Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2024-4068 (GCVE-0-2024-4068)
Vulnerability from cvelistv5 – Published: 2024-05-13 10:06 – Updated: 2024-11-06 13:10
VLAI
EPSS
Title
Memory Exhaustion in braces
Summary
The NPM package `braces`, versions prior to 3.0.3, fails to limit the number of characters it can handle, which could lead to Memory Exhaustion. In `lib/parse.js,` if a malicious user sends "imbalanced braces" as input, the parsing will enter a loop, which will cause the program to start allocating heap memory without freeing it at any moment of the loop. Eventually, the JavaScript heap limit is reached, and the program will crash.
Severity
7.5 (High)
CWE
- CWE-1050 - Excessive Platform Resource Consumption within a Loop
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| micromatch | braces |
Affected:
0 , ≤ 3.0.2
(git)
|
Date Public
2024-05-13 12:44
Credits
Mário Teixeira, Checkmarx Research Group
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:micromatch:braces:3.0.3:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "braces",
"vendor": "micromatch",
"versions": [
{
"lessThan": "3.0.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-4068",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-13T11:10:08.649102Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-13T20:12:58.696Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T20:26:57.297Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/micromatch/braces/issues/35"
},
{
"tags": [
"x_transferred"
],
"url": "https://devhub.checkmarx.com/cve-details/CVE-2024-4068/"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/micromatch/braces/pull/37"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/micromatch/braces/pull/40"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/micromatch/braces/commit/415d660c3002d1ab7e63dbf490c9851da80596ff"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://www.npmjs.com/package/micromatch",
"defaultStatus": "unknown",
"packageName": "braces",
"product": "braces",
"programFiles": [
"lib/parse.js"
],
"repo": "https://github.com/micromatch/braces",
"vendor": "micromatch",
"versions": [
{
"changes": [
{
"at": "3.0.3",
"status": "unaffected"
}
],
"lessThanOrEqual": "3.0.2",
"status": "affected",
"version": "0",
"versionType": "git"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "M\u00e1rio Teixeira, Checkmarx Research Group"
}
],
"datePublic": "2024-05-13T12:44:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003e\u003cp\u003eThe NPM package `braces`, versions prior to 3.0.3, fails to limit the number of characters it can handle, which could lead to Memory Exhaustion. In `lib/parse.js,` if a malicious user sends \"imbalanced braces\" as input, the parsing will enter a loop, which will cause the program to start allocating heap memory without freeing it at any moment of the loop. Eventually, the JavaScript heap limit is reached, and the program will crash.\u003c/p\u003e\u003c/div\u003e"
}
],
"value": "The NPM package `braces`, versions prior to 3.0.3, fails to limit the number of characters it can handle, which could lead to Memory Exhaustion. In `lib/parse.js,` if a malicious user sends \"imbalanced braces\" as input, the parsing will enter a loop, which will cause the program to start allocating heap memory without freeing it at any moment of the loop. Eventually, the JavaScript heap limit is reached, and the program will crash."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1050",
"description": "CWE-1050: Excessive Platform Resource Consumption within a Loop",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-06T13:10:11.179Z",
"orgId": "596c5446-0ce5-4ba2-aa66-48b3b757a647",
"shortName": "Checkmarx"
},
"references": [
{
"url": "https://github.com/micromatch/braces/issues/35"
},
{
"url": "https://devhub.checkmarx.com/cve-details/CVE-2024-4068/"
},
{
"url": "https://github.com/micromatch/braces/pull/37"
},
{
"url": "https://github.com/micromatch/braces/pull/40"
},
{
"url": "https://github.com/micromatch/braces/commit/415d660c3002d1ab7e63dbf490c9851da80596ff"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to version\u0026nbsp;3.0.3 to mitigate the issue."
}
],
"value": "Update to version\u00a03.0.3 to mitigate the issue."
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Memory Exhaustion in braces",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "596c5446-0ce5-4ba2-aa66-48b3b757a647",
"assignerShortName": "Checkmarx",
"cveId": "CVE-2024-4068",
"datePublished": "2024-05-13T10:06:38.152Z",
"dateReserved": "2024-04-23T13:31:17.738Z",
"dateUpdated": "2024-11-06T13:10:11.179Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2024-4068",
"date": "2026-05-30",
"epss": "0.00203",
"percentile": "0.42243"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2024-4068\",\"sourceIdentifier\":\"596c5446-0ce5-4ba2-aa66-48b3b757a647\",\"published\":\"2024-05-14T15:42:48.660\",\"lastModified\":\"2025-12-31T01:04:21.577\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The NPM package `braces`, versions prior to 3.0.3, fails to limit the number of characters it can handle, which could lead to Memory Exhaustion. In `lib/parse.js,` if a malicious user sends \\\"imbalanced braces\\\" as input, the parsing will enter a loop, which will cause the program to start allocating heap memory without freeing it at any moment of the loop. Eventually, the JavaScript heap limit is reached, and the program will crash.\"},{\"lang\":\"es\",\"value\":\"El paquete NPM \\\"braces\\\" no limita la cantidad de caracteres que puede manejar, lo que podr\u00eda provocar agotamiento de la memoria. En `lib/parse.js`, si un usuario malintencionado env\u00eda \\\"imbalanced braces\\\" como entrada, el an\u00e1lisis entrar\u00e1 en un bucle, lo que har\u00e1 que el programa comience a asignar memoria de mont\u00f3n sin liberarla en ning\u00fan momento del bucle. Finalmente, se alcanza el l\u00edmite del mont\u00f3n de JavaScript y el programa fallar\u00e1.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"596c5446-0ce5-4ba2-aa66-48b3b757a647\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"596c5446-0ce5-4ba2-aa66-48b3b757a647\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-1050\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-400\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jonschlinkert:braces:*:*:*:*:*:node.js:*:*\",\"versionEndExcluding\":\"3.0.3\",\"matchCriteriaId\":\"0277A94E-C274-46BA-B241-6341CA668D30\"}]}]}],\"references\":[{\"url\":\"https://devhub.checkmarx.com/cve-details/CVE-2024-4068/\",\"source\":\"596c5446-0ce5-4ba2-aa66-48b3b757a647\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/micromatch/braces/commit/415d660c3002d1ab7e63dbf490c9851da80596ff\",\"source\":\"596c5446-0ce5-4ba2-aa66-48b3b757a647\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/micromatch/braces/issues/35\",\"source\":\"596c5446-0ce5-4ba2-aa66-48b3b757a647\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/micromatch/braces/pull/37\",\"source\":\"596c5446-0ce5-4ba2-aa66-48b3b757a647\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/micromatch/braces/pull/40\",\"source\":\"596c5446-0ce5-4ba2-aa66-48b3b757a647\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://devhub.checkmarx.com/cve-details/CVE-2024-4068/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/micromatch/braces/commit/415d660c3002d1ab7e63dbf490c9851da80596ff\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/micromatch/braces/issues/35\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/micromatch/braces/pull/37\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/micromatch/braces/pull/40\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://github.com/micromatch/braces/issues/35\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://devhub.checkmarx.com/cve-details/CVE-2024-4068/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/micromatch/braces/pull/37\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/micromatch/braces/pull/40\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/micromatch/braces/commit/415d660c3002d1ab7e63dbf490c9851da80596ff\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-01T20:26:57.297Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-4068\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-05-13T11:10:08.649102Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:micromatch:braces:3.0.3:*:*:*:*:*:*:*\"], \"vendor\": \"micromatch\", \"product\": \"braces\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"3.0.3\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-400\", \"description\": \"CWE-400 Uncontrolled Resource Consumption\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-05-13T11:12:38.505Z\"}}], \"cna\": {\"title\": \"Memory Exhaustion in braces\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"user\": \"00000000-0000-4000-9000-000000000000\", \"value\": \"M\\u00e1rio Teixeira, Checkmarx Research Group\"}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"repo\": \"https://github.com/micromatch/braces\", \"vendor\": \"micromatch\", \"product\": \"braces\", \"versions\": [{\"status\": \"affected\", \"changes\": [{\"at\": \"3.0.3\", \"status\": \"unaffected\"}], \"version\": \"0\", \"versionType\": \"git\", \"lessThanOrEqual\": \"3.0.2\"}], \"packageName\": \"braces\", \"programFiles\": [\"lib/parse.js\"], \"collectionURL\": \"https://www.npmjs.com/package/micromatch\", \"defaultStatus\": \"unknown\"}], \"solutions\": [{\"lang\": \"en\", \"value\": \"Update to version\\u00a03.0.3 to mitigate the issue.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Update to version\u0026nbsp;3.0.3 to mitigate the issue.\", \"base64\": false}]}], \"datePublic\": \"2024-05-13T12:44:00.000Z\", \"references\": [{\"url\": \"https://github.com/micromatch/braces/issues/35\"}, {\"url\": \"https://devhub.checkmarx.com/cve-details/CVE-2024-4068/\"}, {\"url\": \"https://github.com/micromatch/braces/pull/37\"}, {\"url\": \"https://github.com/micromatch/braces/pull/40\"}, {\"url\": \"https://github.com/micromatch/braces/commit/415d660c3002d1ab7e63dbf490c9851da80596ff\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"The NPM package `braces`, versions prior to 3.0.3, fails to limit the number of characters it can handle, which could lead to Memory Exhaustion. In `lib/parse.js,` if a malicious user sends \\\"imbalanced braces\\\" as input, the parsing will enter a loop, which will cause the program to start allocating heap memory without freeing it at any moment of the loop. Eventually, the JavaScript heap limit is reached, and the program will crash.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cdiv\u003e\u003cp\u003eThe NPM package `braces`, versions prior to 3.0.3, fails to limit the number of characters it can handle, which could lead to Memory Exhaustion. In `lib/parse.js,` if a malicious user sends \\\"imbalanced braces\\\" as input, the parsing will enter a loop, which will cause the program to start allocating heap memory without freeing it at any moment of the loop. Eventually, the JavaScript heap limit is reached, and the program will crash.\u003c/p\u003e\u003c/div\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-1050\", \"description\": \"CWE-1050: Excessive Platform Resource Consumption within a Loop\"}]}], \"providerMetadata\": {\"orgId\": \"596c5446-0ce5-4ba2-aa66-48b3b757a647\", \"shortName\": \"Checkmarx\", \"dateUpdated\": \"2024-11-06T13:10:11.179Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2024-4068\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-11-06T13:10:11.179Z\", \"dateReserved\": \"2024-04-23T13:31:17.738Z\", \"assignerOrgId\": \"596c5446-0ce5-4ba2-aa66-48b3b757a647\", \"datePublished\": \"2024-05-13T10:06:38.152Z\", \"assignerShortName\": \"Checkmarx\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
RHSA-2024:11023
Vulnerability from csaf_redhat - Published: 2024-12-12 20:00 - Updated: 2026-04-30 13:18Summary
Red Hat Security Advisory: HawtIO 4.1.0 for Red Hat build of Apache Camel 4 Release and security update.
Severity
Important
Notes
Topic: HawtIO 4.1.0 for Red Hat build of Apache Camel 4 GA Release is now available.
The purpose of this text-only errata is to inform you about the enhancements that improve your developer experience and ensure the security and stability of your products.
Red Hat Product Security has rated this update as having a security impact of
Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: HawtIO 4.1.0 for Red Hat build of Apache Camel 4 GA Release is now available.
The purpose of this text-only errata is to inform you about the enhancements that improve your developer experience and ensure the security and stability of your products.
* serve-static: Improper Sanitization in serve-static (CVE-2024-43800)
* send: Code Execution Vulnerability in Send Library (CVE-2024-43799)
* org.springframework/spring-webmvc: Path Traversal Vulnerability in Spring Applications Using RouterFunctions and FileSystemResource (CVE-2024-38816)
* org.eclipse.jetty/jetty-server: Jetty ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks (CVE-2024-8184)
* quarkus-core: Leak of local configuration properties into Quarkus applications (CVE-2024-2700)
* braces: fails to limit the number of characters it can handle (CVE-2024-4068)
* undertow: Improper State Management in Proxy Protocol parsing causes information leakage (CVE-2024-7885)
* path-to-regexp: Backtracking regular expressions cause ReDoS (CVE-2024-45296)
* express: Improper Input Handling in Express Redirects (CVE-2024-43796)
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A vulnerability was found in the quarkus-core component. Quarkus captures local environment variables from the Quarkus namespace during the application's build, therefore, running the resulting application inherits the values captured at build time. Some local environment variables may have been set by the developer or CI environment for testing purposes, such as dropping the database during application startup or trusting all TLS certificates to accept self-signed certificates. If these properties are configured using environment variables or the .env facility, they are captured into the built application, which can lead to dangerous behavior if the application does not override these values. This behavior only happens for configuration properties from the `quarkus.*` namespace. Application-specific properties are not captured.
7.0 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
HawtIO 4.0.0 for Red Hat build of Apache Camel 4
Red Hat / Red Hat Build of Apache Camel
|
cpe:/a:redhat:rhboac_hawtio:4.0.0
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in the NPM package `braces.` It fails to limit the number of characters it can handle, which could lead to memory exhaustion. In `lib/parse.js,` if a malicious user sends "imbalanced braces" as input, the parsing will enter a loop, causing the program to start allocating heap memory without freeing it at any moment of the loop. Eventually, the JavaScript heap limit is reached, and the program will crash.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
HawtIO 4.0.0 for Red Hat build of Apache Camel 4
Red Hat / Red Hat Build of Apache Camel
|
cpe:/a:redhat:rhboac_hawtio:4.0.0
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A vulnerability was found in Undertow where the ProxyProtocolReadListener reuses the same StringBuilder instance across multiple requests. This issue occurs when the parseProxyProtocolV1 method processes multiple requests on the same HTTP connection. As a result, different requests may share the same StringBuilder instance, potentially leading to information leakage between requests or responses. In some cases, a value from a previous request or response may be erroneously reused, which could lead to unintended data exposure. This issue primarily results in errors and connection termination but creates a risk of data leakage in multi-request environments.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
HawtIO 4.0.0 for Red Hat build of Apache Camel 4
Red Hat / Red Hat Build of Apache Camel
|
cpe:/a:redhat:rhboac_hawtio:4.0.0
|
— |
Vendor Fix
fix
|
Threats
Impact
Important
A flaw was found in Jetty's ThreadLimitHandler.getRemote(). This flaw allows unauthorized users to cause remote denial of service (DoS) attacks. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server's memory.
6.5 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
HawtIO 4.0.0 for Red Hat build of Apache Camel 4
Red Hat / Red Hat Build of Apache Camel
|
cpe:/a:redhat:rhboac_hawtio:4.0.0
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in Spring applications using the WebMvc.fn or WebFlux.fn frameworks. This issue can allow attackers to perform path traversal attacks via crafted HTTP requests when the application serves static resources using RouterFunctions and explicitly configures resource handling with a FileSystemResource location.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
HawtIO 4.0.0 for Red Hat build of Apache Camel 4
Red Hat / Red Hat Build of Apache Camel
|
cpe:/a:redhat:rhboac_hawtio:4.0.0
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A flaw was found in Express. This vulnerability allows untrusted code execution via passing untrusted user input to response.redirect(), even if the input is sanitized.
5.0 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
HawtIO 4.0.0 for Red Hat build of Apache Camel 4
Red Hat / Red Hat Build of Apache Camel
|
cpe:/a:redhat:rhboac_hawtio:4.0.0
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in the Send library. This vulnerability allows remote code execution via untrusted input passed to the SendStream.redirect() function.
5.0 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
HawtIO 4.0.0 for Red Hat build of Apache Camel 4
Red Hat / Red Hat Build of Apache Camel
|
cpe:/a:redhat:rhboac_hawtio:4.0.0
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in serve-static. This issue may allow the execution of untrusted code via passing sanitized yet untrusted user input to redirect().
5.0 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
HawtIO 4.0.0 for Red Hat build of Apache Camel 4
Red Hat / Red Hat Build of Apache Camel
|
cpe:/a:redhat:rhboac_hawtio:4.0.0
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in path-to-regexp package, where it turns path strings into regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance. Because JavaScript is single-threaded and regex matching runs on the main thread, poor performance will block the event loop and lead to a denial of service (DoS).
5.3 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
HawtIO 4.0.0 for Red Hat build of Apache Camel 4
Red Hat / Red Hat Build of Apache Camel
|
cpe:/a:redhat:rhboac_hawtio:4.0.0
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
References
65 references
Acknowledgments
BfC
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "HawtIO 4.1.0 for Red Hat build of Apache Camel 4 GA Release is now available.\n\nThe purpose of this text-only errata is to inform you about the enhancements that improve your developer experience and ensure the security and stability of your products.\n\nRed Hat Product Security has rated this update as having a security impact of\nImportant. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "HawtIO 4.1.0 for Red Hat build of Apache Camel 4 GA Release is now available.\n\nThe purpose of this text-only errata is to inform you about the enhancements that improve your developer experience and ensure the security and stability of your products.\n\n* serve-static: Improper Sanitization in serve-static (CVE-2024-43800)\n\n* send: Code Execution Vulnerability in Send Library (CVE-2024-43799)\n\n* org.springframework/spring-webmvc: Path Traversal Vulnerability in Spring Applications Using RouterFunctions and FileSystemResource (CVE-2024-38816)\n\n* org.eclipse.jetty/jetty-server: Jetty ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks (CVE-2024-8184)\n\n* quarkus-core: Leak of local configuration properties into Quarkus applications (CVE-2024-2700)\n\n* braces: fails to limit the number of characters it can handle (CVE-2024-4068)\n\n* undertow: Improper State Management in Proxy Protocol parsing causes information leakage (CVE-2024-7885)\n\n* path-to-regexp: Backtracking regular expressions cause ReDoS (CVE-2024-45296)\n\n* express: Improper Input Handling in Express Redirects (CVE-2024-43796)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:11023",
"url": "https://access.redhat.com/errata/RHSA-2024:11023"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2273281",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2273281"
},
{
"category": "external",
"summary": "2280600",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2280600"
},
{
"category": "external",
"summary": "2305290",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2305290"
},
{
"category": "external",
"summary": "2310908",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310908"
},
{
"category": "external",
"summary": "2311152",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311152"
},
{
"category": "external",
"summary": "2311153",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311153"
},
{
"category": "external",
"summary": "2311154",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311154"
},
{
"category": "external",
"summary": "2312060",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312060"
},
{
"category": "external",
"summary": "2318564",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2318564"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_11023.json"
}
],
"title": "Red Hat Security Advisory: HawtIO 4.1.0 for Red Hat build of Apache Camel 4 Release and security update.",
"tracking": {
"current_release_date": "2026-04-30T13:18:23+00:00",
"generator": {
"date": "2026-04-30T13:18:23+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.7"
}
},
"id": "RHSA-2024:11023",
"initial_release_date": "2024-12-12T20:00:23+00:00",
"revision_history": [
{
"date": "2024-12-12T20:00:23+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-12-12T20:00:23+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-04-30T13:18:23+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "HawtIO 4.0.0 for Red Hat build of Apache Camel 4",
"product": {
"name": "HawtIO 4.0.0 for Red Hat build of Apache Camel 4",
"product_id": "HawtIO 4.0.0 for Red Hat build of Apache Camel 4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhboac_hawtio:4.0.0"
}
}
}
],
"category": "product_family",
"name": "Red Hat Build of Apache Camel"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-2700",
"cwe": {
"id": "CWE-526",
"name": "Cleartext Storage of Sensitive Information in an Environment Variable"
},
"discovery_date": "2024-04-03T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2273281"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the quarkus-core component. Quarkus captures local environment variables from the Quarkus namespace during the application\u0027s build, therefore, running the resulting application inherits the values captured at build time. Some local environment variables may have been set by the developer or CI environment for testing purposes, such as dropping the database during application startup or trusting all TLS certificates to accept self-signed certificates. If these properties are configured using environment variables or the .env facility, they are captured into the built application, which can lead to dangerous behavior if the application does not override these values. This behavior only happens for configuration properties from the `quarkus.*` namespace. Application-specific properties are not captured.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "quarkus-core: Leak of local configuration properties into Quarkus applications",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat rates this as a Moderate impact vulnerability since this requires an attacker to have direct access to the environment variables to override, and the application must use that environment variable to be jeopardized.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"HawtIO 4.0.0 for Red Hat build of Apache Camel 4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-2700"
},
{
"category": "external",
"summary": "RHBZ#2273281",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2273281"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-2700",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2700"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-2700",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-2700"
}
],
"release_date": "2024-04-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-12-12T20:00:23+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"HawtIO 4.0.0 for Red Hat build of Apache Camel 4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:11023"
},
{
"category": "workaround",
"details": "Currently, no mitigation is available for this vulnerability. Please update as the patches become available.",
"product_ids": [
"HawtIO 4.0.0 for Red Hat build of Apache Camel 4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"HawtIO 4.0.0 for Red Hat build of Apache Camel 4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "quarkus-core: Leak of local configuration properties into Quarkus applications"
},
{
"cve": "CVE-2024-4068",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2024-05-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2280600"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the NPM package `braces.` It fails to limit the number of characters it can handle, which could lead to memory exhaustion. In `lib/parse.js,` if a malicious user sends \"imbalanced braces\" as input, the parsing will enter a loop, causing the program to start allocating heap memory without freeing it at any moment of the loop. Eventually, the JavaScript heap limit is reached, and the program will crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "braces: fails to limit the number of characters it can handle",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"HawtIO 4.0.0 for Red Hat build of Apache Camel 4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-4068"
},
{
"category": "external",
"summary": "RHBZ#2280600",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2280600"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-4068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4068"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-4068",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-4068"
},
{
"category": "external",
"summary": "https://devhub.checkmarx.com/cve-details/CVE-2024-4068/",
"url": "https://devhub.checkmarx.com/cve-details/CVE-2024-4068/"
},
{
"category": "external",
"summary": "https://github.com/micromatch/braces/blob/98414f9f1fabe021736e26836d8306d5de747e0d/lib/parse.js#L308",
"url": "https://github.com/micromatch/braces/blob/98414f9f1fabe021736e26836d8306d5de747e0d/lib/parse.js#L308"
},
{
"category": "external",
"summary": "https://github.com/micromatch/braces/issues/35",
"url": "https://github.com/micromatch/braces/issues/35"
}
],
"release_date": "2024-03-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-12-12T20:00:23+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"HawtIO 4.0.0 for Red Hat build of Apache Camel 4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:11023"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"HawtIO 4.0.0 for Red Hat build of Apache Camel 4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"HawtIO 4.0.0 for Red Hat build of Apache Camel 4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "braces: fails to limit the number of characters it can handle"
},
{
"acknowledgments": [
{
"names": [
"BfC"
]
}
],
"cve": "CVE-2024-7885",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"discovery_date": "2024-08-16T09:00:41.686000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2305290"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Undertow where the ProxyProtocolReadListener reuses the same StringBuilder instance across multiple requests. This issue occurs when the parseProxyProtocolV1 method processes multiple requests on the same HTTP connection. As a result, different requests may share the same StringBuilder instance, potentially leading to information leakage between requests or responses. In some cases, a value from a previous request or response may be erroneously reused, which could lead to unintended data exposure. This issue primarily results in errors and connection termination but creates a risk of data leakage in multi-request environments.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undertow: Improper State Management in Proxy Protocol parsing causes information leakage",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat decided to rate this vulnerability as Important because of the potential loss of Availability and no additional privileges being required.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"HawtIO 4.0.0 for Red Hat build of Apache Camel 4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-7885"
},
{
"category": "external",
"summary": "RHBZ#2305290",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2305290"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-7885",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7885"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-7885",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-7885"
}
],
"release_date": "2024-08-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-12-12T20:00:23+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"HawtIO 4.0.0 for Red Hat build of Apache Camel 4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:11023"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"HawtIO 4.0.0 for Red Hat build of Apache Camel 4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "undertow: Improper State Management in Proxy Protocol parsing causes information leakage"
},
{
"cve": "CVE-2024-8184",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-10-14T16:01:01.239238+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2318564"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jetty\u0027s ThreadLimitHandler.getRemote(). This flaw allows unauthorized users to cause remote denial of service (DoS) attacks. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server\u0027s memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.eclipse.jetty:jetty-server: jetty: Jetty ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as moderate rather than important because it requires specific conditions to be met, including continuous, crafted requests that deliberately target memory allocation to exhaust resources. While it can cause a denial of service, it does not lead to direct compromise of sensitive data, unauthorized access, or code execution.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"HawtIO 4.0.0 for Red Hat build of Apache Camel 4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-8184"
},
{
"category": "external",
"summary": "RHBZ#2318564",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2318564"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-8184",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8184"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-8184",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8184"
},
{
"category": "external",
"summary": "https://github.com/jetty/jetty.project/pull/11723",
"url": "https://github.com/jetty/jetty.project/pull/11723"
},
{
"category": "external",
"summary": "https://github.com/jetty/jetty.project/security/advisories/GHSA-g8m5-722r-8whq",
"url": "https://github.com/jetty/jetty.project/security/advisories/GHSA-g8m5-722r-8whq"
},
{
"category": "external",
"summary": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/30",
"url": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/30"
}
],
"release_date": "2024-10-14T15:09:37.861000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-12-12T20:00:23+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"HawtIO 4.0.0 for Red Hat build of Apache Camel 4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:11023"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"HawtIO 4.0.0 for Red Hat build of Apache Camel 4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"HawtIO 4.0.0 for Red Hat build of Apache Camel 4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "org.eclipse.jetty:jetty-server: jetty: Jetty ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks"
},
{
"cve": "CVE-2024-38816",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2024-09-13T06:20:08.422867+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2312060"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Spring applications using the WebMvc.fn or WebFlux.fn frameworks. This issue can allow attackers to perform path traversal attacks via crafted HTTP requests when the application serves static resources using RouterFunctions and explicitly configures resource handling with a FileSystemResource location.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "spring-webmvc: Path Traversal Vulnerability in Spring Applications Using RouterFunctions and FileSystemResource",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Path traversal vulnerabilities in applications that serve static resources via RouterFunctions and FileSystemResource pose a important security risk, as they allow attackers to bypass access controls and retrieve arbitrary files from the server\u0027s filesystem. This type of attack can lead to unauthorized exposure of sensitive data, such as configuration files, environment variables, or authentication credentials. If exploited, it can further facilitate privilege escalation, lateral movement, or remote code execution within the system. Given the broad access it grants to the server\u0027s filesystem, the potential for system compromise makes path traversal vulnerabilities a high-severity issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"HawtIO 4.0.0 for Red Hat build of Apache Camel 4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-38816"
},
{
"category": "external",
"summary": "RHBZ#2312060",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312060"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-38816",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38816"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-38816",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38816"
},
{
"category": "external",
"summary": "https://spring.io/security/cve-2024-38816",
"url": "https://spring.io/security/cve-2024-38816"
}
],
"release_date": "2024-09-13T06:15:11.190000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-12-12T20:00:23+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"HawtIO 4.0.0 for Red Hat build of Apache Camel 4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:11023"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"HawtIO 4.0.0 for Red Hat build of Apache Camel 4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"HawtIO 4.0.0 for Red Hat build of Apache Camel 4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "spring-webmvc: Path Traversal Vulnerability in Spring Applications Using RouterFunctions and FileSystemResource"
},
{
"cve": "CVE-2024-43796",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-09-10T15:30:28.106254+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311152"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Express. This vulnerability allows untrusted code execution via passing untrusted user input to response.redirect(), even if the input is sanitized.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "express: Improper Input Handling in Express Redirects",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"HawtIO 4.0.0 for Red Hat build of Apache Camel 4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43796"
},
{
"category": "external",
"summary": "RHBZ#2311152",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311152"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43796",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43796"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43796",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43796"
},
{
"category": "external",
"summary": "https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553",
"url": "https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553"
},
{
"category": "external",
"summary": "https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx",
"url": "https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx"
}
],
"release_date": "2024-09-10T15:15:17.510000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-12-12T20:00:23+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"HawtIO 4.0.0 for Red Hat build of Apache Camel 4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:11023"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"HawtIO 4.0.0 for Red Hat build of Apache Camel 4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"HawtIO 4.0.0 for Red Hat build of Apache Camel 4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "express: Improper Input Handling in Express Redirects"
},
{
"cve": "CVE-2024-43799",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-09-10T15:30:30.869487+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311153"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Send library. This vulnerability allows remote code execution via untrusted input passed to the SendStream.redirect() function.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "send: Code Execution Vulnerability in Send Library",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"HawtIO 4.0.0 for Red Hat build of Apache Camel 4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43799"
},
{
"category": "external",
"summary": "RHBZ#2311153",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311153"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43799",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43799"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43799",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43799"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35",
"url": "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg",
"url": "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg"
}
],
"release_date": "2024-09-10T15:15:17.727000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-12-12T20:00:23+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"HawtIO 4.0.0 for Red Hat build of Apache Camel 4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:11023"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"HawtIO 4.0.0 for Red Hat build of Apache Camel 4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"HawtIO 4.0.0 for Red Hat build of Apache Camel 4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "send: Code Execution Vulnerability in Send Library"
},
{
"cve": "CVE-2024-43800",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-09-10T15:30:33.631718+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311154"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in serve-static. This issue may allow the execution of untrusted code via passing sanitized yet untrusted user input to redirect().",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "serve-static: Improper Sanitization in serve-static",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "rhdh-hub-container 1.2 and 1.3 have included patches for this vulnerability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"HawtIO 4.0.0 for Red Hat build of Apache Camel 4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43800"
},
{
"category": "external",
"summary": "RHBZ#2311154",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311154"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43800",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43800"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43800",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43800"
},
{
"category": "external",
"summary": "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b",
"url": "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b"
},
{
"category": "external",
"summary": "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa",
"url": "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa"
},
{
"category": "external",
"summary": "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p",
"url": "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p"
}
],
"release_date": "2024-09-10T15:15:17.937000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-12-12T20:00:23+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"HawtIO 4.0.0 for Red Hat build of Apache Camel 4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:11023"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"HawtIO 4.0.0 for Red Hat build of Apache Camel 4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"HawtIO 4.0.0 for Red Hat build of Apache Camel 4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "serve-static: Improper Sanitization in serve-static"
},
{
"cve": "CVE-2024-45296",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2024-09-09T19:20:18.127723+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2310908"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in path-to-regexp package, where it turns path strings into regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance. Because JavaScript is single-threaded and regex matching runs on the main thread, poor performance will block the event loop and lead to a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "path-to-regexp: Backtracking regular expressions cause ReDoS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"HawtIO 4.0.0 for Red Hat build of Apache Camel 4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45296"
},
{
"category": "external",
"summary": "RHBZ#2310908",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310908"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45296",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45296"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45296",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45296"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/path-to-regexp/commit/29b96b4a1de52824e1ca0f49a701183cc4ed476f",
"url": "https://github.com/pillarjs/path-to-regexp/commit/29b96b4a1de52824e1ca0f49a701183cc4ed476f"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/path-to-regexp/commit/60f2121e9b66b7b622cc01080df0aabda9eedee6",
"url": "https://github.com/pillarjs/path-to-regexp/commit/60f2121e9b66b7b622cc01080df0aabda9eedee6"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j",
"url": "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j"
}
],
"release_date": "2024-09-09T19:15:13.330000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-12-12T20:00:23+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"HawtIO 4.0.0 for Red Hat build of Apache Camel 4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:11023"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"HawtIO 4.0.0 for Red Hat build of Apache Camel 4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"HawtIO 4.0.0 for Red Hat build of Apache Camel 4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "path-to-regexp: Backtracking regular expressions cause ReDoS"
}
]
}
RHSA-2024:4464
Vulnerability from csaf_redhat - Published: 2024-07-10 19:53 - Updated: 2026-05-28 20:33Summary
Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.10.4 security updates and bug fixes
Severity
Low
Notes
Topic: Red Hat Advanced Cluster Management for Kubernetes 2.10.4 General
Availability release images, which apply security fixes and fix bugs.
Red Hat Product Security has rated this update as having a security impact
of Low. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
Details: Red Hat Advanced Cluster Management for Kubernetes 2.10.4 images
Red Hat Advanced Cluster Management for Kubernetes provides the
capabilities to address common challenges that administrators and site
reliability engineers face as they work across a range of public and
private cloud environments. Clusters and applications are all visible and
managed from a single console—with security policy built in.
This advisory contains the container images for Red Hat Advanced Cluster
Management for Kubernetes, which fix several bugs. See the following
Release Notes documentation, which will be updated shortly for this
release, for additional details about this release:
https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_management_for_kubernetes/2.10/html/release_notes/index
Security fix:
* golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS (CVE-2023-45288)
Jira issues addressed:
* ACM-11006: Trying to edit an Application from ACM console fails with error: 'Cannot read properties of undefined'
* ACM-11662 endpoint-observability-operator has an extra replicaset that keeps spawning pods that gets killed constantly, causing alerts to fire
* ACM-11961: Auto import of managed clusters remains stuck on switching hubs
* ACM-11986: Managed clusters created by RHACM do not reconnect to an AODP restored ACM on their own
* ACM-12133: Edit an existing appsub results on creating another subscription with errors
* ACM-12405: Unable to deploy Latest OCP 4.16 - generating manifests fails with 'GLIBC_2.34' not found
* ACM-12436: "Could not start a watch request" error when using OperatorPolicy
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A vulnerability was discovered with the implementation of the HTTP/2 protocol in the Go programming language. There were insufficient limitations on the amount of CONTINUATION frames sent within a single stream. An attacker could potentially exploit this to cause a Denial of Service (DoS) attack.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-cluster-permission-rhel9@sha256:b9ef8ca2a002c616c6644cf16b80d5901d7b46034dc7e57ec1dd1d260cf0e32b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-cluster-permission-rhel9@sha256:bd41dedb13ae9360d2e856ec6d52ea35b726425a65e92a00cd6037344ae5780e_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-cluster-permission-rhel9@sha256:dac35e93ff173bd30fefbdec8676fb605e28368aec3eccc4ac603f16eadcf31d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-cluster-permission-rhel9@sha256:e8c9920427522b7ef645422b85ff1585e65b9d659c792e57201dfc06d6a13ffa_ppc64le | — |
Vendor Fix
fix
Workaround
|
Known not affected
171 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-governance-policy-addon-controller-rhel9@sha256:65d709ef780d8d867c145b1ddf8e7031bd8e710972b21ed2d7b9d9ede0bfdb43_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-governance-policy-addon-controller-rhel9@sha256:87988ad277b62bbcc061dbe4242bfc2edcc21dc98c4c7c66385131c0425b0fa7_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-governance-policy-addon-controller-rhel9@sha256:9af1cb9605a8fdf7212a079ed8fa51b110b367c705a51651ba3933e936519e7f_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-governance-policy-addon-controller-rhel9@sha256:c6e3728b6687b8c83a11c326e4fd098ceef3f501725efbdfcb0ded0645a1473e_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-governance-policy-framework-addon-rhel9@sha256:3101f1389311c0006c0fb9953c44d5fff9e968597952103a5a873a7a4c4707da_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-governance-policy-framework-addon-rhel9@sha256:4536de55598f032ad91056c779ec2faea5c28de557a730d50cb2b2aba9b3bf00_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-governance-policy-framework-addon-rhel9@sha256:587fc80d3d6e3f2295272934fb39cfa3b96f5a2652a533b6b01cc6b04d10cb66_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-governance-policy-framework-addon-rhel9@sha256:63246c061e7960a656cb66c8ccca2b7bed943c9a1fe96a28f9cd99829608cda5_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-grafana-rhel9@sha256:1cd1c6a91611569a855444430c527a8bebbe113f77dd47dcfc2b8305c3a26a13_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-grafana-rhel9@sha256:3a59dd5e30b37f1e1feffba959d88d3aab37701500203afb71b2d38958236b85_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-grafana-rhel9@sha256:b488d250bc1c82f3f7e26a1bc741dee02e57b3e3d40cf2965e541d2c5727ec65_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-grafana-rhel9@sha256:df4024e8506d0926ad81943684532dd9e4054f26d23da6e329f593239b5a1513_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-must-gather-rhel9@sha256:66bca60baa85bc23963b5955fe57e8b7b7038c1088e2ce60f1fedc1a41d944dc_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-must-gather-rhel9@sha256:92d087992acf383c2f06ed92996049c412fc1fef76be10fc40eb6ba2e4b2f9be_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-must-gather-rhel9@sha256:bfc79c952b6f62658ef36373af72e6213de78ba1c3a18f018add4295d8ae72f8_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-must-gather-rhel9@sha256:fb9fa96ebaba320dd723e7d5727b20c63f66aa6c39f460a6270c572354123fd9_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-operator-bundle@sha256:190d00bcb1bdbf289cc4ae87f738aeabe04470194e51870c572876e4c118d712_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-operator-bundle@sha256:304e9a12e0c7b7be0444efd26764d32818fc3ad1ad936b565232f5f82a5f72fe_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-operator-bundle@sha256:cc65cb3804a7e6150028a6f1c60fcbdb78c42689769ff9378922491481947aed_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-prometheus-config-reloader-rhel9@sha256:0b885dfd28d82220fdb03b7bca0e1ed2fc941bc712e536af71e4e11ee9defee4_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-prometheus-config-reloader-rhel9@sha256:53cd755cea5a527c089321e5571c14ad0fd5d55b16e7c2acddc2a7c9670cffd2_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-prometheus-config-reloader-rhel9@sha256:8f18c68e47b66926d14795818f3a1dc21ffdcbcf1a220c7518194416602b19ac_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-prometheus-config-reloader-rhel9@sha256:be5be2fe888521fd8ac6d7ebca3cf127724128eb6ff4e11f90d61a4af60f1bee_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-prometheus-rhel9@sha256:8da9c5a18b42861d11e3df3f37b5f47b810af1b25beec208ce75b6f69d913ecd_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-prometheus-rhel9@sha256:91ec246784f1e7cdd0c20ab36ea09f13e553c043851699dae6191ea1ce101a61_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-prometheus-rhel9@sha256:969cc23c2f503797d491c797220e09b1682887742f669d338a5fd3613908148d_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-prometheus-rhel9@sha256:a1b920873dbb0984f41a8b49a4e0263c9756d909391601290b8a67278596327b_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-search-indexer-rhel9@sha256:21476ec5340f5e98451f83d7d455f86e8368ed4c882f564cf80b234dc2ceae1a_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-search-indexer-rhel9@sha256:47083a8e2f6234e7e3743c2f7d5cc433ad76a46a609f65640e047bfa9557082c_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-search-indexer-rhel9@sha256:95c15180b6b25c453b8aa81c42b106d6e9fb1d832761a3b2b06922c0ceee4d7b_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-search-indexer-rhel9@sha256:9ba73ef3b2447b16aab7503bce4e480441b272e997dab87ee9cc4b0f1ac040ba_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-search-v2-api-rhel9@sha256:1891db398d822cb0c424245928033240dfdcfd35d21ab052379d432423a6e038_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-search-v2-api-rhel9@sha256:247e052a3b5bc9708f1c0953f09c942414852f2109a9694af864375032072ae2_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-search-v2-api-rhel9@sha256:51a415f07cfadd9ae5b4b29cb3247b5085bb18edad8df566c47dc7e89ef0939e_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-search-v2-api-rhel9@sha256:756982578354d8a66399f2464602458f80bd398e46656a3d86c9303fa2068900_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-search-v2-rhel9@sha256:329f59a93ce1e2aab017a924db00b6aaca4c8ee40b5d5c2358af11af2e5319bd_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-search-v2-rhel9@sha256:9e2aa6686deee7b78bda5dcb08dad31c87a9653e48788df4e8bb39d4965c9101_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-search-v2-rhel9@sha256:e995897416f24436e6bef220bd4d5b3ba8fbd26c97fbd5e250391a3aef14bce5_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-search-v2-rhel9@sha256:f45417abdf399566fa98b0686ab4b2b55d776b6dfa67b7b7c24565b084c39165_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-volsync-addon-controller-rhel9@sha256:055c5ab4b2045571efe53bbd4ca54ba8a17a2cf590dad70c65667ed6b11ca86a_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-volsync-addon-controller-rhel9@sha256:60070927868e0538d31090138892fe64445321098b3874880fd21e7dcc1ffae7_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-volsync-addon-controller-rhel9@sha256:cc991f8f8af9337ab908f6564b4b77daef5893dc2759ff483142ef659a6a4b30_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-volsync-addon-controller-rhel9@sha256:faee49ca0c46781594189977f3ab5805060cd0a95e47ba575ec05bb549e21a69_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/cert-policy-controller-rhel9@sha256:081c86b4c25876ac0734a0caff771a30b848530f1e89f9e0d3ee3f743f579e9c_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/cert-policy-controller-rhel9@sha256:318f11ebe87bc1feced78f9d2ae66856884606c721e15d2d05045562d248ac3f_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/cert-policy-controller-rhel9@sha256:5daaad58a8979d386830224e133a3bbc713b63039a99eda9a69487b999e71965_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/cert-policy-controller-rhel9@sha256:bffedd5eb97a49dd210b51423ba8938684be1cb41dd79d06b2aab94bc0bb4963_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/cluster-backup-rhel9-operator@sha256:0d141d0fa859ae0061605f2fe13381be2b6ebd9d8c6b91ca171a8e61e52842be_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/cluster-backup-rhel9-operator@sha256:3a8bace1bb325142a64a4432543a828050e2e87de91a08dca793534841b7b841_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/cluster-backup-rhel9-operator@sha256:66f67d2d8c09634e2e5ae0be07437cb1918f6b506e35bc9b7af82f4979dfc4ed_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/cluster-backup-rhel9-operator@sha256:ac726852c9aa7e54aa4d75c6c485b429f16fffbb61d2840b527c5a1cfdb5c842_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/config-policy-controller-rhel9@sha256:0ef8fdea99a8fd44feff31b4883a6ecd17eeabb5e8c9ccbdbdd30c32cc2cbe64_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/config-policy-controller-rhel9@sha256:b7ff6680725a8bb31edf5dc58d82ac0b9d201ba8eac4c6f2ea4c3cd35f52915a_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/config-policy-controller-rhel9@sha256:d4456a33f0488db9c77d12a279500b68a41441a8ff6c8cc9723a7ccc46e90dc7_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/config-policy-controller-rhel9@sha256:d6e8119559b01231206654d2a57114862c4c6b5ca604ccf7b92e53bea6e2e2c2_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/console-rhel9@sha256:4ee3bbdcc190cd6c3e1eff8bfabe8ca3cd9e61ab5d824983a955e6d509238041_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/console-rhel9@sha256:5fe6fb2bd7e31a960bc018d870af482f668ab417d601d94a5ac5981fd116a852_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/console-rhel9@sha256:9005fc71b91a5d2a1fe502e90d57cea2285d1218ad6e49f4bcdd77bf560c5765_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/console-rhel9@sha256:b3bc8c5f587da2c7ce4e25d5d2e72b08939071297cf3fdc5d51fb631d99aa168_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/endpoint-monitoring-rhel9-operator@sha256:75bc23118d6e3ae1ec142a6f47a871efcd8ec5aa6da2bef7cf24e716b3b3be3c_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/endpoint-monitoring-rhel9-operator@sha256:cf7be8fd6b726cb7ba8a3f57e14e20d7944245759cd6e8bd26dca4d666fb866a_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/endpoint-monitoring-rhel9-operator@sha256:d8c3352fceb6a53e110f76501bb2c2f4cf7a9284f9dd30dee3fe3e015b622195_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/endpoint-monitoring-rhel9-operator@sha256:e177864e6bc3b6e66f1f455229257210b77a3b7d0e18c480d252ed79f03bf67a_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/governance-policy-propagator-rhel9@sha256:400644c05d5768fb7460bb3f8bfa880bc21e91f365130d13877f015ba2146358_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/governance-policy-propagator-rhel9@sha256:46deef6c168120168168820dad57ce9b2d2641be926772eaeba2d03d3d324e2a_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/governance-policy-propagator-rhel9@sha256:4e9143f58e4755b86526d113040acd0ee0069fefe9243e08c864c35d25b276e9_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/governance-policy-propagator-rhel9@sha256:8947a68138c101fdc355b94a4deb0d02f44de025fe733e8d5fb28f5fce93b7c9_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/grafana-dashboard-loader-rhel9@sha256:26a08abd967f17e23975b728768e2f561750856b0f98ff5f27506da94fa597ca_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/grafana-dashboard-loader-rhel9@sha256:43f27505c8ac51aa659c638f96f7681d8d3029775b9153a8075fa38dd48dbc3c_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/grafana-dashboard-loader-rhel9@sha256:a9afb35685e18a179269293a1998eb5c6c8c47e9247a7f3f1c27d3b1b35a83b2_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/grafana-dashboard-loader-rhel9@sha256:f30433d2c90f38c86f1780bd8b74a50821837f769db589ee720e35fd79dbc23b_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/iam-policy-controller-rhel9@sha256:63ca0eef9b3febe70ceea5b47a36fea7455eef69da9d1bda70d2bc9661ec2f2c_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/iam-policy-controller-rhel9@sha256:ae274418f0fa055670012f2d92d63ebb175fdbd3946486312007bc2b0a915541_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/iam-policy-controller-rhel9@sha256:c1d7619138ab3717e6f6a49ac76f95ff041a022746891057d6e4e163114fb864_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/iam-policy-controller-rhel9@sha256:f62a79f1f02af4be1424b74071e6d701e5c514e27019e69ee98cbed10b602f3d_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/insights-client-rhel9@sha256:0ff4ca5a9703ec58d70178152b5dbbb3aaffa5fce80153eda12f727f7c3e0b6f_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/insights-client-rhel9@sha256:70833a6ef9ebc1b50e914744e0f7c36c259bb7889c7ff8085cb8470826ac803e_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/insights-client-rhel9@sha256:cdf079542b23633884a52daa02d4b9182aaf7454e769186de4f495467686653d_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/insights-client-rhel9@sha256:f62d6a262c044a7883f34563e3e1909761ca0bd44e4d5f8a0e564db8b630068b_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/insights-metrics-rhel9@sha256:16862c34efb507d44455ed78cde51a1f57969cc69f4beec70ecb697b8ea406dc_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/insights-metrics-rhel9@sha256:2f7c346cb847e2928715bd4b64a34531b82d0130a89a08f19c3026db5d89c5a1_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/insights-metrics-rhel9@sha256:44f56f7a1ac2720ce815ea7aa824ea37a0bdcf63c637941ca84328578a735142_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/insights-metrics-rhel9@sha256:e2a9110af4d9bac9fd97b8f5981230c495506d50db571eccae9e16e361abfdd7_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/klusterlet-addon-controller-rhel9@sha256:693af28fa3e5f1aee61695e891fdd33a49b5280e4a555f84b838ca8e829d0999_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/klusterlet-addon-controller-rhel9@sha256:7ac958c32070e6282a8cbe262810c58a81e6e331bf59877cd67758ab6feb8ada_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/klusterlet-addon-controller-rhel9@sha256:8528a204787ecde3925c9c3ef31e225f59c5b4b3a21bd314541fe06dd4c1aa73_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/klusterlet-addon-controller-rhel9@sha256:cf0bf12f03bd0a4a09188d1f5b4820aa6e7f6e4a1fb1bc2c45559553907c6eae_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/kube-rbac-proxy-rhel9@sha256:1d75e8e70fc3f3943841bd34f79e5762705b0d23460064c6adcdd0fc6b39005a_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/kube-rbac-proxy-rhel9@sha256:355905503e1321fc2fd75b12bab33b2cb75cbfcc0d0e7e70400790da081abfd9_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/kube-rbac-proxy-rhel9@sha256:42da847ca7b39914df099381ac807d8ab619774388c1a47e0d71020fbce998ae_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/kube-rbac-proxy-rhel9@sha256:5e416f1249a77845f81c9cf1a1dfae74feca41afd6dd35e7be55a0fa61632c00_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/kube-state-metrics-rhel9@sha256:715f6b9c01400a153157de08bf2a6b04ea54478ee2c18d7871b65c865d6902d2_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/kube-state-metrics-rhel9@sha256:72f6c545d46d1cc6f3fb1b9cd6840f0496056d410c8ade62dd35d99dfdd60737_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/kube-state-metrics-rhel9@sha256:88982e268e1a3d0c52c72563a684b58042adb0800ebd1e80208b898eebe75cd6_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/kube-state-metrics-rhel9@sha256:9f2ac058e15d5653e8bced975955e26e51a88d36a1d5896305b6f5060afee43a_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/memcached-exporter-rhel9@sha256:1304f49745ed8a18784196b5595cea1ec6caf904d0e61d0952a603e6fb7da6e0_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/memcached-exporter-rhel9@sha256:36529c281273e5346ef5cce6a55e47c27fdaf2507a6f7971576b738b1c543258_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/memcached-exporter-rhel9@sha256:c5275f61fd2e84deaab7e789a7ffefdbe235866a8439d3d2534e4b26998372d6_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/memcached-exporter-rhel9@sha256:f9f5ca67f62d6218b90b863b4fe63aa95aef755e5cbae5a83896f74a0039b7ab_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/memcached-rhel9@sha256:2c4437598be87fc5f3f6639e728279d8ba21cf49061be78e3a4fbacc989997b4_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/memcached-rhel9@sha256:2fb75dce1567e21a9f1361ec3ac54a4d5a2252f03aa64b6cdf4d1cd02a58d04c_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/memcached-rhel9@sha256:4af229aca50a46ec9f190fbeef603f1259223f81f5307f46de17ad8b8c9760e1_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/memcached-rhel9@sha256:e871cb2e5d235ae74a998356748299daace42d47a92e1da57a2773eae87625a6_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/metrics-collector-rhel9@sha256:20ac5c57af957e7126221f4089bb816b948aa624788da9298b4f476ecc668293_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/metrics-collector-rhel9@sha256:54665ca7529012a3a63c7dcc263a2e46964a0ee4ba43f19a2a3f05dcdfd5ae0f_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/metrics-collector-rhel9@sha256:84543f21ccfe36960fce099930132e7042e505ba635c45a28a902ed2b2401d55_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/metrics-collector-rhel9@sha256:eb32f5c275247babd03ec16b0978aced10a9b9da07a84f5af6be4d7c3852a6b7_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/multicloud-integrations-rhel9@sha256:0529a11c8935d5b9fa2a3f29801749b09861076c0c2040612271f0bbafb5fbab_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/multicloud-integrations-rhel9@sha256:2b7557d262cd8eacc45178dcca3dae642b1bb33fbfccdf6a3b63abb7e1a39d53_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/multicloud-integrations-rhel9@sha256:606ea20603d86412a34478a3db9c17737cca2b04c26bcab175279028c822e492_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/multicloud-integrations-rhel9@sha256:d3958606b5001619aa3044617ccb4fe265764d7dad05b0a6bf5b4910bd5d0ba7_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/multicluster-observability-rhel9-operator@sha256:9b855d7e4cf6fe3c4da92d84a51adc63aea5f144bce38dbb9c4ab3d01370c296_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/multicluster-observability-rhel9-operator@sha256:a9eb1e576d4eb5c7e9131803042b7d8529dab369595d0adc22623e24b67832d9_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/multicluster-observability-rhel9-operator@sha256:ab73f96720c106dcb2ea64f8b7ac13ad866533d993c43cb7c6dbbf08ba4977dd_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/multicluster-observability-rhel9-operator@sha256:f296c72dd6842481dad78536117aec3ff14d19be736e5679101bbfc92b87809b_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/multicluster-operators-application-rhel9@sha256:184f6068b077070b90ede3a2f4e81be398fd2841f042fc6f2f114fdfd4f1095b_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/multicluster-operators-application-rhel9@sha256:2a272685b487a747827220d16bc5aaff65c436d5c312b081d9fffd9ef4a8a0f9_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/multicluster-operators-application-rhel9@sha256:635c1cf425b8744a421c649bd809a59df6dc6cdeaa9da2a369706e522a3a0fab_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/multicluster-operators-application-rhel9@sha256:e15bedc9ce45cc025b6ab6c27d5b7eb95f6e750791ff0dae228a71eaeae1cace_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/multicluster-operators-channel-rhel9@sha256:2399cfe0b3b626be2acd289d8880b9913d73093220b3e4062bb7cddb2628640a_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/multicluster-operators-channel-rhel9@sha256:37f84cbbee522859c6f46e49179ab0b1e1fef118aac6741d18675b36e31972dd_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/multicluster-operators-channel-rhel9@sha256:43c086e0f17783322c26ba577db2c7c8fd43176a7ac14e45a40c3db0b91a6d1e_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/multicluster-operators-channel-rhel9@sha256:773c32065f60e4a2e626e17744d0a2cfc4049325f6664f899d8da949dc3fa4a6_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/multicluster-operators-subscription-rhel9@sha256:08aacdc6cad3ba5743a5d65c1bff5b3e41e44269765b94f45673a8e648f60584_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/multicluster-operators-subscription-rhel9@sha256:7eda39d696e452ec7e9da1473807e3134f149ed28d0ec873cf489451fbb007e0_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/multicluster-operators-subscription-rhel9@sha256:a791398b5dd73f447d22f260eaf209f782c9663e81c81529eb4b3018183f9deb_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/multicluster-operators-subscription-rhel9@sha256:b88262afe6149a741a566054ecc16400bc7335a443219d3ddbcb1ba7c939a38b_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/multiclusterhub-rhel9@sha256:5de91afd73b5a86865954ab3f6587f382f53e0856422ed975d9aa867bd0ffbf9_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/multiclusterhub-rhel9@sha256:97932a785e8601b170a7c6fd42b1e6a18203b958ccbb712352c2817b8103d9b5_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/multiclusterhub-rhel9@sha256:b30d5d981e1522751e4434b1c107e5cefb6c8c22ea16915f35948c11f9aa0579_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/multiclusterhub-rhel9@sha256:c5e3898dd435f49636834ce14b3188f7163167cdb538d85812393cf450d49157_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/node-exporter-rhel9@sha256:8bb239eafceaa18a786b78f7bf54c7063d80bce60567d10d81c5a4282b2884b4_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/node-exporter-rhel9@sha256:9611a92119f19e11c29e9e93b9c714499e60d06712da97d9fa77ed0fd0d4d33b_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/node-exporter-rhel9@sha256:d147abba6fa66eb914005d4cd62302c527cbfc0083be386275c5c782b90c3c1c_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/node-exporter-rhel9@sha256:f9a4446156fd21112854846849c68952e4c336e5782d6aeb3c49bddd3408d388_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/observatorium-rhel9-operator@sha256:414b191a314b0695aede28ac7229a064833d798e94d5b92a434e2eb3650983b6_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/observatorium-rhel9-operator@sha256:9e2d97d0116349c1f1e1d815a6d8822c9f5331acdb81e878c0cb0e86149167ef_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/observatorium-rhel9-operator@sha256:e2dabaf7c375e039797330bb33e03c993356dc5a37949f84a89c3e4f40ff0023_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/observatorium-rhel9-operator@sha256:ecda2be3377f15a09c6971b1a689bb9eb917909d55f54c996d54a972aece7432_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/observatorium-rhel9@sha256:10ee1d5c854a7daf0d33f1dc16529a7e1a3cb67fab5a626f8a42da705186265e_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/observatorium-rhel9@sha256:1eb9b98d7f3c878e09b45aad2a64780e46026c55d6f70a64d66e255ec13ce9fb_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/observatorium-rhel9@sha256:25ee9231e17b71c83f12a9ce5d94629b2fd8ad3c64b61de9f03b057584f84804_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/observatorium-rhel9@sha256:7812638565dff9368b4db0ed9aecb86c544d0b6caa773994c5c830e800060e22_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/prometheus-alertmanager-rhel9@sha256:0a4ecc2af398e1a771540af4f062abfc0f47bfae9ba3a2fcb6a6c66940385d42_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/prometheus-alertmanager-rhel9@sha256:0e7e5cfd6a953e092eb3ae72b236741f73432f8d262ace74caa2acf8c5fe3863_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/prometheus-alertmanager-rhel9@sha256:25abc3028c69dedee05220fa4f0f32b7accc33ef519f46b23860612307db2181_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/prometheus-alertmanager-rhel9@sha256:88383e94dcec26826df02cdebc9e7cc764e92b2ce71300c31a46f20ce92135c0_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/prometheus-rhel9@sha256:556c5d133dd996b86dceb03158d4d463ccdbbf29cc9ca05ff1e3915a48cd8c47_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/prometheus-rhel9@sha256:98af2a53f9c59b0bdd6ee9c8f27eb00f65a870ee64ba8d503083a9a0d3aa2ec6_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/prometheus-rhel9@sha256:99e749f7d98203070348c652f6df158c9207801d86439ddde08bcae16e813ea5_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/prometheus-rhel9@sha256:c1c2a5bc8d471fb7cbbf31c0e5513bf2630efbd1a5bbb458dc0c98b3ee608636_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/rbac-query-proxy-rhel9@sha256:5f70872d294b5f10393fa7c6a6ffd81a6a509ea7589753d29ad49118a87fb2df_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/rbac-query-proxy-rhel9@sha256:a061734a251e62cd31792ec9065f6a346de672f72e32965954811faf11f86d62_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/rbac-query-proxy-rhel9@sha256:e325c611a68e60d204018b8aac765bb58e135b44735bbc14069c5cbf49828ada_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/rbac-query-proxy-rhel9@sha256:fe807380c43daaae2ca277ef4a6b6bace7842087112f7d242773a073797c908e_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/search-collector-rhel9@sha256:2092c265f1dea3dc553c370c3b07c92e4cb8523ccc58d46af4a517165e9b7bc4_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/search-collector-rhel9@sha256:557e431af519bf544102927491fffbdd4091a5a9377396d7d30b2898897c8fba_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/search-collector-rhel9@sha256:f908a57c2bfe78911889102abb61377d5170590689930d74b8d6a9fa7bc66848_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/search-collector-rhel9@sha256:fe20c8e6fbf707c0467a4876405f2f8b395ac24ca554bd052f7f55da2df6371f_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/submariner-addon-rhel9@sha256:1d74ed10635e7021129e60caa3358581d61c4bd93cebed86f79d5fdba100b10f_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/submariner-addon-rhel9@sha256:92584807362684f692fc991f06ffecf241ee6494d4b37c584d74527214b33acb_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/submariner-addon-rhel9@sha256:9a6b6d7ed493c6c8c9962485404f551974cece1b59e7197f9ed6fce120ca7d0d_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/submariner-addon-rhel9@sha256:e8eb481c682682ea78d5f7d5793f63e427fcffc867db012f327b5469c524535c_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/thanos-receive-controller-rhel9@sha256:09b931bd7405cc8733625884f61ccaa92b40b48d9068d78f552a6c9383cb02e9_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/thanos-receive-controller-rhel9@sha256:64aebcc4f88c096cb93faa8fab067308442fd49c07e55fcb55283ef86643f642_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/thanos-receive-controller-rhel9@sha256:91f186246d963c2978023489ed7cd58dec2f57641fd2a2a0c16d2caa5377147c_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/thanos-receive-controller-rhel9@sha256:d391d522c2006e634df69f28eacd1f6cfba7b1ac4ec27ea97c307f4da5213954_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/thanos-rhel9@sha256:9c82d36f3a942088a6612e6e1d5d7f3413006b2f5df41758c0072ee8d68b3801_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/thanos-rhel9@sha256:c431d914ecca6080a1ce9ee7fb15019ca5f5b5cb7083fa739ce14b9f8afd570e_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/thanos-rhel9@sha256:e8e6c42e37b2c0ba6456d48afa747f3c6f167cbcf4523d5ad751351a932deefc_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/thanos-rhel9@sha256:f7dc5a2e9c41416badca921ef6a4b16e9edd2aea052107d737bb3ddbc2e0242c_s390x | — |
Workaround
|
Threats
Impact
Important
A flaw was found in the NPM package `braces.` It fails to limit the number of characters it can handle, which could lead to memory exhaustion. In `lib/parse.js,` if a malicious user sends "imbalanced braces" as input, the parsing will enter a loop, causing the program to start allocating heap memory without freeing it at any moment of the loop. Eventually, the JavaScript heap limit is reached, and the program will crash.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/console-rhel9@sha256:4ee3bbdcc190cd6c3e1eff8bfabe8ca3cd9e61ab5d824983a955e6d509238041_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/console-rhel9@sha256:5fe6fb2bd7e31a960bc018d870af482f668ab417d601d94a5ac5981fd116a852_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/console-rhel9@sha256:9005fc71b91a5d2a1fe502e90d57cea2285d1218ad6e49f4bcdd77bf560c5765_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/console-rhel9@sha256:b3bc8c5f587da2c7ce4e25d5d2e72b08939071297cf3fdc5d51fb631d99aa168_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
