS-2.4:rhods/odh-ml-pipelines-scheduledworkflow-rhel8@sha256:75a02edd646967593afd87f874bb207b22529af22b9e98be27781007186fe886_amd64",
"8Base-RHODS-2.4:rhods/odh-mm-rest-proxy-rhel8@sha256:b3c796a289fb12ac59ce60e75a4266045bf071e91a022ba5a9c935f077df602d_amd64",
"8Base-RHODS-2.4:rhods/odh-model-controller-rhel8@sha256:9808224f80f414b8af05cbfb1a6f3a292077d35ac1f403534c505f5bede517c5_amd64",
"8Base-RHODS-2.4:rhods/odh-modelmesh-rhel8@sha256:d7605432021879d043f95602b77bc99804211e0e240628fd4fb285550df61fbc_amd64",
"8Base-RHODS-2.4:rhods/odh-modelmesh-runtime-adapter-rhel8@sha256:f99fb510544a7e72137e48f0dca08949159786658ed8a3b3b74cc1d132fd1d35_amd64",
"8Base-RHODS-2.4:rhods/odh-modelmesh-serving-controller-rhel8@sha256:0f60f7523db4bf6c18bf69984e56ce632ceb1f0b4e868e73ef653b43e5034f75_amd64",
"8Base-RHODS-2.4:rhods/odh-notebook-controller-rhel8@sha256:19daaa5932e1297efc469eae97f0b7f1fb4b652d44aa828e3d3bcf5e9dfdc9b4_amd64",
"8Base-RHODS-2.4:rhods/odh-operator-base-rhel8@sha256:e33814ce6b42423bb9a8237c6a4b5f58bbbd9239b8335f3fca85ad86fdc39a37_amd64",
"8Base-RHODS-2.4:rhods/odh-operator-bundle@sha256:b637a02d23bd8364cc8914421049eb60169c163ac70bff2f33591df1a1193002_amd64",
"8Base-RHODS-2.4:rhods/odh-rhel8-operator@sha256:00d56a2984ee01fa81cbe838567e448ce8acced37f7ff919e6e50cf951082ef2_amd64",
"8Base-RHODS-2.4:rhods/odh-trustyai-service-operator-rhel8@sha256:c6a5d496f39aa30dbc90dee4cb81f6e54d1db3c8d388315b78782d631c5746ca_amd64",
"8Base-RHODS-2.4:rhods/odh-trustyai-service-rhel8@sha256:77d74af5cd5819cee3341505a3d329fbf622ad892df67faa85f4e6a40ccc6322_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHODS-2.4:rhods/odh-codeflare-operator-rhel8@sha256:dd14914e92bde9e834b5b806e296ed210e9e45c1e71d3ca8d07492a967e41646_amd64",
"8Base-RHODS-2.4:rhods/odh-dashboard-rhel8@sha256:4fb3e19665921164a9e3efbb83da2493af197e9511198bec2ef26be458bbe4af_amd64",
"8Base-RHODS-2.4:rhods/odh-data-science-pipelines-operator-controller-rhel8@sha256:4f1511effdf68329a092cc8de8879b99e6b412fe5e54dac78c0d1702cbe22615_amd64",
"8Base-RHODS-2.4:rhods/odh-kf-notebook-controller-rhel8@sha256:18bdde1e5d61663b56fad3135d046ab29d45ddde030059d2332dbe08f33baa22_amd64",
"8Base-RHODS-2.4:rhods/odh-kuberay-operator-controller-rhel8@sha256:6031c4b0cd16ad69e8ddffa27850797f2fcbed37453dc5eadcfc51fddd4fe16e_amd64",
"8Base-RHODS-2.4:rhods/odh-ml-pipelines-api-server-rhel8@sha256:e93464874ea15a531ded124b911ef31f8f7eaa4a714e61b793ce4fcc70465dba_amd64",
"8Base-RHODS-2.4:rhods/odh-ml-pipelines-artifact-manager-rhel8@sha256:3ad91b1853e45873885fdd8dcde094e5c0712a4ea93f2bf30c415c4153710e22_amd64",
"8Base-RHODS-2.4:rhods/odh-ml-pipelines-cache-rhel8@sha256:d8d6dade3fff4d7312d86226534279638fc981865394a75986bf1a7ff72752f4_amd64",
"8Base-RHODS-2.4:rhods/odh-ml-pipelines-persistenceagent-rhel8@sha256:e543aaee276a4571c3a06505b0007ae2a435848dd417ee8e47b54481106f119f_amd64",
"8Base-RHODS-2.4:rhods/odh-ml-pipelines-scheduledworkflow-rhel8@sha256:75a02edd646967593afd87f874bb207b22529af22b9e98be27781007186fe886_amd64",
"8Base-RHODS-2.4:rhods/odh-mm-rest-proxy-rhel8@sha256:b3c796a289fb12ac59ce60e75a4266045bf071e91a022ba5a9c935f077df602d_amd64",
"8Base-RHODS-2.4:rhods/odh-model-controller-rhel8@sha256:9808224f80f414b8af05cbfb1a6f3a292077d35ac1f403534c505f5bede517c5_amd64",
"8Base-RHODS-2.4:rhods/odh-modelmesh-rhel8@sha256:d7605432021879d043f95602b77bc99804211e0e240628fd4fb285550df61fbc_amd64",
"8Base-RHODS-2.4:rhods/odh-modelmesh-runtime-adapter-rhel8@sha256:f99fb510544a7e72137e48f0dca08949159786658ed8a3b3b74cc1d132fd1d35_amd64",
"8Base-RHODS-2.4:rhods/odh-modelmesh-serving-controller-rhel8@sha256:0f60f7523db4bf6c18bf69984e56ce632ceb1f0b4e868e73ef653b43e5034f75_amd64",
"8Base-RHODS-2.4:rhods/odh-notebook-controller-rhel8@sha256:19daaa5932e1297efc469eae97f0b7f1fb4b652d44aa828e3d3bcf5e9dfdc9b4_amd64",
"8Base-RHODS-2.4:rhods/odh-operator-base-rhel8@sha256:e33814ce6b42423bb9a8237c6a4b5f58bbbd9239b8335f3fca85ad86fdc39a37_amd64",
"8Base-RHODS-2.4:rhods/odh-operator-bundle@sha256:b637a02d23bd8364cc8914421049eb60169c163ac70bff2f33591df1a1193002_amd64",
"8Base-RHODS-2.4:rhods/odh-rhel8-operator@sha256:00d56a2984ee01fa81cbe838567e448ce8acced37f7ff919e6e50cf951082ef2_amd64",
"8Base-RHODS-2.4:rhods/odh-trustyai-service-operator-rhel8@sha256:c6a5d496f39aa30dbc90dee4cb81f6e54d1db3c8d388315b78782d631c5746ca_amd64",
"8Base-RHODS-2.4:rhods/odh-trustyai-service-rhel8@sha256:77d74af5cd5819cee3341505a3d329fbf622ad892df67faa85f4e6a40ccc6322_amd64"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-10-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)"
}
]
}
RHBA-2024:0599
Vulnerability from csaf_redhat - Published: 2024-01-30 13:46 - Updated: 2026-06-08 15:35Summary
Red Hat Bug Fix Advisory: Migration Toolkit for Applications bug fix and enhancement update
Severity
Important
Notes
Topic: Migration Toolkit for Applications 7.0.0 release
Details: Migration Toolkit for Applications 7.0.0 Images
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-MTA-7.0:mta/mta-cli-rhel9@sha256:394da54c8b6c523ac67ddb4643483d73c8f5d8246d480a4d326d07ae9ccd0d19_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-MTA-7.0:mta/mta-rhel8-operator@sha256:773b71296ffb507938983d8afe563a5a7bd822c940dd3717cec8410c348d86d8_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTA-7.0:mta/mta-analyzer-addon-rhel9@sha256:cdd94053c042f512f13ccf28b58c66ad2da74edb2f309f7e065ccd55570e5423_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTA-7.0:mta/mta-analyzer-lsp-rhel9@sha256:5ecb233843ae369e5b7c1acae988e5a19bdc69f232df85abdfc37e921ca10e86_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTA-7.0:mta/mta-hub-rhel9@sha256:b57ab84961a2ca5e2c67ed4a58d6445698d2fd195290010a2f5adf5928ce9938_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTA-7.0:mta/mta-operator-bundle@sha256:323c8ff5f805ffbfdeef1e54208c9bf080564a8baf4b94acf9f4c98e85ebcb22_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTA-7.0:mta/mta-ui-rhel9@sha256:74f0ab0f8f455ac4ae91e8450db2f7d3b2ce0fbccf51fea06d0444823cd32e9e_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTA-7.0:mta/mta-windup-shim-rhel9@sha256:7ab7480cf40d5e71ab2b9c94f4f6e37d533209da317c70023bb82abe7216b498_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages. Security Bulletin https://access.redhat.com/security/vulnerabilities/RHSB-2023-003
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-MTA-7.0:mta/mta-cli-rhel9@sha256:394da54c8b6c523ac67ddb4643483d73c8f5d8246d480a4d326d07ae9ccd0d19_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-MTA-7.0:mta/mta-rhel8-operator@sha256:773b71296ffb507938983d8afe563a5a7bd822c940dd3717cec8410c348d86d8_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTA-7.0:mta/mta-analyzer-addon-rhel9@sha256:cdd94053c042f512f13ccf28b58c66ad2da74edb2f309f7e065ccd55570e5423_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTA-7.0:mta/mta-analyzer-lsp-rhel9@sha256:5ecb233843ae369e5b7c1acae988e5a19bdc69f232df85abdfc37e921ca10e86_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTA-7.0:mta/mta-hub-rhel9@sha256:b57ab84961a2ca5e2c67ed4a58d6445698d2fd195290010a2f5adf5928ce9938_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTA-7.0:mta/mta-operator-bundle@sha256:323c8ff5f805ffbfdeef1e54208c9bf080564a8baf4b94acf9f4c98e85ebcb22_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTA-7.0:mta/mta-ui-rhel9@sha256:74f0ab0f8f455ac4ae91e8450db2f7d3b2ce0fbccf51fea06d0444823cd32e9e_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTA-7.0:mta/mta-windup-shim-rhel9@sha256:7ab7480cf40d5e71ab2b9c94f4f6e37d533209da317c70023bb82abe7216b498_amd64 | — |
Workaround
|
Threats
Exploit Status
CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Impact
Important
References
285 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Migration Toolkit for Applications 7.0.0 release",
"title": "Topic"
},
{
"category": "general",
"text": "Migration Toolkit for Applications 7.0.0 Images",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHBA-2024:0599",
"url": "https://access.redhat.com/errata/RHBA-2024:0599"
},
{
"category": "external",
"summary": "MTA-1014",
"url": "https://issues.redhat.com/browse/MTA-1014"
},
{
"category": "external",
"summary": "MTA-1019",
"url": "https://issues.redhat.com/browse/MTA-1019"
},
{
"category": "external",
"summary": "MTA-1024",
"url": "https://issues.redhat.com/browse/MTA-1024"
},
{
"category": "external",
"summary": "MTA-1047",
"url": "https://issues.redhat.com/browse/MTA-1047"
},
{
"category": "external",
"summary": "MTA-1130",
"url": "https://issues.redhat.com/browse/MTA-1130"
},
{
"category": "external",
"summary": "MTA-1155",
"url": "https://issues.redhat.com/browse/MTA-1155"
},
{
"category": "external",
"summary": "MTA-1175",
"url": "https://issues.redhat.com/browse/MTA-1175"
},
{
"category": "external",
"summary": "MTA-1183",
"url": "https://issues.redhat.com/browse/MTA-1183"
},
{
"category": "external",
"summary": "MTA-1185",
"url": "https://issues.redhat.com/browse/MTA-1185"
},
{
"category": "external",
"summary": "MTA-1195",
"url": "https://issues.redhat.com/browse/MTA-1195"
},
{
"category": "external",
"summary": "MTA-1196",
"url": "https://issues.redhat.com/browse/MTA-1196"
},
{
"category": "external",
"summary": "MTA-1197",
"url": "https://issues.redhat.com/browse/MTA-1197"
},
{
"category": "external",
"summary": "MTA-1203",
"url": "https://issues.redhat.com/browse/MTA-1203"
},
{
"category": "external",
"summary": "MTA-1207",
"url": "https://issues.redhat.com/browse/MTA-1207"
},
{
"category": "external",
"summary": "MTA-1247",
"url": "https://issues.redhat.com/browse/MTA-1247"
},
{
"category": "external",
"summary": "MTA-1249",
"url": "https://issues.redhat.com/browse/MTA-1249"
},
{
"category": "external",
"summary": "MTA-1250",
"url": "https://issues.redhat.com/browse/MTA-1250"
},
{
"category": "external",
"summary": "MTA-1251",
"url": "https://issues.redhat.com/browse/MTA-1251"
},
{
"category": "external",
"summary": "MTA-1252",
"url": "https://issues.redhat.com/browse/MTA-1252"
},
{
"category": "external",
"summary": "MTA-1256",
"url": "https://issues.redhat.com/browse/MTA-1256"
},
{
"category": "external",
"summary": "MTA-1258",
"url": "https://issues.redhat.com/browse/MTA-1258"
},
{
"category": "external",
"summary": "MTA-1259",
"url": "https://issues.redhat.com/browse/MTA-1259"
},
{
"category": "external",
"summary": "MTA-1262",
"url": "https://issues.redhat.com/browse/MTA-1262"
},
{
"category": "external",
"summary": "MTA-1263",
"url": "https://issues.redhat.com/browse/MTA-1263"
},
{
"category": "external",
"summary": "MTA-1264",
"url": "https://issues.redhat.com/browse/MTA-1264"
},
{
"category": "external",
"summary": "MTA-1266",
"url": "https://issues.redhat.com/browse/MTA-1266"
},
{
"category": "external",
"summary": "MTA-1268",
"url": "https://issues.redhat.com/browse/MTA-1268"
},
{
"category": "external",
"summary": "MTA-1269",
"url": "https://issues.redhat.com/browse/MTA-1269"
},
{
"category": "external",
"summary": "MTA-1271",
"url": "https://issues.redhat.com/browse/MTA-1271"
},
{
"category": "external",
"summary": "MTA-1279",
"url": "https://issues.redhat.com/browse/MTA-1279"
},
{
"category": "external",
"summary": "MTA-1281",
"url": "https://issues.redhat.com/browse/MTA-1281"
},
{
"category": "external",
"summary": "MTA-1283",
"url": "https://issues.redhat.com/browse/MTA-1283"
},
{
"category": "external",
"summary": "MTA-1284",
"url": "https://issues.redhat.com/browse/MTA-1284"
},
{
"category": "external",
"summary": "MTA-1286",
"url": "https://issues.redhat.com/browse/MTA-1286"
},
{
"category": "external",