171 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-cluster-permission-rhel9@sha256:b9ef8ca2a002c616c6644cf16b80d5901d7b46034dc7e57ec1dd1d260cf0e32b_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-cluster-permission-rhel9@sha256:bd41dedb13ae9360d2e856ec6d52ea35b726425a65e92a00cd6037344ae5780e_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-cluster-permission-rhel9@sha256:dac35e93ff173bd30fefbdec8676fb605e28368aec3eccc4ac603f16eadcf31d_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-cluster-permission-rhel9@sha256:e8c9920427522b7ef645422b85ff1585e65b9d659c792e57201dfc06d6a13ffa_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-governance-policy-addon-controller-rhel9@sha256:65d709ef780d8d867c145b1ddf8e7031bd8e710972b21ed2d7b9d9ede0bfdb43_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-governance-policy-addon-controller-rhel9@sha256:87988ad277b62bbcc061dbe4242bfc2edcc21dc98c4c7c66385131c0425b0fa7_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-governance-policy-addon-controller-rhel9@sha256:9af1cb9605a8fdf7212a079ed8fa51b110b367c705a51651ba3933e936519e7f_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-governance-policy-addon-controller-rhel9@sha256:c6e3728b6687b8c83a11c326e4fd098ceef3f501725efbdfcb0ded0645a1473e_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-governance-policy-framework-addon-rhel9@sha256:3101f1389311c0006c0fb9953c44d5fff9e968597952103a5a873a7a4c4707da_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-governance-policy-framework-addon-rhel9@sha256:4536de55598f032ad91056c779ec2faea5c28de557a730d50cb2b2aba9b3bf00_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-governance-policy-framework-addon-rhel9@sha256:587fc80d3d6e3f2295272934fb39cfa3b96f5a2652a533b6b01cc6b04d10cb66_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-governance-policy-framework-addon-rhel9@sha256:63246c061e7960a656cb66c8ccca2b7bed943c9a1fe96a28f9cd99829608cda5_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-grafana-rhel9@sha256:1cd1c6a91611569a855444430c527a8bebbe113f77dd47dcfc2b8305c3a26a13_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-grafana-rhel9@sha256:3a59dd5e30b37f1e1feffba959d88d3aab37701500203afb71b2d38958236b85_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-grafana-rhel9@sha256:b488d250bc1c82f3f7e26a1bc741dee02e57b3e3d40cf2965e541d2c5727ec65_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-grafana-rhel9@sha256:df4024e8506d0926ad81943684532dd9e4054f26d23da6e329f593239b5a1513_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-must-gather-rhel9@sha256:66bca60baa85bc23963b5955fe57e8b7b7038c1088e2ce60f1fedc1a41d944dc_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-must-gather-rhel9@sha256:92d087992acf383c2f06ed92996049c412fc1fef76be10fc40eb6ba2e4b2f9be_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-must-gather-rhel9@sha256:bfc79c952b6f62658ef36373af72e6213de78ba1c3a18f018add4295d8ae72f8_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-must-gather-rhel9@sha256:fb9fa96ebaba320dd723e7d5727b20c63f66aa6c39f460a6270c572354123fd9_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-operator-bundle@sha256:190d00bcb1bdbf289cc4ae87f738aeabe04470194e51870c572876e4c118d712_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-operator-bundle@sha256:304e9a12e0c7b7be0444efd26764d32818fc3ad1ad936b565232f5f82a5f72fe_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-operator-bundle@sha256:cc65cb3804a7e6150028a6f1c60fcbdb78c42689769ff9378922491481947aed_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-prometheus-config-reloader-rhel9@sha256:0b885dfd28d82220fdb03b7bca0e1ed2fc941bc712e536af71e4e11ee9defee4_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-prometheus-config-reloader-rhel9@sha256:53cd755cea5a527c089321e5571c14ad0fd5d55b16e7c2acddc2a7c9670cffd2_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-prometheus-config-reloader-rhel9@sha256:8f18c68e47b66926d14795818f3a1dc21ffdcbcf1a220c7518194416602b19ac_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-prometheus-config-reloader-rhel9@sha256:be5be2fe888521fd8ac6d7ebca3cf127724128eb6ff4e11f90d61a4af60f1bee_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-prometheus-rhel9@sha256:8da9c5a18b42861d11e3df3f37b5f47b810af1b25beec208ce75b6f69d913ecd_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-prometheus-rhel9@sha256:91ec246784f1e7cdd0c20ab36ea09f13e553c043851699dae6191ea1ce101a61_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-prometheus-rhel9@sha256:969cc23c2f503797d491c797220e09b1682887742f669d338a5fd3613908148d_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-prometheus-rhel9@sha256:a1b920873dbb0984f41a8b49a4e0263c9756d909391601290b8a67278596327b_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-search-indexer-rhel9@sha256:21476ec5340f5e98451f83d7d455f86e8368ed4c882f564cf80b234dc2ceae1a_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-search-indexer-rhel9@sha256:47083a8e2f6234e7e3743c2f7d5cc433ad76a46a609f65640e047bfa9557082c_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-search-indexer-rhel9@sha256:95c15180b6b25c453b8aa81c42b106d6e9fb1d832761a3b2b06922c0ceee4d7b_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-search-indexer-rhel9@sha256:9ba73ef3b2447b16aab7503bce4e480441b272e997dab87ee9cc4b0f1ac040ba_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-search-v2-api-rhel9@sha256:1891db398d822cb0c424245928033240dfdcfd35d21ab052379d432423a6e038_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-search-v2-api-rhel9@sha256:247e052a3b5bc9708f1c0953f09c942414852f2109a9694af864375032072ae2_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-search-v2-api-rhel9@sha256:51a415f07cfadd9ae5b4b29cb3247b5085bb18edad8df566c47dc7e89ef0939e_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-search-v2-api-rhel9@sha256:756982578354d8a66399f2464602458f80bd398e46656a3d86c9303fa2068900_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-search-v2-rhel9@sha256:329f59a93ce1e2aab017a924db00b6aaca4c8ee40b5d5c2358af11af2e5319bd_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-search-v2-rhel9@sha256:9e2aa6686deee7b78bda5dcb08dad31c87a9653e48788df4e8bb39d4965c9101_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-search-v2-rhel9@sha256:e995897416f24436e6bef220bd4d5b3ba8fbd26c97fbd5e250391a3aef14bce5_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-search-v2-rhel9@sha256:f45417abdf399566fa98b0686ab4b2b55d776b6dfa67b7b7c24565b084c39165_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-volsync-addon-controller-rhel9@sha256:055c5ab4b2045571efe53bbd4ca54ba8a17a2cf590dad70c65667ed6b11ca86a_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-volsync-addon-controller-rhel9@sha256:60070927868e0538d31090138892fe64445321098b3874880fd21e7dcc1ffae7_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-volsync-addon-controller-rhel9@sha256:cc991f8f8af9337ab908f6564b4b77daef5893dc2759ff483142ef659a6a4b30_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/acm-volsync-addon-controller-rhel9@sha256:faee49ca0c46781594189977f3ab5805060cd0a95e47ba575ec05bb549e21a69_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/cert-policy-controller-rhel9@sha256:081c86b4c25876ac0734a0caff771a30b848530f1e89f9e0d3ee3f743f579e9c_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/cert-policy-controller-rhel9@sha256:318f11ebe87bc1feced78f9d2ae66856884606c721e15d2d05045562d248ac3f_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/cert-policy-controller-rhel9@sha256:5daaad58a8979d386830224e133a3bbc713b63039a99eda9a69487b999e71965_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/cert-policy-controller-rhel9@sha256:bffedd5eb97a49dd210b51423ba8938684be1cb41dd79d06b2aab94bc0bb4963_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/cluster-backup-rhel9-operator@sha256:0d141d0fa859ae0061605f2fe13381be2b6ebd9d8c6b91ca171a8e61e52842be_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/cluster-backup-rhel9-operator@sha256:3a8bace1bb325142a64a4432543a828050e2e87de91a08dca793534841b7b841_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/cluster-backup-rhel9-operator@sha256:66f67d2d8c09634e2e5ae0be07437cb1918f6b506e35bc9b7af82f4979dfc4ed_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/cluster-backup-rhel9-operator@sha256:ac726852c9aa7e54aa4d75c6c485b429f16fffbb61d2840b527c5a1cfdb5c842_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/config-policy-controller-rhel9@sha256:0ef8fdea99a8fd44feff31b4883a6ecd17eeabb5e8c9ccbdbdd30c32cc2cbe64_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/config-policy-controller-rhel9@sha256:b7ff6680725a8bb31edf5dc58d82ac0b9d201ba8eac4c6f2ea4c3cd35f52915a_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/config-policy-controller-rhel9@sha256:d4456a33f0488db9c77d12a279500b68a41441a8ff6c8cc9723a7ccc46e90dc7_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/config-policy-controller-rhel9@sha256:d6e8119559b01231206654d2a57114862c4c6b5ca604ccf7b92e53bea6e2e2c2_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/endpoint-monitoring-rhel9-operator@sha256:75bc23118d6e3ae1ec142a6f47a871efcd8ec5aa6da2bef7cf24e716b3b3be3c_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/endpoint-monitoring-rhel9-operator@sha256:cf7be8fd6b726cb7ba8a3f57e14e20d7944245759cd6e8bd26dca4d666fb866a_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/endpoint-monitoring-rhel9-operator@sha256:d8c3352fceb6a53e110f76501bb2c2f4cf7a9284f9dd30dee3fe3e015b622195_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/endpoint-monitoring-rhel9-operator@sha256:e177864e6bc3b6e66f1f455229257210b77a3b7d0e18c480d252ed79f03bf67a_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/governance-policy-propagator-rhel9@sha256:400644c05d5768fb7460bb3f8bfa880bc21e91f365130d13877f015ba2146358_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/governance-policy-propagator-rhel9@sha256:46deef6c168120168168820dad57ce9b2d2641be926772eaeba2d03d3d324e2a_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/governance-policy-propagator-rhel9@sha256:4e9143f58e4755b86526d113040acd0ee0069fefe9243e08c864c35d25b276e9_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/governance-policy-propagator-rhel9@sha256:8947a68138c101fdc355b94a4deb0d02f44de025fe733e8d5fb28f5fce93b7c9_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/grafana-dashboard-loader-rhel9@sha256:26a08abd967f17e23975b728768e2f561750856b0f98ff5f27506da94fa597ca_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/grafana-dashboard-loader-rhel9@sha256:43f27505c8ac51aa659c638f96f7681d8d3029775b9153a8075fa38dd48dbc3c_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/grafana-dashboard-loader-rhel9@sha256:a9afb35685e18a179269293a1998eb5c6c8c47e9247a7f3f1c27d3b1b35a83b2_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/grafana-dashboard-loader-rhel9@sha256:f30433d2c90f38c86f1780bd8b74a50821837f769db589ee720e35fd79dbc23b_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/iam-policy-controller-rhel9@sha256:63ca0eef9b3febe70ceea5b47a36fea7455eef69da9d1bda70d2bc9661ec2f2c_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/iam-policy-controller-rhel9@sha256:ae274418f0fa055670012f2d92d63ebb175fdbd3946486312007bc2b0a915541_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/iam-policy-controller-rhel9@sha256:c1d7619138ab3717e6f6a49ac76f95ff041a022746891057d6e4e163114fb864_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/iam-policy-controller-rhel9@sha256:f62a79f1f02af4be1424b74071e6d701e5c514e27019e69ee98cbed10b602f3d_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/insights-client-rhel9@sha256:0ff4ca5a9703ec58d70178152b5dbbb3aaffa5fce80153eda12f727f7c3e0b6f_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/insights-client-rhel9@sha256:70833a6ef9ebc1b50e914744e0f7c36c259bb7889c7ff8085cb8470826ac803e_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/insights-client-rhel9@sha256:cdf079542b23633884a52daa02d4b9182aaf7454e769186de4f495467686653d_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/insights-client-rhel9@sha256:f62d6a262c044a7883f34563e3e1909761ca0bd44e4d5f8a0e564db8b630068b_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/insights-metrics-rhel9@sha256:16862c34efb507d44455ed78cde51a1f57969cc69f4beec70ecb697b8ea406dc_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/insights-metrics-rhel9@sha256:2f7c346cb847e2928715bd4b64a34531b82d0130a89a08f19c3026db5d89c5a1_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/insights-metrics-rhel9@sha256:44f56f7a1ac2720ce815ea7aa824ea37a0bdcf63c637941ca84328578a735142_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/insights-metrics-rhel9@sha256:e2a9110af4d9bac9fd97b8f5981230c495506d50db571eccae9e16e361abfdd7_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/klusterlet-addon-controller-rhel9@sha256:693af28fa3e5f1aee61695e891fdd33a49b5280e4a555f84b838ca8e829d0999_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/klusterlet-addon-controller-rhel9@sha256:7ac958c32070e6282a8cbe262810c58a81e6e331bf59877cd67758ab6feb8ada_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/klusterlet-addon-controller-rhel9@sha256:8528a204787ecde3925c9c3ef31e225f59c5b4b3a21bd314541fe06dd4c1aa73_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/klusterlet-addon-controller-rhel9@sha256:cf0bf12f03bd0a4a09188d1f5b4820aa6e7f6e4a1fb1bc2c45559553907c6eae_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/kube-rbac-proxy-rhel9@sha256:1d75e8e70fc3f3943841bd34f79e5762705b0d23460064c6adcdd0fc6b39005a_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/kube-rbac-proxy-rhel9@sha256:355905503e1321fc2fd75b12bab33b2cb75cbfcc0d0e7e70400790da081abfd9_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/kube-rbac-proxy-rhel9@sha256:42da847ca7b39914df099381ac807d8ab619774388c1a47e0d71020fbce998ae_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/kube-rbac-proxy-rhel9@sha256:5e416f1249a77845f81c9cf1a1dfae74feca41afd6dd35e7be55a0fa61632c00_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/kube-state-metrics-rhel9@sha256:715f6b9c01400a153157de08bf2a6b04ea54478ee2c18d7871b65c865d6902d2_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/kube-state-metrics-rhel9@sha256:72f6c545d46d1cc6f3fb1b9cd6840f0496056d410c8ade62dd35d99dfdd60737_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/kube-state-metrics-rhel9@sha256:88982e268e1a3d0c52c72563a684b58042adb0800ebd1e80208b898eebe75cd6_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/kube-state-metrics-rhel9@sha256:9f2ac058e15d5653e8bced975955e26e51a88d36a1d5896305b6f5060afee43a_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/memcached-exporter-rhel9@sha256:1304f49745ed8a18784196b5595cea1ec6caf904d0e61d0952a603e6fb7da6e0_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/memcached-exporter-rhel9@sha256:36529c281273e5346ef5cce6a55e47c27fdaf2507a6f7971576b738b1c543258_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/memcached-exporter-rhel9@sha256:c5275f61fd2e84deaab7e789a7ffefdbe235866a8439d3d2534e4b26998372d6_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/memcached-exporter-rhel9@sha256:f9f5ca67f62d6218b90b863b4fe63aa95aef755e5cbae5a83896f74a0039b7ab_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/memcached-rhel9@sha256:2c4437598be87fc5f3f6639e728279d8ba21cf49061be78e3a4fbacc989997b4_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/memcached-rhel9@sha256:2fb75dce1567e21a9f1361ec3ac54a4d5a2252f03aa64b6cdf4d1cd02a58d04c_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/memcached-rhel9@sha256:4af229aca50a46ec9f190fbeef603f1259223f81f5307f46de17ad8b8c9760e1_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/memcached-rhel9@sha256:e871cb2e5d235ae74a998356748299daace42d47a92e1da57a2773eae87625a6_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/metrics-collector-rhel9@sha256:20ac5c57af957e7126221f4089bb816b948aa624788da9298b4f476ecc668293_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/metrics-collector-rhel9@sha256:54665ca7529012a3a63c7dcc263a2e46964a0ee4ba43f19a2a3f05dcdfd5ae0f_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/metrics-collector-rhel9@sha256:84543f21ccfe36960fce099930132e7042e505ba635c45a28a902ed2b2401d55_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/metrics-collector-rhel9@sha256:eb32f5c275247babd03ec16b0978aced10a9b9da07a84f5af6be4d7c3852a6b7_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/multicloud-integrations-rhel9@sha256:0529a11c8935d5b9fa2a3f29801749b09861076c0c2040612271f0bbafb5fbab_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/multicloud-integrations-rhel9@sha256:2b7557d262cd8eacc45178dcca3dae642b1bb33fbfccdf6a3b63abb7e1a39d53_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/multicloud-integrations-rhel9@sha256:606ea20603d86412a34478a3db9c17737cca2b04c26bcab175279028c822e492_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/multicloud-integrations-rhel9@sha256:d3958606b5001619aa3044617ccb4fe265764d7dad05b0a6bf5b4910bd5d0ba7_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/multicluster-observability-rhel9-operator@sha256:9b855d7e4cf6fe3c4da92d84a51adc63aea5f144bce38dbb9c4ab3d01370c296_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/multicluster-observability-rhel9-operator@sha256:a9eb1e576d4eb5c7e9131803042b7d8529dab369595d0adc22623e24b67832d9_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/multicluster-observability-rhel9-operator@sha256:ab73f96720c106dcb2ea64f8b7ac13ad866533d993c43cb7c6dbbf08ba4977dd_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/multicluster-observability-rhel9-operator@sha256:f296c72dd6842481dad78536117aec3ff14d19be736e5679101bbfc92b87809b_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/multicluster-operators-application-rhel9@sha256:184f6068b077070b90ede3a2f4e81be398fd2841f042fc6f2f114fdfd4f1095b_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/multicluster-operators-application-rhel9@sha256:2a272685b487a747827220d16bc5aaff65c436d5c312b081d9fffd9ef4a8a0f9_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/multicluster-operators-application-rhel9@sha256:635c1cf425b8744a421c649bd809a59df6dc6cdeaa9da2a369706e522a3a0fab_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/multicluster-operators-application-rhel9@sha256:e15bedc9ce45cc025b6ab6c27d5b7eb95f6e750791ff0dae228a71eaeae1cace_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/multicluster-operators-channel-rhel9@sha256:2399cfe0b3b626be2acd289d8880b9913d73093220b3e4062bb7cddb2628640a_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/multicluster-operators-channel-rhel9@sha256:37f84cbbee522859c6f46e49179ab0b1e1fef118aac6741d18675b36e31972dd_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/multicluster-operators-channel-rhel9@sha256:43c086e0f17783322c26ba577db2c7c8fd43176a7ac14e45a40c3db0b91a6d1e_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/multicluster-operators-channel-rhel9@sha256:773c32065f60e4a2e626e17744d0a2cfc4049325f6664f899d8da949dc3fa4a6_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/multicluster-operators-subscription-rhel9@sha256:08aacdc6cad3ba5743a5d65c1bff5b3e41e44269765b94f45673a8e648f60584_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/multicluster-operators-subscription-rhel9@sha256:7eda39d696e452ec7e9da1473807e3134f149ed28d0ec873cf489451fbb007e0_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/multicluster-operators-subscription-rhel9@sha256:a791398b5dd73f447d22f260eaf209f782c9663e81c81529eb4b3018183f9deb_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/multicluster-operators-subscription-rhel9@sha256:b88262afe6149a741a566054ecc16400bc7335a443219d3ddbcb1ba7c939a38b_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/multiclusterhub-rhel9@sha256:5de91afd73b5a86865954ab3f6587f382f53e0856422ed975d9aa867bd0ffbf9_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/multiclusterhub-rhel9@sha256:97932a785e8601b170a7c6fd42b1e6a18203b958ccbb712352c2817b8103d9b5_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/multiclusterhub-rhel9@sha256:b30d5d981e1522751e4434b1c107e5cefb6c8c22ea16915f35948c11f9aa0579_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/multiclusterhub-rhel9@sha256:c5e3898dd435f49636834ce14b3188f7163167cdb538d85812393cf450d49157_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/node-exporter-rhel9@sha256:8bb239eafceaa18a786b78f7bf54c7063d80bce60567d10d81c5a4282b2884b4_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/node-exporter-rhel9@sha256:9611a92119f19e11c29e9e93b9c714499e60d06712da97d9fa77ed0fd0d4d33b_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/node-exporter-rhel9@sha256:d147abba6fa66eb914005d4cd62302c527cbfc0083be386275c5c782b90c3c1c_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/node-exporter-rhel9@sha256:f9a4446156fd21112854846849c68952e4c336e5782d6aeb3c49bddd3408d388_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/observatorium-rhel9-operator@sha256:414b191a314b0695aede28ac7229a064833d798e94d5b92a434e2eb3650983b6_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/observatorium-rhel9-operator@sha256:9e2d97d0116349c1f1e1d815a6d8822c9f5331acdb81e878c0cb0e86149167ef_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/observatorium-rhel9-operator@sha256:e2dabaf7c375e039797330bb33e03c993356dc5a37949f84a89c3e4f40ff0023_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/observatorium-rhel9-operator@sha256:ecda2be3377f15a09c6971b1a689bb9eb917909d55f54c996d54a972aece7432_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/observatorium-rhel9@sha256:10ee1d5c854a7daf0d33f1dc16529a7e1a3cb67fab5a626f8a42da705186265e_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/observatorium-rhel9@sha256:1eb9b98d7f3c878e09b45aad2a64780e46026c55d6f70a64d66e255ec13ce9fb_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/observatorium-rhel9@sha256:25ee9231e17b71c83f12a9ce5d94629b2fd8ad3c64b61de9f03b057584f84804_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/observatorium-rhel9@sha256:7812638565dff9368b4db0ed9aecb86c544d0b6caa773994c5c830e800060e22_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/prometheus-alertmanager-rhel9@sha256:0a4ecc2af398e1a771540af4f062abfc0f47bfae9ba3a2fcb6a6c66940385d42_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/prometheus-alertmanager-rhel9@sha256:0e7e5cfd6a953e092eb3ae72b236741f73432f8d262ace74caa2acf8c5fe3863_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/prometheus-alertmanager-rhel9@sha256:25abc3028c69dedee05220fa4f0f32b7accc33ef519f46b23860612307db2181_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/prometheus-alertmanager-rhel9@sha256:88383e94dcec26826df02cdebc9e7cc764e92b2ce71300c31a46f20ce92135c0_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/prometheus-rhel9@sha256:556c5d133dd996b86dceb03158d4d463ccdbbf29cc9ca05ff1e3915a48cd8c47_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/prometheus-rhel9@sha256:98af2a53f9c59b0bdd6ee9c8f27eb00f65a870ee64ba8d503083a9a0d3aa2ec6_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/prometheus-rhel9@sha256:99e749f7d98203070348c652f6df158c9207801d86439ddde08bcae16e813ea5_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/prometheus-rhel9@sha256:c1c2a5bc8d471fb7cbbf31c0e5513bf2630efbd1a5bbb458dc0c98b3ee608636_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/rbac-query-proxy-rhel9@sha256:5f70872d294b5f10393fa7c6a6ffd81a6a509ea7589753d29ad49118a87fb2df_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/rbac-query-proxy-rhel9@sha256:a061734a251e62cd31792ec9065f6a346de672f72e32965954811faf11f86d62_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/rbac-query-proxy-rhel9@sha256:e325c611a68e60d204018b8aac765bb58e135b44735bbc14069c5cbf49828ada_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/rbac-query-proxy-rhel9@sha256:fe807380c43daaae2ca277ef4a6b6bace7842087112f7d242773a073797c908e_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/search-collector-rhel9@sha256:2092c265f1dea3dc553c370c3b07c92e4cb8523ccc58d46af4a517165e9b7bc4_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/search-collector-rhel9@sha256:557e431af519bf544102927491fffbdd4091a5a9377396d7d30b2898897c8fba_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/search-collector-rhel9@sha256:f908a57c2bfe78911889102abb61377d5170590689930d74b8d6a9fa7bc66848_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/search-collector-rhel9@sha256:fe20c8e6fbf707c0467a4876405f2f8b395ac24ca554bd052f7f55da2df6371f_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/submariner-addon-rhel9@sha256:1d74ed10635e7021129e60caa3358581d61c4bd93cebed86f79d5fdba100b10f_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/submariner-addon-rhel9@sha256:92584807362684f692fc991f06ffecf241ee6494d4b37c584d74527214b33acb_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/submariner-addon-rhel9@sha256:9a6b6d7ed493c6c8c9962485404f551974cece1b59e7197f9ed6fce120ca7d0d_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/submariner-addon-rhel9@sha256:e8eb481c682682ea78d5f7d5793f63e427fcffc867db012f327b5469c524535c_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/thanos-receive-controller-rhel9@sha256:09b931bd7405cc8733625884f61ccaa92b40b48d9068d78f552a6c9383cb02e9_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/thanos-receive-controller-rhel9@sha256:64aebcc4f88c096cb93faa8fab067308442fd49c07e55fcb55283ef86643f642_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/thanos-receive-controller-rhel9@sha256:91f186246d963c2978023489ed7cd58dec2f57641fd2a2a0c16d2caa5377147c_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/thanos-receive-controller-rhel9@sha256:d391d522c2006e634df69f28eacd1f6cfba7b1ac4ec27ea97c307f4da5213954_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/thanos-rhel9@sha256:9c82d36f3a942088a6612e6e1d5d7f3413006b2f5df41758c0072ee8d68b3801_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/thanos-rhel9@sha256:c431d914ecca6080a1ce9ee7fb15019ca5f5b5cb7083fa739ce14b9f8afd570e_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/thanos-rhel9@sha256:e8e6c42e37b2c0ba6456d48afa747f3c6f167cbcf4523d5ad751351a932deefc_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.10:rhacm2/thanos-rhel9@sha256:f7dc5a2e9c41416badca921ef6a4b16e9edd2aea052107d737bb3ddbc2e0242c_s390x | — |
Workaround
|
Threats
Impact
Moderate
References
27 references
Acknowledgments
nowotarski.info
Bartek Nowotarski
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Low"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat Advanced Cluster Management for Kubernetes 2.10.4 General\nAvailability release images, which apply security fixes and fix bugs.\n\nRed Hat Product Security has rated this update as having a security impact\nof Low. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Advanced Cluster Management for Kubernetes 2.10.4 images\n\nRed Hat Advanced Cluster Management for Kubernetes provides the\ncapabilities to address common challenges that administrators and site\nreliability engineers face as they work across a range of public and\nprivate cloud environments. Clusters and applications are all visible and\nmanaged from a single console\u2014with security policy built in.\n\nThis advisory contains the container images for Red Hat Advanced Cluster\nManagement for Kubernetes, which fix several bugs. See the following\nRelease Notes documentation, which will be updated shortly for this\nrelease, for additional details about this release:\n\nhttps://docs.redhat.com/en/documentation/red_hat_advanced_cluster_management_for_kubernetes/2.10/html/release_notes/index\n\nSecurity fix:\n\n* golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS (CVE-2023-45288)\n\nJira issues addressed:\n\n* ACM-11006: Trying to edit an Application from ACM console fails with error: \u0027Cannot read properties of undefined\u0027\n\n* ACM-11662 endpoint-observability-operator has an extra replicaset that keeps spawning pods that gets killed constantly, causing alerts to fire\n\n* ACM-11961: Auto import of managed clusters remains stuck on switching hubs\n\n* ACM-11986: Managed clusters created by RHACM do not reconnect to an AODP restored ACM on their own\n\n* ACM-12133: Edit an existing appsub results on creating another subscription with errors\n\n* ACM-12405: Unable to deploy Latest OCP 4.16 - generating manifests fails with \u0027GLIBC_2.34\u0027 not found\n\n* ACM-12436: \"Could not start a watch request\" error when using OperatorPolicy",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:4464",
"url": "https://access.redhat.com/errata/RHSA-2024:4464"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#low",
"url": "https://access.redhat.com/security/updates/classification/#low"
},
{
"category": "external",
"summary": "ACM-11006",
"url": "https://issues.redhat.com/browse/ACM-11006"
},
{
"category": "external",
"summary": "ACM-11662",
"url": "https://issues.redhat.com/browse/ACM-11662"
},
{
"category": "external",
"summary": "ACM-11961",
"url": "https://issues.redhat.com/browse/ACM-11961"
},
{
"category": "external",
"summary": "ACM-11986",
"url": "https://issues.redhat.com/browse/ACM-11986"
},
{
"category": "external",
"summary": "ACM-12028",
"url": "https://issues.redhat.com/browse/ACM-12028"
},
{
"category": "external",
"summary": "ACM-12091",
"url": "https://issues.redhat.com/browse/ACM-12091"
},
{
"category": "external",
"summary": "ACM-12133",
"url": "https://issues.redhat.com/browse/ACM-12133"
},
{
"category": "external",
"summary": "ACM-12258",
"url": "https://issues.redhat.com/browse/ACM-12258"
},
{
"category": "external",
"summary": "ACM-12405",
"url": "https://issues.redhat.com/browse/ACM-12405"
},
{
"category": "external",
"summary": "ACM-12436",
"url": "https://issues.redhat.com/browse/ACM-12436"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_4464.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.10.4 security updates and bug fixes",
"tracking": {
"current_release_date": "2026-05-28T20:33:19+00:00",
"generator": {
"date": "2026-05-28T20:33:19+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHSA-2024:4464",
"initial_release_date": "2024-07-10T19:53:51+00:00",
"revision_history": [
{
"date": "2024-07-10T19:53:51+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-07-10T19:53:51+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-28T20:33:19+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product": {
"name": "Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:acm:2.10::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat ACM"
},
{
"branches": [
{
"category": "product_version",
"name": "rhacm2/acm-cluster-permission-rhel9@sha256:bd41dedb13ae9360d2e856ec6d52ea35b726425a65e92a00cd6037344ae5780e_amd64",
"product": {
"name": "rhacm2/acm-cluster-permission-rhel9@sha256:bd41dedb13ae9360d2e856ec6d52ea35b726425a65e92a00cd6037344ae5780e_amd64",
"product_id": "rhacm2/acm-cluster-permission-rhel9@sha256:bd41dedb13ae9360d2e856ec6d52ea35b726425a65e92a00cd6037344ae5780e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/acm-cluster-permission-rhel9@sha256:bd41dedb13ae9360d2e856ec6d52ea35b726425a65e92a00cd6037344ae5780e?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/acm-cluster-permission-rhel9\u0026tag=v2.10.4-6"
}
}
},
{
"category": "product_version",
"name": "rhacm2/acm-governance-policy-addon-controller-rhel9@sha256:c6e3728b6687b8c83a11c326e4fd098ceef3f501725efbdfcb0ded0645a1473e_amd64",
"product": {
"name": "rhacm2/acm-governance-policy-addon-controller-rhel9@sha256:c6e3728b6687b8c83a11c326e4fd098ceef3f501725efbdfcb0ded0645a1473e_amd64",
"product_id": "rhacm2/acm-governance-policy-addon-controller-rhel9@sha256:c6e3728b6687b8c83a11c326e4fd098ceef3f501725efbdfcb0ded0645a1473e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/acm-governance-policy-addon-controller-rhel9@sha256:c6e3728b6687b8c83a11c326e4fd098ceef3f501725efbdfcb0ded0645a1473e?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/acm-governance-policy-addon-controller-rhel9\u0026tag=v2.10.4-15"
}
}
},
{
"category": "product_version",
"name": "rhacm2/acm-governance-policy-framework-addon-rhel9@sha256:3101f1389311c0006c0fb9953c44d5fff9e968597952103a5a873a7a4c4707da_amd64",
"product": {
"name": "rhacm2/acm-governance-policy-framework-addon-rhel9@sha256:3101f1389311c0006c0fb9953c44d5fff9e968597952103a5a873a7a4c4707da_amd64",
"product_id": "rhacm2/acm-governance-policy-framework-addon-rhel9@sha256:3101f1389311c0006c0fb9953c44d5fff9e968597952103a5a873a7a4c4707da_amd64",
"product_identification_helper": {
"purl": "pkg:oci/acm-governance-policy-framework-addon-rhel9@sha256:3101f1389311c0006c0fb9953c44d5fff9e968597952103a5a873a7a4c4707da?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/acm-governance-policy-framework-addon-rhel9\u0026tag=v2.10.4-14"
}
}
},
{
"category": "product_version",
"name": "rhacm2/acm-grafana-rhel9@sha256:3a59dd5e30b37f1e1feffba959d88d3aab37701500203afb71b2d38958236b85_amd64",
"product": {
"name": "rhacm2/acm-grafana-rhel9@sha256:3a59dd5e30b37f1e1feffba959d88d3aab37701500203afb71b2d38958236b85_amd64",
"product_id": "rhacm2/acm-grafana-rhel9@sha256:3a59dd5e30b37f1e1feffba959d88d3aab37701500203afb71b2d38958236b85_amd64",
"product_identification_helper": {
"purl": "pkg:oci/acm-grafana-rhel9@sha256:3a59dd5e30b37f1e1feffba959d88d3aab37701500203afb71b2d38958236b85?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/acm-grafana-rhel9\u0026tag=v2.10.4-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/acm-must-gather-rhel9@sha256:fb9fa96ebaba320dd723e7d5727b20c63f66aa6c39f460a6270c572354123fd9_amd64",
"product": {
"name": "rhacm2/acm-must-gather-rhel9@sha256:fb9fa96ebaba320dd723e7d5727b20c63f66aa6c39f460a6270c572354123fd9_amd64",
"product_id": "rhacm2/acm-must-gather-rhel9@sha256:fb9fa96ebaba320dd723e7d5727b20c63f66aa6c39f460a6270c572354123fd9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/acm-must-gather-rhel9@sha256:fb9fa96ebaba320dd723e7d5727b20c63f66aa6c39f460a6270c572354123fd9?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/acm-must-gather-rhel9\u0026tag=v2.10.4-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/acm-operator-bundle@sha256:304e9a12e0c7b7be0444efd26764d32818fc3ad1ad936b565232f5f82a5f72fe_amd64",
"product": {
"name": "rhacm2/acm-operator-bundle@sha256:304e9a12e0c7b7be0444efd26764d32818fc3ad1ad936b565232f5f82a5f72fe_amd64",
"product_id": "rhacm2/acm-operator-bundle@sha256:304e9a12e0c7b7be0444efd26764d32818fc3ad1ad936b565232f5f82a5f72fe_amd64",
"product_identification_helper": {
"purl": "pkg:oci/acm-operator-bundle@sha256:304e9a12e0c7b7be0444efd26764d32818fc3ad1ad936b565232f5f82a5f72fe?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/acm-operator-bundle\u0026tag=v2.10.4-30"
}
}
},
{
"category": "product_version",
"name": "rhacm2/acm-prometheus-config-reloader-rhel9@sha256:0b885dfd28d82220fdb03b7bca0e1ed2fc941bc712e536af71e4e11ee9defee4_amd64",
"product": {
"name": "rhacm2/acm-prometheus-config-reloader-rhel9@sha256:0b885dfd28d82220fdb03b7bca0e1ed2fc941bc712e536af71e4e11ee9defee4_amd64",
"product_id": "rhacm2/acm-prometheus-config-reloader-rhel9@sha256:0b885dfd28d82220fdb03b7bca0e1ed2fc941bc712e536af71e4e11ee9defee4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/acm-prometheus-config-reloader-rhel9@sha256:0b885dfd28d82220fdb03b7bca0e1ed2fc941bc712e536af71e4e11ee9defee4?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/acm-prometheus-config-reloader-rhel9\u0026tag=v2.10.4-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/acm-prometheus-rhel9@sha256:969cc23c2f503797d491c797220e09b1682887742f669d338a5fd3613908148d_amd64",
"product": {
"name": "rhacm2/acm-prometheus-rhel9@sha256:969cc23c2f503797d491c797220e09b1682887742f669d338a5fd3613908148d_amd64",
"product_id": "rhacm2/acm-prometheus-rhel9@sha256:969cc23c2f503797d491c797220e09b1682887742f669d338a5fd3613908148d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/acm-prometheus-rhel9@sha256:969cc23c2f503797d491c797220e09b1682887742f669d338a5fd3613908148d?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/acm-prometheus-rhel9\u0026tag=v2.10.4-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/acm-search-indexer-rhel9@sha256:21476ec5340f5e98451f83d7d455f86e8368ed4c882f564cf80b234dc2ceae1a_amd64",
"product": {
"name": "rhacm2/acm-search-indexer-rhel9@sha256:21476ec5340f5e98451f83d7d455f86e8368ed4c882f564cf80b234dc2ceae1a_amd64",
"product_id": "rhacm2/acm-search-indexer-rhel9@sha256:21476ec5340f5e98451f83d7d455f86e8368ed4c882f564cf80b234dc2ceae1a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/acm-search-indexer-rhel9@sha256:21476ec5340f5e98451f83d7d455f86e8368ed4c882f564cf80b234dc2ceae1a?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/acm-search-indexer-rhel9\u0026tag=v2.10.4-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/acm-search-v2-api-rhel9@sha256:51a415f07cfadd9ae5b4b29cb3247b5085bb18edad8df566c47dc7e89ef0939e_amd64",
"product": {
"name": "rhacm2/acm-search-v2-api-rhel9@sha256:51a415f07cfadd9ae5b4b29cb3247b5085bb18edad8df566c47dc7e89ef0939e_amd64",
"product_id": "rhacm2/acm-search-v2-api-rhel9@sha256:51a415f07cfadd9ae5b4b29cb3247b5085bb18edad8df566c47dc7e89ef0939e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/acm-search-v2-api-rhel9@sha256:51a415f07cfadd9ae5b4b29cb3247b5085bb18edad8df566c47dc7e89ef0939e?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/acm-search-v2-api-rhel9\u0026tag=v2.10.4-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/acm-search-v2-rhel9@sha256:e995897416f24436e6bef220bd4d5b3ba8fbd26c97fbd5e250391a3aef14bce5_amd64",
"product": {
"name": "rhacm2/acm-search-v2-rhel9@sha256:e995897416f24436e6bef220bd4d5b3ba8fbd26c97fbd5e250391a3aef14bce5_amd64",
"product_id": "rhacm2/acm-search-v2-rhel9@sha256:e995897416f24436e6bef220bd4d5b3ba8fbd26c97fbd5e250391a3aef14bce5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/acm-search-v2-rhel9@sha256:e995897416f24436e6bef220bd4d5b3ba8fbd26c97fbd5e250391a3aef14bce5?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/acm-search-v2-rhel9\u0026tag=v2.10.4-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/acm-volsync-addon-controller-rhel9@sha256:60070927868e0538d31090138892fe64445321098b3874880fd21e7dcc1ffae7_amd64",
"product": {
"name": "rhacm2/acm-volsync-addon-controller-rhel9@sha256:60070927868e0538d31090138892fe64445321098b3874880fd21e7dcc1ffae7_amd64",
"product_id": "rhacm2/acm-volsync-addon-controller-rhel9@sha256:60070927868e0538d31090138892fe64445321098b3874880fd21e7dcc1ffae7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/acm-volsync-addon-controller-rhel9@sha256:60070927868e0538d31090138892fe64445321098b3874880fd21e7dcc1ffae7?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/acm-volsync-addon-controller-rhel9\u0026tag=v2.10.4-11"
}
}
},
{
"category": "product_version",
"name": "rhacm2/cert-policy-controller-rhel9@sha256:5daaad58a8979d386830224e133a3bbc713b63039a99eda9a69487b999e71965_amd64",
"product": {
"name": "rhacm2/cert-policy-controller-rhel9@sha256:5daaad58a8979d386830224e133a3bbc713b63039a99eda9a69487b999e71965_amd64",
"product_id": "rhacm2/cert-policy-controller-rhel9@sha256:5daaad58a8979d386830224e133a3bbc713b63039a99eda9a69487b999e71965_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cert-policy-controller-rhel9@sha256:5daaad58a8979d386830224e133a3bbc713b63039a99eda9a69487b999e71965?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/cert-policy-controller-rhel9\u0026tag=v2.10.4-16"
}
}
},
{
"category": "product_version",
"name": "rhacm2/cluster-backup-rhel9-operator@sha256:3a8bace1bb325142a64a4432543a828050e2e87de91a08dca793534841b7b841_amd64",
"product": {
"name": "rhacm2/cluster-backup-rhel9-operator@sha256:3a8bace1bb325142a64a4432543a828050e2e87de91a08dca793534841b7b841_amd64",
"product_id": "rhacm2/cluster-backup-rhel9-operator@sha256:3a8bace1bb325142a64a4432543a828050e2e87de91a08dca793534841b7b841_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-backup-rhel9-operator@sha256:3a8bace1bb325142a64a4432543a828050e2e87de91a08dca793534841b7b841?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/cluster-backup-rhel9-operator\u0026tag=v2.10.4-13"
}
}
},
{
"category": "product_version",
"name": "rhacm2/config-policy-controller-rhel9@sha256:0ef8fdea99a8fd44feff31b4883a6ecd17eeabb5e8c9ccbdbdd30c32cc2cbe64_amd64",
"product": {
"name": "rhacm2/config-policy-controller-rhel9@sha256:0ef8fdea99a8fd44feff31b4883a6ecd17eeabb5e8c9ccbdbdd30c32cc2cbe64_amd64",
"product_id": "rhacm2/config-policy-controller-rhel9@sha256:0ef8fdea99a8fd44feff31b4883a6ecd17eeabb5e8c9ccbdbdd30c32cc2cbe64_amd64",
"product_identification_helper": {
"purl": "pkg:oci/config-policy-controller-rhel9@sha256:0ef8fdea99a8fd44feff31b4883a6ecd17eeabb5e8c9ccbdbdd30c32cc2cbe64?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/config-policy-controller-rhel9\u0026tag=v2.10.4-14"
}
}
},
{
"category": "product_version",
"name": "rhacm2/console-rhel9@sha256:b3bc8c5f587da2c7ce4e25d5d2e72b08939071297cf3fdc5d51fb631d99aa168_amd64",
"product": {
"name": "rhacm2/console-rhel9@sha256:b3bc8c5f587da2c7ce4e25d5d2e72b08939071297cf3fdc5d51fb631d99aa168_amd64",
"product_id": "rhacm2/console-rhel9@sha256:b3bc8c5f587da2c7ce4e25d5d2e72b08939071297cf3fdc5d51fb631d99aa168_amd64",
"product_identification_helper": {
"purl": "pkg:oci/console-rhel9@sha256:b3bc8c5f587da2c7ce4e25d5d2e72b08939071297cf3fdc5d51fb631d99aa168?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/console-rhel9\u0026tag=v2.10.4-13"
}
}
},
{
"category": "product_version",
"name": "rhacm2/endpoint-monitoring-rhel9-operator@sha256:d8c3352fceb6a53e110f76501bb2c2f4cf7a9284f9dd30dee3fe3e015b622195_amd64",
"product": {
"name": "rhacm2/endpoint-monitoring-rhel9-operator@sha256:d8c3352fceb6a53e110f76501bb2c2f4cf7a9284f9dd30dee3fe3e015b622195_amd64",
"product_id": "rhacm2/endpoint-monitoring-rhel9-operator@sha256:d8c3352fceb6a53e110f76501bb2c2f4cf7a9284f9dd30dee3fe3e015b622195_amd64",
"product_identification_helper": {
"purl": "pkg:oci/endpoint-monitoring-rhel9-operator@sha256:d8c3352fceb6a53e110f76501bb2c2f4cf7a9284f9dd30dee3fe3e015b622195?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/endpoint-monitoring-rhel9-operator\u0026tag=v2.10.4-16"
}
}
},
{
"category": "product_version",
"name": "rhacm2/governance-policy-propagator-rhel9@sha256:400644c05d5768fb7460bb3f8bfa880bc21e91f365130d13877f015ba2146358_amd64",
"product": {
"name": "rhacm2/governance-policy-propagator-rhel9@sha256:400644c05d5768fb7460bb3f8bfa880bc21e91f365130d13877f015ba2146358_amd64",
"product_id": "rhacm2/governance-policy-propagator-rhel9@sha256:400644c05d5768fb7460bb3f8bfa880bc21e91f365130d13877f015ba2146358_amd64",
"product_identification_helper": {
"purl": "pkg:oci/governance-policy-propagator-rhel9@sha256:400644c05d5768fb7460bb3f8bfa880bc21e91f365130d13877f015ba2146358?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/governance-policy-propagator-rhel9\u0026tag=v2.10.4-14"
}
}
},
{
"category": "product_version",
"name": "rhacm2/grafana-dashboard-loader-rhel9@sha256:a9afb35685e18a179269293a1998eb5c6c8c47e9247a7f3f1c27d3b1b35a83b2_amd64",
"product": {
"name": "rhacm2/grafana-dashboard-loader-rhel9@sha256:a9afb35685e18a179269293a1998eb5c6c8c47e9247a7f3f1c27d3b1b35a83b2_amd64",
"product_id": "rhacm2/grafana-dashboard-loader-rhel9@sha256:a9afb35685e18a179269293a1998eb5c6c8c47e9247a7f3f1c27d3b1b35a83b2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/grafana-dashboard-loader-rhel9@sha256:a9afb35685e18a179269293a1998eb5c6c8c47e9247a7f3f1c27d3b1b35a83b2?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/grafana-dashboard-loader-rhel9\u0026tag=v2.10.4-17"
}
}
},
{
"category": "product_version",
"name": "rhacm2/iam-policy-controller-rhel9@sha256:c1d7619138ab3717e6f6a49ac76f95ff041a022746891057d6e4e163114fb864_amd64",
"product": {
"name": "rhacm2/iam-policy-controller-rhel9@sha256:c1d7619138ab3717e6f6a49ac76f95ff041a022746891057d6e4e163114fb864_amd64",
"product_id": "rhacm2/iam-policy-controller-rhel9@sha256:c1d7619138ab3717e6f6a49ac76f95ff041a022746891057d6e4e163114fb864_amd64",
"product_identification_helper": {
"purl": "pkg:oci/iam-policy-controller-rhel9@sha256:c1d7619138ab3717e6f6a49ac76f95ff041a022746891057d6e4e163114fb864?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/iam-policy-controller-rhel9\u0026tag=v2.10.4-16"
}
}
},
{
"category": "product_version",
"name": "rhacm2/insights-client-rhel9@sha256:f62d6a262c044a7883f34563e3e1909761ca0bd44e4d5f8a0e564db8b630068b_amd64",
"product": {
"name": "rhacm2/insights-client-rhel9@sha256:f62d6a262c044a7883f34563e3e1909761ca0bd44e4d5f8a0e564db8b630068b_amd64",
"product_id": "rhacm2/insights-client-rhel9@sha256:f62d6a262c044a7883f34563e3e1909761ca0bd44e4d5f8a0e564db8b630068b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/insights-client-rhel9@sha256:f62d6a262c044a7883f34563e3e1909761ca0bd44e4d5f8a0e564db8b630068b?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/insights-client-rhel9\u0026tag=v2.10.4-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/insights-metrics-rhel9@sha256:16862c34efb507d44455ed78cde51a1f57969cc69f4beec70ecb697b8ea406dc_amd64",
"product": {
"name": "rhacm2/insights-metrics-rhel9@sha256:16862c34efb507d44455ed78cde51a1f57969cc69f4beec70ecb697b8ea406dc_amd64",
"product_id": "rhacm2/insights-metrics-rhel9@sha256:16862c34efb507d44455ed78cde51a1f57969cc69f4beec70ecb697b8ea406dc_amd64",
"product_identification_helper": {
"purl": "pkg:oci/insights-metrics-rhel9@sha256:16862c34efb507d44455ed78cde51a1f57969cc69f4beec70ecb697b8ea406dc?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/insights-metrics-rhel9\u0026tag=v2.10.4-10"
}
}
},
{
"category": "product_version",
"name": "rhacm2/klusterlet-addon-controller-rhel9@sha256:7ac958c32070e6282a8cbe262810c58a81e6e331bf59877cd67758ab6feb8ada_amd64",
"product": {
"name": "rhacm2/klusterlet-addon-controller-rhel9@sha256:7ac958c32070e6282a8cbe262810c58a81e6e331bf59877cd67758ab6feb8ada_amd64",
"product_id": "rhacm2/klusterlet-addon-controller-rhel9@sha256:7ac958c32070e6282a8cbe262810c58a81e6e331bf59877cd67758ab6feb8ada_amd64",
"product_identification_helper": {
"purl": "pkg:oci/klusterlet-addon-controller-rhel9@sha256:7ac958c32070e6282a8cbe262810c58a81e6e331bf59877cd67758ab6feb8ada?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/klusterlet-addon-controller-rhel9\u0026tag=v2.10.4-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/kube-rbac-proxy-rhel9@sha256:1d75e8e70fc3f3943841bd34f79e5762705b0d23460064c6adcdd0fc6b39005a_amd64",
"product": {
"name": "rhacm2/kube-rbac-proxy-rhel9@sha256:1d75e8e70fc3f3943841bd34f79e5762705b0d23460064c6adcdd0fc6b39005a_amd64",
"product_id": "rhacm2/kube-rbac-proxy-rhel9@sha256:1d75e8e70fc3f3943841bd34f79e5762705b0d23460064c6adcdd0fc6b39005a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kube-rbac-proxy-rhel9@sha256:1d75e8e70fc3f3943841bd34f79e5762705b0d23460064c6adcdd0fc6b39005a?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/kube-rbac-proxy-rhel9\u0026tag=v2.10.4-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/kube-state-metrics-rhel9@sha256:9f2ac058e15d5653e8bced975955e26e51a88d36a1d5896305b6f5060afee43a_amd64",
"product": {
"name": "rhacm2/kube-state-metrics-rhel9@sha256:9f2ac058e15d5653e8bced975955e26e51a88d36a1d5896305b6f5060afee43a_amd64",
"product_id": "rhacm2/kube-state-metrics-rhel9@sha256:9f2ac058e15d5653e8bced975955e26e51a88d36a1d5896305b6f5060afee43a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kube-state-metrics-rhel9@sha256:9f2ac058e15d5653e8bced975955e26e51a88d36a1d5896305b6f5060afee43a?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/kube-state-metrics-rhel9\u0026tag=v2.10.4-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/memcached-rhel9@sha256:2c4437598be87fc5f3f6639e728279d8ba21cf49061be78e3a4fbacc989997b4_amd64",
"product": {
"name": "rhacm2/memcached-rhel9@sha256:2c4437598be87fc5f3f6639e728279d8ba21cf49061be78e3a4fbacc989997b4_amd64",
"product_id": "rhacm2/memcached-rhel9@sha256:2c4437598be87fc5f3f6639e728279d8ba21cf49061be78e3a4fbacc989997b4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/memcached-rhel9@sha256:2c4437598be87fc5f3f6639e728279d8ba21cf49061be78e3a4fbacc989997b4?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/memcached-rhel9\u0026tag=v2.10.4-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/memcached-exporter-rhel9@sha256:f9f5ca67f62d6218b90b863b4fe63aa95aef755e5cbae5a83896f74a0039b7ab_amd64",
"product": {
"name": "rhacm2/memcached-exporter-rhel9@sha256:f9f5ca67f62d6218b90b863b4fe63aa95aef755e5cbae5a83896f74a0039b7ab_amd64",
"product_id": "rhacm2/memcached-exporter-rhel9@sha256:f9f5ca67f62d6218b90b863b4fe63aa95aef755e5cbae5a83896f74a0039b7ab_amd64",
"product_identification_helper": {
"purl": "pkg:oci/memcached-exporter-rhel9@sha256:f9f5ca67f62d6218b90b863b4fe63aa95aef755e5cbae5a83896f74a0039b7ab?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/memcached-exporter-rhel9\u0026tag=v2.10.4-6"
}
}
},
{
"category": "product_version",
"name": "rhacm2/metrics-collector-rhel9@sha256:20ac5c57af957e7126221f4089bb816b948aa624788da9298b4f476ecc668293_amd64",
"product": {
"name": "rhacm2/metrics-collector-rhel9@sha256:20ac5c57af957e7126221f4089bb816b948aa624788da9298b4f476ecc668293_amd64",
"product_id": "rhacm2/metrics-collector-rhel9@sha256:20ac5c57af957e7126221f4089bb816b948aa624788da9298b4f476ecc668293_amd64",
"product_identification_helper": {
"purl": "pkg:oci/metrics-collector-rhel9@sha256:20ac5c57af957e7126221f4089bb816b948aa624788da9298b4f476ecc668293?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/metrics-collector-rhel9\u0026tag=v2.10.4-16"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicloud-integrations-rhel9@sha256:2b7557d262cd8eacc45178dcca3dae642b1bb33fbfccdf6a3b63abb7e1a39d53_amd64",
"product": {
"name": "rhacm2/multicloud-integrations-rhel9@sha256:2b7557d262cd8eacc45178dcca3dae642b1bb33fbfccdf6a3b63abb7e1a39d53_amd64",
"product_id": "rhacm2/multicloud-integrations-rhel9@sha256:2b7557d262cd8eacc45178dcca3dae642b1bb33fbfccdf6a3b63abb7e1a39d53_amd64",
"product_identification_helper": {
"purl": "pkg:oci/multicloud-integrations-rhel9@sha256:2b7557d262cd8eacc45178dcca3dae642b1bb33fbfccdf6a3b63abb7e1a39d53?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/multicloud-integrations-rhel9\u0026tag=v2.10.4-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multiclusterhub-rhel9@sha256:c5e3898dd435f49636834ce14b3188f7163167cdb538d85812393cf450d49157_amd64",
"product": {
"name": "rhacm2/multiclusterhub-rhel9@sha256:c5e3898dd435f49636834ce14b3188f7163167cdb538d85812393cf450d49157_amd64",
"product_id": "rhacm2/multiclusterhub-rhel9@sha256:c5e3898dd435f49636834ce14b3188f7163167cdb538d85812393cf450d49157_amd64",
"product_identification_helper": {
"purl": "pkg:oci/multiclusterhub-rhel9@sha256:c5e3898dd435f49636834ce14b3188f7163167cdb538d85812393cf450d49157?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/multiclusterhub-rhel9\u0026tag=v2.10.4-16"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicluster-observability-rhel9-operator@sha256:9b855d7e4cf6fe3c4da92d84a51adc63aea5f144bce38dbb9c4ab3d01370c296_amd64",
"product": {
"name": "rhacm2/multicluster-observability-rhel9-operator@sha256:9b855d7e4cf6fe3c4da92d84a51adc63aea5f144bce38dbb9c4ab3d01370c296_amd64",
"product_id": "rhacm2/multicluster-observability-rhel9-operator@sha256:9b855d7e4cf6fe3c4da92d84a51adc63aea5f144bce38dbb9c4ab3d01370c296_amd64",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-observability-rhel9-operator@sha256:9b855d7e4cf6fe3c4da92d84a51adc63aea5f144bce38dbb9c4ab3d01370c296?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/multicluster-observability-rhel9-operator\u0026tag=v2.10.4-16"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicluster-operators-application-rhel9@sha256:2a272685b487a747827220d16bc5aaff65c436d5c312b081d9fffd9ef4a8a0f9_amd64",
"product": {
"name": "rhacm2/multicluster-operators-application-rhel9@sha256:2a272685b487a747827220d16bc5aaff65c436d5c312b081d9fffd9ef4a8a0f9_amd64",
"product_id": "rhacm2/multicluster-operators-application-rhel9@sha256:2a272685b487a747827220d16bc5aaff65c436d5c312b081d9fffd9ef4a8a0f9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-operators-application-rhel9@sha256:2a272685b487a747827220d16bc5aaff65c436d5c312b081d9fffd9ef4a8a0f9?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-application-rhel9\u0026tag=v2.10.4-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicluster-operators-channel-rhel9@sha256:2399cfe0b3b626be2acd289d8880b9913d73093220b3e4062bb7cddb2628640a_amd64",
"product": {
"name": "rhacm2/multicluster-operators-channel-rhel9@sha256:2399cfe0b3b626be2acd289d8880b9913d73093220b3e4062bb7cddb2628640a_amd64",
"product_id": "rhacm2/multicluster-operators-channel-rhel9@sha256:2399cfe0b3b626be2acd289d8880b9913d73093220b3e4062bb7cddb2628640a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-operators-channel-rhel9@sha256:2399cfe0b3b626be2acd289d8880b9913d73093220b3e4062bb7cddb2628640a?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-channel-rhel9\u0026tag=v2.10.4-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicluster-operators-subscription-rhel9@sha256:08aacdc6cad3ba5743a5d65c1bff5b3e41e44269765b94f45673a8e648f60584_amd64",
"product": {
"name": "rhacm2/multicluster-operators-subscription-rhel9@sha256:08aacdc6cad3ba5743a5d65c1bff5b3e41e44269765b94f45673a8e648f60584_amd64",
"product_id": "rhacm2/multicluster-operators-subscription-rhel9@sha256:08aacdc6cad3ba5743a5d65c1bff5b3e41e44269765b94f45673a8e648f60584_amd64",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-operators-subscription-rhel9@sha256:08aacdc6cad3ba5743a5d65c1bff5b3e41e44269765b94f45673a8e648f60584?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-subscription-rhel9\u0026tag=v2.10.4-12"
}
}
},
{
"category": "product_version",
"name": "rhacm2/node-exporter-rhel9@sha256:d147abba6fa66eb914005d4cd62302c527cbfc0083be386275c5c782b90c3c1c_amd64",
"product": {
"name": "rhacm2/node-exporter-rhel9@sha256:d147abba6fa66eb914005d4cd62302c527cbfc0083be386275c5c782b90c3c1c_amd64",
"product_id": "rhacm2/node-exporter-rhel9@sha256:d147abba6fa66eb914005d4cd62302c527cbfc0083be386275c5c782b90c3c1c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/node-exporter-rhel9@sha256:d147abba6fa66eb914005d4cd62302c527cbfc0083be386275c5c782b90c3c1c?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/node-exporter-rhel9\u0026tag=v2.10.4-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/observatorium-rhel9@sha256:7812638565dff9368b4db0ed9aecb86c544d0b6caa773994c5c830e800060e22_amd64",
"product": {
"name": "rhacm2/observatorium-rhel9@sha256:7812638565dff9368b4db0ed9aecb86c544d0b6caa773994c5c830e800060e22_amd64",
"product_id": "rhacm2/observatorium-rhel9@sha256:7812638565dff9368b4db0ed9aecb86c544d0b6caa773994c5c830e800060e22_amd64",
"product_identification_helper": {
"purl": "pkg:oci/observatorium-rhel9@sha256:7812638565dff9368b4db0ed9aecb86c544d0b6caa773994c5c830e800060e22?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/observatorium-rhel9\u0026tag=v2.10.4-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/observatorium-rhel9-operator@sha256:e2dabaf7c375e039797330bb33e03c993356dc5a37949f84a89c3e4f40ff0023_amd64",
"product": {
"name": "rhacm2/observatorium-rhel9-operator@sha256:e2dabaf7c375e039797330bb33e03c993356dc5a37949f84a89c3e4f40ff0023_amd64",
"product_id": "rhacm2/observatorium-rhel9-operator@sha256:e2dabaf7c375e039797330bb33e03c993356dc5a37949f84a89c3e4f40ff0023_amd64",
"product_identification_helper": {
"purl": "pkg:oci/observatorium-rhel9-operator@sha256:e2dabaf7c375e039797330bb33e03c993356dc5a37949f84a89c3e4f40ff0023?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/observatorium-rhel9-operator\u0026tag=v2.10.4-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/prometheus-alertmanager-rhel9@sha256:0e7e5cfd6a953e092eb3ae72b236741f73432f8d262ace74caa2acf8c5fe3863_amd64",
"product": {
"name": "rhacm2/prometheus-alertmanager-rhel9@sha256:0e7e5cfd6a953e092eb3ae72b236741f73432f8d262ace74caa2acf8c5fe3863_amd64",
"product_id": "rhacm2/prometheus-alertmanager-rhel9@sha256:0e7e5cfd6a953e092eb3ae72b236741f73432f8d262ace74caa2acf8c5fe3863_amd64",
"product_identification_helper": {
"purl": "pkg:oci/prometheus-alertmanager-rhel9@sha256:0e7e5cfd6a953e092eb3ae72b236741f73432f8d262ace74caa2acf8c5fe3863?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/prometheus-alertmanager-rhel9\u0026tag=v2.10.4-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/prometheus-rhel9@sha256:c1c2a5bc8d471fb7cbbf31c0e5513bf2630efbd1a5bbb458dc0c98b3ee608636_amd64",
"product": {
"name": "rhacm2/prometheus-rhel9@sha256:c1c2a5bc8d471fb7cbbf31c0e5513bf2630efbd1a5bbb458dc0c98b3ee608636_amd64",
"product_id": "rhacm2/prometheus-rhel9@sha256:c1c2a5bc8d471fb7cbbf31c0e5513bf2630efbd1a5bbb458dc0c98b3ee608636_amd64",
"product_identification_helper": {
"purl": "pkg:oci/prometheus-rhel9@sha256:c1c2a5bc8d471fb7cbbf31c0e5513bf2630efbd1a5bbb458dc0c98b3ee608636?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/prometheus-rhel9\u0026tag=v2.10.4-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/rbac-query-proxy-rhel9@sha256:a061734a251e62cd31792ec9065f6a346de672f72e32965954811faf11f86d62_amd64",
"product": {
"name": "rhacm2/rbac-query-proxy-rhel9@sha256:a061734a251e62cd31792ec9065f6a346de672f72e32965954811faf11f86d62_amd64",
"product_id": "rhacm2/rbac-query-proxy-rhel9@sha256:a061734a251e62cd31792ec9065f6a346de672f72e32965954811faf11f86d62_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rbac-query-proxy-rhel9@sha256:a061734a251e62cd31792ec9065f6a346de672f72e32965954811faf11f86d62?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/rbac-query-proxy-rhel9\u0026tag=v2.10.4-17"
}
}
},
{
"category": "product_version",
"name": "rhacm2/search-collector-rhel9@sha256:557e431af519bf544102927491fffbdd4091a5a9377396d7d30b2898897c8fba_amd64",
"product": {
"name": "rhacm2/search-collector-rhel9@sha256:557e431af519bf544102927491fffbdd4091a5a9377396d7d30b2898897c8fba_amd64",
"product_id": "rhacm2/search-collector-rhel9@sha256:557e431af519bf544102927491fffbdd4091a5a9377396d7d30b2898897c8fba_amd64",
"product_identification_helper": {
"purl": "pkg:oci/search-collector-rhel9@sha256:557e431af519bf544102927491fffbdd4091a5a9377396d7d30b2898897c8fba?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/search-collector-rhel9\u0026tag=v2.10.4-10"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-addon-rhel9@sha256:e8eb481c682682ea78d5f7d5793f63e427fcffc867db012f327b5469c524535c_amd64",
"product": {
"name": "rhacm2/submariner-addon-rhel9@sha256:e8eb481c682682ea78d5f7d5793f63e427fcffc867db012f327b5469c524535c_amd64",
"product_id": "rhacm2/submariner-addon-rhel9@sha256:e8eb481c682682ea78d5f7d5793f63e427fcffc867db012f327b5469c524535c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/submariner-addon-rhel9@sha256:e8eb481c682682ea78d5f7d5793f63e427fcffc867db012f327b5469c524535c?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/submariner-addon-rhel9\u0026tag=v2.10.4-12"
}
}
},
{
"category": "product_version",
"name": "rhacm2/thanos-rhel9@sha256:c431d914ecca6080a1ce9ee7fb15019ca5f5b5cb7083fa739ce14b9f8afd570e_amd64",
"product": {
"name": "rhacm2/thanos-rhel9@sha256:c431d914ecca6080a1ce9ee7fb15019ca5f5b5cb7083fa739ce14b9f8afd570e_amd64",
"product_id": "rhacm2/thanos-rhel9@sha256:c431d914ecca6080a1ce9ee7fb15019ca5f5b5cb7083fa739ce14b9f8afd570e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/thanos-rhel9@sha256:c431d914ecca6080a1ce9ee7fb15019ca5f5b5cb7083fa739ce14b9f8afd570e?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/thanos-rhel9\u0026tag=v2.10.4-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/thanos-receive-controller-rhel9@sha256:09b931bd7405cc8733625884f61ccaa92b40b48d9068d78f552a6c9383cb02e9_amd64",
"product": {
"name": "rhacm2/thanos-receive-controller-rhel9@sha256:09b931bd7405cc8733625884f61ccaa92b40b48d9068d78f552a6c9383cb02e9_amd64",
"product_id": "rhacm2/thanos-receive-controller-rhel9@sha256:09b931bd7405cc8733625884f61ccaa92b40b48d9068d78f552a6c9383cb02e9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/thanos-receive-controller-rhel9@sha256:09b931bd7405cc8733625884f61ccaa92b40b48d9068d78f552a6c9383cb02e9?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/thanos-receive-controller-rhel9\u0026tag=v2.10.4-7"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "rhacm2/acm-cluster-permission-rhel9@sha256:b9ef8ca2a002c616c6644cf16b80d5901d7b46034dc7e57ec1dd1d260cf0e32b_s390x",
"product": {
"name": "rhacm2/acm-cluster-permission-rhel9@sha256:b9ef8ca2a002c616c6644cf16b80d5901d7b46034dc7e57ec1dd1d260cf0e32b_s390x",
"product_id": "rhacm2/acm-cluster-permission-rhel9@sha256:b9ef8ca2a002c616c6644cf16b80d5901d7b46034dc7e57ec1dd1d260cf0e32b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/acm-cluster-permission-rhel9@sha256:b9ef8ca2a002c616c6644cf16b80d5901d7b46034dc7e57ec1dd1d260cf0e32b?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/acm-cluster-permission-rhel9\u0026tag=v2.10.4-6"
}
}
},
{
"category": "product_version",
"name": "rhacm2/acm-governance-policy-addon-controller-rhel9@sha256:65d709ef780d8d867c145b1ddf8e7031bd8e710972b21ed2d7b9d9ede0bfdb43_s390x",
"product": {
"name": "rhacm2/acm-governance-policy-addon-controller-rhel9@sha256:65d709ef780d8d867c145b1ddf8e7031bd8e710972b21ed2d7b9d9ede0bfdb43_s390x",
"product_id": "rhacm2/acm-governance-policy-addon-controller-rhel9@sha256:65d709ef780d8d867c145b1ddf8e7031bd8e710972b21ed2d7b9d9ede0bfdb43_s390x",
"product_identification_helper": {
"purl": "pkg:oci/acm-governance-policy-addon-controller-rhel9@sha256:65d709ef780d8d867c145b1ddf8e7031bd8e710972b21ed2d7b9d9ede0bfdb43?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/acm-governance-policy-addon-controller-rhel9\u0026tag=v2.10.4-15"
}
}
},
{
"category": "product_version",
"name": "rhacm2/acm-governance-policy-framework-addon-rhel9@sha256:4536de55598f032ad91056c779ec2faea5c28de557a730d50cb2b2aba9b3bf00_s390x",
"product": {
"name": "rhacm2/acm-governance-policy-framework-addon-rhel9@sha256:4536de55598f032ad91056c779ec2faea5c28de557a730d50cb2b2aba9b3bf00_s390x",
"product_id": "rhacm2/acm-governance-policy-framework-addon-rhel9@sha256:4536de55598f032ad91056c779ec2faea5c28de557a730d50cb2b2aba9b3bf00_s390x",
"product_identification_helper": {
"purl": "pkg:oci/acm-governance-policy-framework-addon-rhel9@sha256:4536de55598f032ad91056c779ec2faea5c28de557a730d50cb2b2aba9b3bf00?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/acm-governance-policy-framework-addon-rhel9\u0026tag=v2.10.4-14"
}
}
},
{
"category": "product_version",
"name": "rhacm2/acm-grafana-rhel9@sha256:1cd1c6a91611569a855444430c527a8bebbe113f77dd47dcfc2b8305c3a26a13_s390x",
"product": {
"name": "rhacm2/acm-grafana-rhel9@sha256:1cd1c6a91611569a855444430c527a8bebbe113f77dd47dcfc2b8305c3a26a13_s390x",
"product_id": "rhacm2/acm-grafana-rhel9@sha256:1cd1c6a91611569a855444430c527a8bebbe113f77dd47dcfc2b8305c3a26a13_s390x",
"product_identification_helper": {
"purl": "pkg:oci/acm-grafana-rhel9@sha256:1cd1c6a91611569a855444430c527a8bebbe113f77dd47dcfc2b8305c3a26a13?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/acm-grafana-rhel9\u0026tag=v2.10.4-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/acm-must-gather-rhel9@sha256:bfc79c952b6f62658ef36373af72e6213de78ba1c3a18f018add4295d8ae72f8_s390x",
"product": {
"name": "rhacm2/acm-must-gather-rhel9@sha256:bfc79c952b6f62658ef36373af72e6213de78ba1c3a18f018add4295d8ae72f8_s390x",
"product_id": "rhacm2/acm-must-gather-rhel9@sha256:bfc79c952b6f62658ef36373af72e6213de78ba1c3a18f018add4295d8ae72f8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/acm-must-gather-rhel9@sha256:bfc79c952b6f62658ef36373af72e6213de78ba1c3a18f018add4295d8ae72f8?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/acm-must-gather-rhel9\u0026tag=v2.10.4-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/acm-operator-bundle@sha256:cc65cb3804a7e6150028a6f1c60fcbdb78c42689769ff9378922491481947aed_s390x",
"product": {
"name": "rhacm2/acm-operator-bundle@sha256:cc65cb3804a7e6150028a6f1c60fcbdb78c42689769ff9378922491481947aed_s390x",
"product_id": "rhacm2/acm-operator-bundle@sha256:cc65cb3804a7e6150028a6f1c60fcbdb78c42689769ff9378922491481947aed_s390x",
"product_identification_helper": {
"purl": "pkg:oci/acm-operator-bundle@sha256:cc65cb3804a7e6150028a6f1c60fcbdb78c42689769ff9378922491481947aed?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/acm-operator-bundle\u0026tag=v2.10.4-30"
}
}
},
{
"category": "product_version",
"name": "rhacm2/acm-prometheus-config-reloader-rhel9@sha256:be5be2fe888521fd8ac6d7ebca3cf127724128eb6ff4e11f90d61a4af60f1bee_s390x",
"product": {
"name": "rhacm2/acm-prometheus-config-reloader-rhel9@sha256:be5be2fe888521fd8ac6d7ebca3cf127724128eb6ff4e11f90d61a4af60f1bee_s390x",
"product_id": "rhacm2/acm-prometheus-config-reloader-rhel9@sha256:be5be2fe888521fd8ac6d7ebca3cf127724128eb6ff4e11f90d61a4af60f1bee_s390x",
"product_identification_helper": {
"purl": "pkg:oci/acm-prometheus-config-reloader-rhel9@sha256:be5be2fe888521fd8ac6d7ebca3cf127724128eb6ff4e11f90d61a4af60f1bee?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/acm-prometheus-config-reloader-rhel9\u0026tag=v2.10.4-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/acm-prometheus-rhel9@sha256:8da9c5a18b42861d11e3df3f37b5f47b810af1b25beec208ce75b6f69d913ecd_s390x",
"product": {
"name": "rhacm2/acm-prometheus-rhel9@sha256:8da9c5a18b42861d11e3df3f37b5f47b810af1b25beec208ce75b6f69d913ecd_s390x",
"product_id": "rhacm2/acm-prometheus-rhel9@sha256:8da9c5a18b42861d11e3df3f37b5f47b810af1b25beec208ce75b6f69d913ecd_s390x",
"product_identification_helper": {
"purl": "pkg:oci/acm-prometheus-rhel9@sha256:8da9c5a18b42861d11e3df3f37b5f47b810af1b25beec208ce75b6f69d913ecd?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/acm-prometheus-rhel9\u0026tag=v2.10.4-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/acm-search-indexer-rhel9@sha256:47083a8e2f6234e7e3743c2f7d5cc433ad76a46a609f65640e047bfa9557082c_s390x",
"product": {
"name": "rhacm2/acm-search-indexer-rhel9@sha256:47083a8e2f6234e7e3743c2f7d5cc433ad76a46a609f65640e047bfa9557082c_s390x",
"product_id": "rhacm2/acm-search-indexer-rhel9@sha256:47083a8e2f6234e7e3743c2f7d5cc433ad76a46a609f65640e047bfa9557082c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/acm-search-indexer-rhel9@sha256:47083a8e2f6234e7e3743c2f7d5cc433ad76a46a609f65640e047bfa9557082c?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/acm-search-indexer-rhel9\u0026tag=v2.10.4-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/acm-search-v2-api-rhel9@sha256:1891db398d822cb0c424245928033240dfdcfd35d21ab052379d432423a6e038_s390x",
"product": {
"name": "rhacm2/acm-search-v2-api-rhel9@sha256:1891db398d822cb0c424245928033240dfdcfd35d21ab052379d432423a6e038_s390x",
"product_id": "rhacm2/acm-search-v2-api-rhel9@sha256:1891db398d822cb0c424245928033240dfdcfd35d21ab052379d432423a6e038_s390x",
"product_identification_helper": {
"purl": "pkg:oci/acm-search-v2-api-rhel9@sha256:1891db398d822cb0c424245928033240dfdcfd35d21ab052379d432423a6e038?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/acm-search-v2-api-rhel9\u0026tag=v2.10.4-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/acm-search-v2-rhel9@sha256:329f59a93ce1e2aab017a924db00b6aaca4c8ee40b5d5c2358af11af2e5319bd_s390x",
"product": {
"name": "rhacm2/acm-search-v2-rhel9@sha256:329f59a93ce1e2aab017a924db00b6aaca4c8ee40b5d5c2358af11af2e5319bd_s390x",
"product_id": "rhacm2/acm-search-v2-rhel9@sha256:329f59a93ce1e2aab017a924db00b6aaca4c8ee40b5d5c2358af11af2e5319bd_s390x",
"product_identification_helper": {
"purl": "pkg:oci/acm-search-v2-rhel9@sha256:329f59a93ce1e2aab017a924db00b6aaca4c8ee40b5d5c2358af11af2e5319bd?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/acm-search-v2-rhel9\u0026tag=v2.10.4-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/acm-volsync-addon-controller-rhel9@sha256:faee49ca0c46781594189977f3ab5805060cd0a95e47ba575ec05bb549e21a69_s390x",
"product": {
"name": "rhacm2/acm-volsync-addon-controller-rhel9@sha256:faee49ca0c46781594189977f3ab5805060cd0a95e47ba575ec05bb549e21a69_s390x",
"product_id": "rhacm2/acm-volsync-addon-controller-rhel9@sha256:faee49ca0c46781594189977f3ab5805060cd0a95e47ba575ec05bb549e21a69_s390x",
"product_identification_helper": {
"purl": "pkg:oci/acm-volsync-addon-controller-rhel9@sha256:faee49ca0c46781594189977f3ab5805060cd0a95e47ba575ec05bb549e21a69?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/acm-volsync-addon-controller-rhel9\u0026tag=v2.10.4-11"
}
}
},
{
"category": "product_version",
"name": "rhacm2/cert-policy-controller-rhel9@sha256:081c86b4c25876ac0734a0caff771a30b848530f1e89f9e0d3ee3f743f579e9c_s390x",
"product": {
"name": "rhacm2/cert-policy-controller-rhel9@sha256:081c86b4c25876ac0734a0caff771a30b848530f1e89f9e0d3ee3f743f579e9c_s390x",
"product_id": "rhacm2/cert-policy-controller-rhel9@sha256:081c86b4c25876ac0734a0caff771a30b848530f1e89f9e0d3ee3f743f579e9c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cert-policy-controller-rhel9@sha256:081c86b4c25876ac0734a0caff771a30b848530f1e89f9e0d3ee3f743f579e9c?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/cert-policy-controller-rhel9\u0026tag=v2.10.4-16"
}
}
},
{
"category": "product_version",
"name": "rhacm2/cluster-backup-rhel9-operator@sha256:66f67d2d8c09634e2e5ae0be07437cb1918f6b506e35bc9b7af82f4979dfc4ed_s390x",
"product": {
"name": "rhacm2/cluster-backup-rhel9-operator@sha256:66f67d2d8c09634e2e5ae0be07437cb1918f6b506e35bc9b7af82f4979dfc4ed_s390x",
"product_id": "rhacm2/cluster-backup-rhel9-operator@sha256:66f67d2d8c09634e2e5ae0be07437cb1918f6b506e35bc9b7af82f4979dfc4ed_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cluster-backup-rhel9-operator@sha256:66f67d2d8c09634e2e5ae0be07437cb1918f6b506e35bc9b7af82f4979dfc4ed?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/cluster-backup-rhel9-operator\u0026tag=v2.10.4-13"
}
}
},
{
"category": "product_version",
"name": "rhacm2/config-policy-controller-rhel9@sha256:b7ff6680725a8bb31edf5dc58d82ac0b9d201ba8eac4c6f2ea4c3cd35f52915a_s390x",
"product": {
"name": "rhacm2/config-policy-controller-rhel9@sha256:b7ff6680725a8bb31edf5dc58d82ac0b9d201ba8eac4c6f2ea4c3cd35f52915a_s390x",
"product_id": "rhacm2/config-policy-controller-rhel9@sha256:b7ff6680725a8bb31edf5dc58d82ac0b9d201ba8eac4c6f2ea4c3cd35f52915a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/config-policy-controller-rhel9@sha256:b7ff6680725a8bb31edf5dc58d82ac0b9d201ba8eac4c6f2ea4c3cd35f52915a?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/config-policy-controller-rhel9\u0026tag=v2.10.4-14"
}
}
},
{
"category": "product_version",
"name": "rhacm2/console-rhel9@sha256:5fe6fb2bd7e31a960bc018d870af482f668ab417d601d94a5ac5981fd116a852_s390x",
"product": {
"name": "rhacm2/console-rhel9@sha256:5fe6fb2bd7e31a960bc018d870af482f668ab417d601d94a5ac5981fd116a852_s390x",
"product_id": "rhacm2/console-rhel9@sha256:5fe6fb2bd7e31a960bc018d870af482f668ab417d601d94a5ac5981fd116a852_s390x",
"product_identification_helper": {
"purl": "pkg:oci/console-rhel9@sha256:5fe6fb2bd7e31a960bc018d870af482f668ab417d601d94a5ac5981fd116a852?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/console-rhel9\u0026tag=v2.10.4-13"
}
}
},
{
"category": "product_version",
"name": "rhacm2/endpoint-monitoring-rhel9-operator@sha256:75bc23118d6e3ae1ec142a6f47a871efcd8ec5aa6da2bef7cf24e716b3b3be3c_s390x",
"product": {
"name": "rhacm2/endpoint-monitoring-rhel9-operator@sha256:75bc23118d6e3ae1ec142a6f47a871efcd8ec5aa6da2bef7cf24e716b3b3be3c_s390x",
"product_id": "rhacm2/endpoint-monitoring-rhel9-operator@sha256:75bc23118d6e3ae1ec142a6f47a871efcd8ec5aa6da2bef7cf24e716b3b3be3c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/endpoint-monitoring-rhel9-operator@sha256:75bc23118d6e3ae1ec142a6f47a871efcd8ec5aa6da2bef7cf24e716b3b3be3c?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/endpoint-monitoring-rhel9-operator\u0026tag=v2.10.4-16"
}
}
},
{
"category": "product_version",
"name": "rhacm2/governance-policy-propagator-rhel9@sha256:46deef6c168120168168820dad57ce9b2d2641be926772eaeba2d03d3d324e2a_s390x",
"product": {
"name": "rhacm2/governance-policy-propagator-rhel9@sha256:46deef6c168120168168820dad57ce9b2d2641be926772eaeba2d03d3d324e2a_s390x",
"product_id": "rhacm2/governance-policy-propagator-rhel9@sha256:46deef6c168120168168820dad57ce9b2d2641be926772eaeba2d03d3d324e2a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/governance-policy-propagator-rhel9@sha256:46deef6c168120168168820dad57ce9b2d2641be926772eaeba2d03d3d324e2a?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/governance-policy-propagator-rhel9\u0026tag=v2.10.4-14"
}
}
},
{
"category": "product_version",
"name": "rhacm2/grafana-dashboard-loader-rhel9@sha256:f30433d2c90f38c86f1780bd8b74a50821837f769db589ee720e35fd79dbc23b_s390x",
"product": {
"name": "rhacm2/grafana-dashboard-loader-rhel9@sha256:f30433d2c90f38c86f1780bd8b74a50821837f769db589ee720e35fd79dbc23b_s390x",
"product_id": "rhacm2/grafana-dashboard-loader-rhel9@sha256:f30433d2c90f38c86f1780bd8b74a50821837f769db589ee720e35fd79dbc23b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/grafana-dashboard-loader-rhel9@sha256:f30433d2c90f38c86f1780bd8b74a50821837f769db589ee720e35fd79dbc23b?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/grafana-dashboard-loader-rhel9\u0026tag=v2.10.4-17"
}
}
},
{
"category": "product_version",
"name": "rhacm2/iam-policy-controller-rhel9@sha256:f62a79f1f02af4be1424b74071e6d701e5c514e27019e69ee98cbed10b602f3d_s390x",
"product": {
"name": "rhacm2/iam-policy-controller-rhel9@sha256:f62a79f1f02af4be1424b74071e6d701e5c514e27019e69ee98cbed10b602f3d_s390x",
"product_id": "rhacm2/iam-policy-controller-rhel9@sha256:f62a79f1f02af4be1424b74071e6d701e5c514e27019e69ee98cbed10b602f3d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/iam-policy-controller-rhel9@sha256:f62a79f1f02af4be1424b74071e6d701e5c514e27019e69ee98cbed10b602f3d?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/iam-policy-controller-rhel9\u0026tag=v2.10.4-16"
}
}
},
{
"category": "product_version",
"name": "rhacm2/insights-client-rhel9@sha256:70833a6ef9ebc1b50e914744e0f7c36c259bb7889c7ff8085cb8470826ac803e_s390x",
"product": {
"name": "rhacm2/insights-client-rhel9@sha256:70833a6ef9ebc1b50e914744e0f7c36c259bb7889c7ff8085cb8470826ac803e_s390x",
"product_id": "rhacm2/insights-client-rhel9@sha256:70833a6ef9ebc1b50e914744e0f7c36c259bb7889c7ff8085cb8470826ac803e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/insights-client-rhel9@sha256:70833a6ef9ebc1b50e914744e0f7c36c259bb7889c7ff8085cb8470826ac803e?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/insights-client-rhel9\u0026tag=v2.10.4-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/insights-metrics-rhel9@sha256:e2a9110af4d9bac9fd97b8f5981230c495506d50db571eccae9e16e361abfdd7_s390x",
"product": {
"name": "rhacm2/insights-metrics-rhel9@sha256:e2a9110af4d9bac9fd97b8f5981230c495506d50db571eccae9e16e361abfdd7_s390x",
"product_id": "rhacm2/insights-metrics-rhel9@sha256:e2a9110af4d9bac9fd97b8f5981230c495506d50db571eccae9e16e361abfdd7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/insights-metrics-rhel9@sha256:e2a9110af4d9bac9fd97b8f5981230c495506d50db571eccae9e16e361abfdd7?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/insights-metrics-rhel9\u0026tag=v2.10.4-10"
}
}
},
{
"category": "product_version",
"name": "rhacm2/klusterlet-addon-controller-rhel9@sha256:8528a204787ecde3925c9c3ef31e225f59c5b4b3a21bd314541fe06dd4c1aa73_s390x",
"product": {
"name": "rhacm2/klusterlet-addon-controller-rhel9@sha256:8528a204787ecde3925c9c3ef31e225f59c5b4b3a21bd314541fe06dd4c1aa73_s390x",
"product_id": "rhacm2/klusterlet-addon-controller-rhel9@sha256:8528a204787ecde3925c9c3ef31e225f59c5b4b3a21bd314541fe06dd4c1aa73_s390x",
"product_identification_helper": {
"purl": "pkg:oci/klusterlet-addon-controller-rhel9@sha256:8528a204787ecde3925c9c3ef31e225f59c5b4b3a21bd314541fe06dd4c1aa73?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/klusterlet-addon-controller-rhel9\u0026tag=v2.10.4-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/kube-rbac-proxy-rhel9@sha256:42da847ca7b39914df099381ac807d8ab619774388c1a47e0d71020fbce998ae_s390x",
"product": {
"name": "rhacm2/kube-rbac-proxy-rhel9@sha256:42da847ca7b39914df099381ac807d8ab619774388c1a47e0d71020fbce998ae_s390x",
"product_id": "rhacm2/kube-rbac-proxy-rhel9@sha256:42da847ca7b39914df099381ac807d8ab619774388c1a47e0d71020fbce998ae_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kube-rbac-proxy-rhel9@sha256:42da847ca7b39914df099381ac807d8ab619774388c1a47e0d71020fbce998ae?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/kube-rbac-proxy-rhel9\u0026tag=v2.10.4-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/kube-state-metrics-rhel9@sha256:715f6b9c01400a153157de08bf2a6b04ea54478ee2c18d7871b65c865d6902d2_s390x",
"product": {
"name": "rhacm2/kube-state-metrics-rhel9@sha256:715f6b9c01400a153157de08bf2a6b04ea54478ee2c18d7871b65c865d6902d2_s390x",
"product_id": "rhacm2/kube-state-metrics-rhel9@sha256:715f6b9c01400a153157de08bf2a6b04ea54478ee2c18d7871b65c865d6902d2_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kube-state-metrics-rhel9@sha256:715f6b9c01400a153157de08bf2a6b04ea54478ee2c18d7871b65c865d6902d2?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/kube-state-metrics-rhel9\u0026tag=v2.10.4-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/memcached-rhel9@sha256:2fb75dce1567e21a9f1361ec3ac54a4d5a2252f03aa64b6cdf4d1cd02a58d04c_s390x",
"product": {
"name": "rhacm2/memcached-rhel9@sha256:2fb75dce1567e21a9f1361ec3ac54a4d5a2252f03aa64b6cdf4d1cd02a58d04c_s390x",
"product_id": "rhacm2/memcached-rhel9@sha256:2fb75dce1567e21a9f1361ec3ac54a4d5a2252f03aa64b6cdf4d1cd02a58d04c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/memcached-rhel9@sha256:2fb75dce1567e21a9f1361ec3ac54a4d5a2252f03aa64b6cdf4d1cd02a58d04c?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/memcached-rhel9\u0026tag=v2.10.4-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/memcached-exporter-rhel9@sha256:c5275f61fd2e84deaab7e789a7ffefdbe235866a8439d3d2534e4b26998372d6_s390x",
"product": {
"name": "rhacm2/memcached-exporter-rhel9@sha256:c5275f61fd2e84deaab7e789a7ffefdbe235866a8439d3d2534e4b26998372d6_s390x",
"product_id": "rhacm2/memcached-exporter-rhel9@sha256:c5275f61fd2e84deaab7e789a7ffefdbe235866a8439d3d2534e4b26998372d6_s390x",
"product_identification_helper": {
"purl": "pkg:oci/memcached-exporter-rhel9@sha256:c5275f61fd2e84deaab7e789a7ffefdbe235866a8439d3d2534e4b26998372d6?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/memcached-exporter-rhel9\u0026tag=v2.10.4-6"
}
}
},
{
"category": "product_version",
"name": "rhacm2/metrics-collector-rhel9@sha256:84543f21ccfe36960fce099930132e7042e505ba635c45a28a902ed2b2401d55_s390x",
"product": {
"name": "rhacm2/metrics-collector-rhel9@sha256:84543f21ccfe36960fce099930132e7042e505ba635c45a28a902ed2b2401d55_s390x",
"product_id": "rhacm2/metrics-collector-rhel9@sha256:84543f21ccfe36960fce099930132e7042e505ba635c45a28a902ed2b2401d55_s390x",
"product_identification_helper": {
"purl": "pkg:oci/metrics-collector-rhel9@sha256:84543f21ccfe36960fce099930132e7042e505ba635c45a28a902ed2b2401d55?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/metrics-collector-rhel9\u0026tag=v2.10.4-16"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicloud-integrations-rhel9@sha256:0529a11c8935d5b9fa2a3f29801749b09861076c0c2040612271f0bbafb5fbab_s390x",
"product": {
"name": "rhacm2/multicloud-integrations-rhel9@sha256:0529a11c8935d5b9fa2a3f29801749b09861076c0c2040612271f0bbafb5fbab_s390x",
"product_id": "rhacm2/multicloud-integrations-rhel9@sha256:0529a11c8935d5b9fa2a3f29801749b09861076c0c2040612271f0bbafb5fbab_s390x",
"product_identification_helper": {
"purl": "pkg:oci/multicloud-integrations-rhel9@sha256:0529a11c8935d5b9fa2a3f29801749b09861076c0c2040612271f0bbafb5fbab?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/multicloud-integrations-rhel9\u0026tag=v2.10.4-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multiclusterhub-rhel9@sha256:97932a785e8601b170a7c6fd42b1e6a18203b958ccbb712352c2817b8103d9b5_s390x",
"product": {
"name": "rhacm2/multiclusterhub-rhel9@sha256:97932a785e8601b170a7c6fd42b1e6a18203b958ccbb712352c2817b8103d9b5_s390x",
"product_id": "rhacm2/multiclusterhub-rhel9@sha256:97932a785e8601b170a7c6fd42b1e6a18203b958ccbb712352c2817b8103d9b5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/multiclusterhub-rhel9@sha256:97932a785e8601b170a7c6fd42b1e6a18203b958ccbb712352c2817b8103d9b5?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/multiclusterhub-rhel9\u0026tag=v2.10.4-16"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicluster-observability-rhel9-operator@sha256:a9eb1e576d4eb5c7e9131803042b7d8529dab369595d0adc22623e24b67832d9_s390x",
"product": {
"name": "rhacm2/multicluster-observability-rhel9-operator@sha256:a9eb1e576d4eb5c7e9131803042b7d8529dab369595d0adc22623e24b67832d9_s390x",
"product_id": "rhacm2/multicluster-observability-rhel9-operator@sha256:a9eb1e576d4eb5c7e9131803042b7d8529dab369595d0adc22623e24b67832d9_s390x",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-observability-rhel9-operator@sha256:a9eb1e576d4eb5c7e9131803042b7d8529dab369595d0adc22623e24b67832d9?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/multicluster-observability-rhel9-operator\u0026tag=v2.10.4-16"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicluster-operators-application-rhel9@sha256:e15bedc9ce45cc025b6ab6c27d5b7eb95f6e750791ff0dae228a71eaeae1cace_s390x",
"product": {
"name": "rhacm2/multicluster-operators-application-rhel9@sha256:e15bedc9ce45cc025b6ab6c27d5b7eb95f6e750791ff0dae228a71eaeae1cace_s390x",
"product_id": "rhacm2/multicluster-operators-application-rhel9@sha256:e15bedc9ce45cc025b6ab6c27d5b7eb95f6e750791ff0dae228a71eaeae1cace_s390x",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-operators-application-rhel9@sha256:e15bedc9ce45cc025b6ab6c27d5b7eb95f6e750791ff0dae228a71eaeae1cace?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-application-rhel9\u0026tag=v2.10.4-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicluster-operators-channel-rhel9@sha256:37f84cbbee522859c6f46e49179ab0b1e1fef118aac6741d18675b36e31972dd_s390x",
"product": {
"name": "rhacm2/multicluster-operators-channel-rhel9@sha256:37f84cbbee522859c6f46e49179ab0b1e1fef118aac6741d18675b36e31972dd_s390x",
"product_id": "rhacm2/multicluster-operators-channel-rhel9@sha256:37f84cbbee522859c6f46e49179ab0b1e1fef118aac6741d18675b36e31972dd_s390x",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-operators-channel-rhel9@sha256:37f84cbbee522859c6f46e49179ab0b1e1fef118aac6741d18675b36e31972dd?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-channel-rhel9\u0026tag=v2.10.4-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicluster-operators-subscription-rhel9@sha256:b88262afe6149a741a566054ecc16400bc7335a443219d3ddbcb1ba7c939a38b_s390x",
"product": {
"name": "rhacm2/multicluster-operators-subscription-rhel9@sha256:b88262afe6149a741a566054ecc16400bc7335a443219d3ddbcb1ba7c939a38b_s390x",
"product_id": "rhacm2/multicluster-operators-subscription-rhel9@sha256:b88262afe6149a741a566054ecc16400bc7335a443219d3ddbcb1ba7c939a38b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-operators-subscription-rhel9@sha256:b88262afe6149a741a566054ecc16400bc7335a443219d3ddbcb1ba7c939a38b?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-subscription-rhel9\u0026tag=v2.10.4-12"
}
}
},
{
"category": "product_version",
"name": "rhacm2/node-exporter-rhel9@sha256:8bb239eafceaa18a786b78f7bf54c7063d80bce60567d10d81c5a4282b2884b4_s390x",
"product": {
"name": "rhacm2/node-exporter-rhel9@sha256:8bb239eafceaa18a786b78f7bf54c7063d80bce60567d10d81c5a4282b2884b4_s390x",
"product_id": "rhacm2/node-exporter-rhel9@sha256:8bb239eafceaa18a786b78f7bf54c7063d80bce60567d10d81c5a4282b2884b4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/node-exporter-rhel9@sha256:8bb239eafceaa18a786b78f7bf54c7063d80bce60567d10d81c5a4282b2884b4?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/node-exporter-rhel9\u0026tag=v2.10.4-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/observatorium-rhel9@sha256:1eb9b98d7f3c878e09b45aad2a64780e46026c55d6f70a64d66e255ec13ce9fb_s390x",
"product": {
"name": "rhacm2/observatorium-rhel9@sha256:1eb9b98d7f3c878e09b45aad2a64780e46026c55d6f70a64d66e255ec13ce9fb_s390x",
"product_id": "rhacm2/observatorium-rhel9@sha256:1eb9b98d7f3c878e09b45aad2a64780e46026c55d6f70a64d66e255ec13ce9fb_s390x",
"product_identification_helper": {
"purl": "pkg:oci/observatorium-rhel9@sha256:1eb9b98d7f3c878e09b45aad2a64780e46026c55d6f70a64d66e255ec13ce9fb?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/observatorium-rhel9\u0026tag=v2.10.4-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/observatorium-rhel9-operator@sha256:ecda2be3377f15a09c6971b1a689bb9eb917909d55f54c996d54a972aece7432_s390x",
"product": {
"name": "rhacm2/observatorium-rhel9-operator@sha256:ecda2be3377f15a09c6971b1a689bb9eb917909d55f54c996d54a972aece7432_s390x",
"product_id": "rhacm2/observatorium-rhel9-operator@sha256:ecda2be3377f15a09c6971b1a689bb9eb917909d55f54c996d54a972aece7432_s390x",
"product_identification_helper": {
"purl": "pkg:oci/observatorium-rhel9-operator@sha256:ecda2be3377f15a09c6971b1a689bb9eb917909d55f54c996d54a972aece7432?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/observatorium-rhel9-operator\u0026tag=v2.10.4-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/prometheus-alertmanager-rhel9@sha256:88383e94dcec26826df02cdebc9e7cc764e92b2ce71300c31a46f20ce92135c0_s390x",
"product": {
"name": "rhacm2/prometheus-alertmanager-rhel9@sha256:88383e94dcec26826df02cdebc9e7cc764e92b2ce71300c31a46f20ce92135c0_s390x",
"product_id": "rhacm2/prometheus-alertmanager-rhel9@sha256:88383e94dcec26826df02cdebc9e7cc764e92b2ce71300c31a46f20ce92135c0_s390x",
"product_identification_helper": {
"purl": "pkg:oci/prometheus-alertmanager-rhel9@sha256:88383e94dcec26826df02cdebc9e7cc764e92b2ce71300c31a46f20ce92135c0?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/prometheus-alertmanager-rhel9\u0026tag=v2.10.4-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/prometheus-rhel9@sha256:556c5d133dd996b86dceb03158d4d463ccdbbf29cc9ca05ff1e3915a48cd8c47_s390x",
"product": {
"name": "rhacm2/prometheus-rhel9@sha256:556c5d133dd996b86dceb03158d4d463ccdbbf29cc9ca05ff1e3915a48cd8c47_s390x",
"product_id": "rhacm2/prometheus-rhel9@sha256:556c5d133dd996b86dceb03158d4d463ccdbbf29cc9ca05ff1e3915a48cd8c47_s390x",
"product_identification_helper": {
"purl": "pkg:oci/prometheus-rhel9@sha256:556c5d133dd996b86dceb03158d4d463ccdbbf29cc9ca05ff1e3915a48cd8c47?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/prometheus-rhel9\u0026tag=v2.10.4-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/rbac-query-proxy-rhel9@sha256:5f70872d294b5f10393fa7c6a6ffd81a6a509ea7589753d29ad49118a87fb2df_s390x",
"product": {
"name": "rhacm2/rbac-query-proxy-rhel9@sha256:5f70872d294b5f10393fa7c6a6ffd81a6a509ea7589753d29ad49118a87fb2df_s390x",
"product_id": "rhacm2/rbac-query-proxy-rhel9@sha256:5f70872d294b5f10393fa7c6a6ffd81a6a509ea7589753d29ad49118a87fb2df_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rbac-query-proxy-rhel9@sha256:5f70872d294b5f10393fa7c6a6ffd81a6a509ea7589753d29ad49118a87fb2df?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/rbac-query-proxy-rhel9\u0026tag=v2.10.4-17"
}
}
},
{
"category": "product_version",
"name": "rhacm2/search-collector-rhel9@sha256:2092c265f1dea3dc553c370c3b07c92e4cb8523ccc58d46af4a517165e9b7bc4_s390x",
"product": {
"name": "rhacm2/search-collector-rhel9@sha256:2092c265f1dea3dc553c370c3b07c92e4cb8523ccc58d46af4a517165e9b7bc4_s390x",
"product_id": "rhacm2/search-collector-rhel9@sha256:2092c265f1dea3dc553c370c3b07c92e4cb8523ccc58d46af4a517165e9b7bc4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/search-collector-rhel9@sha256:2092c265f1dea3dc553c370c3b07c92e4cb8523ccc58d46af4a517165e9b7bc4?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/search-collector-rhel9\u0026tag=v2.10.4-10"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-addon-rhel9@sha256:92584807362684f692fc991f06ffecf241ee6494d4b37c584d74527214b33acb_s390x",
"product": {
"name": "rhacm2/submariner-addon-rhel9@sha256:92584807362684f692fc991f06ffecf241ee6494d4b37c584d74527214b33acb_s390x",
"product_id": "rhacm2/submariner-addon-rhel9@sha256:92584807362684f692fc991f06ffecf241ee6494d4b37c584d74527214b33acb_s390x",
"product_identification_helper": {
"purl": "pkg:oci/submariner-addon-rhel9@sha256:92584807362684f692fc991f06ffecf241ee6494d4b37c584d74527214b33acb?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/submariner-addon-rhel9\u0026tag=v2.10.4-12"
}
}
},
{
"category": "product_version",
"name": "rhacm2/thanos-rhel9@sha256:f7dc5a2e9c41416badca921ef6a4b16e9edd2aea052107d737bb3ddbc2e0242c_s390x",
"product": {
"name": "rhacm2/thanos-rhel9@sha256:f7dc5a2e9c41416badca921ef6a4b16e9edd2aea052107d737bb3ddbc2e0242c_s390x",
"product_id": "rhacm2/thanos-rhel9@sha256:f7dc5a2e9c41416badca921ef6a4b16e9edd2aea052107d737bb3ddbc2e0242c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/thanos-rhel9@sha256:f7dc5a2e9c41416badca921ef6a4b16e9edd2aea052107d737bb3ddbc2e0242c?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/thanos-rhel9\u0026tag=v2.10.4-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/thanos-receive-controller-rhel9@sha256:64aebcc4f88c096cb93faa8fab067308442fd49c07e55fcb55283ef86643f642_s390x",
"product": {
"name": "rhacm2/thanos-receive-controller-rhel9@sha256:64aebcc4f88c096cb93faa8fab067308442fd49c07e55fcb55283ef86643f642_s390x",
"product_id": "rhacm2/thanos-receive-controller-rhel9@sha256:64aebcc4f88c096cb93faa8fab067308442fd49c07e55fcb55283ef86643f642_s390x",
"product_identification_helper": {
"purl": "pkg:oci/thanos-receive-controller-rhel9@sha256:64aebcc4f88c096cb93faa8fab067308442fd49c07e55fcb55283ef86643f642?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/thanos-receive-controller-rhel9\u0026tag=v2.10.4-7"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "rhacm2/acm-cluster-permission-rhel9@sha256:e8c9920427522b7ef645422b85ff1585e65b9d659c792e57201dfc06d6a13ffa_ppc64le",
"product": {
"name": "rhacm2/acm-cluster-permission-rhel9@sha256:e8c9920427522b7ef645422b85ff1585e65b9d659c792e57201dfc06d6a13ffa_ppc64le",
"product_id": "rhacm2/acm-cluster-permission-rhel9@sha256:e8c9920427522b7ef645422b85ff1585e65b9d659c792e57201dfc06d6a13ffa_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/acm-cluster-permission-rhel9@sha256:e8c9920427522b7ef645422b85ff1585e65b9d659c792e57201dfc06d6a13ffa?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/acm-cluster-permission-rhel9\u0026tag=v2.10.4-6"
}
}
},
{
"category": "product_version",
"name": "rhacm2/acm-governance-policy-addon-controller-rhel9@sha256:87988ad277b62bbcc061dbe4242bfc2edcc21dc98c4c7c66385131c0425b0fa7_ppc64le",
"product": {
"name": "rhacm2/acm-governance-policy-addon-controller-rhel9@sha256:87988ad277b62bbcc061dbe4242bfc2edcc21dc98c4c7c66385131c0425b0fa7_ppc64le",
"product_id": "rhacm2/acm-governance-policy-addon-controller-rhel9@sha256:87988ad277b62bbcc061dbe4242bfc2edcc21dc98c4c7c66385131c0425b0fa7_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/acm-governance-policy-addon-controller-rhel9@sha256:87988ad277b62bbcc061dbe4242bfc2edcc21dc98c4c7c66385131c0425b0fa7?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/acm-governance-policy-addon-controller-rhel9\u0026tag=v2.10.4-15"
}
}
},
{
"category": "product_version",
"name": "rhacm2/acm-governance-policy-framework-addon-rhel9@sha256:587fc80d3d6e3f2295272934fb39cfa3b96f5a2652a533b6b01cc6b04d10cb66_ppc64le",
"product": {
"name": "rhacm2/acm-governance-policy-framework-addon-rhel9@sha256:587fc80d3d6e3f2295272934fb39cfa3b96f5a2652a533b6b01cc6b04d10cb66_ppc64le",
"product_id": "rhacm2/acm-governance-policy-framework-addon-rhel9@sha256:587fc80d3d6e3f2295272934fb39cfa3b96f5a2652a533b6b01cc6b04d10cb66_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/acm-governance-policy-framework-addon-rhel9@sha256:587fc80d3d6e3f2295272934fb39cfa3b96f5a2652a533b6b01cc6b04d10cb66?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/acm-governance-policy-framework-addon-rhel9\u0026tag=v2.10.4-14"
}
}
},
{
"category": "product_version",
"name": "rhacm2/acm-grafana-rhel9@sha256:b488d250bc1c82f3f7e26a1bc741dee02e57b3e3d40cf2965e541d2c5727ec65_ppc64le",
"product": {
"name": "rhacm2/acm-grafana-rhel9@sha256:b488d250bc1c82f3f7e26a1bc741dee02e57b3e3d40cf2965e541d2c5727ec65_ppc64le",
"product_id": "rhacm2/acm-grafana-rhel9@sha256:b488d250bc1c82f3f7e26a1bc741dee02e57b3e3d40cf2965e541d2c5727ec65_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/acm-grafana-rhel9@sha256:b488d250bc1c82f3f7e26a1bc741dee02e57b3e3d40cf2965e541d2c5727ec65?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/acm-grafana-rhel9\u0026tag=v2.10.4-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/acm-must-gather-rhel9@sha256:92d087992acf383c2f06ed92996049c412fc1fef76be10fc40eb6ba2e4b2f9be_ppc64le",
"product": {
"name": "rhacm2/acm-must-gather-rhel9@sha256:92d087992acf383c2f06ed92996049c412fc1fef76be10fc40eb6ba2e4b2f9be_ppc64le",
"product_id": "rhacm2/acm-must-gather-rhel9@sha256:92d087992acf383c2f06ed92996049c412fc1fef76be10fc40eb6ba2e4b2f9be_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/acm-must-gather-rhel9@sha256:92d087992acf383c2f06ed92996049c412fc1fef76be10fc40eb6ba2e4b2f9be?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/acm-must-gather-rhel9\u0026tag=v2.10.4-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/acm-operator-bundle@sha256:190d00bcb1bdbf289cc4ae87f738aeabe04470194e51870c572876e4c118d712_ppc64le",
"product": {
"name": "rhacm2/acm-operator-bundle@sha256:190d00bcb1bdbf289cc4ae87f738aeabe04470194e51870c572876e4c118d712_ppc64le",
"product_id": "rhacm2/acm-operator-bundle@sha256:190d00bcb1bdbf289cc4ae87f738aeabe04470194e51870c572876e4c118d712_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/acm-operator-bundle@sha256:190d00bcb1bdbf289cc4ae87f738aeabe04470194e51870c572876e4c118d712?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/acm-operator-bundle\u0026tag=v2.10.4-30"
}
}
},
{
"category": "product_version",
"name": "rhacm2/acm-prometheus-config-reloader-rhel9@sha256:8f18c68e47b66926d14795818f3a1dc21ffdcbcf1a220c7518194416602b19ac_ppc64le",
"product": {
"name": "rhacm2/acm-prometheus-config-reloader-rhel9@sha256:8f18c68e47b66926d14795818f3a1dc21ffdcbcf1a220c7518194416602b19ac_ppc64le",
"product_id": "rhacm2/acm-prometheus-config-reloader-rhel9@sha256:8f18c68e47b66926d14795818f3a1dc21ffdcbcf1a220c7518194416602b19ac_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/acm-prometheus-config-reloader-rhel9@sha256:8f18c68e47b66926d14795818f3a1dc21ffdcbcf1a220c7518194416602b19ac?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/acm-prometheus-config-reloader-rhel9\u0026tag=v2.10.4-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/acm-prometheus-rhel9@sha256:a1b920873dbb0984f41a8b49a4e0263c9756d909391601290b8a67278596327b_ppc64le",
"product": {
"name": "rhacm2/acm-prometheus-rhel9@sha256:a1b920873dbb0984f41a8b49a4e0263c9756d909391601290b8a67278596327b_ppc64le",
"product_id": "rhacm2/acm-prometheus-rhel9@sha256:a1b920873dbb0984f41a8b49a4e0263c9756d909391601290b8a67278596327b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/acm-prometheus-rhel9@sha256:a1b920873dbb0984f41a8b49a4e0263c9756d909391601290b8a67278596327b?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/acm-prometheus-rhel9\u0026tag=v2.10.4-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/acm-search-indexer-rhel9@sha256:9ba73ef3b2447b16aab7503bce4e480441b272e997dab87ee9cc4b0f1ac040ba_ppc64le",
"product": {
"name": "rhacm2/acm-search-indexer-rhel9@sha256:9ba73ef3b2447b16aab7503bce4e480441b272e997dab87ee9cc4b0f1ac040ba_ppc64le",
"product_id": "rhacm2/acm-search-indexer-rhel9@sha256:9ba73ef3b2447b16aab7503bce4e480441b272e997dab87ee9cc4b0f1ac040ba_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/acm-search-indexer-rhel9@sha256:9ba73ef3b2447b16aab7503bce4e480441b272e997dab87ee9cc4b0f1ac040ba?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/acm-search-indexer-rhel9\u0026tag=v2.10.4-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/acm-search-v2-api-rhel9@sha256:756982578354d8a66399f2464602458f80bd398e46656a3d86c9303fa2068900_ppc64le",
"product": {
"name": "rhacm2/acm-search-v2-api-rhel9@sha256:756982578354d8a66399f2464602458f80bd398e46656a3d86c9303fa2068900_ppc64le",
"product_id": "rhacm2/acm-search-v2-api-rhel9@sha256:756982578354d8a66399f2464602458f80bd398e46656a3d86c9303fa2068900_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/acm-search-v2-api-rhel9@sha256:756982578354d8a66399f2464602458f80bd398e46656a3d86c9303fa2068900?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/acm-search-v2-api-rhel9\u0026tag=v2.10.4-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/acm-search-v2-rhel9@sha256:f45417abdf399566fa98b0686ab4b2b55d776b6dfa67b7b7c24565b084c39165_ppc64le",
"product": {
"name": "rhacm2/acm-search-v2-rhel9@sha256:f45417abdf399566fa98b0686ab4b2b55d776b6dfa67b7b7c24565b084c39165_ppc64le",
"product_id": "rhacm2/acm-search-v2-rhel9@sha256:f45417abdf399566fa98b0686ab4b2b55d776b6dfa67b7b7c24565b084c39165_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/acm-search-v2-rhel9@sha256:f45417abdf399566fa98b0686ab4b2b55d776b6dfa67b7b7c24565b084c39165?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/acm-search-v2-rhel9\u0026tag=v2.10.4-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/acm-volsync-addon-controller-rhel9@sha256:cc991f8f8af9337ab908f6564b4b77daef5893dc2759ff483142ef659a6a4b30_ppc64le",
"product": {
"name": "rhacm2/acm-volsync-addon-controller-rhel9@sha256:cc991f8f8af9337ab908f6564b4b77daef5893dc2759ff483142ef659a6a4b30_ppc64le",
"product_id": "rhacm2/acm-volsync-addon-controller-rhel9@sha256:cc991f8f8af9337ab908f6564b4b77daef5893dc2759ff483142ef659a6a4b30_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/acm-volsync-addon-controller-rhel9@sha256:cc991f8f8af9337ab908f6564b4b77daef5893dc2759ff483142ef659a6a4b30?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/acm-volsync-addon-controller-rhel9\u0026tag=v2.10.4-11"
}
}
},
{
"category": "product_version",
"name": "rhacm2/cert-policy-controller-rhel9@sha256:bffedd5eb97a49dd210b51423ba8938684be1cb41dd79d06b2aab94bc0bb4963_ppc64le",
"product": {
"name": "rhacm2/cert-policy-controller-rhel9@sha256:bffedd5eb97a49dd210b51423ba8938684be1cb41dd79d06b2aab94bc0bb4963_ppc64le",
"product_id": "rhacm2/cert-policy-controller-rhel9@sha256:bffedd5eb97a49dd210b51423ba8938684be1cb41dd79d06b2aab94bc0bb4963_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cert-policy-controller-rhel9@sha256:bffedd5eb97a49dd210b51423ba8938684be1cb41dd79d06b2aab94bc0bb4963?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/cert-policy-controller-rhel9\u0026tag=v2.10.4-16"
}
}
},
{
"category": "product_version",
"name": "rhacm2/cluster-backup-rhel9-operator@sha256:0d141d0fa859ae0061605f2fe13381be2b6ebd9d8c6b91ca171a8e61e52842be_ppc64le",
"product": {
"name": "rhacm2/cluster-backup-rhel9-operator@sha256:0d141d0fa859ae0061605f2fe13381be2b6ebd9d8c6b91ca171a8e61e52842be_ppc64le",
"product_id": "rhacm2/cluster-backup-rhel9-operator@sha256:0d141d0fa859ae0061605f2fe13381be2b6ebd9d8c6b91ca171a8e61e52842be_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cluster-backup-rhel9-operator@sha256:0d141d0fa859ae0061605f2fe13381be2b6ebd9d8c6b91ca171a8e61e52842be?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/cluster-backup-rhel9-operator\u0026tag=v2.10.4-13"
}
}
},
{
"category": "product_version",
"name": "rhacm2/config-policy-controller-rhel9@sha256:d6e8119559b01231206654d2a57114862c4c6b5ca604ccf7b92e53bea6e2e2c2_ppc64le",
"product": {
"name": "rhacm2/config-policy-controller-rhel9@sha256:d6e8119559b01231206654d2a57114862c4c6b5ca604ccf7b92e53bea6e2e2c2_ppc64le",
"product_id": "rhacm2/config-policy-controller-rhel9@sha256:d6e8119559b01231206654d2a57114862c4c6b5ca604ccf7b92e53bea6e2e2c2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/config-policy-controller-rhel9@sha256:d6e8119559b01231206654d2a57114862c4c6b5ca604ccf7b92e53bea6e2e2c2?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/config-policy-controller-rhel9\u0026tag=v2.10.4-14"
}
}
},
{
"category": "product_version",
"name": "rhacm2/console-rhel9@sha256:9005fc71b91a5d2a1fe502e90d57cea2285d1218ad6e49f4bcdd77bf560c5765_ppc64le",
"product": {
"name": "rhacm2/console-rhel9@sha256:9005fc71b91a5d2a1fe502e90d57cea2285d1218ad6e49f4bcdd77bf560c5765_ppc64le",
"product_id": "rhacm2/console-rhel9@sha256:9005fc71b91a5d2a1fe502e90d57cea2285d1218ad6e49f4bcdd77bf560c5765_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/console-rhel9@sha256:9005fc71b91a5d2a1fe502e90d57cea2285d1218ad6e49f4bcdd77bf560c5765?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/console-rhel9\u0026tag=v2.10.4-13"
}
}
},
{
"category": "product_version",
"name": "rhacm2/endpoint-monitoring-rhel9-operator@sha256:e177864e6bc3b6e66f1f455229257210b77a3b7d0e18c480d252ed79f03bf67a_ppc64le",
"product": {
"name": "rhacm2/endpoint-monitoring-rhel9-operator@sha256:e177864e6bc3b6e66f1f455229257210b77a3b7d0e18c480d252ed79f03bf67a_ppc64le",
"product_id": "rhacm2/endpoint-monitoring-rhel9-operator@sha256:e177864e6bc3b6e66f1f455229257210b77a3b7d0e18c480d252ed79f03bf67a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/endpoint-monitoring-rhel9-operator@sha256:e177864e6bc3b6e66f1f455229257210b77a3b7d0e18c480d252ed79f03bf67a?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/endpoint-monitoring-rhel9-operator\u0026tag=v2.10.4-16"
}
}
},
{
"category": "product_version",
"name": "rhacm2/governance-policy-propagator-rhel9@sha256:4e9143f58e4755b86526d113040acd0ee0069fefe9243e08c864c35d25b276e9_ppc64le",
"product": {
"name": "rhacm2/governance-policy-propagator-rhel9@sha256:4e9143f58e4755b86526d113040acd0ee0069fefe9243e08c864c35d25b276e9_ppc64le",
"product_id": "rhacm2/governance-policy-propagator-rhel9@sha256:4e9143f58e4755b86526d113040acd0ee0069fefe9243e08c864c35d25b276e9_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/governance-policy-propagator-rhel9@sha256:4e9143f58e4755b86526d113040acd0ee0069fefe9243e08c864c35d25b276e9?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/governance-policy-propagator-rhel9\u0026tag=v2.10.4-14"
}
}
},
{
"category": "product_version",
"name": "rhacm2/grafana-dashboard-loader-rhel9@sha256:26a08abd967f17e23975b728768e2f561750856b0f98ff5f27506da94fa597ca_ppc64le",
"product": {
"name": "rhacm2/grafana-dashboard-loader-rhel9@sha256:26a08abd967f17e23975b728768e2f561750856b0f98ff5f27506da94fa597ca_ppc64le",
"product_id": "rhacm2/grafana-dashboard-loader-rhel9@sha256:26a08abd967f17e23975b728768e2f561750856b0f98ff5f27506da94fa597ca_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/grafana-dashboard-loader-rhel9@sha256:26a08abd967f17e23975b728768e2f561750856b0f98ff5f27506da94fa597ca?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/grafana-dashboard-loader-rhel9\u0026tag=v2.10.4-17"
}
}
},
{
"category": "product_version",
"name": "rhacm2/iam-policy-controller-rhel9@sha256:ae274418f0fa055670012f2d92d63ebb175fdbd3946486312007bc2b0a915541_ppc64le",
"product": {
"name": "rhacm2/iam-policy-controller-rhel9@sha256:ae274418f0fa055670012f2d92d63ebb175fdbd3946486312007bc2b0a915541_ppc64le",
"product_id": "rhacm2/iam-policy-controller-rhel9@sha256:ae274418f0fa055670012f2d92d63ebb175fdbd3946486312007bc2b0a915541_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/iam-policy-controller-rhel9@sha256:ae274418f0fa055670012f2d92d63ebb175fdbd3946486312007bc2b0a915541?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/iam-policy-controller-rhel9\u0026tag=v2.10.4-16"
}
}
},
{
"category": "product_version",
"name": "rhacm2/insights-client-rhel9@sha256:0ff4ca5a9703ec58d70178152b5dbbb3aaffa5fce80153eda12f727f7c3e0b6f_ppc64le",
"product": {
"name": "rhacm2/insights-client-rhel9@sha256:0ff4ca5a9703ec58d70178152b5dbbb3aaffa5fce80153eda12f727f7c3e0b6f_ppc64le",
"product_id": "rhacm2/insights-client-rhel9@sha256:0ff4ca5a9703ec58d70178152b5dbbb3aaffa5fce80153eda12f727f7c3e0b6f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/insights-client-rhel9@sha256:0ff4ca5a9703ec58d70178152b5dbbb3aaffa5fce80153eda12f727f7c3e0b6f?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/insights-client-rhel9\u0026tag=v2.10.4-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/insights-metrics-rhel9@sha256:2f7c346cb847e2928715bd4b64a34531b82d0130a89a08f19c3026db5d89c5a1_ppc64le",
"product": {
"name": "rhacm2/insights-metrics-rhel9@sha256:2f7c346cb847e2928715bd4b64a34531b82d0130a89a08f19c3026db5d89c5a1_ppc64le",
"product_id": "rhacm2/insights-metrics-rhel9@sha256:2f7c346cb847e2928715bd4b64a34531b82d0130a89a08f19c3026db5d89c5a1_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/insights-metrics-rhel9@sha256:2f7c346cb847e2928715bd4b64a34531b82d0130a89a08f19c3026db5d89c5a1?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/insights-metrics-rhel9\u0026tag=v2.10.4-10"
}
}
},
{
"category": "product_version",
"name": "rhacm2/klusterlet-addon-controller-rhel9@sha256:693af28fa3e5f1aee61695e891fdd33a49b5280e4a555f84b838ca8e829d0999_ppc64le",
"product": {
"name": "rhacm2/klusterlet-addon-controller-rhel9@sha256:693af28fa3e5f1aee61695e891fdd33a49b5280e4a555f84b838ca8e829d0999_ppc64le",
"product_id": "rhacm2/klusterlet-addon-controller-rhel9@sha256:693af28fa3e5f1aee61695e891fdd33a49b5280e4a555f84b838ca8e829d0999_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/klusterlet-addon-controller-rhel9@sha256:693af28fa3e5f1aee61695e891fdd33a49b5280e4a555f84b838ca8e829d0999?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/klusterlet-addon-controller-rhel9\u0026tag=v2.10.4-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/kube-rbac-proxy-rhel9@sha256:5e416f1249a77845f81c9cf1a1dfae74feca41afd6dd35e7be55a0fa61632c00_ppc64le",
"product": {
"name": "rhacm2/kube-rbac-proxy-rhel9@sha256:5e416f1249a77845f81c9cf1a1dfae74feca41afd6dd35e7be55a0fa61632c00_ppc64le",
"product_id": "rhacm2/kube-rbac-proxy-rhel9@sha256:5e416f1249a77845f81c9cf1a1dfae74feca41afd6dd35e7be55a0fa61632c00_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kube-rbac-proxy-rhel9@sha256:5e416f1249a77845f81c9cf1a1dfae74feca41afd6dd35e7be55a0fa61632c00?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/kube-rbac-proxy-rhel9\u0026tag=v2.10.4-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/kube-state-metrics-rhel9@sha256:88982e268e1a3d0c52c72563a684b58042adb0800ebd1e80208b898eebe75cd6_ppc64le",
"product": {
"name": "rhacm2/kube-state-metrics-rhel9@sha256:88982e268e1a3d0c52c72563a684b58042adb0800ebd1e80208b898eebe75cd6_ppc64le",
"product_id": "rhacm2/kube-state-metrics-rhel9@sha256:88982e268e1a3d0c52c72563a684b58042adb0800ebd1e80208b898eebe75cd6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kube-state-metrics-rhel9@sha256:88982e268e1a3d0c52c72563a684b58042adb0800ebd1e80208b898eebe75cd6?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/kube-state-metrics-rhel9\u0026tag=v2.10.4-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/memcached-rhel9@sha256:e871cb2e5d235ae74a998356748299daace42d47a92e1da57a2773eae87625a6_ppc64le",
"product": {
"name": "rhacm2/memcached-rhel9@sha256:e871cb2e5d235ae74a998356748299daace42d47a92e1da57a2773eae87625a6_ppc64le",
"product_id": "rhacm2/memcached-rhel9@sha256:e871cb2e5d235ae74a998356748299daace42d47a92e1da57a2773eae87625a6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/memcached-rhel9@sha256:e871cb2e5d235ae74a998356748299daace42d47a92e1da57a2773eae87625a6?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/memcached-rhel9\u0026tag=v2.10.4-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/memcached-exporter-rhel9@sha256:1304f49745ed8a18784196b5595cea1ec6caf904d0e61d0952a603e6fb7da6e0_ppc64le",
"product": {
"name": "rhacm2/memcached-exporter-rhel9@sha256:1304f49745ed8a18784196b5595cea1ec6caf904d0e61d0952a603e6fb7da6e0_ppc64le",
"product_id": "rhacm2/memcached-exporter-rhel9@sha256:1304f49745ed8a18784196b5595cea1ec6caf904d0e61d0952a603e6fb7da6e0_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/memcached-exporter-rhel9@sha256:1304f49745ed8a18784196b5595cea1ec6caf904d0e61d0952a603e6fb7da6e0?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/memcached-exporter-rhel9\u0026tag=v2.10.4-6"
}
}
},
{
"category": "product_version",
"name": "rhacm2/metrics-collector-rhel9@sha256:54665ca7529012a3a63c7dcc263a2e46964a0ee4ba43f19a2a3f05dcdfd5ae0f_ppc64le",
"product": {
"name": "rhacm2/metrics-collector-rhel9@sha256:54665ca7529012a3a63c7dcc263a2e46964a0ee4ba43f19a2a3f05dcdfd5ae0f_ppc64le",
"product_id": "rhacm2/metrics-collector-rhel9@sha256:54665ca7529012a3a63c7dcc263a2e46964a0ee4ba43f19a2a3f05dcdfd5ae0f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/metrics-collector-rhel9@sha256:54665ca7529012a3a63c7dcc263a2e46964a0ee4ba43f19a2a3f05dcdfd5ae0f?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/metrics-collector-rhel9\u0026tag=v2.10.4-16"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicloud-integrations-rhel9@sha256:d3958606b5001619aa3044617ccb4fe265764d7dad05b0a6bf5b4910bd5d0ba7_ppc64le",
"product": {
"name": "rhacm2/multicloud-integrations-rhel9@sha256:d3958606b5001619aa3044617ccb4fe265764d7dad05b0a6bf5b4910bd5d0ba7_ppc64le",
"product_id": "rhacm2/multicloud-integrations-rhel9@sha256:d3958606b5001619aa3044617ccb4fe265764d7dad05b0a6bf5b4910bd5d0ba7_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/multicloud-integrations-rhel9@sha256:d3958606b5001619aa3044617ccb4fe265764d7dad05b0a6bf5b4910bd5d0ba7?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/multicloud-integrations-rhel9\u0026tag=v2.10.4-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multiclusterhub-rhel9@sha256:b30d5d981e1522751e4434b1c107e5cefb6c8c22ea16915f35948c11f9aa0579_ppc64le",
"product": {
"name": "rhacm2/multiclusterhub-rhel9@sha256:b30d5d981e1522751e4434b1c107e5cefb6c8c22ea16915f35948c11f9aa0579_ppc64le",
"product_id": "rhacm2/multiclusterhub-rhel9@sha256:b30d5d981e1522751e4434b1c107e5cefb6c8c22ea16915f35948c11f9aa0579_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/multiclusterhub-rhel9@sha256:b30d5d981e1522751e4434b1c107e5cefb6c8c22ea16915f35948c11f9aa0579?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/multiclusterhub-rhel9\u0026tag=v2.10.4-16"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicluster-observability-rhel9-operator@sha256:ab73f96720c106dcb2ea64f8b7ac13ad866533d993c43cb7c6dbbf08ba4977dd_ppc64le",
"product": {
"name": "rhacm2/multicluster-observability-rhel9-operator@sha256:ab73f96720c106dcb2ea64f8b7ac13ad866533d993c43cb7c6dbbf08ba4977dd_ppc64le",
"product_id": "rhacm2/multicluster-observability-rhel9-operator@sha256:ab73f96720c106dcb2ea64f8b7ac13ad866533d993c43cb7c6dbbf08ba4977dd_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-observability-rhel9-operator@sha256:ab73f96720c106dcb2ea64f8b7ac13ad866533d993c43cb7c6dbbf08ba4977dd?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/multicluster-observability-rhel9-operator\u0026tag=v2.10.4-16"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicluster-operators-application-rhel9@sha256:635c1cf425b8744a421c649bd809a59df6dc6cdeaa9da2a369706e522a3a0fab_ppc64le",
"product": {
"name": "rhacm2/multicluster-operators-application-rhel9@sha256:635c1cf425b8744a421c649bd809a59df6dc6cdeaa9da2a369706e522a3a0fab_ppc64le",
"product_id": "rhacm2/multicluster-operators-application-rhel9@sha256:635c1cf425b8744a421c649bd809a59df6dc6cdeaa9da2a369706e522a3a0fab_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-operators-application-rhel9@sha256:635c1cf425b8744a421c649bd809a59df6dc6cdeaa9da2a369706e522a3a0fab?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-application-rhel9\u0026tag=v2.10.4-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicluster-operators-channel-rhel9@sha256:43c086e0f17783322c26ba577db2c7c8fd43176a7ac14e45a40c3db0b91a6d1e_ppc64le",
"product": {
"name": "rhacm2/multicluster-operators-channel-rhel9@sha256:43c086e0f17783322c26ba577db2c7c8fd43176a7ac14e45a40c3db0b91a6d1e_ppc64le",
"product_id": "rhacm2/multicluster-operators-channel-rhel9@sha256:43c086e0f17783322c26ba577db2c7c8fd43176a7ac14e45a40c3db0b91a6d1e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-operators-channel-rhel9@sha256:43c086e0f17783322c26ba577db2c7c8fd43176a7ac14e45a40c3db0b91a6d1e?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-channel-rhel9\u0026tag=v2.10.4-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicluster-operators-subscription-rhel9@sha256:a791398b5dd73f447d22f260eaf209f782c9663e81c81529eb4b3018183f9deb_ppc64le",
"product": {
"name": "rhacm2/multicluster-operators-subscription-rhel9@sha256:a791398b5dd73f447d22f260eaf209f782c9663e81c81529eb4b3018183f9deb_ppc64le",
"product_id": "rhacm2/multicluster-operators-subscription-rhel9@sha256:a791398b5dd73f447d22f260eaf209f782c9663e81c81529eb4b3018183f9deb_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-operators-subscription-rhel9@sha256:a791398b5dd73f447d22f260eaf209f782c9663e81c81529eb4b3018183f9deb?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-subscription-rhel9\u0026tag=v2.10.4-12"
}
}
},
{
"category": "product_version",
"name": "rhacm2/node-exporter-rhel9@sha256:f9a4446156fd21112854846849c68952e4c336e5782d6aeb3c49bddd3408d388_ppc64le",
"product": {
"name": "rhacm2/node-exporter-rhel9@sha256:f9a4446156fd21112854846849c68952e4c336e5782d6aeb3c49bddd3408d388_ppc64le",
"product_id": "rhacm2/node-exporter-rhel9@sha256:f9a4446156fd21112854846849c68952e4c336e5782d6aeb3c49bddd3408d388_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/node-exporter-rhel9@sha256:f9a4446156fd21112854846849c68952e4c336e5782d6aeb3c49bddd3408d388?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/node-exporter-rhel9\u0026tag=v2.10.4-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/observatorium-rhel9@sha256:25ee9231e17b71c83f12a9ce5d94629b2fd8ad3c64b61de9f03b057584f84804_ppc64le",
"product": {
"name": "rhacm2/observatorium-rhel9@sha256:25ee9231e17b71c83f12a9ce5d94629b2fd8ad3c64b61de9f03b057584f84804_ppc64le",
"product_id": "rhacm2/observatorium-rhel9@sha256:25ee9231e17b71c83f12a9ce5d94629b2fd8ad3c64b61de9f03b057584f84804_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/observatorium-rhel9@sha256:25ee9231e17b71c83f12a9ce5d94629b2fd8ad3c64b61de9f03b057584f84804?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/observatorium-rhel9\u0026tag=v2.10.4-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/observatorium-rhel9-operator@sha256:9e2d97d0116349c1f1e1d815a6d8822c9f5331acdb81e878c0cb0e86149167ef_ppc64le",
"product": {
"name": "rhacm2/observatorium-rhel9-operator@sha256:9e2d97d0116349c1f1e1d815a6d8822c9f5331acdb81e878c0cb0e86149167ef_ppc64le",
"product_id": "rhacm2/observatorium-rhel9-operator@sha256:9e2d97d0116349c1f1e1d815a6d8822c9f5331acdb81e878c0cb0e86149167ef_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/observatorium-rhel9-operator@sha256:9e2d97d0116349c1f1e1d815a6d8822c9f5331acdb81e878c0cb0e86149167ef?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/observatorium-rhel9-operator\u0026tag=v2.10.4-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/prometheus-alertmanager-rhel9@sha256:0a4ecc2af398e1a771540af4f062abfc0f47bfae9ba3a2fcb6a6c66940385d42_ppc64le",
"product": {
"name": "rhacm2/prometheus-alertmanager-rhel9@sha256:0a4ecc2af398e1a771540af4f062abfc0f47bfae9ba3a2fcb6a6c66940385d42_ppc64le",
"product_id": "rhacm2/prometheus-alertmanager-rhel9@sha256:0a4ecc2af398e1a771540af4f062abfc0f47bfae9ba3a2fcb6a6c66940385d42_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/prometheus-alertmanager-rhel9@sha256:0a4ecc2af398e1a771540af4f062abfc0f47bfae9ba3a2fcb6a6c66940385d42?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/prometheus-alertmanager-rhel9\u0026tag=v2.10.4-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/prometheus-rhel9@sha256:99e749f7d98203070348c652f6df158c9207801d86439ddde08bcae16e813ea5_ppc64le",
"product": {
"name": "rhacm2/prometheus-rhel9@sha256:99e749f7d98203070348c652f6df158c9207801d86439ddde08bcae16e813ea5_ppc64le",
"product_id": "rhacm2/prometheus-rhel9@sha256:99e749f7d98203070348c652f6df158c9207801d86439ddde08bcae16e813ea5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/prometheus-rhel9@sha256:99e749f7d98203070348c652f6df158c9207801d86439ddde08bcae16e813ea5?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/prometheus-rhel9\u0026tag=v2.10.4-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/rbac-query-proxy-rhel9@sha256:e325c611a68e60d204018b8aac765bb58e135b44735bbc14069c5cbf49828ada_ppc64le",
"product": {
"name": "rhacm2/rbac-query-proxy-rhel9@sha256:e325c611a68e60d204018b8aac765bb58e135b44735bbc14069c5cbf49828ada_ppc64le",
"product_id": "rhacm2/rbac-query-proxy-rhel9@sha256:e325c611a68e60d204018b8aac765bb58e135b44735bbc14069c5cbf49828ada_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rbac-query-proxy-rhel9@sha256:e325c611a68e60d204018b8aac765bb58e135b44735bbc14069c5cbf49828ada?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/rbac-query-proxy-rhel9\u0026tag=v2.10.4-17"
}
}
},
{
"category": "product_version",
"name": "rhacm2/search-collector-rhel9@sha256:f908a57c2bfe78911889102abb61377d5170590689930d74b8d6a9fa7bc66848_ppc64le",
"product": {
"name": "rhacm2/search-collector-rhel9@sha256:f908a57c2bfe78911889102abb61377d5170590689930d74b8d6a9fa7bc66848_ppc64le",
"product_id": "rhacm2/search-collector-rhel9@sha256:f908a57c2bfe78911889102abb61377d5170590689930d74b8d6a9fa7bc66848_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/search-collector-rhel9@sha256:f908a57c2bfe78911889102abb61377d5170590689930d74b8d6a9fa7bc66848?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/search-collector-rhel9\u0026tag=v2.10.4-10"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-addon-rhel9@sha256:1d74ed10635e7021129e60caa3358581d61c4bd93cebed86f79d5fdba100b10f_ppc64le",
"product": {
"name": "rhacm2/submariner-addon-rhel9@sha256:1d74ed10635e7021129e60caa3358581d61c4bd93cebed86f79d5fdba100b10f_ppc64le",
"product_id": "rhacm2/submariner-addon-rhel9@sha256:1d74ed10635e7021129e60caa3358581d61c4bd93cebed86f79d5fdba100b10f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/submariner-addon-rhel9@sha256:1d74ed10635e7021129e60caa3358581d61c4bd93cebed86f79d5fdba100b10f?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/submariner-addon-rhel9\u0026tag=v2.10.4-12"
}
}
},
{
"category": "product_version",
"name": "rhacm2/thanos-rhel9@sha256:9c82d36f3a942088a6612e6e1d5d7f3413006b2f5df41758c0072ee8d68b3801_ppc64le",
"product": {
"name": "rhacm2/thanos-rhel9@sha256:9c82d36f3a942088a6612e6e1d5d7f3413006b2f5df41758c0072ee8d68b3801_ppc64le",
"product_id": "rhacm2/thanos-rhel9@sha256:9c82d36f3a942088a6612e6e1d5d7f3413006b2f5df41758c0072ee8d68b3801_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/thanos-rhel9@sha256:9c82d36f3a942088a6612e6e1d5d7f3413006b2f5df41758c0072ee8d68b3801?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/thanos-rhel9\u0026tag=v2.10.4-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/thanos-receive-controller-rhel9@sha256:d391d522c2006e634df69f28eacd1f6cfba7b1ac4ec27ea97c307f4da5213954_ppc64le",
"product": {
"name": "rhacm2/thanos-receive-controller-rhel9@sha256:d391d522c2006e634df69f28eacd1f6cfba7b1ac4ec27ea97c307f4da5213954_ppc64le",
"product_id": "rhacm2/thanos-receive-controller-rhel9@sha256:d391d522c2006e634df69f28eacd1f6cfba7b1ac4ec27ea97c307f4da5213954_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/thanos-receive-controller-rhel9@sha256:d391d522c2006e634df69f28eacd1f6cfba7b1ac4ec27ea97c307f4da5213954?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/thanos-receive-controller-rhel9\u0026tag=v2.10.4-7"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "rhacm2/acm-cluster-permission-rhel9@sha256:dac35e93ff173bd30fefbdec8676fb605e28368aec3eccc4ac603f16eadcf31d_arm64",
"product": {
"name": "rhacm2/acm-cluster-permission-rhel9@sha256:dac35e93ff173bd30fefbdec8676fb605e28368aec3eccc4ac603f16eadcf31d_arm64",
"product_id": "rhacm2/acm-cluster-permission-rhel9@sha256:dac35e93ff173bd30fefbdec8676fb605e28368aec3eccc4ac603f16eadcf31d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/acm-cluster-permission-rhel9@sha256:dac35e93ff173bd30fefbdec8676fb605e28368aec3eccc4ac603f16eadcf31d?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/acm-cluster-permission-rhel9\u0026tag=v2.10.4-6"
}
}
},
{
"category": "product_version",
"name": "rhacm2/acm-governance-policy-addon-controller-rhel9@sha256:9af1cb9605a8fdf7212a079ed8fa51b110b367c705a51651ba3933e936519e7f_arm64",
"product": {
"name": "rhacm2/acm-governance-policy-addon-controller-rhel9@sha256:9af1cb9605a8fdf7212a079ed8fa51b110b367c705a51651ba3933e936519e7f_arm64",
"product_id": "rhacm2/acm-governance-policy-addon-controller-rhel9@sha256:9af1cb9605a8fdf7212a079ed8fa51b110b367c705a51651ba3933e936519e7f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/acm-governance-policy-addon-controller-rhel9@sha256:9af1cb9605a8fdf7212a079ed8fa51b110b367c705a51651ba3933e936519e7f?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/acm-governance-policy-addon-controller-rhel9\u0026tag=v2.10.4-15"
}
}
},
{
"category": "product_version",
"name": "rhacm2/acm-governance-policy-framework-addon-rhel9@sha256:63246c061e7960a656cb66c8ccca2b7bed943c9a1fe96a28f9cd99829608cda5_arm64",
"product": {
"name": "rhacm2/acm-governance-policy-framework-addon-rhel9@sha256:63246c061e7960a656cb66c8ccca2b7bed943c9a1fe96a28f9cd99829608cda5_arm64",
"product_id": "rhacm2/acm-governance-policy-framework-addon-rhel9@sha256:63246c061e7960a656cb66c8ccca2b7bed943c9a1fe96a28f9cd99829608cda5_arm64",
"product_identification_helper": {
"purl": "pkg:oci/acm-governance-policy-framework-addon-rhel9@sha256:63246c061e7960a656cb66c8ccca2b7bed943c9a1fe96a28f9cd99829608cda5?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/acm-governance-policy-framework-addon-rhel9\u0026tag=v2.10.4-14"
}
}
},
{
"category": "product_version",
"name": "rhacm2/acm-grafana-rhel9@sha256:df4024e8506d0926ad81943684532dd9e4054f26d23da6e329f593239b5a1513_arm64",
"product": {
"name": "rhacm2/acm-grafana-rhel9@sha256:df4024e8506d0926ad81943684532dd9e4054f26d23da6e329f593239b5a1513_arm64",
"product_id": "rhacm2/acm-grafana-rhel9@sha256:df4024e8506d0926ad81943684532dd9e4054f26d23da6e329f593239b5a1513_arm64",
"product_identification_helper": {
"purl": "pkg:oci/acm-grafana-rhel9@sha256:df4024e8506d0926ad81943684532dd9e4054f26d23da6e329f593239b5a1513?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/acm-grafana-rhel9\u0026tag=v2.10.4-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/acm-must-gather-rhel9@sha256:66bca60baa85bc23963b5955fe57e8b7b7038c1088e2ce60f1fedc1a41d944dc_arm64",
"product": {
"name": "rhacm2/acm-must-gather-rhel9@sha256:66bca60baa85bc23963b5955fe57e8b7b7038c1088e2ce60f1fedc1a41d944dc_arm64",
"product_id": "rhacm2/acm-must-gather-rhel9@sha256:66bca60baa85bc23963b5955fe57e8b7b7038c1088e2ce60f1fedc1a41d944dc_arm64",
"product_identification_helper": {
"purl": "pkg:oci/acm-must-gather-rhel9@sha256:66bca60baa85bc23963b5955fe57e8b7b7038c1088e2ce60f1fedc1a41d944dc?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/acm-must-gather-rhel9\u0026tag=v2.10.4-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/acm-prometheus-config-reloader-rhel9@sha256:53cd755cea5a527c089321e5571c14ad0fd5d55b16e7c2acddc2a7c9670cffd2_arm64",
"product": {
"name": "rhacm2/acm-prometheus-config-reloader-rhel9@sha256:53cd755cea5a527c089321e5571c14ad0fd5d55b16e7c2acddc2a7c9670cffd2_arm64",
"product_id": "rhacm2/acm-prometheus-config-reloader-rhel9@sha256:53cd755cea5a527c089321e5571c14ad0fd5d55b16e7c2acddc2a7c9670cffd2_arm64",
"product_identification_helper": {
"purl": "pkg:oci/acm-prometheus-config-reloader-rhel9@sha256:53cd755cea5a527c089321e5571c14ad0fd5d55b16e7c2acddc2a7c9670cffd2?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/acm-prometheus-config-reloader-rhel9\u0026tag=v2.10.4-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/acm-prometheus-rhel9@sha256:91ec246784f1e7cdd0c20ab36ea09f13e553c043851699dae6191ea1ce101a61_arm64",
"product": {
"name": "rhacm2/acm-prometheus-rhel9@sha256:91ec246784f1e7cdd0c20ab36ea09f13e553c043851699dae6191ea1ce101a61_arm64",
"product_id": "rhacm2/acm-prometheus-rhel9@sha256:91ec246784f1e7cdd0c20ab36ea09f13e553c043851699dae6191ea1ce101a61_arm64",
"product_identification_helper": {
"purl": "pkg:oci/acm-prometheus-rhel9@sha256:91ec246784f1e7cdd0c20ab36ea09f13e553c043851699dae6191ea1ce101a61?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/acm-prometheus-rhel9\u0026tag=v2.10.4-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/acm-search-indexer-rhel9@sha256:95c15180b6b25c453b8aa81c42b106d6e9fb1d832761a3b2b06922c0ceee4d7b_arm64",
"product": {
"name": "rhacm2/acm-search-indexer-rhel9@sha256:95c15180b6b25c453b8aa81c42b106d6e9fb1d832761a3b2b06922c0ceee4d7b_arm64",
"product_id": "rhacm2/acm-search-indexer-rhel9@sha256:95c15180b6b25c453b8aa81c42b106d6e9fb1d832761a3b2b06922c0ceee4d7b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/acm-search-indexer-rhel9@sha256:95c15180b6b25c453b8aa81c42b106d6e9fb1d832761a3b2b06922c0ceee4d7b?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/acm-search-indexer-rhel9\u0026tag=v2.10.4-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/acm-search-v2-api-rhel9@sha256:247e052a3b5bc9708f1c0953f09c942414852f2109a9694af864375032072ae2_arm64",
"product": {
"name": "rhacm2/acm-search-v2-api-rhel9@sha256:247e052a3b5bc9708f1c0953f09c942414852f2109a9694af864375032072ae2_arm64",
"product_id": "rhacm2/acm-search-v2-api-rhel9@sha256:247e052a3b5bc9708f1c0953f09c942414852f2109a9694af864375032072ae2_arm64",
"product_identification_helper": {
"purl": "pkg:oci/acm-search-v2-api-rhel9@sha256:247e052a3b5bc9708f1c0953f09c942414852f2109a9694af864375032072ae2?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/acm-search-v2-api-rhel9\u0026tag=v2.10.4-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/acm-search-v2-rhel9@sha256:9e2aa6686deee7b78bda5dcb08dad31c87a9653e48788df4e8bb39d4965c9101_arm64",
"product": {
"name": "rhacm2/acm-search-v2-rhel9@sha256:9e2aa6686deee7b78bda5dcb08dad31c87a9653e48788df4e8bb39d4965c9101_arm64",
"product_id": "rhacm2/acm-search-v2-rhel9@sha256:9e2aa6686deee7b78bda5dcb08dad31c87a9653e48788df4e8bb39d4965c9101_arm64",
"product_identification_helper": {
"purl": "pkg:oci/acm-search-v2-rhel9@sha256:9e2aa6686deee7b78bda5dcb08dad31c87a9653e48788df4e8bb39d4965c9101?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/acm-search-v2-rhel9\u0026tag=v2.10.4-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/acm-volsync-addon-controller-rhel9@sha256:055c5ab4b2045571efe53bbd4ca54ba8a17a2cf590dad70c65667ed6b11ca86a_arm64",
"product": {
"name": "rhacm2/acm-volsync-addon-controller-rhel9@sha256:055c5ab4b2045571efe53bbd4ca54ba8a17a2cf590dad70c65667ed6b11ca86a_arm64",
"product_id": "rhacm2/acm-volsync-addon-controller-rhel9@sha256:055c5ab4b2045571efe53bbd4ca54ba8a17a2cf590dad70c65667ed6b11ca86a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/acm-volsync-addon-controller-rhel9@sha256:055c5ab4b2045571efe53bbd4ca54ba8a17a2cf590dad70c65667ed6b11ca86a?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/acm-volsync-addon-controller-rhel9\u0026tag=v2.10.4-11"
}
}
},
{
"category": "product_version",
"name": "rhacm2/cert-policy-controller-rhel9@sha256:318f11ebe87bc1feced78f9d2ae66856884606c721e15d2d05045562d248ac3f_arm64",
"product": {
"name": "rhacm2/cert-policy-controller-rhel9@sha256:318f11ebe87bc1feced78f9d2ae66856884606c721e15d2d05045562d248ac3f_arm64",
"product_id": "rhacm2/cert-policy-controller-rhel9@sha256:318f11ebe87bc1feced78f9d2ae66856884606c721e15d2d05045562d248ac3f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cert-policy-controller-rhel9@sha256:318f11ebe87bc1feced78f9d2ae66856884606c721e15d2d05045562d248ac3f?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/cert-policy-controller-rhel9\u0026tag=v2.10.4-16"
}
}
},
{
"category": "product_version",
"name": "rhacm2/cluster-backup-rhel9-operator@sha256:ac726852c9aa7e54aa4d75c6c485b429f16fffbb61d2840b527c5a1cfdb5c842_arm64",
"product": {
"name": "rhacm2/cluster-backup-rhel9-operator@sha256:ac726852c9aa7e54aa4d75c6c485b429f16fffbb61d2840b527c5a1cfdb5c842_arm64",
"product_id": "rhacm2/cluster-backup-rhel9-operator@sha256:ac726852c9aa7e54aa4d75c6c485b429f16fffbb61d2840b527c5a1cfdb5c842_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-backup-rhel9-operator@sha256:ac726852c9aa7e54aa4d75c6c485b429f16fffbb61d2840b527c5a1cfdb5c842?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/cluster-backup-rhel9-operator\u0026tag=v2.10.4-13"
}
}
},
{
"category": "product_version",
"name": "rhacm2/config-policy-controller-rhel9@sha256:d4456a33f0488db9c77d12a279500b68a41441a8ff6c8cc9723a7ccc46e90dc7_arm64",
"product": {
"name": "rhacm2/config-policy-controller-rhel9@sha256:d4456a33f0488db9c77d12a279500b68a41441a8ff6c8cc9723a7ccc46e90dc7_arm64",
"product_id": "rhacm2/config-policy-controller-rhel9@sha256:d4456a33f0488db9c77d12a279500b68a41441a8ff6c8cc9723a7ccc46e90dc7_arm64",
"product_identification_helper": {
"purl": "pkg:oci/config-policy-controller-rhel9@sha256:d4456a33f0488db9c77d12a279500b68a41441a8ff6c8cc9723a7ccc46e90dc7?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/config-policy-controller-rhel9\u0026tag=v2.10.4-14"
}
}
},
{
"category": "product_version",
"name": "rhacm2/console-rhel9@sha256:4ee3bbdcc190cd6c3e1eff8bfabe8ca3cd9e61ab5d824983a955e6d509238041_arm64",
"product": {
"name": "rhacm2/console-rhel9@sha256:4ee3bbdcc190cd6c3e1eff8bfabe8ca3cd9e61ab5d824983a955e6d509238041_arm64",
"product_id": "rhacm2/console-rhel9@sha256:4ee3bbdcc190cd6c3e1eff8bfabe8ca3cd9e61ab5d824983a955e6d509238041_arm64",
"product_identification_helper": {
"purl": "pkg:oci/console-rhel9@sha256:4ee3bbdcc190cd6c3e1eff8bfabe8ca3cd9e61ab5d824983a955e6d509238041?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/console-rhel9\u0026tag=v2.10.4-13"
}
}
},
{
"category": "product_version",
"name": "rhacm2/endpoint-monitoring-rhel9-operator@sha256:cf7be8fd6b726cb7ba8a3f57e14e20d7944245759cd6e8bd26dca4d666fb866a_arm64",
"product": {
"name": "rhacm2/endpoint-monitoring-rhel9-operator@sha256:cf7be8fd6b726cb7ba8a3f57e14e20d7944245759cd6e8bd26dca4d666fb866a_arm64",
"product_id": "rhacm2/endpoint-monitoring-rhel9-operator@sha256:cf7be8fd6b726cb7ba8a3f57e14e20d7944245759cd6e8bd26dca4d666fb866a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/endpoint-monitoring-rhel9-operator@sha256:cf7be8fd6b726cb7ba8a3f57e14e20d7944245759cd6e8bd26dca4d666fb866a?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/endpoint-monitoring-rhel9-operator\u0026tag=v2.10.4-16"
}
}
},
{
"category": "product_version",
"name": "rhacm2/governance-policy-propagator-rhel9@sha256:8947a68138c101fdc355b94a4deb0d02f44de025fe733e8d5fb28f5fce93b7c9_arm64",
"product": {
"name": "rhacm2/governance-policy-propagator-rhel9@sha256:8947a68138c101fdc355b94a4deb0d02f44de025fe733e8d5fb28f5fce93b7c9_arm64",
"product_id": "rhacm2/governance-policy-propagator-rhel9@sha256:8947a68138c101fdc355b94a4deb0d02f44de025fe733e8d5fb28f5fce93b7c9_arm64",
"product_identification_helper": {
"purl": "pkg:oci/governance-policy-propagator-rhel9@sha256:8947a68138c101fdc355b94a4deb0d02f44de025fe733e8d5fb28f5fce93b7c9?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/governance-policy-propagator-rhel9\u0026tag=v2.10.4-14"
}
}
},
{
"category": "product_version",
"name": "rhacm2/grafana-dashboard-loader-rhel9@sha256:43f27505c8ac51aa659c638f96f7681d8d3029775b9153a8075fa38dd48dbc3c_arm64",
"product": {
"name": "rhacm2/grafana-dashboard-loader-rhel9@sha256:43f27505c8ac51aa659c638f96f7681d8d3029775b9153a8075fa38dd48dbc3c_arm64",
"product_id": "rhacm2/grafana-dashboard-loader-rhel9@sha256:43f27505c8ac51aa659c638f96f7681d8d3029775b9153a8075fa38dd48dbc3c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/grafana-dashboard-loader-rhel9@sha256:43f27505c8ac51aa659c638f96f7681d8d3029775b9153a8075fa38dd48dbc3c?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/grafana-dashboard-loader-rhel9\u0026tag=v2.10.4-17"
}
}
},
{
"category": "product_version",
"name": "rhacm2/iam-policy-controller-rhel9@sha256:63ca0eef9b3febe70ceea5b47a36fea7455eef69da9d1bda70d2bc9661ec2f2c_arm64",
"product": {
"name": "rhacm2/iam-policy-controller-rhel9@sha256:63ca0eef9b3febe70ceea5b47a36fea7455eef69da9d1bda70d2bc9661ec2f2c_arm64",
"product_id": "rhacm2/iam-policy-controller-rhel9@sha256:63ca0eef9b3febe70ceea5b47a36fea7455eef69da9d1bda70d2bc9661ec2f2c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/iam-policy-controller-rhel9@sha256:63ca0eef9b3febe70ceea5b47a36fea7455eef69da9d1bda70d2bc9661ec2f2c?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/iam-policy-controller-rhel9\u0026tag=v2.10.4-16"
}
}
},
{
"category": "product_version",
"name": "rhacm2/insights-client-rhel9@sha256:cdf079542b23633884a52daa02d4b9182aaf7454e769186de4f495467686653d_arm64",
"product": {
"name": "rhacm2/insights-client-rhel9@sha256:cdf079542b23633884a52daa02d4b9182aaf7454e769186de4f495467686653d_arm64",
"product_id": "rhacm2/insights-client-rhel9@sha256:cdf079542b23633884a52daa02d4b9182aaf7454e769186de4f495467686653d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/insights-client-rhel9@sha256:cdf079542b23633884a52daa02d4b9182aaf7454e769186de4f495467686653d?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/insights-client-rhel9\u0026tag=v2.10.4-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/insights-metrics-rhel9@sha256:44f56f7a1ac2720ce815ea7aa824ea37a0bdcf63c637941ca84328578a735142_arm64",
"product": {
"name": "rhacm2/insights-metrics-rhel9@sha256:44f56f7a1ac2720ce815ea7aa824ea37a0bdcf63c637941ca84328578a735142_arm64",
"product_id": "rhacm2/insights-metrics-rhel9@sha256:44f56f7a1ac2720ce815ea7aa824ea37a0bdcf63c637941ca84328578a735142_arm64",
"product_identification_helper": {
"purl": "pkg:oci/insights-metrics-rhel9@sha256:44f56f7a1ac2720ce815ea7aa824ea37a0bdcf63c637941ca84328578a735142?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/insights-metrics-rhel9\u0026tag=v2.10.4-10"
}
}
},
{
"category": "product_version",
"name": "rhacm2/klusterlet-addon-controller-rhel9@sha256:cf0bf12f03bd0a4a09188d1f5b4820aa6e7f6e4a1fb1bc2c45559553907c6eae_arm64",
"product": {
"name": "rhacm2/klusterlet-addon-controller-rhel9@sha256:cf0bf12f03bd0a4a09188d1f5b4820aa6e7f6e4a1fb1bc2c45559553907c6eae_arm64",
"product_id": "rhacm2/klusterlet-addon-controller-rhel9@sha256:cf0bf12f03bd0a4a09188d1f5b4820aa6e7f6e4a1fb1bc2c45559553907c6eae_arm64",
"product_identification_helper": {
"purl": "pkg:oci/klusterlet-addon-controller-rhel9@sha256:cf0bf12f03bd0a4a09188d1f5b4820aa6e7f6e4a1fb1bc2c45559553907c6eae?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/klusterlet-addon-controller-rhel9\u0026tag=v2.10.4-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/kube-rbac-proxy-rhel9@sha256:355905503e1321fc2fd75b12bab33b2cb75cbfcc0d0e7e70400790da081abfd9_arm64",
"product": {
"name": "rhacm2/kube-rbac-proxy-rhel9@sha256:355905503e1321fc2fd75b12bab33b2cb75cbfcc0d0e7e70400790da081abfd9_arm64",
"product_id": "rhacm2/kube-rbac-proxy-rhel9@sha256:355905503e1321fc2fd75b12bab33b2cb75cbfcc0d0e7e70400790da081abfd9_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kube-rbac-proxy-rhel9@sha256:355905503e1321fc2fd75b12bab33b2cb75cbfcc0d0e7e70400790da081abfd9?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/kube-rbac-proxy-rhel9\u0026tag=v2.10.4-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/kube-state-metrics-rhel9@sha256:72f6c545d46d1cc6f3fb1b9cd6840f0496056d410c8ade62dd35d99dfdd60737_arm64",
"product": {
"name": "rhacm2/kube-state-metrics-rhel9@sha256:72f6c545d46d1cc6f3fb1b9cd6840f0496056d410c8ade62dd35d99dfdd60737_arm64",
"product_id": "rhacm2/kube-state-metrics-rhel9@sha256:72f6c545d46d1cc6f3fb1b9cd6840f0496056d410c8ade62dd35d99dfdd60737_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kube-state-metrics-rhel9@sha256:72f6c545d46d1cc6f3fb1b9cd6840f0496056d410c8ade62dd35d99dfdd60737?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/kube-state-metrics-rhel9\u0026tag=v2.10.4-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/memcached-rhel9@sha256:4af229aca50a46ec9f190fbeef603f1259223f81f5307f46de17ad8b8c9760e1_arm64",
"product": {
"name": "rhacm2/memcached-rhel9@sha256:4af229aca50a46ec9f190fbeef603f1259223f81f5307f46de17ad8b8c9760e1_arm64",
"product_id": "rhacm2/memcached-rhel9@sha256:4af229aca50a46ec9f190fbeef603f1259223f81f5307f46de17ad8b8c9760e1_arm64",
"product_identification_helper": {
"purl": "pkg:oci/memcached-rhel9@sha256:4af229aca50a46ec9f190fbeef603f1259223f81f5307f46de17ad8b8c9760e1?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/memcached-rhel9\u0026tag=v2.10.4-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/memcached-exporter-rhel9@sha256:36529c281273e5346ef5cce6a55e47c27fdaf2507a6f7971576b738b1c543258_arm64",
"product": {
"name": "rhacm2/memcached-exporter-rhel9@sha256:36529c281273e5346ef5cce6a55e47c27fdaf2507a6f7971576b738b1c543258_arm64",
"product_id": "rhacm2/memcached-exporter-rhel9@sha256:36529c281273e5346ef5cce6a55e47c27fdaf2507a6f7971576b738b1c543258_arm64",
"product_identification_helper": {
"purl": "pkg:oci/memcached-exporter-rhel9@sha256:36529c281273e5346ef5cce6a55e47c27fdaf2507a6f7971576b738b1c543258?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/memcached-exporter-rhel9\u0026tag=v2.10.4-6"
}
}
},
{
"category": "product_version",
"name": "rhacm2/metrics-collector-rhel9@sha256:eb32f5c275247babd03ec16b0978aced10a9b9da07a84f5af6be4d7c3852a6b7_arm64",
"product": {
"name": "rhacm2/metrics-collector-rhel9@sha256:eb32f5c275247babd03ec16b0978aced10a9b9da07a84f5af6be4d7c3852a6b7_arm64",
"product_id": "rhacm2/metrics-collector-rhel9@sha256:eb32f5c275247babd03ec16b0978aced10a9b9da07a84f5af6be4d7c3852a6b7_arm64",
"product_identification_helper": {
"purl": "pkg:oci/metrics-collector-rhel9@sha256:eb32f5c275247babd03ec16b0978aced10a9b9da07a84f5af6be4d7c3852a6b7?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/metrics-collector-rhel9\u0026tag=v2.10.4-16"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicloud-integrations-rhel9@sha256:606ea20603d86412a34478a3db9c17737cca2b04c26bcab175279028c822e492_arm64",
"product": {
"name": "rhacm2/multicloud-integrations-rhel9@sha256:606ea20603d86412a34478a3db9c17737cca2b04c26bcab175279028c822e492_arm64",
"product_id": "rhacm2/multicloud-integrations-rhel9@sha256:606ea20603d86412a34478a3db9c17737cca2b04c26bcab175279028c822e492_arm64",
"product_identification_helper": {
"purl": "pkg:oci/multicloud-integrations-rhel9@sha256:606ea20603d86412a34478a3db9c17737cca2b04c26bcab175279028c822e492?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/multicloud-integrations-rhel9\u0026tag=v2.10.4-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multiclusterhub-rhel9@sha256:5de91afd73b5a86865954ab3f6587f382f53e0856422ed975d9aa867bd0ffbf9_arm64",
"product": {
"name": "rhacm2/multiclusterhub-rhel9@sha256:5de91afd73b5a86865954ab3f6587f382f53e0856422ed975d9aa867bd0ffbf9_arm64",
"product_id": "rhacm2/multiclusterhub-rhel9@sha256:5de91afd73b5a86865954ab3f6587f382f53e0856422ed975d9aa867bd0ffbf9_arm64",
"product_identification_helper": {
"purl": "pkg:oci/multiclusterhub-rhel9@sha256:5de91afd73b5a86865954ab3f6587f382f53e0856422ed975d9aa867bd0ffbf9?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/multiclusterhub-rhel9\u0026tag=v2.10.4-16"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicluster-observability-rhel9-operator@sha256:f296c72dd6842481dad78536117aec3ff14d19be736e5679101bbfc92b87809b_arm64",
"product": {
"name": "rhacm2/multicluster-observability-rhel9-operator@sha256:f296c72dd6842481dad78536117aec3ff14d19be736e5679101bbfc92b87809b_arm64",
"product_id": "rhacm2/multicluster-observability-rhel9-operator@sha256:f296c72dd6842481dad78536117aec3ff14d19be736e5679101bbfc92b87809b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-observability-rhel9-operator@sha256:f296c72dd6842481dad78536117aec3ff14d19be736e5679101bbfc92b87809b?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/multicluster-observability-rhel9-operator\u0026tag=v2.10.4-16"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicluster-operators-application-rhel9@sha256:184f6068b077070b90ede3a2f4e81be398fd2841f042fc6f2f114fdfd4f1095b_arm64",
"product": {
"name": "rhacm2/multicluster-operators-application-rhel9@sha256:184f6068b077070b90ede3a2f4e81be398fd2841f042fc6f2f114fdfd4f1095b_arm64",
"product_id": "rhacm2/multicluster-operators-application-rhel9@sha256:184f6068b077070b90ede3a2f4e81be398fd2841f042fc6f2f114fdfd4f1095b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-operators-application-rhel9@sha256:184f6068b077070b90ede3a2f4e81be398fd2841f042fc6f2f114fdfd4f1095b?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-application-rhel9\u0026tag=v2.10.4-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicluster-operators-channel-rhel9@sha256:773c32065f60e4a2e626e17744d0a2cfc4049325f6664f899d8da949dc3fa4a6_arm64",
"product": {
"name": "rhacm2/multicluster-operators-channel-rhel9@sha256:773c32065f60e4a2e626e17744d0a2cfc4049325f6664f899d8da949dc3fa4a6_arm64",
"product_id": "rhacm2/multicluster-operators-channel-rhel9@sha256:773c32065f60e4a2e626e17744d0a2cfc4049325f6664f899d8da949dc3fa4a6_arm64",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-operators-channel-rhel9@sha256:773c32065f60e4a2e626e17744d0a2cfc4049325f6664f899d8da949dc3fa4a6?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-channel-rhel9\u0026tag=v2.10.4-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/multicluster-operators-subscription-rhel9@sha256:7eda39d696e452ec7e9da1473807e3134f149ed28d0ec873cf489451fbb007e0_arm64",
"product": {
"name": "rhacm2/multicluster-operators-subscription-rhel9@sha256:7eda39d696e452ec7e9da1473807e3134f149ed28d0ec873cf489451fbb007e0_arm64",
"product_id": "rhacm2/multicluster-operators-subscription-rhel9@sha256:7eda39d696e452ec7e9da1473807e3134f149ed28d0ec873cf489451fbb007e0_arm64",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-operators-subscription-rhel9@sha256:7eda39d696e452ec7e9da1473807e3134f149ed28d0ec873cf489451fbb007e0?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-subscription-rhel9\u0026tag=v2.10.4-12"
}
}
},
{
"category": "product_version",
"name": "rhacm2/node-exporter-rhel9@sha256:9611a92119f19e11c29e9e93b9c714499e60d06712da97d9fa77ed0fd0d4d33b_arm64",
"product": {
"name": "rhacm2/node-exporter-rhel9@sha256:9611a92119f19e11c29e9e93b9c714499e60d06712da97d9fa77ed0fd0d4d33b_arm64",
"product_id": "rhacm2/node-exporter-rhel9@sha256:9611a92119f19e11c29e9e93b9c714499e60d06712da97d9fa77ed0fd0d4d33b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/node-exporter-rhel9@sha256:9611a92119f19e11c29e9e93b9c714499e60d06712da97d9fa77ed0fd0d4d33b?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/node-exporter-rhel9\u0026tag=v2.10.4-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/observatorium-rhel9@sha256:10ee1d5c854a7daf0d33f1dc16529a7e1a3cb67fab5a626f8a42da705186265e_arm64",
"product": {
"name": "rhacm2/observatorium-rhel9@sha256:10ee1d5c854a7daf0d33f1dc16529a7e1a3cb67fab5a626f8a42da705186265e_arm64",
"product_id": "rhacm2/observatorium-rhel9@sha256:10ee1d5c854a7daf0d33f1dc16529a7e1a3cb67fab5a626f8a42da705186265e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/observatorium-rhel9@sha256:10ee1d5c854a7daf0d33f1dc16529a7e1a3cb67fab5a626f8a42da705186265e?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/observatorium-rhel9\u0026tag=v2.10.4-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/observatorium-rhel9-operator@sha256:414b191a314b0695aede28ac7229a064833d798e94d5b92a434e2eb3650983b6_arm64",
"product": {
"name": "rhacm2/observatorium-rhel9-operator@sha256:414b191a314b0695aede28ac7229a064833d798e94d5b92a434e2eb3650983b6_arm64",
"product_id": "rhacm2/observatorium-rhel9-operator@sha256:414b191a314b0695aede28ac7229a064833d798e94d5b92a434e2eb3650983b6_arm64",
"product_identification_helper": {
"purl": "pkg:oci/observatorium-rhel9-operator@sha256:414b191a314b0695aede28ac7229a064833d798e94d5b92a434e2eb3650983b6?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/observatorium-rhel9-operator\u0026tag=v2.10.4-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/prometheus-alertmanager-rhel9@sha256:25abc3028c69dedee05220fa4f0f32b7accc33ef519f46b23860612307db2181_arm64",
"product": {
"name": "rhacm2/prometheus-alertmanager-rhel9@sha256:25abc3028c69dedee05220fa4f0f32b7accc33ef519f46b23860612307db2181_arm64",
"product_id": "rhacm2/prometheus-alertmanager-rhel9@sha256:25abc3028c69dedee05220fa4f0f32b7accc33ef519f46b23860612307db2181_arm64",
"product_identification_helper": {
"purl": "pkg:oci/prometheus-alertmanager-rhel9@sha256:25abc3028c69dedee05220fa4f0f32b7accc33ef519f46b23860612307db2181?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/prometheus-alertmanager-rhel9\u0026tag=v2.10.4-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/prometheus-rhel9@sha256:98af2a53f9c59b0bdd6ee9c8f27eb00f65a870ee64ba8d503083a9a0d3aa2ec6_arm64",
"product": {
"name": "rhacm2/prometheus-rhel9@sha256:98af2a53f9c59b0bdd6ee9c8f27eb00f65a870ee64ba8d503083a9a0d3aa2ec6_arm64",
"product_id": "rhacm2/prometheus-rhel9@sha256:98af2a53f9c59b0bdd6ee9c8f27eb00f65a870ee64ba8d503083a9a0d3aa2ec6_arm64",
"product_identification_helper": {
"purl": "pkg:oci/prometheus-rhel9@sha256:98af2a53f9c59b0bdd6ee9c8f27eb00f65a870ee64ba8d503083a9a0d3aa2ec6?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/prometheus-rhel9\u0026tag=v2.10.4-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/rbac-query-proxy-rhel9@sha256:fe807380c43daaae2ca277ef4a6b6bace7842087112f7d242773a073797c908e_arm64",
"product": {
"name": "rhacm2/rbac-query-proxy-rhel9@sha256:fe807380c43daaae2ca277ef4a6b6bace7842087112f7d242773a073797c908e_arm64",
"product_id": "rhacm2/rbac-query-proxy-rhel9@sha256:fe807380c43daaae2ca277ef4a6b6bace7842087112f7d242773a073797c908e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rbac-query-proxy-rhel9@sha256:fe807380c43daaae2ca277ef4a6b6bace7842087112f7d242773a073797c908e?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/rbac-query-proxy-rhel9\u0026tag=v2.10.4-17"
}
}
},
{
"category": "product_version",
"name": "rhacm2/search-collector-rhel9@sha256:fe20c8e6fbf707c0467a4876405f2f8b395ac24ca554bd052f7f55da2df6371f_arm64",
"product": {
"name": "rhacm2/search-collector-rhel9@sha256:fe20c8e6fbf707c0467a4876405f2f8b395ac24ca554bd052f7f55da2df6371f_arm64",
"product_id": "rhacm2/search-collector-rhel9@sha256:fe20c8e6fbf707c0467a4876405f2f8b395ac24ca554bd052f7f55da2df6371f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/search-collector-rhel9@sha256:fe20c8e6fbf707c0467a4876405f2f8b395ac24ca554bd052f7f55da2df6371f?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/search-collector-rhel9\u0026tag=v2.10.4-10"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-addon-rhel9@sha256:9a6b6d7ed493c6c8c9962485404f551974cece1b59e7197f9ed6fce120ca7d0d_arm64",
"product": {
"name": "rhacm2/submariner-addon-rhel9@sha256:9a6b6d7ed493c6c8c9962485404f551974cece1b59e7197f9ed6fce120ca7d0d_arm64",
"product_id": "rhacm2/submariner-addon-rhel9@sha256:9a6b6d7ed493c6c8c9962485404f551974cece1b59e7197f9ed6fce120ca7d0d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/submariner-addon-rhel9@sha256:9a6b6d7ed493c6c8c9962485404f551974cece1b59e7197f9ed6fce120ca7d0d?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/submariner-addon-rhel9\u0026tag=v2.10.4-12"
}
}
},
{
"category": "product_version",
"name": "rhacm2/thanos-rhel9@sha256:e8e6c42e37b2c0ba6456d48afa747f3c6f167cbcf4523d5ad751351a932deefc_arm64",
"product": {
"name": "rhacm2/thanos-rhel9@sha256:e8e6c42e37b2c0ba6456d48afa747f3c6f167cbcf4523d5ad751351a932deefc_arm64",
"product_id": "rhacm2/thanos-rhel9@sha256:e8e6c42e37b2c0ba6456d48afa747f3c6f167cbcf4523d5ad751351a932deefc_arm64",
"product_identification_helper": {
"purl": "pkg:oci/thanos-rhel9@sha256:e8e6c42e37b2c0ba6456d48afa747f3c6f167cbcf4523d5ad751351a932deefc?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/thanos-rhel9\u0026tag=v2.10.4-8"
}
}
},
{
"category": "product_version",
"name": "rhacm2/thanos-receive-controller-rhel9@sha256:91f186246d963c2978023489ed7cd58dec2f57641fd2a2a0c16d2caa5377147c_arm64",
"product": {
"name": "rhacm2/thanos-receive-controller-rhel9@sha256:91f186246d963c2978023489ed7cd58dec2f57641fd2a2a0c16d2caa5377147c_arm64",
"product_id": "rhacm2/thanos-receive-controller-rhel9@sha256:91f186246d963c2978023489ed7cd58dec2f57641fd2a2a0c16d2caa5377147c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/thanos-receive-controller-rhel9@sha256:91f186246d963c2978023489ed7cd58dec2f57641fd2a2a0c16d2caa5377147c?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/thanos-receive-controller-rhel9\u0026tag=v2.10.4-7"
}
}
}
],
"category": "architecture",
"name": "arm64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-cluster-permission-rhel9@sha256:b9ef8ca2a002c616c6644cf16b80d5901d7b46034dc7e57ec1dd1d260cf0e32b_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/acm-cluster-permission-rhel9@sha256:b9ef8ca2a002c616c6644cf16b80d5901d7b46034dc7e57ec1dd1d260cf0e32b_s390x"
},
"product_reference": "rhacm2/acm-cluster-permission-rhel9@sha256:b9ef8ca2a002c616c6644cf16b80d5901d7b46034dc7e57ec1dd1d260cf0e32b_s390x",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-cluster-permission-rhel9@sha256:bd41dedb13ae9360d2e856ec6d52ea35b726425a65e92a00cd6037344ae5780e_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/acm-cluster-permission-rhel9@sha256:bd41dedb13ae9360d2e856ec6d52ea35b726425a65e92a00cd6037344ae5780e_amd64"
},
"product_reference": "rhacm2/acm-cluster-permission-rhel9@sha256:bd41dedb13ae9360d2e856ec6d52ea35b726425a65e92a00cd6037344ae5780e_amd64",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-cluster-permission-rhel9@sha256:dac35e93ff173bd30fefbdec8676fb605e28368aec3eccc4ac603f16eadcf31d_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/acm-cluster-permission-rhel9@sha256:dac35e93ff173bd30fefbdec8676fb605e28368aec3eccc4ac603f16eadcf31d_arm64"
},
"product_reference": "rhacm2/acm-cluster-permission-rhel9@sha256:dac35e93ff173bd30fefbdec8676fb605e28368aec3eccc4ac603f16eadcf31d_arm64",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-cluster-permission-rhel9@sha256:e8c9920427522b7ef645422b85ff1585e65b9d659c792e57201dfc06d6a13ffa_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/acm-cluster-permission-rhel9@sha256:e8c9920427522b7ef645422b85ff1585e65b9d659c792e57201dfc06d6a13ffa_ppc64le"
},
"product_reference": "rhacm2/acm-cluster-permission-rhel9@sha256:e8c9920427522b7ef645422b85ff1585e65b9d659c792e57201dfc06d6a13ffa_ppc64le",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-governance-policy-addon-controller-rhel9@sha256:65d709ef780d8d867c145b1ddf8e7031bd8e710972b21ed2d7b9d9ede0bfdb43_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/acm-governance-policy-addon-controller-rhel9@sha256:65d709ef780d8d867c145b1ddf8e7031bd8e710972b21ed2d7b9d9ede0bfdb43_s390x"
},
"product_reference": "rhacm2/acm-governance-policy-addon-controller-rhel9@sha256:65d709ef780d8d867c145b1ddf8e7031bd8e710972b21ed2d7b9d9ede0bfdb43_s390x",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-governance-policy-addon-controller-rhel9@sha256:87988ad277b62bbcc061dbe4242bfc2edcc21dc98c4c7c66385131c0425b0fa7_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/acm-governance-policy-addon-controller-rhel9@sha256:87988ad277b62bbcc061dbe4242bfc2edcc21dc98c4c7c66385131c0425b0fa7_ppc64le"
},
"product_reference": "rhacm2/acm-governance-policy-addon-controller-rhel9@sha256:87988ad277b62bbcc061dbe4242bfc2edcc21dc98c4c7c66385131c0425b0fa7_ppc64le",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-governance-policy-addon-controller-rhel9@sha256:9af1cb9605a8fdf7212a079ed8fa51b110b367c705a51651ba3933e936519e7f_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/acm-governance-policy-addon-controller-rhel9@sha256:9af1cb9605a8fdf7212a079ed8fa51b110b367c705a51651ba3933e936519e7f_arm64"
},
"product_reference": "rhacm2/acm-governance-policy-addon-controller-rhel9@sha256:9af1cb9605a8fdf7212a079ed8fa51b110b367c705a51651ba3933e936519e7f_arm64",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-governance-policy-addon-controller-rhel9@sha256:c6e3728b6687b8c83a11c326e4fd098ceef3f501725efbdfcb0ded0645a1473e_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/acm-governance-policy-addon-controller-rhel9@sha256:c6e3728b6687b8c83a11c326e4fd098ceef3f501725efbdfcb0ded0645a1473e_amd64"
},
"product_reference": "rhacm2/acm-governance-policy-addon-controller-rhel9@sha256:c6e3728b6687b8c83a11c326e4fd098ceef3f501725efbdfcb0ded0645a1473e_amd64",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-governance-policy-framework-addon-rhel9@sha256:3101f1389311c0006c0fb9953c44d5fff9e968597952103a5a873a7a4c4707da_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/acm-governance-policy-framework-addon-rhel9@sha256:3101f1389311c0006c0fb9953c44d5fff9e968597952103a5a873a7a4c4707da_amd64"
},
"product_reference": "rhacm2/acm-governance-policy-framework-addon-rhel9@sha256:3101f1389311c0006c0fb9953c44d5fff9e968597952103a5a873a7a4c4707da_amd64",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-governance-policy-framework-addon-rhel9@sha256:4536de55598f032ad91056c779ec2faea5c28de557a730d50cb2b2aba9b3bf00_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/acm-governance-policy-framework-addon-rhel9@sha256:4536de55598f032ad91056c779ec2faea5c28de557a730d50cb2b2aba9b3bf00_s390x"
},
"product_reference": "rhacm2/acm-governance-policy-framework-addon-rhel9@sha256:4536de55598f032ad91056c779ec2faea5c28de557a730d50cb2b2aba9b3bf00_s390x",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-governance-policy-framework-addon-rhel9@sha256:587fc80d3d6e3f2295272934fb39cfa3b96f5a2652a533b6b01cc6b04d10cb66_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/acm-governance-policy-framework-addon-rhel9@sha256:587fc80d3d6e3f2295272934fb39cfa3b96f5a2652a533b6b01cc6b04d10cb66_ppc64le"
},
"product_reference": "rhacm2/acm-governance-policy-framework-addon-rhel9@sha256:587fc80d3d6e3f2295272934fb39cfa3b96f5a2652a533b6b01cc6b04d10cb66_ppc64le",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-governance-policy-framework-addon-rhel9@sha256:63246c061e7960a656cb66c8ccca2b7bed943c9a1fe96a28f9cd99829608cda5_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/acm-governance-policy-framework-addon-rhel9@sha256:63246c061e7960a656cb66c8ccca2b7bed943c9a1fe96a28f9cd99829608cda5_arm64"
},
"product_reference": "rhacm2/acm-governance-policy-framework-addon-rhel9@sha256:63246c061e7960a656cb66c8ccca2b7bed943c9a1fe96a28f9cd99829608cda5_arm64",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-grafana-rhel9@sha256:1cd1c6a91611569a855444430c527a8bebbe113f77dd47dcfc2b8305c3a26a13_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/acm-grafana-rhel9@sha256:1cd1c6a91611569a855444430c527a8bebbe113f77dd47dcfc2b8305c3a26a13_s390x"
},
"product_reference": "rhacm2/acm-grafana-rhel9@sha256:1cd1c6a91611569a855444430c527a8bebbe113f77dd47dcfc2b8305c3a26a13_s390x",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-grafana-rhel9@sha256:3a59dd5e30b37f1e1feffba959d88d3aab37701500203afb71b2d38958236b85_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/acm-grafana-rhel9@sha256:3a59dd5e30b37f1e1feffba959d88d3aab37701500203afb71b2d38958236b85_amd64"
},
"product_reference": "rhacm2/acm-grafana-rhel9@sha256:3a59dd5e30b37f1e1feffba959d88d3aab37701500203afb71b2d38958236b85_amd64",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-grafana-rhel9@sha256:b488d250bc1c82f3f7e26a1bc741dee02e57b3e3d40cf2965e541d2c5727ec65_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/acm-grafana-rhel9@sha256:b488d250bc1c82f3f7e26a1bc741dee02e57b3e3d40cf2965e541d2c5727ec65_ppc64le"
},
"product_reference": "rhacm2/acm-grafana-rhel9@sha256:b488d250bc1c82f3f7e26a1bc741dee02e57b3e3d40cf2965e541d2c5727ec65_ppc64le",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-grafana-rhel9@sha256:df4024e8506d0926ad81943684532dd9e4054f26d23da6e329f593239b5a1513_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/acm-grafana-rhel9@sha256:df4024e8506d0926ad81943684532dd9e4054f26d23da6e329f593239b5a1513_arm64"
},
"product_reference": "rhacm2/acm-grafana-rhel9@sha256:df4024e8506d0926ad81943684532dd9e4054f26d23da6e329f593239b5a1513_arm64",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-must-gather-rhel9@sha256:66bca60baa85bc23963b5955fe57e8b7b7038c1088e2ce60f1fedc1a41d944dc_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/acm-must-gather-rhel9@sha256:66bca60baa85bc23963b5955fe57e8b7b7038c1088e2ce60f1fedc1a41d944dc_arm64"
},
"product_reference": "rhacm2/acm-must-gather-rhel9@sha256:66bca60baa85bc23963b5955fe57e8b7b7038c1088e2ce60f1fedc1a41d944dc_arm64",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-must-gather-rhel9@sha256:92d087992acf383c2f06ed92996049c412fc1fef76be10fc40eb6ba2e4b2f9be_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/acm-must-gather-rhel9@sha256:92d087992acf383c2f06ed92996049c412fc1fef76be10fc40eb6ba2e4b2f9be_ppc64le"
},
"product_reference": "rhacm2/acm-must-gather-rhel9@sha256:92d087992acf383c2f06ed92996049c412fc1fef76be10fc40eb6ba2e4b2f9be_ppc64le",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-must-gather-rhel9@sha256:bfc79c952b6f62658ef36373af72e6213de78ba1c3a18f018add4295d8ae72f8_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/acm-must-gather-rhel9@sha256:bfc79c952b6f62658ef36373af72e6213de78ba1c3a18f018add4295d8ae72f8_s390x"
},
"product_reference": "rhacm2/acm-must-gather-rhel9@sha256:bfc79c952b6f62658ef36373af72e6213de78ba1c3a18f018add4295d8ae72f8_s390x",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-must-gather-rhel9@sha256:fb9fa96ebaba320dd723e7d5727b20c63f66aa6c39f460a6270c572354123fd9_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/acm-must-gather-rhel9@sha256:fb9fa96ebaba320dd723e7d5727b20c63f66aa6c39f460a6270c572354123fd9_amd64"
},
"product_reference": "rhacm2/acm-must-gather-rhel9@sha256:fb9fa96ebaba320dd723e7d5727b20c63f66aa6c39f460a6270c572354123fd9_amd64",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-operator-bundle@sha256:190d00bcb1bdbf289cc4ae87f738aeabe04470194e51870c572876e4c118d712_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/acm-operator-bundle@sha256:190d00bcb1bdbf289cc4ae87f738aeabe04470194e51870c572876e4c118d712_ppc64le"
},
"product_reference": "rhacm2/acm-operator-bundle@sha256:190d00bcb1bdbf289cc4ae87f738aeabe04470194e51870c572876e4c118d712_ppc64le",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-operator-bundle@sha256:304e9a12e0c7b7be0444efd26764d32818fc3ad1ad936b565232f5f82a5f72fe_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/acm-operator-bundle@sha256:304e9a12e0c7b7be0444efd26764d32818fc3ad1ad936b565232f5f82a5f72fe_amd64"
},
"product_reference": "rhacm2/acm-operator-bundle@sha256:304e9a12e0c7b7be0444efd26764d32818fc3ad1ad936b565232f5f82a5f72fe_amd64",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-operator-bundle@sha256:cc65cb3804a7e6150028a6f1c60fcbdb78c42689769ff9378922491481947aed_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/acm-operator-bundle@sha256:cc65cb3804a7e6150028a6f1c60fcbdb78c42689769ff9378922491481947aed_s390x"
},
"product_reference": "rhacm2/acm-operator-bundle@sha256:cc65cb3804a7e6150028a6f1c60fcbdb78c42689769ff9378922491481947aed_s390x",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-prometheus-config-reloader-rhel9@sha256:0b885dfd28d82220fdb03b7bca0e1ed2fc941bc712e536af71e4e11ee9defee4_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/acm-prometheus-config-reloader-rhel9@sha256:0b885dfd28d82220fdb03b7bca0e1ed2fc941bc712e536af71e4e11ee9defee4_amd64"
},
"product_reference": "rhacm2/acm-prometheus-config-reloader-rhel9@sha256:0b885dfd28d82220fdb03b7bca0e1ed2fc941bc712e536af71e4e11ee9defee4_amd64",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-prometheus-config-reloader-rhel9@sha256:53cd755cea5a527c089321e5571c14ad0fd5d55b16e7c2acddc2a7c9670cffd2_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/acm-prometheus-config-reloader-rhel9@sha256:53cd755cea5a527c089321e5571c14ad0fd5d55b16e7c2acddc2a7c9670cffd2_arm64"
},
"product_reference": "rhacm2/acm-prometheus-config-reloader-rhel9@sha256:53cd755cea5a527c089321e5571c14ad0fd5d55b16e7c2acddc2a7c9670cffd2_arm64",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-prometheus-config-reloader-rhel9@sha256:8f18c68e47b66926d14795818f3a1dc21ffdcbcf1a220c7518194416602b19ac_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/acm-prometheus-config-reloader-rhel9@sha256:8f18c68e47b66926d14795818f3a1dc21ffdcbcf1a220c7518194416602b19ac_ppc64le"
},
"product_reference": "rhacm2/acm-prometheus-config-reloader-rhel9@sha256:8f18c68e47b66926d14795818f3a1dc21ffdcbcf1a220c7518194416602b19ac_ppc64le",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-prometheus-config-reloader-rhel9@sha256:be5be2fe888521fd8ac6d7ebca3cf127724128eb6ff4e11f90d61a4af60f1bee_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/acm-prometheus-config-reloader-rhel9@sha256:be5be2fe888521fd8ac6d7ebca3cf127724128eb6ff4e11f90d61a4af60f1bee_s390x"
},
"product_reference": "rhacm2/acm-prometheus-config-reloader-rhel9@sha256:be5be2fe888521fd8ac6d7ebca3cf127724128eb6ff4e11f90d61a4af60f1bee_s390x",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-prometheus-rhel9@sha256:8da9c5a18b42861d11e3df3f37b5f47b810af1b25beec208ce75b6f69d913ecd_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/acm-prometheus-rhel9@sha256:8da9c5a18b42861d11e3df3f37b5f47b810af1b25beec208ce75b6f69d913ecd_s390x"
},
"product_reference": "rhacm2/acm-prometheus-rhel9@sha256:8da9c5a18b42861d11e3df3f37b5f47b810af1b25beec208ce75b6f69d913ecd_s390x",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-prometheus-rhel9@sha256:91ec246784f1e7cdd0c20ab36ea09f13e553c043851699dae6191ea1ce101a61_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/acm-prometheus-rhel9@sha256:91ec246784f1e7cdd0c20ab36ea09f13e553c043851699dae6191ea1ce101a61_arm64"
},
"product_reference": "rhacm2/acm-prometheus-rhel9@sha256:91ec246784f1e7cdd0c20ab36ea09f13e553c043851699dae6191ea1ce101a61_arm64",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-prometheus-rhel9@sha256:969cc23c2f503797d491c797220e09b1682887742f669d338a5fd3613908148d_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/acm-prometheus-rhel9@sha256:969cc23c2f503797d491c797220e09b1682887742f669d338a5fd3613908148d_amd64"
},
"product_reference": "rhacm2/acm-prometheus-rhel9@sha256:969cc23c2f503797d491c797220e09b1682887742f669d338a5fd3613908148d_amd64",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-prometheus-rhel9@sha256:a1b920873dbb0984f41a8b49a4e0263c9756d909391601290b8a67278596327b_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/acm-prometheus-rhel9@sha256:a1b920873dbb0984f41a8b49a4e0263c9756d909391601290b8a67278596327b_ppc64le"
},
"product_reference": "rhacm2/acm-prometheus-rhel9@sha256:a1b920873dbb0984f41a8b49a4e0263c9756d909391601290b8a67278596327b_ppc64le",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-search-indexer-rhel9@sha256:21476ec5340f5e98451f83d7d455f86e8368ed4c882f564cf80b234dc2ceae1a_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/acm-search-indexer-rhel9@sha256:21476ec5340f5e98451f83d7d455f86e8368ed4c882f564cf80b234dc2ceae1a_amd64"
},
"product_reference": "rhacm2/acm-search-indexer-rhel9@sha256:21476ec5340f5e98451f83d7d455f86e8368ed4c882f564cf80b234dc2ceae1a_amd64",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-search-indexer-rhel9@sha256:47083a8e2f6234e7e3743c2f7d5cc433ad76a46a609f65640e047bfa9557082c_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/acm-search-indexer-rhel9@sha256:47083a8e2f6234e7e3743c2f7d5cc433ad76a46a609f65640e047bfa9557082c_s390x"
},
"product_reference": "rhacm2/acm-search-indexer-rhel9@sha256:47083a8e2f6234e7e3743c2f7d5cc433ad76a46a609f65640e047bfa9557082c_s390x",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-search-indexer-rhel9@sha256:95c15180b6b25c453b8aa81c42b106d6e9fb1d832761a3b2b06922c0ceee4d7b_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/acm-search-indexer-rhel9@sha256:95c15180b6b25c453b8aa81c42b106d6e9fb1d832761a3b2b06922c0ceee4d7b_arm64"
},
"product_reference": "rhacm2/acm-search-indexer-rhel9@sha256:95c15180b6b25c453b8aa81c42b106d6e9fb1d832761a3b2b06922c0ceee4d7b_arm64",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-search-indexer-rhel9@sha256:9ba73ef3b2447b16aab7503bce4e480441b272e997dab87ee9cc4b0f1ac040ba_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/acm-search-indexer-rhel9@sha256:9ba73ef3b2447b16aab7503bce4e480441b272e997dab87ee9cc4b0f1ac040ba_ppc64le"
},
"product_reference": "rhacm2/acm-search-indexer-rhel9@sha256:9ba73ef3b2447b16aab7503bce4e480441b272e997dab87ee9cc4b0f1ac040ba_ppc64le",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-search-v2-api-rhel9@sha256:1891db398d822cb0c424245928033240dfdcfd35d21ab052379d432423a6e038_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/acm-search-v2-api-rhel9@sha256:1891db398d822cb0c424245928033240dfdcfd35d21ab052379d432423a6e038_s390x"
},
"product_reference": "rhacm2/acm-search-v2-api-rhel9@sha256:1891db398d822cb0c424245928033240dfdcfd35d21ab052379d432423a6e038_s390x",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-search-v2-api-rhel9@sha256:247e052a3b5bc9708f1c0953f09c942414852f2109a9694af864375032072ae2_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/acm-search-v2-api-rhel9@sha256:247e052a3b5bc9708f1c0953f09c942414852f2109a9694af864375032072ae2_arm64"
},
"product_reference": "rhacm2/acm-search-v2-api-rhel9@sha256:247e052a3b5bc9708f1c0953f09c942414852f2109a9694af864375032072ae2_arm64",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-search-v2-api-rhel9@sha256:51a415f07cfadd9ae5b4b29cb3247b5085bb18edad8df566c47dc7e89ef0939e_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/acm-search-v2-api-rhel9@sha256:51a415f07cfadd9ae5b4b29cb3247b5085bb18edad8df566c47dc7e89ef0939e_amd64"
},
"product_reference": "rhacm2/acm-search-v2-api-rhel9@sha256:51a415f07cfadd9ae5b4b29cb3247b5085bb18edad8df566c47dc7e89ef0939e_amd64",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-search-v2-api-rhel9@sha256:756982578354d8a66399f2464602458f80bd398e46656a3d86c9303fa2068900_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/acm-search-v2-api-rhel9@sha256:756982578354d8a66399f2464602458f80bd398e46656a3d86c9303fa2068900_ppc64le"
},
"product_reference": "rhacm2/acm-search-v2-api-rhel9@sha256:756982578354d8a66399f2464602458f80bd398e46656a3d86c9303fa2068900_ppc64le",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-search-v2-rhel9@sha256:329f59a93ce1e2aab017a924db00b6aaca4c8ee40b5d5c2358af11af2e5319bd_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/acm-search-v2-rhel9@sha256:329f59a93ce1e2aab017a924db00b6aaca4c8ee40b5d5c2358af11af2e5319bd_s390x"
},
"product_reference": "rhacm2/acm-search-v2-rhel9@sha256:329f59a93ce1e2aab017a924db00b6aaca4c8ee40b5d5c2358af11af2e5319bd_s390x",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-search-v2-rhel9@sha256:9e2aa6686deee7b78bda5dcb08dad31c87a9653e48788df4e8bb39d4965c9101_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/acm-search-v2-rhel9@sha256:9e2aa6686deee7b78bda5dcb08dad31c87a9653e48788df4e8bb39d4965c9101_arm64"
},
"product_reference": "rhacm2/acm-search-v2-rhel9@sha256:9e2aa6686deee7b78bda5dcb08dad31c87a9653e48788df4e8bb39d4965c9101_arm64",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-search-v2-rhel9@sha256:e995897416f24436e6bef220bd4d5b3ba8fbd26c97fbd5e250391a3aef14bce5_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/acm-search-v2-rhel9@sha256:e995897416f24436e6bef220bd4d5b3ba8fbd26c97fbd5e250391a3aef14bce5_amd64"
},
"product_reference": "rhacm2/acm-search-v2-rhel9@sha256:e995897416f24436e6bef220bd4d5b3ba8fbd26c97fbd5e250391a3aef14bce5_amd64",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-search-v2-rhel9@sha256:f45417abdf399566fa98b0686ab4b2b55d776b6dfa67b7b7c24565b084c39165_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/acm-search-v2-rhel9@sha256:f45417abdf399566fa98b0686ab4b2b55d776b6dfa67b7b7c24565b084c39165_ppc64le"
},
"product_reference": "rhacm2/acm-search-v2-rhel9@sha256:f45417abdf399566fa98b0686ab4b2b55d776b6dfa67b7b7c24565b084c39165_ppc64le",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-volsync-addon-controller-rhel9@sha256:055c5ab4b2045571efe53bbd4ca54ba8a17a2cf590dad70c65667ed6b11ca86a_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/acm-volsync-addon-controller-rhel9@sha256:055c5ab4b2045571efe53bbd4ca54ba8a17a2cf590dad70c65667ed6b11ca86a_arm64"
},
"product_reference": "rhacm2/acm-volsync-addon-controller-rhel9@sha256:055c5ab4b2045571efe53bbd4ca54ba8a17a2cf590dad70c65667ed6b11ca86a_arm64",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-volsync-addon-controller-rhel9@sha256:60070927868e0538d31090138892fe64445321098b3874880fd21e7dcc1ffae7_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/acm-volsync-addon-controller-rhel9@sha256:60070927868e0538d31090138892fe64445321098b3874880fd21e7dcc1ffae7_amd64"
},
"product_reference": "rhacm2/acm-volsync-addon-controller-rhel9@sha256:60070927868e0538d31090138892fe64445321098b3874880fd21e7dcc1ffae7_amd64",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-volsync-addon-controller-rhel9@sha256:cc991f8f8af9337ab908f6564b4b77daef5893dc2759ff483142ef659a6a4b30_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/acm-volsync-addon-controller-rhel9@sha256:cc991f8f8af9337ab908f6564b4b77daef5893dc2759ff483142ef659a6a4b30_ppc64le"
},
"product_reference": "rhacm2/acm-volsync-addon-controller-rhel9@sha256:cc991f8f8af9337ab908f6564b4b77daef5893dc2759ff483142ef659a6a4b30_ppc64le",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/acm-volsync-addon-controller-rhel9@sha256:faee49ca0c46781594189977f3ab5805060cd0a95e47ba575ec05bb549e21a69_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/acm-volsync-addon-controller-rhel9@sha256:faee49ca0c46781594189977f3ab5805060cd0a95e47ba575ec05bb549e21a69_s390x"
},
"product_reference": "rhacm2/acm-volsync-addon-controller-rhel9@sha256:faee49ca0c46781594189977f3ab5805060cd0a95e47ba575ec05bb549e21a69_s390x",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/cert-policy-controller-rhel9@sha256:081c86b4c25876ac0734a0caff771a30b848530f1e89f9e0d3ee3f743f579e9c_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/cert-policy-controller-rhel9@sha256:081c86b4c25876ac0734a0caff771a30b848530f1e89f9e0d3ee3f743f579e9c_s390x"
},
"product_reference": "rhacm2/cert-policy-controller-rhel9@sha256:081c86b4c25876ac0734a0caff771a30b848530f1e89f9e0d3ee3f743f579e9c_s390x",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/cert-policy-controller-rhel9@sha256:318f11ebe87bc1feced78f9d2ae66856884606c721e15d2d05045562d248ac3f_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/cert-policy-controller-rhel9@sha256:318f11ebe87bc1feced78f9d2ae66856884606c721e15d2d05045562d248ac3f_arm64"
},
"product_reference": "rhacm2/cert-policy-controller-rhel9@sha256:318f11ebe87bc1feced78f9d2ae66856884606c721e15d2d05045562d248ac3f_arm64",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/cert-policy-controller-rhel9@sha256:5daaad58a8979d386830224e133a3bbc713b63039a99eda9a69487b999e71965_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/cert-policy-controller-rhel9@sha256:5daaad58a8979d386830224e133a3bbc713b63039a99eda9a69487b999e71965_amd64"
},
"product_reference": "rhacm2/cert-policy-controller-rhel9@sha256:5daaad58a8979d386830224e133a3bbc713b63039a99eda9a69487b999e71965_amd64",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/cert-policy-controller-rhel9@sha256:bffedd5eb97a49dd210b51423ba8938684be1cb41dd79d06b2aab94bc0bb4963_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/cert-policy-controller-rhel9@sha256:bffedd5eb97a49dd210b51423ba8938684be1cb41dd79d06b2aab94bc0bb4963_ppc64le"
},
"product_reference": "rhacm2/cert-policy-controller-rhel9@sha256:bffedd5eb97a49dd210b51423ba8938684be1cb41dd79d06b2aab94bc0bb4963_ppc64le",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/cluster-backup-rhel9-operator@sha256:0d141d0fa859ae0061605f2fe13381be2b6ebd9d8c6b91ca171a8e61e52842be_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/cluster-backup-rhel9-operator@sha256:0d141d0fa859ae0061605f2fe13381be2b6ebd9d8c6b91ca171a8e61e52842be_ppc64le"
},
"product_reference": "rhacm2/cluster-backup-rhel9-operator@sha256:0d141d0fa859ae0061605f2fe13381be2b6ebd9d8c6b91ca171a8e61e52842be_ppc64le",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/cluster-backup-rhel9-operator@sha256:3a8bace1bb325142a64a4432543a828050e2e87de91a08dca793534841b7b841_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/cluster-backup-rhel9-operator@sha256:3a8bace1bb325142a64a4432543a828050e2e87de91a08dca793534841b7b841_amd64"
},
"product_reference": "rhacm2/cluster-backup-rhel9-operator@sha256:3a8bace1bb325142a64a4432543a828050e2e87de91a08dca793534841b7b841_amd64",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/cluster-backup-rhel9-operator@sha256:66f67d2d8c09634e2e5ae0be07437cb1918f6b506e35bc9b7af82f4979dfc4ed_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/cluster-backup-rhel9-operator@sha256:66f67d2d8c09634e2e5ae0be07437cb1918f6b506e35bc9b7af82f4979dfc4ed_s390x"
},
"product_reference": "rhacm2/cluster-backup-rhel9-operator@sha256:66f67d2d8c09634e2e5ae0be07437cb1918f6b506e35bc9b7af82f4979dfc4ed_s390x",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/cluster-backup-rhel9-operator@sha256:ac726852c9aa7e54aa4d75c6c485b429f16fffbb61d2840b527c5a1cfdb5c842_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/cluster-backup-rhel9-operator@sha256:ac726852c9aa7e54aa4d75c6c485b429f16fffbb61d2840b527c5a1cfdb5c842_arm64"
},
"product_reference": "rhacm2/cluster-backup-rhel9-operator@sha256:ac726852c9aa7e54aa4d75c6c485b429f16fffbb61d2840b527c5a1cfdb5c842_arm64",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/config-policy-controller-rhel9@sha256:0ef8fdea99a8fd44feff31b4883a6ecd17eeabb5e8c9ccbdbdd30c32cc2cbe64_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/config-policy-controller-rhel9@sha256:0ef8fdea99a8fd44feff31b4883a6ecd17eeabb5e8c9ccbdbdd30c32cc2cbe64_amd64"
},
"product_reference": "rhacm2/config-policy-controller-rhel9@sha256:0ef8fdea99a8fd44feff31b4883a6ecd17eeabb5e8c9ccbdbdd30c32cc2cbe64_amd64",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/config-policy-controller-rhel9@sha256:b7ff6680725a8bb31edf5dc58d82ac0b9d201ba8eac4c6f2ea4c3cd35f52915a_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/config-policy-controller-rhel9@sha256:b7ff6680725a8bb31edf5dc58d82ac0b9d201ba8eac4c6f2ea4c3cd35f52915a_s390x"
},
"product_reference": "rhacm2/config-policy-controller-rhel9@sha256:b7ff6680725a8bb31edf5dc58d82ac0b9d201ba8eac4c6f2ea4c3cd35f52915a_s390x",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/config-policy-controller-rhel9@sha256:d4456a33f0488db9c77d12a279500b68a41441a8ff6c8cc9723a7ccc46e90dc7_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/config-policy-controller-rhel9@sha256:d4456a33f0488db9c77d12a279500b68a41441a8ff6c8cc9723a7ccc46e90dc7_arm64"
},
"product_reference": "rhacm2/config-policy-controller-rhel9@sha256:d4456a33f0488db9c77d12a279500b68a41441a8ff6c8cc9723a7ccc46e90dc7_arm64",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/config-policy-controller-rhel9@sha256:d6e8119559b01231206654d2a57114862c4c6b5ca604ccf7b92e53bea6e2e2c2_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/config-policy-controller-rhel9@sha256:d6e8119559b01231206654d2a57114862c4c6b5ca604ccf7b92e53bea6e2e2c2_ppc64le"
},
"product_reference": "rhacm2/config-policy-controller-rhel9@sha256:d6e8119559b01231206654d2a57114862c4c6b5ca604ccf7b92e53bea6e2e2c2_ppc64le",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/console-rhel9@sha256:4ee3bbdcc190cd6c3e1eff8bfabe8ca3cd9e61ab5d824983a955e6d509238041_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/console-rhel9@sha256:4ee3bbdcc190cd6c3e1eff8bfabe8ca3cd9e61ab5d824983a955e6d509238041_arm64"
},
"product_reference": "rhacm2/console-rhel9@sha256:4ee3bbdcc190cd6c3e1eff8bfabe8ca3cd9e61ab5d824983a955e6d509238041_arm64",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/console-rhel9@sha256:5fe6fb2bd7e31a960bc018d870af482f668ab417d601d94a5ac5981fd116a852_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/console-rhel9@sha256:5fe6fb2bd7e31a960bc018d870af482f668ab417d601d94a5ac5981fd116a852_s390x"
},
"product_reference": "rhacm2/console-rhel9@sha256:5fe6fb2bd7e31a960bc018d870af482f668ab417d601d94a5ac5981fd116a852_s390x",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/console-rhel9@sha256:9005fc71b91a5d2a1fe502e90d57cea2285d1218ad6e49f4bcdd77bf560c5765_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/console-rhel9@sha256:9005fc71b91a5d2a1fe502e90d57cea2285d1218ad6e49f4bcdd77bf560c5765_ppc64le"
},
"product_reference": "rhacm2/console-rhel9@sha256:9005fc71b91a5d2a1fe502e90d57cea2285d1218ad6e49f4bcdd77bf560c5765_ppc64le",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/console-rhel9@sha256:b3bc8c5f587da2c7ce4e25d5d2e72b08939071297cf3fdc5d51fb631d99aa168_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/console-rhel9@sha256:b3bc8c5f587da2c7ce4e25d5d2e72b08939071297cf3fdc5d51fb631d99aa168_amd64"
},
"product_reference": "rhacm2/console-rhel9@sha256:b3bc8c5f587da2c7ce4e25d5d2e72b08939071297cf3fdc5d51fb631d99aa168_amd64",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/endpoint-monitoring-rhel9-operator@sha256:75bc23118d6e3ae1ec142a6f47a871efcd8ec5aa6da2bef7cf24e716b3b3be3c_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/endpoint-monitoring-rhel9-operator@sha256:75bc23118d6e3ae1ec142a6f47a871efcd8ec5aa6da2bef7cf24e716b3b3be3c_s390x"
},
"product_reference": "rhacm2/endpoint-monitoring-rhel9-operator@sha256:75bc23118d6e3ae1ec142a6f47a871efcd8ec5aa6da2bef7cf24e716b3b3be3c_s390x",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/endpoint-monitoring-rhel9-operator@sha256:cf7be8fd6b726cb7ba8a3f57e14e20d7944245759cd6e8bd26dca4d666fb866a_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/endpoint-monitoring-rhel9-operator@sha256:cf7be8fd6b726cb7ba8a3f57e14e20d7944245759cd6e8bd26dca4d666fb866a_arm64"
},
"product_reference": "rhacm2/endpoint-monitoring-rhel9-operator@sha256:cf7be8fd6b726cb7ba8a3f57e14e20d7944245759cd6e8bd26dca4d666fb866a_arm64",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/endpoint-monitoring-rhel9-operator@sha256:d8c3352fceb6a53e110f76501bb2c2f4cf7a9284f9dd30dee3fe3e015b622195_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/endpoint-monitoring-rhel9-operator@sha256:d8c3352fceb6a53e110f76501bb2c2f4cf7a9284f9dd30dee3fe3e015b622195_amd64"
},
"product_reference": "rhacm2/endpoint-monitoring-rhel9-operator@sha256:d8c3352fceb6a53e110f76501bb2c2f4cf7a9284f9dd30dee3fe3e015b622195_amd64",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/endpoint-monitoring-rhel9-operator@sha256:e177864e6bc3b6e66f1f455229257210b77a3b7d0e18c480d252ed79f03bf67a_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/endpoint-monitoring-rhel9-operator@sha256:e177864e6bc3b6e66f1f455229257210b77a3b7d0e18c480d252ed79f03bf67a_ppc64le"
},
"product_reference": "rhacm2/endpoint-monitoring-rhel9-operator@sha256:e177864e6bc3b6e66f1f455229257210b77a3b7d0e18c480d252ed79f03bf67a_ppc64le",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/governance-policy-propagator-rhel9@sha256:400644c05d5768fb7460bb3f8bfa880bc21e91f365130d13877f015ba2146358_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/governance-policy-propagator-rhel9@sha256:400644c05d5768fb7460bb3f8bfa880bc21e91f365130d13877f015ba2146358_amd64"
},
"product_reference": "rhacm2/governance-policy-propagator-rhel9@sha256:400644c05d5768fb7460bb3f8bfa880bc21e91f365130d13877f015ba2146358_amd64",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/governance-policy-propagator-rhel9@sha256:46deef6c168120168168820dad57ce9b2d2641be926772eaeba2d03d3d324e2a_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/governance-policy-propagator-rhel9@sha256:46deef6c168120168168820dad57ce9b2d2641be926772eaeba2d03d3d324e2a_s390x"
},
"product_reference": "rhacm2/governance-policy-propagator-rhel9@sha256:46deef6c168120168168820dad57ce9b2d2641be926772eaeba2d03d3d324e2a_s390x",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/governance-policy-propagator-rhel9@sha256:4e9143f58e4755b86526d113040acd0ee0069fefe9243e08c864c35d25b276e9_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/governance-policy-propagator-rhel9@sha256:4e9143f58e4755b86526d113040acd0ee0069fefe9243e08c864c35d25b276e9_ppc64le"
},
"product_reference": "rhacm2/governance-policy-propagator-rhel9@sha256:4e9143f58e4755b86526d113040acd0ee0069fefe9243e08c864c35d25b276e9_ppc64le",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/governance-policy-propagator-rhel9@sha256:8947a68138c101fdc355b94a4deb0d02f44de025fe733e8d5fb28f5fce93b7c9_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/governance-policy-propagator-rhel9@sha256:8947a68138c101fdc355b94a4deb0d02f44de025fe733e8d5fb28f5fce93b7c9_arm64"
},
"product_reference": "rhacm2/governance-policy-propagator-rhel9@sha256:8947a68138c101fdc355b94a4deb0d02f44de025fe733e8d5fb28f5fce93b7c9_arm64",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/grafana-dashboard-loader-rhel9@sha256:26a08abd967f17e23975b728768e2f561750856b0f98ff5f27506da94fa597ca_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/grafana-dashboard-loader-rhel9@sha256:26a08abd967f17e23975b728768e2f561750856b0f98ff5f27506da94fa597ca_ppc64le"