"summary": "MTA-1288",
"url": "https://issues.redhat.com/browse/MTA-1288"
},
{
"category": "external",
"summary": "MTA-1292",
"url": "https://issues.redhat.com/browse/MTA-1292"
},
{
"category": "external",
"summary": "MTA-1293",
"url": "https://issues.redhat.com/browse/MTA-1293"
},
{
"category": "external",
"summary": "MTA-1294",
"url": "https://issues.redhat.com/browse/MTA-1294"
},
{
"category": "external",
"summary": "MTA-1295",
"url": "https://issues.redhat.com/browse/MTA-1295"
},
{
"category": "external",
"summary": "MTA-1296",
"url": "https://issues.redhat.com/browse/MTA-1296"
},
{
"category": "external",
"summary": "MTA-1297",
"url": "https://issues.redhat.com/browse/MTA-1297"
},
{
"category": "external",
"summary": "MTA-1298",
"url": "https://issues.redhat.com/browse/MTA-1298"
},
{
"category": "external",
"summary": "MTA-1299",
"url": "https://issues.redhat.com/browse/MTA-1299"
},
{
"category": "external",
"summary": "MTA-1300",
"url": "https://issues.redhat.com/browse/MTA-1300"
},
{
"category": "external",
"summary": "MTA-1302",
"url": "https://issues.redhat.com/browse/MTA-1302"
},
{
"category": "external",
"summary": "MTA-1303",
"url": "https://issues.redhat.com/browse/MTA-1303"
},
{
"category": "external",
"summary": "MTA-1304",
"url": "https://issues.redhat.com/browse/MTA-1304"
},
{
"category": "external",
"summary": "MTA-1305",
"url": "https://issues.redhat.com/browse/MTA-1305"
},
{
"category": "external",
"summary": "MTA-1306",
"url": "https://issues.redhat.com/browse/MTA-1306"
},
{
"category": "external",
"summary": "MTA-1307",
"url": "https://issues.redhat.com/browse/MTA-1307"
},
{
"category": "external",
"summary": "MTA-1309",
"url": "https://issues.redhat.com/browse/MTA-1309"
},
{
"category": "external",
"summary": "MTA-1310",
"url": "https://issues.redhat.com/browse/MTA-1310"
},
{
"category": "external",
"summary": "MTA-1311",
"url": "https://issues.redhat.com/browse/MTA-1311"
},
{
"category": "external",
"summary": "MTA-1312",
"url": "https://issues.redhat.com/browse/MTA-1312"
},
{
"category": "external",
"summary": "MTA-1314",
"url": "https://issues.redhat.com/browse/MTA-1314"
},
{
"category": "external",
"summary": "MTA-1315",
"url": "https://issues.redhat.com/browse/MTA-1315"
},
{
"category": "external",
"summary": "MTA-1316",
"url": "https://issues.redhat.com/browse/MTA-1316"
},
{
"category": "external",
"summary": "MTA-1317",
"url": "https://issues.redhat.com/browse/MTA-1317"
},
{
"category": "external",
"summary": "MTA-1320",
"url": "https://issues.redhat.com/browse/MTA-1320"
},
{
"category": "external",
"summary": "MTA-1322",
"url": "https://issues.redhat.com/browse/MTA-1322"
},
{
"category": "external",
"summary": "MTA-1323",
"url": "https://issues.redhat.com/browse/MTA-1323"
},
{
"category": "external",
"summary": "MTA-1324",
"url": "https://issues.redhat.com/browse/MTA-1324"
},
{
"category": "external",
"summary": "MTA-1326",
"url": "https://issues.redhat.com/browse/MTA-1326"
},
{
"category": "external",
"summary": "MTA-1327",
"url": "https://issues.redhat.com/browse/MTA-1327"
},
{
"category": "external",
"summary": "MTA-1328",
"url": "https://issues.redhat.com/browse/MTA-1328"
},
{
"category": "external",
"summary": "MTA-1329",
"url": "https://issues.redhat.com/browse/MTA-1329"
},
{
"category": "external",
"summary": "MTA-1330",
"url": "https://issues.redhat.com/browse/MTA-1330"
},
{
"category": "external",
"summary": "MTA-1333",
"url": "https://issues.redhat.com/browse/MTA-1333"
},
{
"category": "external",
"summary": "MTA-1334",
"url": "https://issues.redhat.com/browse/MTA-1334"
},
{
"category": "external",
"summary": "MTA-1337",
"url": "https://issues.redhat.com/browse/MTA-1337"
},
{
"category": "external",
"summary": "MTA-1338",
"url": "https://issues.redhat.com/browse/MTA-1338"
},
{
"category": "external",
"summary": "MTA-1339",
"url": "https://issues.redhat.com/browse/MTA-1339"
},
{
"category": "external",
"summary": "MTA-1340",
"url": "https://issues.redhat.com/browse/MTA-1340"
},
{
"category": "external",
"summary": "MTA-1341",
"url": "https://issues.redhat.com/browse/MTA-1341"
},
{
"category": "external",
"summary": "MTA-1343",
"url": "https://issues.redhat.com/browse/MTA-1343"
},
{
"category": "external",
"summary": "MTA-1344",
"url": "https://issues.redhat.com/browse/MTA-1344"
},
{
"category": "external",
"summary": "MTA-1345",
"url": "https://issues.redhat.com/browse/MTA-1345"
},
{
"category": "external",
"summary": "MTA-1346",
"url": "https://issues.redhat.com/browse/MTA-1346"
},
{
"category": "external",
"summary": "MTA-1347",
"url": "https://issues.redhat.com/browse/MTA-1347"
},
{
"category": "external",
"summary": "MTA-1348",
"url": "https://issues.redhat.com/browse/MTA-1348"
},
{
"category": "external",
"summary": "MTA-1349",
"url": "https://issues.redhat.com/browse/MTA-1349"
},
{
"category": "external",
"summary": "MTA-1350",
"url": "https://issues.redhat.com/browse/MTA-1350"
},
{
"category": "external",
"summary": "MTA-1351",
"url": "https://issues.redhat.com/browse/MTA-1351"
},
{
"category": "external",
"summary": "MTA-1362",
"url": "https://issues.redhat.com/browse/MTA-1362"
},
{
"category": "external",
"summary": "MTA-1364",
"url": "https://issues.redhat.com/browse/MTA-1364"
},
{
"category": "external",
"summary": "MTA-1366",
"url": "https://issues.redhat.com/browse/MTA-1366"
},
{
"category": "external",
"summary": "MTA-1367",
"url": "https://issues.redhat.com/browse/MTA-1367"
},
{
"category": "external",
"summary": "MTA-1368",
"url": "https://issues.redhat.com/browse/MTA-1368"
},
{
"category": "external",
"summary": "MTA-1369",
"url": "https://issues.redhat.com/browse/MTA-1369"
},
{
"category": "external",
"summary": "MTA-1377",
"url": "https://issues.redhat.com/browse/MTA-1377"
},
{
"category": "external",
"summary": "MTA-1378",
"url": "https://issues.redhat.com/browse/MTA-1378"
},
{
"category": "external",
"summary": "MTA-1379",
"url": "https://issues.redhat.com/browse/MTA-1379"
},
{
"category": "external",
"summary": "MTA-1381",
"url": "https://issues.redhat.com/browse/MTA-1381"
},
{
"category": "external",
"summary": "MTA-1382",
"url": "https://issues.redhat.com/browse/MTA-1382"
},
{
"category": "external",
"summary": "MTA-1383",
"url": "https://issues.redhat.com/browse/MTA-1383"
},
{
"category": "external",
"summary": "MTA-1384",
"url": "https://issues.redhat.com/browse/MTA-1384"
},
{
"category": "external",
"summary": "MTA-1385",
"url": "https://issues.redhat.com/browse/MTA-1385"
},
{
"category": "external",
"summary": "MTA-1386",
"url": "https://issues.redhat.com/browse/MTA-1386"
},
{
"category": "external",
"summary": "MTA-1387",
"url": "https://issues.redhat.com/browse/MTA-1387"
},
{
"category": "external",
"summary": "MTA-1389",
"url": "https://issues.redhat.com/browse/MTA-1389"
},
{
"category": "external",
"summary": "MTA-1391",
"url": "https://issues.redhat.com/browse/MTA-1391"
},
{
"category": "external",
"summary": "MTA-1393",
"url": "https://issues.redhat.com/browse/MTA-1393"
},
{
"category": "external",
"summary": "MTA-1394",
"url": "https://issues.redhat.com/browse/MTA-1394"
},
{
"category": "external",
"summary": "MTA-1396",
"url": "https://issues.redhat.com/browse/MTA-1396"
},
{
"category": "external",
"summary": "MTA-1397",
"url": "https://issues.redhat.com/browse/MTA-1397"
},
{
"category": "external",
"summary": "MTA-1402",
"url": "https://issues.redhat.com/browse/MTA-1402"
},
{
"category": "external",
"summary": "MTA-1405",
"url": "https://issues.redhat.com/browse/MTA-1405"
},
{
"category": "external",
"summary": "MTA-1407",
"url": "https://issues.redhat.com/browse/MTA-1407"
},
{
"category": "external",
"summary": "MTA-1419",
"url": "https://issues.redhat.com/browse/MTA-1419"
},
{
"category": "external",
"summary": "MTA-1420",
"url": "https://issues.redhat.com/browse/MTA-1420"
},
{
"category": "external",
"summary": "MTA-1422",
"url": "https://issues.redhat.com/browse/MTA-1422"
},
{
"category": "external",
"summary": "MTA-1423",
"url": "https://issues.redhat.com/browse/MTA-1423"
},
{
"category": "external",
"summary": "MTA-1424",
"url": "https://issues.redhat.com/browse/MTA-1424"
},
{
"category": "external",
"summary": "MTA-1425",
"url": "https://issues.redhat.com/browse/MTA-1425"
},
{
"category": "external",
"summary": "MTA-1426",
"url": "https://issues.redhat.com/browse/MTA-1426"
},
{
"category": "external",
"summary": "MTA-1432",
"url": "https://issues.redhat.com/browse/MTA-1432"
},
{
"category": "external",
"summary": "MTA-1434",
"url": "https://issues.redhat.com/browse/MTA-1434"
},
{
"category": "external",
"summary": "MTA-1437",
"url": "https://issues.redhat.com/browse/MTA-1437"
},
{
"category": "external",
"summary": "MTA-1438",
"url": "https://issues.redhat.com/browse/MTA-1438"
},
{
"category": "external",
"summary": "MTA-1449",
"url": "https://issues.redhat.com/browse/MTA-1449"
},
{
"category": "external",
"summary": "MTA-1450",
"url": "https://issues.redhat.com/browse/MTA-1450"
},
{
"category": "external",
"summary": "MTA-1451",
"url": "https://issues.redhat.com/browse/MTA-1451"
},
{
"category": "external",
"summary": "MTA-1452",
"url": "https://issues.redhat.com/browse/MTA-1452"
},
{
"category": "external",
"summary": "MTA-1453",
"url": "https://issues.redhat.com/browse/MTA-1453"
},
{
"category": "external",
"summary": "MTA-1455",
"url": "https://issues.redhat.com/browse/MTA-1455"
},
{
"category": "external",
"summary": "MTA-1456",
"url": "https://issues.redhat.com/browse/MTA-1456"
},
{
"category": "external",
"summary": "MTA-1458",
"url": "https://issues.redhat.com/browse/MTA-1458"
},
{
"category": "external",
"summary": "MTA-1459",
"url": "https://issues.redhat.com/browse/MTA-1459"
},
{
"category": "external",
"summary": "MTA-1465",
"url": "https://issues.redhat.com/browse/MTA-1465"
},
{
"category": "external",
"summary": "MTA-1466",
"url": "https://issues.redhat.com/browse/MTA-1466"
},
{
"category": "external",
"summary": "MTA-1467",
"url": "https://issues.redhat.com/browse/MTA-1467"
},
{
"category": "external",
"summary": "MTA-1476",
"url": "https://issues.redhat.com/browse/MTA-1476"
},
{
"category": "external",
"summary": "MTA-1477",
"url": "https://issues.redhat.com/browse/MTA-1477"
},
{
"category": "external",
"summary": "MTA-1487",
"url": "https://issues.redhat.com/browse/MTA-1487"
},
{
"category": "external",
"summary": "MTA-1489",
"url": "https://issues.redhat.com/browse/MTA-1489"
},
{
"category": "external",
"summary": "MTA-1504",
"url": "https://issues.redhat.com/browse/MTA-1504"
},
{
"category": "external",
"summary": "MTA-1505",
"url": "https://issues.redhat.com/browse/MTA-1505"
},
{
"category": "external",
"summary": "MTA-1506",
"url": "https://issues.redhat.com/browse/MTA-1506"
},
{
"category": "external",
"summary": "MTA-1532",
"url": "https://issues.redhat.com/browse/MTA-1532"
},
{
"category": "external",
"summary": "MTA-1542",
"url": "https://issues.redhat.com/browse/MTA-1542"
},
{
"category": "external",
"summary": "MTA-1543",
"url": "https://issues.redhat.com/browse/MTA-1543"
},
{
"category": "external",
"summary": "MTA-1545",
"url": "https://issues.redhat.com/browse/MTA-1545"
},
{
"category": "external",
"summary": "MTA-1576",
"url": "https://issues.redhat.com/browse/MTA-1576"
},
{
"category": "external",
"summary": "MTA-1584",
"url": "https://issues.redhat.com/browse/MTA-1584"
},
{
"category": "external",
"summary": "MTA-1585",
"url": "https://issues.redhat.com/browse/MTA-1585"
},
{
"category": "external",
"summary": "MTA-1592",
"url": "https://issues.redhat.com/browse/MTA-1592"