},
"product_reference": "rhacm2/grafana-dashboard-loader-rhel9@sha256:26a08abd967f17e23975b728768e2f561750856b0f98ff5f27506da94fa597ca_ppc64le",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/grafana-dashboard-loader-rhel9@sha256:43f27505c8ac51aa659c638f96f7681d8d3029775b9153a8075fa38dd48dbc3c_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/grafana-dashboard-loader-rhel9@sha256:43f27505c8ac51aa659c638f96f7681d8d3029775b9153a8075fa38dd48dbc3c_arm64"
},
"product_reference": "rhacm2/grafana-dashboard-loader-rhel9@sha256:43f27505c8ac51aa659c638f96f7681d8d3029775b9153a8075fa38dd48dbc3c_arm64",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/grafana-dashboard-loader-rhel9@sha256:a9afb35685e18a179269293a1998eb5c6c8c47e9247a7f3f1c27d3b1b35a83b2_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/grafana-dashboard-loader-rhel9@sha256:a9afb35685e18a179269293a1998eb5c6c8c47e9247a7f3f1c27d3b1b35a83b2_amd64"
},
"product_reference": "rhacm2/grafana-dashboard-loader-rhel9@sha256:a9afb35685e18a179269293a1998eb5c6c8c47e9247a7f3f1c27d3b1b35a83b2_amd64",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/grafana-dashboard-loader-rhel9@sha256:f30433d2c90f38c86f1780bd8b74a50821837f769db589ee720e35fd79dbc23b_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/grafana-dashboard-loader-rhel9@sha256:f30433d2c90f38c86f1780bd8b74a50821837f769db589ee720e35fd79dbc23b_s390x"
},
"product_reference": "rhacm2/grafana-dashboard-loader-rhel9@sha256:f30433d2c90f38c86f1780bd8b74a50821837f769db589ee720e35fd79dbc23b_s390x",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/iam-policy-controller-rhel9@sha256:63ca0eef9b3febe70ceea5b47a36fea7455eef69da9d1bda70d2bc9661ec2f2c_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/iam-policy-controller-rhel9@sha256:63ca0eef9b3febe70ceea5b47a36fea7455eef69da9d1bda70d2bc9661ec2f2c_arm64"
},
"product_reference": "rhacm2/iam-policy-controller-rhel9@sha256:63ca0eef9b3febe70ceea5b47a36fea7455eef69da9d1bda70d2bc9661ec2f2c_arm64",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/iam-policy-controller-rhel9@sha256:ae274418f0fa055670012f2d92d63ebb175fdbd3946486312007bc2b0a915541_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/iam-policy-controller-rhel9@sha256:ae274418f0fa055670012f2d92d63ebb175fdbd3946486312007bc2b0a915541_ppc64le"
},
"product_reference": "rhacm2/iam-policy-controller-rhel9@sha256:ae274418f0fa055670012f2d92d63ebb175fdbd3946486312007bc2b0a915541_ppc64le",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/iam-policy-controller-rhel9@sha256:c1d7619138ab3717e6f6a49ac76f95ff041a022746891057d6e4e163114fb864_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/iam-policy-controller-rhel9@sha256:c1d7619138ab3717e6f6a49ac76f95ff041a022746891057d6e4e163114fb864_amd64"
},
"product_reference": "rhacm2/iam-policy-controller-rhel9@sha256:c1d7619138ab3717e6f6a49ac76f95ff041a022746891057d6e4e163114fb864_amd64",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/iam-policy-controller-rhel9@sha256:f62a79f1f02af4be1424b74071e6d701e5c514e27019e69ee98cbed10b602f3d_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/iam-policy-controller-rhel9@sha256:f62a79f1f02af4be1424b74071e6d701e5c514e27019e69ee98cbed10b602f3d_s390x"
},
"product_reference": "rhacm2/iam-policy-controller-rhel9@sha256:f62a79f1f02af4be1424b74071e6d701e5c514e27019e69ee98cbed10b602f3d_s390x",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/insights-client-rhel9@sha256:0ff4ca5a9703ec58d70178152b5dbbb3aaffa5fce80153eda12f727f7c3e0b6f_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/insights-client-rhel9@sha256:0ff4ca5a9703ec58d70178152b5dbbb3aaffa5fce80153eda12f727f7c3e0b6f_ppc64le"
},
"product_reference": "rhacm2/insights-client-rhel9@sha256:0ff4ca5a9703ec58d70178152b5dbbb3aaffa5fce80153eda12f727f7c3e0b6f_ppc64le",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/insights-client-rhel9@sha256:70833a6ef9ebc1b50e914744e0f7c36c259bb7889c7ff8085cb8470826ac803e_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/insights-client-rhel9@sha256:70833a6ef9ebc1b50e914744e0f7c36c259bb7889c7ff8085cb8470826ac803e_s390x"
},
"product_reference": "rhacm2/insights-client-rhel9@sha256:70833a6ef9ebc1b50e914744e0f7c36c259bb7889c7ff8085cb8470826ac803e_s390x",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/insights-client-rhel9@sha256:cdf079542b23633884a52daa02d4b9182aaf7454e769186de4f495467686653d_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/insights-client-rhel9@sha256:cdf079542b23633884a52daa02d4b9182aaf7454e769186de4f495467686653d_arm64"
},
"product_reference": "rhacm2/insights-client-rhel9@sha256:cdf079542b23633884a52daa02d4b9182aaf7454e769186de4f495467686653d_arm64",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/insights-client-rhel9@sha256:f62d6a262c044a7883f34563e3e1909761ca0bd44e4d5f8a0e564db8b630068b_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/insights-client-rhel9@sha256:f62d6a262c044a7883f34563e3e1909761ca0bd44e4d5f8a0e564db8b630068b_amd64"
},
"product_reference": "rhacm2/insights-client-rhel9@sha256:f62d6a262c044a7883f34563e3e1909761ca0bd44e4d5f8a0e564db8b630068b_amd64",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/insights-metrics-rhel9@sha256:16862c34efb507d44455ed78cde51a1f57969cc69f4beec70ecb697b8ea406dc_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/insights-metrics-rhel9@sha256:16862c34efb507d44455ed78cde51a1f57969cc69f4beec70ecb697b8ea406dc_amd64"
},
"product_reference": "rhacm2/insights-metrics-rhel9@sha256:16862c34efb507d44455ed78cde51a1f57969cc69f4beec70ecb697b8ea406dc_amd64",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/insights-metrics-rhel9@sha256:2f7c346cb847e2928715bd4b64a34531b82d0130a89a08f19c3026db5d89c5a1_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/insights-metrics-rhel9@sha256:2f7c346cb847e2928715bd4b64a34531b82d0130a89a08f19c3026db5d89c5a1_ppc64le"
},
"product_reference": "rhacm2/insights-metrics-rhel9@sha256:2f7c346cb847e2928715bd4b64a34531b82d0130a89a08f19c3026db5d89c5a1_ppc64le",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/insights-metrics-rhel9@sha256:44f56f7a1ac2720ce815ea7aa824ea37a0bdcf63c637941ca84328578a735142_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/insights-metrics-rhel9@sha256:44f56f7a1ac2720ce815ea7aa824ea37a0bdcf63c637941ca84328578a735142_arm64"
},
"product_reference": "rhacm2/insights-metrics-rhel9@sha256:44f56f7a1ac2720ce815ea7aa824ea37a0bdcf63c637941ca84328578a735142_arm64",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/insights-metrics-rhel9@sha256:e2a9110af4d9bac9fd97b8f5981230c495506d50db571eccae9e16e361abfdd7_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/insights-metrics-rhel9@sha256:e2a9110af4d9bac9fd97b8f5981230c495506d50db571eccae9e16e361abfdd7_s390x"
},
"product_reference": "rhacm2/insights-metrics-rhel9@sha256:e2a9110af4d9bac9fd97b8f5981230c495506d50db571eccae9e16e361abfdd7_s390x",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/klusterlet-addon-controller-rhel9@sha256:693af28fa3e5f1aee61695e891fdd33a49b5280e4a555f84b838ca8e829d0999_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/klusterlet-addon-controller-rhel9@sha256:693af28fa3e5f1aee61695e891fdd33a49b5280e4a555f84b838ca8e829d0999_ppc64le"
},
"product_reference": "rhacm2/klusterlet-addon-controller-rhel9@sha256:693af28fa3e5f1aee61695e891fdd33a49b5280e4a555f84b838ca8e829d0999_ppc64le",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/klusterlet-addon-controller-rhel9@sha256:7ac958c32070e6282a8cbe262810c58a81e6e331bf59877cd67758ab6feb8ada_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/klusterlet-addon-controller-rhel9@sha256:7ac958c32070e6282a8cbe262810c58a81e6e331bf59877cd67758ab6feb8ada_amd64"
},
"product_reference": "rhacm2/klusterlet-addon-controller-rhel9@sha256:7ac958c32070e6282a8cbe262810c58a81e6e331bf59877cd67758ab6feb8ada_amd64",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/klusterlet-addon-controller-rhel9@sha256:8528a204787ecde3925c9c3ef31e225f59c5b4b3a21bd314541fe06dd4c1aa73_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/klusterlet-addon-controller-rhel9@sha256:8528a204787ecde3925c9c3ef31e225f59c5b4b3a21bd314541fe06dd4c1aa73_s390x"
},
"product_reference": "rhacm2/klusterlet-addon-controller-rhel9@sha256:8528a204787ecde3925c9c3ef31e225f59c5b4b3a21bd314541fe06dd4c1aa73_s390x",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/klusterlet-addon-controller-rhel9@sha256:cf0bf12f03bd0a4a09188d1f5b4820aa6e7f6e4a1fb1bc2c45559553907c6eae_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/klusterlet-addon-controller-rhel9@sha256:cf0bf12f03bd0a4a09188d1f5b4820aa6e7f6e4a1fb1bc2c45559553907c6eae_arm64"
},
"product_reference": "rhacm2/klusterlet-addon-controller-rhel9@sha256:cf0bf12f03bd0a4a09188d1f5b4820aa6e7f6e4a1fb1bc2c45559553907c6eae_arm64",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/kube-rbac-proxy-rhel9@sha256:1d75e8e70fc3f3943841bd34f79e5762705b0d23460064c6adcdd0fc6b39005a_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/kube-rbac-proxy-rhel9@sha256:1d75e8e70fc3f3943841bd34f79e5762705b0d23460064c6adcdd0fc6b39005a_amd64"
},
"product_reference": "rhacm2/kube-rbac-proxy-rhel9@sha256:1d75e8e70fc3f3943841bd34f79e5762705b0d23460064c6adcdd0fc6b39005a_amd64",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/kube-rbac-proxy-rhel9@sha256:355905503e1321fc2fd75b12bab33b2cb75cbfcc0d0e7e70400790da081abfd9_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/kube-rbac-proxy-rhel9@sha256:355905503e1321fc2fd75b12bab33b2cb75cbfcc0d0e7e70400790da081abfd9_arm64"
},
"product_reference": "rhacm2/kube-rbac-proxy-rhel9@sha256:355905503e1321fc2fd75b12bab33b2cb75cbfcc0d0e7e70400790da081abfd9_arm64",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/kube-rbac-proxy-rhel9@sha256:42da847ca7b39914df099381ac807d8ab619774388c1a47e0d71020fbce998ae_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/kube-rbac-proxy-rhel9@sha256:42da847ca7b39914df099381ac807d8ab619774388c1a47e0d71020fbce998ae_s390x"
},
"product_reference": "rhacm2/kube-rbac-proxy-rhel9@sha256:42da847ca7b39914df099381ac807d8ab619774388c1a47e0d71020fbce998ae_s390x",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/kube-rbac-proxy-rhel9@sha256:5e416f1249a77845f81c9cf1a1dfae74feca41afd6dd35e7be55a0fa61632c00_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/kube-rbac-proxy-rhel9@sha256:5e416f1249a77845f81c9cf1a1dfae74feca41afd6dd35e7be55a0fa61632c00_ppc64le"
},
"product_reference": "rhacm2/kube-rbac-proxy-rhel9@sha256:5e416f1249a77845f81c9cf1a1dfae74feca41afd6dd35e7be55a0fa61632c00_ppc64le",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/kube-state-metrics-rhel9@sha256:715f6b9c01400a153157de08bf2a6b04ea54478ee2c18d7871b65c865d6902d2_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/kube-state-metrics-rhel9@sha256:715f6b9c01400a153157de08bf2a6b04ea54478ee2c18d7871b65c865d6902d2_s390x"
},
"product_reference": "rhacm2/kube-state-metrics-rhel9@sha256:715f6b9c01400a153157de08bf2a6b04ea54478ee2c18d7871b65c865d6902d2_s390x",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/kube-state-metrics-rhel9@sha256:72f6c545d46d1cc6f3fb1b9cd6840f0496056d410c8ade62dd35d99dfdd60737_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/kube-state-metrics-rhel9@sha256:72f6c545d46d1cc6f3fb1b9cd6840f0496056d410c8ade62dd35d99dfdd60737_arm64"
},
"product_reference": "rhacm2/kube-state-metrics-rhel9@sha256:72f6c545d46d1cc6f3fb1b9cd6840f0496056d410c8ade62dd35d99dfdd60737_arm64",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/kube-state-metrics-rhel9@sha256:88982e268e1a3d0c52c72563a684b58042adb0800ebd1e80208b898eebe75cd6_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/kube-state-metrics-rhel9@sha256:88982e268e1a3d0c52c72563a684b58042adb0800ebd1e80208b898eebe75cd6_ppc64le"
},
"product_reference": "rhacm2/kube-state-metrics-rhel9@sha256:88982e268e1a3d0c52c72563a684b58042adb0800ebd1e80208b898eebe75cd6_ppc64le",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/kube-state-metrics-rhel9@sha256:9f2ac058e15d5653e8bced975955e26e51a88d36a1d5896305b6f5060afee43a_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/kube-state-metrics-rhel9@sha256:9f2ac058e15d5653e8bced975955e26e51a88d36a1d5896305b6f5060afee43a_amd64"
},
"product_reference": "rhacm2/kube-state-metrics-rhel9@sha256:9f2ac058e15d5653e8bced975955e26e51a88d36a1d5896305b6f5060afee43a_amd64",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/memcached-exporter-rhel9@sha256:1304f49745ed8a18784196b5595cea1ec6caf904d0e61d0952a603e6fb7da6e0_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/memcached-exporter-rhel9@sha256:1304f49745ed8a18784196b5595cea1ec6caf904d0e61d0952a603e6fb7da6e0_ppc64le"
},
"product_reference": "rhacm2/memcached-exporter-rhel9@sha256:1304f49745ed8a18784196b5595cea1ec6caf904d0e61d0952a603e6fb7da6e0_ppc64le",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/memcached-exporter-rhel9@sha256:36529c281273e5346ef5cce6a55e47c27fdaf2507a6f7971576b738b1c543258_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/memcached-exporter-rhel9@sha256:36529c281273e5346ef5cce6a55e47c27fdaf2507a6f7971576b738b1c543258_arm64"
},
"product_reference": "rhacm2/memcached-exporter-rhel9@sha256:36529c281273e5346ef5cce6a55e47c27fdaf2507a6f7971576b738b1c543258_arm64",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/memcached-exporter-rhel9@sha256:c5275f61fd2e84deaab7e789a7ffefdbe235866a8439d3d2534e4b26998372d6_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/memcached-exporter-rhel9@sha256:c5275f61fd2e84deaab7e789a7ffefdbe235866a8439d3d2534e4b26998372d6_s390x"
},
"product_reference": "rhacm2/memcached-exporter-rhel9@sha256:c5275f61fd2e84deaab7e789a7ffefdbe235866a8439d3d2534e4b26998372d6_s390x",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/memcached-exporter-rhel9@sha256:f9f5ca67f62d6218b90b863b4fe63aa95aef755e5cbae5a83896f74a0039b7ab_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/memcached-exporter-rhel9@sha256:f9f5ca67f62d6218b90b863b4fe63aa95aef755e5cbae5a83896f74a0039b7ab_amd64"
},
"product_reference": "rhacm2/memcached-exporter-rhel9@sha256:f9f5ca67f62d6218b90b863b4fe63aa95aef755e5cbae5a83896f74a0039b7ab_amd64",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/memcached-rhel9@sha256:2c4437598be87fc5f3f6639e728279d8ba21cf49061be78e3a4fbacc989997b4_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/memcached-rhel9@sha256:2c4437598be87fc5f3f6639e728279d8ba21cf49061be78e3a4fbacc989997b4_amd64"
},
"product_reference": "rhacm2/memcached-rhel9@sha256:2c4437598be87fc5f3f6639e728279d8ba21cf49061be78e3a4fbacc989997b4_amd64",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/memcached-rhel9@sha256:2fb75dce1567e21a9f1361ec3ac54a4d5a2252f03aa64b6cdf4d1cd02a58d04c_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/memcached-rhel9@sha256:2fb75dce1567e21a9f1361ec3ac54a4d5a2252f03aa64b6cdf4d1cd02a58d04c_s390x"
},
"product_reference": "rhacm2/memcached-rhel9@sha256:2fb75dce1567e21a9f1361ec3ac54a4d5a2252f03aa64b6cdf4d1cd02a58d04c_s390x",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/memcached-rhel9@sha256:4af229aca50a46ec9f190fbeef603f1259223f81f5307f46de17ad8b8c9760e1_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/memcached-rhel9@sha256:4af229aca50a46ec9f190fbeef603f1259223f81f5307f46de17ad8b8c9760e1_arm64"
},
"product_reference": "rhacm2/memcached-rhel9@sha256:4af229aca50a46ec9f190fbeef603f1259223f81f5307f46de17ad8b8c9760e1_arm64",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/memcached-rhel9@sha256:e871cb2e5d235ae74a998356748299daace42d47a92e1da57a2773eae87625a6_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/memcached-rhel9@sha256:e871cb2e5d235ae74a998356748299daace42d47a92e1da57a2773eae87625a6_ppc64le"
},
"product_reference": "rhacm2/memcached-rhel9@sha256:e871cb2e5d235ae74a998356748299daace42d47a92e1da57a2773eae87625a6_ppc64le",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/metrics-collector-rhel9@sha256:20ac5c57af957e7126221f4089bb816b948aa624788da9298b4f476ecc668293_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/metrics-collector-rhel9@sha256:20ac5c57af957e7126221f4089bb816b948aa624788da9298b4f476ecc668293_amd64"
},
"product_reference": "rhacm2/metrics-collector-rhel9@sha256:20ac5c57af957e7126221f4089bb816b948aa624788da9298b4f476ecc668293_amd64",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/metrics-collector-rhel9@sha256:54665ca7529012a3a63c7dcc263a2e46964a0ee4ba43f19a2a3f05dcdfd5ae0f_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/metrics-collector-rhel9@sha256:54665ca7529012a3a63c7dcc263a2e46964a0ee4ba43f19a2a3f05dcdfd5ae0f_ppc64le"
},
"product_reference": "rhacm2/metrics-collector-rhel9@sha256:54665ca7529012a3a63c7dcc263a2e46964a0ee4ba43f19a2a3f05dcdfd5ae0f_ppc64le",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/metrics-collector-rhel9@sha256:84543f21ccfe36960fce099930132e7042e505ba635c45a28a902ed2b2401d55_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/metrics-collector-rhel9@sha256:84543f21ccfe36960fce099930132e7042e505ba635c45a28a902ed2b2401d55_s390x"
},
"product_reference": "rhacm2/metrics-collector-rhel9@sha256:84543f21ccfe36960fce099930132e7042e505ba635c45a28a902ed2b2401d55_s390x",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/metrics-collector-rhel9@sha256:eb32f5c275247babd03ec16b0978aced10a9b9da07a84f5af6be4d7c3852a6b7_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/metrics-collector-rhel9@sha256:eb32f5c275247babd03ec16b0978aced10a9b9da07a84f5af6be4d7c3852a6b7_arm64"
},
"product_reference": "rhacm2/metrics-collector-rhel9@sha256:eb32f5c275247babd03ec16b0978aced10a9b9da07a84f5af6be4d7c3852a6b7_arm64",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicloud-integrations-rhel9@sha256:0529a11c8935d5b9fa2a3f29801749b09861076c0c2040612271f0bbafb5fbab_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/multicloud-integrations-rhel9@sha256:0529a11c8935d5b9fa2a3f29801749b09861076c0c2040612271f0bbafb5fbab_s390x"
},
"product_reference": "rhacm2/multicloud-integrations-rhel9@sha256:0529a11c8935d5b9fa2a3f29801749b09861076c0c2040612271f0bbafb5fbab_s390x",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicloud-integrations-rhel9@sha256:2b7557d262cd8eacc45178dcca3dae642b1bb33fbfccdf6a3b63abb7e1a39d53_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/multicloud-integrations-rhel9@sha256:2b7557d262cd8eacc45178dcca3dae642b1bb33fbfccdf6a3b63abb7e1a39d53_amd64"
},
"product_reference": "rhacm2/multicloud-integrations-rhel9@sha256:2b7557d262cd8eacc45178dcca3dae642b1bb33fbfccdf6a3b63abb7e1a39d53_amd64",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicloud-integrations-rhel9@sha256:606ea20603d86412a34478a3db9c17737cca2b04c26bcab175279028c822e492_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/multicloud-integrations-rhel9@sha256:606ea20603d86412a34478a3db9c17737cca2b04c26bcab175279028c822e492_arm64"
},
"product_reference": "rhacm2/multicloud-integrations-rhel9@sha256:606ea20603d86412a34478a3db9c17737cca2b04c26bcab175279028c822e492_arm64",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicloud-integrations-rhel9@sha256:d3958606b5001619aa3044617ccb4fe265764d7dad05b0a6bf5b4910bd5d0ba7_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/multicloud-integrations-rhel9@sha256:d3958606b5001619aa3044617ccb4fe265764d7dad05b0a6bf5b4910bd5d0ba7_ppc64le"
},
"product_reference": "rhacm2/multicloud-integrations-rhel9@sha256:d3958606b5001619aa3044617ccb4fe265764d7dad05b0a6bf5b4910bd5d0ba7_ppc64le",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicluster-observability-rhel9-operator@sha256:9b855d7e4cf6fe3c4da92d84a51adc63aea5f144bce38dbb9c4ab3d01370c296_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/multicluster-observability-rhel9-operator@sha256:9b855d7e4cf6fe3c4da92d84a51adc63aea5f144bce38dbb9c4ab3d01370c296_amd64"
},
"product_reference": "rhacm2/multicluster-observability-rhel9-operator@sha256:9b855d7e4cf6fe3c4da92d84a51adc63aea5f144bce38dbb9c4ab3d01370c296_amd64",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicluster-observability-rhel9-operator@sha256:a9eb1e576d4eb5c7e9131803042b7d8529dab369595d0adc22623e24b67832d9_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/multicluster-observability-rhel9-operator@sha256:a9eb1e576d4eb5c7e9131803042b7d8529dab369595d0adc22623e24b67832d9_s390x"
},
"product_reference": "rhacm2/multicluster-observability-rhel9-operator@sha256:a9eb1e576d4eb5c7e9131803042b7d8529dab369595d0adc22623e24b67832d9_s390x",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicluster-observability-rhel9-operator@sha256:ab73f96720c106dcb2ea64f8b7ac13ad866533d993c43cb7c6dbbf08ba4977dd_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/multicluster-observability-rhel9-operator@sha256:ab73f96720c106dcb2ea64f8b7ac13ad866533d993c43cb7c6dbbf08ba4977dd_ppc64le"
},
"product_reference": "rhacm2/multicluster-observability-rhel9-operator@sha256:ab73f96720c106dcb2ea64f8b7ac13ad866533d993c43cb7c6dbbf08ba4977dd_ppc64le",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicluster-observability-rhel9-operator@sha256:f296c72dd6842481dad78536117aec3ff14d19be736e5679101bbfc92b87809b_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/multicluster-observability-rhel9-operator@sha256:f296c72dd6842481dad78536117aec3ff14d19be736e5679101bbfc92b87809b_arm64"
},
"product_reference": "rhacm2/multicluster-observability-rhel9-operator@sha256:f296c72dd6842481dad78536117aec3ff14d19be736e5679101bbfc92b87809b_arm64",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicluster-operators-application-rhel9@sha256:184f6068b077070b90ede3a2f4e81be398fd2841f042fc6f2f114fdfd4f1095b_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/multicluster-operators-application-rhel9@sha256:184f6068b077070b90ede3a2f4e81be398fd2841f042fc6f2f114fdfd4f1095b_arm64"
},
"product_reference": "rhacm2/multicluster-operators-application-rhel9@sha256:184f6068b077070b90ede3a2f4e81be398fd2841f042fc6f2f114fdfd4f1095b_arm64",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicluster-operators-application-rhel9@sha256:2a272685b487a747827220d16bc5aaff65c436d5c312b081d9fffd9ef4a8a0f9_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/multicluster-operators-application-rhel9@sha256:2a272685b487a747827220d16bc5aaff65c436d5c312b081d9fffd9ef4a8a0f9_amd64"
},
"product_reference": "rhacm2/multicluster-operators-application-rhel9@sha256:2a272685b487a747827220d16bc5aaff65c436d5c312b081d9fffd9ef4a8a0f9_amd64",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicluster-operators-application-rhel9@sha256:635c1cf425b8744a421c649bd809a59df6dc6cdeaa9da2a369706e522a3a0fab_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/multicluster-operators-application-rhel9@sha256:635c1cf425b8744a421c649bd809a59df6dc6cdeaa9da2a369706e522a3a0fab_ppc64le"
},
"product_reference": "rhacm2/multicluster-operators-application-rhel9@sha256:635c1cf425b8744a421c649bd809a59df6dc6cdeaa9da2a369706e522a3a0fab_ppc64le",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicluster-operators-application-rhel9@sha256:e15bedc9ce45cc025b6ab6c27d5b7eb95f6e750791ff0dae228a71eaeae1cace_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/multicluster-operators-application-rhel9@sha256:e15bedc9ce45cc025b6ab6c27d5b7eb95f6e750791ff0dae228a71eaeae1cace_s390x"
},
"product_reference": "rhacm2/multicluster-operators-application-rhel9@sha256:e15bedc9ce45cc025b6ab6c27d5b7eb95f6e750791ff0dae228a71eaeae1cace_s390x",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicluster-operators-channel-rhel9@sha256:2399cfe0b3b626be2acd289d8880b9913d73093220b3e4062bb7cddb2628640a_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/multicluster-operators-channel-rhel9@sha256:2399cfe0b3b626be2acd289d8880b9913d73093220b3e4062bb7cddb2628640a_amd64"
},
"product_reference": "rhacm2/multicluster-operators-channel-rhel9@sha256:2399cfe0b3b626be2acd289d8880b9913d73093220b3e4062bb7cddb2628640a_amd64",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicluster-operators-channel-rhel9@sha256:37f84cbbee522859c6f46e49179ab0b1e1fef118aac6741d18675b36e31972dd_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/multicluster-operators-channel-rhel9@sha256:37f84cbbee522859c6f46e49179ab0b1e1fef118aac6741d18675b36e31972dd_s390x"
},
"product_reference": "rhacm2/multicluster-operators-channel-rhel9@sha256:37f84cbbee522859c6f46e49179ab0b1e1fef118aac6741d18675b36e31972dd_s390x",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicluster-operators-channel-rhel9@sha256:43c086e0f17783322c26ba577db2c7c8fd43176a7ac14e45a40c3db0b91a6d1e_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/multicluster-operators-channel-rhel9@sha256:43c086e0f17783322c26ba577db2c7c8fd43176a7ac14e45a40c3db0b91a6d1e_ppc64le"
},
"product_reference": "rhacm2/multicluster-operators-channel-rhel9@sha256:43c086e0f17783322c26ba577db2c7c8fd43176a7ac14e45a40c3db0b91a6d1e_ppc64le",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicluster-operators-channel-rhel9@sha256:773c32065f60e4a2e626e17744d0a2cfc4049325f6664f899d8da949dc3fa4a6_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/multicluster-operators-channel-rhel9@sha256:773c32065f60e4a2e626e17744d0a2cfc4049325f6664f899d8da949dc3fa4a6_arm64"
},
"product_reference": "rhacm2/multicluster-operators-channel-rhel9@sha256:773c32065f60e4a2e626e17744d0a2cfc4049325f6664f899d8da949dc3fa4a6_arm64",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicluster-operators-subscription-rhel9@sha256:08aacdc6cad3ba5743a5d65c1bff5b3e41e44269765b94f45673a8e648f60584_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/multicluster-operators-subscription-rhel9@sha256:08aacdc6cad3ba5743a5d65c1bff5b3e41e44269765b94f45673a8e648f60584_amd64"
},
"product_reference": "rhacm2/multicluster-operators-subscription-rhel9@sha256:08aacdc6cad3ba5743a5d65c1bff5b3e41e44269765b94f45673a8e648f60584_amd64",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicluster-operators-subscription-rhel9@sha256:7eda39d696e452ec7e9da1473807e3134f149ed28d0ec873cf489451fbb007e0_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/multicluster-operators-subscription-rhel9@sha256:7eda39d696e452ec7e9da1473807e3134f149ed28d0ec873cf489451fbb007e0_arm64"
},
"product_reference": "rhacm2/multicluster-operators-subscription-rhel9@sha256:7eda39d696e452ec7e9da1473807e3134f149ed28d0ec873cf489451fbb007e0_arm64",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicluster-operators-subscription-rhel9@sha256:a791398b5dd73f447d22f260eaf209f782c9663e81c81529eb4b3018183f9deb_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/multicluster-operators-subscription-rhel9@sha256:a791398b5dd73f447d22f260eaf209f782c9663e81c81529eb4b3018183f9deb_ppc64le"
},
"product_reference": "rhacm2/multicluster-operators-subscription-rhel9@sha256:a791398b5dd73f447d22f260eaf209f782c9663e81c81529eb4b3018183f9deb_ppc64le",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multicluster-operators-subscription-rhel9@sha256:b88262afe6149a741a566054ecc16400bc7335a443219d3ddbcb1ba7c939a38b_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/multicluster-operators-subscription-rhel9@sha256:b88262afe6149a741a566054ecc16400bc7335a443219d3ddbcb1ba7c939a38b_s390x"
},
"product_reference": "rhacm2/multicluster-operators-subscription-rhel9@sha256:b88262afe6149a741a566054ecc16400bc7335a443219d3ddbcb1ba7c939a38b_s390x",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multiclusterhub-rhel9@sha256:5de91afd73b5a86865954ab3f6587f382f53e0856422ed975d9aa867bd0ffbf9_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/multiclusterhub-rhel9@sha256:5de91afd73b5a86865954ab3f6587f382f53e0856422ed975d9aa867bd0ffbf9_arm64"
},
"product_reference": "rhacm2/multiclusterhub-rhel9@sha256:5de91afd73b5a86865954ab3f6587f382f53e0856422ed975d9aa867bd0ffbf9_arm64",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multiclusterhub-rhel9@sha256:97932a785e8601b170a7c6fd42b1e6a18203b958ccbb712352c2817b8103d9b5_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/multiclusterhub-rhel9@sha256:97932a785e8601b170a7c6fd42b1e6a18203b958ccbb712352c2817b8103d9b5_s390x"
},
"product_reference": "rhacm2/multiclusterhub-rhel9@sha256:97932a785e8601b170a7c6fd42b1e6a18203b958ccbb712352c2817b8103d9b5_s390x",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multiclusterhub-rhel9@sha256:b30d5d981e1522751e4434b1c107e5cefb6c8c22ea16915f35948c11f9aa0579_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/multiclusterhub-rhel9@sha256:b30d5d981e1522751e4434b1c107e5cefb6c8c22ea16915f35948c11f9aa0579_ppc64le"
},
"product_reference": "rhacm2/multiclusterhub-rhel9@sha256:b30d5d981e1522751e4434b1c107e5cefb6c8c22ea16915f35948c11f9aa0579_ppc64le",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/multiclusterhub-rhel9@sha256:c5e3898dd435f49636834ce14b3188f7163167cdb538d85812393cf450d49157_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/multiclusterhub-rhel9@sha256:c5e3898dd435f49636834ce14b3188f7163167cdb538d85812393cf450d49157_amd64"
},
"product_reference": "rhacm2/multiclusterhub-rhel9@sha256:c5e3898dd435f49636834ce14b3188f7163167cdb538d85812393cf450d49157_amd64",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/node-exporter-rhel9@sha256:8bb239eafceaa18a786b78f7bf54c7063d80bce60567d10d81c5a4282b2884b4_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/node-exporter-rhel9@sha256:8bb239eafceaa18a786b78f7bf54c7063d80bce60567d10d81c5a4282b2884b4_s390x"
},
"product_reference": "rhacm2/node-exporter-rhel9@sha256:8bb239eafceaa18a786b78f7bf54c7063d80bce60567d10d81c5a4282b2884b4_s390x",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/node-exporter-rhel9@sha256:9611a92119f19e11c29e9e93b9c714499e60d06712da97d9fa77ed0fd0d4d33b_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/node-exporter-rhel9@sha256:9611a92119f19e11c29e9e93b9c714499e60d06712da97d9fa77ed0fd0d4d33b_arm64"
},
"product_reference": "rhacm2/node-exporter-rhel9@sha256:9611a92119f19e11c29e9e93b9c714499e60d06712da97d9fa77ed0fd0d4d33b_arm64",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/node-exporter-rhel9@sha256:d147abba6fa66eb914005d4cd62302c527cbfc0083be386275c5c782b90c3c1c_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/node-exporter-rhel9@sha256:d147abba6fa66eb914005d4cd62302c527cbfc0083be386275c5c782b90c3c1c_amd64"
},
"product_reference": "rhacm2/node-exporter-rhel9@sha256:d147abba6fa66eb914005d4cd62302c527cbfc0083be386275c5c782b90c3c1c_amd64",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/node-exporter-rhel9@sha256:f9a4446156fd21112854846849c68952e4c336e5782d6aeb3c49bddd3408d388_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/node-exporter-rhel9@sha256:f9a4446156fd21112854846849c68952e4c336e5782d6aeb3c49bddd3408d388_ppc64le"
},
"product_reference": "rhacm2/node-exporter-rhel9@sha256:f9a4446156fd21112854846849c68952e4c336e5782d6aeb3c49bddd3408d388_ppc64le",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/observatorium-rhel9-operator@sha256:414b191a314b0695aede28ac7229a064833d798e94d5b92a434e2eb3650983b6_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/observatorium-rhel9-operator@sha256:414b191a314b0695aede28ac7229a064833d798e94d5b92a434e2eb3650983b6_arm64"
},
"product_reference": "rhacm2/observatorium-rhel9-operator@sha256:414b191a314b0695aede28ac7229a064833d798e94d5b92a434e2eb3650983b6_arm64",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/observatorium-rhel9-operator@sha256:9e2d97d0116349c1f1e1d815a6d8822c9f5331acdb81e878c0cb0e86149167ef_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/observatorium-rhel9-operator@sha256:9e2d97d0116349c1f1e1d815a6d8822c9f5331acdb81e878c0cb0e86149167ef_ppc64le"
},
"product_reference": "rhacm2/observatorium-rhel9-operator@sha256:9e2d97d0116349c1f1e1d815a6d8822c9f5331acdb81e878c0cb0e86149167ef_ppc64le",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/observatorium-rhel9-operator@sha256:e2dabaf7c375e039797330bb33e03c993356dc5a37949f84a89c3e4f40ff0023_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/observatorium-rhel9-operator@sha256:e2dabaf7c375e039797330bb33e03c993356dc5a37949f84a89c3e4f40ff0023_amd64"
},
"product_reference": "rhacm2/observatorium-rhel9-operator@sha256:e2dabaf7c375e039797330bb33e03c993356dc5a37949f84a89c3e4f40ff0023_amd64",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/observatorium-rhel9-operator@sha256:ecda2be3377f15a09c6971b1a689bb9eb917909d55f54c996d54a972aece7432_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/observatorium-rhel9-operator@sha256:ecda2be3377f15a09c6971b1a689bb9eb917909d55f54c996d54a972aece7432_s390x"
},
"product_reference": "rhacm2/observatorium-rhel9-operator@sha256:ecda2be3377f15a09c6971b1a689bb9eb917909d55f54c996d54a972aece7432_s390x",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/observatorium-rhel9@sha256:10ee1d5c854a7daf0d33f1dc16529a7e1a3cb67fab5a626f8a42da705186265e_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/observatorium-rhel9@sha256:10ee1d5c854a7daf0d33f1dc16529a7e1a3cb67fab5a626f8a42da705186265e_arm64"
},
"product_reference": "rhacm2/observatorium-rhel9@sha256:10ee1d5c854a7daf0d33f1dc16529a7e1a3cb67fab5a626f8a42da705186265e_arm64",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/observatorium-rhel9@sha256:1eb9b98d7f3c878e09b45aad2a64780e46026c55d6f70a64d66e255ec13ce9fb_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/observatorium-rhel9@sha256:1eb9b98d7f3c878e09b45aad2a64780e46026c55d6f70a64d66e255ec13ce9fb_s390x"
},
"product_reference": "rhacm2/observatorium-rhel9@sha256:1eb9b98d7f3c878e09b45aad2a64780e46026c55d6f70a64d66e255ec13ce9fb_s390x",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/observatorium-rhel9@sha256:25ee9231e17b71c83f12a9ce5d94629b2fd8ad3c64b61de9f03b057584f84804_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/observatorium-rhel9@sha256:25ee9231e17b71c83f12a9ce5d94629b2fd8ad3c64b61de9f03b057584f84804_ppc64le"
},
"product_reference": "rhacm2/observatorium-rhel9@sha256:25ee9231e17b71c83f12a9ce5d94629b2fd8ad3c64b61de9f03b057584f84804_ppc64le",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/observatorium-rhel9@sha256:7812638565dff9368b4db0ed9aecb86c544d0b6caa773994c5c830e800060e22_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/observatorium-rhel9@sha256:7812638565dff9368b4db0ed9aecb86c544d0b6caa773994c5c830e800060e22_amd64"
},
"product_reference": "rhacm2/observatorium-rhel9@sha256:7812638565dff9368b4db0ed9aecb86c544d0b6caa773994c5c830e800060e22_amd64",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/prometheus-alertmanager-rhel9@sha256:0a4ecc2af398e1a771540af4f062abfc0f47bfae9ba3a2fcb6a6c66940385d42_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/prometheus-alertmanager-rhel9@sha256:0a4ecc2af398e1a771540af4f062abfc0f47bfae9ba3a2fcb6a6c66940385d42_ppc64le"
},
"product_reference": "rhacm2/prometheus-alertmanager-rhel9@sha256:0a4ecc2af398e1a771540af4f062abfc0f47bfae9ba3a2fcb6a6c66940385d42_ppc64le",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/prometheus-alertmanager-rhel9@sha256:0e7e5cfd6a953e092eb3ae72b236741f73432f8d262ace74caa2acf8c5fe3863_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/prometheus-alertmanager-rhel9@sha256:0e7e5cfd6a953e092eb3ae72b236741f73432f8d262ace74caa2acf8c5fe3863_amd64"
},
"product_reference": "rhacm2/prometheus-alertmanager-rhel9@sha256:0e7e5cfd6a953e092eb3ae72b236741f73432f8d262ace74caa2acf8c5fe3863_amd64",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/prometheus-alertmanager-rhel9@sha256:25abc3028c69dedee05220fa4f0f32b7accc33ef519f46b23860612307db2181_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/prometheus-alertmanager-rhel9@sha256:25abc3028c69dedee05220fa4f0f32b7accc33ef519f46b23860612307db2181_arm64"
},
"product_reference": "rhacm2/prometheus-alertmanager-rhel9@sha256:25abc3028c69dedee05220fa4f0f32b7accc33ef519f46b23860612307db2181_arm64",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/prometheus-alertmanager-rhel9@sha256:88383e94dcec26826df02cdebc9e7cc764e92b2ce71300c31a46f20ce92135c0_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/prometheus-alertmanager-rhel9@sha256:88383e94dcec26826df02cdebc9e7cc764e92b2ce71300c31a46f20ce92135c0_s390x"
},
"product_reference": "rhacm2/prometheus-alertmanager-rhel9@sha256:88383e94dcec26826df02cdebc9e7cc764e92b2ce71300c31a46f20ce92135c0_s390x",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/prometheus-rhel9@sha256:556c5d133dd996b86dceb03158d4d463ccdbbf29cc9ca05ff1e3915a48cd8c47_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/prometheus-rhel9@sha256:556c5d133dd996b86dceb03158d4d463ccdbbf29cc9ca05ff1e3915a48cd8c47_s390x"
},
"product_reference": "rhacm2/prometheus-rhel9@sha256:556c5d133dd996b86dceb03158d4d463ccdbbf29cc9ca05ff1e3915a48cd8c47_s390x",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/prometheus-rhel9@sha256:98af2a53f9c59b0bdd6ee9c8f27eb00f65a870ee64ba8d503083a9a0d3aa2ec6_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/prometheus-rhel9@sha256:98af2a53f9c59b0bdd6ee9c8f27eb00f65a870ee64ba8d503083a9a0d3aa2ec6_arm64"
},
"product_reference": "rhacm2/prometheus-rhel9@sha256:98af2a53f9c59b0bdd6ee9c8f27eb00f65a870ee64ba8d503083a9a0d3aa2ec6_arm64",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/prometheus-rhel9@sha256:99e749f7d98203070348c652f6df158c9207801d86439ddde08bcae16e813ea5_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/prometheus-rhel9@sha256:99e749f7d98203070348c652f6df158c9207801d86439ddde08bcae16e813ea5_ppc64le"
},
"product_reference": "rhacm2/prometheus-rhel9@sha256:99e749f7d98203070348c652f6df158c9207801d86439ddde08bcae16e813ea5_ppc64le",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/prometheus-rhel9@sha256:c1c2a5bc8d471fb7cbbf31c0e5513bf2630efbd1a5bbb458dc0c98b3ee608636_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/prometheus-rhel9@sha256:c1c2a5bc8d471fb7cbbf31c0e5513bf2630efbd1a5bbb458dc0c98b3ee608636_amd64"
},
"product_reference": "rhacm2/prometheus-rhel9@sha256:c1c2a5bc8d471fb7cbbf31c0e5513bf2630efbd1a5bbb458dc0c98b3ee608636_amd64",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/rbac-query-proxy-rhel9@sha256:5f70872d294b5f10393fa7c6a6ffd81a6a509ea7589753d29ad49118a87fb2df_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/rbac-query-proxy-rhel9@sha256:5f70872d294b5f10393fa7c6a6ffd81a6a509ea7589753d29ad49118a87fb2df_s390x"
},
"product_reference": "rhacm2/rbac-query-proxy-rhel9@sha256:5f70872d294b5f10393fa7c6a6ffd81a6a509ea7589753d29ad49118a87fb2df_s390x",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/rbac-query-proxy-rhel9@sha256:a061734a251e62cd31792ec9065f6a346de672f72e32965954811faf11f86d62_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/rbac-query-proxy-rhel9@sha256:a061734a251e62cd31792ec9065f6a346de672f72e32965954811faf11f86d62_amd64"
},
"product_reference": "rhacm2/rbac-query-proxy-rhel9@sha256:a061734a251e62cd31792ec9065f6a346de672f72e32965954811faf11f86d62_amd64",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/rbac-query-proxy-rhel9@sha256:e325c611a68e60d204018b8aac765bb58e135b44735bbc14069c5cbf49828ada_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/rbac-query-proxy-rhel9@sha256:e325c611a68e60d204018b8aac765bb58e135b44735bbc14069c5cbf49828ada_ppc64le"
},
"product_reference": "rhacm2/rbac-query-proxy-rhel9@sha256:e325c611a68e60d204018b8aac765bb58e135b44735bbc14069c5cbf49828ada_ppc64le",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/rbac-query-proxy-rhel9@sha256:fe807380c43daaae2ca277ef4a6b6bace7842087112f7d242773a073797c908e_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/rbac-query-proxy-rhel9@sha256:fe807380c43daaae2ca277ef4a6b6bace7842087112f7d242773a073797c908e_arm64"
},
"product_reference": "rhacm2/rbac-query-proxy-rhel9@sha256:fe807380c43daaae2ca277ef4a6b6bace7842087112f7d242773a073797c908e_arm64",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/search-collector-rhel9@sha256:2092c265f1dea3dc553c370c3b07c92e4cb8523ccc58d46af4a517165e9b7bc4_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/search-collector-rhel9@sha256:2092c265f1dea3dc553c370c3b07c92e4cb8523ccc58d46af4a517165e9b7bc4_s390x"
},
"product_reference": "rhacm2/search-collector-rhel9@sha256:2092c265f1dea3dc553c370c3b07c92e4cb8523ccc58d46af4a517165e9b7bc4_s390x",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/search-collector-rhel9@sha256:557e431af519bf544102927491fffbdd4091a5a9377396d7d30b2898897c8fba_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/search-collector-rhel9@sha256:557e431af519bf544102927491fffbdd4091a5a9377396d7d30b2898897c8fba_amd64"
},
"product_reference": "rhacm2/search-collector-rhel9@sha256:557e431af519bf544102927491fffbdd4091a5a9377396d7d30b2898897c8fba_amd64",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/search-collector-rhel9@sha256:f908a57c2bfe78911889102abb61377d5170590689930d74b8d6a9fa7bc66848_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/search-collector-rhel9@sha256:f908a57c2bfe78911889102abb61377d5170590689930d74b8d6a9fa7bc66848_ppc64le"
},
"product_reference": "rhacm2/search-collector-rhel9@sha256:f908a57c2bfe78911889102abb61377d5170590689930d74b8d6a9fa7bc66848_ppc64le",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/search-collector-rhel9@sha256:fe20c8e6fbf707c0467a4876405f2f8b395ac24ca554bd052f7f55da2df6371f_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/search-collector-rhel9@sha256:fe20c8e6fbf707c0467a4876405f2f8b395ac24ca554bd052f7f55da2df6371f_arm64"
},
"product_reference": "rhacm2/search-collector-rhel9@sha256:fe20c8e6fbf707c0467a4876405f2f8b395ac24ca554bd052f7f55da2df6371f_arm64",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-addon-rhel9@sha256:1d74ed10635e7021129e60caa3358581d61c4bd93cebed86f79d5fdba100b10f_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/submariner-addon-rhel9@sha256:1d74ed10635e7021129e60caa3358581d61c4bd93cebed86f79d5fdba100b10f_ppc64le"
},
"product_reference": "rhacm2/submariner-addon-rhel9@sha256:1d74ed10635e7021129e60caa3358581d61c4bd93cebed86f79d5fdba100b10f_ppc64le",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-addon-rhel9@sha256:92584807362684f692fc991f06ffecf241ee6494d4b37c584d74527214b33acb_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/submariner-addon-rhel9@sha256:92584807362684f692fc991f06ffecf241ee6494d4b37c584d74527214b33acb_s390x"
},
"product_reference": "rhacm2/submariner-addon-rhel9@sha256:92584807362684f692fc991f06ffecf241ee6494d4b37c584d74527214b33acb_s390x",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-addon-rhel9@sha256:9a6b6d7ed493c6c8c9962485404f551974cece1b59e7197f9ed6fce120ca7d0d_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/submariner-addon-rhel9@sha256:9a6b6d7ed493c6c8c9962485404f551974cece1b59e7197f9ed6fce120ca7d0d_arm64"
},
"product_reference": "rhacm2/submariner-addon-rhel9@sha256:9a6b6d7ed493c6c8c9962485404f551974cece1b59e7197f9ed6fce120ca7d0d_arm64",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-addon-rhel9@sha256:e8eb481c682682ea78d5f7d5793f63e427fcffc867db012f327b5469c524535c_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/submariner-addon-rhel9@sha256:e8eb481c682682ea78d5f7d5793f63e427fcffc867db012f327b5469c524535c_amd64"
},
"product_reference": "rhacm2/submariner-addon-rhel9@sha256:e8eb481c682682ea78d5f7d5793f63e427fcffc867db012f327b5469c524535c_amd64",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/thanos-receive-controller-rhel9@sha256:09b931bd7405cc8733625884f61ccaa92b40b48d9068d78f552a6c9383cb02e9_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/thanos-receive-controller-rhel9@sha256:09b931bd7405cc8733625884f61ccaa92b40b48d9068d78f552a6c9383cb02e9_amd64"
},
"product_reference": "rhacm2/thanos-receive-controller-rhel9@sha256:09b931bd7405cc8733625884f61ccaa92b40b48d9068d78f552a6c9383cb02e9_amd64",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/thanos-receive-controller-rhel9@sha256:64aebcc4f88c096cb93faa8fab067308442fd49c07e55fcb55283ef86643f642_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/thanos-receive-controller-rhel9@sha256:64aebcc4f88c096cb93faa8fab067308442fd49c07e55fcb55283ef86643f642_s390x"
},
"product_reference": "rhacm2/thanos-receive-controller-rhel9@sha256:64aebcc4f88c096cb93faa8fab067308442fd49c07e55fcb55283ef86643f642_s390x",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/thanos-receive-controller-rhel9@sha256:91f186246d963c2978023489ed7cd58dec2f57641fd2a2a0c16d2caa5377147c_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/thanos-receive-controller-rhel9@sha256:91f186246d963c2978023489ed7cd58dec2f57641fd2a2a0c16d2caa5377147c_arm64"
},
"product_reference": "rhacm2/thanos-receive-controller-rhel9@sha256:91f186246d963c2978023489ed7cd58dec2f57641fd2a2a0c16d2caa5377147c_arm64",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/thanos-receive-controller-rhel9@sha256:d391d522c2006e634df69f28eacd1f6cfba7b1ac4ec27ea97c307f4da5213954_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/thanos-receive-controller-rhel9@sha256:d391d522c2006e634df69f28eacd1f6cfba7b1ac4ec27ea97c307f4da5213954_ppc64le"
},
"product_reference": "rhacm2/thanos-receive-controller-rhel9@sha256:d391d522c2006e634df69f28eacd1f6cfba7b1ac4ec27ea97c307f4da5213954_ppc64le",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/thanos-rhel9@sha256:9c82d36f3a942088a6612e6e1d5d7f3413006b2f5df41758c0072ee8d68b3801_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/thanos-rhel9@sha256:9c82d36f3a942088a6612e6e1d5d7f3413006b2f5df41758c0072ee8d68b3801_ppc64le"
},
"product_reference": "rhacm2/thanos-rhel9@sha256:9c82d36f3a942088a6612e6e1d5d7f3413006b2f5df41758c0072ee8d68b3801_ppc64le",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/thanos-rhel9@sha256:c431d914ecca6080a1ce9ee7fb15019ca5f5b5cb7083fa739ce14b9f8afd570e_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/thanos-rhel9@sha256:c431d914ecca6080a1ce9ee7fb15019ca5f5b5cb7083fa739ce14b9f8afd570e_amd64"
},
"product_reference": "rhacm2/thanos-rhel9@sha256:c431d914ecca6080a1ce9ee7fb15019ca5f5b5cb7083fa739ce14b9f8afd570e_amd64",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/thanos-rhel9@sha256:e8e6c42e37b2c0ba6456d48afa747f3c6f167cbcf4523d5ad751351a932deefc_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/thanos-rhel9@sha256:e8e6c42e37b2c0ba6456d48afa747f3c6f167cbcf4523d5ad751351a932deefc_arm64"
},
"product_reference": "rhacm2/thanos-rhel9@sha256:e8e6c42e37b2c0ba6456d48afa747f3c6f167cbcf4523d5ad751351a932deefc_arm64",
"relates_to_product_reference": "9Base-RHACM-2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/thanos-rhel9@sha256:f7dc5a2e9c41416badca921ef6a4b16e9edd2aea052107d737bb3ddbc2e0242c_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9",
"product_id": "9Base-RHACM-2.10:rhacm2/thanos-rhel9@sha256:f7dc5a2e9c41416badca921ef6a4b16e9edd2aea052107d737bb3ddbc2e0242c_s390x"
},
"product_reference": "rhacm2/thanos-rhel9@sha256:f7dc5a2e9c41416badca921ef6a4b16e9edd2aea052107d737bb3ddbc2e0242c_s390x",
"relates_to_product_reference": "9Base-RHACM-2.10"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Bartek Nowotarski"
],
"organization": "nowotarski.info"
}
],
"cve": "CVE-2023-45288",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-03-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHACM-2.10:rhacm2/acm-governance-policy-addon-controller-rhel9@sha256:65d709ef780d8d867c145b1ddf8e7031bd8e710972b21ed2d7b9d9ede0bfdb43_s390x",
"9Base-RHACM-2.10:rhacm2/acm-governance-policy-addon-controller-rhel9@sha256:87988ad277b62bbcc061dbe4242bfc2edcc21dc98c4c7c66385131c0425b0fa7_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-governance-policy-addon-controller-rhel9@sha256:9af1cb9605a8fdf7212a079ed8fa51b110b367c705a51651ba3933e936519e7f_arm64",
"9Base-RHACM-2.10:rhacm2/acm-governance-policy-addon-controller-rhel9@sha256:c6e3728b6687b8c83a11c326e4fd098ceef3f501725efbdfcb0ded0645a1473e_amd64",
"9Base-RHACM-2.10:rhacm2/acm-governance-policy-framework-addon-rhel9@sha256:3101f1389311c0006c0fb9953c44d5fff9e968597952103a5a873a7a4c4707da_amd64",
"9Base-RHACM-2.10:rhacm2/acm-governance-policy-framework-addon-rhel9@sha256:4536de55598f032ad91056c779ec2faea5c28de557a730d50cb2b2aba9b3bf00_s390x",
"9Base-RHACM-2.10:rhacm2/acm-governance-policy-framework-addon-rhel9@sha256:587fc80d3d6e3f2295272934fb39cfa3b96f5a2652a533b6b01cc6b04d10cb66_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-governance-policy-framework-addon-rhel9@sha256:63246c061e7960a656cb66c8ccca2b7bed943c9a1fe96a28f9cd99829608cda5_arm64",
"9Base-RHACM-2.10:rhacm2/acm-grafana-rhel9@sha256:1cd1c6a91611569a855444430c527a8bebbe113f77dd47dcfc2b8305c3a26a13_s390x",
"9Base-RHACM-2.10:rhacm2/acm-grafana-rhel9@sha256:3a59dd5e30b37f1e1feffba959d88d3aab37701500203afb71b2d38958236b85_amd64",
"9Base-RHACM-2.10:rhacm2/acm-grafana-rhel9@sha256:b488d250bc1c82f3f7e26a1bc741dee02e57b3e3d40cf2965e541d2c5727ec65_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-grafana-rhel9@sha256:df4024e8506d0926ad81943684532dd9e4054f26d23da6e329f593239b5a1513_arm64",
"9Base-RHACM-2.10:rhacm2/acm-must-gather-rhel9@sha256:66bca60baa85bc23963b5955fe57e8b7b7038c1088e2ce60f1fedc1a41d944dc_arm64",
"9Base-RHACM-2.10:rhacm2/acm-must-gather-rhel9@sha256:92d087992acf383c2f06ed92996049c412fc1fef76be10fc40eb6ba2e4b2f9be_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-must-gather-rhel9@sha256:bfc79c952b6f62658ef36373af72e6213de78ba1c3a18f018add4295d8ae72f8_s390x",
"9Base-RHACM-2.10:rhacm2/acm-must-gather-rhel9@sha256:fb9fa96ebaba320dd723e7d5727b20c63f66aa6c39f460a6270c572354123fd9_amd64",
"9Base-RHACM-2.10:rhacm2/acm-operator-bundle@sha256:190d00bcb1bdbf289cc4ae87f738aeabe04470194e51870c572876e4c118d712_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-operator-bundle@sha256:304e9a12e0c7b7be0444efd26764d32818fc3ad1ad936b565232f5f82a5f72fe_amd64",
"9Base-RHACM-2.10:rhacm2/acm-operator-bundle@sha256:cc65cb3804a7e6150028a6f1c60fcbdb78c42689769ff9378922491481947aed_s390x",
"9Base-RHACM-2.10:rhacm2/acm-prometheus-config-reloader-rhel9@sha256:0b885dfd28d82220fdb03b7bca0e1ed2fc941bc712e536af71e4e11ee9defee4_amd64",
"9Base-RHACM-2.10:rhacm2/acm-prometheus-config-reloader-rhel9@sha256:53cd755cea5a527c089321e5571c14ad0fd5d55b16e7c2acddc2a7c9670cffd2_arm64",
"9Base-RHACM-2.10:rhacm2/acm-prometheus-config-reloader-rhel9@sha256:8f18c68e47b66926d14795818f3a1dc21ffdcbcf1a220c7518194416602b19ac_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-prometheus-config-reloader-rhel9@sha256:be5be2fe888521fd8ac6d7ebca3cf127724128eb6ff4e11f90d61a4af60f1bee_s390x",
"9Base-RHACM-2.10:rhacm2/acm-prometheus-rhel9@sha256:8da9c5a18b42861d11e3df3f37b5f47b810af1b25beec208ce75b6f69d913ecd_s390x",
"9Base-RHACM-2.10:rhacm2/acm-prometheus-rhel9@sha256:91ec246784f1e7cdd0c20ab36ea09f13e553c043851699dae6191ea1ce101a61_arm64",
"9Base-RHACM-2.10:rhacm2/acm-prometheus-rhel9@sha256:969cc23c2f503797d491c797220e09b1682887742f669d338a5fd3613908148d_amd64",
"9Base-RHACM-2.10:rhacm2/acm-prometheus-rhel9@sha256:a1b920873dbb0984f41a8b49a4e0263c9756d909391601290b8a67278596327b_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-search-indexer-rhel9@sha256:21476ec5340f5e98451f83d7d455f86e8368ed4c882f564cf80b234dc2ceae1a_amd64",
"9Base-RHACM-2.10:rhacm2/acm-search-indexer-rhel9@sha256:47083a8e2f6234e7e3743c2f7d5cc433ad76a46a609f65640e047bfa9557082c_s390x",
"9Base-RHACM-2.10:rhacm2/acm-search-indexer-rhel9@sha256:95c15180b6b25c453b8aa81c42b106d6e9fb1d832761a3b2b06922c0ceee4d7b_arm64",
"9Base-RHACM-2.10:rhacm2/acm-search-indexer-rhel9@sha256:9ba73ef3b2447b16aab7503bce4e480441b272e997dab87ee9cc4b0f1ac040ba_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-search-v2-api-rhel9@sha256:1891db398d822cb0c424245928033240dfdcfd35d21ab052379d432423a6e038_s390x",
"9Base-RHACM-2.10:rhacm2/acm-search-v2-api-rhel9@sha256:247e052a3b5bc9708f1c0953f09c942414852f2109a9694af864375032072ae2_arm64",
"9Base-RHACM-2.10:rhacm2/acm-search-v2-api-rhel9@sha256:51a415f07cfadd9ae5b4b29cb3247b5085bb18edad8df566c47dc7e89ef0939e_amd64",
"9Base-RHACM-2.10:rhacm2/acm-search-v2-api-rhel9@sha256:756982578354d8a66399f2464602458f80bd398e46656a3d86c9303fa2068900_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-search-v2-rhel9@sha256:329f59a93ce1e2aab017a924db00b6aaca4c8ee40b5d5c2358af11af2e5319bd_s390x",
"9Base-RHACM-2.10:rhacm2/acm-search-v2-rhel9@sha256:9e2aa6686deee7b78bda5dcb08dad31c87a9653e48788df4e8bb39d4965c9101_arm64",
"9Base-RHACM-2.10:rhacm2/acm-search-v2-rhel9@sha256:e995897416f24436e6bef220bd4d5b3ba8fbd26c97fbd5e250391a3aef14bce5_amd64",
"9Base-RHACM-2.10:rhacm2/acm-search-v2-rhel9@sha256:f45417abdf399566fa98b0686ab4b2b55d776b6dfa67b7b7c24565b084c39165_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-volsync-addon-controller-rhel9@sha256:055c5ab4b2045571efe53bbd4ca54ba8a17a2cf590dad70c65667ed6b11ca86a_arm64",
"9Base-RHACM-2.10:rhacm2/acm-volsync-addon-controller-rhel9@sha256:60070927868e0538d31090138892fe64445321098b3874880fd21e7dcc1ffae7_amd64",
"9Base-RHACM-2.10:rhacm2/acm-volsync-addon-controller-rhel9@sha256:cc991f8f8af9337ab908f6564b4b77daef5893dc2759ff483142ef659a6a4b30_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-volsync-addon-controller-rhel9@sha256:faee49ca0c46781594189977f3ab5805060cd0a95e47ba575ec05bb549e21a69_s390x",
"9Base-RHACM-2.10:rhacm2/cert-policy-controller-rhel9@sha256:081c86b4c25876ac0734a0caff771a30b848530f1e89f9e0d3ee3f743f579e9c_s390x",
"9Base-RHACM-2.10:rhacm2/cert-policy-controller-rhel9@sha256:318f11ebe87bc1feced78f9d2ae66856884606c721e15d2d05045562d248ac3f_arm64",
"9Base-RHACM-2.10:rhacm2/cert-policy-controller-rhel9@sha256:5daaad58a8979d386830224e133a3bbc713b63039a99eda9a69487b999e71965_amd64",
"9Base-RHACM-2.10:rhacm2/cert-policy-controller-rhel9@sha256:bffedd5eb97a49dd210b51423ba8938684be1cb41dd79d06b2aab94bc0bb4963_ppc64le",
"9Base-RHACM-2.10:rhacm2/cluster-backup-rhel9-operator@sha256:0d141d0fa859ae0061605f2fe13381be2b6ebd9d8c6b91ca171a8e61e52842be_ppc64le",
"9Base-RHACM-2.10:rhacm2/cluster-backup-rhel9-operator@sha256:3a8bace1bb325142a64a4432543a828050e2e87de91a08dca793534841b7b841_amd64",
"9Base-RHACM-2.10:rhacm2/cluster-backup-rhel9-operator@sha256:66f67d2d8c09634e2e5ae0be07437cb1918f6b506e35bc9b7af82f4979dfc4ed_s390x",
"9Base-RHACM-2.10:rhacm2/cluster-backup-rhel9-operator@sha256:ac726852c9aa7e54aa4d75c6c485b429f16fffbb61d2840b527c5a1cfdb5c842_arm64",
"9Base-RHACM-2.10:rhacm2/config-policy-controller-rhel9@sha256:0ef8fdea99a8fd44feff31b4883a6ecd17eeabb5e8c9ccbdbdd30c32cc2cbe64_amd64",
"9Base-RHACM-2.10:rhacm2/config-policy-controller-rhel9@sha256:b7ff6680725a8bb31edf5dc58d82ac0b9d201ba8eac4c6f2ea4c3cd35f52915a_s390x",
"9Base-RHACM-2.10:rhacm2/config-policy-controller-rhel9@sha256:d4456a33f0488db9c77d12a279500b68a41441a8ff6c8cc9723a7ccc46e90dc7_arm64",
"9Base-RHACM-2.10:rhacm2/config-policy-controller-rhel9@sha256:d6e8119559b01231206654d2a57114862c4c6b5ca604ccf7b92e53bea6e2e2c2_ppc64le",
"9Base-RHACM-2.10:rhacm2/console-rhel9@sha256:4ee3bbdcc190cd6c3e1eff8bfabe8ca3cd9e61ab5d824983a955e6d509238041_arm64",
"9Base-RHACM-2.10:rhacm2/console-rhel9@sha256:5fe6fb2bd7e31a960bc018d870af482f668ab417d601d94a5ac5981fd116a852_s390x",
"9Base-RHACM-2.10:rhacm2/console-rhel9@sha256:9005fc71b91a5d2a1fe502e90d57cea2285d1218ad6e49f4bcdd77bf560c5765_ppc64le",
"9Base-RHACM-2.10:rhacm2/console-rhel9@sha256:b3bc8c5f587da2c7ce4e25d5d2e72b08939071297cf3fdc5d51fb631d99aa168_amd64",
"9Base-RHACM-2.10:rhacm2/endpoint-monitoring-rhel9-operator@sha256:75bc23118d6e3ae1ec142a6f47a871efcd8ec5aa6da2bef7cf24e716b3b3be3c_s390x",
"9Base-RHACM-2.10:rhacm2/endpoint-monitoring-rhel9-operator@sha256:cf7be8fd6b726cb7ba8a3f57e14e20d7944245759cd6e8bd26dca4d666fb866a_arm64",
"9Base-RHACM-2.10:rhacm2/endpoint-monitoring-rhel9-operator@sha256:d8c3352fceb6a53e110f76501bb2c2f4cf7a9284f9dd30dee3fe3e015b622195_amd64",
"9Base-RHACM-2.10:rhacm2/endpoint-monitoring-rhel9-operator@sha256:e177864e6bc3b6e66f1f455229257210b77a3b7d0e18c480d252ed79f03bf67a_ppc64le",
"9Base-RHACM-2.10:rhacm2/governance-policy-propagator-rhel9@sha256:400644c05d5768fb7460bb3f8bfa880bc21e91f365130d13877f015ba2146358_amd64",
"9Base-RHACM-2.10:rhacm2/governance-policy-propagator-rhel9@sha256:46deef6c168120168168820dad57ce9b2d2641be926772eaeba2d03d3d324e2a_s390x",
"9Base-RHACM-2.10:rhacm2/governance-policy-propagator-rhel9@sha256:4e9143f58e4755b86526d113040acd0ee0069fefe9243e08c864c35d25b276e9_ppc64le",
"9Base-RHACM-2.10:rhacm2/governance-policy-propagator-rhel9@sha256:8947a68138c101fdc355b94a4deb0d02f44de025fe733e8d5fb28f5fce93b7c9_arm64",
"9Base-RHACM-2.10:rhacm2/grafana-dashboard-loader-rhel9@sha256:26a08abd967f17e23975b728768e2f561750856b0f98ff5f27506da94fa597ca_ppc64le",
"9Base-RHACM-2.10:rhacm2/grafana-dashboard-loader-rhel9@sha256:43f27505c8ac51aa659c638f96f7681d8d3029775b9153a8075fa38dd48dbc3c_arm64",
"9Base-RHACM-2.10:rhacm2/grafana-dashboard-loader-rhel9@sha256:a9afb35685e18a179269293a1998eb5c6c8c47e9247a7f3f1c27d3b1b35a83b2_amd64",
"9Base-RHACM-2.10:rhacm2/grafana-dashboard-loader-rhel9@sha256:f30433d2c90f38c86f1780bd8b74a50821837f769db589ee720e35fd79dbc23b_s390x",
"9Base-RHACM-2.10:rhacm2/iam-policy-controller-rhel9@sha256:63ca0eef9b3febe70ceea5b47a36fea7455eef69da9d1bda70d2bc9661ec2f2c_arm64",
"9Base-RHACM-2.10:rhacm2/iam-policy-controller-rhel9@sha256:ae274418f0fa055670012f2d92d63ebb175fdbd3946486312007bc2b0a915541_ppc64le",
"9Base-RHACM-2.10:rhacm2/iam-policy-controller-rhel9@sha256:c1d7619138ab3717e6f6a49ac76f95ff041a022746891057d6e4e163114fb864_amd64",
"9Base-RHACM-2.10:rhacm2/iam-policy-controller-rhel9@sha256:f62a79f1f02af4be1424b74071e6d701e5c514e27019e69ee98cbed10b602f3d_s390x",
"9Base-RHACM-2.10:rhacm2/insights-client-rhel9@sha256:0ff4ca5a9703ec58d70178152b5dbbb3aaffa5fce80153eda12f727f7c3e0b6f_ppc64le",
"9Base-RHACM-2.10:rhacm2/insights-client-rhel9@sha256:70833a6ef9ebc1b50e914744e0f7c36c259bb7889c7ff8085cb8470826ac803e_s390x",
"9Base-RHACM-2.10:rhacm2/insights-client-rhel9@sha256:cdf079542b23633884a52daa02d4b9182aaf7454e769186de4f495467686653d_arm64",
"9Base-RHACM-2.10:rhacm2/insights-client-rhel9@sha256:f62d6a262c044a7883f34563e3e1909761ca0bd44e4d5f8a0e564db8b630068b_amd64",
"9Base-RHACM-2.10:rhacm2/insights-metrics-rhel9@sha256:16862c34efb507d44455ed78cde51a1f57969cc69f4beec70ecb697b8ea406dc_amd64",
"9Base-RHACM-2.10:rhacm2/insights-metrics-rhel9@sha256:2f7c346cb847e2928715bd4b64a34531b82d0130a89a08f19c3026db5d89c5a1_ppc64le",
"9Base-RHACM-2.10:rhacm2/insights-metrics-rhel9@sha256:44f56f7a1ac2720ce815ea7aa824ea37a0bdcf63c637941ca84328578a735142_arm64",
"9Base-RHACM-2.10:rhacm2/insights-metrics-rhel9@sha256:e2a9110af4d9bac9fd97b8f5981230c495506d50db571eccae9e16e361abfdd7_s390x",
"9Base-RHACM-2.10:rhacm2/klusterlet-addon-controller-rhel9@sha256:693af28fa3e5f1aee61695e891fdd33a49b5280e4a555f84b838ca8e829d0999_ppc64le",
"9Base-RHACM-2.10:rhacm2/klusterlet-addon-controller-rhel9@sha256:7ac958c32070e6282a8cbe262810c58a81e6e331bf59877cd67758ab6feb8ada_amd64",
"9Base-RHACM-2.10:rhacm2/klusterlet-addon-controller-rhel9@sha256:8528a204787ecde3925c9c3ef31e225f59c5b4b3a21bd314541fe06dd4c1aa73_s390x",
"9Base-RHACM-2.10:rhacm2/klusterlet-addon-controller-rhel9@sha256:cf0bf12f03bd0a4a09188d1f5b4820aa6e7f6e4a1fb1bc2c45559553907c6eae_arm64",
"9Base-RHACM-2.10:rhacm2/kube-rbac-proxy-rhel9@sha256:1d75e8e70fc3f3943841bd34f79e5762705b0d23460064c6adcdd0fc6b39005a_amd64",
"9Base-RHACM-2.10:rhacm2/kube-rbac-proxy-rhel9@sha256:355905503e1321fc2fd75b12bab33b2cb75cbfcc0d0e7e70400790da081abfd9_arm64",
"9Base-RHACM-2.10:rhacm2/kube-rbac-proxy-rhel9@sha256:42da847ca7b39914df099381ac807d8ab619774388c1a47e0d71020fbce998ae_s390x",
"9Base-RHACM-2.10:rhacm2/kube-rbac-proxy-rhel9@sha256:5e416f1249a77845f81c9cf1a1dfae74feca41afd6dd35e7be55a0fa61632c00_ppc64le",
"9Base-RHACM-2.10:rhacm2/kube-state-metrics-rhel9@sha256:715f6b9c01400a153157de08bf2a6b04ea54478ee2c18d7871b65c865d6902d2_s390x",
"9Base-RHACM-2.10:rhacm2/kube-state-metrics-rhel9@sha256:72f6c545d46d1cc6f3fb1b9cd6840f0496056d410c8ade62dd35d99dfdd60737_arm64",
"9Base-RHACM-2.10:rhacm2/kube-state-metrics-rhel9@sha256:88982e268e1a3d0c52c72563a684b58042adb0800ebd1e80208b898eebe75cd6_ppc64le",
"9Base-RHACM-2.10:rhacm2/kube-state-metrics-rhel9@sha256:9f2ac058e15d5653e8bced975955e26e51a88d36a1d5896305b6f5060afee43a_amd64",
"9Base-RHACM-2.10:rhacm2/memcached-exporter-rhel9@sha256:1304f49745ed8a18784196b5595cea1ec6caf904d0e61d0952a603e6fb7da6e0_ppc64le",
"9Base-RHACM-2.10:rhacm2/memcached-exporter-rhel9@sha256:36529c281273e5346ef5cce6a55e47c27fdaf2507a6f7971576b738b1c543258_arm64",
"9Base-RHACM-2.10:rhacm2/memcached-exporter-rhel9@sha256:c5275f61fd2e84deaab7e789a7ffefdbe235866a8439d3d2534e4b26998372d6_s390x",
"9Base-RHACM-2.10:rhacm2/memcached-exporter-rhel9@sha256:f9f5ca67f62d6218b90b863b4fe63aa95aef755e5cbae5a83896f74a0039b7ab_amd64",
"9Base-RHACM-2.10:rhacm2/memcached-rhel9@sha256:2c4437598be87fc5f3f6639e728279d8ba21cf49061be78e3a4fbacc989997b4_amd64",
"9Base-RHACM-2.10:rhacm2/memcached-rhel9@sha256:2fb75dce1567e21a9f1361ec3ac54a4d5a2252f03aa64b6cdf4d1cd02a58d04c_s390x",
"9Base-RHACM-2.10:rhacm2/memcached-rhel9@sha256:4af229aca50a46ec9f190fbeef603f1259223f81f5307f46de17ad8b8c9760e1_arm64",
"9Base-RHACM-2.10:rhacm2/memcached-rhel9@sha256:e871cb2e5d235ae74a998356748299daace42d47a92e1da57a2773eae87625a6_ppc64le",
"9Base-RHACM-2.10:rhacm2/metrics-collector-rhel9@sha256:20ac5c57af957e7126221f4089bb816b948aa624788da9298b4f476ecc668293_amd64",
"9Base-RHACM-2.10:rhacm2/metrics-collector-rhel9@sha256:54665ca7529012a3a63c7dcc263a2e46964a0ee4ba43f19a2a3f05dcdfd5ae0f_ppc64le",
"9Base-RHACM-2.10:rhacm2/metrics-collector-rhel9@sha256:84543f21ccfe36960fce099930132e7042e505ba635c45a28a902ed2b2401d55_s390x",
"9Base-RHACM-2.10:rhacm2/metrics-collector-rhel9@sha256:eb32f5c275247babd03ec16b0978aced10a9b9da07a84f5af6be4d7c3852a6b7_arm64",
"9Base-RHACM-2.10:rhacm2/multicloud-integrations-rhel9@sha256:0529a11c8935d5b9fa2a3f29801749b09861076c0c2040612271f0bbafb5fbab_s390x",
"9Base-RHACM-2.10:rhacm2/multicloud-integrations-rhel9@sha256:2b7557d262cd8eacc45178dcca3dae642b1bb33fbfccdf6a3b63abb7e1a39d53_amd64",
"9Base-RHACM-2.10:rhacm2/multicloud-integrations-rhel9@sha256:606ea20603d86412a34478a3db9c17737cca2b04c26bcab175279028c822e492_arm64",
"9Base-RHACM-2.10:rhacm2/multicloud-integrations-rhel9@sha256:d3958606b5001619aa3044617ccb4fe265764d7dad05b0a6bf5b4910bd5d0ba7_ppc64le",
"9Base-RHACM-2.10:rhacm2/multicluster-observability-rhel9-operator@sha256:9b855d7e4cf6fe3c4da92d84a51adc63aea5f144bce38dbb9c4ab3d01370c296_amd64",
"9Base-RHACM-2.10:rhacm2/multicluster-observability-rhel9-operator@sha256:a9eb1e576d4eb5c7e9131803042b7d8529dab369595d0adc22623e24b67832d9_s390x",
"9Base-RHACM-2.10:rhacm2/multicluster-observability-rhel9-operator@sha256:ab73f96720c106dcb2ea64f8b7ac13ad866533d993c43cb7c6dbbf08ba4977dd_ppc64le",
"9Base-RHACM-2.10:rhacm2/multicluster-observability-rhel9-operator@sha256:f296c72dd6842481dad78536117aec3ff14d19be736e5679101bbfc92b87809b_arm64",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-application-rhel9@sha256:184f6068b077070b90ede3a2f4e81be398fd2841f042fc6f2f114fdfd4f1095b_arm64",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-application-rhel9@sha256:2a272685b487a747827220d16bc5aaff65c436d5c312b081d9fffd9ef4a8a0f9_amd64",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-application-rhel9@sha256:635c1cf425b8744a421c649bd809a59df6dc6cdeaa9da2a369706e522a3a0fab_ppc64le",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-application-rhel9@sha256:e15bedc9ce45cc025b6ab6c27d5b7eb95f6e750791ff0dae228a71eaeae1cace_s390x",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-channel-rhel9@sha256:2399cfe0b3b626be2acd289d8880b9913d73093220b3e4062bb7cddb2628640a_amd64",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-channel-rhel9@sha256:37f84cbbee522859c6f46e49179ab0b1e1fef118aac6741d18675b36e31972dd_s390x",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-channel-rhel9@sha256:43c086e0f17783322c26ba577db2c7c8fd43176a7ac14e45a40c3db0b91a6d1e_ppc64le",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-channel-rhel9@sha256:773c32065f60e4a2e626e17744d0a2cfc4049325f6664f899d8da949dc3fa4a6_arm64",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-subscription-rhel9@sha256:08aacdc6cad3ba5743a5d65c1bff5b3e41e44269765b94f45673a8e648f60584_amd64",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-subscription-rhel9@sha256:7eda39d696e452ec7e9da1473807e3134f149ed28d0ec873cf489451fbb007e0_arm64",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-subscription-rhel9@sha256:a791398b5dd73f447d22f260eaf209f782c9663e81c81529eb4b3018183f9deb_ppc64le",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-subscription-rhel9@sha256:b88262afe6149a741a566054ecc16400bc7335a443219d3ddbcb1ba7c939a38b_s390x",
"9Base-RHACM-2.10:rhacm2/multiclusterhub-rhel9@sha256:5de91afd73b5a86865954ab3f6587f382f53e0856422ed975d9aa867bd0ffbf9_arm64",
"9Base-RHACM-2.10:rhacm2/multiclusterhub-rhel9@sha256:97932a785e8601b170a7c6fd42b1e6a18203b958ccbb712352c2817b8103d9b5_s390x",
"9Base-RHACM-2.10:rhacm2/multiclusterhub-rhel9@sha256:b30d5d981e1522751e4434b1c107e5cefb6c8c22ea16915f35948c11f9aa0579_ppc64le",
"9Base-RHACM-2.10:rhacm2/multiclusterhub-rhel9@sha256:c5e3898dd435f49636834ce14b3188f7163167cdb538d85812393cf450d49157_amd64",
"9Base-RHACM-2.10:rhacm2/node-exporter-rhel9@sha256:8bb239eafceaa18a786b78f7bf54c7063d80bce60567d10d81c5a4282b2884b4_s390x",
"9Base-RHACM-2.10:rhacm2/node-exporter-rhel9@sha256:9611a92119f19e11c29e9e93b9c714499e60d06712da97d9fa77ed0fd0d4d33b_arm64",
"9Base-RHACM-2.10:rhacm2/node-exporter-rhel9@sha256:d147abba6fa66eb914005d4cd62302c527cbfc0083be386275c5c782b90c3c1c_amd64",
"9Base-RHACM-2.10:rhacm2/node-exporter-rhel9@sha256:f9a4446156fd21112854846849c68952e4c336e5782d6aeb3c49bddd3408d388_ppc64le",
"9Base-RHACM-2.10:rhacm2/observatorium-rhel9-operator@sha256:414b191a314b0695aede28ac7229a064833d798e94d5b92a434e2eb3650983b6_arm64",
"9Base-RHACM-2.10:rhacm2/observatorium-rhel9-operator@sha256:9e2d97d0116349c1f1e1d815a6d8822c9f5331acdb81e878c0cb0e86149167ef_ppc64le",
"9Base-RHACM-2.10:rhacm2/observatorium-rhel9-operator@sha256:e2dabaf7c375e039797330bb33e03c993356dc5a37949f84a89c3e4f40ff0023_amd64",
"9Base-RHACM-2.10:rhacm2/observatorium-rhel9-operator@sha256:ecda2be3377f15a09c6971b1a689bb9eb917909d55f54c996d54a972aece7432_s390x",
"9Base-RHACM-2.10:rhacm2/observatorium-rhel9@sha256:10ee1d5c854a7daf0d33f1dc16529a7e1a3cb67fab5a626f8a42da705186265e_arm64",
"9Base-RHACM-2.10:rhacm2/observatorium-rhel9@sha256:1eb9b98d7f3c878e09b45aad2a64780e46026c55d6f70a64d66e255ec13ce9fb_s390x",
"9Base-RHACM-2.10:rhacm2/observatorium-rhel9@sha256:25ee9231e17b71c83f12a9ce5d94629b2fd8ad3c64b61de9f03b057584f84804_ppc64le",
"9Base-RHACM-2.10:rhacm2/observatorium-rhel9@sha256:7812638565dff9368b4db0ed9aecb86c544d0b6caa773994c5c830e800060e22_amd64",
"9Base-RHACM-2.10:rhacm2/prometheus-alertmanager-rhel9@sha256:0a4ecc2af398e1a771540af4f062abfc0f47bfae9ba3a2fcb6a6c66940385d42_ppc64le",
"9Base-RHACM-2.10:rhacm2/prometheus-alertmanager-rhel9@sha256:0e7e5cfd6a953e092eb3ae72b236741f73432f8d262ace74caa2acf8c5fe3863_amd64",
"9Base-RHACM-2.10:rhacm2/prometheus-alertmanager-rhel9@sha256:25abc3028c69dedee05220fa4f0f32b7accc33ef519f46b23860612307db2181_arm64",
"9Base-RHACM-2.10:rhacm2/prometheus-alertmanager-rhel9@sha256:88383e94dcec26826df02cdebc9e7cc764e92b2ce71300c31a46f20ce92135c0_s390x",
"9Base-RHACM-2.10:rhacm2/prometheus-rhel9@sha256:556c5d133dd996b86dceb03158d4d463ccdbbf29cc9ca05ff1e3915a48cd8c47_s390x",
"9Base-RHACM-2.10:rhacm2/prometheus-rhel9@sha256:98af2a53f9c59b0bdd6ee9c8f27eb00f65a870ee64ba8d503083a9a0d3aa2ec6_arm64",
"9Base-RHACM-2.10:rhacm2/prometheus-rhel9@sha256:99e749f7d98203070348c652f6df158c9207801d86439ddde08bcae16e813ea5_ppc64le",
"9Base-RHACM-2.10:rhacm2/prometheus-rhel9@sha256:c1c2a5bc8d471fb7cbbf31c0e5513bf2630efbd1a5bbb458dc0c98b3ee608636_amd64",
"9Base-RHACM-2.10:rhacm2/rbac-query-proxy-rhel9@sha256:5f70872d294b5f10393fa7c6a6ffd81a6a509ea7589753d29ad49118a87fb2df_s390x",
"9Base-RHACM-2.10:rhacm2/rbac-query-proxy-rhel9@sha256:a061734a251e62cd31792ec9065f6a346de672f72e32965954811faf11f86d62_amd64",
"9Base-RHACM-2.10:rhacm2/rbac-query-proxy-rhel9@sha256:e325c611a68e60d204018b8aac765bb58e135b44735bbc14069c5cbf49828ada_ppc64le",
"9Base-RHACM-2.10:rhacm2/rbac-query-proxy-rhel9@sha256:fe807380c43daaae2ca277ef4a6b6bace7842087112f7d242773a073797c908e_arm64",
"9Base-RHACM-2.10:rhacm2/search-collector-rhel9@sha256:2092c265f1dea3dc553c370c3b07c92e4cb8523ccc58d46af4a517165e9b7bc4_s390x",
"9Base-RHACM-2.10:rhacm2/search-collector-rhel9@sha256:557e431af519bf544102927491fffbdd4091a5a9377396d7d30b2898897c8fba_amd64",
"9Base-RHACM-2.10:rhacm2/search-collector-rhel9@sha256:f908a57c2bfe78911889102abb61377d5170590689930d74b8d6a9fa7bc66848_ppc64le",
"9Base-RHACM-2.10:rhacm2/search-collector-rhel9@sha256:fe20c8e6fbf707c0467a4876405f2f8b395ac24ca554bd052f7f55da2df6371f_arm64",
"9Base-RHACM-2.10:rhacm2/submariner-addon-rhel9@sha256:1d74ed10635e7021129e60caa3358581d61c4bd93cebed86f79d5fdba100b10f_ppc64le",
"9Base-RHACM-2.10:rhacm2/submariner-addon-rhel9@sha256:92584807362684f692fc991f06ffecf241ee6494d4b37c584d74527214b33acb_s390x",
"9Base-RHACM-2.10:rhacm2/submariner-addon-rhel9@sha256:9a6b6d7ed493c6c8c9962485404f551974cece1b59e7197f9ed6fce120ca7d0d_arm64",
"9Base-RHACM-2.10:rhacm2/submariner-addon-rhel9@sha256:e8eb481c682682ea78d5f7d5793f63e427fcffc867db012f327b5469c524535c_amd64",
"9Base-RHACM-2.10:rhacm2/thanos-receive-controller-rhel9@sha256:09b931bd7405cc8733625884f61ccaa92b40b48d9068d78f552a6c9383cb02e9_amd64",
"9Base-RHACM-2.10:rhacm2/thanos-receive-controller-rhel9@sha256:64aebcc4f88c096cb93faa8fab067308442fd49c07e55fcb55283ef86643f642_s390x",
"9Base-RHACM-2.10:rhacm2/thanos-receive-controller-rhel9@sha256:91f186246d963c2978023489ed7cd58dec2f57641fd2a2a0c16d2caa5377147c_arm64",
"9Base-RHACM-2.10:rhacm2/thanos-receive-controller-rhel9@sha256:d391d522c2006e634df69f28eacd1f6cfba7b1ac4ec27ea97c307f4da5213954_ppc64le",
"9Base-RHACM-2.10:rhacm2/thanos-rhel9@sha256:9c82d36f3a942088a6612e6e1d5d7f3413006b2f5df41758c0072ee8d68b3801_ppc64le",
"9Base-RHACM-2.10:rhacm2/thanos-rhel9@sha256:c431d914ecca6080a1ce9ee7fb15019ca5f5b5cb7083fa739ce14b9f8afd570e_amd64",
"9Base-RHACM-2.10:rhacm2/thanos-rhel9@sha256:e8e6c42e37b2c0ba6456d48afa747f3c6f167cbcf4523d5ad751351a932deefc_arm64",
"9Base-RHACM-2.10:rhacm2/thanos-rhel9@sha256:f7dc5a2e9c41416badca921ef6a4b16e9edd2aea052107d737bb3ddbc2e0242c_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2268273"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered with the implementation of the HTTP/2 protocol in the Go programming language. There were insufficient limitations on the amount of CONTINUATION frames sent within a single stream. An attacker could potentially exploit this to cause a Denial of Service (DoS) attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat rates the security impact of this vulnerability as Important due to the worst case scenario resulting in a denial of service. It is simple to exploit, could significantly impact availability, and there is not a suitable mitigation for all use cases. Once an attack has ended, the system should return to normal operations on its own.\n\nThis vulnerability only impacts servers which have HTTP/2 enabled. It stems from an imperfect definition of the protocol. As the Go programming language is widely utilized across nearly every major Red Hat offering, a full listing of impacted packages will not be provided. Therefore, the \u201cAffected Packages and Issued Red Hat Security Errata\u201d section contains a simplified list of what offerings need to remediate this vulnerability. Every impacted offering has at least one representative component listed, but potentially not all of them. Rest assured that Red Hat is committed to remediating this vulnerability across our entire portfolio.\n\nMany components are rated as Low impact due to configurations which reduce the attack surface or significantly increase the difficulty of exploitation. A summary of these scenarios are:\n* The container includes a package that provides a vulnerable webserver, but it is not used or running during operation\n* HTTP/2 is disabled by default and is not supported\n* Only a client implementation is provided, which is not vulnerable\n* A vulnerable module (either golang.org/net/http or golang.org/x/net/http2) is included, but disabled\n* Access to a vulnerable server is restricted within the container (loopback only connections)\n* Golang is available in the container but is not used\n\n\nWithin the Red Hat OpenShift Container Platform, the majority of vulnerable components are not externally accessible. This means an attacker must already have access to a container within your environment to exploit this vulnerability. However, the ose-hyperkube (openshift-enterprise-hyperkube) container is externally accessible, so there are less barriers to exploitation. Fixes for this specific container are already available.\n\nWithin Red Hat Ansible Automation Platform, the impacted component is Receptor. The impact has been reduced to Low as the vulnerable code is present, but not utilized. There are three potential exposures within this component:\n* Receptor utilizes QUIC a UDP based protocol which does not run over HTTP/2\n* Receptor utilizes the x/net/ipv4 and ipv6 packages, both of which are not affected",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHACM-2.10:rhacm2/acm-cluster-permission-rhel9@sha256:b9ef8ca2a002c616c6644cf16b80d5901d7b46034dc7e57ec1dd1d260cf0e32b_s390x",
"9Base-RHACM-2.10:rhacm2/acm-cluster-permission-rhel9@sha256:bd41dedb13ae9360d2e856ec6d52ea35b726425a65e92a00cd6037344ae5780e_amd64",
"9Base-RHACM-2.10:rhacm2/acm-cluster-permission-rhel9@sha256:dac35e93ff173bd30fefbdec8676fb605e28368aec3eccc4ac603f16eadcf31d_arm64",
"9Base-RHACM-2.10:rhacm2/acm-cluster-permission-rhel9@sha256:e8c9920427522b7ef645422b85ff1585e65b9d659c792e57201dfc06d6a13ffa_ppc64le"
],
"known_not_affected": [
"9Base-RHACM-2.10:rhacm2/acm-governance-policy-addon-controller-rhel9@sha256:65d709ef780d8d867c145b1ddf8e7031bd8e710972b21ed2d7b9d9ede0bfdb43_s390x",
"9Base-RHACM-2.10:rhacm2/acm-governance-policy-addon-controller-rhel9@sha256:87988ad277b62bbcc061dbe4242bfc2edcc21dc98c4c7c66385131c0425b0fa7_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-governance-policy-addon-controller-rhel9@sha256:9af1cb9605a8fdf7212a079ed8fa51b110b367c705a51651ba3933e936519e7f_arm64",
"9Base-RHACM-2.10:rhacm2/acm-governance-policy-addon-controller-rhel9@sha256:c6e3728b6687b8c83a11c326e4fd098ceef3f501725efbdfcb0ded0645a1473e_amd64",
"9Base-RHACM-2.10:rhacm2/acm-governance-policy-framework-addon-rhel9@sha256:3101f1389311c0006c0fb9953c44d5fff9e968597952103a5a873a7a4c4707da_amd64",
"9Base-RHACM-2.10:rhacm2/acm-governance-policy-framework-addon-rhel9@sha256:4536de55598f032ad91056c779ec2faea5c28de557a730d50cb2b2aba9b3bf00_s390x",
"9Base-RHACM-2.10:rhacm2/acm-governance-policy-framework-addon-rhel9@sha256:587fc80d3d6e3f2295272934fb39cfa3b96f5a2652a533b6b01cc6b04d10cb66_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-governance-policy-framework-addon-rhel9@sha256:63246c061e7960a656cb66c8ccca2b7bed943c9a1fe96a28f9cd99829608cda5_arm64",
"9Base-RHACM-2.10:rhacm2/acm-grafana-rhel9@sha256:1cd1c6a91611569a855444430c527a8bebbe113f77dd47dcfc2b8305c3a26a13_s390x",
"9Base-RHACM-2.10:rhacm2/acm-grafana-rhel9@sha256:3a59dd5e30b37f1e1feffba959d88d3aab37701500203afb71b2d38958236b85_amd64",
"9Base-RHACM-2.10:rhacm2/acm-grafana-rhel9@sha256:b488d250bc1c82f3f7e26a1bc741dee02e57b3e3d40cf2965e541d2c5727ec65_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-grafana-rhel9@sha256:df4024e8506d0926ad81943684532dd9e4054f26d23da6e329f593239b5a1513_arm64",
"9Base-RHACM-2.10:rhacm2/acm-must-gather-rhel9@sha256:66bca60baa85bc23963b5955fe57e8b7b7038c1088e2ce60f1fedc1a41d944dc_arm64",
"9Base-RHACM-2.10:rhacm2/acm-must-gather-rhel9@sha256:92d087992acf383c2f06ed92996049c412fc1fef76be10fc40eb6ba2e4b2f9be_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-must-gather-rhel9@sha256:bfc79c952b6f62658ef36373af72e6213de78ba1c3a18f018add4295d8ae72f8_s390x",
"9Base-RHACM-2.10:rhacm2/acm-must-gather-rhel9@sha256:fb9fa96ebaba320dd723e7d5727b20c63f66aa6c39f460a6270c572354123fd9_amd64",
"9Base-RHACM-2.10:rhacm2/acm-operator-bundle@sha256:190d00bcb1bdbf289cc4ae87f738aeabe04470194e51870c572876e4c118d712_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-operator-bundle@sha256:304e9a12e0c7b7be0444efd26764d32818fc3ad1ad936b565232f5f82a5f72fe_amd64",
"9Base-RHACM-2.10:rhacm2/acm-operator-bundle@sha256:cc65cb3804a7e6150028a6f1c60fcbdb78c42689769ff9378922491481947aed_s390x",
"9Base-RHACM-2.10:rhacm2/acm-prometheus-config-reloader-rhel9@sha256:0b885dfd28d82220fdb03b7bca0e1ed2fc941bc712e536af71e4e11ee9defee4_amd64",
"9Base-RHACM-2.10:rhacm2/acm-prometheus-config-reloader-rhel9@sha256:53cd755cea5a527c089321e5571c14ad0fd5d55b16e7c2acddc2a7c9670cffd2_arm64",
"9Base-RHACM-2.10:rhacm2/acm-prometheus-config-reloader-rhel9@sha256:8f18c68e47b66926d14795818f3a1dc21ffdcbcf1a220c7518194416602b19ac_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-prometheus-config-reloader-rhel9@sha256:be5be2fe888521fd8ac6d7ebca3cf127724128eb6ff4e11f90d61a4af60f1bee_s390x",
"9Base-RHACM-2.10:rhacm2/acm-prometheus-rhel9@sha256:8da9c5a18b42861d11e3df3f37b5f47b810af1b25beec208ce75b6f69d913ecd_s390x",
"9Base-RHACM-2.10:rhacm2/acm-prometheus-rhel9@sha256:91ec246784f1e7cdd0c20ab36ea09f13e553c043851699dae6191ea1ce101a61_arm64",
"9Base-RHACM-2.10:rhacm2/acm-prometheus-rhel9@sha256:969cc23c2f503797d491c797220e09b1682887742f669d338a5fd3613908148d_amd64",
"9Base-RHACM-2.10:rhacm2/acm-prometheus-rhel9@sha256:a1b920873dbb0984f41a8b49a4e0263c9756d909391601290b8a67278596327b_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-search-indexer-rhel9@sha256:21476ec5340f5e98451f83d7d455f86e8368ed4c882f564cf80b234dc2ceae1a_amd64",
"9Base-RHACM-2.10:rhacm2/acm-search-indexer-rhel9@sha256:47083a8e2f6234e7e3743c2f7d5cc433ad76a46a609f65640e047bfa9557082c_s390x",
"9Base-RHACM-2.10:rhacm2/acm-search-indexer-rhel9@sha256:95c15180b6b25c453b8aa81c42b106d6e9fb1d832761a3b2b06922c0ceee4d7b_arm64",
"9Base-RHACM-2.10:rhacm2/acm-search-indexer-rhel9@sha256:9ba73ef3b2447b16aab7503bce4e480441b272e997dab87ee9cc4b0f1ac040ba_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-search-v2-api-rhel9@sha256:1891db398d822cb0c424245928033240dfdcfd35d21ab052379d432423a6e038_s390x",
"9Base-RHACM-2.10:rhacm2/acm-search-v2-api-rhel9@sha256:247e052a3b5bc9708f1c0953f09c942414852f2109a9694af864375032072ae2_arm64",
"9Base-RHACM-2.10:rhacm2/acm-search-v2-api-rhel9@sha256:51a415f07cfadd9ae5b4b29cb3247b5085bb18edad8df566c47dc7e89ef0939e_amd64",
"9Base-RHACM-2.10:rhacm2/acm-search-v2-api-rhel9@sha256:756982578354d8a66399f2464602458f80bd398e46656a3d86c9303fa2068900_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-search-v2-rhel9@sha256:329f59a93ce1e2aab017a924db00b6aaca4c8ee40b5d5c2358af11af2e5319bd_s390x",
"9Base-RHACM-2.10:rhacm2/acm-search-v2-rhel9@sha256:9e2aa6686deee7b78bda5dcb08dad31c87a9653e48788df4e8bb39d4965c9101_arm64",
"9Base-RHACM-2.10:rhacm2/acm-search-v2-rhel9@sha256:e995897416f24436e6bef220bd4d5b3ba8fbd26c97fbd5e250391a3aef14bce5_amd64",
"9Base-RHACM-2.10:rhacm2/acm-search-v2-rhel9@sha256:f45417abdf399566fa98b0686ab4b2b55d776b6dfa67b7b7c24565b084c39165_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-volsync-addon-controller-rhel9@sha256:055c5ab4b2045571efe53bbd4ca54ba8a17a2cf590dad70c65667ed6b11ca86a_arm64",
"9Base-RHACM-2.10:rhacm2/acm-volsync-addon-controller-rhel9@sha256:60070927868e0538d31090138892fe64445321098b3874880fd21e7dcc1ffae7_amd64",
"9Base-RHACM-2.10:rhacm2/acm-volsync-addon-controller-rhel9@sha256:cc991f8f8af9337ab908f6564b4b77daef5893dc2759ff483142ef659a6a4b30_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-volsync-addon-controller-rhel9@sha256:faee49ca0c46781594189977f3ab5805060cd0a95e47ba575ec05bb549e21a69_s390x",
"9Base-RHACM-2.10:rhacm2/cert-policy-controller-rhel9@sha256:081c86b4c25876ac0734a0caff771a30b848530f1e89f9e0d3ee3f743f579e9c_s390x",
"9Base-RHACM-2.10:rhacm2/cert-policy-controller-rhel9@sha256:318f11ebe87bc1feced78f9d2ae66856884606c721e15d2d05045562d248ac3f_arm64",
"9Base-RHACM-2.10:rhacm2/cert-policy-controller-rhel9@sha256:5daaad58a8979d386830224e133a3bbc713b63039a99eda9a69487b999e71965_amd64",
"9Base-RHACM-2.10:rhacm2/cert-policy-controller-rhel9@sha256:bffedd5eb97a49dd210b51423ba8938684be1cb41dd79d06b2aab94bc0bb4963_ppc64le",
"9Base-RHACM-2.10:rhacm2/cluster-backup-rhel9-operator@sha256:0d141d0fa859ae0061605f2fe13381be2b6ebd9d8c6b91ca171a8e61e52842be_ppc64le",
"9Base-RHACM-2.10:rhacm2/cluster-backup-rhel9-operator@sha256:3a8bace1bb325142a64a4432543a828050e2e87de91a08dca793534841b7b841_amd64",
"9Base-RHACM-2.10:rhacm2/cluster-backup-rhel9-operator@sha256:66f67d2d8c09634e2e5ae0be07437cb1918f6b506e35bc9b7af82f4979dfc4ed_s390x",
"9Base-RHACM-2.10:rhacm2/cluster-backup-rhel9-operator@sha256:ac726852c9aa7e54aa4d75c6c485b429f16fffbb61d2840b527c5a1cfdb5c842_arm64",
"9Base-RHACM-2.10:rhacm2/config-policy-controller-rhel9@sha256:0ef8fdea99a8fd44feff31b4883a6ecd17eeabb5e8c9ccbdbdd30c32cc2cbe64_amd64",
"9Base-RHACM-2.10:rhacm2/config-policy-controller-rhel9@sha256:b7ff6680725a8bb31edf5dc58d82ac0b9d201ba8eac4c6f2ea4c3cd35f52915a_s390x",
"9Base-RHACM-2.10:rhacm2/config-policy-controller-rhel9@sha256:d4456a33f0488db9c77d12a279500b68a41441a8ff6c8cc9723a7ccc46e90dc7_arm64",
"9Base-RHACM-2.10:rhacm2/config-policy-controller-rhel9@sha256:d6e8119559b01231206654d2a57114862c4c6b5ca604ccf7b92e53bea6e2e2c2_ppc64le",
"9Base-RHACM-2.10:rhacm2/console-rhel9@sha256:4ee3bbdcc190cd6c3e1eff8bfabe8ca3cd9e61ab5d824983a955e6d509238041_arm64",
"9Base-RHACM-2.10:rhacm2/console-rhel9@sha256:5fe6fb2bd7e31a960bc018d870af482f668ab417d601d94a5ac5981fd116a852_s390x",
"9Base-RHACM-2.10:rhacm2/console-rhel9@sha256:9005fc71b91a5d2a1fe502e90d57cea2285d1218ad6e49f4bcdd77bf560c5765_ppc64le",
"9Base-RHACM-2.10:rhacm2/console-rhel9@sha256:b3bc8c5f587da2c7ce4e25d5d2e72b08939071297cf3fdc5d51fb631d99aa168_amd64",
"9Base-RHACM-2.10:rhacm2/endpoint-monitoring-rhel9-operator@sha256:75bc23118d6e3ae1ec142a6f47a871efcd8ec5aa6da2bef7cf24e716b3b3be3c_s390x",
"9Base-RHACM-2.10:rhacm2/endpoint-monitoring-rhel9-operator@sha256:cf7be8fd6b726cb7ba8a3f57e14e20d7944245759cd6e8bd26dca4d666fb866a_arm64",
"9Base-RHACM-2.10:rhacm2/endpoint-monitoring-rhel9-operator@sha256:d8c3352fceb6a53e110f76501bb2c2f4cf7a9284f9dd30dee3fe3e015b622195_amd64",
"9Base-RHACM-2.10:rhacm2/endpoint-monitoring-rhel9-operator@sha256:e177864e6bc3b6e66f1f455229257210b77a3b7d0e18c480d252ed79f03bf67a_ppc64le",
"9Base-RHACM-2.10:rhacm2/governance-policy-propagator-rhel9@sha256:400644c05d5768fb7460bb3f8bfa880bc21e91f365130d13877f015ba2146358_amd64",
"9Base-RHACM-2.10:rhacm2/governance-policy-propagator-rhel9@sha256:46deef6c168120168168820dad57ce9b2d2641be926772eaeba2d03d3d324e2a_s390x",
"9Base-RHACM-2.10:rhacm2/governance-policy-propagator-rhel9@sha256:4e9143f58e4755b86526d113040acd0ee0069fefe9243e08c864c35d25b276e9_ppc64le",
"9Base-RHACM-2.10:rhacm2/governance-policy-propagator-rhel9@sha256:8947a68138c101fdc355b94a4deb0d02f44de025fe733e8d5fb28f5fce93b7c9_arm64",
"9Base-RHACM-2.10:rhacm2/grafana-dashboard-loader-rhel9@sha256:26a08abd967f17e23975b728768e2f561750856b0f98ff5f27506da94fa597ca_ppc64le",
"9Base-RHACM-2.10:rhacm2/grafana-dashboard-loader-rhel9@sha256:43f27505c8ac51aa659c638f96f7681d8d3029775b9153a8075fa38dd48dbc3c_arm64",
"9Base-RHACM-2.10:rhacm2/grafana-dashboard-loader-rhel9@sha256:a9afb35685e18a179269293a1998eb5c6c8c47e9247a7f3f1c27d3b1b35a83b2_amd64",
"9Base-RHACM-2.10:rhacm2/grafana-dashboard-loader-rhel9@sha256:f30433d2c90f38c86f1780bd8b74a50821837f769db589ee720e35fd79dbc23b_s390x",
"9Base-RHACM-2.10:rhacm2/iam-policy-controller-rhel9@sha256:63ca0eef9b3febe70ceea5b47a36fea7455eef69da9d1bda70d2bc9661ec2f2c_arm64",
"9Base-RHACM-2.10:rhacm2/iam-policy-controller-rhel9@sha256:ae274418f0fa055670012f2d92d63ebb175fdbd3946486312007bc2b0a915541_ppc64le",
"9Base-RHACM-2.10:rhacm2/iam-policy-controller-rhel9@sha256:c1d7619138ab3717e6f6a49ac76f95ff041a022746891057d6e4e163114fb864_amd64",
"9Base-RHACM-2.10:rhacm2/iam-policy-controller-rhel9@sha256:f62a79f1f02af4be1424b74071e6d701e5c514e27019e69ee98cbed10b602f3d_s390x",
"9Base-RHACM-2.10:rhacm2/insights-client-rhel9@sha256:0ff4ca5a9703ec58d70178152b5dbbb3aaffa5fce80153eda12f727f7c3e0b6f_ppc64le",
"9Base-RHACM-2.10:rhacm2/insights-client-rhel9@sha256:70833a6ef9ebc1b50e914744e0f7c36c259bb7889c7ff8085cb8470826ac803e_s390x",
"9Base-RHACM-2.10:rhacm2/insights-client-rhel9@sha256:cdf079542b23633884a52daa02d4b9182aaf7454e769186de4f495467686653d_arm64",
"9Base-RHACM-2.10:rhacm2/insights-client-rhel9@sha256:f62d6a262c044a7883f34563e3e1909761ca0bd44e4d5f8a0e564db8b630068b_amd64",
"9Base-RHACM-2.10:rhacm2/insights-metrics-rhel9@sha256:16862c34efb507d44455ed78cde51a1f57969cc69f4beec70ecb697b8ea406dc_amd64",
"9Base-RHACM-2.10:rhacm2/insights-metrics-rhel9@sha256:2f7c346cb847e2928715bd4b64a34531b82d0130a89a08f19c3026db5d89c5a1_ppc64le",
"9Base-RHACM-2.10:rhacm2/insights-metrics-rhel9@sha256:44f56f7a1ac2720ce815ea7aa824ea37a0bdcf63c637941ca84328578a735142_arm64",
"9Base-RHACM-2.10:rhacm2/insights-metrics-rhel9@sha256:e2a9110af4d9bac9fd97b8f5981230c495506d50db571eccae9e16e361abfdd7_s390x",
"9Base-RHACM-2.10:rhacm2/klusterlet-addon-controller-rhel9@sha256:693af28fa3e5f1aee61695e891fdd33a49b5280e4a555f84b838ca8e829d0999_ppc64le",
"9Base-RHACM-2.10:rhacm2/klusterlet-addon-controller-rhel9@sha256:7ac958c32070e6282a8cbe262810c58a81e6e331bf59877cd67758ab6feb8ada_amd64",
"9Base-RHACM-2.10:rhacm2/klusterlet-addon-controller-rhel9@sha256:8528a204787ecde3925c9c3ef31e225f59c5b4b3a21bd314541fe06dd4c1aa73_s390x",
"9Base-RHACM-2.10:rhacm2/klusterlet-addon-controller-rhel9@sha256:cf0bf12f03bd0a4a09188d1f5b4820aa6e7f6e4a1fb1bc2c45559553907c6eae_arm64",
"9Base-RHACM-2.10:rhacm2/kube-rbac-proxy-rhel9@sha256:1d75e8e70fc3f3943841bd34f79e5762705b0d23460064c6adcdd0fc6b39005a_amd64",
"9Base-RHACM-2.10:rhacm2/kube-rbac-proxy-rhel9@sha256:355905503e1321fc2fd75b12bab33b2cb75cbfcc0d0e7e70400790da081abfd9_arm64",
"9Base-RHACM-2.10:rhacm2/kube-rbac-proxy-rhel9@sha256:42da847ca7b39914df099381ac807d8ab619774388c1a47e0d71020fbce998ae_s390x",
"9Base-RHACM-2.10:rhacm2/kube-rbac-proxy-rhel9@sha256:5e416f1249a77845f81c9cf1a1dfae74feca41afd6dd35e7be55a0fa61632c00_ppc64le",
"9Base-RHACM-2.10:rhacm2/kube-state-metrics-rhel9@sha256:715f6b9c01400a153157de08bf2a6b04ea54478ee2c18d7871b65c865d6902d2_s390x",
"9Base-RHACM-2.10:rhacm2/kube-state-metrics-rhel9@sha256:72f6c545d46d1cc6f3fb1b9cd6840f0496056d410c8ade62dd35d99dfdd60737_arm64",
"9Base-RHACM-2.10:rhacm2/kube-state-metrics-rhel9@sha256:88982e268e1a3d0c52c72563a684b58042adb0800ebd1e80208b898eebe75cd6_ppc64le",
"9Base-RHACM-2.10:rhacm2/kube-state-metrics-rhel9@sha256:9f2ac058e15d5653e8bced975955e26e51a88d36a1d5896305b6f5060afee43a_amd64",
"9Base-RHACM-2.10:rhacm2/memcached-exporter-rhel9@sha256:1304f49745ed8a18784196b5595cea1ec6caf904d0e61d0952a603e6fb7da6e0_ppc64le",
"9Base-RHACM-2.10:rhacm2/memcached-exporter-rhel9@sha256:36529c281273e5346ef5cce6a55e47c27fdaf2507a6f7971576b738b1c543258_arm64",
"9Base-RHACM-2.10:rhacm2/memcached-exporter-rhel9@sha256:c5275f61fd2e84deaab7e789a7ffefdbe235866a8439d3d2534e4b26998372d6_s390x",
"9Base-RHACM-2.10:rhacm2/memcached-exporter-rhel9@sha256:f9f5ca67f62d6218b90b863b4fe63aa95aef755e5cbae5a83896f74a0039b7ab_amd64",
"9Base-RHACM-2.10:rhacm2/memcached-rhel9@sha256:2c4437598be87fc5f3f6639e728279d8ba21cf49061be78e3a4fbacc989997b4_amd64",
"9Base-RHACM-2.10:rhacm2/memcached-rhel9@sha256:2fb75dce1567e21a9f1361ec3ac54a4d5a2252f03aa64b6cdf4d1cd02a58d04c_s390x",
"9Base-RHACM-2.10:rhacm2/memcached-rhel9@sha256:4af229aca50a46ec9f190fbeef603f1259223f81f5307f46de17ad8b8c9760e1_arm64",
"9Base-RHACM-2.10:rhacm2/memcached-rhel9@sha256:e871cb2e5d235ae74a998356748299daace42d47a92e1da57a2773eae87625a6_ppc64le",
"9Base-RHACM-2.10:rhacm2/metrics-collector-rhel9@sha256:20ac5c57af957e7126221f4089bb816b948aa624788da9298b4f476ecc668293_amd64",
"9Base-RHACM-2.10:rhacm2/metrics-collector-rhel9@sha256:54665ca7529012a3a63c7dcc263a2e46964a0ee4ba43f19a2a3f05dcdfd5ae0f_ppc64le",
"9Base-RHACM-2.10:rhacm2/metrics-collector-rhel9@sha256:84543f21ccfe36960fce099930132e7042e505ba635c45a28a902ed2b2401d55_s390x",
"9Base-RHACM-2.10:rhacm2/metrics-collector-rhel9@sha256:eb32f5c275247babd03ec16b0978aced10a9b9da07a84f5af6be4d7c3852a6b7_arm64",
"9Base-RHACM-2.10:rhacm2/multicloud-integrations-rhel9@sha256:0529a11c8935d5b9fa2a3f29801749b09861076c0c2040612271f0bbafb5fbab_s390x",
"9Base-RHACM-2.10:rhacm2/multicloud-integrations-rhel9@sha256:2b7557d262cd8eacc45178dcca3dae642b1bb33fbfccdf6a3b63abb7e1a39d53_amd64",
"9Base-RHACM-2.10:rhacm2/multicloud-integrations-rhel9@sha256:606ea20603d86412a34478a3db9c17737cca2b04c26bcab175279028c822e492_arm64",
"9Base-RHACM-2.10:rhacm2/multicloud-integrations-rhel9@sha256:d3958606b5001619aa3044617ccb4fe265764d7dad05b0a6bf5b4910bd5d0ba7_ppc64le",
"9Base-RHACM-2.10:rhacm2/multicluster-observability-rhel9-operator@sha256:9b855d7e4cf6fe3c4da92d84a51adc63aea5f144bce38dbb9c4ab3d01370c296_amd64",
"9Base-RHACM-2.10:rhacm2/multicluster-observability-rhel9-operator@sha256:a9eb1e576d4eb5c7e9131803042b7d8529dab369595d0adc22623e24b67832d9_s390x",
"9Base-RHACM-2.10:rhacm2/multicluster-observability-rhel9-operator@sha256:ab73f96720c106dcb2ea64f8b7ac13ad866533d993c43cb7c6dbbf08ba4977dd_ppc64le",
"9Base-RHACM-2.10:rhacm2/multicluster-observability-rhel9-operator@sha256:f296c72dd6842481dad78536117aec3ff14d19be736e5679101bbfc92b87809b_arm64",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-application-rhel9@sha256:184f6068b077070b90ede3a2f4e81be398fd2841f042fc6f2f114fdfd4f1095b_arm64",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-application-rhel9@sha256:2a272685b487a747827220d16bc5aaff65c436d5c312b081d9fffd9ef4a8a0f9_amd64",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-application-rhel9@sha256:635c1cf425b8744a421c649bd809a59df6dc6cdeaa9da2a369706e522a3a0fab_ppc64le",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-application-rhel9@sha256:e15bedc9ce45cc025b6ab6c27d5b7eb95f6e750791ff0dae228a71eaeae1cace_s390x",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-channel-rhel9@sha256:2399cfe0b3b626be2acd289d8880b9913d73093220b3e4062bb7cddb2628640a_amd64",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-channel-rhel9@sha256:37f84cbbee522859c6f46e49179ab0b1e1fef118aac6741d18675b36e31972dd_s390x",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-channel-rhel9@sha256:43c086e0f17783322c26ba577db2c7c8fd43176a7ac14e45a40c3db0b91a6d1e_ppc64le",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-channel-rhel9@sha256:773c32065f60e4a2e626e17744d0a2cfc4049325f6664f899d8da949dc3fa4a6_arm64",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-subscription-rhel9@sha256:08aacdc6cad3ba5743a5d65c1bff5b3e41e44269765b94f45673a8e648f60584_amd64",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-subscription-rhel9@sha256:7eda39d696e452ec7e9da1473807e3134f149ed28d0ec873cf489451fbb007e0_arm64",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-subscription-rhel9@sha256:a791398b5dd73f447d22f260eaf209f782c9663e81c81529eb4b3018183f9deb_ppc64le",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-subscription-rhel9@sha256:b88262afe6149a741a566054ecc16400bc7335a443219d3ddbcb1ba7c939a38b_s390x",
"9Base-RHACM-2.10:rhacm2/multiclusterhub-rhel9@sha256:5de91afd73b5a86865954ab3f6587f382f53e0856422ed975d9aa867bd0ffbf9_arm64",
"9Base-RHACM-2.10:rhacm2/multiclusterhub-rhel9@sha256:97932a785e8601b170a7c6fd42b1e6a18203b958ccbb712352c2817b8103d9b5_s390x",
"9Base-RHACM-2.10:rhacm2/multiclusterhub-rhel9@sha256:b30d5d981e1522751e4434b1c107e5cefb6c8c22ea16915f35948c11f9aa0579_ppc64le",
"9Base-RHACM-2.10:rhacm2/multiclusterhub-rhel9@sha256:c5e3898dd435f49636834ce14b3188f7163167cdb538d85812393cf450d49157_amd64",
"9Base-RHACM-2.10:rhacm2/node-exporter-rhel9@sha256:8bb239eafceaa18a786b78f7bf54c7063d80bce60567d10d81c5a4282b2884b4_s390x",
"9Base-RHACM-2.10:rhacm2/node-exporter-rhel9@sha256:9611a92119f19e11c29e9e93b9c714499e60d06712da97d9fa77ed0fd0d4d33b_arm64",
"9Base-RHACM-2.10:rhacm2/node-exporter-rhel9@sha256:d147abba6fa66eb914005d4cd62302c527cbfc0083be386275c5c782b90c3c1c_amd64",
"9Base-RHACM-2.10:rhacm2/node-exporter-rhel9@sha256:f9a4446156fd21112854846849c68952e4c336e5782d6aeb3c49bddd3408d388_ppc64le",
"9Base-RHACM-2.10:rhacm2/observatorium-rhel9-operator@sha256:414b191a314b0695aede28ac7229a064833d798e94d5b92a434e2eb3650983b6_arm64",
"9Base-RHACM-2.10:rhacm2/observatorium-rhel9-operator@sha256:9e2d97d0116349c1f1e1d815a6d8822c9f5331acdb81e878c0cb0e86149167ef_ppc64le",
"9Base-RHACM-2.10:rhacm2/observatorium-rhel9-operator@sha256:e2dabaf7c375e039797330bb33e03c993356dc5a37949f84a89c3e4f40ff0023_amd64",
"9Base-RHACM-2.10:rhacm2/observatorium-rhel9-operator@sha256:ecda2be3377f15a09c6971b1a689bb9eb917909d55f54c996d54a972aece7432_s390x",
"9Base-RHACM-2.10:rhacm2/observatorium-rhel9@sha256:10ee1d5c854a7daf0d33f1dc16529a7e1a3cb67fab5a626f8a42da705186265e_arm64",
"9Base-RHACM-2.10:rhacm2/observatorium-rhel9@sha256:1eb9b98d7f3c878e09b45aad2a64780e46026c55d6f70a64d66e255ec13ce9fb_s390x",
"9Base-RHACM-2.10:rhacm2/observatorium-rhel9@sha256:25ee9231e17b71c83f12a9ce5d94629b2fd8ad3c64b61de9f03b057584f84804_ppc64le",
"9Base-RHACM-2.10:rhacm2/observatorium-rhel9@sha256:7812638565dff9368b4db0ed9aecb86c544d0b6caa773994c5c830e800060e22_amd64",
"9Base-RHACM-2.10:rhacm2/prometheus-alertmanager-rhel9@sha256:0a4ecc2af398e1a771540af4f062abfc0f47bfae9ba3a2fcb6a6c66940385d42_ppc64le",
"9Base-RHACM-2.10:rhacm2/prometheus-alertmanager-rhel9@sha256:0e7e5cfd6a953e092eb3ae72b236741f73432f8d262ace74caa2acf8c5fe3863_amd64",
"9Base-RHACM-2.10:rhacm2/prometheus-alertmanager-rhel9@sha256:25abc3028c69dedee05220fa4f0f32b7accc33ef519f46b23860612307db2181_arm64",
"9Base-RHACM-2.10:rhacm2/prometheus-alertmanager-rhel9@sha256:88383e94dcec26826df02cdebc9e7cc764e92b2ce71300c31a46f20ce92135c0_s390x",
"9Base-RHACM-2.10:rhacm2/prometheus-rhel9@sha256:556c5d133dd996b86dceb03158d4d463ccdbbf29cc9ca05ff1e3915a48cd8c47_s390x",
"9Base-RHACM-2.10:rhacm2/prometheus-rhel9@sha256:98af2a53f9c59b0bdd6ee9c8f27eb00f65a870ee64ba8d503083a9a0d3aa2ec6_arm64",
"9Base-RHACM-2.10:rhacm2/prometheus-rhel9@sha256:99e749f7d98203070348c652f6df158c9207801d86439ddde08bcae16e813ea5_ppc64le",
"9Base-RHACM-2.10:rhacm2/prometheus-rhel9@sha256:c1c2a5bc8d471fb7cbbf31c0e5513bf2630efbd1a5bbb458dc0c98b3ee608636_amd64",
"9Base-RHACM-2.10:rhacm2/rbac-query-proxy-rhel9@sha256:5f70872d294b5f10393fa7c6a6ffd81a6a509ea7589753d29ad49118a87fb2df_s390x",
"9Base-RHACM-2.10:rhacm2/rbac-query-proxy-rhel9@sha256:a061734a251e62cd31792ec9065f6a346de672f72e32965954811faf11f86d62_amd64",
"9Base-RHACM-2.10:rhacm2/rbac-query-proxy-rhel9@sha256:e325c611a68e60d204018b8aac765bb58e135b44735bbc14069c5cbf49828ada_ppc64le",
"9Base-RHACM-2.10:rhacm2/rbac-query-proxy-rhel9@sha256:fe807380c43daaae2ca277ef4a6b6bace7842087112f7d242773a073797c908e_arm64",
"9Base-RHACM-2.10:rhacm2/search-collector-rhel9@sha256:2092c265f1dea3dc553c370c3b07c92e4cb8523ccc58d46af4a517165e9b7bc4_s390x",
"9Base-RHACM-2.10:rhacm2/search-collector-rhel9@sha256:557e431af519bf544102927491fffbdd4091a5a9377396d7d30b2898897c8fba_amd64",
"9Base-RHACM-2.10:rhacm2/search-collector-rhel9@sha256:f908a57c2bfe78911889102abb61377d5170590689930d74b8d6a9fa7bc66848_ppc64le",
"9Base-RHACM-2.10:rhacm2/search-collector-rhel9@sha256:fe20c8e6fbf707c0467a4876405f2f8b395ac24ca554bd052f7f55da2df6371f_arm64",
"9Base-RHACM-2.10:rhacm2/submariner-addon-rhel9@sha256:1d74ed10635e7021129e60caa3358581d61c4bd93cebed86f79d5fdba100b10f_ppc64le",
"9Base-RHACM-2.10:rhacm2/submariner-addon-rhel9@sha256:92584807362684f692fc991f06ffecf241ee6494d4b37c584d74527214b33acb_s390x",
"9Base-RHACM-2.10:rhacm2/submariner-addon-rhel9@sha256:9a6b6d7ed493c6c8c9962485404f551974cece1b59e7197f9ed6fce120ca7d0d_arm64",
"9Base-RHACM-2.10:rhacm2/submariner-addon-rhel9@sha256:e8eb481c682682ea78d5f7d5793f63e427fcffc867db012f327b5469c524535c_amd64",
"9Base-RHACM-2.10:rhacm2/thanos-receive-controller-rhel9@sha256:09b931bd7405cc8733625884f61ccaa92b40b48d9068d78f552a6c9383cb02e9_amd64",
"9Base-RHACM-2.10:rhacm2/thanos-receive-controller-rhel9@sha256:64aebcc4f88c096cb93faa8fab067308442fd49c07e55fcb55283ef86643f642_s390x",
"9Base-RHACM-2.10:rhacm2/thanos-receive-controller-rhel9@sha256:91f186246d963c2978023489ed7cd58dec2f57641fd2a2a0c16d2caa5377147c_arm64",
"9Base-RHACM-2.10:rhacm2/thanos-receive-controller-rhel9@sha256:d391d522c2006e634df69f28eacd1f6cfba7b1ac4ec27ea97c307f4da5213954_ppc64le",
"9Base-RHACM-2.10:rhacm2/thanos-rhel9@sha256:9c82d36f3a942088a6612e6e1d5d7f3413006b2f5df41758c0072ee8d68b3801_ppc64le",
"9Base-RHACM-2.10:rhacm2/thanos-rhel9@sha256:c431d914ecca6080a1ce9ee7fb15019ca5f5b5cb7083fa739ce14b9f8afd570e_amd64",
"9Base-RHACM-2.10:rhacm2/thanos-rhel9@sha256:e8e6c42e37b2c0ba6456d48afa747f3c6f167cbcf4523d5ad751351a932deefc_arm64",
"9Base-RHACM-2.10:rhacm2/thanos-rhel9@sha256:f7dc5a2e9c41416badca921ef6a4b16e9edd2aea052107d737bb3ddbc2e0242c_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-45288"
},
{
"category": "external",
"summary": "RHBZ#2268273",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268273"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-45288",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45288"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-45288",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45288"
},
{
"category": "external",
"summary": "https://nowotarski.info/http2-continuation-flood/",
"url": "https://nowotarski.info/http2-continuation-flood/"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-2687",
"url": "https://pkg.go.dev/vuln/GO-2024-2687"
},
{
"category": "external",
"summary": "https://www.kb.cert.org/vuls/id/421644",
"url": "https://www.kb.cert.org/vuls/id/421644"
}
],
"release_date": "2024-04-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-07-10T19:53:51+00:00",
"details": "For Red Hat Advanced Cluster Management for Kubernetes, see the following\ndocumentation, which will be updated shortly for this release:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.10/html-single/install/index#installing",
"product_ids": [
"9Base-RHACM-2.10:rhacm2/acm-cluster-permission-rhel9@sha256:b9ef8ca2a002c616c6644cf16b80d5901d7b46034dc7e57ec1dd1d260cf0e32b_s390x",
"9Base-RHACM-2.10:rhacm2/acm-cluster-permission-rhel9@sha256:bd41dedb13ae9360d2e856ec6d52ea35b726425a65e92a00cd6037344ae5780e_amd64",
"9Base-RHACM-2.10:rhacm2/acm-cluster-permission-rhel9@sha256:dac35e93ff173bd30fefbdec8676fb605e28368aec3eccc4ac603f16eadcf31d_arm64",
"9Base-RHACM-2.10:rhacm2/acm-cluster-permission-rhel9@sha256:e8c9920427522b7ef645422b85ff1585e65b9d659c792e57201dfc06d6a13ffa_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:4464"
},
{
"category": "workaround",
"details": "In some environments where http/2 support is not required, it may be possible to disable this feature to reduce risk.",
"product_ids": [
"9Base-RHACM-2.10:rhacm2/acm-cluster-permission-rhel9@sha256:b9ef8ca2a002c616c6644cf16b80d5901d7b46034dc7e57ec1dd1d260cf0e32b_s390x",
"9Base-RHACM-2.10:rhacm2/acm-cluster-permission-rhel9@sha256:bd41dedb13ae9360d2e856ec6d52ea35b726425a65e92a00cd6037344ae5780e_amd64",
"9Base-RHACM-2.10:rhacm2/acm-cluster-permission-rhel9@sha256:dac35e93ff173bd30fefbdec8676fb605e28368aec3eccc4ac603f16eadcf31d_arm64",
"9Base-RHACM-2.10:rhacm2/acm-cluster-permission-rhel9@sha256:e8c9920427522b7ef645422b85ff1585e65b9d659c792e57201dfc06d6a13ffa_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-governance-policy-addon-controller-rhel9@sha256:65d709ef780d8d867c145b1ddf8e7031bd8e710972b21ed2d7b9d9ede0bfdb43_s390x",
"9Base-RHACM-2.10:rhacm2/acm-governance-policy-addon-controller-rhel9@sha256:87988ad277b62bbcc061dbe4242bfc2edcc21dc98c4c7c66385131c0425b0fa7_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-governance-policy-addon-controller-rhel9@sha256:9af1cb9605a8fdf7212a079ed8fa51b110b367c705a51651ba3933e936519e7f_arm64",
"9Base-RHACM-2.10:rhacm2/acm-governance-policy-addon-controller-rhel9@sha256:c6e3728b6687b8c83a11c326e4fd098ceef3f501725efbdfcb0ded0645a1473e_amd64",
"9Base-RHACM-2.10:rhacm2/acm-governance-policy-framework-addon-rhel9@sha256:3101f1389311c0006c0fb9953c44d5fff9e968597952103a5a873a7a4c4707da_amd64",
"9Base-RHACM-2.10:rhacm2/acm-governance-policy-framework-addon-rhel9@sha256:4536de55598f032ad91056c779ec2faea5c28de557a730d50cb2b2aba9b3bf00_s390x",
"9Base-RHACM-2.10:rhacm2/acm-governance-policy-framework-addon-rhel9@sha256:587fc80d3d6e3f2295272934fb39cfa3b96f5a2652a533b6b01cc6b04d10cb66_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-governance-policy-framework-addon-rhel9@sha256:63246c061e7960a656cb66c8ccca2b7bed943c9a1fe96a28f9cd99829608cda5_arm64",
"9Base-RHACM-2.10:rhacm2/acm-grafana-rhel9@sha256:1cd1c6a91611569a855444430c527a8bebbe113f77dd47dcfc2b8305c3a26a13_s390x",
"9Base-RHACM-2.10:rhacm2/acm-grafana-rhel9@sha256:3a59dd5e30b37f1e1feffba959d88d3aab37701500203afb71b2d38958236b85_amd64",
"9Base-RHACM-2.10:rhacm2/acm-grafana-rhel9@sha256:b488d250bc1c82f3f7e26a1bc741dee02e57b3e3d40cf2965e541d2c5727ec65_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-grafana-rhel9@sha256:df4024e8506d0926ad81943684532dd9e4054f26d23da6e329f593239b5a1513_arm64",
"9Base-RHACM-2.10:rhacm2/acm-must-gather-rhel9@sha256:66bca60baa85bc23963b5955fe57e8b7b7038c1088e2ce60f1fedc1a41d944dc_arm64",
"9Base-RHACM-2.10:rhacm2/acm-must-gather-rhel9@sha256:92d087992acf383c2f06ed92996049c412fc1fef76be10fc40eb6ba2e4b2f9be_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-must-gather-rhel9@sha256:bfc79c952b6f62658ef36373af72e6213de78ba1c3a18f018add4295d8ae72f8_s390x",
"9Base-RHACM-2.10:rhacm2/acm-must-gather-rhel9@sha256:fb9fa96ebaba320dd723e7d5727b20c63f66aa6c39f460a6270c572354123fd9_amd64",
"9Base-RHACM-2.10:rhacm2/acm-operator-bundle@sha256:190d00bcb1bdbf289cc4ae87f738aeabe04470194e51870c572876e4c118d712_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-operator-bundle@sha256:304e9a12e0c7b7be0444efd26764d32818fc3ad1ad936b565232f5f82a5f72fe_amd64",
"9Base-RHACM-2.10:rhacm2/acm-operator-bundle@sha256:cc65cb3804a7e6150028a6f1c60fcbdb78c42689769ff9378922491481947aed_s390x",
"9Base-RHACM-2.10:rhacm2/acm-prometheus-config-reloader-rhel9@sha256:0b885dfd28d82220fdb03b7bca0e1ed2fc941bc712e536af71e4e11ee9defee4_amd64",
"9Base-RHACM-2.10:rhacm2/acm-prometheus-config-reloader-rhel9@sha256:53cd755cea5a527c089321e5571c14ad0fd5d55b16e7c2acddc2a7c9670cffd2_arm64",
"9Base-RHACM-2.10:rhacm2/acm-prometheus-config-reloader-rhel9@sha256:8f18c68e47b66926d14795818f3a1dc21ffdcbcf1a220c7518194416602b19ac_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-prometheus-config-reloader-rhel9@sha256:be5be2fe888521fd8ac6d7ebca3cf127724128eb6ff4e11f90d61a4af60f1bee_s390x",
"9Base-RHACM-2.10:rhacm2/acm-prometheus-rhel9@sha256:8da9c5a18b42861d11e3df3f37b5f47b810af1b25beec208ce75b6f69d913ecd_s390x",
"9Base-RHACM-2.10:rhacm2/acm-prometheus-rhel9@sha256:91ec246784f1e7cdd0c20ab36ea09f13e553c043851699dae6191ea1ce101a61_arm64",
"9Base-RHACM-2.10:rhacm2/acm-prometheus-rhel9@sha256:969cc23c2f503797d491c797220e09b1682887742f669d338a5fd3613908148d_amd64",
"9Base-RHACM-2.10:rhacm2/acm-prometheus-rhel9@sha256:a1b920873dbb0984f41a8b49a4e0263c9756d909391601290b8a67278596327b_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-search-indexer-rhel9@sha256:21476ec5340f5e98451f83d7d455f86e8368ed4c882f564cf80b234dc2ceae1a_amd64",
"9Base-RHACM-2.10:rhacm2/acm-search-indexer-rhel9@sha256:47083a8e2f6234e7e3743c2f7d5cc433ad76a46a609f65640e047bfa9557082c_s390x",
"9Base-RHACM-2.10:rhacm2/acm-search-indexer-rhel9@sha256:95c15180b6b25c453b8aa81c42b106d6e9fb1d832761a3b2b06922c0ceee4d7b_arm64",
"9Base-RHACM-2.10:rhacm2/acm-search-indexer-rhel9@sha256:9ba73ef3b2447b16aab7503bce4e480441b272e997dab87ee9cc4b0f1ac040ba_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-search-v2-api-rhel9@sha256:1891db398d822cb0c424245928033240dfdcfd35d21ab052379d432423a6e038_s390x",
"9Base-RHACM-2.10:rhacm2/acm-search-v2-api-rhel9@sha256:247e052a3b5bc9708f1c0953f09c942414852f2109a9694af864375032072ae2_arm64",
"9Base-RHACM-2.10:rhacm2/acm-search-v2-api-rhel9@sha256:51a415f07cfadd9ae5b4b29cb3247b5085bb18edad8df566c47dc7e89ef0939e_amd64",
"9Base-RHACM-2.10:rhacm2/acm-search-v2-api-rhel9@sha256:756982578354d8a66399f2464602458f80bd398e46656a3d86c9303fa2068900_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-search-v2-rhel9@sha256:329f59a93ce1e2aab017a924db00b6aaca4c8ee40b5d5c2358af11af2e5319bd_s390x",
"9Base-RHACM-2.10:rhacm2/acm-search-v2-rhel9@sha256:9e2aa6686deee7b78bda5dcb08dad31c87a9653e48788df4e8bb39d4965c9101_arm64",
"9Base-RHACM-2.10:rhacm2/acm-search-v2-rhel9@sha256:e995897416f24436e6bef220bd4d5b3ba8fbd26c97fbd5e250391a3aef14bce5_amd64",
"9Base-RHACM-2.10:rhacm2/acm-search-v2-rhel9@sha256:f45417abdf399566fa98b0686ab4b2b55d776b6dfa67b7b7c24565b084c39165_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-volsync-addon-controller-rhel9@sha256:055c5ab4b2045571efe53bbd4ca54ba8a17a2cf590dad70c65667ed6b11ca86a_arm64",
"9Base-RHACM-2.10:rhacm2/acm-volsync-addon-controller-rhel9@sha256:60070927868e0538d31090138892fe64445321098b3874880fd21e7dcc1ffae7_amd64",
"9Base-RHACM-2.10:rhacm2/acm-volsync-addon-controller-rhel9@sha256:cc991f8f8af9337ab908f6564b4b77daef5893dc2759ff483142ef659a6a4b30_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-volsync-addon-controller-rhel9@sha256:faee49ca0c46781594189977f3ab5805060cd0a95e47ba575ec05bb549e21a69_s390x",
"9Base-RHACM-2.10:rhacm2/cert-policy-controller-rhel9@sha256:081c86b4c25876ac0734a0caff771a30b848530f1e89f9e0d3ee3f743f579e9c_s390x",
"9Base-RHACM-2.10:rhacm2/cert-policy-controller-rhel9@sha256:318f11ebe87bc1feced78f9d2ae66856884606c721e15d2d05045562d248ac3f_arm64",
"9Base-RHACM-2.10:rhacm2/cert-policy-controller-rhel9@sha256:5daaad58a8979d386830224e133a3bbc713b63039a99eda9a69487b999e71965_amd64",
"9Base-RHACM-2.10:rhacm2/cert-policy-controller-rhel9@sha256:bffedd5eb97a49dd210b51423ba8938684be1cb41dd79d06b2aab94bc0bb4963_ppc64le",
"9Base-RHACM-2.10:rhacm2/cluster-backup-rhel9-operator@sha256:0d141d0fa859ae0061605f2fe13381be2b6ebd9d8c6b91ca171a8e61e52842be_ppc64le",
"9Base-RHACM-2.10:rhacm2/cluster-backup-rhel9-operator@sha256:3a8bace1bb325142a64a4432543a828050e2e87de91a08dca793534841b7b841_amd64",
"9Base-RHACM-2.10:rhacm2/cluster-backup-rhel9-operator@sha256:66f67d2d8c09634e2e5ae0be07437cb1918f6b506e35bc9b7af82f4979dfc4ed_s390x",
"9Base-RHACM-2.10:rhacm2/cluster-backup-rhel9-operator@sha256:ac726852c9aa7e54aa4d75c6c485b429f16fffbb61d2840b527c5a1cfdb5c842_arm64",
"9Base-RHACM-2.10:rhacm2/config-policy-controller-rhel9@sha256:0ef8fdea99a8fd44feff31b4883a6ecd17eeabb5e8c9ccbdbdd30c32cc2cbe64_amd64",
"9Base-RHACM-2.10:rhacm2/config-policy-controller-rhel9@sha256:b7ff6680725a8bb31edf5dc58d82ac0b9d201ba8eac4c6f2ea4c3cd35f52915a_s390x",
"9Base-RHACM-2.10:rhacm2/config-policy-controller-rhel9@sha256:d4456a33f0488db9c77d12a279500b68a41441a8ff6c8cc9723a7ccc46e90dc7_arm64",
"9Base-RHACM-2.10:rhacm2/config-policy-controller-rhel9@sha256:d6e8119559b01231206654d2a57114862c4c6b5ca604ccf7b92e53bea6e2e2c2_ppc64le",
"9Base-RHACM-2.10:rhacm2/console-rhel9@sha256:4ee3bbdcc190cd6c3e1eff8bfabe8ca3cd9e61ab5d824983a955e6d509238041_arm64",
"9Base-RHACM-2.10:rhacm2/console-rhel9@sha256:5fe6fb2bd7e31a960bc018d870af482f668ab417d601d94a5ac5981fd116a852_s390x",
"9Base-RHACM-2.10:rhacm2/console-rhel9@sha256:9005fc71b91a5d2a1fe502e90d57cea2285d1218ad6e49f4bcdd77bf560c5765_ppc64le",
"9Base-RHACM-2.10:rhacm2/console-rhel9@sha256:b3bc8c5f587da2c7ce4e25d5d2e72b08939071297cf3fdc5d51fb631d99aa168_amd64",
"9Base-RHACM-2.10:rhacm2/endpoint-monitoring-rhel9-operator@sha256:75bc23118d6e3ae1ec142a6f47a871efcd8ec5aa6da2bef7cf24e716b3b3be3c_s390x",
"9Base-RHACM-2.10:rhacm2/endpoint-monitoring-rhel9-operator@sha256:cf7be8fd6b726cb7ba8a3f57e14e20d7944245759cd6e8bd26dca4d666fb866a_arm64",
"9Base-RHACM-2.10:rhacm2/endpoint-monitoring-rhel9-operator@sha256:d8c3352fceb6a53e110f76501bb2c2f4cf7a9284f9dd30dee3fe3e015b622195_amd64",
"9Base-RHACM-2.10:rhacm2/endpoint-monitoring-rhel9-operator@sha256:e177864e6bc3b6e66f1f455229257210b77a3b7d0e18c480d252ed79f03bf67a_ppc64le",
"9Base-RHACM-2.10:rhacm2/governance-policy-propagator-rhel9@sha256:400644c05d5768fb7460bb3f8bfa880bc21e91f365130d13877f015ba2146358_amd64",
"9Base-RHACM-2.10:rhacm2/governance-policy-propagator-rhel9@sha256:46deef6c168120168168820dad57ce9b2d2641be926772eaeba2d03d3d324e2a_s390x",
"9Base-RHACM-2.10:rhacm2/governance-policy-propagator-rhel9@sha256:4e9143f58e4755b86526d113040acd0ee0069fefe9243e08c864c35d25b276e9_ppc64le",
"9Base-RHACM-2.10:rhacm2/governance-policy-propagator-rhel9@sha256:8947a68138c101fdc355b94a4deb0d02f44de025fe733e8d5fb28f5fce93b7c9_arm64",
"9Base-RHACM-2.10:rhacm2/grafana-dashboard-loader-rhel9@sha256:26a08abd967f17e23975b728768e2f561750856b0f98ff5f27506da94fa597ca_ppc64le",
"9Base-RHACM-2.10:rhacm2/grafana-dashboard-loader-rhel9@sha256:43f27505c8ac51aa659c638f96f7681d8d3029775b9153a8075fa38dd48dbc3c_arm64",
"9Base-RHACM-2.10:rhacm2/grafana-dashboard-loader-rhel9@sha256:a9afb35685e18a179269293a1998eb5c6c8c47e9247a7f3f1c27d3b1b35a83b2_amd64",
"9Base-RHACM-2.10:rhacm2/grafana-dashboard-loader-rhel9@sha256:f30433d2c90f38c86f1780bd8b74a50821837f769db589ee720e35fd79dbc23b_s390x",
"9Base-RHACM-2.10:rhacm2/iam-policy-controller-rhel9@sha256:63ca0eef9b3febe70ceea5b47a36fea7455eef69da9d1bda70d2bc9661ec2f2c_arm64",
"9Base-RHACM-2.10:rhacm2/iam-policy-controller-rhel9@sha256:ae274418f0fa055670012f2d92d63ebb175fdbd3946486312007bc2b0a915541_ppc64le",
"9Base-RHACM-2.10:rhacm2/iam-policy-controller-rhel9@sha256:c1d7619138ab3717e6f6a49ac76f95ff041a022746891057d6e4e163114fb864_amd64",
"9Base-RHACM-2.10:rhacm2/iam-policy-controller-rhel9@sha256:f62a79f1f02af4be1424b74071e6d701e5c514e27019e69ee98cbed10b602f3d_s390x",
"9Base-RHACM-2.10:rhacm2/insights-client-rhel9@sha256:0ff4ca5a9703ec58d70178152b5dbbb3aaffa5fce80153eda12f727f7c3e0b6f_ppc64le",
"9Base-RHACM-2.10:rhacm2/insights-client-rhel9@sha256:70833a6ef9ebc1b50e914744e0f7c36c259bb7889c7ff8085cb8470826ac803e_s390x",
"9Base-RHACM-2.10:rhacm2/insights-client-rhel9@sha256:cdf079542b23633884a52daa02d4b9182aaf7454e769186de4f495467686653d_arm64",
"9Base-RHACM-2.10:rhacm2/insights-client-rhel9@sha256:f62d6a262c044a7883f34563e3e1909761ca0bd44e4d5f8a0e564db8b630068b_amd64",
"9Base-RHACM-2.10:rhacm2/insights-metrics-rhel9@sha256:16862c34efb507d44455ed78cde51a1f57969cc69f4beec70ecb697b8ea406dc_amd64",
"9Base-RHACM-2.10:rhacm2/insights-metrics-rhel9@sha256:2f7c346cb847e2928715bd4b64a34531b82d0130a89a08f19c3026db5d89c5a1_ppc64le",
"9Base-RHACM-2.10:rhacm2/insights-metrics-rhel9@sha256:44f56f7a1ac2720ce815ea7aa824ea37a0bdcf63c637941ca84328578a735142_arm64",
"9Base-RHACM-2.10:rhacm2/insights-metrics-rhel9@sha256:e2a9110af4d9bac9fd97b8f5981230c495506d50db571eccae9e16e361abfdd7_s390x",
"9Base-RHACM-2.10:rhacm2/klusterlet-addon-controller-rhel9@sha256:693af28fa3e5f1aee61695e891fdd33a49b5280e4a555f84b838ca8e829d0999_ppc64le",
"9Base-RHACM-2.10:rhacm2/klusterlet-addon-controller-rhel9@sha256:7ac958c32070e6282a8cbe262810c58a81e6e331bf59877cd67758ab6feb8ada_amd64",
"9Base-RHACM-2.10:rhacm2/klusterlet-addon-controller-rhel9@sha256:8528a204787ecde3925c9c3ef31e225f59c5b4b3a21bd314541fe06dd4c1aa73_s390x",
"9Base-RHACM-2.10:rhacm2/klusterlet-addon-controller-rhel9@sha256:cf0bf12f03bd0a4a09188d1f5b4820aa6e7f6e4a1fb1bc2c45559553907c6eae_arm64",
"9Base-RHACM-2.10:rhacm2/kube-rbac-proxy-rhel9@sha256:1d75e8e70fc3f3943841bd34f79e5762705b0d23460064c6adcdd0fc6b39005a_amd64",
"9Base-RHACM-2.10:rhacm2/kube-rbac-proxy-rhel9@sha256:355905503e1321fc2fd75b12bab33b2cb75cbfcc0d0e7e70400790da081abfd9_arm64",
"9Base-RHACM-2.10:rhacm2/kube-rbac-proxy-rhel9@sha256:42da847ca7b39914df099381ac807d8ab619774388c1a47e0d71020fbce998ae_s390x",
"9Base-RHACM-2.10:rhacm2/kube-rbac-proxy-rhel9@sha256:5e416f1249a77845f81c9cf1a1dfae74feca41afd6dd35e7be55a0fa61632c00_ppc64le",
"9Base-RHACM-2.10:rhacm2/kube-state-metrics-rhel9@sha256:715f6b9c01400a153157de08bf2a6b04ea54478ee2c18d7871b65c865d6902d2_s390x",
"9Base-RHACM-2.10:rhacm2/kube-state-metrics-rhel9@sha256:72f6c545d46d1cc6f3fb1b9cd6840f0496056d410c8ade62dd35d99dfdd60737_arm64",
"9Base-RHACM-2.10:rhacm2/kube-state-metrics-rhel9@sha256:88982e268e1a3d0c52c72563a684b58042adb0800ebd1e80208b898eebe75cd6_ppc64le",
"9Base-RHACM-2.10:rhacm2/kube-state-metrics-rhel9@sha256:9f2ac058e15d5653e8bced975955e26e51a88d36a1d5896305b6f5060afee43a_amd64",
"9Base-RHACM-2.10:rhacm2/memcached-exporter-rhel9@sha256:1304f49745ed8a18784196b5595cea1ec6caf904d0e61d0952a603e6fb7da6e0_ppc64le",
"9Base-RHACM-2.10:rhacm2/memcached-exporter-rhel9@sha256:36529c281273e5346ef5cce6a55e47c27fdaf2507a6f7971576b738b1c543258_arm64",
"9Base-RHACM-2.10:rhacm2/memcached-exporter-rhel9@sha256:c5275f61fd2e84deaab7e789a7ffefdbe235866a8439d3d2534e4b26998372d6_s390x",
"9Base-RHACM-2.10:rhacm2/memcached-exporter-rhel9@sha256:f9f5ca67f62d6218b90b863b4fe63aa95aef755e5cbae5a83896f74a0039b7ab_amd64",
"9Base-RHACM-2.10:rhacm2/memcached-rhel9@sha256:2c4437598be87fc5f3f6639e728279d8ba21cf49061be78e3a4fbacc989997b4_amd64",
"9Base-RHACM-2.10:rhacm2/memcached-rhel9@sha256:2fb75dce1567e21a9f1361ec3ac54a4d5a2252f03aa64b6cdf4d1cd02a58d04c_s390x",
"9Base-RHACM-2.10:rhacm2/memcached-rhel9@sha256:4af229aca50a46ec9f190fbeef603f1259223f81f5307f46de17ad8b8c9760e1_arm64",
"9Base-RHACM-2.10:rhacm2/memcached-rhel9@sha256:e871cb2e5d235ae74a998356748299daace42d47a92e1da57a2773eae87625a6_ppc64le",
"9Base-RHACM-2.10:rhacm2/metrics-collector-rhel9@sha256:20ac5c57af957e7126221f4089bb816b948aa624788da9298b4f476ecc668293_amd64",
"9Base-RHACM-2.10:rhacm2/metrics-collector-rhel9@sha256:54665ca7529012a3a63c7dcc263a2e46964a0ee4ba43f19a2a3f05dcdfd5ae0f_ppc64le",
"9Base-RHACM-2.10:rhacm2/metrics-collector-rhel9@sha256:84543f21ccfe36960fce099930132e7042e505ba635c45a28a902ed2b2401d55_s390x",
"9Base-RHACM-2.10:rhacm2/metrics-collector-rhel9@sha256:eb32f5c275247babd03ec16b0978aced10a9b9da07a84f5af6be4d7c3852a6b7_arm64",
"9Base-RHACM-2.10:rhacm2/multicloud-integrations-rhel9@sha256:0529a11c8935d5b9fa2a3f29801749b09861076c0c2040612271f0bbafb5fbab_s390x",
"9Base-RHACM-2.10:rhacm2/multicloud-integrations-rhel9@sha256:2b7557d262cd8eacc45178dcca3dae642b1bb33fbfccdf6a3b63abb7e1a39d53_amd64",
"9Base-RHACM-2.10:rhacm2/multicloud-integrations-rhel9@sha256:606ea20603d86412a34478a3db9c17737cca2b04c26bcab175279028c822e492_arm64",
"9Base-RHACM-2.10:rhacm2/multicloud-integrations-rhel9@sha256:d3958606b5001619aa3044617ccb4fe265764d7dad05b0a6bf5b4910bd5d0ba7_ppc64le",
"9Base-RHACM-2.10:rhacm2/multicluster-observability-rhel9-operator@sha256:9b855d7e4cf6fe3c4da92d84a51adc63aea5f144bce38dbb9c4ab3d01370c296_amd64",
"9Base-RHACM-2.10:rhacm2/multicluster-observability-rhel9-operator@sha256:a9eb1e576d4eb5c7e9131803042b7d8529dab369595d0adc22623e24b67832d9_s390x",
"9Base-RHACM-2.10:rhacm2/multicluster-observability-rhel9-operator@sha256:ab73f96720c106dcb2ea64f8b7ac13ad866533d993c43cb7c6dbbf08ba4977dd_ppc64le",
"9Base-RHACM-2.10:rhacm2/multicluster-observability-rhel9-operator@sha256:f296c72dd6842481dad78536117aec3ff14d19be736e5679101bbfc92b87809b_arm64",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-application-rhel9@sha256:184f6068b077070b90ede3a2f4e81be398fd2841f042fc6f2f114fdfd4f1095b_arm64",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-application-rhel9@sha256:2a272685b487a747827220d16bc5aaff65c436d5c312b081d9fffd9ef4a8a0f9_amd64",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-application-rhel9@sha256:635c1cf425b8744a421c649bd809a59df6dc6cdeaa9da2a369706e522a3a0fab_ppc64le",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-application-rhel9@sha256:e15bedc9ce45cc025b6ab6c27d5b7eb95f6e750791ff0dae228a71eaeae1cace_s390x",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-channel-rhel9@sha256:2399cfe0b3b626be2acd289d8880b9913d73093220b3e4062bb7cddb2628640a_amd64",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-channel-rhel9@sha256:37f84cbbee522859c6f46e49179ab0b1e1fef118aac6741d18675b36e31972dd_s390x",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-channel-rhel9@sha256:43c086e0f17783322c26ba577db2c7c8fd43176a7ac14e45a40c3db0b91a6d1e_ppc64le",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-channel-rhel9@sha256:773c32065f60e4a2e626e17744d0a2cfc4049325f6664f899d8da949dc3fa4a6_arm64",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-subscription-rhel9@sha256:08aacdc6cad3ba5743a5d65c1bff5b3e41e44269765b94f45673a8e648f60584_amd64",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-subscription-rhel9@sha256:7eda39d696e452ec7e9da1473807e3134f149ed28d0ec873cf489451fbb007e0_arm64",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-subscription-rhel9@sha256:a791398b5dd73f447d22f260eaf209f782c9663e81c81529eb4b3018183f9deb_ppc64le",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-subscription-rhel9@sha256:b88262afe6149a741a566054ecc16400bc7335a443219d3ddbcb1ba7c939a38b_s390x",
"9Base-RHACM-2.10:rhacm2/multiclusterhub-rhel9@sha256:5de91afd73b5a86865954ab3f6587f382f53e0856422ed975d9aa867bd0ffbf9_arm64",
"9Base-RHACM-2.10:rhacm2/multiclusterhub-rhel9@sha256:97932a785e8601b170a7c6fd42b1e6a18203b958ccbb712352c2817b8103d9b5_s390x",
"9Base-RHACM-2.10:rhacm2/multiclusterhub-rhel9@sha256:b30d5d981e1522751e4434b1c107e5cefb6c8c22ea16915f35948c11f9aa0579_ppc64le",
"9Base-RHACM-2.10:rhacm2/multiclusterhub-rhel9@sha256:c5e3898dd435f49636834ce14b3188f7163167cdb538d85812393cf450d49157_amd64",
"9Base-RHACM-2.10:rhacm2/node-exporter-rhel9@sha256:8bb239eafceaa18a786b78f7bf54c7063d80bce60567d10d81c5a4282b2884b4_s390x",
"9Base-RHACM-2.10:rhacm2/node-exporter-rhel9@sha256:9611a92119f19e11c29e9e93b9c714499e60d06712da97d9fa77ed0fd0d4d33b_arm64",
"9Base-RHACM-2.10:rhacm2/node-exporter-rhel9@sha256:d147abba6fa66eb914005d4cd62302c527cbfc0083be386275c5c782b90c3c1c_amd64",
"9Base-RHACM-2.10:rhacm2/node-exporter-rhel9@sha256:f9a4446156fd21112854846849c68952e4c336e5782d6aeb3c49bddd3408d388_ppc64le",
"9Base-RHACM-2.10:rhacm2/observatorium-rhel9-operator@sha256:414b191a314b0695aede28ac7229a064833d798e94d5b92a434e2eb3650983b6_arm64",
"9Base-RHACM-2.10:rhacm2/observatorium-rhel9-operator@sha256:9e2d97d0116349c1f1e1d815a6d8822c9f5331acdb81e878c0cb0e86149167ef_ppc64le",
"9Base-RHACM-2.10:rhacm2/observatorium-rhel9-operator@sha256:e2dabaf7c375e039797330bb33e03c993356dc5a37949f84a89c3e4f40ff0023_amd64",
"9Base-RHACM-2.10:rhacm2/observatorium-rhel9-operator@sha256:ecda2be3377f15a09c6971b1a689bb9eb917909d55f54c996d54a972aece7432_s390x",
"9Base-RHACM-2.10:rhacm2/observatorium-rhel9@sha256:10ee1d5c854a7daf0d33f1dc16529a7e1a3cb67fab5a626f8a42da705186265e_arm64",
"9Base-RHACM-2.10:rhacm2/observatorium-rhel9@sha256:1eb9b98d7f3c878e09b45aad2a64780e46026c55d6f70a64d66e255ec13ce9fb_s390x",
"9Base-RHACM-2.10:rhacm2/observatorium-rhel9@sha256:25ee9231e17b71c83f12a9ce5d94629b2fd8ad3c64b61de9f03b057584f84804_ppc64le",
"9Base-RHACM-2.10:rhacm2/observatorium-rhel9@sha256:7812638565dff9368b4db0ed9aecb86c544d0b6caa773994c5c830e800060e22_amd64",
"9Base-RHACM-2.10:rhacm2/prometheus-alertmanager-rhel9@sha256:0a4ecc2af398e1a771540af4f062abfc0f47bfae9ba3a2fcb6a6c66940385d42_ppc64le",
"9Base-RHACM-2.10:rhacm2/prometheus-alertmanager-rhel9@sha256:0e7e5cfd6a953e092eb3ae72b236741f73432f8d262ace74caa2acf8c5fe3863_amd64",
"9Base-RHACM-2.10:rhacm2/prometheus-alertmanager-rhel9@sha256:25abc3028c69dedee05220fa4f0f32b7accc33ef519f46b23860612307db2181_arm64",
"9Base-RHACM-2.10:rhacm2/prometheus-alertmanager-rhel9@sha256:88383e94dcec26826df02cdebc9e7cc764e92b2ce71300c31a46f20ce92135c0_s390x",
"9Base-RHACM-2.10:rhacm2/prometheus-rhel9@sha256:556c5d133dd996b86dceb03158d4d463ccdbbf29cc9ca05ff1e3915a48cd8c47_s390x",
"9Base-RHACM-2.10:rhacm2/prometheus-rhel9@sha256:98af2a53f9c59b0bdd6ee9c8f27eb00f65a870ee64ba8d503083a9a0d3aa2ec6_arm64",
"9Base-RHACM-2.10:rhacm2/prometheus-rhel9@sha256:99e749f7d98203070348c652f6df158c9207801d86439ddde08bcae16e813ea5_ppc64le",
"9Base-RHACM-2.10:rhacm2/prometheus-rhel9@sha256:c1c2a5bc8d471fb7cbbf31c0e5513bf2630efbd1a5bbb458dc0c98b3ee608636_amd64",
"9Base-RHACM-2.10:rhacm2/rbac-query-proxy-rhel9@sha256:5f70872d294b5f10393fa7c6a6ffd81a6a509ea7589753d29ad49118a87fb2df_s390x",
"9Base-RHACM-2.10:rhacm2/rbac-query-proxy-rhel9@sha256:a061734a251e62cd31792ec9065f6a346de672f72e32965954811faf11f86d62_amd64",
"9Base-RHACM-2.10:rhacm2/rbac-query-proxy-rhel9@sha256:e325c611a68e60d204018b8aac765bb58e135b44735bbc14069c5cbf49828ada_ppc64le",
"9Base-RHACM-2.10:rhacm2/rbac-query-proxy-rhel9@sha256:fe807380c43daaae2ca277ef4a6b6bace7842087112f7d242773a073797c908e_arm64",
"9Base-RHACM-2.10:rhacm2/search-collector-rhel9@sha256:2092c265f1dea3dc553c370c3b07c92e4cb8523ccc58d46af4a517165e9b7bc4_s390x",
"9Base-RHACM-2.10:rhacm2/search-collector-rhel9@sha256:557e431af519bf544102927491fffbdd4091a5a9377396d7d30b2898897c8fba_amd64",
"9Base-RHACM-2.10:rhacm2/search-collector-rhel9@sha256:f908a57c2bfe78911889102abb61377d5170590689930d74b8d6a9fa7bc66848_ppc64le",
"9Base-RHACM-2.10:rhacm2/search-collector-rhel9@sha256:fe20c8e6fbf707c0467a4876405f2f8b395ac24ca554bd052f7f55da2df6371f_arm64",
"9Base-RHACM-2.10:rhacm2/submariner-addon-rhel9@sha256:1d74ed10635e7021129e60caa3358581d61c4bd93cebed86f79d5fdba100b10f_ppc64le",
"9Base-RHACM-2.10:rhacm2/submariner-addon-rhel9@sha256:92584807362684f692fc991f06ffecf241ee6494d4b37c584d74527214b33acb_s390x",
"9Base-RHACM-2.10:rhacm2/submariner-addon-rhel9@sha256:9a6b6d7ed493c6c8c9962485404f551974cece1b59e7197f9ed6fce120ca7d0d_arm64",
"9Base-RHACM-2.10:rhacm2/submariner-addon-rhel9@sha256:e8eb481c682682ea78d5f7d5793f63e427fcffc867db012f327b5469c524535c_amd64",
"9Base-RHACM-2.10:rhacm2/thanos-receive-controller-rhel9@sha256:09b931bd7405cc8733625884f61ccaa92b40b48d9068d78f552a6c9383cb02e9_amd64",
"9Base-RHACM-2.10:rhacm2/thanos-receive-controller-rhel9@sha256:64aebcc4f88c096cb93faa8fab067308442fd49c07e55fcb55283ef86643f642_s390x",
"9Base-RHACM-2.10:rhacm2/thanos-receive-controller-rhel9@sha256:91f186246d963c2978023489ed7cd58dec2f57641fd2a2a0c16d2caa5377147c_arm64",
"9Base-RHACM-2.10:rhacm2/thanos-receive-controller-rhel9@sha256:d391d522c2006e634df69f28eacd1f6cfba7b1ac4ec27ea97c307f4da5213954_ppc64le",
"9Base-RHACM-2.10:rhacm2/thanos-rhel9@sha256:9c82d36f3a942088a6612e6e1d5d7f3413006b2f5df41758c0072ee8d68b3801_ppc64le",
"9Base-RHACM-2.10:rhacm2/thanos-rhel9@sha256:c431d914ecca6080a1ce9ee7fb15019ca5f5b5cb7083fa739ce14b9f8afd570e_amd64",
"9Base-RHACM-2.10:rhacm2/thanos-rhel9@sha256:e8e6c42e37b2c0ba6456d48afa747f3c6f167cbcf4523d5ad751351a932deefc_arm64",
"9Base-RHACM-2.10:rhacm2/thanos-rhel9@sha256:f7dc5a2e9c41416badca921ef6a4b16e9edd2aea052107d737bb3ddbc2e0242c_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHACM-2.10:rhacm2/acm-cluster-permission-rhel9@sha256:b9ef8ca2a002c616c6644cf16b80d5901d7b46034dc7e57ec1dd1d260cf0e32b_s390x",
"9Base-RHACM-2.10:rhacm2/acm-cluster-permission-rhel9@sha256:bd41dedb13ae9360d2e856ec6d52ea35b726425a65e92a00cd6037344ae5780e_amd64",
"9Base-RHACM-2.10:rhacm2/acm-cluster-permission-rhel9@sha256:dac35e93ff173bd30fefbdec8676fb605e28368aec3eccc4ac603f16eadcf31d_arm64",
"9Base-RHACM-2.10:rhacm2/acm-cluster-permission-rhel9@sha256:e8c9920427522b7ef645422b85ff1585e65b9d659c792e57201dfc06d6a13ffa_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-governance-policy-addon-controller-rhel9@sha256:65d709ef780d8d867c145b1ddf8e7031bd8e710972b21ed2d7b9d9ede0bfdb43_s390x",
"9Base-RHACM-2.10:rhacm2/acm-governance-policy-addon-controller-rhel9@sha256:87988ad277b62bbcc061dbe4242bfc2edcc21dc98c4c7c66385131c0425b0fa7_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-governance-policy-addon-controller-rhel9@sha256:9af1cb9605a8fdf7212a079ed8fa51b110b367c705a51651ba3933e936519e7f_arm64",
"9Base-RHACM-2.10:rhacm2/acm-governance-policy-addon-controller-rhel9@sha256:c6e3728b6687b8c83a11c326e4fd098ceef3f501725efbdfcb0ded0645a1473e_amd64",
"9Base-RHACM-2.10:rhacm2/acm-governance-policy-framework-addon-rhel9@sha256:3101f1389311c0006c0fb9953c44d5fff9e968597952103a5a873a7a4c4707da_amd64",
"9Base-RHACM-2.10:rhacm2/acm-governance-policy-framework-addon-rhel9@sha256:4536de55598f032ad91056c779ec2faea5c28de557a730d50cb2b2aba9b3bf00_s390x",
"9Base-RHACM-2.10:rhacm2/acm-governance-policy-framework-addon-rhel9@sha256:587fc80d3d6e3f2295272934fb39cfa3b96f5a2652a533b6b01cc6b04d10cb66_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-governance-policy-framework-addon-rhel9@sha256:63246c061e7960a656cb66c8ccca2b7bed943c9a1fe96a28f9cd99829608cda5_arm64",
"9Base-RHACM-2.10:rhacm2/acm-grafana-rhel9@sha256:1cd1c6a91611569a855444430c527a8bebbe113f77dd47dcfc2b8305c3a26a13_s390x",
"9Base-RHACM-2.10:rhacm2/acm-grafana-rhel9@sha256:3a59dd5e30b37f1e1feffba959d88d3aab37701500203afb71b2d38958236b85_amd64",
"9Base-RHACM-2.10:rhacm2/acm-grafana-rhel9@sha256:b488d250bc1c82f3f7e26a1bc741dee02e57b3e3d40cf2965e541d2c5727ec65_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-grafana-rhel9@sha256:df4024e8506d0926ad81943684532dd9e4054f26d23da6e329f593239b5a1513_arm64",
"9Base-RHACM-2.10:rhacm2/acm-must-gather-rhel9@sha256:66bca60baa85bc23963b5955fe57e8b7b7038c1088e2ce60f1fedc1a41d944dc_arm64",
"9Base-RHACM-2.10:rhacm2/acm-must-gather-rhel9@sha256:92d087992acf383c2f06ed92996049c412fc1fef76be10fc40eb6ba2e4b2f9be_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-must-gather-rhel9@sha256:bfc79c952b6f62658ef36373af72e6213de78ba1c3a18f018add4295d8ae72f8_s390x",
"9Base-RHACM-2.10:rhacm2/acm-must-gather-rhel9@sha256:fb9fa96ebaba320dd723e7d5727b20c63f66aa6c39f460a6270c572354123fd9_amd64",
"9Base-RHACM-2.10:rhacm2/acm-operator-bundle@sha256:190d00bcb1bdbf289cc4ae87f738aeabe04470194e51870c572876e4c118d712_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-operator-bundle@sha256:304e9a12e0c7b7be0444efd26764d32818fc3ad1ad936b565232f5f82a5f72fe_amd64",
"9Base-RHACM-2.10:rhacm2/acm-operator-bundle@sha256:cc65cb3804a7e6150028a6f1c60fcbdb78c42689769ff9378922491481947aed_s390x",
"9Base-RHACM-2.10:rhacm2/acm-prometheus-config-reloader-rhel9@sha256:0b885dfd28d82220fdb03b7bca0e1ed2fc941bc712e536af71e4e11ee9defee4_amd64",
"9Base-RHACM-2.10:rhacm2/acm-prometheus-config-reloader-rhel9@sha256:53cd755cea5a527c089321e5571c14ad0fd5d55b16e7c2acddc2a7c9670cffd2_arm64",
"9Base-RHACM-2.10:rhacm2/acm-prometheus-config-reloader-rhel9@sha256:8f18c68e47b66926d14795818f3a1dc21ffdcbcf1a220c7518194416602b19ac_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-prometheus-config-reloader-rhel9@sha256:be5be2fe888521fd8ac6d7ebca3cf127724128eb6ff4e11f90d61a4af60f1bee_s390x",
"9Base-RHACM-2.10:rhacm2/acm-prometheus-rhel9@sha256:8da9c5a18b42861d11e3df3f37b5f47b810af1b25beec208ce75b6f69d913ecd_s390x",
"9Base-RHACM-2.10:rhacm2/acm-prometheus-rhel9@sha256:91ec246784f1e7cdd0c20ab36ea09f13e553c043851699dae6191ea1ce101a61_arm64",
"9Base-RHACM-2.10:rhacm2/acm-prometheus-rhel9@sha256:969cc23c2f503797d491c797220e09b1682887742f669d338a5fd3613908148d_amd64",
"9Base-RHACM-2.10:rhacm2/acm-prometheus-rhel9@sha256:a1b920873dbb0984f41a8b49a4e0263c9756d909391601290b8a67278596327b_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-search-indexer-rhel9@sha256:21476ec5340f5e98451f83d7d455f86e8368ed4c882f564cf80b234dc2ceae1a_amd64",
"9Base-RHACM-2.10:rhacm2/acm-search-indexer-rhel9@sha256:47083a8e2f6234e7e3743c2f7d5cc433ad76a46a609f65640e047bfa9557082c_s390x",
"9Base-RHACM-2.10:rhacm2/acm-search-indexer-rhel9@sha256:95c15180b6b25c453b8aa81c42b106d6e9fb1d832761a3b2b06922c0ceee4d7b_arm64",
"9Base-RHACM-2.10:rhacm2/acm-search-indexer-rhel9@sha256:9ba73ef3b2447b16aab7503bce4e480441b272e997dab87ee9cc4b0f1ac040ba_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-search-v2-api-rhel9@sha256:1891db398d822cb0c424245928033240dfdcfd35d21ab052379d432423a6e038_s390x",
"9Base-RHACM-2.10:rhacm2/acm-search-v2-api-rhel9@sha256:247e052a3b5bc9708f1c0953f09c942414852f2109a9694af864375032072ae2_arm64",
"9Base-RHACM-2.10:rhacm2/acm-search-v2-api-rhel9@sha256:51a415f07cfadd9ae5b4b29cb3247b5085bb18edad8df566c47dc7e89ef0939e_amd64",
"9Base-RHACM-2.10:rhacm2/acm-search-v2-api-rhel9@sha256:756982578354d8a66399f2464602458f80bd398e46656a3d86c9303fa2068900_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-search-v2-rhel9@sha256:329f59a93ce1e2aab017a924db00b6aaca4c8ee40b5d5c2358af11af2e5319bd_s390x",
"9Base-RHACM-2.10:rhacm2/acm-search-v2-rhel9@sha256:9e2aa6686deee7b78bda5dcb08dad31c87a9653e48788df4e8bb39d4965c9101_arm64",
"9Base-RHACM-2.10:rhacm2/acm-search-v2-rhel9@sha256:e995897416f24436e6bef220bd4d5b3ba8fbd26c97fbd5e250391a3aef14bce5_amd64",
"9Base-RHACM-2.10:rhacm2/acm-search-v2-rhel9@sha256:f45417abdf399566fa98b0686ab4b2b55d776b6dfa67b7b7c24565b084c39165_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-volsync-addon-controller-rhel9@sha256:055c5ab4b2045571efe53bbd4ca54ba8a17a2cf590dad70c65667ed6b11ca86a_arm64",
"9Base-RHACM-2.10:rhacm2/acm-volsync-addon-controller-rhel9@sha256:60070927868e0538d31090138892fe64445321098b3874880fd21e7dcc1ffae7_amd64",
"9Base-RHACM-2.10:rhacm2/acm-volsync-addon-controller-rhel9@sha256:cc991f8f8af9337ab908f6564b4b77daef5893dc2759ff483142ef659a6a4b30_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-volsync-addon-controller-rhel9@sha256:faee49ca0c46781594189977f3ab5805060cd0a95e47ba575ec05bb549e21a69_s390x",
"9Base-RHACM-2.10:rhacm2/cert-policy-controller-rhel9@sha256:081c86b4c25876ac0734a0caff771a30b848530f1e89f9e0d3ee3f743f579e9c_s390x",
"9Base-RHACM-2.10:rhacm2/cert-policy-controller-rhel9@sha256:318f11ebe87bc1feced78f9d2ae66856884606c721e15d2d05045562d248ac3f_arm64",
"9Base-RHACM-2.10:rhacm2/cert-policy-controller-rhel9@sha256:5daaad58a8979d386830224e133a3bbc713b63039a99eda9a69487b999e71965_amd64",
"9Base-RHACM-2.10:rhacm2/cert-policy-controller-rhel9@sha256:bffedd5eb97a49dd210b51423ba8938684be1cb41dd79d06b2aab94bc0bb4963_ppc64le",
"9Base-RHACM-2.10:rhacm2/cluster-backup-rhel9-operator@sha256:0d141d0fa859ae0061605f2fe13381be2b6ebd9d8c6b91ca171a8e61e52842be_ppc64le",
"9Base-RHACM-2.10:rhacm2/cluster-backup-rhel9-operator@sha256:3a8bace1bb325142a64a4432543a828050e2e87de91a08dca793534841b7b841_amd64",
"9Base-RHACM-2.10:rhacm2/cluster-backup-rhel9-operator@sha256:66f67d2d8c09634e2e5ae0be07437cb1918f6b506e35bc9b7af82f4979dfc4ed_s390x",
"9Base-RHACM-2.10:rhacm2/cluster-backup-rhel9-operator@sha256:ac726852c9aa7e54aa4d75c6c485b429f16fffbb61d2840b527c5a1cfdb5c842_arm64",
"9Base-RHACM-2.10:rhacm2/config-policy-controller-rhel9@sha256:0ef8fdea99a8fd44feff31b4883a6ecd17eeabb5e8c9ccbdbdd30c32cc2cbe64_amd64",
"9Base-RHACM-2.10:rhacm2/config-policy-controller-rhel9@sha256:b7ff6680725a8bb31edf5dc58d82ac0b9d201ba8eac4c6f2ea4c3cd35f52915a_s390x",
"9Base-RHACM-2.10:rhacm2/config-policy-controller-rhel9@sha256:d4456a33f0488db9c77d12a279500b68a41441a8ff6c8cc9723a7ccc46e90dc7_arm64",
"9Base-RHACM-2.10:rhacm2/config-policy-controller-rhel9@sha256:d6e8119559b01231206654d2a57114862c4c6b5ca604ccf7b92e53bea6e2e2c2_ppc64le",
"9Base-RHACM-2.10:rhacm2/console-rhel9@sha256:4ee3bbdcc190cd6c3e1eff8bfabe8ca3cd9e61ab5d824983a955e6d509238041_arm64",
"9Base-RHACM-2.10:rhacm2/console-rhel9@sha256:5fe6fb2bd7e31a960bc018d870af482f668ab417d601d94a5ac5981fd116a852_s390x",
"9Base-RHACM-2.10:rhacm2/console-rhel9@sha256:9005fc71b91a5d2a1fe502e90d57cea2285d1218ad6e49f4bcdd77bf560c5765_ppc64le",
"9Base-RHACM-2.10:rhacm2/console-rhel9@sha256:b3bc8c5f587da2c7ce4e25d5d2e72b08939071297cf3fdc5d51fb631d99aa168_amd64",
"9Base-RHACM-2.10:rhacm2/endpoint-monitoring-rhel9-operator@sha256:75bc23118d6e3ae1ec142a6f47a871efcd8ec5aa6da2bef7cf24e716b3b3be3c_s390x",
"9Base-RHACM-2.10:rhacm2/endpoint-monitoring-rhel9-operator@sha256:cf7be8fd6b726cb7ba8a3f57e14e20d7944245759cd6e8bd26dca4d666fb866a_arm64",
"9Base-RHACM-2.10:rhacm2/endpoint-monitoring-rhel9-operator@sha256:d8c3352fceb6a53e110f76501bb2c2f4cf7a9284f9dd30dee3fe3e015b622195_amd64",
"9Base-RHACM-2.10:rhacm2/endpoint-monitoring-rhel9-operator@sha256:e177864e6bc3b6e66f1f455229257210b77a3b7d0e18c480d252ed79f03bf67a_ppc64le",
"9Base-RHACM-2.10:rhacm2/governance-policy-propagator-rhel9@sha256:400644c05d5768fb7460bb3f8bfa880bc21e91f365130d13877f015ba2146358_amd64",
"9Base-RHACM-2.10:rhacm2/governance-policy-propagator-rhel9@sha256:46deef6c168120168168820dad57ce9b2d2641be926772eaeba2d03d3d324e2a_s390x",
"9Base-RHACM-2.10:rhacm2/governance-policy-propagator-rhel9@sha256:4e9143f58e4755b86526d113040acd0ee0069fefe9243e08c864c35d25b276e9_ppc64le",
"9Base-RHACM-2.10:rhacm2/governance-policy-propagator-rhel9@sha256:8947a68138c101fdc355b94a4deb0d02f44de025fe733e8d5fb28f5fce93b7c9_arm64",
"9Base-RHACM-2.10:rhacm2/grafana-dashboard-loader-rhel9@sha256:26a08abd967f17e23975b728768e2f561750856b0f98ff5f27506da94fa597ca_ppc64le",
"9Base-RHACM-2.10:rhacm2/grafana-dashboard-loader-rhel9@sha256:43f27505c8ac51aa659c638f96f7681d8d3029775b9153a8075fa38dd48dbc3c_arm64",
"9Base-RHACM-2.10:rhacm2/grafana-dashboard-loader-rhel9@sha256:a9afb35685e18a179269293a1998eb5c6c8c47e9247a7f3f1c27d3b1b35a83b2_amd64",
"9Base-RHACM-2.10:rhacm2/grafana-dashboard-loader-rhel9@sha256:f30433d2c90f38c86f1780bd8b74a50821837f769db589ee720e35fd79dbc23b_s390x",
"9Base-RHACM-2.10:rhacm2/iam-policy-controller-rhel9@sha256:63ca0eef9b3febe70ceea5b47a36fea7455eef69da9d1bda70d2bc9661ec2f2c_arm64",
"9Base-RHACM-2.10:rhacm2/iam-policy-controller-rhel9@sha256:ae274418f0fa055670012f2d92d63ebb175fdbd3946486312007bc2b0a915541_ppc64le",
"9Base-RHACM-2.10:rhacm2/iam-policy-controller-rhel9@sha256:c1d7619138ab3717e6f6a49ac76f95ff041a022746891057d6e4e163114fb864_amd64",
"9Base-RHACM-2.10:rhacm2/iam-policy-controller-rhel9@sha256:f62a79f1f02af4be1424b74071e6d701e5c514e27019e69ee98cbed10b602f3d_s390x",
"9Base-RHACM-2.10:rhacm2/insights-client-rhel9@sha256:0ff4ca5a9703ec58d70178152b5dbbb3aaffa5fce80153eda12f727f7c3e0b6f_ppc64le",
"9Base-RHACM-2.10:rhacm2/insights-client-rhel9@sha256:70833a6ef9ebc1b50e914744e0f7c36c259bb7889c7ff8085cb8470826ac803e_s390x",
"9Base-RHACM-2.10:rhacm2/insights-client-rhel9@sha256:cdf079542b23633884a52daa02d4b9182aaf7454e769186de4f495467686653d_arm64",
"9Base-RHACM-2.10:rhacm2/insights-client-rhel9@sha256:f62d6a262c044a7883f34563e3e1909761ca0bd44e4d5f8a0e564db8b630068b_amd64",
"9Base-RHACM-2.10:rhacm2/insights-metrics-rhel9@sha256:16862c34efb507d44455ed78cde51a1f57969cc69f4beec70ecb697b8ea406dc_amd64",
"9Base-RHACM-2.10:rhacm2/insights-metrics-rhel9@sha256:2f7c346cb847e2928715bd4b64a34531b82d0130a89a08f19c3026db5d89c5a1_ppc64le",
"9Base-RHACM-2.10:rhacm2/insights-metrics-rhel9@sha256:44f56f7a1ac2720ce815ea7aa824ea37a0bdcf63c637941ca84328578a735142_arm64",
"9Base-RHACM-2.10:rhacm2/insights-metrics-rhel9@sha256:e2a9110af4d9bac9fd97b8f5981230c495506d50db571eccae9e16e361abfdd7_s390x",
"9Base-RHACM-2.10:rhacm2/klusterlet-addon-controller-rhel9@sha256:693af28fa3e5f1aee61695e891fdd33a49b5280e4a555f84b838ca8e829d0999_ppc64le",
"9Base-RHACM-2.10:rhacm2/klusterlet-addon-controller-rhel9@sha256:7ac958c32070e6282a8cbe262810c58a81e6e331bf59877cd67758ab6feb8ada_amd64",
"9Base-RHACM-2.10:rhacm2/klusterlet-addon-controller-rhel9@sha256:8528a204787ecde3925c9c3ef31e225f59c5b4b3a21bd314541fe06dd4c1aa73_s390x",
"9Base-RHACM-2.10:rhacm2/klusterlet-addon-controller-rhel9@sha256:cf0bf12f03bd0a4a09188d1f5b4820aa6e7f6e4a1fb1bc2c45559553907c6eae_arm64",
"9Base-RHACM-2.10:rhacm2/kube-rbac-proxy-rhel9@sha256:1d75e8e70fc3f3943841bd34f79e5762705b0d23460064c6adcdd0fc6b39005a_amd64",
"9Base-RHACM-2.10:rhacm2/kube-rbac-proxy-rhel9@sha256:355905503e1321fc2fd75b12bab33b2cb75cbfcc0d0e7e70400790da081abfd9_arm64",
"9Base-RHACM-2.10:rhacm2/kube-rbac-proxy-rhel9@sha256:42da847ca7b39914df099381ac807d8ab619774388c1a47e0d71020fbce998ae_s390x",
"9Base-RHACM-2.10:rhacm2/kube-rbac-proxy-rhel9@sha256:5e416f1249a77845f81c9cf1a1dfae74feca41afd6dd35e7be55a0fa61632c00_ppc64le",
"9Base-RHACM-2.10:rhacm2/kube-state-metrics-rhel9@sha256:715f6b9c01400a153157de08bf2a6b04ea54478ee2c18d7871b65c865d6902d2_s390x",
"9Base-RHACM-2.10:rhacm2/kube-state-metrics-rhel9@sha256:72f6c545d46d1cc6f3fb1b9cd6840f0496056d410c8ade62dd35d99dfdd60737_arm64",
"9Base-RHACM-2.10:rhacm2/kube-state-metrics-rhel9@sha256:88982e268e1a3d0c52c72563a684b58042adb0800ebd1e80208b898eebe75cd6_ppc64le",
"9Base-RHACM-2.10:rhacm2/kube-state-metrics-rhel9@sha256:9f2ac058e15d5653e8bced975955e26e51a88d36a1d5896305b6f5060afee43a_amd64",
"9Base-RHACM-2.10:rhacm2/memcached-exporter-rhel9@sha256:1304f49745ed8a18784196b5595cea1ec6caf904d0e61d0952a603e6fb7da6e0_ppc64le",
"9Base-RHACM-2.10:rhacm2/memcached-exporter-rhel9@sha256:36529c281273e5346ef5cce6a55e47c27fdaf2507a6f7971576b738b1c543258_arm64",
"9Base-RHACM-2.10:rhacm2/memcached-exporter-rhel9@sha256:c5275f61fd2e84deaab7e789a7ffefdbe235866a8439d3d2534e4b26998372d6_s390x",
"9Base-RHACM-2.10:rhacm2/memcached-exporter-rhel9@sha256:f9f5ca67f62d6218b90b863b4fe63aa95aef755e5cbae5a83896f74a0039b7ab_amd64",
"9Base-RHACM-2.10:rhacm2/memcached-rhel9@sha256:2c4437598be87fc5f3f6639e728279d8ba21cf49061be78e3a4fbacc989997b4_amd64",
"9Base-RHACM-2.10:rhacm2/memcached-rhel9@sha256:2fb75dce1567e21a9f1361ec3ac54a4d5a2252f03aa64b6cdf4d1cd02a58d04c_s390x",
"9Base-RHACM-2.10:rhacm2/memcached-rhel9@sha256:4af229aca50a46ec9f190fbeef603f1259223f81f5307f46de17ad8b8c9760e1_arm64",
"9Base-RHACM-2.10:rhacm2/memcached-rhel9@sha256:e871cb2e5d235ae74a998356748299daace42d47a92e1da57a2773eae87625a6_ppc64le",
"9Base-RHACM-2.10:rhacm2/metrics-collector-rhel9@sha256:20ac5c57af957e7126221f4089bb816b948aa624788da9298b4f476ecc668293_amd64",
"9Base-RHACM-2.10:rhacm2/metrics-collector-rhel9@sha256:54665ca7529012a3a63c7dcc263a2e46964a0ee4ba43f19a2a3f05dcdfd5ae0f_ppc64le",
"9Base-RHACM-2.10:rhacm2/metrics-collector-rhel9@sha256:84543f21ccfe36960fce099930132e7042e505ba635c45a28a902ed2b2401d55_s390x",
"9Base-RHACM-2.10:rhacm2/metrics-collector-rhel9@sha256:eb32f5c275247babd03ec16b0978aced10a9b9da07a84f5af6be4d7c3852a6b7_arm64",
"9Base-RHACM-2.10:rhacm2/multicloud-integrations-rhel9@sha256:0529a11c8935d5b9fa2a3f29801749b09861076c0c2040612271f0bbafb5fbab_s390x",
"9Base-RHACM-2.10:rhacm2/multicloud-integrations-rhel9@sha256:2b7557d262cd8eacc45178dcca3dae642b1bb33fbfccdf6a3b63abb7e1a39d53_amd64",
"9Base-RHACM-2.10:rhacm2/multicloud-integrations-rhel9@sha256:606ea20603d86412a34478a3db9c17737cca2b04c26bcab175279028c822e492_arm64",
"9Base-RHACM-2.10:rhacm2/multicloud-integrations-rhel9@sha256:d3958606b5001619aa3044617ccb4fe265764d7dad05b0a6bf5b4910bd5d0ba7_ppc64le",
"9Base-RHACM-2.10:rhacm2/multicluster-observability-rhel9-operator@sha256:9b855d7e4cf6fe3c4da92d84a51adc63aea5f144bce38dbb9c4ab3d01370c296_amd64",
"9Base-RHACM-2.10:rhacm2/multicluster-observability-rhel9-operator@sha256:a9eb1e576d4eb5c7e9131803042b7d8529dab369595d0adc22623e24b67832d9_s390x",
"9Base-RHACM-2.10:rhacm2/multicluster-observability-rhel9-operator@sha256:ab73f96720c106dcb2ea64f8b7ac13ad866533d993c43cb7c6dbbf08ba4977dd_ppc64le",
"9Base-RHACM-2.10:rhacm2/multicluster-observability-rhel9-operator@sha256:f296c72dd6842481dad78536117aec3ff14d19be736e5679101bbfc92b87809b_arm64",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-application-rhel9@sha256:184f6068b077070b90ede3a2f4e81be398fd2841f042fc6f2f114fdfd4f1095b_arm64",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-application-rhel9@sha256:2a272685b487a747827220d16bc5aaff65c436d5c312b081d9fffd9ef4a8a0f9_amd64",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-application-rhel9@sha256:635c1cf425b8744a421c649bd809a59df6dc6cdeaa9da2a369706e522a3a0fab_ppc64le",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-application-rhel9@sha256:e15bedc9ce45cc025b6ab6c27d5b7eb95f6e750791ff0dae228a71eaeae1cace_s390x",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-channel-rhel9@sha256:2399cfe0b3b626be2acd289d8880b9913d73093220b3e4062bb7cddb2628640a_amd64",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-channel-rhel9@sha256:37f84cbbee522859c6f46e49179ab0b1e1fef118aac6741d18675b36e31972dd_s390x",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-channel-rhel9@sha256:43c086e0f17783322c26ba577db2c7c8fd43176a7ac14e45a40c3db0b91a6d1e_ppc64le",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-channel-rhel9@sha256:773c32065f60e4a2e626e17744d0a2cfc4049325f6664f899d8da949dc3fa4a6_arm64",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-subscription-rhel9@sha256:08aacdc6cad3ba5743a5d65c1bff5b3e41e44269765b94f45673a8e648f60584_amd64",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-subscription-rhel9@sha256:7eda39d696e452ec7e9da1473807e3134f149ed28d0ec873cf489451fbb007e0_arm64",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-subscription-rhel9@sha256:a791398b5dd73f447d22f260eaf209f782c9663e81c81529eb4b3018183f9deb_ppc64le",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-subscription-rhel9@sha256:b88262afe6149a741a566054ecc16400bc7335a443219d3ddbcb1ba7c939a38b_s390x",
"9Base-RHACM-2.10:rhacm2/multiclusterhub-rhel9@sha256:5de91afd73b5a86865954ab3f6587f382f53e0856422ed975d9aa867bd0ffbf9_arm64",
"9Base-RHACM-2.10:rhacm2/multiclusterhub-rhel9@sha256:97932a785e8601b170a7c6fd42b1e6a18203b958ccbb712352c2817b8103d9b5_s390x",
"9Base-RHACM-2.10:rhacm2/multiclusterhub-rhel9@sha256:b30d5d981e1522751e4434b1c107e5cefb6c8c22ea16915f35948c11f9aa0579_ppc64le",
"9Base-RHACM-2.10:rhacm2/multiclusterhub-rhel9@sha256:c5e3898dd435f49636834ce14b3188f7163167cdb538d85812393cf450d49157_amd64",
"9Base-RHACM-2.10:rhacm2/node-exporter-rhel9@sha256:8bb239eafceaa18a786b78f7bf54c7063d80bce60567d10d81c5a4282b2884b4_s390x",
"9Base-RHACM-2.10:rhacm2/node-exporter-rhel9@sha256:9611a92119f19e11c29e9e93b9c714499e60d06712da97d9fa77ed0fd0d4d33b_arm64",
"9Base-RHACM-2.10:rhacm2/node-exporter-rhel9@sha256:d147abba6fa66eb914005d4cd62302c527cbfc0083be386275c5c782b90c3c1c_amd64",
"9Base-RHACM-2.10:rhacm2/node-exporter-rhel9@sha256:f9a4446156fd21112854846849c68952e4c336e5782d6aeb3c49bddd3408d388_ppc64le",
"9Base-RHACM-2.10:rhacm2/observatorium-rhel9-operator@sha256:414b191a314b0695aede28ac7229a064833d798e94d5b92a434e2eb3650983b6_arm64",
"9Base-RHACM-2.10:rhacm2/observatorium-rhel9-operator@sha256:9e2d97d0116349c1f1e1d815a6d8822c9f5331acdb81e878c0cb0e86149167ef_ppc64le",
"9Base-RHACM-2.10:rhacm2/observatorium-rhel9-operator@sha256:e2dabaf7c375e039797330bb33e03c993356dc5a37949f84a89c3e4f40ff0023_amd64",
"9Base-RHACM-2.10:rhacm2/observatorium-rhel9-operator@sha256:ecda2be3377f15a09c6971b1a689bb9eb917909d55f54c996d54a972aece7432_s390x",
"9Base-RHACM-2.10:rhacm2/observatorium-rhel9@sha256:10ee1d5c854a7daf0d33f1dc16529a7e1a3cb67fab5a626f8a42da705186265e_arm64",
"9Base-RHACM-2.10:rhacm2/observatorium-rhel9@sha256:1eb9b98d7f3c878e09b45aad2a64780e46026c55d6f70a64d66e255ec13ce9fb_s390x",
"9Base-RHACM-2.10:rhacm2/observatorium-rhel9@sha256:25ee9231e17b71c83f12a9ce5d94629b2fd8ad3c64b61de9f03b057584f84804_ppc64le",
"9Base-RHACM-2.10:rhacm2/observatorium-rhel9@sha256:7812638565dff9368b4db0ed9aecb86c544d0b6caa773994c5c830e800060e22_amd64",
"9Base-RHACM-2.10:rhacm2/prometheus-alertmanager-rhel9@sha256:0a4ecc2af398e1a771540af4f062abfc0f47bfae9ba3a2fcb6a6c66940385d42_ppc64le",
"9Base-RHACM-2.10:rhacm2/prometheus-alertmanager-rhel9@sha256:0e7e5cfd6a953e092eb3ae72b236741f73432f8d262ace74caa2acf8c5fe3863_amd64",
"9Base-RHACM-2.10:rhacm2/prometheus-alertmanager-rhel9@sha256:25abc3028c69dedee05220fa4f0f32b7accc33ef519f46b23860612307db2181_arm64",
"9Base-RHACM-2.10:rhacm2/prometheus-alertmanager-rhel9@sha256:88383e94dcec26826df02cdebc9e7cc764e92b2ce71300c31a46f20ce92135c0_s390x",
"9Base-RHACM-2.10:rhacm2/prometheus-rhel9@sha256:556c5d133dd996b86dceb03158d4d463ccdbbf29cc9ca05ff1e3915a48cd8c47_s390x",
"9Base-RHACM-2.10:rhacm2/prometheus-rhel9@sha256:98af2a53f9c59b0bdd6ee9c8f27eb00f65a870ee64ba8d503083a9a0d3aa2ec6_arm64",
"9Base-RHACM-2.10:rhacm2/prometheus-rhel9@sha256:99e749f7d98203070348c652f6df158c9207801d86439ddde08bcae16e813ea5_ppc64le",
"9Base-RHACM-2.10:rhacm2/prometheus-rhel9@sha256:c1c2a5bc8d471fb7cbbf31c0e5513bf2630efbd1a5bbb458dc0c98b3ee608636_amd64",
"9Base-RHACM-2.10:rhacm2/rbac-query-proxy-rhel9@sha256:5f70872d294b5f10393fa7c6a6ffd81a6a509ea7589753d29ad49118a87fb2df_s390x",
"9Base-RHACM-2.10:rhacm2/rbac-query-proxy-rhel9@sha256:a061734a251e62cd31792ec9065f6a346de672f72e32965954811faf11f86d62_amd64",
"9Base-RHACM-2.10:rhacm2/rbac-query-proxy-rhel9@sha256:e325c611a68e60d204018b8aac765bb58e135b44735bbc14069c5cbf49828ada_ppc64le",
"9Base-RHACM-2.10:rhacm2/rbac-query-proxy-rhel9@sha256:fe807380c43daaae2ca277ef4a6b6bace7842087112f7d242773a073797c908e_arm64",
"9Base-RHACM-2.10:rhacm2/search-collector-rhel9@sha256:2092c265f1dea3dc553c370c3b07c92e4cb8523ccc58d46af4a517165e9b7bc4_s390x",
"9Base-RHACM-2.10:rhacm2/search-collector-rhel9@sha256:557e431af519bf544102927491fffbdd4091a5a9377396d7d30b2898897c8fba_amd64",
"9Base-RHACM-2.10:rhacm2/search-collector-rhel9@sha256:f908a57c2bfe78911889102abb61377d5170590689930d74b8d6a9fa7bc66848_ppc64le",
"9Base-RHACM-2.10:rhacm2/search-collector-rhel9@sha256:fe20c8e6fbf707c0467a4876405f2f8b395ac24ca554bd052f7f55da2df6371f_arm64",
"9Base-RHACM-2.10:rhacm2/submariner-addon-rhel9@sha256:1d74ed10635e7021129e60caa3358581d61c4bd93cebed86f79d5fdba100b10f_ppc64le",
"9Base-RHACM-2.10:rhacm2/submariner-addon-rhel9@sha256:92584807362684f692fc991f06ffecf241ee6494d4b37c584d74527214b33acb_s390x",
"9Base-RHACM-2.10:rhacm2/submariner-addon-rhel9@sha256:9a6b6d7ed493c6c8c9962485404f551974cece1b59e7197f9ed6fce120ca7d0d_arm64",
"9Base-RHACM-2.10:rhacm2/submariner-addon-rhel9@sha256:e8eb481c682682ea78d5f7d5793f63e427fcffc867db012f327b5469c524535c_amd64",
"9Base-RHACM-2.10:rhacm2/thanos-receive-controller-rhel9@sha256:09b931bd7405cc8733625884f61ccaa92b40b48d9068d78f552a6c9383cb02e9_amd64",
"9Base-RHACM-2.10:rhacm2/thanos-receive-controller-rhel9@sha256:64aebcc4f88c096cb93faa8fab067308442fd49c07e55fcb55283ef86643f642_s390x",
"9Base-RHACM-2.10:rhacm2/thanos-receive-controller-rhel9@sha256:91f186246d963c2978023489ed7cd58dec2f57641fd2a2a0c16d2caa5377147c_arm64",
"9Base-RHACM-2.10:rhacm2/thanos-receive-controller-rhel9@sha256:d391d522c2006e634df69f28eacd1f6cfba7b1ac4ec27ea97c307f4da5213954_ppc64le",
"9Base-RHACM-2.10:rhacm2/thanos-rhel9@sha256:9c82d36f3a942088a6612e6e1d5d7f3413006b2f5df41758c0072ee8d68b3801_ppc64le",
"9Base-RHACM-2.10:rhacm2/thanos-rhel9@sha256:c431d914ecca6080a1ce9ee7fb15019ca5f5b5cb7083fa739ce14b9f8afd570e_amd64",
"9Base-RHACM-2.10:rhacm2/thanos-rhel9@sha256:e8e6c42e37b2c0ba6456d48afa747f3c6f167cbcf4523d5ad751351a932deefc_arm64",
"9Base-RHACM-2.10:rhacm2/thanos-rhel9@sha256:f7dc5a2e9c41416badca921ef6a4b16e9edd2aea052107d737bb3ddbc2e0242c_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS"
},
{
"cve": "CVE-2024-4068",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2024-05-14T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHACM-2.10:rhacm2/acm-cluster-permission-rhel9@sha256:b9ef8ca2a002c616c6644cf16b80d5901d7b46034dc7e57ec1dd1d260cf0e32b_s390x",
"9Base-RHACM-2.10:rhacm2/acm-cluster-permission-rhel9@sha256:bd41dedb13ae9360d2e856ec6d52ea35b726425a65e92a00cd6037344ae5780e_amd64",
"9Base-RHACM-2.10:rhacm2/acm-cluster-permission-rhel9@sha256:dac35e93ff173bd30fefbdec8676fb605e28368aec3eccc4ac603f16eadcf31d_arm64",
"9Base-RHACM-2.10:rhacm2/acm-cluster-permission-rhel9@sha256:e8c9920427522b7ef645422b85ff1585e65b9d659c792e57201dfc06d6a13ffa_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-governance-policy-addon-controller-rhel9@sha256:65d709ef780d8d867c145b1ddf8e7031bd8e710972b21ed2d7b9d9ede0bfdb43_s390x",
"9Base-RHACM-2.10:rhacm2/acm-governance-policy-addon-controller-rhel9@sha256:87988ad277b62bbcc061dbe4242bfc2edcc21dc98c4c7c66385131c0425b0fa7_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-governance-policy-addon-controller-rhel9@sha256:9af1cb9605a8fdf7212a079ed8fa51b110b367c705a51651ba3933e936519e7f_arm64",
"9Base-RHACM-2.10:rhacm2/acm-governance-policy-addon-controller-rhel9@sha256:c6e3728b6687b8c83a11c326e4fd098ceef3f501725efbdfcb0ded0645a1473e_amd64",
"9Base-RHACM-2.10:rhacm2/acm-governance-policy-framework-addon-rhel9@sha256:3101f1389311c0006c0fb9953c44d5fff9e968597952103a5a873a7a4c4707da_amd64",
"9Base-RHACM-2.10:rhacm2/acm-governance-policy-framework-addon-rhel9@sha256:4536de55598f032ad91056c779ec2faea5c28de557a730d50cb2b2aba9b3bf00_s390x",
"9Base-RHACM-2.10:rhacm2/acm-governance-policy-framework-addon-rhel9@sha256:587fc80d3d6e3f2295272934fb39cfa3b96f5a2652a533b6b01cc6b04d10cb66_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-governance-policy-framework-addon-rhel9@sha256:63246c061e7960a656cb66c8ccca2b7bed943c9a1fe96a28f9cd99829608cda5_arm64",
"9Base-RHACM-2.10:rhacm2/acm-grafana-rhel9@sha256:1cd1c6a91611569a855444430c527a8bebbe113f77dd47dcfc2b8305c3a26a13_s390x",
"9Base-RHACM-2.10:rhacm2/acm-grafana-rhel9@sha256:3a59dd5e30b37f1e1feffba959d88d3aab37701500203afb71b2d38958236b85_amd64",
"9Base-RHACM-2.10:rhacm2/acm-grafana-rhel9@sha256:b488d250bc1c82f3f7e26a1bc741dee02e57b3e3d40cf2965e541d2c5727ec65_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-grafana-rhel9@sha256:df4024e8506d0926ad81943684532dd9e4054f26d23da6e329f593239b5a1513_arm64",
"9Base-RHACM-2.10:rhacm2/acm-must-gather-rhel9@sha256:66bca60baa85bc23963b5955fe57e8b7b7038c1088e2ce60f1fedc1a41d944dc_arm64",
"9Base-RHACM-2.10:rhacm2/acm-must-gather-rhel9@sha256:92d087992acf383c2f06ed92996049c412fc1fef76be10fc40eb6ba2e4b2f9be_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-must-gather-rhel9@sha256:bfc79c952b6f62658ef36373af72e6213de78ba1c3a18f018add4295d8ae72f8_s390x",
"9Base-RHACM-2.10:rhacm2/acm-must-gather-rhel9@sha256:fb9fa96ebaba320dd723e7d5727b20c63f66aa6c39f460a6270c572354123fd9_amd64",
"9Base-RHACM-2.10:rhacm2/acm-operator-bundle@sha256:190d00bcb1bdbf289cc4ae87f738aeabe04470194e51870c572876e4c118d712_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-operator-bundle@sha256:304e9a12e0c7b7be0444efd26764d32818fc3ad1ad936b565232f5f82a5f72fe_amd64",
"9Base-RHACM-2.10:rhacm2/acm-operator-bundle@sha256:cc65cb3804a7e6150028a6f1c60fcbdb78c42689769ff9378922491481947aed_s390x",
"9Base-RHACM-2.10:rhacm2/acm-prometheus-config-reloader-rhel9@sha256:0b885dfd28d82220fdb03b7bca0e1ed2fc941bc712e536af71e4e11ee9defee4_amd64",
"9Base-RHACM-2.10:rhacm2/acm-prometheus-config-reloader-rhel9@sha256:53cd755cea5a527c089321e5571c14ad0fd5d55b16e7c2acddc2a7c9670cffd2_arm64",
"9Base-RHACM-2.10:rhacm2/acm-prometheus-config-reloader-rhel9@sha256:8f18c68e47b66926d14795818f3a1dc21ffdcbcf1a220c7518194416602b19ac_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-prometheus-config-reloader-rhel9@sha256:be5be2fe888521fd8ac6d7ebca3cf127724128eb6ff4e11f90d61a4af60f1bee_s390x",
"9Base-RHACM-2.10:rhacm2/acm-prometheus-rhel9@sha256:8da9c5a18b42861d11e3df3f37b5f47b810af1b25beec208ce75b6f69d913ecd_s390x",
"9Base-RHACM-2.10:rhacm2/acm-prometheus-rhel9@sha256:91ec246784f1e7cdd0c20ab36ea09f13e553c043851699dae6191ea1ce101a61_arm64",
"9Base-RHACM-2.10:rhacm2/acm-prometheus-rhel9@sha256:969cc23c2f503797d491c797220e09b1682887742f669d338a5fd3613908148d_amd64",
"9Base-RHACM-2.10:rhacm2/acm-prometheus-rhel9@sha256:a1b920873dbb0984f41a8b49a4e0263c9756d909391601290b8a67278596327b_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-search-indexer-rhel9@sha256:21476ec5340f5e98451f83d7d455f86e8368ed4c882f564cf80b234dc2ceae1a_amd64",
"9Base-RHACM-2.10:rhacm2/acm-search-indexer-rhel9@sha256:47083a8e2f6234e7e3743c2f7d5cc433ad76a46a609f65640e047bfa9557082c_s390x",
"9Base-RHACM-2.10:rhacm2/acm-search-indexer-rhel9@sha256:95c15180b6b25c453b8aa81c42b106d6e9fb1d832761a3b2b06922c0ceee4d7b_arm64",
"9Base-RHACM-2.10:rhacm2/acm-search-indexer-rhel9@sha256:9ba73ef3b2447b16aab7503bce4e480441b272e997dab87ee9cc4b0f1ac040ba_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-search-v2-api-rhel9@sha256:1891db398d822cb0c424245928033240dfdcfd35d21ab052379d432423a6e038_s390x",
"9Base-RHACM-2.10:rhacm2/acm-search-v2-api-rhel9@sha256:247e052a3b5bc9708f1c0953f09c942414852f2109a9694af864375032072ae2_arm64",
"9Base-RHACM-2.10:rhacm2/acm-search-v2-api-rhel9@sha256:51a415f07cfadd9ae5b4b29cb3247b5085bb18edad8df566c47dc7e89ef0939e_amd64",
"9Base-RHACM-2.10:rhacm2/acm-search-v2-api-rhel9@sha256:756982578354d8a66399f2464602458f80bd398e46656a3d86c9303fa2068900_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-search-v2-rhel9@sha256:329f59a93ce1e2aab017a924db00b6aaca4c8ee40b5d5c2358af11af2e5319bd_s390x",
"9Base-RHACM-2.10:rhacm2/acm-search-v2-rhel9@sha256:9e2aa6686deee7b78bda5dcb08dad31c87a9653e48788df4e8bb39d4965c9101_arm64",
"9Base-RHACM-2.10:rhacm2/acm-search-v2-rhel9@sha256:e995897416f24436e6bef220bd4d5b3ba8fbd26c97fbd5e250391a3aef14bce5_amd64",
"9Base-RHACM-2.10:rhacm2/acm-search-v2-rhel9@sha256:f45417abdf399566fa98b0686ab4b2b55d776b6dfa67b7b7c24565b084c39165_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-volsync-addon-controller-rhel9@sha256:055c5ab4b2045571efe53bbd4ca54ba8a17a2cf590dad70c65667ed6b11ca86a_arm64",
"9Base-RHACM-2.10:rhacm2/acm-volsync-addon-controller-rhel9@sha256:60070927868e0538d31090138892fe64445321098b3874880fd21e7dcc1ffae7_amd64",
"9Base-RHACM-2.10:rhacm2/acm-volsync-addon-controller-rhel9@sha256:cc991f8f8af9337ab908f6564b4b77daef5893dc2759ff483142ef659a6a4b30_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-volsync-addon-controller-rhel9@sha256:faee49ca0c46781594189977f3ab5805060cd0a95e47ba575ec05bb549e21a69_s390x",
"9Base-RHACM-2.10:rhacm2/cert-policy-controller-rhel9@sha256:081c86b4c25876ac0734a0caff771a30b848530f1e89f9e0d3ee3f743f579e9c_s390x",
"9Base-RHACM-2.10:rhacm2/cert-policy-controller-rhel9@sha256:318f11ebe87bc1feced78f9d2ae66856884606c721e15d2d05045562d248ac3f_arm64",
"9Base-RHACM-2.10:rhacm2/cert-policy-controller-rhel9@sha256:5daaad58a8979d386830224e133a3bbc713b63039a99eda9a69487b999e71965_amd64",
"9Base-RHACM-2.10:rhacm2/cert-policy-controller-rhel9@sha256:bffedd5eb97a49dd210b51423ba8938684be1cb41dd79d06b2aab94bc0bb4963_ppc64le",
"9Base-RHACM-2.10:rhacm2/cluster-backup-rhel9-operator@sha256:0d141d0fa859ae0061605f2fe13381be2b6ebd9d8c6b91ca171a8e61e52842be_ppc64le",
"9Base-RHACM-2.10:rhacm2/cluster-backup-rhel9-operator@sha256:3a8bace1bb325142a64a4432543a828050e2e87de91a08dca793534841b7b841_amd64",
"9Base-RHACM-2.10:rhacm2/cluster-backup-rhel9-operator@sha256:66f67d2d8c09634e2e5ae0be07437cb1918f6b506e35bc9b7af82f4979dfc4ed_s390x",
"9Base-RHACM-2.10:rhacm2/cluster-backup-rhel9-operator@sha256:ac726852c9aa7e54aa4d75c6c485b429f16fffbb61d2840b527c5a1cfdb5c842_arm64",
"9Base-RHACM-2.10:rhacm2/config-policy-controller-rhel9@sha256:0ef8fdea99a8fd44feff31b4883a6ecd17eeabb5e8c9ccbdbdd30c32cc2cbe64_amd64",
"9Base-RHACM-2.10:rhacm2/config-policy-controller-rhel9@sha256:b7ff6680725a8bb31edf5dc58d82ac0b9d201ba8eac4c6f2ea4c3cd35f52915a_s390x",
"9Base-RHACM-2.10:rhacm2/config-policy-controller-rhel9@sha256:d4456a33f0488db9c77d12a279500b68a41441a8ff6c8cc9723a7ccc46e90dc7_arm64",
"9Base-RHACM-2.10:rhacm2/config-policy-controller-rhel9@sha256:d6e8119559b01231206654d2a57114862c4c6b5ca604ccf7b92e53bea6e2e2c2_ppc64le",
"9Base-RHACM-2.10:rhacm2/endpoint-monitoring-rhel9-operator@sha256:75bc23118d6e3ae1ec142a6f47a871efcd8ec5aa6da2bef7cf24e716b3b3be3c_s390x",
"9Base-RHACM-2.10:rhacm2/endpoint-monitoring-rhel9-operator@sha256:cf7be8fd6b726cb7ba8a3f57e14e20d7944245759cd6e8bd26dca4d666fb866a_arm64",
"9Base-RHACM-2.10:rhacm2/endpoint-monitoring-rhel9-operator@sha256:d8c3352fceb6a53e110f76501bb2c2f4cf7a9284f9dd30dee3fe3e015b622195_amd64",
"9Base-RHACM-2.10:rhacm2/endpoint-monitoring-rhel9-operator@sha256:e177864e6bc3b6e66f1f455229257210b77a3b7d0e18c480d252ed79f03bf67a_ppc64le",
"9Base-RHACM-2.10:rhacm2/governance-policy-propagator-rhel9@sha256:400644c05d5768fb7460bb3f8bfa880bc21e91f365130d13877f015ba2146358_amd64",
"9Base-RHACM-2.10:rhacm2/governance-policy-propagator-rhel9@sha256:46deef6c168120168168820dad57ce9b2d2641be926772eaeba2d03d3d324e2a_s390x",
"9Base-RHACM-2.10:rhacm2/governance-policy-propagator-rhel9@sha256:4e9143f58e4755b86526d113040acd0ee0069fefe9243e08c864c35d25b276e9_ppc64le",
"9Base-RHACM-2.10:rhacm2/governance-policy-propagator-rhel9@sha256:8947a68138c101fdc355b94a4deb0d02f44de025fe733e8d5fb28f5fce93b7c9_arm64",
"9Base-RHACM-2.10:rhacm2/grafana-dashboard-loader-rhel9@sha256:26a08abd967f17e23975b728768e2f561750856b0f98ff5f27506da94fa597ca_ppc64le",
"9Base-RHACM-2.10:rhacm2/grafana-dashboard-loader-rhel9@sha256:43f27505c8ac51aa659c638f96f7681d8d3029775b9153a8075fa38dd48dbc3c_arm64",
"9Base-RHACM-2.10:rhacm2/grafana-dashboard-loader-rhel9@sha256:a9afb35685e18a179269293a1998eb5c6c8c47e9247a7f3f1c27d3b1b35a83b2_amd64",
"9Base-RHACM-2.10:rhacm2/grafana-dashboard-loader-rhel9@sha256:f30433d2c90f38c86f1780bd8b74a50821837f769db589ee720e35fd79dbc23b_s390x",
"9Base-RHACM-2.10:rhacm2/iam-policy-controller-rhel9@sha256:63ca0eef9b3febe70ceea5b47a36fea7455eef69da9d1bda70d2bc9661ec2f2c_arm64",
"9Base-RHACM-2.10:rhacm2/iam-policy-controller-rhel9@sha256:ae274418f0fa055670012f2d92d63ebb175fdbd3946486312007bc2b0a915541_ppc64le",
"9Base-RHACM-2.10:rhacm2/iam-policy-controller-rhel9@sha256:c1d7619138ab3717e6f6a49ac76f95ff041a022746891057d6e4e163114fb864_amd64",
"9Base-RHACM-2.10:rhacm2/iam-policy-controller-rhel9@sha256:f62a79f1f02af4be1424b74071e6d701e5c514e27019e69ee98cbed10b602f3d_s390x",
"9Base-RHACM-2.10:rhacm2/insights-client-rhel9@sha256:0ff4ca5a9703ec58d70178152b5dbbb3aaffa5fce80153eda12f727f7c3e0b6f_ppc64le",
"9Base-RHACM-2.10:rhacm2/insights-client-rhel9@sha256:70833a6ef9ebc1b50e914744e0f7c36c259bb7889c7ff8085cb8470826ac803e_s390x",
"9Base-RHACM-2.10:rhacm2/insights-client-rhel9@sha256:cdf079542b23633884a52daa02d4b9182aaf7454e769186de4f495467686653d_arm64",
"9Base-RHACM-2.10:rhacm2/insights-client-rhel9@sha256:f62d6a262c044a7883f34563e3e1909761ca0bd44e4d5f8a0e564db8b630068b_amd64",
"9Base-RHACM-2.10:rhacm2/insights-metrics-rhel9@sha256:16862c34efb507d44455ed78cde51a1f57969cc69f4beec70ecb697b8ea406dc_amd64",
"9Base-RHACM-2.10:rhacm2/insights-metrics-rhel9@sha256:2f7c346cb847e2928715bd4b64a34531b82d0130a89a08f19c3026db5d89c5a1_ppc64le",
"9Base-RHACM-2.10:rhacm2/insights-metrics-rhel9@sha256:44f56f7a1ac2720ce815ea7aa824ea37a0bdcf63c637941ca84328578a735142_arm64",
"9Base-RHACM-2.10:rhacm2/insights-metrics-rhel9@sha256:e2a9110af4d9bac9fd97b8f5981230c495506d50db571eccae9e16e361abfdd7_s390x",
"9Base-RHACM-2.10:rhacm2/klusterlet-addon-controller-rhel9@sha256:693af28fa3e5f1aee61695e891fdd33a49b5280e4a555f84b838ca8e829d0999_ppc64le",
"9Base-RHACM-2.10:rhacm2/klusterlet-addon-controller-rhel9@sha256:7ac958c32070e6282a8cbe262810c58a81e6e331bf59877cd67758ab6feb8ada_amd64",
"9Base-RHACM-2.10:rhacm2/klusterlet-addon-controller-rhel9@sha256:8528a204787ecde3925c9c3ef31e225f59c5b4b3a21bd314541fe06dd4c1aa73_s390x",
"9Base-RHACM-2.10:rhacm2/klusterlet-addon-controller-rhel9@sha256:cf0bf12f03bd0a4a09188d1f5b4820aa6e7f6e4a1fb1bc2c45559553907c6eae_arm64",
"9Base-RHACM-2.10:rhacm2/kube-rbac-proxy-rhel9@sha256:1d75e8e70fc3f3943841bd34f79e5762705b0d23460064c6adcdd0fc6b39005a_amd64",
"9Base-RHACM-2.10:rhacm2/kube-rbac-proxy-rhel9@sha256:355905503e1321fc2fd75b12bab33b2cb75cbfcc0d0e7e70400790da081abfd9_arm64",
"9Base-RHACM-2.10:rhacm2/kube-rbac-proxy-rhel9@sha256:42da847ca7b39914df099381ac807d8ab619774388c1a47e0d71020fbce998ae_s390x",
"9Base-RHACM-2.10:rhacm2/kube-rbac-proxy-rhel9@sha256:5e416f1249a77845f81c9cf1a1dfae74feca41afd6dd35e7be55a0fa61632c00_ppc64le",
"9Base-RHACM-2.10:rhacm2/kube-state-metrics-rhel9@sha256:715f6b9c01400a153157de08bf2a6b04ea54478ee2c18d7871b65c865d6902d2_s390x",
"9Base-RHACM-2.10:rhacm2/kube-state-metrics-rhel9@sha256:72f6c545d46d1cc6f3fb1b9cd6840f0496056d410c8ade62dd35d99dfdd60737_arm64",
"9Base-RHACM-2.10:rhacm2/kube-state-metrics-rhel9@sha256:88982e268e1a3d0c52c72563a684b58042adb0800ebd1e80208b898eebe75cd6_ppc64le",
"9Base-RHACM-2.10:rhacm2/kube-state-metrics-rhel9@sha256:9f2ac058e15d5653e8bced975955e26e51a88d36a1d5896305b6f5060afee43a_amd64",
"9Base-RHACM-2.10:rhacm2/memcached-exporter-rhel9@sha256:1304f49745ed8a18784196b5595cea1ec6caf904d0e61d0952a603e6fb7da6e0_ppc64le",
"9Base-RHACM-2.10:rhacm2/memcached-exporter-rhel9@sha256:36529c281273e5346ef5cce6a55e47c27fdaf2507a6f7971576b738b1c543258_arm64",
"9Base-RHACM-2.10:rhacm2/memcached-exporter-rhel9@sha256:c5275f61fd2e84deaab7e789a7ffefdbe235866a8439d3d2534e4b26998372d6_s390x",
"9Base-RHACM-2.10:rhacm2/memcached-exporter-rhel9@sha256:f9f5ca67f62d6218b90b863b4fe63aa95aef755e5cbae5a83896f74a0039b7ab_amd64",
"9Base-RHACM-2.10:rhacm2/memcached-rhel9@sha256:2c4437598be87fc5f3f6639e728279d8ba21cf49061be78e3a4fbacc989997b4_amd64",
"9Base-RHACM-2.10:rhacm2/memcached-rhel9@sha256:2fb75dce1567e21a9f1361ec3ac54a4d5a2252f03aa64b6cdf4d1cd02a58d04c_s390x",
"9Base-RHACM-2.10:rhacm2/memcached-rhel9@sha256:4af229aca50a46ec9f190fbeef603f1259223f81f5307f46de17ad8b8c9760e1_arm64",
"9Base-RHACM-2.10:rhacm2/memcached-rhel9@sha256:e871cb2e5d235ae74a998356748299daace42d47a92e1da57a2773eae87625a6_ppc64le",
"9Base-RHACM-2.10:rhacm2/metrics-collector-rhel9@sha256:20ac5c57af957e7126221f4089bb816b948aa624788da9298b4f476ecc668293_amd64",
"9Base-RHACM-2.10:rhacm2/metrics-collector-rhel9@sha256:54665ca7529012a3a63c7dcc263a2e46964a0ee4ba43f19a2a3f05dcdfd5ae0f_ppc64le",
"9Base-RHACM-2.10:rhacm2/metrics-collector-rhel9@sha256:84543f21ccfe36960fce099930132e7042e505ba635c45a28a902ed2b2401d55_s390x",
"9Base-RHACM-2.10:rhacm2/metrics-collector-rhel9@sha256:eb32f5c275247babd03ec16b0978aced10a9b9da07a84f5af6be4d7c3852a6b7_arm64",
"9Base-RHACM-2.10:rhacm2/multicloud-integrations-rhel9@sha256:0529a11c8935d5b9fa2a3f29801749b09861076c0c2040612271f0bbafb5fbab_s390x",
"9Base-RHACM-2.10:rhacm2/multicloud-integrations-rhel9@sha256:2b7557d262cd8eacc45178dcca3dae642b1bb33fbfccdf6a3b63abb7e1a39d53_amd64",
"9Base-RHACM-2.10:rhacm2/multicloud-integrations-rhel9@sha256:606ea20603d86412a34478a3db9c17737cca2b04c26bcab175279028c822e492_arm64",
"9Base-RHACM-2.10:rhacm2/multicloud-integrations-rhel9@sha256:d3958606b5001619aa3044617ccb4fe265764d7dad05b0a6bf5b4910bd5d0ba7_ppc64le",
"9Base-RHACM-2.10:rhacm2/multicluster-observability-rhel9-operator@sha256:9b855d7e4cf6fe3c4da92d84a51adc63aea5f144bce38dbb9c4ab3d01370c296_amd64",
"9Base-RHACM-2.10:rhacm2/multicluster-observability-rhel9-operator@sha256:a9eb1e576d4eb5c7e9131803042b7d8529dab369595d0adc22623e24b67832d9_s390x",
"9Base-RHACM-2.10:rhacm2/multicluster-observability-rhel9-operator@sha256:ab73f96720c106dcb2ea64f8b7ac13ad866533d993c43cb7c6dbbf08ba4977dd_ppc64le",
"9Base-RHACM-2.10:rhacm2/multicluster-observability-rhel9-operator@sha256:f296c72dd6842481dad78536117aec3ff14d19be736e5679101bbfc92b87809b_arm64",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-application-rhel9@sha256:184f6068b077070b90ede3a2f4e81be398fd2841f042fc6f2f114fdfd4f1095b_arm64",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-application-rhel9@sha256:2a272685b487a747827220d16bc5aaff65c436d5c312b081d9fffd9ef4a8a0f9_amd64",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-application-rhel9@sha256:635c1cf425b8744a421c649bd809a59df6dc6cdeaa9da2a369706e522a3a0fab_ppc64le",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-application-rhel9@sha256:e15bedc9ce45cc025b6ab6c27d5b7eb95f6e750791ff0dae228a71eaeae1cace_s390x",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-channel-rhel9@sha256:2399cfe0b3b626be2acd289d8880b9913d73093220b3e4062bb7cddb2628640a_amd64",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-channel-rhel9@sha256:37f84cbbee522859c6f46e49179ab0b1e1fef118aac6741d18675b36e31972dd_s390x",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-channel-rhel9@sha256:43c086e0f17783322c26ba577db2c7c8fd43176a7ac14e45a40c3db0b91a6d1e_ppc64le",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-channel-rhel9@sha256:773c32065f60e4a2e626e17744d0a2cfc4049325f6664f899d8da949dc3fa4a6_arm64",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-subscription-rhel9@sha256:08aacdc6cad3ba5743a5d65c1bff5b3e41e44269765b94f45673a8e648f60584_amd64",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-subscription-rhel9@sha256:7eda39d696e452ec7e9da1473807e3134f149ed28d0ec873cf489451fbb007e0_arm64",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-subscription-rhel9@sha256:a791398b5dd73f447d22f260eaf209f782c9663e81c81529eb4b3018183f9deb_ppc64le",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-subscription-rhel9@sha256:b88262afe6149a741a566054ecc16400bc7335a443219d3ddbcb1ba7c939a38b_s390x",
"9Base-RHACM-2.10:rhacm2/multiclusterhub-rhel9@sha256:5de91afd73b5a86865954ab3f6587f382f53e0856422ed975d9aa867bd0ffbf9_arm64",
"9Base-RHACM-2.10:rhacm2/multiclusterhub-rhel9@sha256:97932a785e8601b170a7c6fd42b1e6a18203b958ccbb712352c2817b8103d9b5_s390x",
"9Base-RHACM-2.10:rhacm2/multiclusterhub-rhel9@sha256:b30d5d981e1522751e4434b1c107e5cefb6c8c22ea16915f35948c11f9aa0579_ppc64le",
"9Base-RHACM-2.10:rhacm2/multiclusterhub-rhel9@sha256:c5e3898dd435f49636834ce14b3188f7163167cdb538d85812393cf450d49157_amd64",
"9Base-RHACM-2.10:rhacm2/node-exporter-rhel9@sha256:8bb239eafceaa18a786b78f7bf54c7063d80bce60567d10d81c5a4282b2884b4_s390x",
"9Base-RHACM-2.10:rhacm2/node-exporter-rhel9@sha256:9611a92119f19e11c29e9e93b9c714499e60d06712da97d9fa77ed0fd0d4d33b_arm64",
"9Base-RHACM-2.10:rhacm2/node-exporter-rhel9@sha256:d147abba6fa66eb914005d4cd62302c527cbfc0083be386275c5c782b90c3c1c_amd64",
"9Base-RHACM-2.10:rhacm2/node-exporter-rhel9@sha256:f9a4446156fd21112854846849c68952e4c336e5782d6aeb3c49bddd3408d388_ppc64le",
"9Base-RHACM-2.10:rhacm2/observatorium-rhel9-operator@sha256:414b191a314b0695aede28ac7229a064833d798e94d5b92a434e2eb3650983b6_arm64",
"9Base-RHACM-2.10:rhacm2/observatorium-rhel9-operator@sha256:9e2d97d0116349c1f1e1d815a6d8822c9f5331acdb81e878c0cb0e86149167ef_ppc64le",
"9Base-RHACM-2.10:rhacm2/observatorium-rhel9-operator@sha256:e2dabaf7c375e039797330bb33e03c993356dc5a37949f84a89c3e4f40ff0023_amd64",
"9Base-RHACM-2.10:rhacm2/observatorium-rhel9-operator@sha256:ecda2be3377f15a09c6971b1a689bb9eb917909d55f54c996d54a972aece7432_s390x",
"9Base-RHACM-2.10:rhacm2/observatorium-rhel9@sha256:10ee1d5c854a7daf0d33f1dc16529a7e1a3cb67fab5a626f8a42da705186265e_arm64",
"9Base-RHACM-2.10:rhacm2/observatorium-rhel9@sha256:1eb9b98d7f3c878e09b45aad2a64780e46026c55d6f70a64d66e255ec13ce9fb_s390x",
"9Base-RHACM-2.10:rhacm2/observatorium-rhel9@sha256:25ee9231e17b71c83f12a9ce5d94629b2fd8ad3c64b61de9f03b057584f84804_ppc64le",
"9Base-RHACM-2.10:rhacm2/observatorium-rhel9@sha256:7812638565dff9368b4db0ed9aecb86c544d0b6caa773994c5c830e800060e22_amd64",
"9Base-RHACM-2.10:rhacm2/prometheus-alertmanager-rhel9@sha256:0a4ecc2af398e1a771540af4f062abfc0f47bfae9ba3a2fcb6a6c66940385d42_ppc64le",
"9Base-RHACM-2.10:rhacm2/prometheus-alertmanager-rhel9@sha256:0e7e5cfd6a953e092eb3ae72b236741f73432f8d262ace74caa2acf8c5fe3863_amd64",
"9Base-RHACM-2.10:rhacm2/prometheus-alertmanager-rhel9@sha256:25abc3028c69dedee05220fa4f0f32b7accc33ef519f46b23860612307db2181_arm64",
"9Base-RHACM-2.10:rhacm2/prometheus-alertmanager-rhel9@sha256:88383e94dcec26826df02cdebc9e7cc764e92b2ce71300c31a46f20ce92135c0_s390x",
"9Base-RHACM-2.10:rhacm2/prometheus-rhel9@sha256:556c5d133dd996b86dceb03158d4d463ccdbbf29cc9ca05ff1e3915a48cd8c47_s390x",
"9Base-RHACM-2.10:rhacm2/prometheus-rhel9@sha256:98af2a53f9c59b0bdd6ee9c8f27eb00f65a870ee64ba8d503083a9a0d3aa2ec6_arm64",
"9Base-RHACM-2.10:rhacm2/prometheus-rhel9@sha256:99e749f7d98203070348c652f6df158c9207801d86439ddde08bcae16e813ea5_ppc64le",
"9Base-RHACM-2.10:rhacm2/prometheus-rhel9@sha256:c1c2a5bc8d471fb7cbbf31c0e5513bf2630efbd1a5bbb458dc0c98b3ee608636_amd64",
"9Base-RHACM-2.10:rhacm2/rbac-query-proxy-rhel9@sha256:5f70872d294b5f10393fa7c6a6ffd81a6a509ea7589753d29ad49118a87fb2df_s390x",
"9Base-RHACM-2.10:rhacm2/rbac-query-proxy-rhel9@sha256:a061734a251e62cd31792ec9065f6a346de672f72e32965954811faf11f86d62_amd64",
"9Base-RHACM-2.10:rhacm2/rbac-query-proxy-rhel9@sha256:e325c611a68e60d204018b8aac765bb58e135b44735bbc14069c5cbf49828ada_ppc64le",
"9Base-RHACM-2.10:rhacm2/rbac-query-proxy-rhel9@sha256:fe807380c43daaae2ca277ef4a6b6bace7842087112f7d242773a073797c908e_arm64",
"9Base-RHACM-2.10:rhacm2/search-collector-rhel9@sha256:2092c265f1dea3dc553c370c3b07c92e4cb8523ccc58d46af4a517165e9b7bc4_s390x",
"9Base-RHACM-2.10:rhacm2/search-collector-rhel9@sha256:557e431af519bf544102927491fffbdd4091a5a9377396d7d30b2898897c8fba_amd64",
"9Base-RHACM-2.10:rhacm2/search-collector-rhel9@sha256:f908a57c2bfe78911889102abb61377d5170590689930d74b8d6a9fa7bc66848_ppc64le",
"9Base-RHACM-2.10:rhacm2/search-collector-rhel9@sha256:fe20c8e6fbf707c0467a4876405f2f8b395ac24ca554bd052f7f55da2df6371f_arm64",
"9Base-RHACM-2.10:rhacm2/submariner-addon-rhel9@sha256:1d74ed10635e7021129e60caa3358581d61c4bd93cebed86f79d5fdba100b10f_ppc64le",
"9Base-RHACM-2.10:rhacm2/submariner-addon-rhel9@sha256:92584807362684f692fc991f06ffecf241ee6494d4b37c584d74527214b33acb_s390x",
"9Base-RHACM-2.10:rhacm2/submariner-addon-rhel9@sha256:9a6b6d7ed493c6c8c9962485404f551974cece1b59e7197f9ed6fce120ca7d0d_arm64",
"9Base-RHACM-2.10:rhacm2/submariner-addon-rhel9@sha256:e8eb481c682682ea78d5f7d5793f63e427fcffc867db012f327b5469c524535c_amd64",
"9Base-RHACM-2.10:rhacm2/thanos-receive-controller-rhel9@sha256:09b931bd7405cc8733625884f61ccaa92b40b48d9068d78f552a6c9383cb02e9_amd64",
"9Base-RHACM-2.10:rhacm2/thanos-receive-controller-rhel9@sha256:64aebcc4f88c096cb93faa8fab067308442fd49c07e55fcb55283ef86643f642_s390x",
"9Base-RHACM-2.10:rhacm2/thanos-receive-controller-rhel9@sha256:91f186246d963c2978023489ed7cd58dec2f57641fd2a2a0c16d2caa5377147c_arm64",
"9Base-RHACM-2.10:rhacm2/thanos-receive-controller-rhel9@sha256:d391d522c2006e634df69f28eacd1f6cfba7b1ac4ec27ea97c307f4da5213954_ppc64le",
"9Base-RHACM-2.10:rhacm2/thanos-rhel9@sha256:9c82d36f3a942088a6612e6e1d5d7f3413006b2f5df41758c0072ee8d68b3801_ppc64le",
"9Base-RHACM-2.10:rhacm2/thanos-rhel9@sha256:c431d914ecca6080a1ce9ee7fb15019ca5f5b5cb7083fa739ce14b9f8afd570e_amd64",
"9Base-RHACM-2.10:rhacm2/thanos-rhel9@sha256:e8e6c42e37b2c0ba6456d48afa747f3c6f167cbcf4523d5ad751351a932deefc_arm64",
"9Base-RHACM-2.10:rhacm2/thanos-rhel9@sha256:f7dc5a2e9c41416badca921ef6a4b16e9edd2aea052107d737bb3ddbc2e0242c_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2280600"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the NPM package `braces.` It fails to limit the number of characters it can handle, which could lead to memory exhaustion. In `lib/parse.js,` if a malicious user sends \"imbalanced braces\" as input, the parsing will enter a loop, causing the program to start allocating heap memory without freeing it at any moment of the loop. Eventually, the JavaScript heap limit is reached, and the program will crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "braces: fails to limit the number of characters it can handle",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHACM-2.10:rhacm2/console-rhel9@sha256:4ee3bbdcc190cd6c3e1eff8bfabe8ca3cd9e61ab5d824983a955e6d509238041_arm64",
"9Base-RHACM-2.10:rhacm2/console-rhel9@sha256:5fe6fb2bd7e31a960bc018d870af482f668ab417d601d94a5ac5981fd116a852_s390x",