},
{
"category": "external",
"summary": "MTA-1598",
"url": "https://issues.redhat.com/browse/MTA-1598"
},
{
"category": "external",
"summary": "MTA-1599",
"url": "https://issues.redhat.com/browse/MTA-1599"
},
{
"category": "external",
"summary": "MTA-1600",
"url": "https://issues.redhat.com/browse/MTA-1600"
},
{
"category": "external",
"summary": "MTA-1605",
"url": "https://issues.redhat.com/browse/MTA-1605"
},
{
"category": "external",
"summary": "MTA-1606",
"url": "https://issues.redhat.com/browse/MTA-1606"
},
{
"category": "external",
"summary": "MTA-1611",
"url": "https://issues.redhat.com/browse/MTA-1611"
},
{
"category": "external",
"summary": "MTA-1621",
"url": "https://issues.redhat.com/browse/MTA-1621"
},
{
"category": "external",
"summary": "MTA-1622",
"url": "https://issues.redhat.com/browse/MTA-1622"
},
{
"category": "external",
"summary": "MTA-1625",
"url": "https://issues.redhat.com/browse/MTA-1625"
},
{
"category": "external",
"summary": "MTA-1627",
"url": "https://issues.redhat.com/browse/MTA-1627"
},
{
"category": "external",
"summary": "MTA-1628",
"url": "https://issues.redhat.com/browse/MTA-1628"
},
{
"category": "external",
"summary": "MTA-1629",
"url": "https://issues.redhat.com/browse/MTA-1629"
},
{
"category": "external",
"summary": "MTA-1640",
"url": "https://issues.redhat.com/browse/MTA-1640"
},
{
"category": "external",
"summary": "MTA-1644",
"url": "https://issues.redhat.com/browse/MTA-1644"
},
{
"category": "external",
"summary": "MTA-1645",
"url": "https://issues.redhat.com/browse/MTA-1645"
},
{
"category": "external",
"summary": "MTA-1647",
"url": "https://issues.redhat.com/browse/MTA-1647"
},
{
"category": "external",
"summary": "MTA-1649",
"url": "https://issues.redhat.com/browse/MTA-1649"
},
{
"category": "external",
"summary": "MTA-1651",
"url": "https://issues.redhat.com/browse/MTA-1651"
},
{
"category": "external",
"summary": "MTA-1654",
"url": "https://issues.redhat.com/browse/MTA-1654"
},
{
"category": "external",
"summary": "MTA-1661",
"url": "https://issues.redhat.com/browse/MTA-1661"
},
{
"category": "external",
"summary": "MTA-1664",
"url": "https://issues.redhat.com/browse/MTA-1664"
},
{
"category": "external",
"summary": "MTA-1673",
"url": "https://issues.redhat.com/browse/MTA-1673"
},
{
"category": "external",
"summary": "MTA-1674",
"url": "https://issues.redhat.com/browse/MTA-1674"
},
{
"category": "external",
"summary": "MTA-1675",
"url": "https://issues.redhat.com/browse/MTA-1675"
},
{
"category": "external",
"summary": "MTA-1676",
"url": "https://issues.redhat.com/browse/MTA-1676"
},
{
"category": "external",
"summary": "MTA-1677",
"url": "https://issues.redhat.com/browse/MTA-1677"
},
{
"category": "external",
"summary": "MTA-1678",
"url": "https://issues.redhat.com/browse/MTA-1678"
},
{
"category": "external",
"summary": "MTA-1679",
"url": "https://issues.redhat.com/browse/MTA-1679"
},
{
"category": "external",
"summary": "MTA-1680",
"url": "https://issues.redhat.com/browse/MTA-1680"
},
{
"category": "external",
"summary": "MTA-1687",
"url": "https://issues.redhat.com/browse/MTA-1687"
},
{
"category": "external",
"summary": "MTA-1693",
"url": "https://issues.redhat.com/browse/MTA-1693"
},
{
"category": "external",
"summary": "MTA-1694",
"url": "https://issues.redhat.com/browse/MTA-1694"
},
{
"category": "external",
"summary": "MTA-1711",
"url": "https://issues.redhat.com/browse/MTA-1711"
},
{
"category": "external",
"summary": "MTA-1714",
"url": "https://issues.redhat.com/browse/MTA-1714"
},
{
"category": "external",
"summary": "MTA-1715",
"url": "https://issues.redhat.com/browse/MTA-1715"
},
{
"category": "external",
"summary": "MTA-1716",
"url": "https://issues.redhat.com/browse/MTA-1716"
},
{
"category": "external",
"summary": "MTA-1717",
"url": "https://issues.redhat.com/browse/MTA-1717"
},
{
"category": "external",
"summary": "MTA-1719",
"url": "https://issues.redhat.com/browse/MTA-1719"
},
{
"category": "external",
"summary": "MTA-1720",
"url": "https://issues.redhat.com/browse/MTA-1720"
},
{
"category": "external",
"summary": "MTA-1722",
"url": "https://issues.redhat.com/browse/MTA-1722"
},
{
"category": "external",
"summary": "MTA-1723",
"url": "https://issues.redhat.com/browse/MTA-1723"
},
{
"category": "external",
"summary": "MTA-1725",
"url": "https://issues.redhat.com/browse/MTA-1725"
},
{
"category": "external",
"summary": "MTA-1739",
"url": "https://issues.redhat.com/browse/MTA-1739"
},
{
"category": "external",
"summary": "MTA-1740",
"url": "https://issues.redhat.com/browse/MTA-1740"
},
{
"category": "external",
"summary": "MTA-1746",
"url": "https://issues.redhat.com/browse/MTA-1746"
},
{
"category": "external",
"summary": "MTA-1747",
"url": "https://issues.redhat.com/browse/MTA-1747"
},
{
"category": "external",
"summary": "MTA-1749",
"url": "https://issues.redhat.com/browse/MTA-1749"
},
{
"category": "external",
"summary": "MTA-1751",
"url": "https://issues.redhat.com/browse/MTA-1751"
},
{
"category": "external",
"summary": "MTA-1752",
"url": "https://issues.redhat.com/browse/MTA-1752"
},
{
"category": "external",
"summary": "MTA-1753",
"url": "https://issues.redhat.com/browse/MTA-1753"
},
{
"category": "external",
"summary": "MTA-1754",
"url": "https://issues.redhat.com/browse/MTA-1754"
},
{
"category": "external",
"summary": "MTA-1762",
"url": "https://issues.redhat.com/browse/MTA-1762"
},
{
"category": "external",
"summary": "MTA-1779",
"url": "https://issues.redhat.com/browse/MTA-1779"
},
{
"category": "external",
"summary": "MTA-1781",
"url": "https://issues.redhat.com/browse/MTA-1781"
},
{
"category": "external",
"summary": "MTA-1783",
"url": "https://issues.redhat.com/browse/MTA-1783"
},
{
"category": "external",
"summary": "MTA-1787",
"url": "https://issues.redhat.com/browse/MTA-1787"
},
{
"category": "external",
"summary": "MTA-1791",
"url": "https://issues.redhat.com/browse/MTA-1791"
},
{
"category": "external",
"summary": "MTA-1804",
"url": "https://issues.redhat.com/browse/MTA-1804"
},
{
"category": "external",
"summary": "MTA-1805",
"url": "https://issues.redhat.com/browse/MTA-1805"
},
{
"category": "external",
"summary": "MTA-1806",
"url": "https://issues.redhat.com/browse/MTA-1806"
},
{
"category": "external",
"summary": "MTA-1810",
"url": "https://issues.redhat.com/browse/MTA-1810"
},
{
"category": "external",
"summary": "MTA-1812",
"url": "https://issues.redhat.com/browse/MTA-1812"
},
{
"category": "external",
"summary": "MTA-1813",
"url": "https://issues.redhat.com/browse/MTA-1813"
},
{
"category": "external",
"summary": "MTA-1815",
"url": "https://issues.redhat.com/browse/MTA-1815"
},
{
"category": "external",
"summary": "MTA-1826",
"url": "https://issues.redhat.com/browse/MTA-1826"
},
{
"category": "external",
"summary": "MTA-1828",
"url": "https://issues.redhat.com/browse/MTA-1828"
},
{
"category": "external",
"summary": "MTA-1834",
"url": "https://issues.redhat.com/browse/MTA-1834"
},
{
"category": "external",
"summary": "MTA-1835",
"url": "https://issues.redhat.com/browse/MTA-1835"
},
{
"category": "external",
"summary": "MTA-1836",
"url": "https://issues.redhat.com/browse/MTA-1836"
},
{
"category": "external",
"summary": "MTA-1839",
"url": "https://issues.redhat.com/browse/MTA-1839"
},
{
"category": "external",
"summary": "MTA-1840",
"url": "https://issues.redhat.com/browse/MTA-1840"
},
{
"category": "external",
"summary": "MTA-1841",
"url": "https://issues.redhat.com/browse/MTA-1841"
},
{
"category": "external",
"summary": "MTA-1842",
"url": "https://issues.redhat.com/browse/MTA-1842"
},
{
"category": "external",
"summary": "MTA-1843",
"url": "https://issues.redhat.com/browse/MTA-1843"
},
{
"category": "external",
"summary": "MTA-1844",
"url": "https://issues.redhat.com/browse/MTA-1844"
},
{
"category": "external",
"summary": "MTA-1846",
"url": "https://issues.redhat.com/browse/MTA-1846"
},
{
"category": "external",
"summary": "MTA-1858",
"url": "https://issues.redhat.com/browse/MTA-1858"
},
{
"category": "external",
"summary": "MTA-1859",
"url": "https://issues.redhat.com/browse/MTA-1859"
},
{
"category": "external",
"summary": "MTA-1860",
"url": "https://issues.redhat.com/browse/MTA-1860"
},
{
"category": "external",
"summary": "MTA-1867",
"url": "https://issues.redhat.com/browse/MTA-1867"
},
{
"category": "external",
"summary": "MTA-1871",
"url": "https://issues.redhat.com/browse/MTA-1871"
},
{
"category": "external",
"summary": "MTA-1878",
"url": "https://issues.redhat.com/browse/MTA-1878"
},
{
"category": "external",
"summary": "MTA-1879",
"url": "https://issues.redhat.com/browse/MTA-1879"
},
{
"category": "external",
"summary": "MTA-1881",
"url": "https://issues.redhat.com/browse/MTA-1881"
},
{
"category": "external",
"summary": "MTA-1882",
"url": "https://issues.redhat.com/browse/MTA-1882"
},
{
"category": "external",
"summary": "MTA-1883",
"url": "https://issues.redhat.com/browse/MTA-1883"
},
{
"category": "external",
"summary": "MTA-1891",
"url": "https://issues.redhat.com/browse/MTA-1891"
},
{
"category": "external",
"summary": "MTA-1892",
"url": "https://issues.redhat.com/browse/MTA-1892"
},
{
"category": "external",
"summary": "MTA-1893",
"url": "https://issues.redhat.com/browse/MTA-1893"
},
{
"category": "external",
"summary": "MTA-1894",
"url": "https://issues.redhat.com/browse/MTA-1894"
},
{
"category": "external",
"summary": "MTA-1895",
"url": "https://issues.redhat.com/browse/MTA-1895"
},
{
"category": "external",
"summary": "MTA-1900",
"url": "https://issues.redhat.com/browse/MTA-1900"
},
{
"category": "external",
"summary": "MTA-1902",
"url": "https://issues.redhat.com/browse/MTA-1902"
},
{
"category": "external",
"summary": "MTA-1903",
"url": "https://issues.redhat.com/browse/MTA-1903"
},
{
"category": "external",
"summary": "MTA-1905",
"url": "https://issues.redhat.com/browse/MTA-1905"
},
{
"category": "external",
"summary": "MTA-1906",
"url": "https://issues.redhat.com/browse/MTA-1906"
},
{
"category": "external",
"summary": "MTA-1907",
"url": "https://issues.redhat.com/browse/MTA-1907"
},
{
"category": "external",
"summary": "MTA-1908",
"url": "https://issues.redhat.com/browse/MTA-1908"
},
{
"category": "external",
"summary": "MTA-1921",
"url": "https://issues.redhat.com/browse/MTA-1921"
},
{
"category": "external",
"summary": "MTA-1935",
"url": "https://issues.redhat.com/browse/MTA-1935"
},
{
"category": "external",
"summary": "MTA-1940",
"url": "https://issues.redhat.com/browse/MTA-1940"
},
{
"category": "external",
"summary": "MTA-1942",
"url": "https://issues.redhat.com/browse/MTA-1942"
},
{
"category": "external",
"summary": "MTA-1945",
"url": "https://issues.redhat.com/browse/MTA-1945"
},
{
"category": "external",
"summary": "MTA-1947",
"url": "https://issues.redhat.com/browse/MTA-1947"
},
{
"category": "external",
"summary": "MTA-1954",
"url": "https://issues.redhat.com/browse/MTA-1954"
},
{
"category": "external",
"summary": "MTA-1957",
"url": "https://issues.redhat.com/browse/MTA-1957"
},
{
"category": "external",
"summary": "MTA-1966",
"url": "https://issues.redhat.com/browse/MTA-1966"
},
{
"category": "external",
"summary": "MTA-1998",
"url": "https://issues.redhat.com/browse/MTA-1998"
},
{
"category": "external",
"summary": "MTA-2009",
"url": "https://issues.redhat.com/browse/MTA-2009"
},
{
"category": "external",
"summary": "MTA-2042",
"url": "https://issues.redhat.com/browse/MTA-2042"
},
{
"category": "external",
"summary": "MTA-2089",
"url": "https://issues.redhat.com/browse/MTA-2089"
},
{
"category": "external",
"summary": "MTA-393",
"url": "https://issues.redhat.com/browse/MTA-393"
},
{
"category": "external",
"summary": "MTA-466",
"url": "https://issues.redhat.com/browse/MTA-466"
},
{
"category": "external",
"summary": "MTA-473",
"url": "https://issues.redhat.com/browse/MTA-473"
},
{
"category": "external",
"summary": "MTA-696",
"url": "https://issues.redhat.com/browse/MTA-696"
},
{
"category": "external",
"summary": "MTA-701",
"url": "https://issues.redhat.com/browse/MTA-701"
},
{
"category": "external",
"summary": "MTA-742",
"url": "https://issues.redhat.com/browse/MTA-742"
},
{
"category": "external",
"summary": "MTA-748",
"url": "https://issues.redhat.com/browse/MTA-748"
},
{
"category": "external",
"summary": "MTA-810",
"url": "https://issues.redhat.com/browse/MTA-810"
},
{
"category": "external",
"summary": "MTA-849",
"url": "https://issues.redhat.com/browse/MTA-849"
},
{
"category": "external",
"summary": "MTA-991",
"url": "https://issues.redhat.com/browse/MTA-991"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhba-2024_0599.json"
}
],
"title": "Red Hat Bug Fix Advisory: Migration Toolkit for Applications bug fix and enhancement update",
"tracking": {
"current_release_date": "2026-06-08T15:35:07+00:00",
"generator": {
"date": "2026-06-08T15:35:07+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.2"
}
},
"id": "RHBA-2024:0599",
"initial_release_date": "2024-01-30T13:46:48+00:00",
"revision_history": [
{
"date": "2024-01-30T13:46:48+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-01-30T13:46:48+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-08T15:35:07+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "MTA 7.0 for RHEL 9",
"product": {
"name": "MTA 7.0 for RHEL 9",
"product_id": "9Base-MTA-7.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:migration_toolkit_applications:7.0::el9"
}
}
},
{
"category": "product_name",
"name": "MTA 7.0 for RHEL 8",
"product": {
"name": "MTA 7.0 for RHEL 8",
"product_id": "8Base-MTA-7.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:migration_toolkit_applications:7.0::el8"
}
}
}
],
"category": "product_family",
"name": "Migration Toolkit for Applications"
},
{
"branches": [
{
"category": "product_version",
"name": "mta/mta-analyzer-addon-rhel9@sha256:cdd94053c042f512f13ccf28b58c66ad2da74edb2f309f7e065ccd55570e5423_amd64",
"product": {
"name": "mta/mta-analyzer-addon-rhel9@sha256:cdd94053c042f512f13ccf28b58c66ad2da74edb2f309f7e065ccd55570e5423_amd64",
"product_id": "mta/mta-analyzer-addon-rhel9@sha256:cdd94053c042f512f13ccf28b58c66ad2da74edb2f309f7e065ccd55570e5423_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mta-analyzer-addon-rhel9@sha256:cdd94053c042f512f13ccf28b58c66ad2da74edb2f309f7e065ccd55570e5423?arch=amd64\u0026repository_url=registry.redhat.io/mta/mta-analyzer-addon-rhel9\u0026tag=7.0.0-36"
}
}
},
{
"category": "product_version",
"name": "mta/mta-analyzer-lsp-rhel9@sha256:5ecb233843ae369e5b7c1acae988e5a19bdc69f232df85abdfc37e921ca10e86_amd64",
"product": {
"name": "mta/mta-analyzer-lsp-rhel9@sha256:5ecb233843ae369e5b7c1acae988e5a19bdc69f232df85abdfc37e921ca10e86_amd64",
"product_id": "mta/mta-analyzer-lsp-rhel9@sha256:5ecb233843ae369e5b7c1acae988e5a19bdc69f232df85abdfc37e921ca10e86_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mta-analyzer-lsp-rhel9@sha256:5ecb233843ae369e5b7c1acae988e5a19bdc69f232df85abdfc37e921ca10e86?arch=amd64\u0026repository_url=registry.redhat.io/mta/mta-analyzer-lsp-rhel9\u0026tag=7.0.0-22"
}
}
},
{
"category": "product_version",
"name": "mta/mta-cli-rhel9@sha256:394da54c8b6c523ac67ddb4643483d73c8f5d8246d480a4d326d07ae9ccd0d19_amd64",
"product": {
"name": "mta/mta-cli-rhel9@sha256:394da54c8b6c523ac67ddb4643483d73c8f5d8246d480a4d326d07ae9ccd0d19_amd64",
"product_id": "mta/mta-cli-rhel9@sha256:394da54c8b6c523ac67ddb4643483d73c8f5d8246d480a4d326d07ae9ccd0d19_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mta-cli-rhel9@sha256:394da54c8b6c523ac67ddb4643483d73c8f5d8246d480a4d326d07ae9ccd0d19?arch=amd64\u0026repository_url=registry.redhat.io/mta/mta-cli-rhel9\u0026tag=7.0.0-44"
}
}
},
{
"category": "product_version",
"name": "mta/mta-hub-rhel9@sha256:b57ab84961a2ca5e2c67ed4a58d6445698d2fd195290010a2f5adf5928ce9938_amd64",
"product": {
"name": "mta/mta-hub-rhel9@sha256:b57ab84961a2ca5e2c67ed4a58d6445698d2fd195290010a2f5adf5928ce9938_amd64",
"product_id": "mta/mta-hub-rhel9@sha256:b57ab84961a2ca5e2c67ed4a58d6445698d2fd195290010a2f5adf5928ce9938_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mta-hub-rhel9@sha256:b57ab84961a2ca5e2c67ed4a58d6445698d2fd195290010a2f5adf5928ce9938?arch=amd64\u0026repository_url=registry.redhat.io/mta/mta-hub-rhel9\u0026tag=7.0.0-31"
}
}
},
{
"category": "product_version",
"name": "mta/mta-operator-bundle@sha256:323c8ff5f805ffbfdeef1e54208c9bf080564a8baf4b94acf9f4c98e85ebcb22_amd64",
"product": {
"name": "mta/mta-operator-bundle@sha256:323c8ff5f805ffbfdeef1e54208c9bf080564a8baf4b94acf9f4c98e85ebcb22_amd64",
"product_id": "mta/mta-operator-bundle@sha256:323c8ff5f805ffbfdeef1e54208c9bf080564a8baf4b94acf9f4c98e85ebcb22_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mta-operator-bundle@sha256:323c8ff5f805ffbfdeef1e54208c9bf080564a8baf4b94acf9f4c98e85ebcb22?arch=amd64\u0026repository_url=registry.redhat.io/mta/mta-operator-bundle\u0026tag=7.0.0-63"
}
}
},
{
"category": "product_version",
"name": "mta/mta-rhel8-operator@sha256:773b71296ffb507938983d8afe563a5a7bd822c940dd3717cec8410c348d86d8_amd64",
"product": {
"name": "mta/mta-rhel8-operator@sha256:773b71296ffb507938983d8afe563a5a7bd822c940dd3717cec8410c348d86d8_amd64",
"product_id": "mta/mta-rhel8-operator@sha256:773b71296ffb507938983d8afe563a5a7bd822c940dd3717cec8410c348d86d8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mta-rhel8-operator@sha256:773b71296ffb507938983d8afe563a5a7bd822c940dd3717cec8410c348d86d8?arch=amd64\u0026repository_url=registry.redhat.io/mta/mta-rhel8-operator\u0026tag=7.0.0-13"
}
}
},
{
"category": "product_version",
"name": "mta/mta-ui-rhel9@sha256:74f0ab0f8f455ac4ae91e8450db2f7d3b2ce0fbccf51fea06d0444823cd32e9e_amd64",
"product": {
"name": "mta/mta-ui-rhel9@sha256:74f0ab0f8f455ac4ae91e8450db2f7d3b2ce0fbccf51fea06d0444823cd32e9e_amd64",
"product_id": "mta/mta-ui-rhel9@sha256:74f0ab0f8f455ac4ae91e8450db2f7d3b2ce0fbccf51fea06d0444823cd32e9e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mta-ui-rhel9@sha256:74f0ab0f8f455ac4ae91e8450db2f7d3b2ce0fbccf51fea06d0444823cd32e9e?arch=amd64\u0026repository_url=registry.redhat.io/mta/mta-ui-rhel9\u0026tag=7.0.0-25"
}
}
},
{
"category": "product_version",
"name": "mta/mta-windup-shim-rhel9@sha256:7ab7480cf40d5e71ab2b9c94f4f6e37d533209da317c70023bb82abe7216b498_amd64",
"product": {
"name": "mta/mta-windup-shim-rhel9@sha256:7ab7480cf40d5e71ab2b9c94f4f6e37d533209da317c70023bb82abe7216b498_amd64",
"product_id": "mta/mta-windup-shim-rhel9@sha256:7ab7480cf40d5e71ab2b9c94f4f6e37d533209da317c70023bb82abe7216b498_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mta-windup-shim-rhel9@sha256:7ab7480cf40d5e71ab2b9c94f4f6e37d533209da317c70023bb82abe7216b498?arch=amd64\u0026repository_url=registry.redhat.io/mta/mta-windup-shim-rhel9\u0026tag=7.0.0-31"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "mta/mta-rhel8-operator@sha256:773b71296ffb507938983d8afe563a5a7bd822c940dd3717cec8410c348d86d8_amd64 as a component of MTA 7.0 for RHEL 8",
"product_id": "8Base-MTA-7.0:mta/mta-rhel8-operator@sha256:773b71296ffb507938983d8afe563a5a7bd822c940dd3717cec8410c348d86d8_amd64"
},
"product_reference": "mta/mta-rhel8-operator@sha256:773b71296ffb507938983d8afe563a5a7bd822c940dd3717cec8410c348d86d8_amd64",
"relates_to_product_reference": "8Base-MTA-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mta/mta-analyzer-addon-rhel9@sha256:cdd94053c042f512f13ccf28b58c66ad2da74edb2f309f7e065ccd55570e5423_amd64 as a component of MTA 7.0 for RHEL 9",
"product_id": "9Base-MTA-7.0:mta/mta-analyzer-addon-rhel9@sha256:cdd94053c042f512f13ccf28b58c66ad2da74edb2f309f7e065ccd55570e5423_amd64"
},
"product_reference": "mta/mta-analyzer-addon-rhel9@sha256:cdd94053c042f512f13ccf28b58c66ad2da74edb2f309f7e065ccd55570e5423_amd64",
"relates_to_product_reference": "9Base-MTA-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mta/mta-analyzer-lsp-rhel9@sha256:5ecb233843ae369e5b7c1acae988e5a19bdc69f232df85abdfc37e921ca10e86_amd64 as a component of MTA 7.0 for RHEL 9",
"product_id": "9Base-MTA-7.0:mta/mta-analyzer-lsp-rhel9@sha256:5ecb233843ae369e5b7c1acae988e5a19bdc69f232df85abdfc37e921ca10e86_amd64"
},
"product_reference": "mta/mta-analyzer-lsp-rhel9@sha256:5ecb233843ae369e5b7c1acae988e5a19bdc69f232df85abdfc37e921ca10e86_amd64",
"relates_to_product_reference": "9Base-MTA-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mta/mta-cli-rhel9@sha256:394da54c8b6c523ac67ddb4643483d73c8f5d8246d480a4d326d07ae9ccd0d19_amd64 as a component of MTA 7.0 for RHEL 9",
"product_id": "9Base-MTA-7.0:mta/mta-cli-rhel9@sha256:394da54c8b6c523ac67ddb4643483d73c8f5d8246d480a4d326d07ae9ccd0d19_amd64"
},
"product_reference": "mta/mta-cli-rhel9@sha256:394da54c8b6c523ac67ddb4643483d73c8f5d8246d480a4d326d07ae9ccd0d19_amd64",
"relates_to_product_reference": "9Base-MTA-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mta/mta-hub-rhel9@sha256:b57ab84961a2ca5e2c67ed4a58d6445698d2fd195290010a2f5adf5928ce9938_amd64 as a component of MTA 7.0 for RHEL 9",
"product_id": "9Base-MTA-7.0:mta/mta-hub-rhel9@sha256:b57ab84961a2ca5e2c67ed4a58d6445698d2fd195290010a2f5adf5928ce9938_amd64"
},
"product_reference": "mta/mta-hub-rhel9@sha256:b57ab84961a2ca5e2c67ed4a58d6445698d2fd195290010a2f5adf5928ce9938_amd64",
"relates_to_product_reference": "9Base-MTA-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mta/mta-operator-bundle@sha256:323c8ff5f805ffbfdeef1e54208c9bf080564a8baf4b94acf9f4c98e85ebcb22_amd64 as a component of MTA 7.0 for RHEL 9",
"product_id": "9Base-MTA-7.0:mta/mta-operator-bundle@sha256:323c8ff5f805ffbfdeef1e54208c9bf080564a8baf4b94acf9f4c98e85ebcb22_amd64"
},
"product_reference": "mta/mta-operator-bundle@sha256:323c8ff5f805ffbfdeef1e54208c9bf080564a8baf4b94acf9f4c98e85ebcb22_amd64",
"relates_to_product_reference": "9Base-MTA-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mta/mta-ui-rhel9@sha256:74f0ab0f8f455ac4ae91e8450db2f7d3b2ce0fbccf51fea06d0444823cd32e9e_amd64 as a component of MTA 7.0 for RHEL 9",
"product_id": "9Base-MTA-7.0:mta/mta-ui-rhel9@sha256:74f0ab0f8f455ac4ae91e8450db2f7d3b2ce0fbccf51fea06d0444823cd32e9e_amd64"
},
"product_reference": "mta/mta-ui-rhel9@sha256:74f0ab0f8f455ac4ae91e8450db2f7d3b2ce0fbccf51fea06d0444823cd32e9e_amd64",
"relates_to_product_reference": "9Base-MTA-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mta/mta-windup-shim-rhel9@sha256:7ab7480cf40d5e71ab2b9c94f4f6e37d533209da317c70023bb82abe7216b498_amd64 as a component of MTA 7.0 for RHEL 9",
"product_id": "9Base-MTA-7.0:mta/mta-windup-shim-rhel9@sha256:7ab7480cf40d5e71ab2b9c94f4f6e37d533209da317c70023bb82abe7216b498_amd64"
},
"product_reference": "mta/mta-windup-shim-rhel9@sha256:7ab7480cf40d5e71ab2b9c94f4f6e37d533209da317c70023bb82abe7216b498_amd64",
"relates_to_product_reference": "9Base-MTA-7.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-39325",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-10T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-MTA-7.0:mta/mta-rhel8-operator@sha256:773b71296ffb507938983d8afe563a5a7bd822c940dd3717cec8410c348d86d8_amd64",
"9Base-MTA-7.0:mta/mta-analyzer-addon-rhel9@sha256:cdd94053c042f512f13ccf28b58c66ad2da74edb2f309f7e065ccd55570e5423_amd64",