"9Base-RHACM-2.10:rhacm2/console-rhel9@sha256:9005fc71b91a5d2a1fe502e90d57cea2285d1218ad6e49f4bcdd77bf560c5765_ppc64le",
"9Base-RHACM-2.10:rhacm2/console-rhel9@sha256:b3bc8c5f587da2c7ce4e25d5d2e72b08939071297cf3fdc5d51fb631d99aa168_amd64"
],
"known_not_affected": [
"9Base-RHACM-2.10:rhacm2/acm-cluster-permission-rhel9@sha256:b9ef8ca2a002c616c6644cf16b80d5901d7b46034dc7e57ec1dd1d260cf0e32b_s390x",
"9Base-RHACM-2.10:rhacm2/acm-cluster-permission-rhel9@sha256:bd41dedb13ae9360d2e856ec6d52ea35b726425a65e92a00cd6037344ae5780e_amd64",
"9Base-RHACM-2.10:rhacm2/acm-cluster-permission-rhel9@sha256:dac35e93ff173bd30fefbdec8676fb605e28368aec3eccc4ac603f16eadcf31d_arm64",
"9Base-RHACM-2.10:rhacm2/acm-cluster-permission-rhel9@sha256:e8c9920427522b7ef645422b85ff1585e65b9d659c792e57201dfc06d6a13ffa_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-governance-policy-addon-controller-rhel9@sha256:65d709ef780d8d867c145b1ddf8e7031bd8e710972b21ed2d7b9d9ede0bfdb43_s390x",
"9Base-RHACM-2.10:rhacm2/acm-governance-policy-addon-controller-rhel9@sha256:87988ad277b62bbcc061dbe4242bfc2edcc21dc98c4c7c66385131c0425b0fa7_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-governance-policy-addon-controller-rhel9@sha256:9af1cb9605a8fdf7212a079ed8fa51b110b367c705a51651ba3933e936519e7f_arm64",
"9Base-RHACM-2.10:rhacm2/acm-governance-policy-addon-controller-rhel9@sha256:c6e3728b6687b8c83a11c326e4fd098ceef3f501725efbdfcb0ded0645a1473e_amd64",
"9Base-RHACM-2.10:rhacm2/acm-governance-policy-framework-addon-rhel9@sha256:3101f1389311c0006c0fb9953c44d5fff9e968597952103a5a873a7a4c4707da_amd64",
"9Base-RHACM-2.10:rhacm2/acm-governance-policy-framework-addon-rhel9@sha256:4536de55598f032ad91056c779ec2faea5c28de557a730d50cb2b2aba9b3bf00_s390x",
"9Base-RHACM-2.10:rhacm2/acm-governance-policy-framework-addon-rhel9@sha256:587fc80d3d6e3f2295272934fb39cfa3b96f5a2652a533b6b01cc6b04d10cb66_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-governance-policy-framework-addon-rhel9@sha256:63246c061e7960a656cb66c8ccca2b7bed943c9a1fe96a28f9cd99829608cda5_arm64",
"9Base-RHACM-2.10:rhacm2/acm-grafana-rhel9@sha256:1cd1c6a91611569a855444430c527a8bebbe113f77dd47dcfc2b8305c3a26a13_s390x",
"9Base-RHACM-2.10:rhacm2/acm-grafana-rhel9@sha256:3a59dd5e30b37f1e1feffba959d88d3aab37701500203afb71b2d38958236b85_amd64",
"9Base-RHACM-2.10:rhacm2/acm-grafana-rhel9@sha256:b488d250bc1c82f3f7e26a1bc741dee02e57b3e3d40cf2965e541d2c5727ec65_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-grafana-rhel9@sha256:df4024e8506d0926ad81943684532dd9e4054f26d23da6e329f593239b5a1513_arm64",
"9Base-RHACM-2.10:rhacm2/acm-must-gather-rhel9@sha256:66bca60baa85bc23963b5955fe57e8b7b7038c1088e2ce60f1fedc1a41d944dc_arm64",
"9Base-RHACM-2.10:rhacm2/acm-must-gather-rhel9@sha256:92d087992acf383c2f06ed92996049c412fc1fef76be10fc40eb6ba2e4b2f9be_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-must-gather-rhel9@sha256:bfc79c952b6f62658ef36373af72e6213de78ba1c3a18f018add4295d8ae72f8_s390x",
"9Base-RHACM-2.10:rhacm2/acm-must-gather-rhel9@sha256:fb9fa96ebaba320dd723e7d5727b20c63f66aa6c39f460a6270c572354123fd9_amd64",
"9Base-RHACM-2.10:rhacm2/acm-operator-bundle@sha256:190d00bcb1bdbf289cc4ae87f738aeabe04470194e51870c572876e4c118d712_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-operator-bundle@sha256:304e9a12e0c7b7be0444efd26764d32818fc3ad1ad936b565232f5f82a5f72fe_amd64",
"9Base-RHACM-2.10:rhacm2/acm-operator-bundle@sha256:cc65cb3804a7e6150028a6f1c60fcbdb78c42689769ff9378922491481947aed_s390x",
"9Base-RHACM-2.10:rhacm2/acm-prometheus-config-reloader-rhel9@sha256:0b885dfd28d82220fdb03b7bca0e1ed2fc941bc712e536af71e4e11ee9defee4_amd64",
"9Base-RHACM-2.10:rhacm2/acm-prometheus-config-reloader-rhel9@sha256:53cd755cea5a527c089321e5571c14ad0fd5d55b16e7c2acddc2a7c9670cffd2_arm64",
"9Base-RHACM-2.10:rhacm2/acm-prometheus-config-reloader-rhel9@sha256:8f18c68e47b66926d14795818f3a1dc21ffdcbcf1a220c7518194416602b19ac_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-prometheus-config-reloader-rhel9@sha256:be5be2fe888521fd8ac6d7ebca3cf127724128eb6ff4e11f90d61a4af60f1bee_s390x",
"9Base-RHACM-2.10:rhacm2/acm-prometheus-rhel9@sha256:8da9c5a18b42861d11e3df3f37b5f47b810af1b25beec208ce75b6f69d913ecd_s390x",
"9Base-RHACM-2.10:rhacm2/acm-prometheus-rhel9@sha256:91ec246784f1e7cdd0c20ab36ea09f13e553c043851699dae6191ea1ce101a61_arm64",
"9Base-RHACM-2.10:rhacm2/acm-prometheus-rhel9@sha256:969cc23c2f503797d491c797220e09b1682887742f669d338a5fd3613908148d_amd64",
"9Base-RHACM-2.10:rhacm2/acm-prometheus-rhel9@sha256:a1b920873dbb0984f41a8b49a4e0263c9756d909391601290b8a67278596327b_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-search-indexer-rhel9@sha256:21476ec5340f5e98451f83d7d455f86e8368ed4c882f564cf80b234dc2ceae1a_amd64",
"9Base-RHACM-2.10:rhacm2/acm-search-indexer-rhel9@sha256:47083a8e2f6234e7e3743c2f7d5cc433ad76a46a609f65640e047bfa9557082c_s390x",
"9Base-RHACM-2.10:rhacm2/acm-search-indexer-rhel9@sha256:95c15180b6b25c453b8aa81c42b106d6e9fb1d832761a3b2b06922c0ceee4d7b_arm64",
"9Base-RHACM-2.10:rhacm2/acm-search-indexer-rhel9@sha256:9ba73ef3b2447b16aab7503bce4e480441b272e997dab87ee9cc4b0f1ac040ba_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-search-v2-api-rhel9@sha256:1891db398d822cb0c424245928033240dfdcfd35d21ab052379d432423a6e038_s390x",
"9Base-RHACM-2.10:rhacm2/acm-search-v2-api-rhel9@sha256:247e052a3b5bc9708f1c0953f09c942414852f2109a9694af864375032072ae2_arm64",
"9Base-RHACM-2.10:rhacm2/acm-search-v2-api-rhel9@sha256:51a415f07cfadd9ae5b4b29cb3247b5085bb18edad8df566c47dc7e89ef0939e_amd64",
"9Base-RHACM-2.10:rhacm2/acm-search-v2-api-rhel9@sha256:756982578354d8a66399f2464602458f80bd398e46656a3d86c9303fa2068900_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-search-v2-rhel9@sha256:329f59a93ce1e2aab017a924db00b6aaca4c8ee40b5d5c2358af11af2e5319bd_s390x",
"9Base-RHACM-2.10:rhacm2/acm-search-v2-rhel9@sha256:9e2aa6686deee7b78bda5dcb08dad31c87a9653e48788df4e8bb39d4965c9101_arm64",
"9Base-RHACM-2.10:rhacm2/acm-search-v2-rhel9@sha256:e995897416f24436e6bef220bd4d5b3ba8fbd26c97fbd5e250391a3aef14bce5_amd64",
"9Base-RHACM-2.10:rhacm2/acm-search-v2-rhel9@sha256:f45417abdf399566fa98b0686ab4b2b55d776b6dfa67b7b7c24565b084c39165_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-volsync-addon-controller-rhel9@sha256:055c5ab4b2045571efe53bbd4ca54ba8a17a2cf590dad70c65667ed6b11ca86a_arm64",
"9Base-RHACM-2.10:rhacm2/acm-volsync-addon-controller-rhel9@sha256:60070927868e0538d31090138892fe64445321098b3874880fd21e7dcc1ffae7_amd64",
"9Base-RHACM-2.10:rhacm2/acm-volsync-addon-controller-rhel9@sha256:cc991f8f8af9337ab908f6564b4b77daef5893dc2759ff483142ef659a6a4b30_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-volsync-addon-controller-rhel9@sha256:faee49ca0c46781594189977f3ab5805060cd0a95e47ba575ec05bb549e21a69_s390x",
"9Base-RHACM-2.10:rhacm2/cert-policy-controller-rhel9@sha256:081c86b4c25876ac0734a0caff771a30b848530f1e89f9e0d3ee3f743f579e9c_s390x",
"9Base-RHACM-2.10:rhacm2/cert-policy-controller-rhel9@sha256:318f11ebe87bc1feced78f9d2ae66856884606c721e15d2d05045562d248ac3f_arm64",
"9Base-RHACM-2.10:rhacm2/cert-policy-controller-rhel9@sha256:5daaad58a8979d386830224e133a3bbc713b63039a99eda9a69487b999e71965_amd64",
"9Base-RHACM-2.10:rhacm2/cert-policy-controller-rhel9@sha256:bffedd5eb97a49dd210b51423ba8938684be1cb41dd79d06b2aab94bc0bb4963_ppc64le",
"9Base-RHACM-2.10:rhacm2/cluster-backup-rhel9-operator@sha256:0d141d0fa859ae0061605f2fe13381be2b6ebd9d8c6b91ca171a8e61e52842be_ppc64le",
"9Base-RHACM-2.10:rhacm2/cluster-backup-rhel9-operator@sha256:3a8bace1bb325142a64a4432543a828050e2e87de91a08dca793534841b7b841_amd64",
"9Base-RHACM-2.10:rhacm2/cluster-backup-rhel9-operator@sha256:66f67d2d8c09634e2e5ae0be07437cb1918f6b506e35bc9b7af82f4979dfc4ed_s390x",
"9Base-RHACM-2.10:rhacm2/cluster-backup-rhel9-operator@sha256:ac726852c9aa7e54aa4d75c6c485b429f16fffbb61d2840b527c5a1cfdb5c842_arm64",
"9Base-RHACM-2.10:rhacm2/config-policy-controller-rhel9@sha256:0ef8fdea99a8fd44feff31b4883a6ecd17eeabb5e8c9ccbdbdd30c32cc2cbe64_amd64",
"9Base-RHACM-2.10:rhacm2/config-policy-controller-rhel9@sha256:b7ff6680725a8bb31edf5dc58d82ac0b9d201ba8eac4c6f2ea4c3cd35f52915a_s390x",
"9Base-RHACM-2.10:rhacm2/config-policy-controller-rhel9@sha256:d4456a33f0488db9c77d12a279500b68a41441a8ff6c8cc9723a7ccc46e90dc7_arm64",
"9Base-RHACM-2.10:rhacm2/config-policy-controller-rhel9@sha256:d6e8119559b01231206654d2a57114862c4c6b5ca604ccf7b92e53bea6e2e2c2_ppc64le",
"9Base-RHACM-2.10:rhacm2/endpoint-monitoring-rhel9-operator@sha256:75bc23118d6e3ae1ec142a6f47a871efcd8ec5aa6da2bef7cf24e716b3b3be3c_s390x",
"9Base-RHACM-2.10:rhacm2/endpoint-monitoring-rhel9-operator@sha256:cf7be8fd6b726cb7ba8a3f57e14e20d7944245759cd6e8bd26dca4d666fb866a_arm64",
"9Base-RHACM-2.10:rhacm2/endpoint-monitoring-rhel9-operator@sha256:d8c3352fceb6a53e110f76501bb2c2f4cf7a9284f9dd30dee3fe3e015b622195_amd64",
"9Base-RHACM-2.10:rhacm2/endpoint-monitoring-rhel9-operator@sha256:e177864e6bc3b6e66f1f455229257210b77a3b7d0e18c480d252ed79f03bf67a_ppc64le",
"9Base-RHACM-2.10:rhacm2/governance-policy-propagator-rhel9@sha256:400644c05d5768fb7460bb3f8bfa880bc21e91f365130d13877f015ba2146358_amd64",
"9Base-RHACM-2.10:rhacm2/governance-policy-propagator-rhel9@sha256:46deef6c168120168168820dad57ce9b2d2641be926772eaeba2d03d3d324e2a_s390x",
"9Base-RHACM-2.10:rhacm2/governance-policy-propagator-rhel9@sha256:4e9143f58e4755b86526d113040acd0ee0069fefe9243e08c864c35d25b276e9_ppc64le",
"9Base-RHACM-2.10:rhacm2/governance-policy-propagator-rhel9@sha256:8947a68138c101fdc355b94a4deb0d02f44de025fe733e8d5fb28f5fce93b7c9_arm64",
"9Base-RHACM-2.10:rhacm2/grafana-dashboard-loader-rhel9@sha256:26a08abd967f17e23975b728768e2f561750856b0f98ff5f27506da94fa597ca_ppc64le",
"9Base-RHACM-2.10:rhacm2/grafana-dashboard-loader-rhel9@sha256:43f27505c8ac51aa659c638f96f7681d8d3029775b9153a8075fa38dd48dbc3c_arm64",
"9Base-RHACM-2.10:rhacm2/grafana-dashboard-loader-rhel9@sha256:a9afb35685e18a179269293a1998eb5c6c8c47e9247a7f3f1c27d3b1b35a83b2_amd64",
"9Base-RHACM-2.10:rhacm2/grafana-dashboard-loader-rhel9@sha256:f30433d2c90f38c86f1780bd8b74a50821837f769db589ee720e35fd79dbc23b_s390x",
"9Base-RHACM-2.10:rhacm2/iam-policy-controller-rhel9@sha256:63ca0eef9b3febe70ceea5b47a36fea7455eef69da9d1bda70d2bc9661ec2f2c_arm64",
"9Base-RHACM-2.10:rhacm2/iam-policy-controller-rhel9@sha256:ae274418f0fa055670012f2d92d63ebb175fdbd3946486312007bc2b0a915541_ppc64le",
"9Base-RHACM-2.10:rhacm2/iam-policy-controller-rhel9@sha256:c1d7619138ab3717e6f6a49ac76f95ff041a022746891057d6e4e163114fb864_amd64",
"9Base-RHACM-2.10:rhacm2/iam-policy-controller-rhel9@sha256:f62a79f1f02af4be1424b74071e6d701e5c514e27019e69ee98cbed10b602f3d_s390x",
"9Base-RHACM-2.10:rhacm2/insights-client-rhel9@sha256:0ff4ca5a9703ec58d70178152b5dbbb3aaffa5fce80153eda12f727f7c3e0b6f_ppc64le",
"9Base-RHACM-2.10:rhacm2/insights-client-rhel9@sha256:70833a6ef9ebc1b50e914744e0f7c36c259bb7889c7ff8085cb8470826ac803e_s390x",
"9Base-RHACM-2.10:rhacm2/insights-client-rhel9@sha256:cdf079542b23633884a52daa02d4b9182aaf7454e769186de4f495467686653d_arm64",
"9Base-RHACM-2.10:rhacm2/insights-client-rhel9@sha256:f62d6a262c044a7883f34563e3e1909761ca0bd44e4d5f8a0e564db8b630068b_amd64",
"9Base-RHACM-2.10:rhacm2/insights-metrics-rhel9@sha256:16862c34efb507d44455ed78cde51a1f57969cc69f4beec70ecb697b8ea406dc_amd64",
"9Base-RHACM-2.10:rhacm2/insights-metrics-rhel9@sha256:2f7c346cb847e2928715bd4b64a34531b82d0130a89a08f19c3026db5d89c5a1_ppc64le",
"9Base-RHACM-2.10:rhacm2/insights-metrics-rhel9@sha256:44f56f7a1ac2720ce815ea7aa824ea37a0bdcf63c637941ca84328578a735142_arm64",
"9Base-RHACM-2.10:rhacm2/insights-metrics-rhel9@sha256:e2a9110af4d9bac9fd97b8f5981230c495506d50db571eccae9e16e361abfdd7_s390x",
"9Base-RHACM-2.10:rhacm2/klusterlet-addon-controller-rhel9@sha256:693af28fa3e5f1aee61695e891fdd33a49b5280e4a555f84b838ca8e829d0999_ppc64le",
"9Base-RHACM-2.10:rhacm2/klusterlet-addon-controller-rhel9@sha256:7ac958c32070e6282a8cbe262810c58a81e6e331bf59877cd67758ab6feb8ada_amd64",
"9Base-RHACM-2.10:rhacm2/klusterlet-addon-controller-rhel9@sha256:8528a204787ecde3925c9c3ef31e225f59c5b4b3a21bd314541fe06dd4c1aa73_s390x",
"9Base-RHACM-2.10:rhacm2/klusterlet-addon-controller-rhel9@sha256:cf0bf12f03bd0a4a09188d1f5b4820aa6e7f6e4a1fb1bc2c45559553907c6eae_arm64",
"9Base-RHACM-2.10:rhacm2/kube-rbac-proxy-rhel9@sha256:1d75e8e70fc3f3943841bd34f79e5762705b0d23460064c6adcdd0fc6b39005a_amd64",
"9Base-RHACM-2.10:rhacm2/kube-rbac-proxy-rhel9@sha256:355905503e1321fc2fd75b12bab33b2cb75cbfcc0d0e7e70400790da081abfd9_arm64",
"9Base-RHACM-2.10:rhacm2/kube-rbac-proxy-rhel9@sha256:42da847ca7b39914df099381ac807d8ab619774388c1a47e0d71020fbce998ae_s390x",
"9Base-RHACM-2.10:rhacm2/kube-rbac-proxy-rhel9@sha256:5e416f1249a77845f81c9cf1a1dfae74feca41afd6dd35e7be55a0fa61632c00_ppc64le",
"9Base-RHACM-2.10:rhacm2/kube-state-metrics-rhel9@sha256:715f6b9c01400a153157de08bf2a6b04ea54478ee2c18d7871b65c865d6902d2_s390x",
"9Base-RHACM-2.10:rhacm2/kube-state-metrics-rhel9@sha256:72f6c545d46d1cc6f3fb1b9cd6840f0496056d410c8ade62dd35d99dfdd60737_arm64",
"9Base-RHACM-2.10:rhacm2/kube-state-metrics-rhel9@sha256:88982e268e1a3d0c52c72563a684b58042adb0800ebd1e80208b898eebe75cd6_ppc64le",
"9Base-RHACM-2.10:rhacm2/kube-state-metrics-rhel9@sha256:9f2ac058e15d5653e8bced975955e26e51a88d36a1d5896305b6f5060afee43a_amd64",
"9Base-RHACM-2.10:rhacm2/memcached-exporter-rhel9@sha256:1304f49745ed8a18784196b5595cea1ec6caf904d0e61d0952a603e6fb7da6e0_ppc64le",
"9Base-RHACM-2.10:rhacm2/memcached-exporter-rhel9@sha256:36529c281273e5346ef5cce6a55e47c27fdaf2507a6f7971576b738b1c543258_arm64",
"9Base-RHACM-2.10:rhacm2/memcached-exporter-rhel9@sha256:c5275f61fd2e84deaab7e789a7ffefdbe235866a8439d3d2534e4b26998372d6_s390x",
"9Base-RHACM-2.10:rhacm2/memcached-exporter-rhel9@sha256:f9f5ca67f62d6218b90b863b4fe63aa95aef755e5cbae5a83896f74a0039b7ab_amd64",
"9Base-RHACM-2.10:rhacm2/memcached-rhel9@sha256:2c4437598be87fc5f3f6639e728279d8ba21cf49061be78e3a4fbacc989997b4_amd64",
"9Base-RHACM-2.10:rhacm2/memcached-rhel9@sha256:2fb75dce1567e21a9f1361ec3ac54a4d5a2252f03aa64b6cdf4d1cd02a58d04c_s390x",
"9Base-RHACM-2.10:rhacm2/memcached-rhel9@sha256:4af229aca50a46ec9f190fbeef603f1259223f81f5307f46de17ad8b8c9760e1_arm64",
"9Base-RHACM-2.10:rhacm2/memcached-rhel9@sha256:e871cb2e5d235ae74a998356748299daace42d47a92e1da57a2773eae87625a6_ppc64le",
"9Base-RHACM-2.10:rhacm2/metrics-collector-rhel9@sha256:20ac5c57af957e7126221f4089bb816b948aa624788da9298b4f476ecc668293_amd64",
"9Base-RHACM-2.10:rhacm2/metrics-collector-rhel9@sha256:54665ca7529012a3a63c7dcc263a2e46964a0ee4ba43f19a2a3f05dcdfd5ae0f_ppc64le",
"9Base-RHACM-2.10:rhacm2/metrics-collector-rhel9@sha256:84543f21ccfe36960fce099930132e7042e505ba635c45a28a902ed2b2401d55_s390x",
"9Base-RHACM-2.10:rhacm2/metrics-collector-rhel9@sha256:eb32f5c275247babd03ec16b0978aced10a9b9da07a84f5af6be4d7c3852a6b7_arm64",
"9Base-RHACM-2.10:rhacm2/multicloud-integrations-rhel9@sha256:0529a11c8935d5b9fa2a3f29801749b09861076c0c2040612271f0bbafb5fbab_s390x",
"9Base-RHACM-2.10:rhacm2/multicloud-integrations-rhel9@sha256:2b7557d262cd8eacc45178dcca3dae642b1bb33fbfccdf6a3b63abb7e1a39d53_amd64",
"9Base-RHACM-2.10:rhacm2/multicloud-integrations-rhel9@sha256:606ea20603d86412a34478a3db9c17737cca2b04c26bcab175279028c822e492_arm64",
"9Base-RHACM-2.10:rhacm2/multicloud-integrations-rhel9@sha256:d3958606b5001619aa3044617ccb4fe265764d7dad05b0a6bf5b4910bd5d0ba7_ppc64le",
"9Base-RHACM-2.10:rhacm2/multicluster-observability-rhel9-operator@sha256:9b855d7e4cf6fe3c4da92d84a51adc63aea5f144bce38dbb9c4ab3d01370c296_amd64",
"9Base-RHACM-2.10:rhacm2/multicluster-observability-rhel9-operator@sha256:a9eb1e576d4eb5c7e9131803042b7d8529dab369595d0adc22623e24b67832d9_s390x",
"9Base-RHACM-2.10:rhacm2/multicluster-observability-rhel9-operator@sha256:ab73f96720c106dcb2ea64f8b7ac13ad866533d993c43cb7c6dbbf08ba4977dd_ppc64le",
"9Base-RHACM-2.10:rhacm2/multicluster-observability-rhel9-operator@sha256:f296c72dd6842481dad78536117aec3ff14d19be736e5679101bbfc92b87809b_arm64",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-application-rhel9@sha256:184f6068b077070b90ede3a2f4e81be398fd2841f042fc6f2f114fdfd4f1095b_arm64",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-application-rhel9@sha256:2a272685b487a747827220d16bc5aaff65c436d5c312b081d9fffd9ef4a8a0f9_amd64",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-application-rhel9@sha256:635c1cf425b8744a421c649bd809a59df6dc6cdeaa9da2a369706e522a3a0fab_ppc64le",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-application-rhel9@sha256:e15bedc9ce45cc025b6ab6c27d5b7eb95f6e750791ff0dae228a71eaeae1cace_s390x",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-channel-rhel9@sha256:2399cfe0b3b626be2acd289d8880b9913d73093220b3e4062bb7cddb2628640a_amd64",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-channel-rhel9@sha256:37f84cbbee522859c6f46e49179ab0b1e1fef118aac6741d18675b36e31972dd_s390x",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-channel-rhel9@sha256:43c086e0f17783322c26ba577db2c7c8fd43176a7ac14e45a40c3db0b91a6d1e_ppc64le",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-channel-rhel9@sha256:773c32065f60e4a2e626e17744d0a2cfc4049325f6664f899d8da949dc3fa4a6_arm64",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-subscription-rhel9@sha256:08aacdc6cad3ba5743a5d65c1bff5b3e41e44269765b94f45673a8e648f60584_amd64",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-subscription-rhel9@sha256:7eda39d696e452ec7e9da1473807e3134f149ed28d0ec873cf489451fbb007e0_arm64",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-subscription-rhel9@sha256:a791398b5dd73f447d22f260eaf209f782c9663e81c81529eb4b3018183f9deb_ppc64le",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-subscription-rhel9@sha256:b88262afe6149a741a566054ecc16400bc7335a443219d3ddbcb1ba7c939a38b_s390x",
"9Base-RHACM-2.10:rhacm2/multiclusterhub-rhel9@sha256:5de91afd73b5a86865954ab3f6587f382f53e0856422ed975d9aa867bd0ffbf9_arm64",
"9Base-RHACM-2.10:rhacm2/multiclusterhub-rhel9@sha256:97932a785e8601b170a7c6fd42b1e6a18203b958ccbb712352c2817b8103d9b5_s390x",
"9Base-RHACM-2.10:rhacm2/multiclusterhub-rhel9@sha256:b30d5d981e1522751e4434b1c107e5cefb6c8c22ea16915f35948c11f9aa0579_ppc64le",
"9Base-RHACM-2.10:rhacm2/multiclusterhub-rhel9@sha256:c5e3898dd435f49636834ce14b3188f7163167cdb538d85812393cf450d49157_amd64",
"9Base-RHACM-2.10:rhacm2/node-exporter-rhel9@sha256:8bb239eafceaa18a786b78f7bf54c7063d80bce60567d10d81c5a4282b2884b4_s390x",
"9Base-RHACM-2.10:rhacm2/node-exporter-rhel9@sha256:9611a92119f19e11c29e9e93b9c714499e60d06712da97d9fa77ed0fd0d4d33b_arm64",
"9Base-RHACM-2.10:rhacm2/node-exporter-rhel9@sha256:d147abba6fa66eb914005d4cd62302c527cbfc0083be386275c5c782b90c3c1c_amd64",
"9Base-RHACM-2.10:rhacm2/node-exporter-rhel9@sha256:f9a4446156fd21112854846849c68952e4c336e5782d6aeb3c49bddd3408d388_ppc64le",
"9Base-RHACM-2.10:rhacm2/observatorium-rhel9-operator@sha256:414b191a314b0695aede28ac7229a064833d798e94d5b92a434e2eb3650983b6_arm64",
"9Base-RHACM-2.10:rhacm2/observatorium-rhel9-operator@sha256:9e2d97d0116349c1f1e1d815a6d8822c9f5331acdb81e878c0cb0e86149167ef_ppc64le",
"9Base-RHACM-2.10:rhacm2/observatorium-rhel9-operator@sha256:e2dabaf7c375e039797330bb33e03c993356dc5a37949f84a89c3e4f40ff0023_amd64",
"9Base-RHACM-2.10:rhacm2/observatorium-rhel9-operator@sha256:ecda2be3377f15a09c6971b1a689bb9eb917909d55f54c996d54a972aece7432_s390x",
"9Base-RHACM-2.10:rhacm2/observatorium-rhel9@sha256:10ee1d5c854a7daf0d33f1dc16529a7e1a3cb67fab5a626f8a42da705186265e_arm64",
"9Base-RHACM-2.10:rhacm2/observatorium-rhel9@sha256:1eb9b98d7f3c878e09b45aad2a64780e46026c55d6f70a64d66e255ec13ce9fb_s390x",
"9Base-RHACM-2.10:rhacm2/observatorium-rhel9@sha256:25ee9231e17b71c83f12a9ce5d94629b2fd8ad3c64b61de9f03b057584f84804_ppc64le",
"9Base-RHACM-2.10:rhacm2/observatorium-rhel9@sha256:7812638565dff9368b4db0ed9aecb86c544d0b6caa773994c5c830e800060e22_amd64",
"9Base-RHACM-2.10:rhacm2/prometheus-alertmanager-rhel9@sha256:0a4ecc2af398e1a771540af4f062abfc0f47bfae9ba3a2fcb6a6c66940385d42_ppc64le",
"9Base-RHACM-2.10:rhacm2/prometheus-alertmanager-rhel9@sha256:0e7e5cfd6a953e092eb3ae72b236741f73432f8d262ace74caa2acf8c5fe3863_amd64",
"9Base-RHACM-2.10:rhacm2/prometheus-alertmanager-rhel9@sha256:25abc3028c69dedee05220fa4f0f32b7accc33ef519f46b23860612307db2181_arm64",
"9Base-RHACM-2.10:rhacm2/prometheus-alertmanager-rhel9@sha256:88383e94dcec26826df02cdebc9e7cc764e92b2ce71300c31a46f20ce92135c0_s390x",
"9Base-RHACM-2.10:rhacm2/prometheus-rhel9@sha256:556c5d133dd996b86dceb03158d4d463ccdbbf29cc9ca05ff1e3915a48cd8c47_s390x",
"9Base-RHACM-2.10:rhacm2/prometheus-rhel9@sha256:98af2a53f9c59b0bdd6ee9c8f27eb00f65a870ee64ba8d503083a9a0d3aa2ec6_arm64",
"9Base-RHACM-2.10:rhacm2/prometheus-rhel9@sha256:99e749f7d98203070348c652f6df158c9207801d86439ddde08bcae16e813ea5_ppc64le",
"9Base-RHACM-2.10:rhacm2/prometheus-rhel9@sha256:c1c2a5bc8d471fb7cbbf31c0e5513bf2630efbd1a5bbb458dc0c98b3ee608636_amd64",
"9Base-RHACM-2.10:rhacm2/rbac-query-proxy-rhel9@sha256:5f70872d294b5f10393fa7c6a6ffd81a6a509ea7589753d29ad49118a87fb2df_s390x",
"9Base-RHACM-2.10:rhacm2/rbac-query-proxy-rhel9@sha256:a061734a251e62cd31792ec9065f6a346de672f72e32965954811faf11f86d62_amd64",
"9Base-RHACM-2.10:rhacm2/rbac-query-proxy-rhel9@sha256:e325c611a68e60d204018b8aac765bb58e135b44735bbc14069c5cbf49828ada_ppc64le",
"9Base-RHACM-2.10:rhacm2/rbac-query-proxy-rhel9@sha256:fe807380c43daaae2ca277ef4a6b6bace7842087112f7d242773a073797c908e_arm64",
"9Base-RHACM-2.10:rhacm2/search-collector-rhel9@sha256:2092c265f1dea3dc553c370c3b07c92e4cb8523ccc58d46af4a517165e9b7bc4_s390x",
"9Base-RHACM-2.10:rhacm2/search-collector-rhel9@sha256:557e431af519bf544102927491fffbdd4091a5a9377396d7d30b2898897c8fba_amd64",
"9Base-RHACM-2.10:rhacm2/search-collector-rhel9@sha256:f908a57c2bfe78911889102abb61377d5170590689930d74b8d6a9fa7bc66848_ppc64le",
"9Base-RHACM-2.10:rhacm2/search-collector-rhel9@sha256:fe20c8e6fbf707c0467a4876405f2f8b395ac24ca554bd052f7f55da2df6371f_arm64",
"9Base-RHACM-2.10:rhacm2/submariner-addon-rhel9@sha256:1d74ed10635e7021129e60caa3358581d61c4bd93cebed86f79d5fdba100b10f_ppc64le",
"9Base-RHACM-2.10:rhacm2/submariner-addon-rhel9@sha256:92584807362684f692fc991f06ffecf241ee6494d4b37c584d74527214b33acb_s390x",
"9Base-RHACM-2.10:rhacm2/submariner-addon-rhel9@sha256:9a6b6d7ed493c6c8c9962485404f551974cece1b59e7197f9ed6fce120ca7d0d_arm64",
"9Base-RHACM-2.10:rhacm2/submariner-addon-rhel9@sha256:e8eb481c682682ea78d5f7d5793f63e427fcffc867db012f327b5469c524535c_amd64",
"9Base-RHACM-2.10:rhacm2/thanos-receive-controller-rhel9@sha256:09b931bd7405cc8733625884f61ccaa92b40b48d9068d78f552a6c9383cb02e9_amd64",
"9Base-RHACM-2.10:rhacm2/thanos-receive-controller-rhel9@sha256:64aebcc4f88c096cb93faa8fab067308442fd49c07e55fcb55283ef86643f642_s390x",
"9Base-RHACM-2.10:rhacm2/thanos-receive-controller-rhel9@sha256:91f186246d963c2978023489ed7cd58dec2f57641fd2a2a0c16d2caa5377147c_arm64",
"9Base-RHACM-2.10:rhacm2/thanos-receive-controller-rhel9@sha256:d391d522c2006e634df69f28eacd1f6cfba7b1ac4ec27ea97c307f4da5213954_ppc64le",
"9Base-RHACM-2.10:rhacm2/thanos-rhel9@sha256:9c82d36f3a942088a6612e6e1d5d7f3413006b2f5df41758c0072ee8d68b3801_ppc64le",
"9Base-RHACM-2.10:rhacm2/thanos-rhel9@sha256:c431d914ecca6080a1ce9ee7fb15019ca5f5b5cb7083fa739ce14b9f8afd570e_amd64",
"9Base-RHACM-2.10:rhacm2/thanos-rhel9@sha256:e8e6c42e37b2c0ba6456d48afa747f3c6f167cbcf4523d5ad751351a932deefc_arm64",
"9Base-RHACM-2.10:rhacm2/thanos-rhel9@sha256:f7dc5a2e9c41416badca921ef6a4b16e9edd2aea052107d737bb3ddbc2e0242c_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-4068"
},
{
"category": "external",
"summary": "RHBZ#2280600",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2280600"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-4068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4068"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-4068",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-4068"
},
{
"category": "external",
"summary": "https://devhub.checkmarx.com/cve-details/CVE-2024-4068/",
"url": "https://devhub.checkmarx.com/cve-details/CVE-2024-4068/"
},
{
"category": "external",
"summary": "https://github.com/micromatch/braces/blob/98414f9f1fabe021736e26836d8306d5de747e0d/lib/parse.js#L308",
"url": "https://github.com/micromatch/braces/blob/98414f9f1fabe021736e26836d8306d5de747e0d/lib/parse.js#L308"
},
{
"category": "external",
"summary": "https://github.com/micromatch/braces/issues/35",
"url": "https://github.com/micromatch/braces/issues/35"
}
],
"release_date": "2024-03-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-07-10T19:53:51+00:00",
"details": "For Red Hat Advanced Cluster Management for Kubernetes, see the following\ndocumentation, which will be updated shortly for this release:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.10/html-single/install/index#installing",
"product_ids": [
"9Base-RHACM-2.10:rhacm2/console-rhel9@sha256:4ee3bbdcc190cd6c3e1eff8bfabe8ca3cd9e61ab5d824983a955e6d509238041_arm64",
"9Base-RHACM-2.10:rhacm2/console-rhel9@sha256:5fe6fb2bd7e31a960bc018d870af482f668ab417d601d94a5ac5981fd116a852_s390x",
"9Base-RHACM-2.10:rhacm2/console-rhel9@sha256:9005fc71b91a5d2a1fe502e90d57cea2285d1218ad6e49f4bcdd77bf560c5765_ppc64le",
"9Base-RHACM-2.10:rhacm2/console-rhel9@sha256:b3bc8c5f587da2c7ce4e25d5d2e72b08939071297cf3fdc5d51fb631d99aa168_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:4464"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHACM-2.10:rhacm2/acm-cluster-permission-rhel9@sha256:b9ef8ca2a002c616c6644cf16b80d5901d7b46034dc7e57ec1dd1d260cf0e32b_s390x",
"9Base-RHACM-2.10:rhacm2/acm-cluster-permission-rhel9@sha256:bd41dedb13ae9360d2e856ec6d52ea35b726425a65e92a00cd6037344ae5780e_amd64",
"9Base-RHACM-2.10:rhacm2/acm-cluster-permission-rhel9@sha256:dac35e93ff173bd30fefbdec8676fb605e28368aec3eccc4ac603f16eadcf31d_arm64",
"9Base-RHACM-2.10:rhacm2/acm-cluster-permission-rhel9@sha256:e8c9920427522b7ef645422b85ff1585e65b9d659c792e57201dfc06d6a13ffa_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-governance-policy-addon-controller-rhel9@sha256:65d709ef780d8d867c145b1ddf8e7031bd8e710972b21ed2d7b9d9ede0bfdb43_s390x",
"9Base-RHACM-2.10:rhacm2/acm-governance-policy-addon-controller-rhel9@sha256:87988ad277b62bbcc061dbe4242bfc2edcc21dc98c4c7c66385131c0425b0fa7_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-governance-policy-addon-controller-rhel9@sha256:9af1cb9605a8fdf7212a079ed8fa51b110b367c705a51651ba3933e936519e7f_arm64",
"9Base-RHACM-2.10:rhacm2/acm-governance-policy-addon-controller-rhel9@sha256:c6e3728b6687b8c83a11c326e4fd098ceef3f501725efbdfcb0ded0645a1473e_amd64",
"9Base-RHACM-2.10:rhacm2/acm-governance-policy-framework-addon-rhel9@sha256:3101f1389311c0006c0fb9953c44d5fff9e968597952103a5a873a7a4c4707da_amd64",
"9Base-RHACM-2.10:rhacm2/acm-governance-policy-framework-addon-rhel9@sha256:4536de55598f032ad91056c779ec2faea5c28de557a730d50cb2b2aba9b3bf00_s390x",
"9Base-RHACM-2.10:rhacm2/acm-governance-policy-framework-addon-rhel9@sha256:587fc80d3d6e3f2295272934fb39cfa3b96f5a2652a533b6b01cc6b04d10cb66_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-governance-policy-framework-addon-rhel9@sha256:63246c061e7960a656cb66c8ccca2b7bed943c9a1fe96a28f9cd99829608cda5_arm64",
"9Base-RHACM-2.10:rhacm2/acm-grafana-rhel9@sha256:1cd1c6a91611569a855444430c527a8bebbe113f77dd47dcfc2b8305c3a26a13_s390x",
"9Base-RHACM-2.10:rhacm2/acm-grafana-rhel9@sha256:3a59dd5e30b37f1e1feffba959d88d3aab37701500203afb71b2d38958236b85_amd64",
"9Base-RHACM-2.10:rhacm2/acm-grafana-rhel9@sha256:b488d250bc1c82f3f7e26a1bc741dee02e57b3e3d40cf2965e541d2c5727ec65_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-grafana-rhel9@sha256:df4024e8506d0926ad81943684532dd9e4054f26d23da6e329f593239b5a1513_arm64",
"9Base-RHACM-2.10:rhacm2/acm-must-gather-rhel9@sha256:66bca60baa85bc23963b5955fe57e8b7b7038c1088e2ce60f1fedc1a41d944dc_arm64",
"9Base-RHACM-2.10:rhacm2/acm-must-gather-rhel9@sha256:92d087992acf383c2f06ed92996049c412fc1fef76be10fc40eb6ba2e4b2f9be_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-must-gather-rhel9@sha256:bfc79c952b6f62658ef36373af72e6213de78ba1c3a18f018add4295d8ae72f8_s390x",
"9Base-RHACM-2.10:rhacm2/acm-must-gather-rhel9@sha256:fb9fa96ebaba320dd723e7d5727b20c63f66aa6c39f460a6270c572354123fd9_amd64",
"9Base-RHACM-2.10:rhacm2/acm-operator-bundle@sha256:190d00bcb1bdbf289cc4ae87f738aeabe04470194e51870c572876e4c118d712_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-operator-bundle@sha256:304e9a12e0c7b7be0444efd26764d32818fc3ad1ad936b565232f5f82a5f72fe_amd64",
"9Base-RHACM-2.10:rhacm2/acm-operator-bundle@sha256:cc65cb3804a7e6150028a6f1c60fcbdb78c42689769ff9378922491481947aed_s390x",
"9Base-RHACM-2.10:rhacm2/acm-prometheus-config-reloader-rhel9@sha256:0b885dfd28d82220fdb03b7bca0e1ed2fc941bc712e536af71e4e11ee9defee4_amd64",
"9Base-RHACM-2.10:rhacm2/acm-prometheus-config-reloader-rhel9@sha256:53cd755cea5a527c089321e5571c14ad0fd5d55b16e7c2acddc2a7c9670cffd2_arm64",
"9Base-RHACM-2.10:rhacm2/acm-prometheus-config-reloader-rhel9@sha256:8f18c68e47b66926d14795818f3a1dc21ffdcbcf1a220c7518194416602b19ac_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-prometheus-config-reloader-rhel9@sha256:be5be2fe888521fd8ac6d7ebca3cf127724128eb6ff4e11f90d61a4af60f1bee_s390x",
"9Base-RHACM-2.10:rhacm2/acm-prometheus-rhel9@sha256:8da9c5a18b42861d11e3df3f37b5f47b810af1b25beec208ce75b6f69d913ecd_s390x",
"9Base-RHACM-2.10:rhacm2/acm-prometheus-rhel9@sha256:91ec246784f1e7cdd0c20ab36ea09f13e553c043851699dae6191ea1ce101a61_arm64",
"9Base-RHACM-2.10:rhacm2/acm-prometheus-rhel9@sha256:969cc23c2f503797d491c797220e09b1682887742f669d338a5fd3613908148d_amd64",
"9Base-RHACM-2.10:rhacm2/acm-prometheus-rhel9@sha256:a1b920873dbb0984f41a8b49a4e0263c9756d909391601290b8a67278596327b_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-search-indexer-rhel9@sha256:21476ec5340f5e98451f83d7d455f86e8368ed4c882f564cf80b234dc2ceae1a_amd64",
"9Base-RHACM-2.10:rhacm2/acm-search-indexer-rhel9@sha256:47083a8e2f6234e7e3743c2f7d5cc433ad76a46a609f65640e047bfa9557082c_s390x",
"9Base-RHACM-2.10:rhacm2/acm-search-indexer-rhel9@sha256:95c15180b6b25c453b8aa81c42b106d6e9fb1d832761a3b2b06922c0ceee4d7b_arm64",
"9Base-RHACM-2.10:rhacm2/acm-search-indexer-rhel9@sha256:9ba73ef3b2447b16aab7503bce4e480441b272e997dab87ee9cc4b0f1ac040ba_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-search-v2-api-rhel9@sha256:1891db398d822cb0c424245928033240dfdcfd35d21ab052379d432423a6e038_s390x",
"9Base-RHACM-2.10:rhacm2/acm-search-v2-api-rhel9@sha256:247e052a3b5bc9708f1c0953f09c942414852f2109a9694af864375032072ae2_arm64",
"9Base-RHACM-2.10:rhacm2/acm-search-v2-api-rhel9@sha256:51a415f07cfadd9ae5b4b29cb3247b5085bb18edad8df566c47dc7e89ef0939e_amd64",
"9Base-RHACM-2.10:rhacm2/acm-search-v2-api-rhel9@sha256:756982578354d8a66399f2464602458f80bd398e46656a3d86c9303fa2068900_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-search-v2-rhel9@sha256:329f59a93ce1e2aab017a924db00b6aaca4c8ee40b5d5c2358af11af2e5319bd_s390x",
"9Base-RHACM-2.10:rhacm2/acm-search-v2-rhel9@sha256:9e2aa6686deee7b78bda5dcb08dad31c87a9653e48788df4e8bb39d4965c9101_arm64",
"9Base-RHACM-2.10:rhacm2/acm-search-v2-rhel9@sha256:e995897416f24436e6bef220bd4d5b3ba8fbd26c97fbd5e250391a3aef14bce5_amd64",
"9Base-RHACM-2.10:rhacm2/acm-search-v2-rhel9@sha256:f45417abdf399566fa98b0686ab4b2b55d776b6dfa67b7b7c24565b084c39165_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-volsync-addon-controller-rhel9@sha256:055c5ab4b2045571efe53bbd4ca54ba8a17a2cf590dad70c65667ed6b11ca86a_arm64",
"9Base-RHACM-2.10:rhacm2/acm-volsync-addon-controller-rhel9@sha256:60070927868e0538d31090138892fe64445321098b3874880fd21e7dcc1ffae7_amd64",
"9Base-RHACM-2.10:rhacm2/acm-volsync-addon-controller-rhel9@sha256:cc991f8f8af9337ab908f6564b4b77daef5893dc2759ff483142ef659a6a4b30_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-volsync-addon-controller-rhel9@sha256:faee49ca0c46781594189977f3ab5805060cd0a95e47ba575ec05bb549e21a69_s390x",
"9Base-RHACM-2.10:rhacm2/cert-policy-controller-rhel9@sha256:081c86b4c25876ac0734a0caff771a30b848530f1e89f9e0d3ee3f743f579e9c_s390x",
"9Base-RHACM-2.10:rhacm2/cert-policy-controller-rhel9@sha256:318f11ebe87bc1feced78f9d2ae66856884606c721e15d2d05045562d248ac3f_arm64",
"9Base-RHACM-2.10:rhacm2/cert-policy-controller-rhel9@sha256:5daaad58a8979d386830224e133a3bbc713b63039a99eda9a69487b999e71965_amd64",
"9Base-RHACM-2.10:rhacm2/cert-policy-controller-rhel9@sha256:bffedd5eb97a49dd210b51423ba8938684be1cb41dd79d06b2aab94bc0bb4963_ppc64le",
"9Base-RHACM-2.10:rhacm2/cluster-backup-rhel9-operator@sha256:0d141d0fa859ae0061605f2fe13381be2b6ebd9d8c6b91ca171a8e61e52842be_ppc64le",
"9Base-RHACM-2.10:rhacm2/cluster-backup-rhel9-operator@sha256:3a8bace1bb325142a64a4432543a828050e2e87de91a08dca793534841b7b841_amd64",
"9Base-RHACM-2.10:rhacm2/cluster-backup-rhel9-operator@sha256:66f67d2d8c09634e2e5ae0be07437cb1918f6b506e35bc9b7af82f4979dfc4ed_s390x",
"9Base-RHACM-2.10:rhacm2/cluster-backup-rhel9-operator@sha256:ac726852c9aa7e54aa4d75c6c485b429f16fffbb61d2840b527c5a1cfdb5c842_arm64",
"9Base-RHACM-2.10:rhacm2/config-policy-controller-rhel9@sha256:0ef8fdea99a8fd44feff31b4883a6ecd17eeabb5e8c9ccbdbdd30c32cc2cbe64_amd64",
"9Base-RHACM-2.10:rhacm2/config-policy-controller-rhel9@sha256:b7ff6680725a8bb31edf5dc58d82ac0b9d201ba8eac4c6f2ea4c3cd35f52915a_s390x",
"9Base-RHACM-2.10:rhacm2/config-policy-controller-rhel9@sha256:d4456a33f0488db9c77d12a279500b68a41441a8ff6c8cc9723a7ccc46e90dc7_arm64",
"9Base-RHACM-2.10:rhacm2/config-policy-controller-rhel9@sha256:d6e8119559b01231206654d2a57114862c4c6b5ca604ccf7b92e53bea6e2e2c2_ppc64le",
"9Base-RHACM-2.10:rhacm2/console-rhel9@sha256:4ee3bbdcc190cd6c3e1eff8bfabe8ca3cd9e61ab5d824983a955e6d509238041_arm64",
"9Base-RHACM-2.10:rhacm2/console-rhel9@sha256:5fe6fb2bd7e31a960bc018d870af482f668ab417d601d94a5ac5981fd116a852_s390x",
"9Base-RHACM-2.10:rhacm2/console-rhel9@sha256:9005fc71b91a5d2a1fe502e90d57cea2285d1218ad6e49f4bcdd77bf560c5765_ppc64le",
"9Base-RHACM-2.10:rhacm2/console-rhel9@sha256:b3bc8c5f587da2c7ce4e25d5d2e72b08939071297cf3fdc5d51fb631d99aa168_amd64",
"9Base-RHACM-2.10:rhacm2/endpoint-monitoring-rhel9-operator@sha256:75bc23118d6e3ae1ec142a6f47a871efcd8ec5aa6da2bef7cf24e716b3b3be3c_s390x",
"9Base-RHACM-2.10:rhacm2/endpoint-monitoring-rhel9-operator@sha256:cf7be8fd6b726cb7ba8a3f57e14e20d7944245759cd6e8bd26dca4d666fb866a_arm64",
"9Base-RHACM-2.10:rhacm2/endpoint-monitoring-rhel9-operator@sha256:d8c3352fceb6a53e110f76501bb2c2f4cf7a9284f9dd30dee3fe3e015b622195_amd64",
"9Base-RHACM-2.10:rhacm2/endpoint-monitoring-rhel9-operator@sha256:e177864e6bc3b6e66f1f455229257210b77a3b7d0e18c480d252ed79f03bf67a_ppc64le",
"9Base-RHACM-2.10:rhacm2/governance-policy-propagator-rhel9@sha256:400644c05d5768fb7460bb3f8bfa880bc21e91f365130d13877f015ba2146358_amd64",
"9Base-RHACM-2.10:rhacm2/governance-policy-propagator-rhel9@sha256:46deef6c168120168168820dad57ce9b2d2641be926772eaeba2d03d3d324e2a_s390x",
"9Base-RHACM-2.10:rhacm2/governance-policy-propagator-rhel9@sha256:4e9143f58e4755b86526d113040acd0ee0069fefe9243e08c864c35d25b276e9_ppc64le",
"9Base-RHACM-2.10:rhacm2/governance-policy-propagator-rhel9@sha256:8947a68138c101fdc355b94a4deb0d02f44de025fe733e8d5fb28f5fce93b7c9_arm64",
"9Base-RHACM-2.10:rhacm2/grafana-dashboard-loader-rhel9@sha256:26a08abd967f17e23975b728768e2f561750856b0f98ff5f27506da94fa597ca_ppc64le",
"9Base-RHACM-2.10:rhacm2/grafana-dashboard-loader-rhel9@sha256:43f27505c8ac51aa659c638f96f7681d8d3029775b9153a8075fa38dd48dbc3c_arm64",
"9Base-RHACM-2.10:rhacm2/grafana-dashboard-loader-rhel9@sha256:a9afb35685e18a179269293a1998eb5c6c8c47e9247a7f3f1c27d3b1b35a83b2_amd64",
"9Base-RHACM-2.10:rhacm2/grafana-dashboard-loader-rhel9@sha256:f30433d2c90f38c86f1780bd8b74a50821837f769db589ee720e35fd79dbc23b_s390x",
"9Base-RHACM-2.10:rhacm2/iam-policy-controller-rhel9@sha256:63ca0eef9b3febe70ceea5b47a36fea7455eef69da9d1bda70d2bc9661ec2f2c_arm64",
"9Base-RHACM-2.10:rhacm2/iam-policy-controller-rhel9@sha256:ae274418f0fa055670012f2d92d63ebb175fdbd3946486312007bc2b0a915541_ppc64le",
"9Base-RHACM-2.10:rhacm2/iam-policy-controller-rhel9@sha256:c1d7619138ab3717e6f6a49ac76f95ff041a022746891057d6e4e163114fb864_amd64",
"9Base-RHACM-2.10:rhacm2/iam-policy-controller-rhel9@sha256:f62a79f1f02af4be1424b74071e6d701e5c514e27019e69ee98cbed10b602f3d_s390x",
"9Base-RHACM-2.10:rhacm2/insights-client-rhel9@sha256:0ff4ca5a9703ec58d70178152b5dbbb3aaffa5fce80153eda12f727f7c3e0b6f_ppc64le",
"9Base-RHACM-2.10:rhacm2/insights-client-rhel9@sha256:70833a6ef9ebc1b50e914744e0f7c36c259bb7889c7ff8085cb8470826ac803e_s390x",
"9Base-RHACM-2.10:rhacm2/insights-client-rhel9@sha256:cdf079542b23633884a52daa02d4b9182aaf7454e769186de4f495467686653d_arm64",
"9Base-RHACM-2.10:rhacm2/insights-client-rhel9@sha256:f62d6a262c044a7883f34563e3e1909761ca0bd44e4d5f8a0e564db8b630068b_amd64",
"9Base-RHACM-2.10:rhacm2/insights-metrics-rhel9@sha256:16862c34efb507d44455ed78cde51a1f57969cc69f4beec70ecb697b8ea406dc_amd64",
"9Base-RHACM-2.10:rhacm2/insights-metrics-rhel9@sha256:2f7c346cb847e2928715bd4b64a34531b82d0130a89a08f19c3026db5d89c5a1_ppc64le",
"9Base-RHACM-2.10:rhacm2/insights-metrics-rhel9@sha256:44f56f7a1ac2720ce815ea7aa824ea37a0bdcf63c637941ca84328578a735142_arm64",
"9Base-RHACM-2.10:rhacm2/insights-metrics-rhel9@sha256:e2a9110af4d9bac9fd97b8f5981230c495506d50db571eccae9e16e361abfdd7_s390x",
"9Base-RHACM-2.10:rhacm2/klusterlet-addon-controller-rhel9@sha256:693af28fa3e5f1aee61695e891fdd33a49b5280e4a555f84b838ca8e829d0999_ppc64le",
"9Base-RHACM-2.10:rhacm2/klusterlet-addon-controller-rhel9@sha256:7ac958c32070e6282a8cbe262810c58a81e6e331bf59877cd67758ab6feb8ada_amd64",
"9Base-RHACM-2.10:rhacm2/klusterlet-addon-controller-rhel9@sha256:8528a204787ecde3925c9c3ef31e225f59c5b4b3a21bd314541fe06dd4c1aa73_s390x",
"9Base-RHACM-2.10:rhacm2/klusterlet-addon-controller-rhel9@sha256:cf0bf12f03bd0a4a09188d1f5b4820aa6e7f6e4a1fb1bc2c45559553907c6eae_arm64",
"9Base-RHACM-2.10:rhacm2/kube-rbac-proxy-rhel9@sha256:1d75e8e70fc3f3943841bd34f79e5762705b0d23460064c6adcdd0fc6b39005a_amd64",
"9Base-RHACM-2.10:rhacm2/kube-rbac-proxy-rhel9@sha256:355905503e1321fc2fd75b12bab33b2cb75cbfcc0d0e7e70400790da081abfd9_arm64",
"9Base-RHACM-2.10:rhacm2/kube-rbac-proxy-rhel9@sha256:42da847ca7b39914df099381ac807d8ab619774388c1a47e0d71020fbce998ae_s390x",
"9Base-RHACM-2.10:rhacm2/kube-rbac-proxy-rhel9@sha256:5e416f1249a77845f81c9cf1a1dfae74feca41afd6dd35e7be55a0fa61632c00_ppc64le",
"9Base-RHACM-2.10:rhacm2/kube-state-metrics-rhel9@sha256:715f6b9c01400a153157de08bf2a6b04ea54478ee2c18d7871b65c865d6902d2_s390x",
"9Base-RHACM-2.10:rhacm2/kube-state-metrics-rhel9@sha256:72f6c545d46d1cc6f3fb1b9cd6840f0496056d410c8ade62dd35d99dfdd60737_arm64",
"9Base-RHACM-2.10:rhacm2/kube-state-metrics-rhel9@sha256:88982e268e1a3d0c52c72563a684b58042adb0800ebd1e80208b898eebe75cd6_ppc64le",
"9Base-RHACM-2.10:rhacm2/kube-state-metrics-rhel9@sha256:9f2ac058e15d5653e8bced975955e26e51a88d36a1d5896305b6f5060afee43a_amd64",
"9Base-RHACM-2.10:rhacm2/memcached-exporter-rhel9@sha256:1304f49745ed8a18784196b5595cea1ec6caf904d0e61d0952a603e6fb7da6e0_ppc64le",
"9Base-RHACM-2.10:rhacm2/memcached-exporter-rhel9@sha256:36529c281273e5346ef5cce6a55e47c27fdaf2507a6f7971576b738b1c543258_arm64",
"9Base-RHACM-2.10:rhacm2/memcached-exporter-rhel9@sha256:c5275f61fd2e84deaab7e789a7ffefdbe235866a8439d3d2534e4b26998372d6_s390x",
"9Base-RHACM-2.10:rhacm2/memcached-exporter-rhel9@sha256:f9f5ca67f62d6218b90b863b4fe63aa95aef755e5cbae5a83896f74a0039b7ab_amd64",
"9Base-RHACM-2.10:rhacm2/memcached-rhel9@sha256:2c4437598be87fc5f3f6639e728279d8ba21cf49061be78e3a4fbacc989997b4_amd64",
"9Base-RHACM-2.10:rhacm2/memcached-rhel9@sha256:2fb75dce1567e21a9f1361ec3ac54a4d5a2252f03aa64b6cdf4d1cd02a58d04c_s390x",
"9Base-RHACM-2.10:rhacm2/memcached-rhel9@sha256:4af229aca50a46ec9f190fbeef603f1259223f81f5307f46de17ad8b8c9760e1_arm64",
"9Base-RHACM-2.10:rhacm2/memcached-rhel9@sha256:e871cb2e5d235ae74a998356748299daace42d47a92e1da57a2773eae87625a6_ppc64le",
"9Base-RHACM-2.10:rhacm2/metrics-collector-rhel9@sha256:20ac5c57af957e7126221f4089bb816b948aa624788da9298b4f476ecc668293_amd64",
"9Base-RHACM-2.10:rhacm2/metrics-collector-rhel9@sha256:54665ca7529012a3a63c7dcc263a2e46964a0ee4ba43f19a2a3f05dcdfd5ae0f_ppc64le",
"9Base-RHACM-2.10:rhacm2/metrics-collector-rhel9@sha256:84543f21ccfe36960fce099930132e7042e505ba635c45a28a902ed2b2401d55_s390x",
"9Base-RHACM-2.10:rhacm2/metrics-collector-rhel9@sha256:eb32f5c275247babd03ec16b0978aced10a9b9da07a84f5af6be4d7c3852a6b7_arm64",
"9Base-RHACM-2.10:rhacm2/multicloud-integrations-rhel9@sha256:0529a11c8935d5b9fa2a3f29801749b09861076c0c2040612271f0bbafb5fbab_s390x",
"9Base-RHACM-2.10:rhacm2/multicloud-integrations-rhel9@sha256:2b7557d262cd8eacc45178dcca3dae642b1bb33fbfccdf6a3b63abb7e1a39d53_amd64",
"9Base-RHACM-2.10:rhacm2/multicloud-integrations-rhel9@sha256:606ea20603d86412a34478a3db9c17737cca2b04c26bcab175279028c822e492_arm64",
"9Base-RHACM-2.10:rhacm2/multicloud-integrations-rhel9@sha256:d3958606b5001619aa3044617ccb4fe265764d7dad05b0a6bf5b4910bd5d0ba7_ppc64le",
"9Base-RHACM-2.10:rhacm2/multicluster-observability-rhel9-operator@sha256:9b855d7e4cf6fe3c4da92d84a51adc63aea5f144bce38dbb9c4ab3d01370c296_amd64",
"9Base-RHACM-2.10:rhacm2/multicluster-observability-rhel9-operator@sha256:a9eb1e576d4eb5c7e9131803042b7d8529dab369595d0adc22623e24b67832d9_s390x",
"9Base-RHACM-2.10:rhacm2/multicluster-observability-rhel9-operator@sha256:ab73f96720c106dcb2ea64f8b7ac13ad866533d993c43cb7c6dbbf08ba4977dd_ppc64le",
"9Base-RHACM-2.10:rhacm2/multicluster-observability-rhel9-operator@sha256:f296c72dd6842481dad78536117aec3ff14d19be736e5679101bbfc92b87809b_arm64",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-application-rhel9@sha256:184f6068b077070b90ede3a2f4e81be398fd2841f042fc6f2f114fdfd4f1095b_arm64",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-application-rhel9@sha256:2a272685b487a747827220d16bc5aaff65c436d5c312b081d9fffd9ef4a8a0f9_amd64",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-application-rhel9@sha256:635c1cf425b8744a421c649bd809a59df6dc6cdeaa9da2a369706e522a3a0fab_ppc64le",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-application-rhel9@sha256:e15bedc9ce45cc025b6ab6c27d5b7eb95f6e750791ff0dae228a71eaeae1cace_s390x",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-channel-rhel9@sha256:2399cfe0b3b626be2acd289d8880b9913d73093220b3e4062bb7cddb2628640a_amd64",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-channel-rhel9@sha256:37f84cbbee522859c6f46e49179ab0b1e1fef118aac6741d18675b36e31972dd_s390x",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-channel-rhel9@sha256:43c086e0f17783322c26ba577db2c7c8fd43176a7ac14e45a40c3db0b91a6d1e_ppc64le",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-channel-rhel9@sha256:773c32065f60e4a2e626e17744d0a2cfc4049325f6664f899d8da949dc3fa4a6_arm64",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-subscription-rhel9@sha256:08aacdc6cad3ba5743a5d65c1bff5b3e41e44269765b94f45673a8e648f60584_amd64",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-subscription-rhel9@sha256:7eda39d696e452ec7e9da1473807e3134f149ed28d0ec873cf489451fbb007e0_arm64",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-subscription-rhel9@sha256:a791398b5dd73f447d22f260eaf209f782c9663e81c81529eb4b3018183f9deb_ppc64le",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-subscription-rhel9@sha256:b88262afe6149a741a566054ecc16400bc7335a443219d3ddbcb1ba7c939a38b_s390x",
"9Base-RHACM-2.10:rhacm2/multiclusterhub-rhel9@sha256:5de91afd73b5a86865954ab3f6587f382f53e0856422ed975d9aa867bd0ffbf9_arm64",
"9Base-RHACM-2.10:rhacm2/multiclusterhub-rhel9@sha256:97932a785e8601b170a7c6fd42b1e6a18203b958ccbb712352c2817b8103d9b5_s390x",
"9Base-RHACM-2.10:rhacm2/multiclusterhub-rhel9@sha256:b30d5d981e1522751e4434b1c107e5cefb6c8c22ea16915f35948c11f9aa0579_ppc64le",
"9Base-RHACM-2.10:rhacm2/multiclusterhub-rhel9@sha256:c5e3898dd435f49636834ce14b3188f7163167cdb538d85812393cf450d49157_amd64",
"9Base-RHACM-2.10:rhacm2/node-exporter-rhel9@sha256:8bb239eafceaa18a786b78f7bf54c7063d80bce60567d10d81c5a4282b2884b4_s390x",
"9Base-RHACM-2.10:rhacm2/node-exporter-rhel9@sha256:9611a92119f19e11c29e9e93b9c714499e60d06712da97d9fa77ed0fd0d4d33b_arm64",
"9Base-RHACM-2.10:rhacm2/node-exporter-rhel9@sha256:d147abba6fa66eb914005d4cd62302c527cbfc0083be386275c5c782b90c3c1c_amd64",
"9Base-RHACM-2.10:rhacm2/node-exporter-rhel9@sha256:f9a4446156fd21112854846849c68952e4c336e5782d6aeb3c49bddd3408d388_ppc64le",
"9Base-RHACM-2.10:rhacm2/observatorium-rhel9-operator@sha256:414b191a314b0695aede28ac7229a064833d798e94d5b92a434e2eb3650983b6_arm64",
"9Base-RHACM-2.10:rhacm2/observatorium-rhel9-operator@sha256:9e2d97d0116349c1f1e1d815a6d8822c9f5331acdb81e878c0cb0e86149167ef_ppc64le",
"9Base-RHACM-2.10:rhacm2/observatorium-rhel9-operator@sha256:e2dabaf7c375e039797330bb33e03c993356dc5a37949f84a89c3e4f40ff0023_amd64",
"9Base-RHACM-2.10:rhacm2/observatorium-rhel9-operator@sha256:ecda2be3377f15a09c6971b1a689bb9eb917909d55f54c996d54a972aece7432_s390x",
"9Base-RHACM-2.10:rhacm2/observatorium-rhel9@sha256:10ee1d5c854a7daf0d33f1dc16529a7e1a3cb67fab5a626f8a42da705186265e_arm64",
"9Base-RHACM-2.10:rhacm2/observatorium-rhel9@sha256:1eb9b98d7f3c878e09b45aad2a64780e46026c55d6f70a64d66e255ec13ce9fb_s390x",
"9Base-RHACM-2.10:rhacm2/observatorium-rhel9@sha256:25ee9231e17b71c83f12a9ce5d94629b2fd8ad3c64b61de9f03b057584f84804_ppc64le",
"9Base-RHACM-2.10:rhacm2/observatorium-rhel9@sha256:7812638565dff9368b4db0ed9aecb86c544d0b6caa773994c5c830e800060e22_amd64",
"9Base-RHACM-2.10:rhacm2/prometheus-alertmanager-rhel9@sha256:0a4ecc2af398e1a771540af4f062abfc0f47bfae9ba3a2fcb6a6c66940385d42_ppc64le",
"9Base-RHACM-2.10:rhacm2/prometheus-alertmanager-rhel9@sha256:0e7e5cfd6a953e092eb3ae72b236741f73432f8d262ace74caa2acf8c5fe3863_amd64",
"9Base-RHACM-2.10:rhacm2/prometheus-alertmanager-rhel9@sha256:25abc3028c69dedee05220fa4f0f32b7accc33ef519f46b23860612307db2181_arm64",
"9Base-RHACM-2.10:rhacm2/prometheus-alertmanager-rhel9@sha256:88383e94dcec26826df02cdebc9e7cc764e92b2ce71300c31a46f20ce92135c0_s390x",
"9Base-RHACM-2.10:rhacm2/prometheus-rhel9@sha256:556c5d133dd996b86dceb03158d4d463ccdbbf29cc9ca05ff1e3915a48cd8c47_s390x",
"9Base-RHACM-2.10:rhacm2/prometheus-rhel9@sha256:98af2a53f9c59b0bdd6ee9c8f27eb00f65a870ee64ba8d503083a9a0d3aa2ec6_arm64",
"9Base-RHACM-2.10:rhacm2/prometheus-rhel9@sha256:99e749f7d98203070348c652f6df158c9207801d86439ddde08bcae16e813ea5_ppc64le",
"9Base-RHACM-2.10:rhacm2/prometheus-rhel9@sha256:c1c2a5bc8d471fb7cbbf31c0e5513bf2630efbd1a5bbb458dc0c98b3ee608636_amd64",
"9Base-RHACM-2.10:rhacm2/rbac-query-proxy-rhel9@sha256:5f70872d294b5f10393fa7c6a6ffd81a6a509ea7589753d29ad49118a87fb2df_s390x",
"9Base-RHACM-2.10:rhacm2/rbac-query-proxy-rhel9@sha256:a061734a251e62cd31792ec9065f6a346de672f72e32965954811faf11f86d62_amd64",
"9Base-RHACM-2.10:rhacm2/rbac-query-proxy-rhel9@sha256:e325c611a68e60d204018b8aac765bb58e135b44735bbc14069c5cbf49828ada_ppc64le",
"9Base-RHACM-2.10:rhacm2/rbac-query-proxy-rhel9@sha256:fe807380c43daaae2ca277ef4a6b6bace7842087112f7d242773a073797c908e_arm64",
"9Base-RHACM-2.10:rhacm2/search-collector-rhel9@sha256:2092c265f1dea3dc553c370c3b07c92e4cb8523ccc58d46af4a517165e9b7bc4_s390x",
"9Base-RHACM-2.10:rhacm2/search-collector-rhel9@sha256:557e431af519bf544102927491fffbdd4091a5a9377396d7d30b2898897c8fba_amd64",
"9Base-RHACM-2.10:rhacm2/search-collector-rhel9@sha256:f908a57c2bfe78911889102abb61377d5170590689930d74b8d6a9fa7bc66848_ppc64le",
"9Base-RHACM-2.10:rhacm2/search-collector-rhel9@sha256:fe20c8e6fbf707c0467a4876405f2f8b395ac24ca554bd052f7f55da2df6371f_arm64",
"9Base-RHACM-2.10:rhacm2/submariner-addon-rhel9@sha256:1d74ed10635e7021129e60caa3358581d61c4bd93cebed86f79d5fdba100b10f_ppc64le",
"9Base-RHACM-2.10:rhacm2/submariner-addon-rhel9@sha256:92584807362684f692fc991f06ffecf241ee6494d4b37c584d74527214b33acb_s390x",
"9Base-RHACM-2.10:rhacm2/submariner-addon-rhel9@sha256:9a6b6d7ed493c6c8c9962485404f551974cece1b59e7197f9ed6fce120ca7d0d_arm64",
"9Base-RHACM-2.10:rhacm2/submariner-addon-rhel9@sha256:e8eb481c682682ea78d5f7d5793f63e427fcffc867db012f327b5469c524535c_amd64",
"9Base-RHACM-2.10:rhacm2/thanos-receive-controller-rhel9@sha256:09b931bd7405cc8733625884f61ccaa92b40b48d9068d78f552a6c9383cb02e9_amd64",
"9Base-RHACM-2.10:rhacm2/thanos-receive-controller-rhel9@sha256:64aebcc4f88c096cb93faa8fab067308442fd49c07e55fcb55283ef86643f642_s390x",
"9Base-RHACM-2.10:rhacm2/thanos-receive-controller-rhel9@sha256:91f186246d963c2978023489ed7cd58dec2f57641fd2a2a0c16d2caa5377147c_arm64",
"9Base-RHACM-2.10:rhacm2/thanos-receive-controller-rhel9@sha256:d391d522c2006e634df69f28eacd1f6cfba7b1ac4ec27ea97c307f4da5213954_ppc64le",
"9Base-RHACM-2.10:rhacm2/thanos-rhel9@sha256:9c82d36f3a942088a6612e6e1d5d7f3413006b2f5df41758c0072ee8d68b3801_ppc64le",
"9Base-RHACM-2.10:rhacm2/thanos-rhel9@sha256:c431d914ecca6080a1ce9ee7fb15019ca5f5b5cb7083fa739ce14b9f8afd570e_amd64",
"9Base-RHACM-2.10:rhacm2/thanos-rhel9@sha256:e8e6c42e37b2c0ba6456d48afa747f3c6f167cbcf4523d5ad751351a932deefc_arm64",
"9Base-RHACM-2.10:rhacm2/thanos-rhel9@sha256:f7dc5a2e9c41416badca921ef6a4b16e9edd2aea052107d737bb3ddbc2e0242c_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHACM-2.10:rhacm2/acm-cluster-permission-rhel9@sha256:b9ef8ca2a002c616c6644cf16b80d5901d7b46034dc7e57ec1dd1d260cf0e32b_s390x",
"9Base-RHACM-2.10:rhacm2/acm-cluster-permission-rhel9@sha256:bd41dedb13ae9360d2e856ec6d52ea35b726425a65e92a00cd6037344ae5780e_amd64",
"9Base-RHACM-2.10:rhacm2/acm-cluster-permission-rhel9@sha256:dac35e93ff173bd30fefbdec8676fb605e28368aec3eccc4ac603f16eadcf31d_arm64",
"9Base-RHACM-2.10:rhacm2/acm-cluster-permission-rhel9@sha256:e8c9920427522b7ef645422b85ff1585e65b9d659c792e57201dfc06d6a13ffa_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-governance-policy-addon-controller-rhel9@sha256:65d709ef780d8d867c145b1ddf8e7031bd8e710972b21ed2d7b9d9ede0bfdb43_s390x",
"9Base-RHACM-2.10:rhacm2/acm-governance-policy-addon-controller-rhel9@sha256:87988ad277b62bbcc061dbe4242bfc2edcc21dc98c4c7c66385131c0425b0fa7_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-governance-policy-addon-controller-rhel9@sha256:9af1cb9605a8fdf7212a079ed8fa51b110b367c705a51651ba3933e936519e7f_arm64",
"9Base-RHACM-2.10:rhacm2/acm-governance-policy-addon-controller-rhel9@sha256:c6e3728b6687b8c83a11c326e4fd098ceef3f501725efbdfcb0ded0645a1473e_amd64",
"9Base-RHACM-2.10:rhacm2/acm-governance-policy-framework-addon-rhel9@sha256:3101f1389311c0006c0fb9953c44d5fff9e968597952103a5a873a7a4c4707da_amd64",
"9Base-RHACM-2.10:rhacm2/acm-governance-policy-framework-addon-rhel9@sha256:4536de55598f032ad91056c779ec2faea5c28de557a730d50cb2b2aba9b3bf00_s390x",
"9Base-RHACM-2.10:rhacm2/acm-governance-policy-framework-addon-rhel9@sha256:587fc80d3d6e3f2295272934fb39cfa3b96f5a2652a533b6b01cc6b04d10cb66_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-governance-policy-framework-addon-rhel9@sha256:63246c061e7960a656cb66c8ccca2b7bed943c9a1fe96a28f9cd99829608cda5_arm64",
"9Base-RHACM-2.10:rhacm2/acm-grafana-rhel9@sha256:1cd1c6a91611569a855444430c527a8bebbe113f77dd47dcfc2b8305c3a26a13_s390x",
"9Base-RHACM-2.10:rhacm2/acm-grafana-rhel9@sha256:3a59dd5e30b37f1e1feffba959d88d3aab37701500203afb71b2d38958236b85_amd64",
"9Base-RHACM-2.10:rhacm2/acm-grafana-rhel9@sha256:b488d250bc1c82f3f7e26a1bc741dee02e57b3e3d40cf2965e541d2c5727ec65_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-grafana-rhel9@sha256:df4024e8506d0926ad81943684532dd9e4054f26d23da6e329f593239b5a1513_arm64",
"9Base-RHACM-2.10:rhacm2/acm-must-gather-rhel9@sha256:66bca60baa85bc23963b5955fe57e8b7b7038c1088e2ce60f1fedc1a41d944dc_arm64",
"9Base-RHACM-2.10:rhacm2/acm-must-gather-rhel9@sha256:92d087992acf383c2f06ed92996049c412fc1fef76be10fc40eb6ba2e4b2f9be_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-must-gather-rhel9@sha256:bfc79c952b6f62658ef36373af72e6213de78ba1c3a18f018add4295d8ae72f8_s390x",
"9Base-RHACM-2.10:rhacm2/acm-must-gather-rhel9@sha256:fb9fa96ebaba320dd723e7d5727b20c63f66aa6c39f460a6270c572354123fd9_amd64",
"9Base-RHACM-2.10:rhacm2/acm-operator-bundle@sha256:190d00bcb1bdbf289cc4ae87f738aeabe04470194e51870c572876e4c118d712_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-operator-bundle@sha256:304e9a12e0c7b7be0444efd26764d32818fc3ad1ad936b565232f5f82a5f72fe_amd64",
"9Base-RHACM-2.10:rhacm2/acm-operator-bundle@sha256:cc65cb3804a7e6150028a6f1c60fcbdb78c42689769ff9378922491481947aed_s390x",
"9Base-RHACM-2.10:rhacm2/acm-prometheus-config-reloader-rhel9@sha256:0b885dfd28d82220fdb03b7bca0e1ed2fc941bc712e536af71e4e11ee9defee4_amd64",
"9Base-RHACM-2.10:rhacm2/acm-prometheus-config-reloader-rhel9@sha256:53cd755cea5a527c089321e5571c14ad0fd5d55b16e7c2acddc2a7c9670cffd2_arm64",
"9Base-RHACM-2.10:rhacm2/acm-prometheus-config-reloader-rhel9@sha256:8f18c68e47b66926d14795818f3a1dc21ffdcbcf1a220c7518194416602b19ac_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-prometheus-config-reloader-rhel9@sha256:be5be2fe888521fd8ac6d7ebca3cf127724128eb6ff4e11f90d61a4af60f1bee_s390x",
"9Base-RHACM-2.10:rhacm2/acm-prometheus-rhel9@sha256:8da9c5a18b42861d11e3df3f37b5f47b810af1b25beec208ce75b6f69d913ecd_s390x",
"9Base-RHACM-2.10:rhacm2/acm-prometheus-rhel9@sha256:91ec246784f1e7cdd0c20ab36ea09f13e553c043851699dae6191ea1ce101a61_arm64",
"9Base-RHACM-2.10:rhacm2/acm-prometheus-rhel9@sha256:969cc23c2f503797d491c797220e09b1682887742f669d338a5fd3613908148d_amd64",
"9Base-RHACM-2.10:rhacm2/acm-prometheus-rhel9@sha256:a1b920873dbb0984f41a8b49a4e0263c9756d909391601290b8a67278596327b_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-search-indexer-rhel9@sha256:21476ec5340f5e98451f83d7d455f86e8368ed4c882f564cf80b234dc2ceae1a_amd64",
"9Base-RHACM-2.10:rhacm2/acm-search-indexer-rhel9@sha256:47083a8e2f6234e7e3743c2f7d5cc433ad76a46a609f65640e047bfa9557082c_s390x",
"9Base-RHACM-2.10:rhacm2/acm-search-indexer-rhel9@sha256:95c15180b6b25c453b8aa81c42b106d6e9fb1d832761a3b2b06922c0ceee4d7b_arm64",
"9Base-RHACM-2.10:rhacm2/acm-search-indexer-rhel9@sha256:9ba73ef3b2447b16aab7503bce4e480441b272e997dab87ee9cc4b0f1ac040ba_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-search-v2-api-rhel9@sha256:1891db398d822cb0c424245928033240dfdcfd35d21ab052379d432423a6e038_s390x",
"9Base-RHACM-2.10:rhacm2/acm-search-v2-api-rhel9@sha256:247e052a3b5bc9708f1c0953f09c942414852f2109a9694af864375032072ae2_arm64",
"9Base-RHACM-2.10:rhacm2/acm-search-v2-api-rhel9@sha256:51a415f07cfadd9ae5b4b29cb3247b5085bb18edad8df566c47dc7e89ef0939e_amd64",
"9Base-RHACM-2.10:rhacm2/acm-search-v2-api-rhel9@sha256:756982578354d8a66399f2464602458f80bd398e46656a3d86c9303fa2068900_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-search-v2-rhel9@sha256:329f59a93ce1e2aab017a924db00b6aaca4c8ee40b5d5c2358af11af2e5319bd_s390x",
"9Base-RHACM-2.10:rhacm2/acm-search-v2-rhel9@sha256:9e2aa6686deee7b78bda5dcb08dad31c87a9653e48788df4e8bb39d4965c9101_arm64",
"9Base-RHACM-2.10:rhacm2/acm-search-v2-rhel9@sha256:e995897416f24436e6bef220bd4d5b3ba8fbd26c97fbd5e250391a3aef14bce5_amd64",
"9Base-RHACM-2.10:rhacm2/acm-search-v2-rhel9@sha256:f45417abdf399566fa98b0686ab4b2b55d776b6dfa67b7b7c24565b084c39165_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-volsync-addon-controller-rhel9@sha256:055c5ab4b2045571efe53bbd4ca54ba8a17a2cf590dad70c65667ed6b11ca86a_arm64",
"9Base-RHACM-2.10:rhacm2/acm-volsync-addon-controller-rhel9@sha256:60070927868e0538d31090138892fe64445321098b3874880fd21e7dcc1ffae7_amd64",
"9Base-RHACM-2.10:rhacm2/acm-volsync-addon-controller-rhel9@sha256:cc991f8f8af9337ab908f6564b4b77daef5893dc2759ff483142ef659a6a4b30_ppc64le",
"9Base-RHACM-2.10:rhacm2/acm-volsync-addon-controller-rhel9@sha256:faee49ca0c46781594189977f3ab5805060cd0a95e47ba575ec05bb549e21a69_s390x",
"9Base-RHACM-2.10:rhacm2/cert-policy-controller-rhel9@sha256:081c86b4c25876ac0734a0caff771a30b848530f1e89f9e0d3ee3f743f579e9c_s390x",
"9Base-RHACM-2.10:rhacm2/cert-policy-controller-rhel9@sha256:318f11ebe87bc1feced78f9d2ae66856884606c721e15d2d05045562d248ac3f_arm64",
"9Base-RHACM-2.10:rhacm2/cert-policy-controller-rhel9@sha256:5daaad58a8979d386830224e133a3bbc713b63039a99eda9a69487b999e71965_amd64",
"9Base-RHACM-2.10:rhacm2/cert-policy-controller-rhel9@sha256:bffedd5eb97a49dd210b51423ba8938684be1cb41dd79d06b2aab94bc0bb4963_ppc64le",
"9Base-RHACM-2.10:rhacm2/cluster-backup-rhel9-operator@sha256:0d141d0fa859ae0061605f2fe13381be2b6ebd9d8c6b91ca171a8e61e52842be_ppc64le",
"9Base-RHACM-2.10:rhacm2/cluster-backup-rhel9-operator@sha256:3a8bace1bb325142a64a4432543a828050e2e87de91a08dca793534841b7b841_amd64",
"9Base-RHACM-2.10:rhacm2/cluster-backup-rhel9-operator@sha256:66f67d2d8c09634e2e5ae0be07437cb1918f6b506e35bc9b7af82f4979dfc4ed_s390x",
"9Base-RHACM-2.10:rhacm2/cluster-backup-rhel9-operator@sha256:ac726852c9aa7e54aa4d75c6c485b429f16fffbb61d2840b527c5a1cfdb5c842_arm64",
"9Base-RHACM-2.10:rhacm2/config-policy-controller-rhel9@sha256:0ef8fdea99a8fd44feff31b4883a6ecd17eeabb5e8c9ccbdbdd30c32cc2cbe64_amd64",
"9Base-RHACM-2.10:rhacm2/config-policy-controller-rhel9@sha256:b7ff6680725a8bb31edf5dc58d82ac0b9d201ba8eac4c6f2ea4c3cd35f52915a_s390x",
"9Base-RHACM-2.10:rhacm2/config-policy-controller-rhel9@sha256:d4456a33f0488db9c77d12a279500b68a41441a8ff6c8cc9723a7ccc46e90dc7_arm64",
"9Base-RHACM-2.10:rhacm2/config-policy-controller-rhel9@sha256:d6e8119559b01231206654d2a57114862c4c6b5ca604ccf7b92e53bea6e2e2c2_ppc64le",
"9Base-RHACM-2.10:rhacm2/console-rhel9@sha256:4ee3bbdcc190cd6c3e1eff8bfabe8ca3cd9e61ab5d824983a955e6d509238041_arm64",
"9Base-RHACM-2.10:rhacm2/console-rhel9@sha256:5fe6fb2bd7e31a960bc018d870af482f668ab417d601d94a5ac5981fd116a852_s390x",
"9Base-RHACM-2.10:rhacm2/console-rhel9@sha256:9005fc71b91a5d2a1fe502e90d57cea2285d1218ad6e49f4bcdd77bf560c5765_ppc64le",
"9Base-RHACM-2.10:rhacm2/console-rhel9@sha256:b3bc8c5f587da2c7ce4e25d5d2e72b08939071297cf3fdc5d51fb631d99aa168_amd64",
"9Base-RHACM-2.10:rhacm2/endpoint-monitoring-rhel9-operator@sha256:75bc23118d6e3ae1ec142a6f47a871efcd8ec5aa6da2bef7cf24e716b3b3be3c_s390x",
"9Base-RHACM-2.10:rhacm2/endpoint-monitoring-rhel9-operator@sha256:cf7be8fd6b726cb7ba8a3f57e14e20d7944245759cd6e8bd26dca4d666fb866a_arm64",
"9Base-RHACM-2.10:rhacm2/endpoint-monitoring-rhel9-operator@sha256:d8c3352fceb6a53e110f76501bb2c2f4cf7a9284f9dd30dee3fe3e015b622195_amd64",
"9Base-RHACM-2.10:rhacm2/endpoint-monitoring-rhel9-operator@sha256:e177864e6bc3b6e66f1f455229257210b77a3b7d0e18c480d252ed79f03bf67a_ppc64le",
"9Base-RHACM-2.10:rhacm2/governance-policy-propagator-rhel9@sha256:400644c05d5768fb7460bb3f8bfa880bc21e91f365130d13877f015ba2146358_amd64",
"9Base-RHACM-2.10:rhacm2/governance-policy-propagator-rhel9@sha256:46deef6c168120168168820dad57ce9b2d2641be926772eaeba2d03d3d324e2a_s390x",
"9Base-RHACM-2.10:rhacm2/governance-policy-propagator-rhel9@sha256:4e9143f58e4755b86526d113040acd0ee0069fefe9243e08c864c35d25b276e9_ppc64le",
"9Base-RHACM-2.10:rhacm2/governance-policy-propagator-rhel9@sha256:8947a68138c101fdc355b94a4deb0d02f44de025fe733e8d5fb28f5fce93b7c9_arm64",
"9Base-RHACM-2.10:rhacm2/grafana-dashboard-loader-rhel9@sha256:26a08abd967f17e23975b728768e2f561750856b0f98ff5f27506da94fa597ca_ppc64le",
"9Base-RHACM-2.10:rhacm2/grafana-dashboard-loader-rhel9@sha256:43f27505c8ac51aa659c638f96f7681d8d3029775b9153a8075fa38dd48dbc3c_arm64",
"9Base-RHACM-2.10:rhacm2/grafana-dashboard-loader-rhel9@sha256:a9afb35685e18a179269293a1998eb5c6c8c47e9247a7f3f1c27d3b1b35a83b2_amd64",
"9Base-RHACM-2.10:rhacm2/grafana-dashboard-loader-rhel9@sha256:f30433d2c90f38c86f1780bd8b74a50821837f769db589ee720e35fd79dbc23b_s390x",
"9Base-RHACM-2.10:rhacm2/iam-policy-controller-rhel9@sha256:63ca0eef9b3febe70ceea5b47a36fea7455eef69da9d1bda70d2bc9661ec2f2c_arm64",
"9Base-RHACM-2.10:rhacm2/iam-policy-controller-rhel9@sha256:ae274418f0fa055670012f2d92d63ebb175fdbd3946486312007bc2b0a915541_ppc64le",
"9Base-RHACM-2.10:rhacm2/iam-policy-controller-rhel9@sha256:c1d7619138ab3717e6f6a49ac76f95ff041a022746891057d6e4e163114fb864_amd64",
"9Base-RHACM-2.10:rhacm2/iam-policy-controller-rhel9@sha256:f62a79f1f02af4be1424b74071e6d701e5c514e27019e69ee98cbed10b602f3d_s390x",
"9Base-RHACM-2.10:rhacm2/insights-client-rhel9@sha256:0ff4ca5a9703ec58d70178152b5dbbb3aaffa5fce80153eda12f727f7c3e0b6f_ppc64le",
"9Base-RHACM-2.10:rhacm2/insights-client-rhel9@sha256:70833a6ef9ebc1b50e914744e0f7c36c259bb7889c7ff8085cb8470826ac803e_s390x",
"9Base-RHACM-2.10:rhacm2/insights-client-rhel9@sha256:cdf079542b23633884a52daa02d4b9182aaf7454e769186de4f495467686653d_arm64",
"9Base-RHACM-2.10:rhacm2/insights-client-rhel9@sha256:f62d6a262c044a7883f34563e3e1909761ca0bd44e4d5f8a0e564db8b630068b_amd64",
"9Base-RHACM-2.10:rhacm2/insights-metrics-rhel9@sha256:16862c34efb507d44455ed78cde51a1f57969cc69f4beec70ecb697b8ea406dc_amd64",
"9Base-RHACM-2.10:rhacm2/insights-metrics-rhel9@sha256:2f7c346cb847e2928715bd4b64a34531b82d0130a89a08f19c3026db5d89c5a1_ppc64le",
"9Base-RHACM-2.10:rhacm2/insights-metrics-rhel9@sha256:44f56f7a1ac2720ce815ea7aa824ea37a0bdcf63c637941ca84328578a735142_arm64",
"9Base-RHACM-2.10:rhacm2/insights-metrics-rhel9@sha256:e2a9110af4d9bac9fd97b8f5981230c495506d50db571eccae9e16e361abfdd7_s390x",
"9Base-RHACM-2.10:rhacm2/klusterlet-addon-controller-rhel9@sha256:693af28fa3e5f1aee61695e891fdd33a49b5280e4a555f84b838ca8e829d0999_ppc64le",
"9Base-RHACM-2.10:rhacm2/klusterlet-addon-controller-rhel9@sha256:7ac958c32070e6282a8cbe262810c58a81e6e331bf59877cd67758ab6feb8ada_amd64",
"9Base-RHACM-2.10:rhacm2/klusterlet-addon-controller-rhel9@sha256:8528a204787ecde3925c9c3ef31e225f59c5b4b3a21bd314541fe06dd4c1aa73_s390x",
"9Base-RHACM-2.10:rhacm2/klusterlet-addon-controller-rhel9@sha256:cf0bf12f03bd0a4a09188d1f5b4820aa6e7f6e4a1fb1bc2c45559553907c6eae_arm64",
"9Base-RHACM-2.10:rhacm2/kube-rbac-proxy-rhel9@sha256:1d75e8e70fc3f3943841bd34f79e5762705b0d23460064c6adcdd0fc6b39005a_amd64",
"9Base-RHACM-2.10:rhacm2/kube-rbac-proxy-rhel9@sha256:355905503e1321fc2fd75b12bab33b2cb75cbfcc0d0e7e70400790da081abfd9_arm64",
"9Base-RHACM-2.10:rhacm2/kube-rbac-proxy-rhel9@sha256:42da847ca7b39914df099381ac807d8ab619774388c1a47e0d71020fbce998ae_s390x",
"9Base-RHACM-2.10:rhacm2/kube-rbac-proxy-rhel9@sha256:5e416f1249a77845f81c9cf1a1dfae74feca41afd6dd35e7be55a0fa61632c00_ppc64le",
"9Base-RHACM-2.10:rhacm2/kube-state-metrics-rhel9@sha256:715f6b9c01400a153157de08bf2a6b04ea54478ee2c18d7871b65c865d6902d2_s390x",
"9Base-RHACM-2.10:rhacm2/kube-state-metrics-rhel9@sha256:72f6c545d46d1cc6f3fb1b9cd6840f0496056d410c8ade62dd35d99dfdd60737_arm64",
"9Base-RHACM-2.10:rhacm2/kube-state-metrics-rhel9@sha256:88982e268e1a3d0c52c72563a684b58042adb0800ebd1e80208b898eebe75cd6_ppc64le",
"9Base-RHACM-2.10:rhacm2/kube-state-metrics-rhel9@sha256:9f2ac058e15d5653e8bced975955e26e51a88d36a1d5896305b6f5060afee43a_amd64",
"9Base-RHACM-2.10:rhacm2/memcached-exporter-rhel9@sha256:1304f49745ed8a18784196b5595cea1ec6caf904d0e61d0952a603e6fb7da6e0_ppc64le",
"9Base-RHACM-2.10:rhacm2/memcached-exporter-rhel9@sha256:36529c281273e5346ef5cce6a55e47c27fdaf2507a6f7971576b738b1c543258_arm64",
"9Base-RHACM-2.10:rhacm2/memcached-exporter-rhel9@sha256:c5275f61fd2e84deaab7e789a7ffefdbe235866a8439d3d2534e4b26998372d6_s390x",
"9Base-RHACM-2.10:rhacm2/memcached-exporter-rhel9@sha256:f9f5ca67f62d6218b90b863b4fe63aa95aef755e5cbae5a83896f74a0039b7ab_amd64",
"9Base-RHACM-2.10:rhacm2/memcached-rhel9@sha256:2c4437598be87fc5f3f6639e728279d8ba21cf49061be78e3a4fbacc989997b4_amd64",
"9Base-RHACM-2.10:rhacm2/memcached-rhel9@sha256:2fb75dce1567e21a9f1361ec3ac54a4d5a2252f03aa64b6cdf4d1cd02a58d04c_s390x",
"9Base-RHACM-2.10:rhacm2/memcached-rhel9@sha256:4af229aca50a46ec9f190fbeef603f1259223f81f5307f46de17ad8b8c9760e1_arm64",
"9Base-RHACM-2.10:rhacm2/memcached-rhel9@sha256:e871cb2e5d235ae74a998356748299daace42d47a92e1da57a2773eae87625a6_ppc64le",
"9Base-RHACM-2.10:rhacm2/metrics-collector-rhel9@sha256:20ac5c57af957e7126221f4089bb816b948aa624788da9298b4f476ecc668293_amd64",
"9Base-RHACM-2.10:rhacm2/metrics-collector-rhel9@sha256:54665ca7529012a3a63c7dcc263a2e46964a0ee4ba43f19a2a3f05dcdfd5ae0f_ppc64le",
"9Base-RHACM-2.10:rhacm2/metrics-collector-rhel9@sha256:84543f21ccfe36960fce099930132e7042e505ba635c45a28a902ed2b2401d55_s390x",
"9Base-RHACM-2.10:rhacm2/metrics-collector-rhel9@sha256:eb32f5c275247babd03ec16b0978aced10a9b9da07a84f5af6be4d7c3852a6b7_arm64",
"9Base-RHACM-2.10:rhacm2/multicloud-integrations-rhel9@sha256:0529a11c8935d5b9fa2a3f29801749b09861076c0c2040612271f0bbafb5fbab_s390x",
"9Base-RHACM-2.10:rhacm2/multicloud-integrations-rhel9@sha256:2b7557d262cd8eacc45178dcca3dae642b1bb33fbfccdf6a3b63abb7e1a39d53_amd64",
"9Base-RHACM-2.10:rhacm2/multicloud-integrations-rhel9@sha256:606ea20603d86412a34478a3db9c17737cca2b04c26bcab175279028c822e492_arm64",
"9Base-RHACM-2.10:rhacm2/multicloud-integrations-rhel9@sha256:d3958606b5001619aa3044617ccb4fe265764d7dad05b0a6bf5b4910bd5d0ba7_ppc64le",
"9Base-RHACM-2.10:rhacm2/multicluster-observability-rhel9-operator@sha256:9b855d7e4cf6fe3c4da92d84a51adc63aea5f144bce38dbb9c4ab3d01370c296_amd64",
"9Base-RHACM-2.10:rhacm2/multicluster-observability-rhel9-operator@sha256:a9eb1e576d4eb5c7e9131803042b7d8529dab369595d0adc22623e24b67832d9_s390x",
"9Base-RHACM-2.10:rhacm2/multicluster-observability-rhel9-operator@sha256:ab73f96720c106dcb2ea64f8b7ac13ad866533d993c43cb7c6dbbf08ba4977dd_ppc64le",
"9Base-RHACM-2.10:rhacm2/multicluster-observability-rhel9-operator@sha256:f296c72dd6842481dad78536117aec3ff14d19be736e5679101bbfc92b87809b_arm64",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-application-rhel9@sha256:184f6068b077070b90ede3a2f4e81be398fd2841f042fc6f2f114fdfd4f1095b_arm64",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-application-rhel9@sha256:2a272685b487a747827220d16bc5aaff65c436d5c312b081d9fffd9ef4a8a0f9_amd64",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-application-rhel9@sha256:635c1cf425b8744a421c649bd809a59df6dc6cdeaa9da2a369706e522a3a0fab_ppc64le",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-application-rhel9@sha256:e15bedc9ce45cc025b6ab6c27d5b7eb95f6e750791ff0dae228a71eaeae1cace_s390x",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-channel-rhel9@sha256:2399cfe0b3b626be2acd289d8880b9913d73093220b3e4062bb7cddb2628640a_amd64",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-channel-rhel9@sha256:37f84cbbee522859c6f46e49179ab0b1e1fef118aac6741d18675b36e31972dd_s390x",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-channel-rhel9@sha256:43c086e0f17783322c26ba577db2c7c8fd43176a7ac14e45a40c3db0b91a6d1e_ppc64le",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-channel-rhel9@sha256:773c32065f60e4a2e626e17744d0a2cfc4049325f6664f899d8da949dc3fa4a6_arm64",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-subscription-rhel9@sha256:08aacdc6cad3ba5743a5d65c1bff5b3e41e44269765b94f45673a8e648f60584_amd64",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-subscription-rhel9@sha256:7eda39d696e452ec7e9da1473807e3134f149ed28d0ec873cf489451fbb007e0_arm64",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-subscription-rhel9@sha256:a791398b5dd73f447d22f260eaf209f782c9663e81c81529eb4b3018183f9deb_ppc64le",
"9Base-RHACM-2.10:rhacm2/multicluster-operators-subscription-rhel9@sha256:b88262afe6149a741a566054ecc16400bc7335a443219d3ddbcb1ba7c939a38b_s390x",
"9Base-RHACM-2.10:rhacm2/multiclusterhub-rhel9@sha256:5de91afd73b5a86865954ab3f6587f382f53e0856422ed975d9aa867bd0ffbf9_arm64",
"9Base-RHACM-2.10:rhacm2/multiclusterhub-rhel9@sha256:97932a785e8601b170a7c6fd42b1e6a18203b958ccbb712352c2817b8103d9b5_s390x",
"9Base-RHACM-2.10:rhacm2/multiclusterhub-rhel9@sha256:b30d5d981e1522751e4434b1c107e5cefb6c8c22ea16915f35948c11f9aa0579_ppc64le",
"9Base-RHACM-2.10:rhacm2/multiclusterhub-rhel9@sha256:c5e3898dd435f49636834ce14b3188f7163167cdb538d85812393cf450d49157_amd64",
"9Base-RHACM-2.10:rhacm2/node-exporter-rhel9@sha256:8bb239eafceaa18a786b78f7bf54c7063d80bce60567d10d81c5a4282b2884b4_s390x",
"9Base-RHACM-2.10:rhacm2/node-exporter-rhel9@sha256:9611a92119f19e11c29e9e93b9c714499e60d06712da97d9fa77ed0fd0d4d33b_arm64",
"9Base-RHACM-2.10:rhacm2/node-exporter-rhel9@sha256:d147abba6fa66eb914005d4cd62302c527cbfc0083be386275c5c782b90c3c1c_amd64",
"9Base-RHACM-2.10:rhacm2/node-exporter-rhel9@sha256:f9a4446156fd21112854846849c68952e4c336e5782d6aeb3c49bddd3408d388_ppc64le",
"9Base-RHACM-2.10:rhacm2/observatorium-rhel9-operator@sha256:414b191a314b0695aede28ac7229a064833d798e94d5b92a434e2eb3650983b6_arm64",
"9Base-RHACM-2.10:rhacm2/observatorium-rhel9-operator@sha256:9e2d97d0116349c1f1e1d815a6d8822c9f5331acdb81e878c0cb0e86149167ef_ppc64le",
"9Base-RHACM-2.10:rhacm2/observatorium-rhel9-operator@sha256:e2dabaf7c375e039797330bb33e03c993356dc5a37949f84a89c3e4f40ff0023_amd64",
"9Base-RHACM-2.10:rhacm2/observatorium-rhel9-operator@sha256:ecda2be3377f15a09c6971b1a689bb9eb917909d55f54c996d54a972aece7432_s390x",
"9Base-RHACM-2.10:rhacm2/observatorium-rhel9@sha256:10ee1d5c854a7daf0d33f1dc16529a7e1a3cb67fab5a626f8a42da705186265e_arm64",
"9Base-RHACM-2.10:rhacm2/observatorium-rhel9@sha256:1eb9b98d7f3c878e09b45aad2a64780e46026c55d6f70a64d66e255ec13ce9fb_s390x",
"9Base-RHACM-2.10:rhacm2/observatorium-rhel9@sha256:25ee9231e17b71c83f12a9ce5d94629b2fd8ad3c64b61de9f03b057584f84804_ppc64le",
"9Base-RHACM-2.10:rhacm2/observatorium-rhel9@sha256:7812638565dff9368b4db0ed9aecb86c544d0b6caa773994c5c830e800060e22_amd64",
"9Base-RHACM-2.10:rhacm2/prometheus-alertmanager-rhel9@sha256:0a4ecc2af398e1a771540af4f062abfc0f47bfae9ba3a2fcb6a6c66940385d42_ppc64le",
"9Base-RHACM-2.10:rhacm2/prometheus-alertmanager-rhel9@sha256:0e7e5cfd6a953e092eb3ae72b236741f73432f8d262ace74caa2acf8c5fe3863_amd64",
"9Base-RHACM-2.10:rhacm2/prometheus-alertmanager-rhel9@sha256:25abc3028c69dedee05220fa4f0f32b7accc33ef519f46b23860612307db2181_arm64",
"9Base-RHACM-2.10:rhacm2/prometheus-alertmanager-rhel9@sha256:88383e94dcec26826df02cdebc9e7cc764e92b2ce71300c31a46f20ce92135c0_s390x",
"9Base-RHACM-2.10:rhacm2/prometheus-rhel9@sha256:556c5d133dd996b86dceb03158d4d463ccdbbf29cc9ca05ff1e3915a48cd8c47_s390x",
"9Base-RHACM-2.10:rhacm2/prometheus-rhel9@sha256:98af2a53f9c59b0bdd6ee9c8f27eb00f65a870ee64ba8d503083a9a0d3aa2ec6_arm64",
"9Base-RHACM-2.10:rhacm2/prometheus-rhel9@sha256:99e749f7d98203070348c652f6df158c9207801d86439ddde08bcae16e813ea5_ppc64le",
"9Base-RHACM-2.10:rhacm2/prometheus-rhel9@sha256:c1c2a5bc8d471fb7cbbf31c0e5513bf2630efbd1a5bbb458dc0c98b3ee608636_amd64",
"9Base-RHACM-2.10:rhacm2/rbac-query-proxy-rhel9@sha256:5f70872d294b5f10393fa7c6a6ffd81a6a509ea7589753d29ad49118a87fb2df_s390x",
"9Base-RHACM-2.10:rhacm2/rbac-query-proxy-rhel9@sha256:a061734a251e62cd31792ec9065f6a346de672f72e32965954811faf11f86d62_amd64",
"9Base-RHACM-2.10:rhacm2/rbac-query-proxy-rhel9@sha256:e325c611a68e60d204018b8aac765bb58e135b44735bbc14069c5cbf49828ada_ppc64le",
"9Base-RHACM-2.10:rhacm2/rbac-query-proxy-rhel9@sha256:fe807380c43daaae2ca277ef4a6b6bace7842087112f7d242773a073797c908e_arm64",
"9Base-RHACM-2.10:rhacm2/search-collector-rhel9@sha256:2092c265f1dea3dc553c370c3b07c92e4cb8523ccc58d46af4a517165e9b7bc4_s390x",
"9Base-RHACM-2.10:rhacm2/search-collector-rhel9@sha256:557e431af519bf544102927491fffbdd4091a5a9377396d7d30b2898897c8fba_amd64",
"9Base-RHACM-2.10:rhacm2/search-collector-rhel9@sha256:f908a57c2bfe78911889102abb61377d5170590689930d74b8d6a9fa7bc66848_ppc64le",
"9Base-RHACM-2.10:rhacm2/search-collector-rhel9@sha256:fe20c8e6fbf707c0467a4876405f2f8b395ac24ca554bd052f7f55da2df6371f_arm64",
"9Base-RHACM-2.10:rhacm2/submariner-addon-rhel9@sha256:1d74ed10635e7021129e60caa3358581d61c4bd93cebed86f79d5fdba100b10f_ppc64le",
"9Base-RHACM-2.10:rhacm2/submariner-addon-rhel9@sha256:92584807362684f692fc991f06ffecf241ee6494d4b37c584d74527214b33acb_s390x",
"9Base-RHACM-2.10:rhacm2/submariner-addon-rhel9@sha256:9a6b6d7ed493c6c8c9962485404f551974cece1b59e7197f9ed6fce120ca7d0d_arm64",
"9Base-RHACM-2.10:rhacm2/submariner-addon-rhel9@sha256:e8eb481c682682ea78d5f7d5793f63e427fcffc867db012f327b5469c524535c_amd64",
"9Base-RHACM-2.10:rhacm2/thanos-receive-controller-rhel9@sha256:09b931bd7405cc8733625884f61ccaa92b40b48d9068d78f552a6c9383cb02e9_amd64",
"9Base-RHACM-2.10:rhacm2/thanos-receive-controller-rhel9@sha256:64aebcc4f88c096cb93faa8fab067308442fd49c07e55fcb55283ef86643f642_s390x",
"9Base-RHACM-2.10:rhacm2/thanos-receive-controller-rhel9@sha256:91f186246d963c2978023489ed7cd58dec2f57641fd2a2a0c16d2caa5377147c_arm64",
"9Base-RHACM-2.10:rhacm2/thanos-receive-controller-rhel9@sha256:d391d522c2006e634df69f28eacd1f6cfba7b1ac4ec27ea97c307f4da5213954_ppc64le",
"9Base-RHACM-2.10:rhacm2/thanos-rhel9@sha256:9c82d36f3a942088a6612e6e1d5d7f3413006b2f5df41758c0072ee8d68b3801_ppc64le",
"9Base-RHACM-2.10:rhacm2/thanos-rhel9@sha256:c431d914ecca6080a1ce9ee7fb15019ca5f5b5cb7083fa739ce14b9f8afd570e_amd64",
"9Base-RHACM-2.10:rhacm2/thanos-rhel9@sha256:e8e6c42e37b2c0ba6456d48afa747f3c6f167cbcf4523d5ad751351a932deefc_arm64",
"9Base-RHACM-2.10:rhacm2/thanos-rhel9@sha256:f7dc5a2e9c41416badca921ef6a4b16e9edd2aea052107d737bb3ddbc2e0242c_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "braces: fails to limit the number of characters it can handle"
}
]
}
RHSA-2024:6211
Vulnerability from csaf_redhat - Published: 2024-09-03 10:05 - Updated: 2026-04-30 16:24Summary
Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.6.1 security update
Severity
Important
Notes
Topic: Red Hat OpenShift Service Mesh Containers for 2.6.1
Red Hat Product Security has rated this update as having a security impact of
Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a
detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
Details: Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation.
Security Fix(es):
* axios: Server-Side Request Forgery (CVE-2024-39338)
* express: cause malformed URLs to be evaluated (CVE-2024-29041)
* micromatch: vulnerable to Regular Expression Denial of Service (CVE-2024-4067)
* braces: fails to limit the number of characters it can handle (CVE-2024-4068)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the NPM package `micromatch` where it is vulnerable to a regular expression denial of service (ReDoS). The issue occurs in `micromatch.braces()` in `index.js` because the pattern `.*` will readily match anything. By passing a malicious payload, the pattern matching will keep backtracking to the input while it doesn't find the closing bracket. As the input size increases, the consumption time will also increase until it causes the application to hang or slow down. There was a merged fix but further testing shows the issue persists. This issue should be mitigated by using a safe pattern that won't start backtracking the regular expression due to greedy matching.
7.5 (High)
Affected products
Fixed
40 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:41381d57cb559e69b1954c25993ac4ce00d2d2732a13bb80a2aa908f9b6c05e5_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:5cffbe9de3dbc2af5539fbea83463c38bb1ac39d84e0b60ce0cd82fd339d376f_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:b1b12b545f5567b3f7d891916be9dbfe415c34c6d4e3332f3d7946e1db7f8052_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:df94fe7da914ba3b66b1390c196c9af1fd7e3bc25b66b4546def1f76bab0847e_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:5d7a394e499391e98b93e9f87c6757d4cbc814ecb223b6a081448330676a7d28_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:6e4f82351d5e6015a4ab90b5143c2ab6b01ba3b4d5ad8bc47fde76d0f507a3a2_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:a255acbe7b48a3f366195cfede643d3789d47eb2b9ad877f7388e46427dcf056_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b192218ada6421208ea7deddc7edb10317af79772942a3f443c1578576986df5_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:49910e92876864d013a4da28de10a9ea2df1080fc65c838317804f94cf589edf_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:9dd2c8a6c4b1d45cf24669f322c33ab9e80ed4b7245004f7b938e89cb1c3a775_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c29144a75a9b498719ba0abc4870718ee5e5e2efa488e887f963876e35c81036_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:d84893b05420f046f74bd9372f4f3497c62b858bf348092741dea5d581bd4110_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3bb9d82a03c20aaa9bacb4351637771c9b0bb40687b13b67bab9facd9fc8f2b1_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:833c0d9fa006db72126475a0d5255ced1d1e53aeb28e880e1ccc2694a22fac5f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f2f7144831d63df014fe8092daddefc0b2e18155495e02ebc6c1118820e00af0_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f9b28bb240d0babd614dc8178b1267a6b61ab6fd9601af1a54d8077d05166f88_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:0a72b04272f48c8719c62c2bab8d15f2db701c9e2eb5bf0f2ef73efd83ea2af2_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9b422db8e9ff68046ce8040f18a369dd2f2cf5d12b458b9d151f14149892ead1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c1bfb4985d4fd88f8335e5efb90f8ae5e57607337c926ac53cabc1cd51224eee_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c693ac963582054ed65bf79593a621269532df05250698b3b2906228524c2766_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:1302bf62e8ff1f0e16f048144db723668640c42284f054fe68f181b694a87ba1_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:424d7f84c30efa40b8379bc64d83dc08dd7b2e1d68e6fb5d4a380a39b110be84_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:a94be7f7a94e6981f268808440c99e0487c2da9ffa883e880aed07bf059d80c2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:d9fd6af41cc7909cdab2180ba9bde0896f457fbc6cf247a450b6dac78539cc55_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:12be4945a9160354ff7d794168bfa106e6d2410daee1098a29e6cd191022a44d_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37026371bcf4835d49a1167963bbba762de7cb60ffd037f4601b6bce7976984d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:74ddab8bc38b4b7dd59076da34058781132a501b1b89156ce543f39cfff05985_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:9dd33d710aa03025bd8db8bf1434d52d56077f71fc730cfbada0bbddf05d4336_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:078adc26665a857c8c007a9d5db1678c4cdc53a915fd7987a495f2349ab7345a_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:4fc6ffbeb886713cf13727639602564f4a190bee44740f22c750d27eccf6ec01_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:55dd5d3d0dee4fe619e08e017b0e3d7745a6fef6bc044394eb03c46d9e12e4f2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:8c870f49e4ce8f91118899ac843987f6ee95c08ec85d15bb7acc53a73903eb9a_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0031860e17e27de522a6060a3ff990a77e23aea6312fd5132afb6da3d3260ef7_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:06bde71c0830f9d5876c2d68a3d74e71152b3f24883a76f70ec82a7ca85aea2f_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8363297c1a1294a204af48b97da703f97514aa92cbe584f17e7b81b49cf40015_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:ee50c8fad74b26357c169b97840d44f050b931ccb80f9cb930bbbed67bb681c0_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:212785428b395c0f3aa628e7c218c3d8a7bd256cc255ca7ea6bd234f70c06754_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:2ed644ec1f74c998d0b4953e527307e39a15fdfbb4baeecc0715d418874f7f70_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:a0df5db3e9cced245da7ad51f8557df94d37d1701525b02feb9ee62cfd72a440_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f493485f1d73bd3144a26803bcd1fc7ba4d5b5487eb4dcb455f9c97c8e54ba97_s390x | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in the NPM package `braces.` It fails to limit the number of characters it can handle, which could lead to memory exhaustion. In `lib/parse.js,` if a malicious user sends "imbalanced braces" as input, the parsing will enter a loop, causing the program to start allocating heap memory without freeing it at any moment of the loop. Eventually, the JavaScript heap limit is reached, and the program will crash.
7.5 (High)
Affected products
Fixed
40 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:41381d57cb559e69b1954c25993ac4ce00d2d2732a13bb80a2aa908f9b6c05e5_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:5cffbe9de3dbc2af5539fbea83463c38bb1ac39d84e0b60ce0cd82fd339d376f_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:b1b12b545f5567b3f7d891916be9dbfe415c34c6d4e3332f3d7946e1db7f8052_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:df94fe7da914ba3b66b1390c196c9af1fd7e3bc25b66b4546def1f76bab0847e_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:5d7a394e499391e98b93e9f87c6757d4cbc814ecb223b6a081448330676a7d28_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:6e4f82351d5e6015a4ab90b5143c2ab6b01ba3b4d5ad8bc47fde76d0f507a3a2_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:a255acbe7b48a3f366195cfede643d3789d47eb2b9ad877f7388e46427dcf056_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b192218ada6421208ea7deddc7edb10317af79772942a3f443c1578576986df5_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:49910e92876864d013a4da28de10a9ea2df1080fc65c838317804f94cf589edf_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:9dd2c8a6c4b1d45cf24669f322c33ab9e80ed4b7245004f7b938e89cb1c3a775_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c29144a75a9b498719ba0abc4870718ee5e5e2efa488e887f963876e35c81036_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:d84893b05420f046f74bd9372f4f3497c62b858bf348092741dea5d581bd4110_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3bb9d82a03c20aaa9bacb4351637771c9b0bb40687b13b67bab9facd9fc8f2b1_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:833c0d9fa006db72126475a0d5255ced1d1e53aeb28e880e1ccc2694a22fac5f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f2f7144831d63df014fe8092daddefc0b2e18155495e02ebc6c1118820e00af0_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f9b28bb240d0babd614dc8178b1267a6b61ab6fd9601af1a54d8077d05166f88_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:0a72b04272f48c8719c62c2bab8d15f2db701c9e2eb5bf0f2ef73efd83ea2af2_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9b422db8e9ff68046ce8040f18a369dd2f2cf5d12b458b9d151f14149892ead1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c1bfb4985d4fd88f8335e5efb90f8ae5e57607337c926ac53cabc1cd51224eee_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c693ac963582054ed65bf79593a621269532df05250698b3b2906228524c2766_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:1302bf62e8ff1f0e16f048144db723668640c42284f054fe68f181b694a87ba1_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:424d7f84c30efa40b8379bc64d83dc08dd7b2e1d68e6fb5d4a380a39b110be84_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:a94be7f7a94e6981f268808440c99e0487c2da9ffa883e880aed07bf059d80c2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:d9fd6af41cc7909cdab2180ba9bde0896f457fbc6cf247a450b6dac78539cc55_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:12be4945a9160354ff7d794168bfa106e6d2410daee1098a29e6cd191022a44d_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37026371bcf4835d49a1167963bbba762de7cb60ffd037f4601b6bce7976984d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:74ddab8bc38b4b7dd59076da34058781132a501b1b89156ce543f39cfff05985_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:9dd33d710aa03025bd8db8bf1434d52d56077f71fc730cfbada0bbddf05d4336_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:078adc26665a857c8c007a9d5db1678c4cdc53a915fd7987a495f2349ab7345a_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:4fc6ffbeb886713cf13727639602564f4a190bee44740f22c750d27eccf6ec01_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:55dd5d3d0dee4fe619e08e017b0e3d7745a6fef6bc044394eb03c46d9e12e4f2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:8c870f49e4ce8f91118899ac843987f6ee95c08ec85d15bb7acc53a73903eb9a_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0031860e17e27de522a6060a3ff990a77e23aea6312fd5132afb6da3d3260ef7_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:06bde71c0830f9d5876c2d68a3d74e71152b3f24883a76f70ec82a7ca85aea2f_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8363297c1a1294a204af48b97da703f97514aa92cbe584f17e7b81b49cf40015_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:ee50c8fad74b26357c169b97840d44f050b931ccb80f9cb930bbbed67bb681c0_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:212785428b395c0f3aa628e7c218c3d8a7bd256cc255ca7ea6bd234f70c06754_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:2ed644ec1f74c998d0b4953e527307e39a15fdfbb4baeecc0715d418874f7f70_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:a0df5db3e9cced245da7ad51f8557df94d37d1701525b02feb9ee62cfd72a440_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f493485f1d73bd3144a26803bcd1fc7ba4d5b5487eb4dcb455f9c97c8e54ba97_s390x | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in the Express.js minimalist web framework for node. Upstream versions of Express.js before 4.19.0 and all pre-release alpha and beta versions of 5.0 are affected by an open redirect vulnerability using malformed URLs. When a user of Express performs a redirect using a user-provided URL, Express performs an encode [using `encodeurl`](https://github.com/pillarjs/encodeurl) on the contents before passing it to the `location` header. This issue can cause malformed URLs to be evaluated in unexpected ways by common redirect allow list implementations in Express applications, leading to an Open Redirect via bypass of a properly implemented allow list. The main method impacted is `res.location()`, but this is also called from within `res.redirect()`. The vulnerability is fixed in upstream version 4.19.2 and 5.0.0-beta.3.
6.1 (Medium)
Affected products
Fixed
40 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:41381d57cb559e69b1954c25993ac4ce00d2d2732a13bb80a2aa908f9b6c05e5_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:5cffbe9de3dbc2af5539fbea83463c38bb1ac39d84e0b60ce0cd82fd339d376f_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:b1b12b545f5567b3f7d891916be9dbfe415c34c6d4e3332f3d7946e1db7f8052_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:df94fe7da914ba3b66b1390c196c9af1fd7e3bc25b66b4546def1f76bab0847e_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:5d7a394e499391e98b93e9f87c6757d4cbc814ecb223b6a081448330676a7d28_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:6e4f82351d5e6015a4ab90b5143c2ab6b01ba3b4d5ad8bc47fde76d0f507a3a2_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:a255acbe7b48a3f366195cfede643d3789d47eb2b9ad877f7388e46427dcf056_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b192218ada6421208ea7deddc7edb10317af79772942a3f443c1578576986df5_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:49910e92876864d013a4da28de10a9ea2df1080fc65c838317804f94cf589edf_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:9dd2c8a6c4b1d45cf24669f322c33ab9e80ed4b7245004f7b938e89cb1c3a775_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c29144a75a9b498719ba0abc4870718ee5e5e2efa488e887f963876e35c81036_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:d84893b05420f046f74bd9372f4f3497c62b858bf348092741dea5d581bd4110_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3bb9d82a03c20aaa9bacb4351637771c9b0bb40687b13b67bab9facd9fc8f2b1_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:833c0d9fa006db72126475a0d5255ced1d1e53aeb28e880e1ccc2694a22fac5f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f2f7144831d63df014fe8092daddefc0b2e18155495e02ebc6c1118820e00af0_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f9b28bb240d0babd614dc8178b1267a6b61ab6fd9601af1a54d8077d05166f88_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:0a72b04272f48c8719c62c2bab8d15f2db701c9e2eb5bf0f2ef73efd83ea2af2_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9b422db8e9ff68046ce8040f18a369dd2f2cf5d12b458b9d151f14149892ead1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c1bfb4985d4fd88f8335e5efb90f8ae5e57607337c926ac53cabc1cd51224eee_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c693ac963582054ed65bf79593a621269532df05250698b3b2906228524c2766_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:1302bf62e8ff1f0e16f048144db723668640c42284f054fe68f181b694a87ba1_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:424d7f84c30efa40b8379bc64d83dc08dd7b2e1d68e6fb5d4a380a39b110be84_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:a94be7f7a94e6981f268808440c99e0487c2da9ffa883e880aed07bf059d80c2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:d9fd6af41cc7909cdab2180ba9bde0896f457fbc6cf247a450b6dac78539cc55_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:12be4945a9160354ff7d794168bfa106e6d2410daee1098a29e6cd191022a44d_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37026371bcf4835d49a1167963bbba762de7cb60ffd037f4601b6bce7976984d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:74ddab8bc38b4b7dd59076da34058781132a501b1b89156ce543f39cfff05985_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:9dd33d710aa03025bd8db8bf1434d52d56077f71fc730cfbada0bbddf05d4336_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:078adc26665a857c8c007a9d5db1678c4cdc53a915fd7987a495f2349ab7345a_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:4fc6ffbeb886713cf13727639602564f4a190bee44740f22c750d27eccf6ec01_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:55dd5d3d0dee4fe619e08e017b0e3d7745a6fef6bc044394eb03c46d9e12e4f2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:8c870f49e4ce8f91118899ac843987f6ee95c08ec85d15bb7acc53a73903eb9a_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0031860e17e27de522a6060a3ff990a77e23aea6312fd5132afb6da3d3260ef7_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:06bde71c0830f9d5876c2d68a3d74e71152b3f24883a76f70ec82a7ca85aea2f_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8363297c1a1294a204af48b97da703f97514aa92cbe584f17e7b81b49cf40015_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:ee50c8fad74b26357c169b97840d44f050b931ccb80f9cb930bbbed67bb681c0_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:212785428b395c0f3aa628e7c218c3d8a7bd256cc255ca7ea6bd234f70c06754_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:2ed644ec1f74c998d0b4953e527307e39a15fdfbb4baeecc0715d418874f7f70_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:a0df5db3e9cced245da7ad51f8557df94d37d1701525b02feb9ee62cfd72a440_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f493485f1d73bd3144a26803bcd1fc7ba4d5b5487eb4dcb455f9c97c8e54ba97_s390x | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A vulnerability was found in the Axios HTTP Client. It is vulnerable to a server-side request forgery attack (SSRF) caused by unexpected behavior where requests for path-relative URLs get processed as protocol-relative URLs. This flaw allows an attacker to perform arbitrary requests from the server, potentially accessing internal systems or exfiltrating sensitive data.
7.5 (High)
Affected products
Fixed
40 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:41381d57cb559e69b1954c25993ac4ce00d2d2732a13bb80a2aa908f9b6c05e5_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:5cffbe9de3dbc2af5539fbea83463c38bb1ac39d84e0b60ce0cd82fd339d376f_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:b1b12b545f5567b3f7d891916be9dbfe415c34c6d4e3332f3d7946e1db7f8052_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:df94fe7da914ba3b66b1390c196c9af1fd7e3bc25b66b4546def1f76bab0847e_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:5d7a394e499391e98b93e9f87c6757d4cbc814ecb223b6a081448330676a7d28_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:6e4f82351d5e6015a4ab90b5143c2ab6b01ba3b4d5ad8bc47fde76d0f507a3a2_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:a255acbe7b48a3f366195cfede643d3789d47eb2b9ad877f7388e46427dcf056_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b192218ada6421208ea7deddc7edb10317af79772942a3f443c1578576986df5_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:49910e92876864d013a4da28de10a9ea2df1080fc65c838317804f94cf589edf_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:9dd2c8a6c4b1d45cf24669f322c33ab9e80ed4b7245004f7b938e89cb1c3a775_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c29144a75a9b498719ba0abc4870718ee5e5e2efa488e887f963876e35c81036_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:d84893b05420f046f74bd9372f4f3497c62b858bf348092741dea5d581bd4110_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3bb9d82a03c20aaa9bacb4351637771c9b0bb40687b13b67bab9facd9fc8f2b1_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:833c0d9fa006db72126475a0d5255ced1d1e53aeb28e880e1ccc2694a22fac5f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f2f7144831d63df014fe8092daddefc0b2e18155495e02ebc6c1118820e00af0_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f9b28bb240d0babd614dc8178b1267a6b61ab6fd9601af1a54d8077d05166f88_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:0a72b04272f48c8719c62c2bab8d15f2db701c9e2eb5bf0f2ef73efd83ea2af2_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9b422db8e9ff68046ce8040f18a369dd2f2cf5d12b458b9d151f14149892ead1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c1bfb4985d4fd88f8335e5efb90f8ae5e57607337c926ac53cabc1cd51224eee_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c693ac963582054ed65bf79593a621269532df05250698b3b2906228524c2766_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:1302bf62e8ff1f0e16f048144db723668640c42284f054fe68f181b694a87ba1_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:424d7f84c30efa40b8379bc64d83dc08dd7b2e1d68e6fb5d4a380a39b110be84_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:a94be7f7a94e6981f268808440c99e0487c2da9ffa883e880aed07bf059d80c2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:d9fd6af41cc7909cdab2180ba9bde0896f457fbc6cf247a450b6dac78539cc55_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:12be4945a9160354ff7d794168bfa106e6d2410daee1098a29e6cd191022a44d_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37026371bcf4835d49a1167963bbba762de7cb60ffd037f4601b6bce7976984d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:74ddab8bc38b4b7dd59076da34058781132a501b1b89156ce543f39cfff05985_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:9dd33d710aa03025bd8db8bf1434d52d56077f71fc730cfbada0bbddf05d4336_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:078adc26665a857c8c007a9d5db1678c4cdc53a915fd7987a495f2349ab7345a_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:4fc6ffbeb886713cf13727639602564f4a190bee44740f22c750d27eccf6ec01_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:55dd5d3d0dee4fe619e08e017b0e3d7745a6fef6bc044394eb03c46d9e12e4f2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:8c870f49e4ce8f91118899ac843987f6ee95c08ec85d15bb7acc53a73903eb9a_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0031860e17e27de522a6060a3ff990a77e23aea6312fd5132afb6da3d3260ef7_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:06bde71c0830f9d5876c2d68a3d74e71152b3f24883a76f70ec82a7ca85aea2f_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8363297c1a1294a204af48b97da703f97514aa92cbe584f17e7b81b49cf40015_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:ee50c8fad74b26357c169b97840d44f050b931ccb80f9cb930bbbed67bb681c0_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:212785428b395c0f3aa628e7c218c3d8a7bd256cc255ca7ea6bd234f70c06754_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:2ed644ec1f74c998d0b4953e527307e39a15fdfbb4baeecc0715d418874f7f70_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:a0df5db3e9cced245da7ad51f8557df94d37d1701525b02feb9ee62cfd72a440_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f493485f1d73bd3144a26803bcd1fc7ba4d5b5487eb4dcb455f9c97c8e54ba97_s390x | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
References
36 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Service Mesh Containers for 2.6.1\n\nRed Hat Product Security has rated this update as having a security impact of\nImportant. A Common Vulnerability Scoring System (CVSS) base score, which gives a\ndetailed severity rating, is available for each vulnerability from the CVE\nlink(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Service Mesh is Red Hat\u0027s distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation.\n\nSecurity Fix(es):\n* axios: Server-Side Request Forgery (CVE-2024-39338)\n* express: cause malformed URLs to be evaluated (CVE-2024-29041)\n* micromatch: vulnerable to Regular Expression Denial of Service (CVE-2024-4067)\n* braces: fails to limit the number of characters it can handle (CVE-2024-4068)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:6211",
"url": "https://access.redhat.com/errata/RHSA-2024:6211"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "OSSM-6857",
"url": "https://issues.redhat.com/browse/OSSM-6857"
},
{
"category": "external",
"summary": "OSSM-8006",
"url": "https://issues.redhat.com/browse/OSSM-8006"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_6211.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.6.1 security update",
"tracking": {
"current_release_date": "2026-04-30T16:24:03+00:00",
"generator": {
"date": "2026-04-30T16:24:03+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.7"
}
},
"id": "RHSA-2024:6211",
"initial_release_date": "2024-09-03T10:05:20+00:00",
"revision_history": [
{
"date": "2024-09-03T10:05:20+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-09-03T10:05:20+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-04-30T16:24:03+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHOSSM 2.6 for RHEL 8",
"product": {
"name": "RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:service_mesh:2.6::el8"
}
}
},
{
"category": "product_name",
"name": "RHOSSM 2.6 for RHEL 9",
"product": {
"name": "RHOSSM 2.6 for RHEL 9",
"product_id": "9Base-RHOSSM-2.6",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:service_mesh:2.6::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Service Mesh"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:9b422db8e9ff68046ce8040f18a369dd2f2cf5d12b458b9d151f14149892ead1_amd64",
"product": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:9b422db8e9ff68046ce8040f18a369dd2f2cf5d12b458b9d151f14149892ead1_amd64",
"product_id": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:9b422db8e9ff68046ce8040f18a369dd2f2cf5d12b458b9d151f14149892ead1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel8@sha256:9b422db8e9ff68046ce8040f18a369dd2f2cf5d12b458b9d151f14149892ead1?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8\u0026tag=1.89.0-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:b192218ada6421208ea7deddc7edb10317af79772942a3f443c1578576986df5_amd64",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:b192218ada6421208ea7deddc7edb10317af79772942a3f443c1578576986df5_amd64",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:b192218ada6421208ea7deddc7edb10317af79772942a3f443c1578576986df5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:b192218ada6421208ea7deddc7edb10317af79772942a3f443c1578576986df5?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.6.1-7"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:41381d57cb559e69b1954c25993ac4ce00d2d2732a13bb80a2aa908f9b6c05e5_amd64",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:41381d57cb559e69b1954c25993ac4ce00d2d2732a13bb80a2aa908f9b6c05e5_amd64",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:41381d57cb559e69b1954c25993ac4ce00d2d2732a13bb80a2aa908f9b6c05e5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:41381d57cb559e69b1954c25993ac4ce00d2d2732a13bb80a2aa908f9b6c05e5?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.6.1-6"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:74ddab8bc38b4b7dd59076da34058781132a501b1b89156ce543f39cfff05985_amd64",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:74ddab8bc38b4b7dd59076da34058781132a501b1b89156ce543f39cfff05985_amd64",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:74ddab8bc38b4b7dd59076da34058781132a501b1b89156ce543f39cfff05985_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:74ddab8bc38b4b7dd59076da34058781132a501b1b89156ce543f39cfff05985?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.89.1-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:a94be7f7a94e6981f268808440c99e0487c2da9ffa883e880aed07bf059d80c2_amd64",
"product": {
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:a94be7f7a94e6981f268808440c99e0487c2da9ffa883e880aed07bf059d80c2_amd64",
"product_id": "openshift-service-mesh/kiali-rhel8-operator@sha256:a94be7f7a94e6981f268808440c99e0487c2da9ffa883e880aed07bf059d80c2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8-operator@sha256:a94be7f7a94e6981f268808440c99e0487c2da9ffa883e880aed07bf059d80c2?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8-operator\u0026tag=1.89.1-1"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:c29144a75a9b498719ba0abc4870718ee5e5e2efa488e887f963876e35c81036_amd64",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:c29144a75a9b498719ba0abc4870718ee5e5e2efa488e887f963876e35c81036_amd64",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:c29144a75a9b498719ba0abc4870718ee5e5e2efa488e887f963876e35c81036_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:c29144a75a9b498719ba0abc4870718ee5e5e2efa488e887f963876e35c81036?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.6.1-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:833c0d9fa006db72126475a0d5255ced1d1e53aeb28e880e1ccc2694a22fac5f_amd64",
"product": {
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:833c0d9fa006db72126475a0d5255ced1d1e53aeb28e880e1ccc2694a22fac5f_amd64",
"product_id": "openshift-service-mesh/istio-rhel8-operator@sha256:833c0d9fa006db72126475a0d5255ced1d1e53aeb28e880e1ccc2694a22fac5f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-rhel8-operator@sha256:833c0d9fa006db72126475a0d5255ced1d1e53aeb28e880e1ccc2694a22fac5f?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-rhel8-operator\u0026tag=2.6.1-9"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:55dd5d3d0dee4fe619e08e017b0e3d7745a6fef6bc044394eb03c46d9e12e4f2_amd64",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:55dd5d3d0dee4fe619e08e017b0e3d7745a6fef6bc044394eb03c46d9e12e4f2_amd64",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:55dd5d3d0dee4fe619e08e017b0e3d7745a6fef6bc044394eb03c46d9e12e4f2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:55dd5d3d0dee4fe619e08e017b0e3d7745a6fef6bc044394eb03c46d9e12e4f2?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.6.1-7"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:2ed644ec1f74c998d0b4953e527307e39a15fdfbb4baeecc0715d418874f7f70_amd64",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:2ed644ec1f74c998d0b4953e527307e39a15fdfbb4baeecc0715d418874f7f70_amd64",
"product_id": "openshift-service-mesh/proxyv2-rhel9@sha256:2ed644ec1f74c998d0b4953e527307e39a15fdfbb4baeecc0715d418874f7f70_amd64",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel9@sha256:2ed644ec1f74c998d0b4953e527307e39a15fdfbb4baeecc0715d418874f7f70?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel9\u0026tag=2.6.1-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:ee50c8fad74b26357c169b97840d44f050b931ccb80f9cb930bbbed67bb681c0_amd64",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:ee50c8fad74b26357c169b97840d44f050b931ccb80f9cb930bbbed67bb681c0_amd64",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:ee50c8fad74b26357c169b97840d44f050b931ccb80f9cb930bbbed67bb681c0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:ee50c8fad74b26357c169b97840d44f050b931ccb80f9cb930bbbed67bb681c0?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.6.1-6"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:0a72b04272f48c8719c62c2bab8d15f2db701c9e2eb5bf0f2ef73efd83ea2af2_ppc64le",
"product": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:0a72b04272f48c8719c62c2bab8d15f2db701c9e2eb5bf0f2ef73efd83ea2af2_ppc64le",
"product_id": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:0a72b04272f48c8719c62c2bab8d15f2db701c9e2eb5bf0f2ef73efd83ea2af2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel8@sha256:0a72b04272f48c8719c62c2bab8d15f2db701c9e2eb5bf0f2ef73efd83ea2af2?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8\u0026tag=1.89.0-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:6e4f82351d5e6015a4ab90b5143c2ab6b01ba3b4d5ad8bc47fde76d0f507a3a2_ppc64le",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:6e4f82351d5e6015a4ab90b5143c2ab6b01ba3b4d5ad8bc47fde76d0f507a3a2_ppc64le",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:6e4f82351d5e6015a4ab90b5143c2ab6b01ba3b4d5ad8bc47fde76d0f507a3a2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:6e4f82351d5e6015a4ab90b5143c2ab6b01ba3b4d5ad8bc47fde76d0f507a3a2?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.6.1-7"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:b1b12b545f5567b3f7d891916be9dbfe415c34c6d4e3332f3d7946e1db7f8052_ppc64le",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:b1b12b545f5567b3f7d891916be9dbfe415c34c6d4e3332f3d7946e1db7f8052_ppc64le",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:b1b12b545f5567b3f7d891916be9dbfe415c34c6d4e3332f3d7946e1db7f8052_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:b1b12b545f5567b3f7d891916be9dbfe415c34c6d4e3332f3d7946e1db7f8052?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.6.1-6"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:9dd33d710aa03025bd8db8bf1434d52d56077f71fc730cfbada0bbddf05d4336_ppc64le",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:9dd33d710aa03025bd8db8bf1434d52d56077f71fc730cfbada0bbddf05d4336_ppc64le",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:9dd33d710aa03025bd8db8bf1434d52d56077f71fc730cfbada0bbddf05d4336_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:9dd33d710aa03025bd8db8bf1434d52d56077f71fc730cfbada0bbddf05d4336?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.89.1-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:424d7f84c30efa40b8379bc64d83dc08dd7b2e1d68e6fb5d4a380a39b110be84_ppc64le",
"product": {
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:424d7f84c30efa40b8379bc64d83dc08dd7b2e1d68e6fb5d4a380a39b110be84_ppc64le",
"product_id": "openshift-service-mesh/kiali-rhel8-operator@sha256:424d7f84c30efa40b8379bc64d83dc08dd7b2e1d68e6fb5d4a380a39b110be84_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8-operator@sha256:424d7f84c30efa40b8379bc64d83dc08dd7b2e1d68e6fb5d4a380a39b110be84?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8-operator\u0026tag=1.89.1-1"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:49910e92876864d013a4da28de10a9ea2df1080fc65c838317804f94cf589edf_ppc64le",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:49910e92876864d013a4da28de10a9ea2df1080fc65c838317804f94cf589edf_ppc64le",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:49910e92876864d013a4da28de10a9ea2df1080fc65c838317804f94cf589edf_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:49910e92876864d013a4da28de10a9ea2df1080fc65c838317804f94cf589edf?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.6.1-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:f9b28bb240d0babd614dc8178b1267a6b61ab6fd9601af1a54d8077d05166f88_ppc64le",
"product": {
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:f9b28bb240d0babd614dc8178b1267a6b61ab6fd9601af1a54d8077d05166f88_ppc64le",
"product_id": "openshift-service-mesh/istio-rhel8-operator@sha256:f9b28bb240d0babd614dc8178b1267a6b61ab6fd9601af1a54d8077d05166f88_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-rhel8-operator@sha256:f9b28bb240d0babd614dc8178b1267a6b61ab6fd9601af1a54d8077d05166f88?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-rhel8-operator\u0026tag=2.6.1-9"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:4fc6ffbeb886713cf13727639602564f4a190bee44740f22c750d27eccf6ec01_ppc64le",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:4fc6ffbeb886713cf13727639602564f4a190bee44740f22c750d27eccf6ec01_ppc64le",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:4fc6ffbeb886713cf13727639602564f4a190bee44740f22c750d27eccf6ec01_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:4fc6ffbeb886713cf13727639602564f4a190bee44740f22c750d27eccf6ec01?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.6.1-7"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:a0df5db3e9cced245da7ad51f8557df94d37d1701525b02feb9ee62cfd72a440_ppc64le",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:a0df5db3e9cced245da7ad51f8557df94d37d1701525b02feb9ee62cfd72a440_ppc64le",
"product_id": "openshift-service-mesh/proxyv2-rhel9@sha256:a0df5db3e9cced245da7ad51f8557df94d37d1701525b02feb9ee62cfd72a440_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel9@sha256:a0df5db3e9cced245da7ad51f8557df94d37d1701525b02feb9ee62cfd72a440?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel9\u0026tag=2.6.1-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:8363297c1a1294a204af48b97da703f97514aa92cbe584f17e7b81b49cf40015_ppc64le",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:8363297c1a1294a204af48b97da703f97514aa92cbe584f17e7b81b49cf40015_ppc64le",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:8363297c1a1294a204af48b97da703f97514aa92cbe584f17e7b81b49cf40015_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:8363297c1a1294a204af48b97da703f97514aa92cbe584f17e7b81b49cf40015?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.6.1-6"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:c693ac963582054ed65bf79593a621269532df05250698b3b2906228524c2766_s390x",
"product": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:c693ac963582054ed65bf79593a621269532df05250698b3b2906228524c2766_s390x",
"product_id": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:c693ac963582054ed65bf79593a621269532df05250698b3b2906228524c2766_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel8@sha256:c693ac963582054ed65bf79593a621269532df05250698b3b2906228524c2766?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8\u0026tag=1.89.0-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:a255acbe7b48a3f366195cfede643d3789d47eb2b9ad877f7388e46427dcf056_s390x",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:a255acbe7b48a3f366195cfede643d3789d47eb2b9ad877f7388e46427dcf056_s390x",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:a255acbe7b48a3f366195cfede643d3789d47eb2b9ad877f7388e46427dcf056_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:a255acbe7b48a3f366195cfede643d3789d47eb2b9ad877f7388e46427dcf056?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.6.1-7"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:df94fe7da914ba3b66b1390c196c9af1fd7e3bc25b66b4546def1f76bab0847e_s390x",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:df94fe7da914ba3b66b1390c196c9af1fd7e3bc25b66b4546def1f76bab0847e_s390x",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:df94fe7da914ba3b66b1390c196c9af1fd7e3bc25b66b4546def1f76bab0847e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:df94fe7da914ba3b66b1390c196c9af1fd7e3bc25b66b4546def1f76bab0847e?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.6.1-6"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:12be4945a9160354ff7d794168bfa106e6d2410daee1098a29e6cd191022a44d_s390x",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:12be4945a9160354ff7d794168bfa106e6d2410daee1098a29e6cd191022a44d_s390x",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:12be4945a9160354ff7d794168bfa106e6d2410daee1098a29e6cd191022a44d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:12be4945a9160354ff7d794168bfa106e6d2410daee1098a29e6cd191022a44d?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.89.1-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:1302bf62e8ff1f0e16f048144db723668640c42284f054fe68f181b694a87ba1_s390x",
"product": {
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:1302bf62e8ff1f0e16f048144db723668640c42284f054fe68f181b694a87ba1_s390x",
"product_id": "openshift-service-mesh/kiali-rhel8-operator@sha256:1302bf62e8ff1f0e16f048144db723668640c42284f054fe68f181b694a87ba1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8-operator@sha256:1302bf62e8ff1f0e16f048144db723668640c42284f054fe68f181b694a87ba1?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8-operator\u0026tag=1.89.1-1"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:9dd2c8a6c4b1d45cf24669f322c33ab9e80ed4b7245004f7b938e89cb1c3a775_s390x",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:9dd2c8a6c4b1d45cf24669f322c33ab9e80ed4b7245004f7b938e89cb1c3a775_s390x",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:9dd2c8a6c4b1d45cf24669f322c33ab9e80ed4b7245004f7b938e89cb1c3a775_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:9dd2c8a6c4b1d45cf24669f322c33ab9e80ed4b7245004f7b938e89cb1c3a775?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.6.1-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:3bb9d82a03c20aaa9bacb4351637771c9b0bb40687b13b67bab9facd9fc8f2b1_s390x",
"product": {
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:3bb9d82a03c20aaa9bacb4351637771c9b0bb40687b13b67bab9facd9fc8f2b1_s390x",
"product_id": "openshift-service-mesh/istio-rhel8-operator@sha256:3bb9d82a03c20aaa9bacb4351637771c9b0bb40687b13b67bab9facd9fc8f2b1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-rhel8-operator@sha256:3bb9d82a03c20aaa9bacb4351637771c9b0bb40687b13b67bab9facd9fc8f2b1?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-rhel8-operator\u0026tag=2.6.1-9"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:078adc26665a857c8c007a9d5db1678c4cdc53a915fd7987a495f2349ab7345a_s390x",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:078adc26665a857c8c007a9d5db1678c4cdc53a915fd7987a495f2349ab7345a_s390x",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:078adc26665a857c8c007a9d5db1678c4cdc53a915fd7987a495f2349ab7345a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:078adc26665a857c8c007a9d5db1678c4cdc53a915fd7987a495f2349ab7345a?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.6.1-7"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:f493485f1d73bd3144a26803bcd1fc7ba4d5b5487eb4dcb455f9c97c8e54ba97_s390x",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:f493485f1d73bd3144a26803bcd1fc7ba4d5b5487eb4dcb455f9c97c8e54ba97_s390x",
"product_id": "openshift-service-mesh/proxyv2-rhel9@sha256:f493485f1d73bd3144a26803bcd1fc7ba4d5b5487eb4dcb455f9c97c8e54ba97_s390x",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel9@sha256:f493485f1d73bd3144a26803bcd1fc7ba4d5b5487eb4dcb455f9c97c8e54ba97?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel9\u0026tag=2.6.1-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:06bde71c0830f9d5876c2d68a3d74e71152b3f24883a76f70ec82a7ca85aea2f_s390x",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:06bde71c0830f9d5876c2d68a3d74e71152b3f24883a76f70ec82a7ca85aea2f_s390x",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:06bde71c0830f9d5876c2d68a3d74e71152b3f24883a76f70ec82a7ca85aea2f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:06bde71c0830f9d5876c2d68a3d74e71152b3f24883a76f70ec82a7ca85aea2f?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.6.1-6"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:c1bfb4985d4fd88f8335e5efb90f8ae5e57607337c926ac53cabc1cd51224eee_arm64",
"product": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:c1bfb4985d4fd88f8335e5efb90f8ae5e57607337c926ac53cabc1cd51224eee_arm64",
"product_id": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:c1bfb4985d4fd88f8335e5efb90f8ae5e57607337c926ac53cabc1cd51224eee_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel8@sha256:c1bfb4985d4fd88f8335e5efb90f8ae5e57607337c926ac53cabc1cd51224eee?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8\u0026tag=1.89.0-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:5d7a394e499391e98b93e9f87c6757d4cbc814ecb223b6a081448330676a7d28_arm64",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:5d7a394e499391e98b93e9f87c6757d4cbc814ecb223b6a081448330676a7d28_arm64",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:5d7a394e499391e98b93e9f87c6757d4cbc814ecb223b6a081448330676a7d28_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:5d7a394e499391e98b93e9f87c6757d4cbc814ecb223b6a081448330676a7d28?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.6.1-7"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:5cffbe9de3dbc2af5539fbea83463c38bb1ac39d84e0b60ce0cd82fd339d376f_arm64",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:5cffbe9de3dbc2af5539fbea83463c38bb1ac39d84e0b60ce0cd82fd339d376f_arm64",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:5cffbe9de3dbc2af5539fbea83463c38bb1ac39d84e0b60ce0cd82fd339d376f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:5cffbe9de3dbc2af5539fbea83463c38bb1ac39d84e0b60ce0cd82fd339d376f?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.6.1-6"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:37026371bcf4835d49a1167963bbba762de7cb60ffd037f4601b6bce7976984d_arm64",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:37026371bcf4835d49a1167963bbba762de7cb60ffd037f4601b6bce7976984d_arm64",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:37026371bcf4835d49a1167963bbba762de7cb60ffd037f4601b6bce7976984d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:37026371bcf4835d49a1167963bbba762de7cb60ffd037f4601b6bce7976984d?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.89.1-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:d9fd6af41cc7909cdab2180ba9bde0896f457fbc6cf247a450b6dac78539cc55_arm64",
"product": {
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:d9fd6af41cc7909cdab2180ba9bde0896f457fbc6cf247a450b6dac78539cc55_arm64",
"product_id": "openshift-service-mesh/kiali-rhel8-operator@sha256:d9fd6af41cc7909cdab2180ba9bde0896f457fbc6cf247a450b6dac78539cc55_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8-operator@sha256:d9fd6af41cc7909cdab2180ba9bde0896f457fbc6cf247a450b6dac78539cc55?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8-operator\u0026tag=1.89.1-1"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:d84893b05420f046f74bd9372f4f3497c62b858bf348092741dea5d581bd4110_arm64",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:d84893b05420f046f74bd9372f4f3497c62b858bf348092741dea5d581bd4110_arm64",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:d84893b05420f046f74bd9372f4f3497c62b858bf348092741dea5d581bd4110_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:d84893b05420f046f74bd9372f4f3497c62b858bf348092741dea5d581bd4110?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.6.1-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:f2f7144831d63df014fe8092daddefc0b2e18155495e02ebc6c1118820e00af0_arm64",
"product": {
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:f2f7144831d63df014fe8092daddefc0b2e18155495e02ebc6c1118820e00af0_arm64",
"product_id": "openshift-service-mesh/istio-rhel8-operator@sha256:f2f7144831d63df014fe8092daddefc0b2e18155495e02ebc6c1118820e00af0_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-rhel8-operator@sha256:f2f7144831d63df014fe8092daddefc0b2e18155495e02ebc6c1118820e00af0?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-rhel8-operator\u0026tag=2.6.1-9"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:8c870f49e4ce8f91118899ac843987f6ee95c08ec85d15bb7acc53a73903eb9a_arm64",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:8c870f49e4ce8f91118899ac843987f6ee95c08ec85d15bb7acc53a73903eb9a_arm64",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:8c870f49e4ce8f91118899ac843987f6ee95c08ec85d15bb7acc53a73903eb9a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:8c870f49e4ce8f91118899ac843987f6ee95c08ec85d15bb7acc53a73903eb9a?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.6.1-7"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:212785428b395c0f3aa628e7c218c3d8a7bd256cc255ca7ea6bd234f70c06754_arm64",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:212785428b395c0f3aa628e7c218c3d8a7bd256cc255ca7ea6bd234f70c06754_arm64",
"product_id": "openshift-service-mesh/proxyv2-rhel9@sha256:212785428b395c0f3aa628e7c218c3d8a7bd256cc255ca7ea6bd234f70c06754_arm64",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel9@sha256:212785428b395c0f3aa628e7c218c3d8a7bd256cc255ca7ea6bd234f70c06754?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel9\u0026tag=2.6.1-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:0031860e17e27de522a6060a3ff990a77e23aea6312fd5132afb6da3d3260ef7_arm64",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:0031860e17e27de522a6060a3ff990a77e23aea6312fd5132afb6da3d3260ef7_arm64",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:0031860e17e27de522a6060a3ff990a77e23aea6312fd5132afb6da3d3260ef7_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:0031860e17e27de522a6060a3ff990a77e23aea6312fd5132afb6da3d3260ef7?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.6.1-6"
}
}
}
],
"category": "architecture",
"name": "arm64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:41381d57cb559e69b1954c25993ac4ce00d2d2732a13bb80a2aa908f9b6c05e5_amd64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:41381d57cb559e69b1954c25993ac4ce00d2d2732a13bb80a2aa908f9b6c05e5_amd64"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:41381d57cb559e69b1954c25993ac4ce00d2d2732a13bb80a2aa908f9b6c05e5_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:5cffbe9de3dbc2af5539fbea83463c38bb1ac39d84e0b60ce0cd82fd339d376f_arm64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:5cffbe9de3dbc2af5539fbea83463c38bb1ac39d84e0b60ce0cd82fd339d376f_arm64"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:5cffbe9de3dbc2af5539fbea83463c38bb1ac39d84e0b60ce0cd82fd339d376f_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:b1b12b545f5567b3f7d891916be9dbfe415c34c6d4e3332f3d7946e1db7f8052_ppc64le as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:b1b12b545f5567b3f7d891916be9dbfe415c34c6d4e3332f3d7946e1db7f8052_ppc64le"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:b1b12b545f5567b3f7d891916be9dbfe415c34c6d4e3332f3d7946e1db7f8052_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:df94fe7da914ba3b66b1390c196c9af1fd7e3bc25b66b4546def1f76bab0847e_s390x as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:df94fe7da914ba3b66b1390c196c9af1fd7e3bc25b66b4546def1f76bab0847e_s390x"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:df94fe7da914ba3b66b1390c196c9af1fd7e3bc25b66b4546def1f76bab0847e_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:5d7a394e499391e98b93e9f87c6757d4cbc814ecb223b6a081448330676a7d28_arm64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:5d7a394e499391e98b93e9f87c6757d4cbc814ecb223b6a081448330676a7d28_arm64"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:5d7a394e499391e98b93e9f87c6757d4cbc814ecb223b6a081448330676a7d28_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:6e4f82351d5e6015a4ab90b5143c2ab6b01ba3b4d5ad8bc47fde76d0f507a3a2_ppc64le as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:6e4f82351d5e6015a4ab90b5143c2ab6b01ba3b4d5ad8bc47fde76d0f507a3a2_ppc64le"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:6e4f82351d5e6015a4ab90b5143c2ab6b01ba3b4d5ad8bc47fde76d0f507a3a2_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:a255acbe7b48a3f366195cfede643d3789d47eb2b9ad877f7388e46427dcf056_s390x as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:a255acbe7b48a3f366195cfede643d3789d47eb2b9ad877f7388e46427dcf056_s390x"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:a255acbe7b48a3f366195cfede643d3789d47eb2b9ad877f7388e46427dcf056_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:b192218ada6421208ea7deddc7edb10317af79772942a3f443c1578576986df5_amd64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b192218ada6421208ea7deddc7edb10317af79772942a3f443c1578576986df5_amd64"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:b192218ada6421208ea7deddc7edb10317af79772942a3f443c1578576986df5_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:49910e92876864d013a4da28de10a9ea2df1080fc65c838317804f94cf589edf_ppc64le as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:49910e92876864d013a4da28de10a9ea2df1080fc65c838317804f94cf589edf_ppc64le"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:49910e92876864d013a4da28de10a9ea2df1080fc65c838317804f94cf589edf_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:9dd2c8a6c4b1d45cf24669f322c33ab9e80ed4b7245004f7b938e89cb1c3a775_s390x as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:9dd2c8a6c4b1d45cf24669f322c33ab9e80ed4b7245004f7b938e89cb1c3a775_s390x"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:9dd2c8a6c4b1d45cf24669f322c33ab9e80ed4b7245004f7b938e89cb1c3a775_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:c29144a75a9b498719ba0abc4870718ee5e5e2efa488e887f963876e35c81036_amd64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c29144a75a9b498719ba0abc4870718ee5e5e2efa488e887f963876e35c81036_amd64"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:c29144a75a9b498719ba0abc4870718ee5e5e2efa488e887f963876e35c81036_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:d84893b05420f046f74bd9372f4f3497c62b858bf348092741dea5d581bd4110_arm64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:d84893b05420f046f74bd9372f4f3497c62b858bf348092741dea5d581bd4110_arm64"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:d84893b05420f046f74bd9372f4f3497c62b858bf348092741dea5d581bd4110_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:3bb9d82a03c20aaa9bacb4351637771c9b0bb40687b13b67bab9facd9fc8f2b1_s390x as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3bb9d82a03c20aaa9bacb4351637771c9b0bb40687b13b67bab9facd9fc8f2b1_s390x"
},
"product_reference": "openshift-service-mesh/istio-rhel8-operator@sha256:3bb9d82a03c20aaa9bacb4351637771c9b0bb40687b13b67bab9facd9fc8f2b1_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:833c0d9fa006db72126475a0d5255ced1d1e53aeb28e880e1ccc2694a22fac5f_amd64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:833c0d9fa006db72126475a0d5255ced1d1e53aeb28e880e1ccc2694a22fac5f_amd64"
},
"product_reference": "openshift-service-mesh/istio-rhel8-operator@sha256:833c0d9fa006db72126475a0d5255ced1d1e53aeb28e880e1ccc2694a22fac5f_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:f2f7144831d63df014fe8092daddefc0b2e18155495e02ebc6c1118820e00af0_arm64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f2f7144831d63df014fe8092daddefc0b2e18155495e02ebc6c1118820e00af0_arm64"
},
"product_reference": "openshift-service-mesh/istio-rhel8-operator@sha256:f2f7144831d63df014fe8092daddefc0b2e18155495e02ebc6c1118820e00af0_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:f9b28bb240d0babd614dc8178b1267a6b61ab6fd9601af1a54d8077d05166f88_ppc64le as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f9b28bb240d0babd614dc8178b1267a6b61ab6fd9601af1a54d8077d05166f88_ppc64le"
},
"product_reference": "openshift-service-mesh/istio-rhel8-operator@sha256:f9b28bb240d0babd614dc8178b1267a6b61ab6fd9601af1a54d8077d05166f88_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:0a72b04272f48c8719c62c2bab8d15f2db701c9e2eb5bf0f2ef73efd83ea2af2_ppc64le as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:0a72b04272f48c8719c62c2bab8d15f2db701c9e2eb5bf0f2ef73efd83ea2af2_ppc64le"
},
"product_reference": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:0a72b04272f48c8719c62c2bab8d15f2db701c9e2eb5bf0f2ef73efd83ea2af2_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:9b422db8e9ff68046ce8040f18a369dd2f2cf5d12b458b9d151f14149892ead1_amd64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9b422db8e9ff68046ce8040f18a369dd2f2cf5d12b458b9d151f14149892ead1_amd64"
},
"product_reference": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:9b422db8e9ff68046ce8040f18a369dd2f2cf5d12b458b9d151f14149892ead1_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:c1bfb4985d4fd88f8335e5efb90f8ae5e57607337c926ac53cabc1cd51224eee_arm64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c1bfb4985d4fd88f8335e5efb90f8ae5e57607337c926ac53cabc1cd51224eee_arm64"
},
"product_reference": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:c1bfb4985d4fd88f8335e5efb90f8ae5e57607337c926ac53cabc1cd51224eee_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:c693ac963582054ed65bf79593a621269532df05250698b3b2906228524c2766_s390x as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c693ac963582054ed65bf79593a621269532df05250698b3b2906228524c2766_s390x"
},
"product_reference": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:c693ac963582054ed65bf79593a621269532df05250698b3b2906228524c2766_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:1302bf62e8ff1f0e16f048144db723668640c42284f054fe68f181b694a87ba1_s390x as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:1302bf62e8ff1f0e16f048144db723668640c42284f054fe68f181b694a87ba1_s390x"
},
"product_reference": "openshift-service-mesh/kiali-rhel8-operator@sha256:1302bf62e8ff1f0e16f048144db723668640c42284f054fe68f181b694a87ba1_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:424d7f84c30efa40b8379bc64d83dc08dd7b2e1d68e6fb5d4a380a39b110be84_ppc64le as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:424d7f84c30efa40b8379bc64d83dc08dd7b2e1d68e6fb5d4a380a39b110be84_ppc64le"
},
"product_reference": "openshift-service-mesh/kiali-rhel8-operator@sha256:424d7f84c30efa40b8379bc64d83dc08dd7b2e1d68e6fb5d4a380a39b110be84_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:a94be7f7a94e6981f268808440c99e0487c2da9ffa883e880aed07bf059d80c2_amd64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:a94be7f7a94e6981f268808440c99e0487c2da9ffa883e880aed07bf059d80c2_amd64"
},
"product_reference": "openshift-service-mesh/kiali-rhel8-operator@sha256:a94be7f7a94e6981f268808440c99e0487c2da9ffa883e880aed07bf059d80c2_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:d9fd6af41cc7909cdab2180ba9bde0896f457fbc6cf247a450b6dac78539cc55_arm64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:d9fd6af41cc7909cdab2180ba9bde0896f457fbc6cf247a450b6dac78539cc55_arm64"
},
"product_reference": "openshift-service-mesh/kiali-rhel8-operator@sha256:d9fd6af41cc7909cdab2180ba9bde0896f457fbc6cf247a450b6dac78539cc55_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:12be4945a9160354ff7d794168bfa106e6d2410daee1098a29e6cd191022a44d_s390x as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:12be4945a9160354ff7d794168bfa106e6d2410daee1098a29e6cd191022a44d_s390x"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:12be4945a9160354ff7d794168bfa106e6d2410daee1098a29e6cd191022a44d_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:37026371bcf4835d49a1167963bbba762de7cb60ffd037f4601b6bce7976984d_arm64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37026371bcf4835d49a1167963bbba762de7cb60ffd037f4601b6bce7976984d_arm64"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:37026371bcf4835d49a1167963bbba762de7cb60ffd037f4601b6bce7976984d_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:74ddab8bc38b4b7dd59076da34058781132a501b1b89156ce543f39cfff05985_amd64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:74ddab8bc38b4b7dd59076da34058781132a501b1b89156ce543f39cfff05985_amd64"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:74ddab8bc38b4b7dd59076da34058781132a501b1b89156ce543f39cfff05985_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:9dd33d710aa03025bd8db8bf1434d52d56077f71fc730cfbada0bbddf05d4336_ppc64le as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:9dd33d710aa03025bd8db8bf1434d52d56077f71fc730cfbada0bbddf05d4336_ppc64le"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:9dd33d710aa03025bd8db8bf1434d52d56077f71fc730cfbada0bbddf05d4336_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:078adc26665a857c8c007a9d5db1678c4cdc53a915fd7987a495f2349ab7345a_s390x as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:078adc26665a857c8c007a9d5db1678c4cdc53a915fd7987a495f2349ab7345a_s390x"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:078adc26665a857c8c007a9d5db1678c4cdc53a915fd7987a495f2349ab7345a_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:4fc6ffbeb886713cf13727639602564f4a190bee44740f22c750d27eccf6ec01_ppc64le as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:4fc6ffbeb886713cf13727639602564f4a190bee44740f22c750d27eccf6ec01_ppc64le"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:4fc6ffbeb886713cf13727639602564f4a190bee44740f22c750d27eccf6ec01_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:55dd5d3d0dee4fe619e08e017b0e3d7745a6fef6bc044394eb03c46d9e12e4f2_amd64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:55dd5d3d0dee4fe619e08e017b0e3d7745a6fef6bc044394eb03c46d9e12e4f2_amd64"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:55dd5d3d0dee4fe619e08e017b0e3d7745a6fef6bc044394eb03c46d9e12e4f2_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:8c870f49e4ce8f91118899ac843987f6ee95c08ec85d15bb7acc53a73903eb9a_arm64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:8c870f49e4ce8f91118899ac843987f6ee95c08ec85d15bb7acc53a73903eb9a_arm64"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:8c870f49e4ce8f91118899ac843987f6ee95c08ec85d15bb7acc53a73903eb9a_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:0031860e17e27de522a6060a3ff990a77e23aea6312fd5132afb6da3d3260ef7_arm64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0031860e17e27de522a6060a3ff990a77e23aea6312fd5132afb6da3d3260ef7_arm64"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:0031860e17e27de522a6060a3ff990a77e23aea6312fd5132afb6da3d3260ef7_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:06bde71c0830f9d5876c2d68a3d74e71152b3f24883a76f70ec82a7ca85aea2f_s390x as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:06bde71c0830f9d5876c2d68a3d74e71152b3f24883a76f70ec82a7ca85aea2f_s390x"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:06bde71c0830f9d5876c2d68a3d74e71152b3f24883a76f70ec82a7ca85aea2f_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:8363297c1a1294a204af48b97da703f97514aa92cbe584f17e7b81b49cf40015_ppc64le as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8363297c1a1294a204af48b97da703f97514aa92cbe584f17e7b81b49cf40015_ppc64le"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:8363297c1a1294a204af48b97da703f97514aa92cbe584f17e7b81b49cf40015_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:ee50c8fad74b26357c169b97840d44f050b931ccb80f9cb930bbbed67bb681c0_amd64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:ee50c8fad74b26357c169b97840d44f050b931ccb80f9cb930bbbed67bb681c0_amd64"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:ee50c8fad74b26357c169b97840d44f050b931ccb80f9cb930bbbed67bb681c0_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:212785428b395c0f3aa628e7c218c3d8a7bd256cc255ca7ea6bd234f70c06754_arm64 as a component of RHOSSM 2.6 for RHEL 9",
"product_id": "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:212785428b395c0f3aa628e7c218c3d8a7bd256cc255ca7ea6bd234f70c06754_arm64"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel9@sha256:212785428b395c0f3aa628e7c218c3d8a7bd256cc255ca7ea6bd234f70c06754_arm64",
"relates_to_product_reference": "9Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:2ed644ec1f74c998d0b4953e527307e39a15fdfbb4baeecc0715d418874f7f70_amd64 as a component of RHOSSM 2.6 for RHEL 9",
"product_id": "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:2ed644ec1f74c998d0b4953e527307e39a15fdfbb4baeecc0715d418874f7f70_amd64"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel9@sha256:2ed644ec1f74c998d0b4953e527307e39a15fdfbb4baeecc0715d418874f7f70_amd64",
"relates_to_product_reference": "9Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:a0df5db3e9cced245da7ad51f8557df94d37d1701525b02feb9ee62cfd72a440_ppc64le as a component of RHOSSM 2.6 for RHEL 9",
"product_id": "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:a0df5db3e9cced245da7ad51f8557df94d37d1701525b02feb9ee62cfd72a440_ppc64le"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel9@sha256:a0df5db3e9cced245da7ad51f8557df94d37d1701525b02feb9ee62cfd72a440_ppc64le",
"relates_to_product_reference": "9Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:f493485f1d73bd3144a26803bcd1fc7ba4d5b5487eb4dcb455f9c97c8e54ba97_s390x as a component of RHOSSM 2.6 for RHEL 9",
"product_id": "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f493485f1d73bd3144a26803bcd1fc7ba4d5b5487eb4dcb455f9c97c8e54ba97_s390x"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel9@sha256:f493485f1d73bd3144a26803bcd1fc7ba4d5b5487eb4dcb455f9c97c8e54ba97_s390x",
"relates_to_product_reference": "9Base-RHOSSM-2.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-4067",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2024-05-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2280601"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the NPM package `micromatch` where it is vulnerable to a regular expression denial of service (ReDoS). The issue occurs in `micromatch.braces()` in `index.js` because the pattern `.*` will readily match anything. By passing a malicious payload, the pattern matching will keep backtracking to the input while it doesn\u0027t find the closing bracket. As the input size increases, the consumption time will also increase until it causes the application to hang or slow down. There was a merged fix but further testing shows the issue persists. This issue should be mitigated by using a safe pattern that won\u0027t start backtracking the regular expression due to greedy matching.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "micromatch: vulnerable to Regular Expression Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:41381d57cb559e69b1954c25993ac4ce00d2d2732a13bb80a2aa908f9b6c05e5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:5cffbe9de3dbc2af5539fbea83463c38bb1ac39d84e0b60ce0cd82fd339d376f_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:b1b12b545f5567b3f7d891916be9dbfe415c34c6d4e3332f3d7946e1db7f8052_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:df94fe7da914ba3b66b1390c196c9af1fd7e3bc25b66b4546def1f76bab0847e_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:5d7a394e499391e98b93e9f87c6757d4cbc814ecb223b6a081448330676a7d28_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:6e4f82351d5e6015a4ab90b5143c2ab6b01ba3b4d5ad8bc47fde76d0f507a3a2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:a255acbe7b48a3f366195cfede643d3789d47eb2b9ad877f7388e46427dcf056_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b192218ada6421208ea7deddc7edb10317af79772942a3f443c1578576986df5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:49910e92876864d013a4da28de10a9ea2df1080fc65c838317804f94cf589edf_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:9dd2c8a6c4b1d45cf24669f322c33ab9e80ed4b7245004f7b938e89cb1c3a775_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c29144a75a9b498719ba0abc4870718ee5e5e2efa488e887f963876e35c81036_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:d84893b05420f046f74bd9372f4f3497c62b858bf348092741dea5d581bd4110_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3bb9d82a03c20aaa9bacb4351637771c9b0bb40687b13b67bab9facd9fc8f2b1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:833c0d9fa006db72126475a0d5255ced1d1e53aeb28e880e1ccc2694a22fac5f_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f2f7144831d63df014fe8092daddefc0b2e18155495e02ebc6c1118820e00af0_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f9b28bb240d0babd614dc8178b1267a6b61ab6fd9601af1a54d8077d05166f88_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:0a72b04272f48c8719c62c2bab8d15f2db701c9e2eb5bf0f2ef73efd83ea2af2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9b422db8e9ff68046ce8040f18a369dd2f2cf5d12b458b9d151f14149892ead1_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c1bfb4985d4fd88f8335e5efb90f8ae5e57607337c926ac53cabc1cd51224eee_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c693ac963582054ed65bf79593a621269532df05250698b3b2906228524c2766_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:1302bf62e8ff1f0e16f048144db723668640c42284f054fe68f181b694a87ba1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:424d7f84c30efa40b8379bc64d83dc08dd7b2e1d68e6fb5d4a380a39b110be84_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:a94be7f7a94e6981f268808440c99e0487c2da9ffa883e880aed07bf059d80c2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:d9fd6af41cc7909cdab2180ba9bde0896f457fbc6cf247a450b6dac78539cc55_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:12be4945a9160354ff7d794168bfa106e6d2410daee1098a29e6cd191022a44d_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37026371bcf4835d49a1167963bbba762de7cb60ffd037f4601b6bce7976984d_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:74ddab8bc38b4b7dd59076da34058781132a501b1b89156ce543f39cfff05985_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:9dd33d710aa03025bd8db8bf1434d52d56077f71fc730cfbada0bbddf05d4336_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:078adc26665a857c8c007a9d5db1678c4cdc53a915fd7987a495f2349ab7345a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:4fc6ffbeb886713cf13727639602564f4a190bee44740f22c750d27eccf6ec01_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:55dd5d3d0dee4fe619e08e017b0e3d7745a6fef6bc044394eb03c46d9e12e4f2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:8c870f49e4ce8f91118899ac843987f6ee95c08ec85d15bb7acc53a73903eb9a_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0031860e17e27de522a6060a3ff990a77e23aea6312fd5132afb6da3d3260ef7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:06bde71c0830f9d5876c2d68a3d74e71152b3f24883a76f70ec82a7ca85aea2f_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8363297c1a1294a204af48b97da703f97514aa92cbe584f17e7b81b49cf40015_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:ee50c8fad74b26357c169b97840d44f050b931ccb80f9cb930bbbed67bb681c0_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:212785428b395c0f3aa628e7c218c3d8a7bd256cc255ca7ea6bd234f70c06754_arm64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:2ed644ec1f74c998d0b4953e527307e39a15fdfbb4baeecc0715d418874f7f70_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:a0df5db3e9cced245da7ad51f8557df94d37d1701525b02feb9ee62cfd72a440_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f493485f1d73bd3144a26803bcd1fc7ba4d5b5487eb4dcb455f9c97c8e54ba97_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-4067"
},
{
"category": "external",
"summary": "RHBZ#2280601",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2280601"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-4067",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4067"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-4067",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-4067"
},
{
"category": "external",
"summary": "https://devhub.checkmarx.com/cve-details/CVE-2024-4067/",
"url": "https://devhub.checkmarx.com/cve-details/CVE-2024-4067/"
},
{
"category": "external",
"summary": "https://github.com/micromatch/micromatch/blob/2c56a8604b68c1099e7bc0f807ce0865a339747a/index.js#L448",
"url": "https://github.com/micromatch/micromatch/blob/2c56a8604b68c1099e7bc0f807ce0865a339747a/index.js#L448"
},
{
"category": "external",
"summary": "https://github.com/micromatch/micromatch/issues/243",
"url": "https://github.com/micromatch/micromatch/issues/243"
},
{
"category": "external",
"summary": "https://github.com/micromatch/micromatch/pull/247",
"url": "https://github.com/micromatch/micromatch/pull/247"
}
],
"release_date": "2023-12-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-03T10:05:20+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:41381d57cb559e69b1954c25993ac4ce00d2d2732a13bb80a2aa908f9b6c05e5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:5cffbe9de3dbc2af5539fbea83463c38bb1ac39d84e0b60ce0cd82fd339d376f_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:b1b12b545f5567b3f7d891916be9dbfe415c34c6d4e3332f3d7946e1db7f8052_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:df94fe7da914ba3b66b1390c196c9af1fd7e3bc25b66b4546def1f76bab0847e_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:5d7a394e499391e98b93e9f87c6757d4cbc814ecb223b6a081448330676a7d28_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:6e4f82351d5e6015a4ab90b5143c2ab6b01ba3b4d5ad8bc47fde76d0f507a3a2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:a255acbe7b48a3f366195cfede643d3789d47eb2b9ad877f7388e46427dcf056_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b192218ada6421208ea7deddc7edb10317af79772942a3f443c1578576986df5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:49910e92876864d013a4da28de10a9ea2df1080fc65c838317804f94cf589edf_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:9dd2c8a6c4b1d45cf24669f322c33ab9e80ed4b7245004f7b938e89cb1c3a775_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c29144a75a9b498719ba0abc4870718ee5e5e2efa488e887f963876e35c81036_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:d84893b05420f046f74bd9372f4f3497c62b858bf348092741dea5d581bd4110_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3bb9d82a03c20aaa9bacb4351637771c9b0bb40687b13b67bab9facd9fc8f2b1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:833c0d9fa006db72126475a0d5255ced1d1e53aeb28e880e1ccc2694a22fac5f_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f2f7144831d63df014fe8092daddefc0b2e18155495e02ebc6c1118820e00af0_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f9b28bb240d0babd614dc8178b1267a6b61ab6fd9601af1a54d8077d05166f88_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:0a72b04272f48c8719c62c2bab8d15f2db701c9e2eb5bf0f2ef73efd83ea2af2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9b422db8e9ff68046ce8040f18a369dd2f2cf5d12b458b9d151f14149892ead1_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c1bfb4985d4fd88f8335e5efb90f8ae5e57607337c926ac53cabc1cd51224eee_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c693ac963582054ed65bf79593a621269532df05250698b3b2906228524c2766_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:1302bf62e8ff1f0e16f048144db723668640c42284f054fe68f181b694a87ba1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:424d7f84c30efa40b8379bc64d83dc08dd7b2e1d68e6fb5d4a380a39b110be84_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:a94be7f7a94e6981f268808440c99e0487c2da9ffa883e880aed07bf059d80c2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:d9fd6af41cc7909cdab2180ba9bde0896f457fbc6cf247a450b6dac78539cc55_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:12be4945a9160354ff7d794168bfa106e6d2410daee1098a29e6cd191022a44d_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37026371bcf4835d49a1167963bbba762de7cb60ffd037f4601b6bce7976984d_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:74ddab8bc38b4b7dd59076da34058781132a501b1b89156ce543f39cfff05985_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:9dd33d710aa03025bd8db8bf1434d52d56077f71fc730cfbada0bbddf05d4336_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:078adc26665a857c8c007a9d5db1678c4cdc53a915fd7987a495f2349ab7345a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:4fc6ffbeb886713cf13727639602564f4a190bee44740f22c750d27eccf6ec01_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:55dd5d3d0dee4fe619e08e017b0e3d7745a6fef6bc044394eb03c46d9e12e4f2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:8c870f49e4ce8f91118899ac843987f6ee95c08ec85d15bb7acc53a73903eb9a_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0031860e17e27de522a6060a3ff990a77e23aea6312fd5132afb6da3d3260ef7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:06bde71c0830f9d5876c2d68a3d74e71152b3f24883a76f70ec82a7ca85aea2f_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8363297c1a1294a204af48b97da703f97514aa92cbe584f17e7b81b49cf40015_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:ee50c8fad74b26357c169b97840d44f050b931ccb80f9cb930bbbed67bb681c0_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:212785428b395c0f3aa628e7c218c3d8a7bd256cc255ca7ea6bd234f70c06754_arm64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:2ed644ec1f74c998d0b4953e527307e39a15fdfbb4baeecc0715d418874f7f70_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:a0df5db3e9cced245da7ad51f8557df94d37d1701525b02feb9ee62cfd72a440_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f493485f1d73bd3144a26803bcd1fc7ba4d5b5487eb4dcb455f9c97c8e54ba97_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6211"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:41381d57cb559e69b1954c25993ac4ce00d2d2732a13bb80a2aa908f9b6c05e5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:5cffbe9de3dbc2af5539fbea83463c38bb1ac39d84e0b60ce0cd82fd339d376f_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:b1b12b545f5567b3f7d891916be9dbfe415c34c6d4e3332f3d7946e1db7f8052_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:df94fe7da914ba3b66b1390c196c9af1fd7e3bc25b66b4546def1f76bab0847e_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:5d7a394e499391e98b93e9f87c6757d4cbc814ecb223b6a081448330676a7d28_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:6e4f82351d5e6015a4ab90b5143c2ab6b01ba3b4d5ad8bc47fde76d0f507a3a2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:a255acbe7b48a3f366195cfede643d3789d47eb2b9ad877f7388e46427dcf056_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b192218ada6421208ea7deddc7edb10317af79772942a3f443c1578576986df5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:49910e92876864d013a4da28de10a9ea2df1080fc65c838317804f94cf589edf_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:9dd2c8a6c4b1d45cf24669f322c33ab9e80ed4b7245004f7b938e89cb1c3a775_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c29144a75a9b498719ba0abc4870718ee5e5e2efa488e887f963876e35c81036_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:d84893b05420f046f74bd9372f4f3497c62b858bf348092741dea5d581bd4110_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3bb9d82a03c20aaa9bacb4351637771c9b0bb40687b13b67bab9facd9fc8f2b1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:833c0d9fa006db72126475a0d5255ced1d1e53aeb28e880e1ccc2694a22fac5f_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f2f7144831d63df014fe8092daddefc0b2e18155495e02ebc6c1118820e00af0_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f9b28bb240d0babd614dc8178b1267a6b61ab6fd9601af1a54d8077d05166f88_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:0a72b04272f48c8719c62c2bab8d15f2db701c9e2eb5bf0f2ef73efd83ea2af2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9b422db8e9ff68046ce8040f18a369dd2f2cf5d12b458b9d151f14149892ead1_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c1bfb4985d4fd88f8335e5efb90f8ae5e57607337c926ac53cabc1cd51224eee_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c693ac963582054ed65bf79593a621269532df05250698b3b2906228524c2766_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:1302bf62e8ff1f0e16f048144db723668640c42284f054fe68f181b694a87ba1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:424d7f84c30efa40b8379bc64d83dc08dd7b2e1d68e6fb5d4a380a39b110be84_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:a94be7f7a94e6981f268808440c99e0487c2da9ffa883e880aed07bf059d80c2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:d9fd6af41cc7909cdab2180ba9bde0896f457fbc6cf247a450b6dac78539cc55_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:12be4945a9160354ff7d794168bfa106e6d2410daee1098a29e6cd191022a44d_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37026371bcf4835d49a1167963bbba762de7cb60ffd037f4601b6bce7976984d_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:74ddab8bc38b4b7dd59076da34058781132a501b1b89156ce543f39cfff05985_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:9dd33d710aa03025bd8db8bf1434d52d56077f71fc730cfbada0bbddf05d4336_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:078adc26665a857c8c007a9d5db1678c4cdc53a915fd7987a495f2349ab7345a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:4fc6ffbeb886713cf13727639602564f4a190bee44740f22c750d27eccf6ec01_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:55dd5d3d0dee4fe619e08e017b0e3d7745a6fef6bc044394eb03c46d9e12e4f2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:8c870f49e4ce8f91118899ac843987f6ee95c08ec85d15bb7acc53a73903eb9a_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0031860e17e27de522a6060a3ff990a77e23aea6312fd5132afb6da3d3260ef7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:06bde71c0830f9d5876c2d68a3d74e71152b3f24883a76f70ec82a7ca85aea2f_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8363297c1a1294a204af48b97da703f97514aa92cbe584f17e7b81b49cf40015_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:ee50c8fad74b26357c169b97840d44f050b931ccb80f9cb930bbbed67bb681c0_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:212785428b395c0f3aa628e7c218c3d8a7bd256cc255ca7ea6bd234f70c06754_arm64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:2ed644ec1f74c998d0b4953e527307e39a15fdfbb4baeecc0715d418874f7f70_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:a0df5db3e9cced245da7ad51f8557df94d37d1701525b02feb9ee62cfd72a440_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f493485f1d73bd3144a26803bcd1fc7ba4d5b5487eb4dcb455f9c97c8e54ba97_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:41381d57cb559e69b1954c25993ac4ce00d2d2732a13bb80a2aa908f9b6c05e5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:5cffbe9de3dbc2af5539fbea83463c38bb1ac39d84e0b60ce0cd82fd339d376f_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:b1b12b545f5567b3f7d891916be9dbfe415c34c6d4e3332f3d7946e1db7f8052_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:df94fe7da914ba3b66b1390c196c9af1fd7e3bc25b66b4546def1f76bab0847e_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:5d7a394e499391e98b93e9f87c6757d4cbc814ecb223b6a081448330676a7d28_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:6e4f82351d5e6015a4ab90b5143c2ab6b01ba3b4d5ad8bc47fde76d0f507a3a2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:a255acbe7b48a3f366195cfede643d3789d47eb2b9ad877f7388e46427dcf056_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b192218ada6421208ea7deddc7edb10317af79772942a3f443c1578576986df5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:49910e92876864d013a4da28de10a9ea2df1080fc65c838317804f94cf589edf_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:9dd2c8a6c4b1d45cf24669f322c33ab9e80ed4b7245004f7b938e89cb1c3a775_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c29144a75a9b498719ba0abc4870718ee5e5e2efa488e887f963876e35c81036_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:d84893b05420f046f74bd9372f4f3497c62b858bf348092741dea5d581bd4110_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3bb9d82a03c20aaa9bacb4351637771c9b0bb40687b13b67bab9facd9fc8f2b1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:833c0d9fa006db72126475a0d5255ced1d1e53aeb28e880e1ccc2694a22fac5f_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f2f7144831d63df014fe8092daddefc0b2e18155495e02ebc6c1118820e00af0_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f9b28bb240d0babd614dc8178b1267a6b61ab6fd9601af1a54d8077d05166f88_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:0a72b04272f48c8719c62c2bab8d15f2db701c9e2eb5bf0f2ef73efd83ea2af2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9b422db8e9ff68046ce8040f18a369dd2f2cf5d12b458b9d151f14149892ead1_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c1bfb4985d4fd88f8335e5efb90f8ae5e57607337c926ac53cabc1cd51224eee_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c693ac963582054ed65bf79593a621269532df05250698b3b2906228524c2766_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:1302bf62e8ff1f0e16f048144db723668640c42284f054fe68f181b694a87ba1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:424d7f84c30efa40b8379bc64d83dc08dd7b2e1d68e6fb5d4a380a39b110be84_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:a94be7f7a94e6981f268808440c99e0487c2da9ffa883e880aed07bf059d80c2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:d9fd6af41cc7909cdab2180ba9bde0896f457fbc6cf247a450b6dac78539cc55_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:12be4945a9160354ff7d794168bfa106e6d2410daee1098a29e6cd191022a44d_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37026371bcf4835d49a1167963bbba762de7cb60ffd037f4601b6bce7976984d_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:74ddab8bc38b4b7dd59076da34058781132a501b1b89156ce543f39cfff05985_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:9dd33d710aa03025bd8db8bf1434d52d56077f71fc730cfbada0bbddf05d4336_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:078adc26665a857c8c007a9d5db1678c4cdc53a915fd7987a495f2349ab7345a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:4fc6ffbeb886713cf13727639602564f4a190bee44740f22c750d27eccf6ec01_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:55dd5d3d0dee4fe619e08e017b0e3d7745a6fef6bc044394eb03c46d9e12e4f2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:8c870f49e4ce8f91118899ac843987f6ee95c08ec85d15bb7acc53a73903eb9a_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0031860e17e27de522a6060a3ff990a77e23aea6312fd5132afb6da3d3260ef7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:06bde71c0830f9d5876c2d68a3d74e71152b3f24883a76f70ec82a7ca85aea2f_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8363297c1a1294a204af48b97da703f97514aa92cbe584f17e7b81b49cf40015_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:ee50c8fad74b26357c169b97840d44f050b931ccb80f9cb930bbbed67bb681c0_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:212785428b395c0f3aa628e7c218c3d8a7bd256cc255ca7ea6bd234f70c06754_arm64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:2ed644ec1f74c998d0b4953e527307e39a15fdfbb4baeecc0715d418874f7f70_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:a0df5db3e9cced245da7ad51f8557df94d37d1701525b02feb9ee62cfd72a440_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f493485f1d73bd3144a26803bcd1fc7ba4d5b5487eb4dcb455f9c97c8e54ba97_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "micromatch: vulnerable to Regular Expression Denial of Service"
},
{
"cve": "CVE-2024-4068",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2024-05-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2280600"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the NPM package `braces.` It fails to limit the number of characters it can handle, which could lead to memory exhaustion. In `lib/parse.js,` if a malicious user sends \"imbalanced braces\" as input, the parsing will enter a loop, causing the program to start allocating heap memory without freeing it at any moment of the loop. Eventually, the JavaScript heap limit is reached, and the program will crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "braces: fails to limit the number of characters it can handle",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:41381d57cb559e69b1954c25993ac4ce00d2d2732a13bb80a2aa908f9b6c05e5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:5cffbe9de3dbc2af5539fbea83463c38bb1ac39d84e0b60ce0cd82fd339d376f_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:b1b12b545f5567b3f7d891916be9dbfe415c34c6d4e3332f3d7946e1db7f8052_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:df94fe7da914ba3b66b1390c196c9af1fd7e3bc25b66b4546def1f76bab0847e_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:5d7a394e499391e98b93e9f87c6757d4cbc814ecb223b6a081448330676a7d28_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:6e4f82351d5e6015a4ab90b5143c2ab6b01ba3b4d5ad8bc47fde76d0f507a3a2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:a255acbe7b48a3f366195cfede643d3789d47eb2b9ad877f7388e46427dcf056_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b192218ada6421208ea7deddc7edb10317af79772942a3f443c1578576986df5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:49910e92876864d013a4da28de10a9ea2df1080fc65c838317804f94cf589edf_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:9dd2c8a6c4b1d45cf24669f322c33ab9e80ed4b7245004f7b938e89cb1c3a775_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c29144a75a9b498719ba0abc4870718ee5e5e2efa488e887f963876e35c81036_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:d84893b05420f046f74bd9372f4f3497c62b858bf348092741dea5d581bd4110_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3bb9d82a03c20aaa9bacb4351637771c9b0bb40687b13b67bab9facd9fc8f2b1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:833c0d9fa006db72126475a0d5255ced1d1e53aeb28e880e1ccc2694a22fac5f_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f2f7144831d63df014fe8092daddefc0b2e18155495e02ebc6c1118820e00af0_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f9b28bb240d0babd614dc8178b1267a6b61ab6fd9601af1a54d8077d05166f88_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:0a72b04272f48c8719c62c2bab8d15f2db701c9e2eb5bf0f2ef73efd83ea2af2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9b422db8e9ff68046ce8040f18a369dd2f2cf5d12b458b9d151f14149892ead1_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c1bfb4985d4fd88f8335e5efb90f8ae5e57607337c926ac53cabc1cd51224eee_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c693ac963582054ed65bf79593a621269532df05250698b3b2906228524c2766_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:1302bf62e8ff1f0e16f048144db723668640c42284f054fe68f181b694a87ba1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:424d7f84c30efa40b8379bc64d83dc08dd7b2e1d68e6fb5d4a380a39b110be84_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:a94be7f7a94e6981f268808440c99e0487c2da9ffa883e880aed07bf059d80c2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:d9fd6af41cc7909cdab2180ba9bde0896f457fbc6cf247a450b6dac78539cc55_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:12be4945a9160354ff7d794168bfa106e6d2410daee1098a29e6cd191022a44d_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37026371bcf4835d49a1167963bbba762de7cb60ffd037f4601b6bce7976984d_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:74ddab8bc38b4b7dd59076da34058781132a501b1b89156ce543f39cfff05985_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:9dd33d710aa03025bd8db8bf1434d52d56077f71fc730cfbada0bbddf05d4336_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:078adc26665a857c8c007a9d5db1678c4cdc53a915fd7987a495f2349ab7345a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:4fc6ffbeb886713cf13727639602564f4a190bee44740f22c750d27eccf6ec01_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:55dd5d3d0dee4fe619e08e017b0e3d7745a6fef6bc044394eb03c46d9e12e4f2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:8c870f49e4ce8f91118899ac843987f6ee95c08ec85d15bb7acc53a73903eb9a_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0031860e17e27de522a6060a3ff990a77e23aea6312fd5132afb6da3d3260ef7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:06bde71c0830f9d5876c2d68a3d74e71152b3f24883a76f70ec82a7ca85aea2f_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8363297c1a1294a204af48b97da703f97514aa92cbe584f17e7b81b49cf40015_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:ee50c8fad74b26357c169b97840d44f050b931ccb80f9cb930bbbed67bb681c0_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:212785428b395c0f3aa628e7c218c3d8a7bd256cc255ca7ea6bd234f70c06754_arm64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:2ed644ec1f74c998d0b4953e527307e39a15fdfbb4baeecc0715d418874f7f70_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:a0df5db3e9cced245da7ad51f8557df94d37d1701525b02feb9ee62cfd72a440_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f493485f1d73bd3144a26803bcd1fc7ba4d5b5487eb4dcb455f9c97c8e54ba97_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-4068"
},
{
"category": "external",
"summary": "RHBZ#2280600",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2280600"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-4068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4068"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-4068",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-4068"
},
{
"category": "external",
"summary": "https://devhub.checkmarx.com/cve-details/CVE-2024-4068/",
"url": "https://devhub.checkmarx.com/cve-details/CVE-2024-4068/"
},
{
"category": "external",
"summary": "https://github.com/micromatch/braces/blob/98414f9f1fabe021736e26836d8306d5de747e0d/lib/parse.js#L308",
"url": "https://github.com/micromatch/braces/blob/98414f9f1fabe021736e26836d8306d5de747e0d/lib/parse.js#L308"
},
{
"category": "external",
"summary": "https://github.com/micromatch/braces/issues/35",
"url": "https://github.com/micromatch/braces/issues/35"
}
],
"release_date": "2024-03-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-03T10:05:20+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:41381d57cb559e69b1954c25993ac4ce00d2d2732a13bb80a2aa908f9b6c05e5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:5cffbe9de3dbc2af5539fbea83463c38bb1ac39d84e0b60ce0cd82fd339d376f_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:b1b12b545f5567b3f7d891916be9dbfe415c34c6d4e3332f3d7946e1db7f8052_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:df94fe7da914ba3b66b1390c196c9af1fd7e3bc25b66b4546def1f76bab0847e_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:5d7a394e499391e98b93e9f87c6757d4cbc814ecb223b6a081448330676a7d28_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:6e4f82351d5e6015a4ab90b5143c2ab6b01ba3b4d5ad8bc47fde76d0f507a3a2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:a255acbe7b48a3f366195cfede643d3789d47eb2b9ad877f7388e46427dcf056_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b192218ada6421208ea7deddc7edb10317af79772942a3f443c1578576986df5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:49910e92876864d013a4da28de10a9ea2df1080fc65c838317804f94cf589edf_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:9dd2c8a6c4b1d45cf24669f322c33ab9e80ed4b7245004f7b938e89cb1c3a775_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c29144a75a9b498719ba0abc4870718ee5e5e2efa488e887f963876e35c81036_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:d84893b05420f046f74bd9372f4f3497c62b858bf348092741dea5d581bd4110_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3bb9d82a03c20aaa9bacb4351637771c9b0bb40687b13b67bab9facd9fc8f2b1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:833c0d9fa006db72126475a0d5255ced1d1e53aeb28e880e1ccc2694a22fac5f_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f2f7144831d63df014fe8092daddefc0b2e18155495e02ebc6c1118820e00af0_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f9b28bb240d0babd614dc8178b1267a6b61ab6fd9601af1a54d8077d05166f88_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:0a72b04272f48c8719c62c2bab8d15f2db701c9e2eb5bf0f2ef73efd83ea2af2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9b422db8e9ff68046ce8040f18a369dd2f2cf5d12b458b9d151f14149892ead1_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c1bfb4985d4fd88f8335e5efb90f8ae5e57607337c926ac53cabc1cd51224eee_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c693ac963582054ed65bf79593a621269532df05250698b3b2906228524c2766_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:1302bf62e8ff1f0e16f048144db723668640c42284f054fe68f181b694a87ba1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:424d7f84c30efa40b8379bc64d83dc08dd7b2e1d68e6fb5d4a380a39b110be84_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:a94be7f7a94e6981f268808440c99e0487c2da9ffa883e880aed07bf059d80c2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:d9fd6af41cc7909cdab2180ba9bde0896f457fbc6cf247a450b6dac78539cc55_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:12be4945a9160354ff7d794168bfa106e6d2410daee1098a29e6cd191022a44d_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37026371bcf4835d49a1167963bbba762de7cb60ffd037f4601b6bce7976984d_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:74ddab8bc38b4b7dd59076da34058781132a501b1b89156ce543f39cfff05985_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:9dd33d710aa03025bd8db8bf1434d52d56077f71fc730cfbada0bbddf05d4336_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:078adc26665a857c8c007a9d5db1678c4cdc53a915fd7987a495f2349ab7345a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:4fc6ffbeb886713cf13727639602564f4a190bee44740f22c750d27eccf6ec01_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:55dd5d3d0dee4fe619e08e017b0e3d7745a6fef6bc044394eb03c46d9e12e4f2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:8c870f49e4ce8f91118899ac843987f6ee95c08ec85d15bb7acc53a73903eb9a_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0031860e17e27de522a6060a3ff990a77e23aea6312fd5132afb6da3d3260ef7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:06bde71c0830f9d5876c2d68a3d74e71152b3f24883a76f70ec82a7ca85aea2f_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8363297c1a1294a204af48b97da703f97514aa92cbe584f17e7b81b49cf40015_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:ee50c8fad74b26357c169b97840d44f050b931ccb80f9cb930bbbed67bb681c0_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:212785428b395c0f3aa628e7c218c3d8a7bd256cc255ca7ea6bd234f70c06754_arm64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:2ed644ec1f74c998d0b4953e527307e39a15fdfbb4baeecc0715d418874f7f70_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:a0df5db3e9cced245da7ad51f8557df94d37d1701525b02feb9ee62cfd72a440_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f493485f1d73bd3144a26803bcd1fc7ba4d5b5487eb4dcb455f9c97c8e54ba97_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6211"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:41381d57cb559e69b1954c25993ac4ce00d2d2732a13bb80a2aa908f9b6c05e5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:5cffbe9de3dbc2af5539fbea83463c38bb1ac39d84e0b60ce0cd82fd339d376f_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:b1b12b545f5567b3f7d891916be9dbfe415c34c6d4e3332f3d7946e1db7f8052_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:df94fe7da914ba3b66b1390c196c9af1fd7e3bc25b66b4546def1f76bab0847e_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:5d7a394e499391e98b93e9f87c6757d4cbc814ecb223b6a081448330676a7d28_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:6e4f82351d5e6015a4ab90b5143c2ab6b01ba3b4d5ad8bc47fde76d0f507a3a2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:a255acbe7b48a3f366195cfede643d3789d47eb2b9ad877f7388e46427dcf056_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b192218ada6421208ea7deddc7edb10317af79772942a3f443c1578576986df5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:49910e92876864d013a4da28de10a9ea2df1080fc65c838317804f94cf589edf_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:9dd2c8a6c4b1d45cf24669f322c33ab9e80ed4b7245004f7b938e89cb1c3a775_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c29144a75a9b498719ba0abc4870718ee5e5e2efa488e887f963876e35c81036_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:d84893b05420f046f74bd9372f4f3497c62b858bf348092741dea5d581bd4110_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3bb9d82a03c20aaa9bacb4351637771c9b0bb40687b13b67bab9facd9fc8f2b1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:833c0d9fa006db72126475a0d5255ced1d1e53aeb28e880e1ccc2694a22fac5f_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f2f7144831d63df014fe8092daddefc0b2e18155495e02ebc6c1118820e00af0_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f9b28bb240d0babd614dc8178b1267a6b61ab6fd9601af1a54d8077d05166f88_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:0a72b04272f48c8719c62c2bab8d15f2db701c9e2eb5bf0f2ef73efd83ea2af2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9b422db8e9ff68046ce8040f18a369dd2f2cf5d12b458b9d151f14149892ead1_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c1bfb4985d4fd88f8335e5efb90f8ae5e57607337c926ac53cabc1cd51224eee_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c693ac963582054ed65bf79593a621269532df05250698b3b2906228524c2766_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:1302bf62e8ff1f0e16f048144db723668640c42284f054fe68f181b694a87ba1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:424d7f84c30efa40b8379bc64d83dc08dd7b2e1d68e6fb5d4a380a39b110be84_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:a94be7f7a94e6981f268808440c99e0487c2da9ffa883e880aed07bf059d80c2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:d9fd6af41cc7909cdab2180ba9bde0896f457fbc6cf247a450b6dac78539cc55_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:12be4945a9160354ff7d794168bfa106e6d2410daee1098a29e6cd191022a44d_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37026371bcf4835d49a1167963bbba762de7cb60ffd037f4601b6bce7976984d_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:74ddab8bc38b4b7dd59076da34058781132a501b1b89156ce543f39cfff05985_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:9dd33d710aa03025bd8db8bf1434d52d56077f71fc730cfbada0bbddf05d4336_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:078adc26665a857c8c007a9d5db1678c4cdc53a915fd7987a495f2349ab7345a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:4fc6ffbeb886713cf13727639602564f4a190bee44740f22c750d27eccf6ec01_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:55dd5d3d0dee4fe619e08e017b0e3d7745a6fef6bc044394eb03c46d9e12e4f2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:8c870f49e4ce8f91118899ac843987f6ee95c08ec85d15bb7acc53a73903eb9a_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0031860e17e27de522a6060a3ff990a77e23aea6312fd5132afb6da3d3260ef7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:06bde71c0830f9d5876c2d68a3d74e71152b3f24883a76f70ec82a7ca85aea2f_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8363297c1a1294a204af48b97da703f97514aa92cbe584f17e7b81b49cf40015_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:ee50c8fad74b26357c169b97840d44f050b931ccb80f9cb930bbbed67bb681c0_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:212785428b395c0f3aa628e7c218c3d8a7bd256cc255ca7ea6bd234f70c06754_arm64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:2ed644ec1f74c998d0b4953e527307e39a15fdfbb4baeecc0715d418874f7f70_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:a0df5db3e9cced245da7ad51f8557df94d37d1701525b02feb9ee62cfd72a440_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f493485f1d73bd3144a26803bcd1fc7ba4d5b5487eb4dcb455f9c97c8e54ba97_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:41381d57cb559e69b1954c25993ac4ce00d2d2732a13bb80a2aa908f9b6c05e5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:5cffbe9de3dbc2af5539fbea83463c38bb1ac39d84e0b60ce0cd82fd339d376f_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:b1b12b545f5567b3f7d891916be9dbfe415c34c6d4e3332f3d7946e1db7f8052_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:df94fe7da914ba3b66b1390c196c9af1fd7e3bc25b66b4546def1f76bab0847e_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:5d7a394e499391e98b93e9f87c6757d4cbc814ecb223b6a081448330676a7d28_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:6e4f82351d5e6015a4ab90b5143c2ab6b01ba3b4d5ad8bc47fde76d0f507a3a2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:a255acbe7b48a3f366195cfede643d3789d47eb2b9ad877f7388e46427dcf056_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b192218ada6421208ea7deddc7edb10317af79772942a3f443c1578576986df5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:49910e92876864d013a4da28de10a9ea2df1080fc65c838317804f94cf589edf_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:9dd2c8a6c4b1d45cf24669f322c33ab9e80ed4b7245004f7b938e89cb1c3a775_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c29144a75a9b498719ba0abc4870718ee5e5e2efa488e887f963876e35c81036_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:d84893b05420f046f74bd9372f4f3497c62b858bf348092741dea5d581bd4110_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3bb9d82a03c20aaa9bacb4351637771c9b0bb40687b13b67bab9facd9fc8f2b1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:833c0d9fa006db72126475a0d5255ced1d1e53aeb28e880e1ccc2694a22fac5f_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f2f7144831d63df014fe8092daddefc0b2e18155495e02ebc6c1118820e00af0_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f9b28bb240d0babd614dc8178b1267a6b61ab6fd9601af1a54d8077d05166f88_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:0a72b04272f48c8719c62c2bab8d15f2db701c9e2eb5bf0f2ef73efd83ea2af2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9b422db8e9ff68046ce8040f18a369dd2f2cf5d12b458b9d151f14149892ead1_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c1bfb4985d4fd88f8335e5efb90f8ae5e57607337c926ac53cabc1cd51224eee_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c693ac963582054ed65bf79593a621269532df05250698b3b2906228524c2766_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:1302bf62e8ff1f0e16f048144db723668640c42284f054fe68f181b694a87ba1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:424d7f84c30efa40b8379bc64d83dc08dd7b2e1d68e6fb5d4a380a39b110be84_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:a94be7f7a94e6981f268808440c99e0487c2da9ffa883e880aed07bf059d80c2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:d9fd6af41cc7909cdab2180ba9bde0896f457fbc6cf247a450b6dac78539cc55_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:12be4945a9160354ff7d794168bfa106e6d2410daee1098a29e6cd191022a44d_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37026371bcf4835d49a1167963bbba762de7cb60ffd037f4601b6bce7976984d_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:74ddab8bc38b4b7dd59076da34058781132a501b1b89156ce543f39cfff05985_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:9dd33d710aa03025bd8db8bf1434d52d56077f71fc730cfbada0bbddf05d4336_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:078adc26665a857c8c007a9d5db1678c4cdc53a915fd7987a495f2349ab7345a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:4fc6ffbeb886713cf13727639602564f4a190bee44740f22c750d27eccf6ec01_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:55dd5d3d0dee4fe619e08e017b0e3d7745a6fef6bc044394eb03c46d9e12e4f2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:8c870f49e4ce8f91118899ac843987f6ee95c08ec85d15bb7acc53a73903eb9a_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0031860e17e27de522a6060a3ff990a77e23aea6312fd5132afb6da3d3260ef7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:06bde71c0830f9d5876c2d68a3d74e71152b3f24883a76f70ec82a7ca85aea2f_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8363297c1a1294a204af48b97da703f97514aa92cbe584f17e7b81b49cf40015_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:ee50c8fad74b26357c169b97840d44f050b931ccb80f9cb930bbbed67bb681c0_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:212785428b395c0f3aa628e7c218c3d8a7bd256cc255ca7ea6bd234f70c06754_arm64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:2ed644ec1f74c998d0b4953e527307e39a15fdfbb4baeecc0715d418874f7f70_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:a0df5db3e9cced245da7ad51f8557df94d37d1701525b02feb9ee62cfd72a440_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f493485f1d73bd3144a26803bcd1fc7ba4d5b5487eb4dcb455f9c97c8e54ba97_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "braces: fails to limit the number of characters it can handle"
},
{
"cve": "CVE-2024-29041",
"cwe": {
"id": "CWE-601",
"name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
},
"discovery_date": "2024-06-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2290901"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Express.js minimalist web framework for node. Upstream versions of Express.js before 4.19.0 and all pre-release alpha and beta versions of 5.0 are affected by an open redirect vulnerability using malformed URLs. When a user of Express performs a redirect using a user-provided URL, Express performs an encode [using `encodeurl`](https://github.com/pillarjs/encodeurl) on the contents before passing it to the `location` header. This issue can cause malformed URLs to be evaluated in unexpected ways by common redirect allow list implementations in Express applications, leading to an Open Redirect via bypass of a properly implemented allow list. The main method impacted is `res.location()`, but this is also called from within `res.redirect()`. The vulnerability is fixed in upstream version 4.19.2 and 5.0.0-beta.3.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "express: cause malformed URLs to be evaluated",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Fuse 7 only uses express as part of build time development dependency, it is not part of the final product delivery.\n\nUpstream versions should not be relied upon for ultimate determination of affectedness. Red Hat might backport fixes from upstream versions on a case by case basis.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:41381d57cb559e69b1954c25993ac4ce00d2d2732a13bb80a2aa908f9b6c05e5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:5cffbe9de3dbc2af5539fbea83463c38bb1ac39d84e0b60ce0cd82fd339d376f_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:b1b12b545f5567b3f7d891916be9dbfe415c34c6d4e3332f3d7946e1db7f8052_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:df94fe7da914ba3b66b1390c196c9af1fd7e3bc25b66b4546def1f76bab0847e_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:5d7a394e499391e98b93e9f87c6757d4cbc814ecb223b6a081448330676a7d28_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:6e4f82351d5e6015a4ab90b5143c2ab6b01ba3b4d5ad8bc47fde76d0f507a3a2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:a255acbe7b48a3f366195cfede643d3789d47eb2b9ad877f7388e46427dcf056_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b192218ada6421208ea7deddc7edb10317af79772942a3f443c1578576986df5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:49910e92876864d013a4da28de10a9ea2df1080fc65c838317804f94cf589edf_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:9dd2c8a6c4b1d45cf24669f322c33ab9e80ed4b7245004f7b938e89cb1c3a775_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c29144a75a9b498719ba0abc4870718ee5e5e2efa488e887f963876e35c81036_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:d84893b05420f046f74bd9372f4f3497c62b858bf348092741dea5d581bd4110_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3bb9d82a03c20aaa9bacb4351637771c9b0bb40687b13b67bab9facd9fc8f2b1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:833c0d9fa006db72126475a0d5255ced1d1e53aeb28e880e1ccc2694a22fac5f_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f2f7144831d63df014fe8092daddefc0b2e18155495e02ebc6c1118820e00af0_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f9b28bb240d0babd614dc8178b1267a6b61ab6fd9601af1a54d8077d05166f88_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:0a72b04272f48c8719c62c2bab8d15f2db701c9e2eb5bf0f2ef73efd83ea2af2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9b422db8e9ff68046ce8040f18a369dd2f2cf5d12b458b9d151f14149892ead1_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c1bfb4985d4fd88f8335e5efb90f8ae5e57607337c926ac53cabc1cd51224eee_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c693ac963582054ed65bf79593a621269532df05250698b3b2906228524c2766_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:1302bf62e8ff1f0e16f048144db723668640c42284f054fe68f181b694a87ba1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:424d7f84c30efa40b8379bc64d83dc08dd7b2e1d68e6fb5d4a380a39b110be84_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:a94be7f7a94e6981f268808440c99e0487c2da9ffa883e880aed07bf059d80c2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:d9fd6af41cc7909cdab2180ba9bde0896f457fbc6cf247a450b6dac78539cc55_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:12be4945a9160354ff7d794168bfa106e6d2410daee1098a29e6cd191022a44d_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37026371bcf4835d49a1167963bbba762de7cb60ffd037f4601b6bce7976984d_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:74ddab8bc38b4b7dd59076da34058781132a501b1b89156ce543f39cfff05985_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:9dd33d710aa03025bd8db8bf1434d52d56077f71fc730cfbada0bbddf05d4336_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:078adc26665a857c8c007a9d5db1678c4cdc53a915fd7987a495f2349ab7345a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:4fc6ffbeb886713cf13727639602564f4a190bee44740f22c750d27eccf6ec01_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:55dd5d3d0dee4fe619e08e017b0e3d7745a6fef6bc044394eb03c46d9e12e4f2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:8c870f49e4ce8f91118899ac843987f6ee95c08ec85d15bb7acc53a73903eb9a_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0031860e17e27de522a6060a3ff990a77e23aea6312fd5132afb6da3d3260ef7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:06bde71c0830f9d5876c2d68a3d74e71152b3f24883a76f70ec82a7ca85aea2f_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8363297c1a1294a204af48b97da703f97514aa92cbe584f17e7b81b49cf40015_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:ee50c8fad74b26357c169b97840d44f050b931ccb80f9cb930bbbed67bb681c0_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:212785428b395c0f3aa628e7c218c3d8a7bd256cc255ca7ea6bd234f70c06754_arm64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:2ed644ec1f74c998d0b4953e527307e39a15fdfbb4baeecc0715d418874f7f70_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:a0df5db3e9cced245da7ad51f8557df94d37d1701525b02feb9ee62cfd72a440_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f493485f1d73bd3144a26803bcd1fc7ba4d5b5487eb4dcb455f9c97c8e54ba97_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-29041"
},
{
"category": "external",
"summary": "RHBZ#2290901",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2290901"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-29041",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29041"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-29041",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29041"
},
{
"category": "external",
"summary": "https://expressjs.com/en/4x/api.html#res.location",
"url": "https://expressjs.com/en/4x/api.html#res.location"
},
{
"category": "external",
"summary": "https://github.com/expressjs/express/commit/0867302ddbde0e9463d0564fea5861feb708c2dd",
"url": "https://github.com/expressjs/express/commit/0867302ddbde0e9463d0564fea5861feb708c2dd"
},
{
"category": "external",
"summary": "https://github.com/expressjs/express/commit/0b746953c4bd8e377123527db11f9cd866e39f94",
"url": "https://github.com/expressjs/express/commit/0b746953c4bd8e377123527db11f9cd866e39f94"
},
{
"category": "external",
"summary": "https://github.com/expressjs/express/pull/5539",
"url": "https://github.com/expressjs/express/pull/5539"
},
{
"category": "external",
"summary": "https://github.com/expressjs/express/security/advisories/GHSA-rv95-896h-c2vc",
"url": "https://github.com/expressjs/express/security/advisories/GHSA-rv95-896h-c2vc"
},
{
"category": "external",
"summary": "https://github.com/koajs/koa/issues/1800",
"url": "https://github.com/koajs/koa/issues/1800"
}
],
"release_date": "2024-03-25T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-03T10:05:20+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:41381d57cb559e69b1954c25993ac4ce00d2d2732a13bb80a2aa908f9b6c05e5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:5cffbe9de3dbc2af5539fbea83463c38bb1ac39d84e0b60ce0cd82fd339d376f_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:b1b12b545f5567b3f7d891916be9dbfe415c34c6d4e3332f3d7946e1db7f8052_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:df94fe7da914ba3b66b1390c196c9af1fd7e3bc25b66b4546def1f76bab0847e_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:5d7a394e499391e98b93e9f87c6757d4cbc814ecb223b6a081448330676a7d28_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:6e4f82351d5e6015a4ab90b5143c2ab6b01ba3b4d5ad8bc47fde76d0f507a3a2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:a255acbe7b48a3f366195cfede643d3789d47eb2b9ad877f7388e46427dcf056_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b192218ada6421208ea7deddc7edb10317af79772942a3f443c1578576986df5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:49910e92876864d013a4da28de10a9ea2df1080fc65c838317804f94cf589edf_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:9dd2c8a6c4b1d45cf24669f322c33ab9e80ed4b7245004f7b938e89cb1c3a775_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c29144a75a9b498719ba0abc4870718ee5e5e2efa488e887f963876e35c81036_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:d84893b05420f046f74bd9372f4f3497c62b858bf348092741dea5d581bd4110_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3bb9d82a03c20aaa9bacb4351637771c9b0bb40687b13b67bab9facd9fc8f2b1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:833c0d9fa006db72126475a0d5255ced1d1e53aeb28e880e1ccc2694a22fac5f_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f2f7144831d63df014fe8092daddefc0b2e18155495e02ebc6c1118820e00af0_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f9b28bb240d0babd614dc8178b1267a6b61ab6fd9601af1a54d8077d05166f88_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:0a72b04272f48c8719c62c2bab8d15f2db701c9e2eb5bf0f2ef73efd83ea2af2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9b422db8e9ff68046ce8040f18a369dd2f2cf5d12b458b9d151f14149892ead1_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c1bfb4985d4fd88f8335e5efb90f8ae5e57607337c926ac53cabc1cd51224eee_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c693ac963582054ed65bf79593a621269532df05250698b3b2906228524c2766_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:1302bf62e8ff1f0e16f048144db723668640c42284f054fe68f181b694a87ba1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:424d7f84c30efa40b8379bc64d83dc08dd7b2e1d68e6fb5d4a380a39b110be84_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:a94be7f7a94e6981f268808440c99e0487c2da9ffa883e880aed07bf059d80c2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:d9fd6af41cc7909cdab2180ba9bde0896f457fbc6cf247a450b6dac78539cc55_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:12be4945a9160354ff7d794168bfa106e6d2410daee1098a29e6cd191022a44d_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37026371bcf4835d49a1167963bbba762de7cb60ffd037f4601b6bce7976984d_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:74ddab8bc38b4b7dd59076da34058781132a501b1b89156ce543f39cfff05985_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:9dd33d710aa03025bd8db8bf1434d52d56077f71fc730cfbada0bbddf05d4336_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:078adc26665a857c8c007a9d5db1678c4cdc53a915fd7987a495f2349ab7345a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:4fc6ffbeb886713cf13727639602564f4a190bee44740f22c750d27eccf6ec01_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:55dd5d3d0dee4fe619e08e017b0e3d7745a6fef6bc044394eb03c46d9e12e4f2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:8c870f49e4ce8f91118899ac843987f6ee95c08ec85d15bb7acc53a73903eb9a_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0031860e17e27de522a6060a3ff990a77e23aea6312fd5132afb6da3d3260ef7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:06bde71c0830f9d5876c2d68a3d74e71152b3f24883a76f70ec82a7ca85aea2f_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8363297c1a1294a204af48b97da703f97514aa92cbe584f17e7b81b49cf40015_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:ee50c8fad74b26357c169b97840d44f050b931ccb80f9cb930bbbed67bb681c0_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:212785428b395c0f3aa628e7c218c3d8a7bd256cc255ca7ea6bd234f70c06754_arm64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:2ed644ec1f74c998d0b4953e527307e39a15fdfbb4baeecc0715d418874f7f70_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:a0df5db3e9cced245da7ad51f8557df94d37d1701525b02feb9ee62cfd72a440_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f493485f1d73bd3144a26803bcd1fc7ba4d5b5487eb4dcb455f9c97c8e54ba97_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6211"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:41381d57cb559e69b1954c25993ac4ce00d2d2732a13bb80a2aa908f9b6c05e5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:5cffbe9de3dbc2af5539fbea83463c38bb1ac39d84e0b60ce0cd82fd339d376f_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:b1b12b545f5567b3f7d891916be9dbfe415c34c6d4e3332f3d7946e1db7f8052_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:df94fe7da914ba3b66b1390c196c9af1fd7e3bc25b66b4546def1f76bab0847e_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:5d7a394e499391e98b93e9f87c6757d4cbc814ecb223b6a081448330676a7d28_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:6e4f82351d5e6015a4ab90b5143c2ab6b01ba3b4d5ad8bc47fde76d0f507a3a2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:a255acbe7b48a3f366195cfede643d3789d47eb2b9ad877f7388e46427dcf056_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b192218ada6421208ea7deddc7edb10317af79772942a3f443c1578576986df5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:49910e92876864d013a4da28de10a9ea2df1080fc65c838317804f94cf589edf_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:9dd2c8a6c4b1d45cf24669f322c33ab9e80ed4b7245004f7b938e89cb1c3a775_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c29144a75a9b498719ba0abc4870718ee5e5e2efa488e887f963876e35c81036_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:d84893b05420f046f74bd9372f4f3497c62b858bf348092741dea5d581bd4110_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3bb9d82a03c20aaa9bacb4351637771c9b0bb40687b13b67bab9facd9fc8f2b1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:833c0d9fa006db72126475a0d5255ced1d1e53aeb28e880e1ccc2694a22fac5f_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f2f7144831d63df014fe8092daddefc0b2e18155495e02ebc6c1118820e00af0_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f9b28bb240d0babd614dc8178b1267a6b61ab6fd9601af1a54d8077d05166f88_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:0a72b04272f48c8719c62c2bab8d15f2db701c9e2eb5bf0f2ef73efd83ea2af2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9b422db8e9ff68046ce8040f18a369dd2f2cf5d12b458b9d151f14149892ead1_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c1bfb4985d4fd88f8335e5efb90f8ae5e57607337c926ac53cabc1cd51224eee_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c693ac963582054ed65bf79593a621269532df05250698b3b2906228524c2766_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:1302bf62e8ff1f0e16f048144db723668640c42284f054fe68f181b694a87ba1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:424d7f84c30efa40b8379bc64d83dc08dd7b2e1d68e6fb5d4a380a39b110be84_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:a94be7f7a94e6981f268808440c99e0487c2da9ffa883e880aed07bf059d80c2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:d9fd6af41cc7909cdab2180ba9bde0896f457fbc6cf247a450b6dac78539cc55_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:12be4945a9160354ff7d794168bfa106e6d2410daee1098a29e6cd191022a44d_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37026371bcf4835d49a1167963bbba762de7cb60ffd037f4601b6bce7976984d_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:74ddab8bc38b4b7dd59076da34058781132a501b1b89156ce543f39cfff05985_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:9dd33d710aa03025bd8db8bf1434d52d56077f71fc730cfbada0bbddf05d4336_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:078adc26665a857c8c007a9d5db1678c4cdc53a915fd7987a495f2349ab7345a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:4fc6ffbeb886713cf13727639602564f4a190bee44740f22c750d27eccf6ec01_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:55dd5d3d0dee4fe619e08e017b0e3d7745a6fef6bc044394eb03c46d9e12e4f2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:8c870f49e4ce8f91118899ac843987f6ee95c08ec85d15bb7acc53a73903eb9a_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0031860e17e27de522a6060a3ff990a77e23aea6312fd5132afb6da3d3260ef7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:06bde71c0830f9d5876c2d68a3d74e71152b3f24883a76f70ec82a7ca85aea2f_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8363297c1a1294a204af48b97da703f97514aa92cbe584f17e7b81b49cf40015_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:ee50c8fad74b26357c169b97840d44f050b931ccb80f9cb930bbbed67bb681c0_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:212785428b395c0f3aa628e7c218c3d8a7bd256cc255ca7ea6bd234f70c06754_arm64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:2ed644ec1f74c998d0b4953e527307e39a15fdfbb4baeecc0715d418874f7f70_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:a0df5db3e9cced245da7ad51f8557df94d37d1701525b02feb9ee62cfd72a440_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f493485f1d73bd3144a26803bcd1fc7ba4d5b5487eb4dcb455f9c97c8e54ba97_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:41381d57cb559e69b1954c25993ac4ce00d2d2732a13bb80a2aa908f9b6c05e5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:5cffbe9de3dbc2af5539fbea83463c38bb1ac39d84e0b60ce0cd82fd339d376f_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:b1b12b545f5567b3f7d891916be9dbfe415c34c6d4e3332f3d7946e1db7f8052_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:df94fe7da914ba3b66b1390c196c9af1fd7e3bc25b66b4546def1f76bab0847e_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:5d7a394e499391e98b93e9f87c6757d4cbc814ecb223b6a081448330676a7d28_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:6e4f82351d5e6015a4ab90b5143c2ab6b01ba3b4d5ad8bc47fde76d0f507a3a2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:a255acbe7b48a3f366195cfede643d3789d47eb2b9ad877f7388e46427dcf056_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b192218ada6421208ea7deddc7edb10317af79772942a3f443c1578576986df5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:49910e92876864d013a4da28de10a9ea2df1080fc65c838317804f94cf589edf_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:9dd2c8a6c4b1d45cf24669f322c33ab9e80ed4b7245004f7b938e89cb1c3a775_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c29144a75a9b498719ba0abc4870718ee5e5e2efa488e887f963876e35c81036_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:d84893b05420f046f74bd9372f4f3497c62b858bf348092741dea5d581bd4110_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3bb9d82a03c20aaa9bacb4351637771c9b0bb40687b13b67bab9facd9fc8f2b1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:833c0d9fa006db72126475a0d5255ced1d1e53aeb28e880e1ccc2694a22fac5f_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f2f7144831d63df014fe8092daddefc0b2e18155495e02ebc6c1118820e00af0_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f9b28bb240d0babd614dc8178b1267a6b61ab6fd9601af1a54d8077d05166f88_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:0a72b04272f48c8719c62c2bab8d15f2db701c9e2eb5bf0f2ef73efd83ea2af2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9b422db8e9ff68046ce8040f18a369dd2f2cf5d12b458b9d151f14149892ead1_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c1bfb4985d4fd88f8335e5efb90f8ae5e57607337c926ac53cabc1cd51224eee_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c693ac963582054ed65bf79593a621269532df05250698b3b2906228524c2766_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:1302bf62e8ff1f0e16f048144db723668640c42284f054fe68f181b694a87ba1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:424d7f84c30efa40b8379bc64d83dc08dd7b2e1d68e6fb5d4a380a39b110be84_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:a94be7f7a94e6981f268808440c99e0487c2da9ffa883e880aed07bf059d80c2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:d9fd6af41cc7909cdab2180ba9bde0896f457fbc6cf247a450b6dac78539cc55_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:12be4945a9160354ff7d794168bfa106e6d2410daee1098a29e6cd191022a44d_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37026371bcf4835d49a1167963bbba762de7cb60ffd037f4601b6bce7976984d_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:74ddab8bc38b4b7dd59076da34058781132a501b1b89156ce543f39cfff05985_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:9dd33d710aa03025bd8db8bf1434d52d56077f71fc730cfbada0bbddf05d4336_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:078adc26665a857c8c007a9d5db1678c4cdc53a915fd7987a495f2349ab7345a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:4fc6ffbeb886713cf13727639602564f4a190bee44740f22c750d27eccf6ec01_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:55dd5d3d0dee4fe619e08e017b0e3d7745a6fef6bc044394eb03c46d9e12e4f2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:8c870f49e4ce8f91118899ac843987f6ee95c08ec85d15bb7acc53a73903eb9a_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0031860e17e27de522a6060a3ff990a77e23aea6312fd5132afb6da3d3260ef7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:06bde71c0830f9d5876c2d68a3d74e71152b3f24883a76f70ec82a7ca85aea2f_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8363297c1a1294a204af48b97da703f97514aa92cbe584f17e7b81b49cf40015_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:ee50c8fad74b26357c169b97840d44f050b931ccb80f9cb930bbbed67bb681c0_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:212785428b395c0f3aa628e7c218c3d8a7bd256cc255ca7ea6bd234f70c06754_arm64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:2ed644ec1f74c998d0b4953e527307e39a15fdfbb4baeecc0715d418874f7f70_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:a0df5db3e9cced245da7ad51f8557df94d37d1701525b02feb9ee62cfd72a440_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f493485f1d73bd3144a26803bcd1fc7ba4d5b5487eb4dcb455f9c97c8e54ba97_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "express: cause malformed URLs to be evaluated"
},
{
"cve": "CVE-2024-39338",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2024-08-13T17:21:32.774718+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2304369"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the Axios HTTP Client. It is vulnerable to a server-side request forgery attack (SSRF) caused by unexpected behavior where requests for path-relative URLs get processed as protocol-relative URLs. This flaw allows an attacker to perform arbitrary requests from the server, potentially accessing internal systems or exfiltrating sensitive data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: axios: Server-Side Request Forgery",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as IMPORTANT because it can be exploited remotely with low complexity and without user interaction, it poses a significant risk to confidentiality.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:41381d57cb559e69b1954c25993ac4ce00d2d2732a13bb80a2aa908f9b6c05e5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:5cffbe9de3dbc2af5539fbea83463c38bb1ac39d84e0b60ce0cd82fd339d376f_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:b1b12b545f5567b3f7d891916be9dbfe415c34c6d4e3332f3d7946e1db7f8052_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:df94fe7da914ba3b66b1390c196c9af1fd7e3bc25b66b4546def1f76bab0847e_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:5d7a394e499391e98b93e9f87c6757d4cbc814ecb223b6a081448330676a7d28_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:6e4f82351d5e6015a4ab90b5143c2ab6b01ba3b4d5ad8bc47fde76d0f507a3a2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:a255acbe7b48a3f366195cfede643d3789d47eb2b9ad877f7388e46427dcf056_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b192218ada6421208ea7deddc7edb10317af79772942a3f443c1578576986df5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:49910e92876864d013a4da28de10a9ea2df1080fc65c838317804f94cf589edf_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:9dd2c8a6c4b1d45cf24669f322c33ab9e80ed4b7245004f7b938e89cb1c3a775_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c29144a75a9b498719ba0abc4870718ee5e5e2efa488e887f963876e35c81036_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:d84893b05420f046f74bd9372f4f3497c62b858bf348092741dea5d581bd4110_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3bb9d82a03c20aaa9bacb4351637771c9b0bb40687b13b67bab9facd9fc8f2b1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:833c0d9fa006db72126475a0d5255ced1d1e53aeb28e880e1ccc2694a22fac5f_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f2f7144831d63df014fe8092daddefc0b2e18155495e02ebc6c1118820e00af0_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f9b28bb240d0babd614dc8178b1267a6b61ab6fd9601af1a54d8077d05166f88_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:0a72b04272f48c8719c62c2bab8d15f2db701c9e2eb5bf0f2ef73efd83ea2af2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9b422db8e9ff68046ce8040f18a369dd2f2cf5d12b458b9d151f14149892ead1_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c1bfb4985d4fd88f8335e5efb90f8ae5e57607337c926ac53cabc1cd51224eee_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c693ac963582054ed65bf79593a621269532df05250698b3b2906228524c2766_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:1302bf62e8ff1f0e16f048144db723668640c42284f054fe68f181b694a87ba1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:424d7f84c30efa40b8379bc64d83dc08dd7b2e1d68e6fb5d4a380a39b110be84_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:a94be7f7a94e6981f268808440c99e0487c2da9ffa883e880aed07bf059d80c2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:d9fd6af41cc7909cdab2180ba9bde0896f457fbc6cf247a450b6dac78539cc55_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:12be4945a9160354ff7d794168bfa106e6d2410daee1098a29e6cd191022a44d_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37026371bcf4835d49a1167963bbba762de7cb60ffd037f4601b6bce7976984d_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:74ddab8bc38b4b7dd59076da34058781132a501b1b89156ce543f39cfff05985_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:9dd33d710aa03025bd8db8bf1434d52d56077f71fc730cfbada0bbddf05d4336_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:078adc26665a857c8c007a9d5db1678c4cdc53a915fd7987a495f2349ab7345a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:4fc6ffbeb886713cf13727639602564f4a190bee44740f22c750d27eccf6ec01_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:55dd5d3d0dee4fe619e08e017b0e3d7745a6fef6bc044394eb03c46d9e12e4f2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:8c870f49e4ce8f91118899ac843987f6ee95c08ec85d15bb7acc53a73903eb9a_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0031860e17e27de522a6060a3ff990a77e23aea6312fd5132afb6da3d3260ef7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:06bde71c0830f9d5876c2d68a3d74e71152b3f24883a76f70ec82a7ca85aea2f_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8363297c1a1294a204af48b97da703f97514aa92cbe584f17e7b81b49cf40015_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:ee50c8fad74b26357c169b97840d44f050b931ccb80f9cb930bbbed67bb681c0_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:212785428b395c0f3aa628e7c218c3d8a7bd256cc255ca7ea6bd234f70c06754_arm64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:2ed644ec1f74c998d0b4953e527307e39a15fdfbb4baeecc0715d418874f7f70_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:a0df5db3e9cced245da7ad51f8557df94d37d1701525b02feb9ee62cfd72a440_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f493485f1d73bd3144a26803bcd1fc7ba4d5b5487eb4dcb455f9c97c8e54ba97_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-39338"
},
{
"category": "external",
"summary": "RHBZ#2304369",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304369"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-39338",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39338"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-39338",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39338"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/releases",
"url": "https://github.com/axios/axios/releases"
},
{
"category": "external",
"summary": "https://jeffhacks.com/advisories/2024/06/24/CVE-2024-39338.html",
"url": "https://jeffhacks.com/advisories/2024/06/24/CVE-2024-39338.html"
}
],
"release_date": "2024-08-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-03T10:05:20+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:41381d57cb559e69b1954c25993ac4ce00d2d2732a13bb80a2aa908f9b6c05e5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:5cffbe9de3dbc2af5539fbea83463c38bb1ac39d84e0b60ce0cd82fd339d376f_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:b1b12b545f5567b3f7d891916be9dbfe415c34c6d4e3332f3d7946e1db7f8052_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:df94fe7da914ba3b66b1390c196c9af1fd7e3bc25b66b4546def1f76bab0847e_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:5d7a394e499391e98b93e9f87c6757d4cbc814ecb223b6a081448330676a7d28_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:6e4f82351d5e6015a4ab90b5143c2ab6b01ba3b4d5ad8bc47fde76d0f507a3a2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:a255acbe7b48a3f366195cfede643d3789d47eb2b9ad877f7388e46427dcf056_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b192218ada6421208ea7deddc7edb10317af79772942a3f443c1578576986df5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:49910e92876864d013a4da28de10a9ea2df1080fc65c838317804f94cf589edf_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:9dd2c8a6c4b1d45cf24669f322c33ab9e80ed4b7245004f7b938e89cb1c3a775_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c29144a75a9b498719ba0abc4870718ee5e5e2efa488e887f963876e35c81036_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:d84893b05420f046f74bd9372f4f3497c62b858bf348092741dea5d581bd4110_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3bb9d82a03c20aaa9bacb4351637771c9b0bb40687b13b67bab9facd9fc8f2b1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:833c0d9fa006db72126475a0d5255ced1d1e53aeb28e880e1ccc2694a22fac5f_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f2f7144831d63df014fe8092daddefc0b2e18155495e02ebc6c1118820e00af0_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f9b28bb240d0babd614dc8178b1267a6b61ab6fd9601af1a54d8077d05166f88_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:0a72b04272f48c8719c62c2bab8d15f2db701c9e2eb5bf0f2ef73efd83ea2af2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9b422db8e9ff68046ce8040f18a369dd2f2cf5d12b458b9d151f14149892ead1_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c1bfb4985d4fd88f8335e5efb90f8ae5e57607337c926ac53cabc1cd51224eee_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c693ac963582054ed65bf79593a621269532df05250698b3b2906228524c2766_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:1302bf62e8ff1f0e16f048144db723668640c42284f054fe68f181b694a87ba1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:424d7f84c30efa40b8379bc64d83dc08dd7b2e1d68e6fb5d4a380a39b110be84_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:a94be7f7a94e6981f268808440c99e0487c2da9ffa883e880aed07bf059d80c2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:d9fd6af41cc7909cdab2180ba9bde0896f457fbc6cf247a450b6dac78539cc55_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:12be4945a9160354ff7d794168bfa106e6d2410daee1098a29e6cd191022a44d_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37026371bcf4835d49a1167963bbba762de7cb60ffd037f4601b6bce7976984d_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:74ddab8bc38b4b7dd59076da34058781132a501b1b89156ce543f39cfff05985_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:9dd33d710aa03025bd8db8bf1434d52d56077f71fc730cfbada0bbddf05d4336_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:078adc26665a857c8c007a9d5db1678c4cdc53a915fd7987a495f2349ab7345a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:4fc6ffbeb886713cf13727639602564f4a190bee44740f22c750d27eccf6ec01_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:55dd5d3d0dee4fe619e08e017b0e3d7745a6fef6bc044394eb03c46d9e12e4f2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:8c870f49e4ce8f91118899ac843987f6ee95c08ec85d15bb7acc53a73903eb9a_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0031860e17e27de522a6060a3ff990a77e23aea6312fd5132afb6da3d3260ef7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:06bde71c0830f9d5876c2d68a3d74e71152b3f24883a76f70ec82a7ca85aea2f_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8363297c1a1294a204af48b97da703f97514aa92cbe584f17e7b81b49cf40015_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:ee50c8fad74b26357c169b97840d44f050b931ccb80f9cb930bbbed67bb681c0_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:212785428b395c0f3aa628e7c218c3d8a7bd256cc255ca7ea6bd234f70c06754_arm64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:2ed644ec1f74c998d0b4953e527307e39a15fdfbb4baeecc0715d418874f7f70_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:a0df5db3e9cced245da7ad51f8557df94d37d1701525b02feb9ee62cfd72a440_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f493485f1d73bd3144a26803bcd1fc7ba4d5b5487eb4dcb455f9c97c8e54ba97_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6211"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:41381d57cb559e69b1954c25993ac4ce00d2d2732a13bb80a2aa908f9b6c05e5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:5cffbe9de3dbc2af5539fbea83463c38bb1ac39d84e0b60ce0cd82fd339d376f_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:b1b12b545f5567b3f7d891916be9dbfe415c34c6d4e3332f3d7946e1db7f8052_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:df94fe7da914ba3b66b1390c196c9af1fd7e3bc25b66b4546def1f76bab0847e_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:5d7a394e499391e98b93e9f87c6757d4cbc814ecb223b6a081448330676a7d28_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:6e4f82351d5e6015a4ab90b5143c2ab6b01ba3b4d5ad8bc47fde76d0f507a3a2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:a255acbe7b48a3f366195cfede643d3789d47eb2b9ad877f7388e46427dcf056_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b192218ada6421208ea7deddc7edb10317af79772942a3f443c1578576986df5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:49910e92876864d013a4da28de10a9ea2df1080fc65c838317804f94cf589edf_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:9dd2c8a6c4b1d45cf24669f322c33ab9e80ed4b7245004f7b938e89cb1c3a775_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c29144a75a9b498719ba0abc4870718ee5e5e2efa488e887f963876e35c81036_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:d84893b05420f046f74bd9372f4f3497c62b858bf348092741dea5d581bd4110_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3bb9d82a03c20aaa9bacb4351637771c9b0bb40687b13b67bab9facd9fc8f2b1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:833c0d9fa006db72126475a0d5255ced1d1e53aeb28e880e1ccc2694a22fac5f_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f2f7144831d63df014fe8092daddefc0b2e18155495e02ebc6c1118820e00af0_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f9b28bb240d0babd614dc8178b1267a6b61ab6fd9601af1a54d8077d05166f88_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:0a72b04272f48c8719c62c2bab8d15f2db701c9e2eb5bf0f2ef73efd83ea2af2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9b422db8e9ff68046ce8040f18a369dd2f2cf5d12b458b9d151f14149892ead1_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c1bfb4985d4fd88f8335e5efb90f8ae5e57607337c926ac53cabc1cd51224eee_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c693ac963582054ed65bf79593a621269532df05250698b3b2906228524c2766_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:1302bf62e8ff1f0e16f048144db723668640c42284f054fe68f181b694a87ba1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:424d7f84c30efa40b8379bc64d83dc08dd7b2e1d68e6fb5d4a380a39b110be84_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:a94be7f7a94e6981f268808440c99e0487c2da9ffa883e880aed07bf059d80c2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:d9fd6af41cc7909cdab2180ba9bde0896f457fbc6cf247a450b6dac78539cc55_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:12be4945a9160354ff7d794168bfa106e6d2410daee1098a29e6cd191022a44d_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37026371bcf4835d49a1167963bbba762de7cb60ffd037f4601b6bce7976984d_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:74ddab8bc38b4b7dd59076da34058781132a501b1b89156ce543f39cfff05985_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:9dd33d710aa03025bd8db8bf1434d52d56077f71fc730cfbada0bbddf05d4336_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:078adc26665a857c8c007a9d5db1678c4cdc53a915fd7987a495f2349ab7345a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:4fc6ffbeb886713cf13727639602564f4a190bee44740f22c750d27eccf6ec01_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:55dd5d3d0dee4fe619e08e017b0e3d7745a6fef6bc044394eb03c46d9e12e4f2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:8c870f49e4ce8f91118899ac843987f6ee95c08ec85d15bb7acc53a73903eb9a_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0031860e17e27de522a6060a3ff990a77e23aea6312fd5132afb6da3d3260ef7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:06bde71c0830f9d5876c2d68a3d74e71152b3f24883a76f70ec82a7ca85aea2f_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8363297c1a1294a204af48b97da703f97514aa92cbe584f17e7b81b49cf40015_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:ee50c8fad74b26357c169b97840d44f050b931ccb80f9cb930bbbed67bb681c0_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:212785428b395c0f3aa628e7c218c3d8a7bd256cc255ca7ea6bd234f70c06754_arm64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:2ed644ec1f74c998d0b4953e527307e39a15fdfbb4baeecc0715d418874f7f70_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:a0df5db3e9cced245da7ad51f8557df94d37d1701525b02feb9ee62cfd72a440_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f493485f1d73bd3144a26803bcd1fc7ba4d5b5487eb4dcb455f9c97c8e54ba97_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:41381d57cb559e69b1954c25993ac4ce00d2d2732a13bb80a2aa908f9b6c05e5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:5cffbe9de3dbc2af5539fbea83463c38bb1ac39d84e0b60ce0cd82fd339d376f_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:b1b12b545f5567b3f7d891916be9dbfe415c34c6d4e3332f3d7946e1db7f8052_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:df94fe7da914ba3b66b1390c196c9af1fd7e3bc25b66b4546def1f76bab0847e_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:5d7a394e499391e98b93e9f87c6757d4cbc814ecb223b6a081448330676a7d28_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:6e4f82351d5e6015a4ab90b5143c2ab6b01ba3b4d5ad8bc47fde76d0f507a3a2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:a255acbe7b48a3f366195cfede643d3789d47eb2b9ad877f7388e46427dcf056_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b192218ada6421208ea7deddc7edb10317af79772942a3f443c1578576986df5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:49910e92876864d013a4da28de10a9ea2df1080fc65c838317804f94cf589edf_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:9dd2c8a6c4b1d45cf24669f322c33ab9e80ed4b7245004f7b938e89cb1c3a775_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c29144a75a9b498719ba0abc4870718ee5e5e2efa488e887f963876e35c81036_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:d84893b05420f046f74bd9372f4f3497c62b858bf348092741dea5d581bd4110_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3bb9d82a03c20aaa9bacb4351637771c9b0bb40687b13b67bab9facd9fc8f2b1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:833c0d9fa006db72126475a0d5255ced1d1e53aeb28e880e1ccc2694a22fac5f_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f2f7144831d63df014fe8092daddefc0b2e18155495e02ebc6c1118820e00af0_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f9b28bb240d0babd614dc8178b1267a6b61ab6fd9601af1a54d8077d05166f88_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:0a72b04272f48c8719c62c2bab8d15f2db701c9e2eb5bf0f2ef73efd83ea2af2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9b422db8e9ff68046ce8040f18a369dd2f2cf5d12b458b9d151f14149892ead1_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c1bfb4985d4fd88f8335e5efb90f8ae5e57607337c926ac53cabc1cd51224eee_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c693ac963582054ed65bf79593a621269532df05250698b3b2906228524c2766_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:1302bf62e8ff1f0e16f048144db723668640c42284f054fe68f181b694a87ba1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:424d7f84c30efa40b8379bc64d83dc08dd7b2e1d68e6fb5d4a380a39b110be84_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:a94be7f7a94e6981f268808440c99e0487c2da9ffa883e880aed07bf059d80c2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:d9fd6af41cc7909cdab2180ba9bde0896f457fbc6cf247a450b6dac78539cc55_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:12be4945a9160354ff7d794168bfa106e6d2410daee1098a29e6cd191022a44d_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37026371bcf4835d49a1167963bbba762de7cb60ffd037f4601b6bce7976984d_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:74ddab8bc38b4b7dd59076da34058781132a501b1b89156ce543f39cfff05985_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:9dd33d710aa03025bd8db8bf1434d52d56077f71fc730cfbada0bbddf05d4336_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:078adc26665a857c8c007a9d5db1678c4cdc53a915fd7987a495f2349ab7345a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:4fc6ffbeb886713cf13727639602564f4a190bee44740f22c750d27eccf6ec01_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:55dd5d3d0dee4fe619e08e017b0e3d7745a6fef6bc044394eb03c46d9e12e4f2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:8c870f49e4ce8f91118899ac843987f6ee95c08ec85d15bb7acc53a73903eb9a_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0031860e17e27de522a6060a3ff990a77e23aea6312fd5132afb6da3d3260ef7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:06bde71c0830f9d5876c2d68a3d74e71152b3f24883a76f70ec82a7ca85aea2f_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8363297c1a1294a204af48b97da703f97514aa92cbe584f17e7b81b49cf40015_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:ee50c8fad74b26357c169b97840d44f050b931ccb80f9cb930bbbed67bb681c0_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:212785428b395c0f3aa628e7c218c3d8a7bd256cc255ca7ea6bd234f70c06754_arm64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:2ed644ec1f74c998d0b4953e527307e39a15fdfbb4baeecc0715d418874f7f70_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:a0df5db3e9cced245da7ad51f8557df94d37d1701525b02feb9ee62cfd72a440_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f493485f1d73bd3144a26803bcd1fc7ba4d5b5487eb4dcb455f9c97c8e54ba97_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: axios: Server-Side Request Forgery"
}
]
}
RHSA-2024:7164
Vulnerability from csaf_redhat - Published: 2024-09-26 03:46 - Updated: 2026-05-28 20:33Summary
Red Hat Security Advisory: Migration Toolkit for Containers (MTC) 1.8.4 security and bug fix update
Severity
Important
Notes
Topic: The Migration Toolkit for Containers (MTC) 1.8.4 is now available.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
Details: The Migration Toolkit for Containers (MTC) enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API.