"9Base-MTA-7.0:mta/mta-analyzer-lsp-rhel9@sha256:5ecb233843ae369e5b7c1acae988e5a19bdc69f232df85abdfc37e921ca10e86_amd64",
"9Base-MTA-7.0:mta/mta-hub-rhel9@sha256:b57ab84961a2ca5e2c67ed4a58d6445698d2fd195290010a2f5adf5928ce9938_amd64",
"9Base-MTA-7.0:mta/mta-operator-bundle@sha256:323c8ff5f805ffbfdeef1e54208c9bf080564a8baf4b94acf9f4c98e85ebcb22_amd64",
"9Base-MTA-7.0:mta/mta-ui-rhel9@sha256:74f0ab0f8f455ac4ae91e8450db2f7d3b2ce0fbccf51fea06d0444823cd32e9e_amd64",
"9Base-MTA-7.0:mta/mta-windup-shim-rhel9@sha256:7ab7480cf40d5e71ab2b9c94f4f6e37d533209da317c70023bb82abe7216b498_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2243296"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE is related to CVE-2023-44487.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nAs go-lang vendors its dependencies, a package may contain a library with a known vulnerability, solely because of lower tier libraries including it as a part of its dependencies, but the vulnerable code is not reachable at runtime. In such cases the issue is not exploitable. We classify these situations as \u201cNot affected\u201d or \u201cWill not fix,\u201d depending on the risk of breaking other unrelated packages.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-MTA-7.0:mta/mta-cli-rhel9@sha256:394da54c8b6c523ac67ddb4643483d73c8f5d8246d480a4d326d07ae9ccd0d19_amd64"
],
"known_not_affected": [
"8Base-MTA-7.0:mta/mta-rhel8-operator@sha256:773b71296ffb507938983d8afe563a5a7bd822c940dd3717cec8410c348d86d8_amd64",
"9Base-MTA-7.0:mta/mta-analyzer-addon-rhel9@sha256:cdd94053c042f512f13ccf28b58c66ad2da74edb2f309f7e065ccd55570e5423_amd64",
"9Base-MTA-7.0:mta/mta-analyzer-lsp-rhel9@sha256:5ecb233843ae369e5b7c1acae988e5a19bdc69f232df85abdfc37e921ca10e86_amd64",
"9Base-MTA-7.0:mta/mta-hub-rhel9@sha256:b57ab84961a2ca5e2c67ed4a58d6445698d2fd195290010a2f5adf5928ce9938_amd64",
"9Base-MTA-7.0:mta/mta-operator-bundle@sha256:323c8ff5f805ffbfdeef1e54208c9bf080564a8baf4b94acf9f4c98e85ebcb22_amd64",
"9Base-MTA-7.0:mta/mta-ui-rhel9@sha256:74f0ab0f8f455ac4ae91e8450db2f7d3b2ce0fbccf51fea06d0444823cd32e9e_amd64",
"9Base-MTA-7.0:mta/mta-windup-shim-rhel9@sha256:7ab7480cf40d5e71ab2b9c94f4f6e37d533209da317c70023bb82abe7216b498_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39325"
},
{
"category": "external",
"summary": "RHBZ#2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2023-44487",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://go.dev/issue/63417",
"url": "https://go.dev/issue/63417"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-01-30T13:46:48+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-MTA-7.0:mta/mta-cli-rhel9@sha256:394da54c8b6c523ac67ddb4643483d73c8f5d8246d480a4d326d07ae9ccd0d19_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2024:0599"
},
{
"category": "workaround",
"details": "The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"8Base-MTA-7.0:mta/mta-rhel8-operator@sha256:773b71296ffb507938983d8afe563a5a7bd822c940dd3717cec8410c348d86d8_amd64",
"9Base-MTA-7.0:mta/mta-analyzer-addon-rhel9@sha256:cdd94053c042f512f13ccf28b58c66ad2da74edb2f309f7e065ccd55570e5423_amd64",
"9Base-MTA-7.0:mta/mta-analyzer-lsp-rhel9@sha256:5ecb233843ae369e5b7c1acae988e5a19bdc69f232df85abdfc37e921ca10e86_amd64",
"9Base-MTA-7.0:mta/mta-cli-rhel9@sha256:394da54c8b6c523ac67ddb4643483d73c8f5d8246d480a4d326d07ae9ccd0d19_amd64",
"9Base-MTA-7.0:mta/mta-hub-rhel9@sha256:b57ab84961a2ca5e2c67ed4a58d6445698d2fd195290010a2f5adf5928ce9938_amd64",
"9Base-MTA-7.0:mta/mta-operator-bundle@sha256:323c8ff5f805ffbfdeef1e54208c9bf080564a8baf4b94acf9f4c98e85ebcb22_amd64",
"9Base-MTA-7.0:mta/mta-ui-rhel9@sha256:74f0ab0f8f455ac4ae91e8450db2f7d3b2ce0fbccf51fea06d0444823cd32e9e_amd64",
"9Base-MTA-7.0:mta/mta-windup-shim-rhel9@sha256:7ab7480cf40d5e71ab2b9c94f4f6e37d533209da317c70023bb82abe7216b498_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-MTA-7.0:mta/mta-rhel8-operator@sha256:773b71296ffb507938983d8afe563a5a7bd822c940dd3717cec8410c348d86d8_amd64",
"9Base-MTA-7.0:mta/mta-analyzer-addon-rhel9@sha256:cdd94053c042f512f13ccf28b58c66ad2da74edb2f309f7e065ccd55570e5423_amd64",
"9Base-MTA-7.0:mta/mta-analyzer-lsp-rhel9@sha256:5ecb233843ae369e5b7c1acae988e5a19bdc69f232df85abdfc37e921ca10e86_amd64",
"9Base-MTA-7.0:mta/mta-cli-rhel9@sha256:394da54c8b6c523ac67ddb4643483d73c8f5d8246d480a4d326d07ae9ccd0d19_amd64",
"9Base-MTA-7.0:mta/mta-hub-rhel9@sha256:b57ab84961a2ca5e2c67ed4a58d6445698d2fd195290010a2f5adf5928ce9938_amd64",
"9Base-MTA-7.0:mta/mta-operator-bundle@sha256:323c8ff5f805ffbfdeef1e54208c9bf080564a8baf4b94acf9f4c98e85ebcb22_amd64",
"9Base-MTA-7.0:mta/mta-ui-rhel9@sha256:74f0ab0f8f455ac4ae91e8450db2f7d3b2ce0fbccf51fea06d0444823cd32e9e_amd64",
"9Base-MTA-7.0:mta/mta-windup-shim-rhel9@sha256:7ab7480cf40d5e71ab2b9c94f4f6e37d533209da317c70023bb82abe7216b498_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)"
},
{
"cve": "CVE-2023-44487",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-MTA-7.0:mta/mta-rhel8-operator@sha256:773b71296ffb507938983d8afe563a5a7bd822c940dd3717cec8410c348d86d8_amd64",
"9Base-MTA-7.0:mta/mta-analyzer-addon-rhel9@sha256:cdd94053c042f512f13ccf28b58c66ad2da74edb2f309f7e065ccd55570e5423_amd64",
"9Base-MTA-7.0:mta/mta-analyzer-lsp-rhel9@sha256:5ecb233843ae369e5b7c1acae988e5a19bdc69f232df85abdfc37e921ca10e86_amd64",
"9Base-MTA-7.0:mta/mta-hub-rhel9@sha256:b57ab84961a2ca5e2c67ed4a58d6445698d2fd195290010a2f5adf5928ce9938_amd64",
"9Base-MTA-7.0:mta/mta-operator-bundle@sha256:323c8ff5f805ffbfdeef1e54208c9bf080564a8baf4b94acf9f4c98e85ebcb22_amd64",
"9Base-MTA-7.0:mta/mta-ui-rhel9@sha256:74f0ab0f8f455ac4ae91e8450db2f7d3b2ce0fbccf51fea06d0444823cd32e9e_amd64",
"9Base-MTA-7.0:mta/mta-windup-shim-rhel9@sha256:7ab7480cf40d5e71ab2b9c94f4f6e37d533209da317c70023bb82abe7216b498_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2242803"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages.\r\n\r\nSecurity Bulletin\r\nhttps://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "NGINX has been marked as Moderate Impact because, for performance and resource consumption reasons, NGINX limits the number of concurrent streams to a default of 128. In addition, to optimally balance network and server performance, NGINX allows the client to persist HTTP connections for up to 1000 requests by default using an HTTP keepalive.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nrhc component is no longer impacted by CVE-2023-44487 \u0026 CVE-2023-39325.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-MTA-7.0:mta/mta-cli-rhel9@sha256:394da54c8b6c523ac67ddb4643483d73c8f5d8246d480a4d326d07ae9ccd0d19_amd64"
],
"known_not_affected": [
"8Base-MTA-7.0:mta/mta-rhel8-operator@sha256:773b71296ffb507938983d8afe563a5a7bd822c940dd3717cec8410c348d86d8_amd64",
"9Base-MTA-7.0:mta/mta-analyzer-addon-rhel9@sha256:cdd94053c042f512f13ccf28b58c66ad2da74edb2f309f7e065ccd55570e5423_amd64",
"9Base-MTA-7.0:mta/mta-analyzer-lsp-rhel9@sha256:5ecb233843ae369e5b7c1acae988e5a19bdc69f232df85abdfc37e921ca10e86_amd64",
"9Base-MTA-7.0:mta/mta-hub-rhel9@sha256:b57ab84961a2ca5e2c67ed4a58d6445698d2fd195290010a2f5adf5928ce9938_amd64",
"9Base-MTA-7.0:mta/mta-operator-bundle@sha256:323c8ff5f805ffbfdeef1e54208c9bf080564a8baf4b94acf9f4c98e85ebcb22_amd64",
"9Base-MTA-7.0:mta/mta-ui-rhel9@sha256:74f0ab0f8f455ac4ae91e8450db2f7d3b2ce0fbccf51fea06d0444823cd32e9e_amd64",
"9Base-MTA-7.0:mta/mta-windup-shim-rhel9@sha256:7ab7480cf40d5e71ab2b9c94f4f6e37d533209da317c70023bb82abe7216b498_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "RHBZ#2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://github.com/dotnet/announcements/issues/277",
"url": "https://github.com/dotnet/announcements/issues/277"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
},
{
"category": "external",
"summary": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/",
"url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-01-30T13:46:48+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-MTA-7.0:mta/mta-cli-rhel9@sha256:394da54c8b6c523ac67ddb4643483d73c8f5d8246d480a4d326d07ae9ccd0d19_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2024:0599"
},
{
"category": "workaround",
"details": "Users are strongly urged to update their software as soon as fixes are available. \nThere are several mitigation approaches for this flaw. \n\n1. If circumstances permit, users may disable http2 endpoints to circumvent the flaw altogether until a fix is available.\n2. IP-based blocking or flood protection and rate control tools may be used at network endpoints to filter incoming traffic.\n3. Several package specific mitigations are also available. \n a. nginx: https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\n b. netty: https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p\n c. haproxy: https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\n d. nghttp2: https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg\n e. golang: The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"8Base-MTA-7.0:mta/mta-rhel8-operator@sha256:773b71296ffb507938983d8afe563a5a7bd822c940dd3717cec8410c348d86d8_amd64",
"9Base-MTA-7.0:mta/mta-analyzer-addon-rhel9@sha256:cdd94053c042f512f13ccf28b58c66ad2da74edb2f309f7e065ccd55570e5423_amd64",
"9Base-MTA-7.0:mta/mta-analyzer-lsp-rhel9@sha256:5ecb233843ae369e5b7c1acae988e5a19bdc69f232df85abdfc37e921ca10e86_amd64",
"9Base-MTA-7.0:mta/mta-cli-rhel9@sha256:394da54c8b6c523ac67ddb4643483d73c8f5d8246d480a4d326d07ae9ccd0d19_amd64",
"9Base-MTA-7.0:mta/mta-hub-rhel9@sha256:b57ab84961a2ca5e2c67ed4a58d6445698d2fd195290010a2f5adf5928ce9938_amd64",
"9Base-MTA-7.0:mta/mta-operator-bundle@sha256:323c8ff5f805ffbfdeef1e54208c9bf080564a8baf4b94acf9f4c98e85ebcb22_amd64",
"9Base-MTA-7.0:mta/mta-ui-rhel9@sha256:74f0ab0f8f455ac4ae91e8450db2f7d3b2ce0fbccf51fea06d0444823cd32e9e_amd64",
"9Base-MTA-7.0:mta/mta-windup-shim-rhel9@sha256:7ab7480cf40d5e71ab2b9c94f4f6e37d533209da317c70023bb82abe7216b498_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-MTA-7.0:mta/mta-rhel8-operator@sha256:773b71296ffb507938983d8afe563a5a7bd822c940dd3717cec8410c348d86d8_amd64",
"9Base-MTA-7.0:mta/mta-analyzer-addon-rhel9@sha256:cdd94053c042f512f13ccf28b58c66ad2da74edb2f309f7e065ccd55570e5423_amd64",
"9Base-MTA-7.0:mta/mta-analyzer-lsp-rhel9@sha256:5ecb233843ae369e5b7c1acae988e5a19bdc69f232df85abdfc37e921ca10e86_amd64",
"9Base-MTA-7.0:mta/mta-cli-rhel9@sha256:394da54c8b6c523ac67ddb4643483d73c8f5d8246d480a4d326d07ae9ccd0d19_amd64",
"9Base-MTA-7.0:mta/mta-hub-rhel9@sha256:b57ab84961a2ca5e2c67ed4a58d6445698d2fd195290010a2f5adf5928ce9938_amd64",
"9Base-MTA-7.0:mta/mta-operator-bundle@sha256:323c8ff5f805ffbfdeef1e54208c9bf080564a8baf4b94acf9f4c98e85ebcb22_amd64",
"9Base-MTA-7.0:mta/mta-ui-rhel9@sha256:74f0ab0f8f455ac4ae91e8450db2f7d3b2ce0fbccf51fea06d0444823cd32e9e_amd64",
"9Base-MTA-7.0:mta/mta-windup-shim-rhel9@sha256:7ab7480cf40d5e71ab2b9c94f4f6e37d533209da317c70023bb82abe7216b498_amd64"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-10-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)"
}
]
}
RHBA-2024:0815
Vulnerability from csaf_redhat - Published: 2024-02-15 20:10 - Updated: 2026-06-02 15:03Summary
Red Hat Bug Fix Advisory: OpenShift sandboxed containers 1.5.2 update
Severity
Important
Notes
Topic: OpenShift sandboxed containers 1.5.2 is now available.
Details: OpenShift sandboxed containers support for OpenShift Container Platform
provides users with built-in support for running Kata containers as an
additional, optional runtime.
This advisory contains an update for OpenShift sandboxed containers with bug fixes and container upgrades.
Space precludes documenting all of the updates to OpenShift sandboxed
containers in this advisory. See the Release Notes documentation,
which will be updated shortly for this release, for details about these
changes:
https://access.redhat.com/documentation/en-us/openshift_sandboxed_containers/1.5/html-single/openshift_sandboxed_containers_release_notes/
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages. Security Bulletin https://access.redhat.com/security/vulnerabilities/RHSB-2023-003
7.5 (High)
Affected products
Fixed
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-OSE-OSC-1.5:openshift-sandboxed-containers/osc-rhel9-operator@sha256:6cbad372f0162070e06d935ecec918ab2ba93fb8ad473da3c591b2f7bf384114_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OSE-OSC-1.5:openshift-sandboxed-containers/osc-rhel9-operator@sha256:7db98893604a59d0d4a0cc322f56b06970fafcf799e790c286643784ab0d8c3f_s390x | — |
Vendor Fix
fix
Workaround
|
Known not affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-OSE-OSC-1.5:openshift-sandboxed-containers/osc-cloud-api-adaptor-rhel9@sha256:53000d1403d8301cd5b422526a9224f0e23789f7433ab0ee96d9b9ee6bbe457c_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OSE-OSC-1.5:openshift-sandboxed-containers/osc-cloud-api-adaptor-rhel9@sha256:5aca71d775675519bd5e8c17c266ca70e91482a723fadeee48a4436553c2a88c_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OSE-OSC-1.5:openshift-sandboxed-containers/osc-cloud-api-adaptor-webhook-rhel9@sha256:17fcd1d7b6003ed409cb6ff291642ec55daa476bd2f7f6a88b7aa4822e54e61e_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OSE-OSC-1.5:openshift-sandboxed-containers/osc-cloud-api-adaptor-webhook-rhel9@sha256:a4176d2b3eaba687ecce5cb39d8c6b466fab02eea7634d148196cc4ca19cefc9_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OSE-OSC-1.5:openshift-sandboxed-containers/osc-monitor-rhel9@sha256:1fb51e73ed876f7ca60e2fa70fe35ad8941435ac27648030dd0f124e6d12a215_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OSE-OSC-1.5:openshift-sandboxed-containers/osc-monitor-rhel9@sha256:45ada6552aa5ed43986230dd26bbe4de630dc3ab04ab1a9a371770666a878a81_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OSE-OSC-1.5:openshift-sandboxed-containers/osc-must-gather-rhel9@sha256:081259e193cdf6a7e0849d8ecbe922c72fd1616fb6f1d8ff07ba2089a4a38462_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OSE-OSC-1.5:openshift-sandboxed-containers/osc-must-gather-rhel9@sha256:bffdc077129a33c71b10390ebe4ba4eed0031bc29ce2e0aef29e6454ef53f710_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OSE-OSC-1.5:openshift-sandboxed-containers/osc-operator-bundle@sha256:94242bcaeb70f40d450104651b66ac4d6c5b3eb97bc6f97c3db9f6d94bed95d1_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OSE-OSC-1.5:openshift-sandboxed-containers/osc-operator-bundle@sha256:b637dcf57a9e26ff7b9a87926bda980147a41f8207f78ecdc2bc601aeb7138e0_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OSE-OSC-1.5:openshift-sandboxed-containers/osc-podvm-payload-rhel9@sha256:7340a2577a4236000104e3d3fdf4419582232bff392613a6855f8a9af1ea06a4_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OSE-OSC-1.5:openshift-sandboxed-containers/osc-podvm-payload-rhel9@sha256:b489543912586bd234dabb84068901a4248f0c983882aa2ec64f3092ef336c94_s390x | — |
Workaround
|
Threats
Exploit Status
CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Impact
Important
References
15 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "OpenShift sandboxed containers 1.5.2 is now available.",
"title": "Topic"
},
{
"category": "general",
"text": "OpenShift sandboxed containers support for OpenShift Container Platform\nprovides users with built-in support for running Kata containers as an\nadditional, optional runtime.\n\nThis advisory contains an update for OpenShift sandboxed containers with bug fixes and container upgrades.\n\nSpace precludes documenting all of the updates to OpenShift sandboxed\ncontainers in this advisory. See the Release Notes documentation,\nwhich will be updated shortly for this release, for details about these\nchanges:\n\nhttps://access.redhat.com/documentation/en-us/openshift_sandboxed_containers/1.5/html-single/openshift_sandboxed_containers_release_notes/",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHBA-2024:0815",
"url": "https://access.redhat.com/errata/RHBA-2024:0815"
},
{
"category": "external",
"summary": "KATA-2618",
"url": "https://issues.redhat.com/browse/KATA-2618"
},
{
"category": "external",
"summary": "KATA-2692",
"url": "https://issues.redhat.com/browse/KATA-2692"
},
{
"category": "external",
"summary": "KATA-815",
"url": "https://issues.redhat.com/browse/KATA-815"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhba-2024_0815.json"
}
],
"title": "Red Hat Bug Fix Advisory: OpenShift sandboxed containers 1.5.2 update",
"tracking": {
"current_release_date": "2026-06-02T15:03:40+00:00",
"generator": {
"date": "2026-06-02T15:03:40+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHBA-2024:0815",
"initial_release_date": "2024-02-15T20:10:11+00:00",
"revision_history": [
{
"date": "2024-02-15T20:10:11+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-02-15T20:10:11+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-02T15:03:40+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "OpenShift Sandboxed Containers 1.5",
"product": {
"name": "OpenShift Sandboxed Containers 1.5",
"product_id": "9Base-OSE-OSC-1.5",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_sandboxed_containers:1.5.0::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-sandboxed-containers/osc-cloud-api-adaptor-rhel9@sha256:5aca71d775675519bd5e8c17c266ca70e91482a723fadeee48a4436553c2a88c_amd64",
"product": {
"name": "openshift-sandboxed-containers/osc-cloud-api-adaptor-rhel9@sha256:5aca71d775675519bd5e8c17c266ca70e91482a723fadeee48a4436553c2a88c_amd64",
"product_id": "openshift-sandboxed-containers/osc-cloud-api-adaptor-rhel9@sha256:5aca71d775675519bd5e8c17c266ca70e91482a723fadeee48a4436553c2a88c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/osc-cloud-api-adaptor-rhel9@sha256:5aca71d775675519bd5e8c17c266ca70e91482a723fadeee48a4436553c2a88c?arch=amd64\u0026repository_url=registry.redhat.io/openshift-sandboxed-containers/osc-cloud-api-adaptor-rhel9\u0026tag=1.5.2-1"
}
}
},
{
"category": "product_version",
"name": "openshift-sandboxed-containers/osc-cloud-api-adaptor-webhook-rhel9@sha256:a4176d2b3eaba687ecce5cb39d8c6b466fab02eea7634d148196cc4ca19cefc9_amd64",
"product": {
"name": "openshift-sandboxed-containers/osc-cloud-api-adaptor-webhook-rhel9@sha256:a4176d2b3eaba687ecce5cb39d8c6b466fab02eea7634d148196cc4ca19cefc9_amd64",
"product_id": "openshift-sandboxed-containers/osc-cloud-api-adaptor-webhook-rhel9@sha256:a4176d2b3eaba687ecce5cb39d8c6b466fab02eea7634d148196cc4ca19cefc9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/osc-cloud-api-adaptor-webhook-rhel9@sha256:a4176d2b3eaba687ecce5cb39d8c6b466fab02eea7634d148196cc4ca19cefc9?arch=amd64\u0026repository_url=registry.redhat.io/openshift-sandboxed-containers/osc-cloud-api-adaptor-webhook-rhel9\u0026tag=1.5.2-2"
}
}
},
{
"category": "product_version",
"name": "openshift-sandboxed-containers/osc-monitor-rhel9@sha256:1fb51e73ed876f7ca60e2fa70fe35ad8941435ac27648030dd0f124e6d12a215_amd64",
"product": {
"name": "openshift-sandboxed-containers/osc-monitor-rhel9@sha256:1fb51e73ed876f7ca60e2fa70fe35ad8941435ac27648030dd0f124e6d12a215_amd64",
"product_id": "openshift-sandboxed-containers/osc-monitor-rhel9@sha256:1fb51e73ed876f7ca60e2fa70fe35ad8941435ac27648030dd0f124e6d12a215_amd64",
"product_identification_helper": {
"purl": "pkg:oci/osc-monitor-rhel9@sha256:1fb51e73ed876f7ca60e2fa70fe35ad8941435ac27648030dd0f124e6d12a215?arch=amd64\u0026repository_url=registry.redhat.io/openshift-sandboxed-containers/osc-monitor-rhel9\u0026tag=1.5.2-1"
}
}
},
{
"category": "product_version",
"name": "openshift-sandboxed-containers/osc-must-gather-rhel9@sha256:bffdc077129a33c71b10390ebe4ba4eed0031bc29ce2e0aef29e6454ef53f710_amd64",
"product": {
"name": "openshift-sandboxed-containers/osc-must-gather-rhel9@sha256:bffdc077129a33c71b10390ebe4ba4eed0031bc29ce2e0aef29e6454ef53f710_amd64",
"product_id": "openshift-sandboxed-containers/osc-must-gather-rhel9@sha256:bffdc077129a33c71b10390ebe4ba4eed0031bc29ce2e0aef29e6454ef53f710_amd64",
"product_identification_helper": {
"purl": "pkg:oci/osc-must-gather-rhel9@sha256:bffdc077129a33c71b10390ebe4ba4eed0031bc29ce2e0aef29e6454ef53f710?arch=amd64\u0026repository_url=registry.redhat.io/openshift-sandboxed-containers/osc-must-gather-rhel9\u0026tag=1.5.2-2"
}
}
},
{
"category": "product_version",
"name": "openshift-sandboxed-containers/osc-operator-bundle@sha256:94242bcaeb70f40d450104651b66ac4d6c5b3eb97bc6f97c3db9f6d94bed95d1_amd64",
"product": {
"name": "openshift-sandboxed-containers/osc-operator-bundle@sha256:94242bcaeb70f40d450104651b66ac4d6c5b3eb97bc6f97c3db9f6d94bed95d1_amd64",
"product_id": "openshift-sandboxed-containers/osc-operator-bundle@sha256:94242bcaeb70f40d450104651b66ac4d6c5b3eb97bc6f97c3db9f6d94bed95d1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/osc-operator-bundle@sha256:94242bcaeb70f40d450104651b66ac4d6c5b3eb97bc6f97c3db9f6d94bed95d1?arch=amd64\u0026repository_url=registry.redhat.io/openshift-sandboxed-containers/osc-operator-bundle\u0026tag=1.5.2-8"
}
}
},
{
"category": "product_version",
"name": "openshift-sandboxed-containers/osc-rhel9-operator@sha256:6cbad372f0162070e06d935ecec918ab2ba93fb8ad473da3c591b2f7bf384114_amd64",
"product": {
"name": "openshift-sandboxed-containers/osc-rhel9-operator@sha256:6cbad372f0162070e06d935ecec918ab2ba93fb8ad473da3c591b2f7bf384114_amd64",
"product_id": "openshift-sandboxed-containers/osc-rhel9-operator@sha256:6cbad372f0162070e06d935ecec918ab2ba93fb8ad473da3c591b2f7bf384114_amd64",
"product_identification_helper": {
"purl": "pkg:oci/osc-rhel9-operator@sha256:6cbad372f0162070e06d935ecec918ab2ba93fb8ad473da3c591b2f7bf384114?arch=amd64\u0026repository_url=registry.redhat.io/openshift-sandboxed-containers/osc-rhel9-operator\u0026tag=1.5.2-3"
}
}
},
{
"category": "product_version",
"name": "openshift-sandboxed-containers/osc-podvm-payload-rhel9@sha256:7340a2577a4236000104e3d3fdf4419582232bff392613a6855f8a9af1ea06a4_amd64",
"product": {
"name": "openshift-sandboxed-containers/osc-podvm-payload-rhel9@sha256:7340a2577a4236000104e3d3fdf4419582232bff392613a6855f8a9af1ea06a4_amd64",
"product_id": "openshift-sandboxed-containers/osc-podvm-payload-rhel9@sha256:7340a2577a4236000104e3d3fdf4419582232bff392613a6855f8a9af1ea06a4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/osc-podvm-payload-rhel9@sha256:7340a2577a4236000104e3d3fdf4419582232bff392613a6855f8a9af1ea06a4?arch=amd64\u0026repository_url=registry.redhat.io/openshift-sandboxed-containers/osc-podvm-payload-rhel9\u0026tag=1.5.2-1"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-sandboxed-containers/osc-cloud-api-adaptor-rhel9@sha256:53000d1403d8301cd5b422526a9224f0e23789f7433ab0ee96d9b9ee6bbe457c_s390x",
"product": {
"name": "openshift-sandboxed-containers/osc-cloud-api-adaptor-rhel9@sha256:53000d1403d8301cd5b422526a9224f0e23789f7433ab0ee96d9b9ee6bbe457c_s390x",
"product_id": "openshift-sandboxed-containers/osc-cloud-api-adaptor-rhel9@sha256:53000d1403d8301cd5b422526a9224f0e23789f7433ab0ee96d9b9ee6bbe457c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/osc-cloud-api-adaptor-rhel9@sha256:53000d1403d8301cd5b422526a9224f0e23789f7433ab0ee96d9b9ee6bbe457c?arch=s390x\u0026repository_url=registry.redhat.io/openshift-sandboxed-containers/osc-cloud-api-adaptor-rhel9\u0026tag=1.5.2-1"
}
}
},
{
"category": "product_version",
"name": "openshift-sandboxed-containers/osc-cloud-api-adaptor-webhook-rhel9@sha256:17fcd1d7b6003ed409cb6ff291642ec55daa476bd2f7f6a88b7aa4822e54e61e_s390x",
"product": {
"name": "openshift-sandboxed-containers/osc-cloud-api-adaptor-webhook-rhel9@sha256:17fcd1d7b6003ed409cb6ff291642ec55daa476bd2f7f6a88b7aa4822e54e61e_s390x",
"product_id": "openshift-sandboxed-containers/osc-cloud-api-adaptor-webhook-rhel9@sha256:17fcd1d7b6003ed409cb6ff291642ec55daa476bd2f7f6a88b7aa4822e54e61e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/osc-cloud-api-adaptor-webhook-rhel9@sha256:17fcd1d7b6003ed409cb6ff291642ec55daa476bd2f7f6a88b7aa4822e54e61e?arch=s390x\u0026repository_url=registry.redhat.io/openshift-sandboxed-containers/osc-cloud-api-adaptor-webhook-rhel9\u0026tag=1.5.2-2"
}
}
},
{
"category": "product_version",
"name": "openshift-sandboxed-containers/osc-monitor-rhel9@sha256:45ada6552aa5ed43986230dd26bbe4de630dc3ab04ab1a9a371770666a878a81_s390x",
"product": {
"name": "openshift-sandboxed-containers/osc-monitor-rhel9@sha256:45ada6552aa5ed43986230dd26bbe4de630dc3ab04ab1a9a371770666a878a81_s390x",
"product_id": "openshift-sandboxed-containers/osc-monitor-rhel9@sha256:45ada6552aa5ed43986230dd26bbe4de630dc3ab04ab1a9a371770666a878a81_s390x",
"product_identification_helper": {
"purl": "pkg:oci/osc-monitor-rhel9@sha256:45ada6552aa5ed43986230dd26bbe4de630dc3ab04ab1a9a371770666a878a81?arch=s390x\u0026repository_url=registry.redhat.io/openshift-sandboxed-containers/osc-monitor-rhel9\u0026tag=1.5.2-1"
}
}
},
{
"category": "product_version",
"name": "openshift-sandboxed-containers/osc-must-gather-rhel9@sha256:081259e193cdf6a7e0849d8ecbe922c72fd1616fb6f1d8ff07ba2089a4a38462_s390x",
"product": {
"name": "openshift-sandboxed-containers/osc-must-gather-rhel9@sha256:081259e193cdf6a7e0849d8ecbe922c72fd1616fb6f1d8ff07ba2089a4a38462_s390x",
"product_id": "openshift-sandboxed-containers/osc-must-gather-rhel9@sha256:081259e193cdf6a7e0849d8ecbe922c72fd1616fb6f1d8ff07ba2089a4a38462_s390x",
"product_identification_helper": {
"purl": "pkg:oci/osc-must-gather-rhel9@sha256:081259e193cdf6a7e0849d8ecbe922c72fd1616fb6f1d8ff07ba2089a4a38462?arch=s390x\u0026repository_url=registry.redhat.io/openshift-sandboxed-containers/osc-must-gather-rhel9\u0026tag=1.5.2-2"
}
}
},
{
"category": "product_version",
"name": "openshift-sandboxed-containers/osc-operator-bundle@sha256:b637dcf57a9e26ff7b9a87926bda980147a41f8207f78ecdc2bc601aeb7138e0_s390x",
"product": {
"name": "openshift-sandboxed-containers/osc-operator-bundle@sha256:b637dcf57a9e26ff7b9a87926bda980147a41f8207f78ecdc2bc601aeb7138e0_s390x",
"product_id": "openshift-sandboxed-containers/osc-operator-bundle@sha256:b637dcf57a9e26ff7b9a87926bda980147a41f8207f78ecdc2bc601aeb7138e0_s390x",
"product_identification_helper": {
"purl": "pkg:oci/osc-operator-bundle@sha256:b637dcf57a9e26ff7b9a87926bda980147a41f8207f78ecdc2bc601aeb7138e0?arch=s390x\u0026repository_url=registry.redhat.io/openshift-sandboxed-containers/osc-operator-bundle\u0026tag=1.5.2-8"
}
}
},
{
"category": "product_version",
"name": "openshift-sandboxed-containers/osc-rhel9-operator@sha256:7db98893604a59d0d4a0cc322f56b06970fafcf799e790c286643784ab0d8c3f_s390x",
"product": {
"name": "openshift-sandboxed-containers/osc-rhel9-operator@sha256:7db98893604a59d0d4a0cc322f56b06970fafcf799e790c286643784ab0d8c3f_s390x",
"product_id": "openshift-sandboxed-containers/osc-rhel9-operator@sha256:7db98893604a59d0d4a0cc322f56b06970fafcf799e790c286643784ab0d8c3f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/osc-rhel9-operator@sha256:7db98893604a59d0d4a0cc322f56b06970fafcf799e790c286643784ab0d8c3f?arch=s390x\u0026repository_url=registry.redhat.io/openshift-sandboxed-containers/osc-rhel9-operator\u0026tag=1.5.2-3"
}
}
},
{
"category": "product_version",
"name": "openshift-sandboxed-containers/osc-podvm-payload-rhel9@sha256:b489543912586bd234dabb84068901a4248f0c983882aa2ec64f3092ef336c94_s390x",
"product": {
"name": "openshift-sandboxed-containers/osc-podvm-payload-rhel9@sha256:b489543912586bd234dabb84068901a4248f0c983882aa2ec64f3092ef336c94_s390x",
"product_id": "openshift-sandboxed-containers/osc-podvm-payload-rhel9@sha256:b489543912586bd234dabb84068901a4248f0c983882aa2ec64f3092ef336c94_s390x",
"product_identification_helper": {
"purl": "pkg:oci/osc-podvm-payload-rhel9@sha256:b489543912586bd234dabb84068901a4248f0c983882aa2ec64f3092ef336c94?arch=s390x\u0026repository_url=registry.redhat.io/openshift-sandboxed-containers/osc-podvm-payload-rhel9\u0026tag=1.5.2-1"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-sandboxed-containers/osc-cloud-api-adaptor-rhel9@sha256:53000d1403d8301cd5b422526a9224f0e23789f7433ab0ee96d9b9ee6bbe457c_s390x as a component of OpenShift Sandboxed Containers 1.5",
"product_id": "9Base-OSE-OSC-1.5:openshift-sandboxed-containers/osc-cloud-api-adaptor-rhel9@sha256:53000d1403d8301cd5b422526a9224f0e23789f7433ab0ee96d9b9ee6bbe457c_s390x"
},
"product_reference": "openshift-sandboxed-containers/osc-cloud-api-adaptor-rhel9@sha256:53000d1403d8301cd5b422526a9224f0e23789f7433ab0ee96d9b9ee6bbe457c_s390x",
"relates_to_product_reference": "9Base-OSE-OSC-1.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-sandboxed-containers/osc-cloud-api-adaptor-rhel9@sha256:5aca71d775675519bd5e8c17c266ca70e91482a723fadeee48a4436553c2a88c_amd64 as a component of OpenShift Sandboxed Containers 1.5",
"product_id": "9Base-OSE-OSC-1.5:openshift-sandboxed-containers/osc-cloud-api-adaptor-rhel9@sha256:5aca71d775675519bd5e8c17c266ca70e91482a723fadeee48a4436553c2a88c_amd64"
},
"product_reference": "openshift-sandboxed-containers/osc-cloud-api-adaptor-rhel9@sha256:5aca71d775675519bd5e8c17c266ca70e91482a723fadeee48a4436553c2a88c_amd64",
"relates_to_product_reference": "9Base-OSE-OSC-1.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-sandboxed-containers/osc-cloud-api-adaptor-webhook-rhel9@sha256:17fcd1d7b6003ed409cb6ff291642ec55daa476bd2f7f6a88b7aa4822e54e61e_s390x as a component of OpenShift Sandboxed Containers 1.5",
"product_id": "9Base-OSE-OSC-1.5:openshift-sandboxed-containers/osc-cloud-api-adaptor-webhook-rhel9@sha256:17fcd1d7b6003ed409cb6ff291642ec55daa476bd2f7f6a88b7aa4822e54e61e_s390x"
},
"product_reference": "openshift-sandboxed-containers/osc-cloud-api-adaptor-webhook-rhel9@sha256:17fcd1d7b6003ed409cb6ff291642ec55daa476bd2f7f6a88b7aa4822e54e61e_s390x",
"relates_to_product_reference": "9Base-OSE-OSC-1.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-sandboxed-containers/osc-cloud-api-adaptor-webhook-rhel9@sha256:a4176d2b3eaba687ecce5cb39d8c6b466fab02eea7634d148196cc4ca19cefc9_amd64 as a component of OpenShift Sandboxed Containers 1.5",
"product_id": "9Base-OSE-OSC-1.5:openshift-sandboxed-containers/osc-cloud-api-adaptor-webhook-rhel9@sha256:a4176d2b3eaba687ecce5cb39d8c6b466fab02eea7634d148196cc4ca19cefc9_amd64"
},
"product_reference": "openshift-sandboxed-containers/osc-cloud-api-adaptor-webhook-rhel9@sha256:a4176d2b3eaba687ecce5cb39d8c6b466fab02eea7634d148196cc4ca19cefc9_amd64",
"relates_to_product_reference": "9Base-OSE-OSC-1.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-sandboxed-containers/osc-monitor-rhel9@sha256:1fb51e73ed876f7ca60e2fa70fe35ad8941435ac27648030dd0f124e6d12a215_amd64 as a component of OpenShift Sandboxed Containers 1.5",
"product_id": "9Base-OSE-OSC-1.5:openshift-sandboxed-containers/osc-monitor-rhel9@sha256:1fb51e73ed876f7ca60e2fa70fe35ad8941435ac27648030dd0f124e6d12a215_amd64"
},
"product_reference": "openshift-sandboxed-containers/osc-monitor-rhel9@sha256:1fb51e73ed876f7ca60e2fa70fe35ad8941435ac27648030dd0f124e6d12a215_amd64",
"relates_to_product_reference": "9Base-OSE-OSC-1.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-sandboxed-containers/osc-monitor-rhel9@sha256:45ada6552aa5ed43986230dd26bbe4de630dc3ab04ab1a9a371770666a878a81_s390x as a component of OpenShift Sandboxed Containers 1.5",
"product_id": "9Base-OSE-OSC-1.5:openshift-sandboxed-containers/osc-monitor-rhel9@sha256:45ada6552aa5ed43986230dd26bbe4de630dc3ab04ab1a9a371770666a878a81_s390x"
},
"product_reference": "openshift-sandboxed-containers/osc-monitor-rhel9@sha256:45ada6552aa5ed43986230dd26bbe4de630dc3ab04ab1a9a371770666a878a81_s390x",
"relates_to_product_reference": "9Base-OSE-OSC-1.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-sandboxed-containers/osc-must-gather-rhel9@sha256:081259e193cdf6a7e0849d8ecbe922c72fd1616fb6f1d8ff07ba2089a4a38462_s390x as a component of OpenShift Sandboxed Containers 1.5",
"product_id": "9Base-OSE-OSC-1.5:openshift-sandboxed-containers/osc-must-gather-rhel9@sha256:081259e193cdf6a7e0849d8ecbe922c72fd1616fb6f1d8ff07ba2089a4a38462_s390x"
},
"product_reference": "openshift-sandboxed-containers/osc-must-gather-rhel9@sha256:081259e193cdf6a7e0849d8ecbe922c72fd1616fb6f1d8ff07ba2089a4a38462_s390x",
"relates_to_product_reference": "9Base-OSE-OSC-1.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-sandboxed-containers/osc-must-gather-rhel9@sha256:bffdc077129a33c71b10390ebe4ba4eed0031bc29ce2e0aef29e6454ef53f710_amd64 as a component of OpenShift Sandboxed Containers 1.5",
"product_id": "9Base-OSE-OSC-1.5:openshift-sandboxed-containers/osc-must-gather-rhel9@sha256:bffdc077129a33c71b10390ebe4ba4eed0031bc29ce2e0aef29e6454ef53f710_amd64"
},
"product_reference": "openshift-sandboxed-containers/osc-must-gather-rhel9@sha256:bffdc077129a33c71b10390ebe4ba4eed0031bc29ce2e0aef29e6454ef53f710_amd64",
"relates_to_product_reference": "9Base-OSE-OSC-1.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-sandboxed-containers/osc-operator-bundle@sha256:94242bcaeb70f40d450104651b66ac4d6c5b3eb97bc6f97c3db9f6d94bed95d1_amd64 as a component of OpenShift Sandboxed Containers 1.5",
"product_id": "9Base-OSE-OSC-1.5:openshift-sandboxed-containers/osc-operator-bundle@sha256:94242bcaeb70f40d450104651b66ac4d6c5b3eb97bc6f97c3db9f6d94bed95d1_amd64"
},
"product_reference": "openshift-sandboxed-containers/osc-operator-bundle@sha256:94242bcaeb70f40d450104651b66ac4d6c5b3eb97bc6f97c3db9f6d94bed95d1_amd64",
"relates_to_product_reference": "9Base-OSE-OSC-1.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-sandboxed-containers/osc-operator-bundle@sha256:b637dcf57a9e26ff7b9a87926bda980147a41f8207f78ecdc2bc601aeb7138e0_s390x as a component of OpenShift Sandboxed Containers 1.5",
"product_id": "9Base-OSE-OSC-1.5:openshift-sandboxed-containers/osc-operator-bundle@sha256:b637dcf57a9e26ff7b9a87926bda980147a41f8207f78ecdc2bc601aeb7138e0_s390x"
},
"product_reference": "openshift-sandboxed-containers/osc-operator-bundle@sha256:b637dcf57a9e26ff7b9a87926bda980147a41f8207f78ecdc2bc601aeb7138e0_s390x",
"relates_to_product_reference": "9Base-OSE-OSC-1.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-sandboxed-containers/osc-podvm-payload-rhel9@sha256:7340a2577a4236000104e3d3fdf4419582232bff392613a6855f8a9af1ea06a4_amd64 as a component of OpenShift Sandboxed Containers 1.5",
"product_id": "9Base-OSE-OSC-1.5:openshift-sandboxed-containers/osc-podvm-payload-rhel9@sha256:7340a2577a4236000104e3d3fdf4419582232bff392613a6855f8a9af1ea06a4_amd64"
},
"product_reference": "openshift-sandboxed-containers/osc-podvm-payload-rhel9@sha256:7340a2577a4236000104e3d3fdf4419582232bff392613a6855f8a9af1ea06a4_amd64",
"relates_to_product_reference": "9Base-OSE-OSC-1.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-sandboxed-containers/osc-podvm-payload-rhel9@sha256:b489543912586bd234dabb84068901a4248f0c983882aa2ec64f3092ef336c94_s390x as a component of OpenShift Sandboxed Containers 1.5",
"product_id": "9Base-OSE-OSC-1.5:openshift-sandboxed-containers/osc-podvm-payload-rhel9@sha256:b489543912586bd234dabb84068901a4248f0c983882aa2ec64f3092ef336c94_s390x"
},
"product_reference": "openshift-sandboxed-containers/osc-podvm-payload-rhel9@sha256:b489543912586bd234dabb84068901a4248f0c983882aa2ec64f3092ef336c94_s390x",
"relates_to_product_reference": "9Base-OSE-OSC-1.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-sandboxed-containers/osc-rhel9-operator@sha256:6cbad372f0162070e06d935ecec918ab2ba93fb8ad473da3c591b2f7bf384114_amd64 as a component of OpenShift Sandboxed Containers 1.5",
"product_id": "9Base-OSE-OSC-1.5:openshift-sandboxed-containers/osc-rhel9-operator@sha256:6cbad372f0162070e06d935ecec918ab2ba93fb8ad473da3c591b2f7bf384114_amd64"
},
"product_reference": "openshift-sandboxed-containers/osc-rhel9-operator@sha256:6cbad372f0162070e06d935ecec918ab2ba93fb8ad473da3c591b2f7bf384114_amd64",
"relates_to_product_reference": "9Base-OSE-OSC-1.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-sandboxed-containers/osc-rhel9-operator@sha256:7db98893604a59d0d4a0cc322f56b06970fafcf799e790c286643784ab0d8c3f_s390x as a component of OpenShift Sandboxed Containers 1.5",
"product_id": "9Base-OSE-OSC-1.5:openshift-sandboxed-containers/osc-rhel9-operator@sha256:7db98893604a59d0d4a0cc322f56b06970fafcf799e790c286643784ab0d8c3f_s390x"
},
"product_reference": "openshift-sandboxed-containers/osc-rhel9-operator@sha256:7db98893604a59d0d4a0cc322f56b06970fafcf799e790c286643784ab0d8c3f_s390x",
"relates_to_product_reference": "9Base-OSE-OSC-1.5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-44487",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-OSE-OSC-1.5:openshift-sandboxed-containers/osc-cloud-api-adaptor-rhel9@sha256:53000d1403d8301cd5b422526a9224f0e23789f7433ab0ee96d9b9ee6bbe457c_s390x",
"9Base-OSE-OSC-1.5:openshift-sandboxed-containers/osc-cloud-api-adaptor-rhel9@sha256:5aca71d775675519bd5e8c17c266ca70e91482a723fadeee48a4436553c2a88c_amd64",
"9Base-OSE-OSC-1.5:openshift-sandboxed-containers/osc-cloud-api-adaptor-webhook-rhel9@sha256:17fcd1d7b6003ed409cb6ff291642ec55daa476bd2f7f6a88b7aa4822e54e61e_s390x",
"9Base-OSE-OSC-1.5:openshift-sandboxed-containers/osc-cloud-api-adaptor-webhook-rhel9@sha256:a4176d2b3eaba687ecce5cb39d8c6b466fab02eea7634d148196cc4ca19cefc9_amd64",
"9Base-OSE-OSC-1.5:openshift-sandboxed-containers/osc-monitor-rhel9@sha256:1fb51e73ed876f7ca60e2fa70fe35ad8941435ac27648030dd0f124e6d12a215_amd64",
"9Base-OSE-OSC-1.5:openshift-sandboxed-containers/osc-monitor-rhel9@sha256:45ada6552aa5ed43986230dd26bbe4de630dc3ab04ab1a9a371770666a878a81_s390x",
"9Base-OSE-OSC-1.5:openshift-sandboxed-containers/osc-must-gather-rhel9@sha256:081259e193cdf6a7e0849d8ecbe922c72fd1616fb6f1d8ff07ba2089a4a38462_s390x",
"9Base-OSE-OSC-1.5:openshift-sandboxed-containers/osc-must-gather-rhel9@sha256:bffdc077129a33c71b10390ebe4ba4eed0031bc29ce2e0aef29e6454ef53f710_amd64",
"9Base-OSE-OSC-1.5:openshift-sandboxed-containers/osc-operator-bundle@sha256:94242bcaeb70f40d450104651b66ac4d6c5b3eb97bc6f97c3db9f6d94bed95d1_amd64",
"9Base-OSE-OSC-1.5:openshift-sandboxed-containers/osc-operator-bundle@sha256:b637dcf57a9e26ff7b9a87926bda980147a41f8207f78ecdc2bc601aeb7138e0_s390x",
"9Base-OSE-OSC-1.5:openshift-sandboxed-containers/osc-podvm-payload-rhel9@sha256:7340a2577a4236000104e3d3fdf4419582232bff392613a6855f8a9af1ea06a4_amd64",
"9Base-OSE-OSC-1.5:openshift-sandboxed-containers/osc-podvm-payload-rhel9@sha256:b489543912586bd234dabb84068901a4248f0c983882aa2ec64f3092ef336c94_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2242803"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages.\r\n\r\nSecurity Bulletin\r\nhttps://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "NGINX has been marked as Moderate Impact because, for performance and resource consumption reasons, NGINX limits the number of concurrent streams to a default of 128. In addition, to optimally balance network and server performance, NGINX allows the client to persist HTTP connections for up to 1000 requests by default using an HTTP keepalive.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nrhc component is no longer impacted by CVE-2023-44487 \u0026 CVE-2023-39325.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-OSE-OSC-1.5:openshift-sandboxed-containers/osc-rhel9-operator@sha256:6cbad372f0162070e06d935ecec918ab2ba93fb8ad473da3c591b2f7bf384114_amd64",
"9Base-OSE-OSC-1.5:openshift-sandboxed-containers/osc-rhel9-operator@sha256:7db98893604a59d0d4a0cc322f56b06970fafcf799e790c286643784ab0d8c3f_s390x"
],
"known_not_affected": [
"9Base-OSE-OSC-1.5:openshift-sandboxed-containers/osc-cloud-api-adaptor-rhel9@sha256:53000d1403d8301cd5b422526a9224f0e23789f7433ab0ee96d9b9ee6bbe457c_s390x",
"9Base-OSE-OSC-1.5:openshift-sandboxed-containers/osc-cloud-api-adaptor-rhel9@sha256:5aca71d775675519bd5e8c17c266ca70e91482a723fadeee48a4436553c2a88c_amd64",
"9Base-OSE-OSC-1.5:openshift-sandboxed-containers/osc-cloud-api-adaptor-webhook-rhel9@sha256:17fcd1d7b6003ed409cb6ff291642ec55daa476bd2f7f6a88b7aa4822e54e61e_s390x",
"9Base-OSE-OSC-1.5:openshift-sandboxed-containers/osc-cloud-api-adaptor-webhook-rhel9@sha256:a4176d2b3eaba687ecce5cb39d8c6b466fab02eea7634d148196cc4ca19cefc9_amd64",
"9Base-OSE-OSC-1.5:openshift-sandboxed-containers/osc-monitor-rhel9@sha256:1fb51e73ed876f7ca60e2fa70fe35ad8941435ac27648030dd0f124e6d12a215_amd64",
"9Base-OSE-OSC-1.5:openshift-sandboxed-containers/osc-monitor-rhel9@sha256:45ada6552aa5ed43986230dd26bbe4de630dc3ab04ab1a9a371770666a878a81_s390x",
"9Base-OSE-OSC-1.5:openshift-sandboxed-containers/osc-must-gather-rhel9@sha256:081259e193cdf6a7e0849d8ecbe922c72fd1616fb6f1d8ff07ba2089a4a38462_s390x",
"9Base-OSE-OSC-1.5:openshift-sandboxed-containers/osc-must-gather-rhel9@sha256:bffdc077129a33c71b10390ebe4ba4eed0031bc29ce2e0aef29e6454ef53f710_amd64",
"9Base-OSE-OSC-1.5:openshift-sandboxed-containers/osc-operator-bundle@sha256:94242bcaeb70f40d450104651b66ac4d6c5b3eb97bc6f97c3db9f6d94bed95d1_amd64",
"9Base-OSE-OSC-1.5:openshift-sandboxed-containers/osc-operator-bundle@sha256:b637dcf57a9e26ff7b9a87926bda980147a41f8207f78ecdc2bc601aeb7138e0_s390x",
"9Base-OSE-OSC-1.5:openshift-sandboxed-containers/osc-podvm-payload-rhel9@sha256:7340a2577a4236000104e3d3fdf4419582232bff392613a6855f8a9af1ea06a4_amd64",
"9Base-OSE-OSC-1.5:openshift-sandboxed-containers/osc-podvm-payload-rhel9@sha256:b489543912586bd234dabb84068901a4248f0c983882aa2ec64f3092ef336c94_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "RHBZ#2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://github.com/dotnet/announcements/issues/277",
"url": "https://github.com/dotnet/announcements/issues/277"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
},
{
"category": "external",
"summary": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/",
"url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-15T20:10:11+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-OSE-OSC-1.5:openshift-sandboxed-containers/osc-rhel9-operator@sha256:6cbad372f0162070e06d935ecec918ab2ba93fb8ad473da3c591b2f7bf384114_amd64",
"9Base-OSE-OSC-1.5:openshift-sandboxed-containers/osc-rhel9-operator@sha256:7db98893604a59d0d4a0cc322f56b06970fafcf799e790c286643784ab0d8c3f_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2024:0815"
},
{
"category": "workaround",
"details": "Users are strongly urged to update their software as soon as fixes are available. \nThere are several mitigation approaches for this flaw. \n\n1. If circumstances permit, users may disable http2 endpoints to circumvent the flaw altogether until a fix is available.\n2. IP-based blocking or flood protection and rate control tools may be used at network endpoints to filter incoming traffic.\n3. Several package specific mitigations are also available. \n a. nginx: https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\n b. netty: https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p\n c. haproxy: https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\n d. nghttp2: https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg\n e. golang: The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"9Base-OSE-OSC-1.5:openshift-sandboxed-containers/osc-cloud-api-adaptor-rhel9@sha256:53000d1403d8301cd5b422526a9224f0e23789f7433ab0ee96d9b9ee6bbe457c_s390x",
"9Base-OSE-OSC-1.5:openshift-sandboxed-containers/osc-cloud-api-adaptor-rhel9@sha256:5aca71d775675519bd5e8c17c266ca70e91482a723fadeee48a4436553c2a88c_amd64",
"9Base-OSE-OSC-1.5:openshift-sandboxed-containers/osc-cloud-api-adaptor-webhook-rhel9@sha256:17fcd1d7b6003ed409cb6ff291642ec55daa476bd2f7f6a88b7aa4822e54e61e_s390x",
"9Base-OSE-OSC-1.5:openshift-sandboxed-containers/osc-cloud-api-adaptor-webhook-rhel9@sha256:a4176d2b3eaba687ecce5cb39d8c6b466fab02eea7634d148196cc4ca19cefc9_amd64",
"9Base-OSE-OSC-1.5:openshift-sandboxed-containers/osc-monitor-rhel9@sha256:1fb51e73ed876f7ca60e2fa70fe35ad8941435ac27648030dd0f124e6d12a215_amd64",
"9Base-OSE-OSC-1.5:openshift-sandboxed-containers/osc-monitor-rhel9@sha256:45ada6552aa5ed43986230dd26bbe4de630dc3ab04ab1a9a371770666a878a81_s390x",
"9Base-OSE-OSC-1.5:openshift-sandboxed-containers/osc-must-gather-rhel9@sha256:081259e193cdf6a7e0849d8ecbe922c72fd1616fb6f1d8ff07ba2089a4a38462_s390x",
"9Base-OSE-OSC-1.5:openshift-sandboxed-containers/osc-must-gather-rhel9@sha256:bffdc077129a33c71b10390ebe4ba4eed0031bc29ce2e0aef29e6454ef53f710_amd64",
"9Base-OSE-OSC-1.5:openshift-sandboxed-containers/osc-operator-bundle@sha256:94242bcaeb70f40d450104651b66ac4d6c5b3eb97bc6f97c3db9f6d94bed95d1_amd64",
"9Base-OSE-OSC-1.5:openshift-sandboxed-containers/osc-operator-bundle@sha256:b637dcf57a9e26ff7b9a87926bda980147a41f8207f78ecdc2bc601aeb7138e0_s390x",
"9Base-OSE-OSC-1.5:openshift-sandboxed-containers/osc-podvm-payload-rhel9@sha256:7340a2577a4236000104e3d3fdf4419582232bff392613a6855f8a9af1ea06a4_amd64",
"9Base-OSE-OSC-1.5:openshift-sandboxed-containers/osc-podvm-payload-rhel9@sha256:b489543912586bd234dabb84068901a4248f0c983882aa2ec64f3092ef336c94_s390x",
"9Base-OSE-OSC-1.5:openshift-sandboxed-containers/osc-rhel9-operator@sha256:6cbad372f0162070e06d935ecec918ab2ba93fb8ad473da3c591b2f7bf384114_amd64",
"9Base-OSE-OSC-1.5:openshift-sandboxed-containers/osc-rhel9-operator@sha256:7db98893604a59d0d4a0cc322f56b06970fafcf799e790c286643784ab0d8c3f_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-OSE-OSC-1.5:openshift-sandboxed-containers/osc-cloud-api-adaptor-rhel9@sha256:53000d1403d8301cd5b422526a9224f0e23789f7433ab0ee96d9b9ee6bbe457c_s390x",
"9Base-OSE-OSC-1.5:openshift-sandboxed-containers/osc-cloud-api-adaptor-rhel9@sha256:5aca71d775675519bd5e8c17c266ca70e91482a723fadeee48a4436553c2a88c_amd64",
"9Base-OSE-OSC-1.5:openshift-sandboxed-containers/osc-cloud-api-adaptor-webhook-rhel9@sha256:17fcd1d7b6003ed409cb6ff291642ec55daa476bd2f7f6a88b7aa4822e54e61e_s390x",
"9Base-OSE-OSC-1.5:openshift-sandboxed-containers/osc-cloud-api-adaptor-webhook-rhel9@sha256:a4176d2b3eaba687ecce5cb39d8c6b466fab02eea7634d148196cc4ca19cefc9_amd64",
"9Base-OSE-OSC-1.5:openshift-sandboxed-containers/osc-monitor-rhel9@sha256:1fb51e73ed876f7ca60e2fa70fe35ad8941435ac27648030dd0f124e6d12a215_amd64",
"9Base-OSE-OSC-1.5:openshift-sandboxed-containers/osc-monitor-rhel9@sha256:45ada6552aa5ed43986230dd26bbe4de630dc3ab04ab1a9a371770666a878a81_s390x",
"9Base-OSE-OSC-1.5:openshift-sandboxed-containers/osc-must-gather-rhel9@sha256:081259e193cdf6a7e0849d8ecbe922c72fd1616fb6f1d8ff07ba2089a4a38462_s390x",
"9Base-OSE-OSC-1.5:openshift-sandboxed-containers/osc-must-gather-rhel9@sha256:bffdc077129a33c71b10390ebe4ba4eed0031bc29ce2e0aef29e6454ef53f710_amd64",
"9Base-OSE-OSC-1.5:openshift-sandboxed-containers/osc-operator-bundle@sha256:94242bcaeb70f40d450104651b66ac4d6c5b3eb97bc6f97c3db9f6d94bed95d1_amd64",
"9Base-OSE-OSC-1.5:openshift-sandboxed-containers/osc-operator-bundle@sha256:b637dcf57a9e26ff7b9a87926bda980147a41f8207f78ecdc2bc601aeb7138e0_s390x",
"9Base-OSE-OSC-1.5:openshift-sandboxed-containers/osc-podvm-payload-rhel9@sha256:7340a2577a4236000104e3d3fdf4419582232bff392613a6855f8a9af1ea06a4_amd64",
"9Base-OSE-OSC-1.5:openshift-sandboxed-containers/osc-podvm-payload-rhel9@sha256:b489543912586bd234dabb84068901a4248f0c983882aa2ec64f3092ef336c94_s390x",
"9Base-OSE-OSC-1.5:openshift-sandboxed-containers/osc-rhel9-operator@sha256:6cbad372f0162070e06d935ecec918ab2ba93fb8ad473da3c591b2f7bf384114_amd64",
"9Base-OSE-OSC-1.5:openshift-sandboxed-containers/osc-rhel9-operator@sha256:7db98893604a59d0d4a0cc322f56b06970fafcf799e790c286643784ab0d8c3f_s390x"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-10-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…