Security Fix(es) from Bugzilla:
* golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS (CVE-2023-45288)
* webpack-dev-middleware: lack of URL validation may lead to file leak (CVE-2024-29180)
* express: cause malformed URLs to be evaluated (CVE-2024-29041)
* axios: axios: Server-Side Request Forgery (CVE-2024-39338)
* golang: net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect (CVE-2023-45289)
* jose-go: improper handling of highly compressed data (CVE-2024-28180)
* follow-redirects: Possible credential leak (CVE-2024-28849)
* moby: external DNS requests from 'internal' networks could lead to data exfiltration (CVE-2024-29018)
* containers/image: digest type does not guarantee valid type (CVE-2024-3727)
* golang: net: malformed DNS message can cause infinite loop (CVE-2024-24788)
* braces: fails to limit the number of characters it can handle (CVE-2024-4068)
* node-tar: denial of service while parsing a tar file due to lack of folders depth validation (CVE-2024-28863)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the gin-gonic CORS middleware. Affected versions of this package are vulnerable to an Origin Validation Error due to the mishandling of wildcard characters at the end of an origin string. This flaw could allow an attacker to bypass intended CORS restrictions by crafting origin strings that exploit this wildcard handling.
6.5 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64 | — |
Workaround
|
Threats
Impact
Moderate
A vulnerability was discovered with the implementation of the HTTP/2 protocol in the Go programming language. There were insufficient limitations on the amount of CONTINUATION frames sent within a single stream. An attacker could potentially exploit this to cause a Denial of Service (DoS) attack.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in Go's net/http/cookiejar standard library package. When following an HTTP redirect to a domain that is not a subdomain match or an exact match of the initial domain, an http.Client does not forward sensitive headers such as "Authorization" or "Cookie". For example, a redirect from foo.com to www.foo.com will forward the Authorization header, but a redirect to bar.com will not. A maliciously crafted HTTP redirect could cause sensitive headers to be unexpectedly forwarded.
5.3 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64 | — |
Workaround
|
Threats
Impact
Moderate
A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, local path traversal, and other attacks.
8.3 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64 | — |
Vendor Fix
fix
|
Known not affected
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64 | — |
Threats
Impact
Moderate
A flaw was found in the NPM package `braces.` It fails to limit the number of characters it can handle, which could lead to memory exhaustion. In `lib/parse.js,` if a malicious user sends "imbalanced braces" as input, the parsing will enter a loop, causing the program to start allocating heap memory without freeing it at any moment of the loop. Eventually, the JavaScript heap limit is reached, and the program will crash.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64 | — |
Workaround
|
Threats
Impact
Moderate
A flaw was found in the net package of the Go stdlib. When a malformed DNS message is received as a response to a query, the Lookup functions within the net package can get stuck in an infinite loop. This issue can lead to resource exhaustion and denial of service (DoS) conditions.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64 | — |
Workaround
|
Threats
Impact
Moderate
A vulnerability was found in Jose due to improper handling of highly compressed data. This issue could allow an attacker to send a JWE containing compressed data that uses large amounts of memory and CPU when decompressed by Decrypt or DecryptMulti.
4.3 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64 | — |
Workaround
|
Threats
Impact
Moderate
A vulnerability was found in the follow-redirects package. While processing the cross-domain redirection, `follow-redirects` clears authorization headers, however, it misses clearing proxy-authentication headers, which contain credentials as well. This issue may lead to credential leaking, having a high impact on data confidentiality.
6.5 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64 | — |
Vendor Fix
fix
|
Known not affected
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64 | — |
Threats
Impact
Moderate
A flaw was found in ISAACS's node-tar, where it is vulnerable to a denial of service, caused by the lack of folder count validation. The vulnerability exists due to the application not properly controlling the consumption of internal resources while parsing a tar file. By sending a specially crafted request, a remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.
6.5 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64 | — |
Vendor Fix
fix
|
Known not affected
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64 | — |
Threats
Impact
Moderate
A vulnerability was found in Moby due to excessive data output in external DNS requests from "internal" networks, enabling unauthorized access to sensitive system information by remote attackers. This flaw allows attackers to gain access to sensitive information by exploiting incorrect resource transfer between spheres through specially crafted requests.
5.9 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64 | — |
Vendor Fix
fix
|
Known not affected
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64 | — |
Threats
Impact
Moderate
A flaw was found in the Express.js minimalist web framework for node. Upstream versions of Express.js before 4.19.0 and all pre-release alpha and beta versions of 5.0 are affected by an open redirect vulnerability using malformed URLs. When a user of Express performs a redirect using a user-provided URL, Express performs an encode [using `encodeurl`](https://github.com/pillarjs/encodeurl) on the contents before passing it to the `location` header. This issue can cause malformed URLs to be evaluated in unexpected ways by common redirect allow list implementations in Express applications, leading to an Open Redirect via bypass of a properly implemented allow list. The main method impacted is `res.location()`, but this is also called from within `res.redirect()`. The vulnerability is fixed in upstream version 4.19.2 and 5.0.0-beta.3.
6.1 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in the webpack-dev-middleware package, where it failed to validate the supplied URL address sufficiently before returning local files. This flaw allows an attacker to craft URLs to return arbitrary local files from the developer's machine. The lack of normalization before calling the middleware also allows the attacker to perform path traversal attacks on the target environment.
7.4 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64 | — |
Workaround
|
Threats
Impact
Important
A vulnerability was found in the Axios HTTP Client. It is vulnerable to a server-side request forgery attack (SSRF) caused by unexpected behavior where requests for path-relative URLs get processed as protocol-relative URLs. This flaw allows an attacker to perform arbitrary requests from the server, potentially accessing internal systems or exfiltrating sensitive data.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64 | — |
Workaround
|
Threats
Impact
Important
References
103 references
Acknowledgments
nowotarski.info
Bartek Nowotarski
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "The Migration Toolkit for Containers (MTC) 1.8.4 is now available.\n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The Migration Toolkit for Containers (MTC) enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API.\n\nSecurity Fix(es) from Bugzilla:\n\n* golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS (CVE-2023-45288)\n\n* webpack-dev-middleware: lack of URL validation may lead to file leak (CVE-2024-29180)\n\n* express: cause malformed URLs to be evaluated (CVE-2024-29041)\n\n* axios: axios: Server-Side Request Forgery (CVE-2024-39338)\n\n* golang: net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect (CVE-2023-45289)\n\n* jose-go: improper handling of highly compressed data (CVE-2024-28180)\n\n* follow-redirects: Possible credential leak (CVE-2024-28849)\n\n* moby: external DNS requests from \u0027internal\u0027 networks could lead to data exfiltration (CVE-2024-29018)\n\n* containers/image: digest type does not guarantee valid type (CVE-2024-3727)\n\n* golang: net: malformed DNS message can cause infinite loop (CVE-2024-24788)\n\n* braces: fails to limit the number of characters it can handle (CVE-2024-4068)\n\n* node-tar: denial of service while parsing a tar file due to lack of folders depth validation (CVE-2024-28863)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:7164",
"url": "https://access.redhat.com/errata/RHSA-2024:7164"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2268018",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268018"
},
{
"category": "external",
"summary": "2268273",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268273"
},
{
"category": "external",
"summary": "2268854",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268854"
},
{
"category": "external",
"summary": "2269576",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2269576"
},
{
"category": "external",
"summary": "2270591",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270591"
},
{
"category": "external",
"summary": "2270863",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270863"
},
{
"category": "external",
"summary": "2274767",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2274767"
},
{
"category": "external",
"summary": "2279814",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2279814"
},
{
"category": "external",
"summary": "2280600",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2280600"
},
{
"category": "external",
"summary": "2290901",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2290901"
},
{
"category": "external",
"summary": "2293200",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293200"
},
{
"category": "external",
"summary": "2295302",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295302"
},
{
"category": "external",
"summary": "2299624",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2299624"
},
{
"category": "external",
"summary": "2299625",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2299625"
},
{
"category": "external",
"summary": "2299628",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2299628"
},
{
"category": "external",
"summary": "2299668",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2299668"
},
{
"category": "external",
"summary": "MIG-1592",
"url": "https://issues.redhat.com/browse/MIG-1592"
},
{
"category": "external",
"summary": "MIG-1593",
"url": "https://issues.redhat.com/browse/MIG-1593"
},
{
"category": "external",
"summary": "MIG-1598",
"url": "https://issues.redhat.com/browse/MIG-1598"
},
{
"category": "external",
"summary": "MIG-1610",
"url": "https://issues.redhat.com/browse/MIG-1610"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_7164.json"
}
],
"title": "Red Hat Security Advisory: Migration Toolkit for Containers (MTC) 1.8.4 security and bug fix update",
"tracking": {
"current_release_date": "2026-05-28T20:33:38+00:00",
"generator": {
"date": "2026-05-28T20:33:38+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHSA-2024:7164",
"initial_release_date": "2024-09-26T03:46:53+00:00",
"revision_history": [
{
"date": "2024-09-26T03:46:53+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-09-26T03:46:53+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-28T20:33:38+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "8Base-RHMTC-1.8",
"product": {
"name": "8Base-RHMTC-1.8",
"product_id": "8Base-RHMTC-1.8",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhmt:1.8::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Migration Toolkit"
},
{
"branches": [
{
"category": "product_version",
"name": "rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"product": {
"name": "rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"product_id": "rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-controller-rhel8\u0026tag=v1.8.4-22"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"product": {
"name": "rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"product_id": "rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-hook-runner-rhel8\u0026tag=v1.8.4-8"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"product": {
"name": "rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"product_id": "rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-log-reader-rhel8\u0026tag=v1.8.4-10"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"product": {
"name": "rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"product_id": "rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-must-gather-rhel8\u0026tag=v1.8.4-16"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"product": {
"name": "rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"product_id": "rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-openvpn-rhel8\u0026tag=v1.8.4-10"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"product": {
"name": "rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"product_id": "rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-rhel8-operator\u0026tag=v1.8.4-16"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"product": {
"name": "rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"product_id": "rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-operator-bundle\u0026tag=v1.8.4-33"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"product": {
"name": "rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"product_id": "rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-registry-rhel8\u0026tag=v1.8.4-11"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"product": {
"name": "rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"product_id": "rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-rsync-transfer-rhel8\u0026tag=v1.8.4-9"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"product": {
"name": "rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"product_id": "rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-ui-rhel8\u0026tag=v1.8.4-10"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64",
"product": {
"name": "rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64",
"product_id": "rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8\u0026tag=v1.8.4-9"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64 as a component of 8Base-RHMTC-1.8",
"product_id": "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64"
},
"product_reference": "rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64 as a component of 8Base-RHMTC-1.8",
"product_id": "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64"
},
"product_reference": "rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64 as a component of 8Base-RHMTC-1.8",
"product_id": "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64"
},
"product_reference": "rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64 as a component of 8Base-RHMTC-1.8",
"product_id": "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64"
},
"product_reference": "rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64 as a component of 8Base-RHMTC-1.8",
"product_id": "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64"
},
"product_reference": "rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64 as a component of 8Base-RHMTC-1.8",
"product_id": "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64"
},
"product_reference": "rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64 as a component of 8Base-RHMTC-1.8",
"product_id": "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64"
},
"product_reference": "rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64 as a component of 8Base-RHMTC-1.8",
"product_id": "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64"
},
"product_reference": "rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64 as a component of 8Base-RHMTC-1.8",
"product_id": "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64"
},
"product_reference": "rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64 as a component of 8Base-RHMTC-1.8",
"product_id": "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64"
},
"product_reference": "rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64 as a component of 8Base-RHMTC-1.8",
"product_id": "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
},
"product_reference": "rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.8"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-25211",
"cwe": {
"id": "CWE-346",
"name": "Origin Validation Error"
},
"discovery_date": "2024-07-02T21:00:45+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2295302"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the gin-gonic CORS middleware. Affected versions of this package are vulnerable to an Origin Validation Error due to the mishandling of wildcard characters at the end of an origin string. This flaw could allow an attacker to bypass intended CORS restrictions by crafting origin strings that exploit this wildcard handling.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/gin-contrib/cors: Gin mishandles a wildcard in the origin string in github.com/gin-contrib/cors",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64"
],
"known_not_affected": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-25211"
},
{
"category": "external",
"summary": "RHBZ#2295302",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295302"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-25211",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-25211"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-25211",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-25211"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-869c-j7wc-8jqv",
"url": "https://github.com/advisories/GHSA-869c-j7wc-8jqv"
},
{
"category": "external",
"summary": "https://github.com/gin-contrib/cors/commit/27b723a473efd80d5a498fa9f5933c80204c850d",
"url": "https://github.com/gin-contrib/cors/commit/27b723a473efd80d5a498fa9f5933c80204c850d"
},
{
"category": "external",
"summary": "https://github.com/gin-contrib/cors/compare/v1.5.0...v1.6.0",
"url": "https://github.com/gin-contrib/cors/compare/v1.5.0...v1.6.0"
},
{
"category": "external",
"summary": "https://github.com/gin-contrib/cors/pull/106",
"url": "https://github.com/gin-contrib/cors/pull/106"
},
{
"category": "external",
"summary": "https://github.com/gin-contrib/cors/pull/57",
"url": "https://github.com/gin-contrib/cors/pull/57"
},
{
"category": "external",
"summary": "https://github.com/gin-contrib/cors/releases/tag/v1.6.0",
"url": "https://github.com/gin-contrib/cors/releases/tag/v1.6.0"
}
],
"release_date": "2024-07-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-26T03:46:53+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7164"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "github.com/gin-contrib/cors: Gin mishandles a wildcard in the origin string in github.com/gin-contrib/cors"
},
{
"acknowledgments": [
{
"names": [
"Bartek Nowotarski"
],
"organization": "nowotarski.info"
}
],
"cve": "CVE-2023-45288",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-03-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2268273"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered with the implementation of the HTTP/2 protocol in the Go programming language. There were insufficient limitations on the amount of CONTINUATION frames sent within a single stream. An attacker could potentially exploit this to cause a Denial of Service (DoS) attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat rates the security impact of this vulnerability as Important due to the worst case scenario resulting in a denial of service. It is simple to exploit, could significantly impact availability, and there is not a suitable mitigation for all use cases. Once an attack has ended, the system should return to normal operations on its own.\n\nThis vulnerability only impacts servers which have HTTP/2 enabled. It stems from an imperfect definition of the protocol. As the Go programming language is widely utilized across nearly every major Red Hat offering, a full listing of impacted packages will not be provided. Therefore, the \u201cAffected Packages and Issued Red Hat Security Errata\u201d section contains a simplified list of what offerings need to remediate this vulnerability. Every impacted offering has at least one representative component listed, but potentially not all of them. Rest assured that Red Hat is committed to remediating this vulnerability across our entire portfolio.\n\nMany components are rated as Low impact due to configurations which reduce the attack surface or significantly increase the difficulty of exploitation. A summary of these scenarios are:\n* The container includes a package that provides a vulnerable webserver, but it is not used or running during operation\n* HTTP/2 is disabled by default and is not supported\n* Only a client implementation is provided, which is not vulnerable\n* A vulnerable module (either golang.org/net/http or golang.org/x/net/http2) is included, but disabled\n* Access to a vulnerable server is restricted within the container (loopback only connections)\n* Golang is available in the container but is not used\n\n\nWithin the Red Hat OpenShift Container Platform, the majority of vulnerable components are not externally accessible. This means an attacker must already have access to a container within your environment to exploit this vulnerability. However, the ose-hyperkube (openshift-enterprise-hyperkube) container is externally accessible, so there are less barriers to exploitation. Fixes for this specific container are already available.\n\nWithin Red Hat Ansible Automation Platform, the impacted component is Receptor. The impact has been reduced to Low as the vulnerable code is present, but not utilized. There are three potential exposures within this component:\n* Receptor utilizes QUIC a UDP based protocol which does not run over HTTP/2\n* Receptor utilizes the x/net/ipv4 and ipv6 packages, both of which are not affected",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64"
],
"known_not_affected": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-45288"
},
{
"category": "external",
"summary": "RHBZ#2268273",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268273"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-45288",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45288"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-45288",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45288"
},
{
"category": "external",
"summary": "https://nowotarski.info/http2-continuation-flood/",
"url": "https://nowotarski.info/http2-continuation-flood/"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-2687",
"url": "https://pkg.go.dev/vuln/GO-2024-2687"
},
{
"category": "external",
"summary": "https://www.kb.cert.org/vuls/id/421644",
"url": "https://www.kb.cert.org/vuls/id/421644"
}
],
"release_date": "2024-04-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-26T03:46:53+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7164"
},
{
"category": "workaround",
"details": "In some environments where http/2 support is not required, it may be possible to disable this feature to reduce risk.",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS"
},
{
"cve": "CVE-2023-45289",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2024-03-05T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2268018"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go\u0027s net/http/cookiejar standard library package. When following an HTTP redirect to a domain that is not a subdomain match or an exact match of the initial domain, an http.Client does not forward sensitive headers such as \"Authorization\" or \"Cookie\". For example, a redirect from foo.com to www.foo.com will forward the Authorization header, but a redirect to bar.com will not. A maliciously crafted HTTP redirect could cause sensitive headers to be unexpectedly forwarded.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64"
],
"known_not_affected": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-45289"
},
{
"category": "external",
"summary": "RHBZ#2268018",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268018"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-45289",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45289"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-45289",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45289"
}
],
"release_date": "2024-03-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-26T03:46:53+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7164"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect"
},
{
"cve": "CVE-2024-3727",
"cwe": {
"id": "CWE-354",
"name": "Improper Validation of Integrity Check Value"
},
"discovery_date": "2024-04-12T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2274767"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, local path traversal, and other attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "containers/image: digest type does not guarantee valid type",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Some conditions are necessary for this attack to occur, such as the attacker being able to upload malicious images to the registry and persuade a victim to pull them. Hence, the severity of this flaw was rated as Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64"
],
"known_not_affected": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-3727"
},
{
"category": "external",
"summary": "RHBZ#2274767",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2274767"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-3727",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3727"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-3727",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-3727"
}
],
"release_date": "2024-05-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-26T03:46:53+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7164"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "containers/image: digest type does not guarantee valid type"
},
{
"cve": "CVE-2024-4068",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2024-05-14T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2280600"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the NPM package `braces.` It fails to limit the number of characters it can handle, which could lead to memory exhaustion. In `lib/parse.js,` if a malicious user sends \"imbalanced braces\" as input, the parsing will enter a loop, causing the program to start allocating heap memory without freeing it at any moment of the loop. Eventually, the JavaScript heap limit is reached, and the program will crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "braces: fails to limit the number of characters it can handle",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64"
],
"known_not_affected": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-4068"
},
{
"category": "external",
"summary": "RHBZ#2280600",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2280600"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-4068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4068"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-4068",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-4068"
},
{
"category": "external",
"summary": "https://devhub.checkmarx.com/cve-details/CVE-2024-4068/",
"url": "https://devhub.checkmarx.com/cve-details/CVE-2024-4068/"
},
{
"category": "external",
"summary": "https://github.com/micromatch/braces/blob/98414f9f1fabe021736e26836d8306d5de747e0d/lib/parse.js#L308",
"url": "https://github.com/micromatch/braces/blob/98414f9f1fabe021736e26836d8306d5de747e0d/lib/parse.js#L308"
},
{
"category": "external",
"summary": "https://github.com/micromatch/braces/issues/35",
"url": "https://github.com/micromatch/braces/issues/35"
}
],
"release_date": "2024-03-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-26T03:46:53+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7164"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "braces: fails to limit the number of characters it can handle"
},
{
"cve": "CVE-2024-24788",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2024-05-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2279814"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the net package of the Go stdlib. When a malformed DNS message is received as a response to a query, the Lookup functions within the net package can get stuck in an infinite loop. This issue can lead to resource exhaustion and denial of service (DoS) conditions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net: malformed DNS message can cause infinite loop",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64"
],
"known_not_affected": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-24788"
},
{
"category": "external",
"summary": "RHBZ#2279814",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2279814"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-24788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24788"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-24788",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24788"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-2824",
"url": "https://pkg.go.dev/vuln/GO-2024-2824"
}
],
"release_date": "2024-05-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-26T03:46:53+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7164"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net: malformed DNS message can cause infinite loop"
},
{
"cve": "CVE-2024-28180",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"discovery_date": "2024-03-10T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2268854"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Jose due to improper handling of highly compressed data. This issue could allow an attacker to send a JWE containing compressed data that uses large amounts of memory and CPU when decompressed by Decrypt or DecryptMulti.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jose-go: improper handling of highly compressed data",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64"
],
"known_not_affected": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-28180"
},
{
"category": "external",
"summary": "RHBZ#2268854",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268854"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-28180",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28180"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-28180",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-28180"
},
{
"category": "external",
"summary": "https://github.com/go-jose/go-jose/security/advisories/GHSA-c5q2-7r4c-mv6g",
"url": "https://github.com/go-jose/go-jose/security/advisories/GHSA-c5q2-7r4c-mv6g"
}
],
"release_date": "2024-03-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-26T03:46:53+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7164"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jose-go: improper handling of highly compressed data"
},
{
"cve": "CVE-2024-28849",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2024-03-14T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2269576"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the follow-redirects package. While processing the cross-domain redirection, `follow-redirects` clears authorization headers, however, it misses clearing proxy-authentication headers, which contain credentials as well. This issue may lead to credential leaking, having a high impact on data confidentiality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "follow-redirects: Possible credential leak",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64"
],
"known_not_affected": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-28849"
},
{
"category": "external",
"summary": "RHBZ#2269576",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2269576"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-28849",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28849"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-28849",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-28849"
},
{
"category": "external",
"summary": "https://github.com/follow-redirects/follow-redirects/security/advisories/GHSA-cxjh-pqwp-8mfp",
"url": "https://github.com/follow-redirects/follow-redirects/security/advisories/GHSA-cxjh-pqwp-8mfp"
}
],
"release_date": "2024-03-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-26T03:46:53+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7164"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "follow-redirects: Possible credential leak"
},
{
"cve": "CVE-2024-28863",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-06-20T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2293200"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in ISAACS\u0027s node-tar, where it is vulnerable to a denial of service, caused by the lack of folder count validation. The vulnerability exists due to the application not properly controlling the consumption of internal resources while parsing a tar file. By sending a specially crafted request, a remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-tar: denial of service while parsing a tar file due to lack of folders depth validation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64"
],
"known_not_affected": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-28863"
},
{
"category": "external",
"summary": "RHBZ#2293200",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293200"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-28863",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28863"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-28863",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-28863"
},
{
"category": "external",
"summary": "https://github.com/isaacs/node-tar/security/advisories/GHSA-f5x3-32g6-xq36",
"url": "https://github.com/isaacs/node-tar/security/advisories/GHSA-f5x3-32g6-xq36"
},
{
"category": "external",
"summary": "https://security.netapp.com/advisory/ntap-20240524-0005/",
"url": "https://security.netapp.com/advisory/ntap-20240524-0005/"
}
],
"release_date": "2024-03-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-26T03:46:53+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7164"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "node-tar: denial of service while parsing a tar file due to lack of folders depth validation"
},
{
"cve": "CVE-2024-29018",
"cwe": {
"id": "CWE-669",
"name": "Incorrect Resource Transfer Between Spheres"
},
"discovery_date": "2024-03-21T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2270591"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Moby due to excessive data output in external DNS requests from \"internal\" networks, enabling unauthorized access to sensitive system information by remote attackers. This flaw allows attackers to gain access to sensitive information by exploiting incorrect resource transfer between spheres through specially crafted requests.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "moby: external DNS requests from \u0027internal\u0027 networks could lead to data exfiltration",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64"
],
"known_not_affected": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-29018"
},
{
"category": "external",
"summary": "RHBZ#2270591",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270591"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-29018",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29018"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-29018",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29018"
},
{
"category": "external",
"summary": "https://github.com/moby/moby/pull/46609",
"url": "https://github.com/moby/moby/pull/46609"
},
{
"category": "external",
"summary": "https://github.com/moby/moby/security/advisories/GHSA-mq39-4gv4-mvpx",
"url": "https://github.com/moby/moby/security/advisories/GHSA-mq39-4gv4-mvpx"
}
],
"release_date": "2024-03-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-26T03:46:53+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7164"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "moby: external DNS requests from \u0027internal\u0027 networks could lead to data exfiltration"
},
{
"cve": "CVE-2024-29041",
"cwe": {
"id": "CWE-601",
"name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
},
"discovery_date": "2024-06-07T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2290901"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Express.js minimalist web framework for node. Upstream versions of Express.js before 4.19.0 and all pre-release alpha and beta versions of 5.0 are affected by an open redirect vulnerability using malformed URLs. When a user of Express performs a redirect using a user-provided URL, Express performs an encode [using `encodeurl`](https://github.com/pillarjs/encodeurl) on the contents before passing it to the `location` header. This issue can cause malformed URLs to be evaluated in unexpected ways by common redirect allow list implementations in Express applications, leading to an Open Redirect via bypass of a properly implemented allow list. The main method impacted is `res.location()`, but this is also called from within `res.redirect()`. The vulnerability is fixed in upstream version 4.19.2 and 5.0.0-beta.3.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "express: cause malformed URLs to be evaluated",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Fuse 7 only uses express as part of build time development dependency, it is not part of the final product delivery.\n\nUpstream versions should not be relied upon for ultimate determination of affectedness. Red Hat might backport fixes from upstream versions on a case by case basis.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64"
],
"known_not_affected": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-29041"
},
{
"category": "external",
"summary": "RHBZ#2290901",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2290901"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-29041",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29041"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-29041",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29041"
},
{
"category": "external",
"summary": "https://expressjs.com/en/4x/api.html#res.location",
"url": "https://expressjs.com/en/4x/api.html#res.location"
},
{
"category": "external",
"summary": "https://github.com/expressjs/express/commit/0867302ddbde0e9463d0564fea5861feb708c2dd",
"url": "https://github.com/expressjs/express/commit/0867302ddbde0e9463d0564fea5861feb708c2dd"
},
{
"category": "external",
"summary": "https://github.com/expressjs/express/commit/0b746953c4bd8e377123527db11f9cd866e39f94",
"url": "https://github.com/expressjs/express/commit/0b746953c4bd8e377123527db11f9cd866e39f94"
},
{
"category": "external",
"summary": "https://github.com/expressjs/express/pull/5539",
"url": "https://github.com/expressjs/express/pull/5539"
},
{
"category": "external",
"summary": "https://github.com/expressjs/express/security/advisories/GHSA-rv95-896h-c2vc",
"url": "https://github.com/expressjs/express/security/advisories/GHSA-rv95-896h-c2vc"
},
{
"category": "external",
"summary": "https://github.com/koajs/koa/issues/1800",
"url": "https://github.com/koajs/koa/issues/1800"
}
],
"release_date": "2024-03-25T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-26T03:46:53+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7164"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "express: cause malformed URLs to be evaluated"
},
{
"cve": "CVE-2024-29180",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2024-03-21T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2270863"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the webpack-dev-middleware package, where it failed to validate the supplied URL address sufficiently before returning local files. This flaw allows an attacker to craft URLs to return arbitrary local files from the developer\u0027s machine. The lack of normalization before calling the middleware also allows the attacker to perform path traversal attacks on the target environment.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webpack-dev-middleware: lack of URL validation may lead to file leak",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The vulnerability in webpack-dev represents a important security issue due to its potential to expose sensitive files and compromise developer machines. By failing to validate URLs and normalize paths effectively, the middleware allows attackers to craft malicious requests that can retrieve arbitrary local files or perform unauthorized path traversal. This could lead to unauthorized access to confidential information, including source code, configuration files, and even system-level files. Given the widespread use of webpack-dev-middleware in web development environments, addressing this vulnerability promptly is important to prevent serious data breaches and protect the integrity of development processes.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64"
],
"known_not_affected": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-29180"
},
{
"category": "external",
"summary": "RHBZ#2270863",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270863"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-29180",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29180"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-29180",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29180"
},
{
"category": "external",
"summary": "https://github.com/webpack/webpack-dev-middleware/security/advisories/GHSA-wr3j-pwj9-hqq6",
"url": "https://github.com/webpack/webpack-dev-middleware/security/advisories/GHSA-wr3j-pwj9-hqq6"
}
],
"release_date": "2024-03-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-26T03:46:53+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7164"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "webpack-dev-middleware: lack of URL validation may lead to file leak"
},
{
"cve": "CVE-2024-39338",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2024-08-13T17:21:32.774718+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2304369"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the Axios HTTP Client. It is vulnerable to a server-side request forgery attack (SSRF) caused by unexpected behavior where requests for path-relative URLs get processed as protocol-relative URLs. This flaw allows an attacker to perform arbitrary requests from the server, potentially accessing internal systems or exfiltrating sensitive data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: axios: Server-Side Request Forgery",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as IMPORTANT because it can be exploited remotely with low complexity and without user interaction, it poses a significant risk to confidentiality.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64"
],
"known_not_affected": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-39338"
},
{
"category": "external",
"summary": "RHBZ#2304369",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304369"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-39338",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39338"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-39338",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39338"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/releases",
"url": "https://github.com/axios/axios/releases"
},
{
"category": "external",
"summary": "https://jeffhacks.com/advisories/2024/06/24/CVE-2024-39338.html",
"url": "https://jeffhacks.com/advisories/2024/06/24/CVE-2024-39338.html"
}
],
"release_date": "2024-08-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-26T03:46:53+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7164"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: axios: Server-Side Request Forgery"
}
]
}
RHSA-2024:8075
Vulnerability from csaf_redhat - Published: 2024-10-14 18:01 - Updated: 2026-05-27 16:05Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.19 Security update
Severity
Important
Notes
Topic: An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.19 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.18, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.19 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* braces: fails to limit the number of characters it can handle [eap-7.4.z] (CVE-2024-4068)
* jose4j: denial of service via specially crafted JWE [eap-7.4.z] (CVE-2023-51775)
* wildfly-domain-http: wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS) [eap-7.4.z] (CVE-2024-4029)
* xalan: integer truncation issue in Xalan-J (JAXP, 8285407) [eap-7.4.z] (CVE-2022-34169)
* org.jsoup/jsoup: The jsoup cleaner may incorrectly sanitize crafted XSS attempts if SafeList.preserveRelativeLinks is enabled [eap-7.4.z] (CVE-2022-36033)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.
7.5 (High)
Affected products
Fixed
40 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-cert-helper-debuginfo-0:1.1.3-1.redhat_00001.1.el7eap.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.src | — |
Vendor Fix
fix
|
Threats
Impact
Important
A flaw was found in jsoup, a Java HTML parser built for HTML editing, cleaning, scraping, and Cross-site scripting (XSS) safety. An issue in jsoup may incorrectly sanitize HTML, including `javascript:` URL expressions, which could allow XSS attacks when a reader subsequently clicks that link. If the non-default `SafeList.preserveRelativeLinks` option is enabled, HTML, including `javascript:` URLs crafted with control characters, will not be sanitized. If the site that this HTML is published on does not set a Content Security Policy, an XSS attack is possible.
6.1 (Medium)
Affected products
Fixed
40 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-cert-helper-debuginfo-0:1.1.3-1.redhat_00001.1.el7eap.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.src | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the jose.4.j (jose4j) library. The JWE key management algorithms based on PBKDF2 require a JOSE Header Parameter called p2c (PBES2 Count). This parameter dictates the number of PBKDF2 iterations needed to derive a CEK wrapping key. Its primary purpose is to intentionally slow down the key derivation function, making password brute-force and dictionary attacks more resource-intensive. However, if an attacker sets the p2c parameter in JWE to a large number, it can cause high computational consumption, resulting in a denial of service.
7.5 (High)
Affected products
Fixed
40 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-cert-helper-debuginfo-0:1.1.3-1.redhat_00001.1.el7eap.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A vulnerability was found in Wildfly’s management interface. Due to the lack of limitation of sockets for the management interface, it may be possible to cause a denial of service hitting the nofile limit as there is no possibility to configure or set a maximum number of connections.
4.1 (Medium)
Affected products
Fixed
40 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-cert-helper-debuginfo-0:1.1.3-1.redhat_00001.1.el7eap.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Low
A flaw was found in the NPM package `braces.` It fails to limit the number of characters it can handle, which could lead to memory exhaustion. In `lib/parse.js,` if a malicious user sends "imbalanced braces" as input, the parsing will enter a loop, causing the program to start allocating heap memory without freeing it at any moment of the loop. Eventually, the JavaScript heap limit is reached, and the program will crash.
7.5 (High)
Affected products
Fixed
40 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-cert-helper-debuginfo-0:1.1.3-1.redhat_00001.1.el7eap.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
References
45 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 7.\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.19 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.18, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.19 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* braces: fails to limit the number of characters it can handle [eap-7.4.z] (CVE-2024-4068)\n\n* jose4j: denial of service via specially crafted JWE [eap-7.4.z] (CVE-2023-51775)\n\n* wildfly-domain-http: wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS) [eap-7.4.z] (CVE-2024-4029)\n\n* xalan: integer truncation issue in Xalan-J (JAXP, 8285407) [eap-7.4.z] (CVE-2022-34169)\n\n* org.jsoup/jsoup: The jsoup cleaner may incorrectly sanitize crafted XSS attempts if SafeList.preserveRelativeLinks is enabled [eap-7.4.z] (CVE-2022-36033)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:8075",
"url": "https://access.redhat.com/errata/RHSA-2024:8075"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4",
"url": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/index",
"url": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/index"
},
{
"category": "external",
"summary": "2108554",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108554"
},
{
"category": "external",
"summary": "2127078",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2127078"
},
{
"category": "external",
"summary": "2266921",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2266921"
},
{
"category": "external",
"summary": "2278615",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278615"
},
{
"category": "external",
"summary": "2280600",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2280600"
},
{
"category": "external",
"summary": "JBEAP-27049",
"url": "https://issues.redhat.com/browse/JBEAP-27049"
},
{
"category": "external",
"summary": "JBEAP-27357",
"url": "https://issues.redhat.com/browse/JBEAP-27357"
},
{
"category": "external",
"summary": "JBEAP-27548",
"url": "https://issues.redhat.com/browse/JBEAP-27548"
},
{
"category": "external",
"summary": "JBEAP-27613",
"url": "https://issues.redhat.com/browse/JBEAP-27613"
},
{
"category": "external",
"summary": "JBEAP-27658",
"url": "https://issues.redhat.com/browse/JBEAP-27658"
},
{
"category": "external",
"summary": "JBEAP-27700",
"url": "https://issues.redhat.com/browse/JBEAP-27700"
},
{
"category": "external",
"summary": "JBEAP-27701",
"url": "https://issues.redhat.com/browse/JBEAP-27701"
},
{
"category": "external",
"summary": "JBEAP-27713",
"url": "https://issues.redhat.com/browse/JBEAP-27713"
},
{
"category": "external",
"summary": "JBEAP-27714",
"url": "https://issues.redhat.com/browse/JBEAP-27714"
},
{
"category": "external",
"summary": "JBEAP-27715",
"url": "https://issues.redhat.com/browse/JBEAP-27715"
},
{
"category": "external",
"summary": "JBEAP-27746",
"url": "https://issues.redhat.com/browse/JBEAP-27746"
},
{
"category": "external",
"summary": "JBEAP-27747",
"url": "https://issues.redhat.com/browse/JBEAP-27747"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8075.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.19 Security update",
"tracking": {
"current_release_date": "2026-05-27T16:05:50+00:00",
"generator": {
"date": "2026-05-27T16:05:50+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHSA-2024:8075",
"initial_release_date": "2024-10-14T18:01:59+00:00",
"revision_history": [
{
"date": "2024-10-14T18:01:59+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-10-14T18:01:59+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-27T16:05:50+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product": {
"name": "Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.src",
"product_id": "eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-validator@6.0.23-2.SP1_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.src",
"product": {
"name": "eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.src",
"product_id": "eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-xalan-j2@2.7.1-37.redhat_00015.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.55-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jbossws-cxf@5.4.12-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar@1.5.18-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.src",
"product": {
"name": "eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.src",
"product_id": "eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jsoup@1.15.4-1.redhat_00003.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.src",
"product_id": "eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-cert-helper@1.1.3-1.redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow-jastow@2.0.15-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.3.24-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.src",
"product_id": "eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-insights-java-client@1.1.3-1.redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.src",
"product": {
"name": "eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.src",
"product_id": "eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-39.Final_redhat_00039.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.src",
"product": {
"name": "eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.src",
"product_id": "eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.4.19-1.GA_redhat_00002.1.el7eap?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-validator@6.0.23-2.SP1_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-validator-cdi@6.0.23-2.SP1_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.noarch",
"product": {
"name": "eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.noarch",
"product_id": "eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-xalan-j2@2.7.1-37.redhat_00015.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.55-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jbossws-cxf@5.4.12-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar@1.5.18-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-api@1.5.18-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-impl@1.5.18-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-spi@1.5.18-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-core-api@1.5.18-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-core-impl@1.5.18-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-deployers-common@1.5.18-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-jdbc@1.5.18-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-validator@1.5.18-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.noarch",
"product_id": "eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jsoup@1.15.4-1.redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow-jastow@2.0.15-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.3.24-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.noarch",
"product_id": "eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-insights-java-client@1.1.3-1.redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-39.Final_redhat_00039.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-cli@1.10.0-39.Final_redhat_00039.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-core@1.10.0-39.Final_redhat_00039.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.4.19-1.GA_redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk11@7.4.19-1.GA_redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk8@7.4.19-1.GA_redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.4.19-1.GA_redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.4.19-1.GA_redhat_00002.1.el7eap?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.x86_64",
"product": {
"name": "eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.x86_64",
"product_id": "eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-cert-helper@1.1.3-1.redhat_00001.1.el7eap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-cert-helper-debuginfo-0:1.1.3-1.redhat_00001.1.el7eap.x86_64",
"product": {
"name": "eap7-jboss-cert-helper-debuginfo-0:1.1.3-1.redhat_00001.1.el7eap.x86_64",
"product_id": "eap7-jboss-cert-helper-debuginfo-0:1.1.3-1.redhat_00001.1.el7eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-cert-helper-debuginfo@1.1.3-1.redhat_00001.1.el7eap?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.x86_64 as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.x86_64"
},
"product_reference": "eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.x86_64",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-cert-helper-debuginfo-0:1.1.3-1.redhat_00001.1.el7eap.x86_64 as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-cert-helper-debuginfo-0:1.1.3-1.redhat_00001.1.el7eap.x86_64"
},
"product_reference": "eap7-jboss-cert-helper-debuginfo-0:1.1.3-1.redhat_00001.1.el7eap.x86_64",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.src"
},
"product_reference": "eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.src"
},
"product_reference": "eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.src"
},
"product_reference": "eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.noarch"
},
"product_reference": "eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.src"
},
"product_reference": "eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-34169",
"cwe": {
"id": "CWE-192",
"name": "Integer Coercion Error"
},
"discovery_date": "2022-07-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2108554"
}
],
"notes": [
{
"category": "description",
"text": "The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-debuginfo-0:1.1.3-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-34169"
},
{
"category": "external",
"summary": "RHBZ#2108554",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108554"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-34169",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34169"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-34169",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34169"
}
],
"release_date": "2022-07-19T20:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-14T18:01:59+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-debuginfo-0:1.1.3-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8075"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-debuginfo-0:1.1.3-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)"
},
{
"cve": "CVE-2022-36033",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2022-09-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2127078"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jsoup, a Java HTML parser built for HTML editing, cleaning, scraping, and Cross-site scripting (XSS) safety. An issue in jsoup may incorrectly sanitize HTML, including `javascript:` URL expressions, which could allow XSS attacks when a reader subsequently clicks that link. If the non-default `SafeList.preserveRelativeLinks` option is enabled, HTML, including `javascript:` URLs crafted with control characters, will not be sanitized. If the site that this HTML is published on does not set a Content Security Policy, an XSS attack is possible.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jsoup: The jsoup cleaner may incorrectly sanitize crafted XSS attempts if SafeList.preserveRelativeLinks is enabled",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-debuginfo-0:1.1.3-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-36033"
},
{
"category": "external",
"summary": "RHBZ#2127078",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2127078"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-36033",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36033"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-36033",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-36033"
}
],
"release_date": "2022-08-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-14T18:01:59+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-debuginfo-0:1.1.3-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8075"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-debuginfo-0:1.1.3-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jsoup: The jsoup cleaner may incorrectly sanitize crafted XSS attempts if SafeList.preserveRelativeLinks is enabled"
},
{
"cve": "CVE-2023-51775",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-02-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2266921"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the jose.4.j (jose4j) library. The JWE key management algorithms based on PBKDF2 require a JOSE Header Parameter called p2c (PBES2 Count). This parameter dictates the number of PBKDF2 iterations needed to derive a CEK wrapping key. Its primary purpose is to intentionally slow down the key derivation function, making password brute-force and dictionary attacks more resource-intensive. However, if an attacker sets the p2c parameter in JWE to a large number, it can cause high computational consumption, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jose4j: denial of service via specially crafted JWE",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The vulnerability in the jose4j library, where the \"p2c\" parameter in PBKDF2-based JWE key management algorithms can be manipulated to induce high computational consumption, is classified as moderate severity due to its potential impact on service availability and resource exhaustion. By setting a large value for \"p2c\", an attacker can force the server to perform an excessive number of PBKDF2 iterations during key derivation. This results in increased CPU and memory usage, potentially leading to degraded performance or temporary denial of service.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-debuginfo-0:1.1.3-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-51775"
},
{
"category": "external",
"summary": "RHBZ#2266921",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2266921"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-51775",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51775"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-51775",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-51775"
}
],
"release_date": "2024-02-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-14T18:01:59+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-debuginfo-0:1.1.3-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8075"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-debuginfo-0:1.1.3-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-debuginfo-0:1.1.3-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jose4j: denial of service via specially crafted JWE"
},
{
"cve": "CVE-2024-4029",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2024-04-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2278615"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Wildfly\u2019s management interface. Due to the lack of limitation of sockets for the management interface, it may be possible to cause a denial of service hitting the nofile limit as there is no possibility to configure or set a maximum number of connections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat rates this as a Low impact since this requires high privileges to jeopardize the system. The management interface is normally internal/local only and not exposed externally.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-debuginfo-0:1.1.3-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-4029"
},
{
"category": "external",
"summary": "RHBZ#2278615",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278615"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-4029",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4029"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-4029",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-4029"
}
],
"release_date": "2024-05-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-14T18:01:59+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-debuginfo-0:1.1.3-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8075"
},
{
"category": "workaround",
"details": "Currently there is no available mitigation for this vulnerability. Please make sure to perform updates as they become available.",
"product_ids": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-debuginfo-0:1.1.3-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-debuginfo-0:1.1.3-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS)"
},
{
"cve": "CVE-2024-4068",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2024-05-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2280600"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the NPM package `braces.` It fails to limit the number of characters it can handle, which could lead to memory exhaustion. In `lib/parse.js,` if a malicious user sends \"imbalanced braces\" as input, the parsing will enter a loop, causing the program to start allocating heap memory without freeing it at any moment of the loop. Eventually, the JavaScript heap limit is reached, and the program will crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "braces: fails to limit the number of characters it can handle",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-debuginfo-0:1.1.3-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-4068"
},
{
"category": "external",
"summary": "RHBZ#2280600",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2280600"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-4068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4068"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-4068",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-4068"
},
{
"category": "external",
"summary": "https://devhub.checkmarx.com/cve-details/CVE-2024-4068/",
"url": "https://devhub.checkmarx.com/cve-details/CVE-2024-4068/"
},
{
"category": "external",
"summary": "https://github.com/micromatch/braces/blob/98414f9f1fabe021736e26836d8306d5de747e0d/lib/parse.js#L308",
"url": "https://github.com/micromatch/braces/blob/98414f9f1fabe021736e26836d8306d5de747e0d/lib/parse.js#L308"
},
{
"category": "external",
"summary": "https://github.com/micromatch/braces/issues/35",
"url": "https://github.com/micromatch/braces/issues/35"
}
],
"release_date": "2024-03-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-14T18:01:59+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-debuginfo-0:1.1.3-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8075"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-debuginfo-0:1.1.3-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-debuginfo-0:1.1.3-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "braces: fails to limit the number of characters it can handle"
}
]
}
RHSA-2024:8076
Vulnerability from csaf_redhat - Published: 2024-10-14 18:01 - Updated: 2026-05-27 16:05Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.19 Security update
Severity
Important
Notes
Topic: An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.19 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.18, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.19 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* braces: fails to limit the number of characters it can handle [eap-7.4.z] (CVE-2024-4068)
* jose4j: denial of service via specially crafted JWE [eap-7.4.z] (CVE-2023-51775)
* wildfly-domain-http: wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS) [eap-7.4.z] (CVE-2024-4029)
* xalan: integer truncation issue in Xalan-J (JAXP, 8285407) [eap-7.4.z] (CVE-2022-34169)
* org.jsoup/jsoup: The jsoup cleaner may incorrectly sanitize crafted XSS attempts if SafeList.preserveRelativeLinks is enabled [eap-7.4.z] (CVE-2022-36033)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.
7.5 (High)
Affected products
Fixed
40 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.src | — |
Vendor Fix
fix
|
Threats
Impact
Important
A flaw was found in jsoup, a Java HTML parser built for HTML editing, cleaning, scraping, and Cross-site scripting (XSS) safety. An issue in jsoup may incorrectly sanitize HTML, including `javascript:` URL expressions, which could allow XSS attacks when a reader subsequently clicks that link. If the non-default `SafeList.preserveRelativeLinks` option is enabled, HTML, including `javascript:` URLs crafted with control characters, will not be sanitized. If the site that this HTML is published on does not set a Content Security Policy, an XSS attack is possible.
6.1 (Medium)
Affected products
Fixed
40 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.src | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the jose.4.j (jose4j) library. The JWE key management algorithms based on PBKDF2 require a JOSE Header Parameter called p2c (PBES2 Count). This parameter dictates the number of PBKDF2 iterations needed to derive a CEK wrapping key. Its primary purpose is to intentionally slow down the key derivation function, making password brute-force and dictionary attacks more resource-intensive. However, if an attacker sets the p2c parameter in JWE to a large number, it can cause high computational consumption, resulting in a denial of service.
7.5 (High)
Affected products
Fixed
40 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A vulnerability was found in Wildfly’s management interface. Due to the lack of limitation of sockets for the management interface, it may be possible to cause a denial of service hitting the nofile limit as there is no possibility to configure or set a maximum number of connections.
4.1 (Medium)
Affected products
Fixed
40 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Low
A flaw was found in the NPM package `braces.` It fails to limit the number of characters it can handle, which could lead to memory exhaustion. In `lib/parse.js,` if a malicious user sends "imbalanced braces" as input, the parsing will enter a loop, causing the program to start allocating heap memory without freeing it at any moment of the loop. Eventually, the JavaScript heap limit is reached, and the program will crash.
7.5 (High)
Affected products
Fixed
40 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
References
45 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 8.\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.19 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.18, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.19 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* braces: fails to limit the number of characters it can handle [eap-7.4.z] (CVE-2024-4068)\n\n* jose4j: denial of service via specially crafted JWE [eap-7.4.z] (CVE-2023-51775)\n\n* wildfly-domain-http: wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS) [eap-7.4.z] (CVE-2024-4029)\n\n* xalan: integer truncation issue in Xalan-J (JAXP, 8285407) [eap-7.4.z] (CVE-2022-34169)\n\n* org.jsoup/jsoup: The jsoup cleaner may incorrectly sanitize crafted XSS attempts if SafeList.preserveRelativeLinks is enabled [eap-7.4.z] (CVE-2022-36033)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:8076",
"url": "https://access.redhat.com/errata/RHSA-2024:8076"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4",
"url": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/index",
"url": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/index"
},
{
"category": "external",
"summary": "2108554",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108554"
},
{
"category": "external",
"summary": "2127078",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2127078"
},
{
"category": "external",
"summary": "2266921",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2266921"
},
{
"category": "external",
"summary": "2278615",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278615"
},
{
"category": "external",
"summary": "2280600",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2280600"
},
{
"category": "external",
"summary": "JBEAP-27050",
"url": "https://issues.redhat.com/browse/JBEAP-27050"
},
{
"category": "external",
"summary": "JBEAP-27357",
"url": "https://issues.redhat.com/browse/JBEAP-27357"
},
{
"category": "external",
"summary": "JBEAP-27548",
"url": "https://issues.redhat.com/browse/JBEAP-27548"
},
{
"category": "external",
"summary": "JBEAP-27613",
"url": "https://issues.redhat.com/browse/JBEAP-27613"
},
{
"category": "external",
"summary": "JBEAP-27658",
"url": "https://issues.redhat.com/browse/JBEAP-27658"
},
{
"category": "external",
"summary": "JBEAP-27700",
"url": "https://issues.redhat.com/browse/JBEAP-27700"
},
{
"category": "external",
"summary": "JBEAP-27701",
"url": "https://issues.redhat.com/browse/JBEAP-27701"
},
{
"category": "external",
"summary": "JBEAP-27713",
"url": "https://issues.redhat.com/browse/JBEAP-27713"
},
{
"category": "external",
"summary": "JBEAP-27714",
"url": "https://issues.redhat.com/browse/JBEAP-27714"
},
{
"category": "external",
"summary": "JBEAP-27715",
"url": "https://issues.redhat.com/browse/JBEAP-27715"
},
{
"category": "external",
"summary": "JBEAP-27746",
"url": "https://issues.redhat.com/browse/JBEAP-27746"
},
{
"category": "external",
"summary": "JBEAP-27747",
"url": "https://issues.redhat.com/browse/JBEAP-27747"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8076.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.19 Security update",
"tracking": {
"current_release_date": "2026-05-27T16:05:58+00:00",
"generator": {
"date": "2026-05-27T16:05:58+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHSA-2024:8076",
"initial_release_date": "2024-10-14T18:01:49+00:00",
"revision_history": [
{
"date": "2024-10-14T18:01:49+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-10-14T18:01:49+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-27T16:05:58+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss EAP 7.4 for RHEL 8",
"product": {
"name": "Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.src",
"product": {
"name": "eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.src",
"product_id": "eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-xalan-j2@2.7.1-37.redhat_00015.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.3.24-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow-jastow@2.0.15-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.src",
"product": {
"name": "eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.src",
"product_id": "eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jsoup@1.15.4-1.redhat_00003.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jbossws-cxf@5.4.12-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar@1.5.18-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"product_id": "eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-cert-helper@1.1.3-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.src",
"product_id": "eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-validator@6.0.23-2.SP1_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.55-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"product_id": "eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-insights-java-client@1.1.3-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.src",
"product": {
"name": "eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.src",
"product_id": "eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-39.Final_redhat_00039.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.src",
"product": {
"name": "eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.src",
"product_id": "eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.4.19-1.GA_redhat_00002.1.el8eap?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.noarch",
"product": {
"name": "eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.noarch",
"product_id": "eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-xalan-j2@2.7.1-37.redhat_00015.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.3.24-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow-jastow@2.0.15-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.noarch",
"product_id": "eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jsoup@1.15.4-1.redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jbossws-cxf@5.4.12-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar@1.5.18-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-api@1.5.18-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-impl@1.5.18-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-spi@1.5.18-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-core-api@1.5.18-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-core-impl@1.5.18-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-deployers-common@1.5.18-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-jdbc@1.5.18-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-validator@1.5.18-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-validator@6.0.23-2.SP1_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-validator-cdi@6.0.23-2.SP1_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.55-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-insights-java-client@1.1.3-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-39.Final_redhat_00039.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-cli@1.10.0-39.Final_redhat_00039.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-core@1.10.0-39.Final_redhat_00039.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"product_id": "eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.4.19-1.GA_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"product_id": "eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk11@7.4.19-1.GA_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"product_id": "eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk17@7.4.19-1.GA_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"product_id": "eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk8@7.4.19-1.GA_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"product_id": "eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.4.19-1.GA_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"product_id": "eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.4.19-1.GA_redhat_00002.1.el8eap?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"product": {
"name": "eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"product_id": "eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-cert-helper@1.1.3-1.redhat_00001.1.el8eap?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64 as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64"
},
"product_reference": "eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.src"
},
"product_reference": "eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.src"
},
"product_reference": "eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.src"
},
"product_reference": "eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.noarch"
},
"product_reference": "eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.src"
},
"product_reference": "eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-34169",
"cwe": {
"id": "CWE-192",
"name": "Integer Coercion Error"
},
"discovery_date": "2022-07-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2108554"
}
],
"notes": [
{
"category": "description",
"text": "The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-34169"
},
{
"category": "external",
"summary": "RHBZ#2108554",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108554"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-34169",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34169"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-34169",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34169"
}
],
"release_date": "2022-07-19T20:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-14T18:01:49+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8076"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)"
},
{
"cve": "CVE-2022-36033",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2022-09-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2127078"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jsoup, a Java HTML parser built for HTML editing, cleaning, scraping, and Cross-site scripting (XSS) safety. An issue in jsoup may incorrectly sanitize HTML, including `javascript:` URL expressions, which could allow XSS attacks when a reader subsequently clicks that link. If the non-default `SafeList.preserveRelativeLinks` option is enabled, HTML, including `javascript:` URLs crafted with control characters, will not be sanitized. If the site that this HTML is published on does not set a Content Security Policy, an XSS attack is possible.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jsoup: The jsoup cleaner may incorrectly sanitize crafted XSS attempts if SafeList.preserveRelativeLinks is enabled",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-36033"
},
{
"category": "external",
"summary": "RHBZ#2127078",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2127078"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-36033",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36033"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-36033",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-36033"
}
],
"release_date": "2022-08-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-14T18:01:49+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8076"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jsoup: The jsoup cleaner may incorrectly sanitize crafted XSS attempts if SafeList.preserveRelativeLinks is enabled"
},
{
"cve": "CVE-2023-51775",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-02-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2266921"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the jose.4.j (jose4j) library. The JWE key management algorithms based on PBKDF2 require a JOSE Header Parameter called p2c (PBES2 Count). This parameter dictates the number of PBKDF2 iterations needed to derive a CEK wrapping key. Its primary purpose is to intentionally slow down the key derivation function, making password brute-force and dictionary attacks more resource-intensive. However, if an attacker sets the p2c parameter in JWE to a large number, it can cause high computational consumption, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jose4j: denial of service via specially crafted JWE",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The vulnerability in the jose4j library, where the \"p2c\" parameter in PBKDF2-based JWE key management algorithms can be manipulated to induce high computational consumption, is classified as moderate severity due to its potential impact on service availability and resource exhaustion. By setting a large value for \"p2c\", an attacker can force the server to perform an excessive number of PBKDF2 iterations during key derivation. This results in increased CPU and memory usage, potentially leading to degraded performance or temporary denial of service.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-51775"
},
{
"category": "external",
"summary": "RHBZ#2266921",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2266921"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-51775",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51775"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-51775",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-51775"
}
],
"release_date": "2024-02-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-14T18:01:49+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8076"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jose4j: denial of service via specially crafted JWE"
},
{
"cve": "CVE-2024-4029",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2024-04-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2278615"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Wildfly\u2019s management interface. Due to the lack of limitation of sockets for the management interface, it may be possible to cause a denial of service hitting the nofile limit as there is no possibility to configure or set a maximum number of connections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat rates this as a Low impact since this requires high privileges to jeopardize the system. The management interface is normally internal/local only and not exposed externally.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-4029"
},
{
"category": "external",
"summary": "RHBZ#2278615",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278615"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-4029",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4029"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-4029",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-4029"
}
],
"release_date": "2024-05-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-14T18:01:49+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8076"
},
{
"category": "workaround",
"details": "Currently there is no available mitigation for this vulnerability. Please make sure to perform updates as they become available.",
"product_ids": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS)"
},
{
"cve": "CVE-2024-4068",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2024-05-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2280600"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the NPM package `braces.` It fails to limit the number of characters it can handle, which could lead to memory exhaustion. In `lib/parse.js,` if a malicious user sends \"imbalanced braces\" as input, the parsing will enter a loop, causing the program to start allocating heap memory without freeing it at any moment of the loop. Eventually, the JavaScript heap limit is reached, and the program will crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "braces: fails to limit the number of characters it can handle",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-4068"
},
{
"category": "external",
"summary": "RHBZ#2280600",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2280600"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-4068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4068"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-4068",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-4068"
},
{
"category": "external",
"summary": "https://devhub.checkmarx.com/cve-details/CVE-2024-4068/",
"url": "https://devhub.checkmarx.com/cve-details/CVE-2024-4068/"
},
{
"category": "external",
"summary": "https://github.com/micromatch/braces/blob/98414f9f1fabe021736e26836d8306d5de747e0d/lib/parse.js#L308",
"url": "https://github.com/micromatch/braces/blob/98414f9f1fabe021736e26836d8306d5de747e0d/lib/parse.js#L308"
},
{
"category": "external",
"summary": "https://github.com/micromatch/braces/issues/35",
"url": "https://github.com/micromatch/braces/issues/35"
}
],
"release_date": "2024-03-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-14T18:01:49+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8076"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "braces: fails to limit the number of characters it can handle"
}
]
}
RHSA-2024:8077
Vulnerability from csaf_redhat - Published: 2024-10-14 18:01 - Updated: 2026-05-27 16:05Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.19 Security update
Severity
Important
Notes
Topic: An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.19 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.18, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.19 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* braces: fails to limit the number of characters it can handle [eap-7.4.z] (CVE-2024-4068)
* jose4j: denial of service via specially crafted JWE [eap-7.4.z] (CVE-2023-51775)
* wildfly-domain-http: wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS) [eap-7.4.z] (CVE-2024-4029)
* xalan: integer truncation issue in Xalan-J (JAXP, 8285407) [eap-7.4.z] (CVE-2022-34169)
* org.jsoup/jsoup: The jsoup cleaner may incorrectly sanitize crafted XSS attempts if SafeList.preserveRelativeLinks is enabled [eap-7.4.z] (CVE-2022-36033)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.
7.5 (High)
Affected products
Fixed
40 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.src | — |
Vendor Fix
fix
|
Threats
Impact
Important
A flaw was found in jsoup, a Java HTML parser built for HTML editing, cleaning, scraping, and Cross-site scripting (XSS) safety. An issue in jsoup may incorrectly sanitize HTML, including `javascript:` URL expressions, which could allow XSS attacks when a reader subsequently clicks that link. If the non-default `SafeList.preserveRelativeLinks` option is enabled, HTML, including `javascript:` URLs crafted with control characters, will not be sanitized. If the site that this HTML is published on does not set a Content Security Policy, an XSS attack is possible.
6.1 (Medium)
Affected products
Fixed
40 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.src | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the jose.4.j (jose4j) library. The JWE key management algorithms based on PBKDF2 require a JOSE Header Parameter called p2c (PBES2 Count). This parameter dictates the number of PBKDF2 iterations needed to derive a CEK wrapping key. Its primary purpose is to intentionally slow down the key derivation function, making password brute-force and dictionary attacks more resource-intensive. However, if an attacker sets the p2c parameter in JWE to a large number, it can cause high computational consumption, resulting in a denial of service.
7.5 (High)
Affected products
Fixed
40 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A vulnerability was found in Wildfly’s management interface. Due to the lack of limitation of sockets for the management interface, it may be possible to cause a denial of service hitting the nofile limit as there is no possibility to configure or set a maximum number of connections.
4.1 (Medium)
Affected products
Fixed
40 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Low
A flaw was found in the NPM package `braces.` It fails to limit the number of characters it can handle, which could lead to memory exhaustion. In `lib/parse.js,` if a malicious user sends "imbalanced braces" as input, the parsing will enter a loop, causing the program to start allocating heap memory without freeing it at any moment of the loop. Eventually, the JavaScript heap limit is reached, and the program will crash.
7.5 (High)
Affected products
Fixed
40 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
References
45 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 9.\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.19 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.18, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.19 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* braces: fails to limit the number of characters it can handle [eap-7.4.z] (CVE-2024-4068)\n\n* jose4j: denial of service via specially crafted JWE [eap-7.4.z] (CVE-2023-51775)\n\n* wildfly-domain-http: wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS) [eap-7.4.z] (CVE-2024-4029)\n\n* xalan: integer truncation issue in Xalan-J (JAXP, 8285407) [eap-7.4.z] (CVE-2022-34169)\n\n* org.jsoup/jsoup: The jsoup cleaner may incorrectly sanitize crafted XSS attempts if SafeList.preserveRelativeLinks is enabled [eap-7.4.z] (CVE-2022-36033)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:8077",
"url": "https://access.redhat.com/errata/RHSA-2024:8077"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4",
"url": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/index",
"url": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/index"
},
{
"category": "external",
"summary": "2108554",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108554"
},
{
"category": "external",
"summary": "2127078",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2127078"
},
{
"category": "external",
"summary": "2266921",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2266921"
},
{
"category": "external",
"summary": "2278615",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278615"
},
{
"category": "external",
"summary": "2280600",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2280600"
},
{
"category": "external",
"summary": "JBEAP-27051",
"url": "https://issues.redhat.com/browse/JBEAP-27051"
},
{
"category": "external",
"summary": "JBEAP-27357",
"url": "https://issues.redhat.com/browse/JBEAP-27357"
},
{
"category": "external",
"summary": "JBEAP-27548",
"url": "https://issues.redhat.com/browse/JBEAP-27548"
},
{
"category": "external",
"summary": "JBEAP-27613",
"url": "https://issues.redhat.com/browse/JBEAP-27613"
},
{
"category": "external",
"summary": "JBEAP-27658",
"url": "https://issues.redhat.com/browse/JBEAP-27658"
},
{
"category": "external",
"summary": "JBEAP-27700",
"url": "https://issues.redhat.com/browse/JBEAP-27700"
},
{
"category": "external",
"summary": "JBEAP-27701",
"url": "https://issues.redhat.com/browse/JBEAP-27701"
},
{
"category": "external",
"summary": "JBEAP-27713",
"url": "https://issues.redhat.com/browse/JBEAP-27713"
},
{
"category": "external",
"summary": "JBEAP-27714",
"url": "https://issues.redhat.com/browse/JBEAP-27714"
},
{
"category": "external",
"summary": "JBEAP-27715",
"url": "https://issues.redhat.com/browse/JBEAP-27715"
},
{
"category": "external",
"summary": "JBEAP-27746",
"url": "https://issues.redhat.com/browse/JBEAP-27746"
},
{
"category": "external",
"summary": "JBEAP-27747",
"url": "https://issues.redhat.com/browse/JBEAP-27747"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8077.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.19 Security update",
"tracking": {
"current_release_date": "2026-05-27T16:05:59+00:00",
"generator": {
"date": "2026-05-27T16:05:59+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHSA-2024:8077",
"initial_release_date": "2024-10-14T18:01:43+00:00",
"revision_history": [
{
"date": "2024-10-14T18:01:43+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-10-14T18:01:43+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-27T16:05:59+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss EAP 7.4 for RHEL 9",
"product": {
"name": "Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow-jastow@2.0.15-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.3.24-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.src",
"product": {
"name": "eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.src",
"product_id": "eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-xalan-j2@2.7.1-37.redhat_00015.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.src",
"product": {
"name": "eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.src",
"product_id": "eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jsoup@1.15.4-1.redhat_00003.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.src",
"product_id": "eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-validator@6.0.23-2.SP1_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"product_id": "eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-cert-helper@1.1.3-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.55-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jbossws-cxf@5.4.12-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar@1.5.18-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"product_id": "eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-insights-java-client@1.1.3-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.src",
"product": {
"name": "eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.src",
"product_id": "eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-39.Final_redhat_00039.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.src",
"product": {
"name": "eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.src",
"product_id": "eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.4.19-1.GA_redhat_00002.1.el9eap?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow-jastow@2.0.15-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.3.24-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.noarch",
"product": {
"name": "eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.noarch",
"product_id": "eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-xalan-j2@2.7.1-37.redhat_00015.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.noarch",
"product": {
"name": "eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.noarch",
"product_id": "eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jsoup@1.15.4-1.redhat_00003.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-validator@6.0.23-2.SP1_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-validator-cdi@6.0.23-2.SP1_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.55-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jbossws-cxf@5.4.12-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar@1.5.18-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-api@1.5.18-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-impl@1.5.18-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-spi@1.5.18-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-core-api@1.5.18-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-core-impl@1.5.18-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-deployers-common@1.5.18-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-jdbc@1.5.18-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-validator@1.5.18-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-insights-java-client@1.1.3-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"product_id": "eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-39.Final_redhat_00039.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"product_id": "eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-cli@1.10.0-39.Final_redhat_00039.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"product_id": "eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-core@1.10.0-39.Final_redhat_00039.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"product_id": "eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.4.19-1.GA_redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"product_id": "eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk11@7.4.19-1.GA_redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"product_id": "eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk17@7.4.19-1.GA_redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"product_id": "eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk8@7.4.19-1.GA_redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"product_id": "eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.4.19-1.GA_redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"product_id": "eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.4.19-1.GA_redhat_00002.1.el9eap?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"product": {
"name": "eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"product_id": "eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-cert-helper@1.1.3-1.redhat_00001.1.el9eap?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64 as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64"
},
"product_reference": "eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.src"
},
"product_reference": "eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.noarch"
},
"product_reference": "eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.src"
},
"product_reference": "eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.src"
},
"product_reference": "eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.noarch"
},
"product_reference": "eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.src"
},
"product_reference": "eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-34169",
"cwe": {
"id": "CWE-192",
"name": "Integer Coercion Error"
},
"discovery_date": "2022-07-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2108554"
}
],
"notes": [
{
"category": "description",
"text": "The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-34169"
},
{
"category": "external",
"summary": "RHBZ#2108554",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108554"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-34169",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34169"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-34169",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34169"
}
],
"release_date": "2022-07-19T20:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-14T18:01:43+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8077"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)"
},
{
"cve": "CVE-2022-36033",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2022-09-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2127078"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jsoup, a Java HTML parser built for HTML editing, cleaning, scraping, and Cross-site scripting (XSS) safety. An issue in jsoup may incorrectly sanitize HTML, including `javascript:` URL expressions, which could allow XSS attacks when a reader subsequently clicks that link. If the non-default `SafeList.preserveRelativeLinks` option is enabled, HTML, including `javascript:` URLs crafted with control characters, will not be sanitized. If the site that this HTML is published on does not set a Content Security Policy, an XSS attack is possible.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jsoup: The jsoup cleaner may incorrectly sanitize crafted XSS attempts if SafeList.preserveRelativeLinks is enabled",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-36033"
},
{
"category": "external",
"summary": "RHBZ#2127078",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2127078"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-36033",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36033"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-36033",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-36033"
}
],
"release_date": "2022-08-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-14T18:01:43+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8077"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jsoup: The jsoup cleaner may incorrectly sanitize crafted XSS attempts if SafeList.preserveRelativeLinks is enabled"
},
{
"cve": "CVE-2023-51775",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-02-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2266921"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the jose.4.j (jose4j) library. The JWE key management algorithms based on PBKDF2 require a JOSE Header Parameter called p2c (PBES2 Count). This parameter dictates the number of PBKDF2 iterations needed to derive a CEK wrapping key. Its primary purpose is to intentionally slow down the key derivation function, making password brute-force and dictionary attacks more resource-intensive. However, if an attacker sets the p2c parameter in JWE to a large number, it can cause high computational consumption, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jose4j: denial of service via specially crafted JWE",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The vulnerability in the jose4j library, where the \"p2c\" parameter in PBKDF2-based JWE key management algorithms can be manipulated to induce high computational consumption, is classified as moderate severity due to its potential impact on service availability and resource exhaustion. By setting a large value for \"p2c\", an attacker can force the server to perform an excessive number of PBKDF2 iterations during key derivation. This results in increased CPU and memory usage, potentially leading to degraded performance or temporary denial of service.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-51775"
},
{
"category": "external",
"summary": "RHBZ#2266921",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2266921"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-51775",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51775"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-51775",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-51775"
}
],
"release_date": "2024-02-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-14T18:01:43+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8077"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jose4j: denial of service via specially crafted JWE"
},
{
"cve": "CVE-2024-4029",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2024-04-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2278615"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Wildfly\u2019s management interface. Due to the lack of limitation of sockets for the management interface, it may be possible to cause a denial of service hitting the nofile limit as there is no possibility to configure or set a maximum number of connections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat rates this as a Low impact since this requires high privileges to jeopardize the system. The management interface is normally internal/local only and not exposed externally.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-4029"
},
{
"category": "external",
"summary": "RHBZ#2278615",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278615"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-4029",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4029"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-4029",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-4029"
}
],
"release_date": "2024-05-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-14T18:01:43+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8077"
},
{
"category": "workaround",
"details": "Currently there is no available mitigation for this vulnerability. Please make sure to perform updates as they become available.",
"product_ids": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS)"
},
{
"cve": "CVE-2024-4068",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2024-05-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2280600"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the NPM package `braces.` It fails to limit the number of characters it can handle, which could lead to memory exhaustion. In `lib/parse.js,` if a malicious user sends \"imbalanced braces\" as input, the parsing will enter a loop, causing the program to start allocating heap memory without freeing it at any moment of the loop. Eventually, the JavaScript heap limit is reached, and the program will crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "braces: fails to limit the number of characters it can handle",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-4068"
},
{
"category": "external",
"summary": "RHBZ#2280600",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2280600"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-4068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4068"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-4068",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-4068"
},
{
"category": "external",
"summary": "https://devhub.checkmarx.com/cve-details/CVE-2024-4068/",
"url": "https://devhub.checkmarx.com/cve-details/CVE-2024-4068/"
},
{
"category": "external",
"summary": "https://github.com/micromatch/braces/blob/98414f9f1fabe021736e26836d8306d5de747e0d/lib/parse.js#L308",
"url": "https://github.com/micromatch/braces/blob/98414f9f1fabe021736e26836d8306d5de747e0d/lib/parse.js#L308"
},
{
"category": "external",
"summary": "https://github.com/micromatch/braces/issues/35",
"url": "https://github.com/micromatch/braces/issues/35"
}
],
"release_date": "2024-03-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-14T18:01:43+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8077"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "braces: fails to limit the number of characters it can handle"
}
]
}
SUSE-SU-2024:3771-1
Vulnerability from csaf_suse - Published: 2024-10-29 12:55 - Updated: 2024-10-29 12:55Summary
Security update for pgadmin4
Severity
Important
Notes
Title of the patch: Security update for pgadmin4
Description of the patch: This update for pgadmin4 fixes the following issues:
- CVE-2024-38355: Fixed socket.io: unhandled 'error' event (bsc#1226967)
- CVE-2024-38998: Fixed requirejs: prototype pollution via function config (bsc#1227248)
- CVE-2024-38999: Fixed requirejs: prototype pollution via function s.contexts._.configure (bsc#1227252)
- CVE-2024-39338: Fixed axios: server-side request forgery due to requests for path relative URLs being processed as protocol relative URLs in axios (bsc#1229423)
- CVE-2024-4067: Fixed micromatch: vulnerable to Regular Expression Denial of Service (ReDoS) (bsc#1224366)
- CVE-2024-4068: Fixed braces: fails to limit the number of characters it can handle, which could lead to Memory Exhaustion (bsc#1224295)
- CVE-2024-43788: Fixed webpack: DOM clobbering gadget in AutoPublicPathRuntimeModule could lead to XSS (bsc#1229861)
- CVE-2024-48948: Fixed elliptic: ECDSA signature verification error due to leading zero may reject legitimate transactions in elliptic (bsc#1231684)
- CVE-2024-48949: Fixed elliptic: Missing Validation in Elliptic's EDDSA Signature Verification (bsc#1231564)
- CVE-2024-9014: Fixed OAuth2 issue that could lead to information leak (bsc#1230928)
Patchnames: SUSE-2024-3771,SUSE-SLE-Module-Python3-15-SP6-2024-3771,openSUSE-SLE-15.6-2024-3771
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.5 (High)
Affected products
Recommended
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch | — |
Vendor Fix
|
Threats
Impact
important
8.6 (High)
Affected products
Recommended
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch | — |
Vendor Fix
|
Threats
Impact
important
8.6 (High)
Affected products
Recommended
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch | — |
Vendor Fix
|
Threats
Impact
important
7.4 (High)
Affected products
Recommended
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch | — |
Vendor Fix
|
Threats
Impact
important
6.5 (Medium)
Affected products
Recommended
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch | — |
Vendor Fix
|
Threats
Impact
moderate
4.8 (Medium)
Affected products
Recommended
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch | — |
Vendor Fix
|
Threats
Impact
moderate
8.2 (High)
Affected products
Recommended
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch | — |
Vendor Fix
|
Threats
Impact
important
References
44 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for pgadmin4",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for pgadmin4 fixes the following issues:\n\n- CVE-2024-38355: Fixed socket.io: unhandled \u0027error\u0027 event (bsc#1226967)\n- CVE-2024-38998: Fixed requirejs: prototype pollution via function config (bsc#1227248)\n- CVE-2024-38999: Fixed requirejs: prototype pollution via function s.contexts._.configure (bsc#1227252)\n- CVE-2024-39338: Fixed axios: server-side request forgery due to requests for path relative URLs being processed as protocol relative URLs in axios (bsc#1229423)\n- CVE-2024-4067: Fixed micromatch: vulnerable to Regular Expression Denial of Service (ReDoS) (bsc#1224366)\n- CVE-2024-4068: Fixed braces: fails to limit the number of characters it can handle, which could lead to Memory Exhaustion (bsc#1224295)\n- CVE-2024-43788: Fixed webpack: DOM clobbering gadget in AutoPublicPathRuntimeModule could lead to XSS (bsc#1229861)\n- CVE-2024-48948: Fixed elliptic: ECDSA signature verification error due to leading zero may reject legitimate transactions in elliptic (bsc#1231684)\n- CVE-2024-48949: Fixed elliptic: Missing Validation in Elliptic\u0027s EDDSA Signature Verification (bsc#1231564)\n- CVE-2024-9014: Fixed OAuth2 issue that could lead to information leak (bsc#1230928)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2024-3771,SUSE-SLE-Module-Python3-15-SP6-2024-3771,openSUSE-SLE-15.6-2024-3771",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_3771-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2024:3771-1",
"url": "https://www.suse.com/support/update/announcement/2024/suse-su-20243771-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2024:3771-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019689.html"
},
{
"category": "self",
"summary": "SUSE Bug 1224295",
"url": "https://bugzilla.suse.com/1224295"
},
{
"category": "self",
"summary": "SUSE Bug 1224366",
"url": "https://bugzilla.suse.com/1224366"
},
{
"category": "self",
"summary": "SUSE Bug 1226967",
"url": "https://bugzilla.suse.com/1226967"
},
{
"category": "self",
"summary": "SUSE Bug 1227248",
"url": "https://bugzilla.suse.com/1227248"
},
{
"category": "self",
"summary": "SUSE Bug 1227252",
"url": "https://bugzilla.suse.com/1227252"
},
{
"category": "self",
"summary": "SUSE Bug 1229423",
"url": "https://bugzilla.suse.com/1229423"
},
{
"category": "self",
"summary": "SUSE Bug 1229861",
"url": "https://bugzilla.suse.com/1229861"
},
{
"category": "self",
"summary": "SUSE Bug 1230928",
"url": "https://bugzilla.suse.com/1230928"
},
{
"category": "self",
"summary": "SUSE Bug 1231564",
"url": "https://bugzilla.suse.com/1231564"
},
{
"category": "self",
"summary": "SUSE Bug 1231684",
"url": "https://bugzilla.suse.com/1231684"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38355 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38355/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38998 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38998/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38999 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38999/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-39338 page",
"url": "https://www.suse.com/security/cve/CVE-2024-39338/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-4067 page",
"url": "https://www.suse.com/security/cve/CVE-2024-4067/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-4068 page",
"url": "https://www.suse.com/security/cve/CVE-2024-4068/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-43788 page",
"url": "https://www.suse.com/security/cve/CVE-2024-43788/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-48948 page",
"url": "https://www.suse.com/security/cve/CVE-2024-48948/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-48949 page",
"url": "https://www.suse.com/security/cve/CVE-2024-48949/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-9014 page",
"url": "https://www.suse.com/security/cve/CVE-2024-9014/"
}
],
"title": "Security update for pgadmin4",
"tracking": {
"current_release_date": "2024-10-29T12:55:34Z",
"generator": {
"date": "2024-10-29T12:55:34Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2024:3771-1",
"initial_release_date": "2024-10-29T12:55:34Z",
"revision_history": [
{
"date": "2024-10-29T12:55:34Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "pgadmin4-8.5-150600.3.6.1.noarch",
"product": {
"name": "pgadmin4-8.5-150600.3.6.1.noarch",
"product_id": "pgadmin4-8.5-150600.3.6.1.noarch"
}
},
{
"category": "product_version",
"name": "pgadmin4-cloud-8.5-150600.3.6.1.noarch",
"product": {
"name": "pgadmin4-cloud-8.5-150600.3.6.1.noarch",
"product_id": "pgadmin4-cloud-8.5-150600.3.6.1.noarch"
}
},
{
"category": "product_version",
"name": "pgadmin4-desktop-8.5-150600.3.6.1.noarch",
"product": {
"name": "pgadmin4-desktop-8.5-150600.3.6.1.noarch",
"product_id": "pgadmin4-desktop-8.5-150600.3.6.1.noarch"
}
},
{
"category": "product_version",
"name": "pgadmin4-doc-8.5-150600.3.6.1.noarch",
"product": {
"name": "pgadmin4-doc-8.5-150600.3.6.1.noarch",
"product_id": "pgadmin4-doc-8.5-150600.3.6.1.noarch"
}
},
{
"category": "product_version",
"name": "pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch",
"product": {
"name": "pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch",
"product_id": "pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch"
}
},
{
"category": "product_version",
"name": "system-user-pgadmin-8.5-150600.3.6.1.noarch",
"product": {
"name": "system-user-pgadmin-8.5-150600.3.6.1.noarch",
"product_id": "system-user-pgadmin-8.5-150600.3.6.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Python 3 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Module for Python 3 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Python 3 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-python3:15:sp6"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "pgadmin4-8.5-150600.3.6.1.noarch as component of SUSE Linux Enterprise Module for Python 3 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch"
},
"product_reference": "pgadmin4-8.5-150600.3.6.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Python 3 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pgadmin4-doc-8.5-150600.3.6.1.noarch as component of SUSE Linux Enterprise Module for Python 3 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch"
},
"product_reference": "pgadmin4-doc-8.5-150600.3.6.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Python 3 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "system-user-pgadmin-8.5-150600.3.6.1.noarch as component of SUSE Linux Enterprise Module for Python 3 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch"
},
"product_reference": "system-user-pgadmin-8.5-150600.3.6.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Python 3 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pgadmin4-8.5-150600.3.6.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch"
},
"product_reference": "pgadmin4-8.5-150600.3.6.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pgadmin4-cloud-8.5-150600.3.6.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch"
},
"product_reference": "pgadmin4-cloud-8.5-150600.3.6.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pgadmin4-desktop-8.5-150600.3.6.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch"
},
"product_reference": "pgadmin4-desktop-8.5-150600.3.6.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pgadmin4-doc-8.5-150600.3.6.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch"
},
"product_reference": "pgadmin4-doc-8.5-150600.3.6.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch"
},
"product_reference": "pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "system-user-pgadmin-8.5-150600.3.6.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch"
},
"product_reference": "system-user-pgadmin-8.5-150600.3.6.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-38355",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38355"
}
],
"notes": [
{
"category": "general",
"text": "Socket.IO is an open source, real-time, bidirectional, event-based, communication framework. A specially crafted Socket.IO packet can trigger an uncaught exception on the Socket.IO server, thus killing the Node.js process. This issue is fixed by commit `15af22fc22` which has been included in `socket.io@4.6.2` (released in May 2023). The fix was backported in the 2.x branch as well with commit `d30630ba10`. Users are advised to upgrade. Users unable to upgrade may attach a listener for the \"error\" event to catch these errors.\n",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38355",
"url": "https://www.suse.com/security/cve/CVE-2024-38355"
},
{
"category": "external",
"summary": "SUSE Bug 1226965 for CVE-2024-38355",
"url": "https://bugzilla.suse.com/1226965"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-10-29T12:55:34Z",
"details": "important"
}
],
"title": "CVE-2024-38355"
},
{
"cve": "CVE-2024-38998",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38998"
}
],
"notes": [
{
"category": "general",
"text": "DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38998",
"url": "https://www.suse.com/security/cve/CVE-2024-38998"
},
{
"category": "external",
"summary": "SUSE Bug 1227247 for CVE-2024-38998",
"url": "https://bugzilla.suse.com/1227247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-10-29T12:55:34Z",
"details": "important"
}
],
"title": "CVE-2024-38998"
},
{
"cve": "CVE-2024-38999",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38999"
}
],
"notes": [
{
"category": "general",
"text": "jrburke requirejs v2.3.6 was discovered to contain a prototype pollution via the function s.contexts._.configure. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38999",
"url": "https://www.suse.com/security/cve/CVE-2024-38999"
},
{
"category": "external",
"summary": "SUSE Bug 1227251 for CVE-2024-38999",
"url": "https://bugzilla.suse.com/1227251"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-10-29T12:55:34Z",
"details": "important"
}
],
"title": "CVE-2024-38999"
},
{
"cve": "CVE-2024-39338",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-39338"
}
],
"notes": [
{
"category": "general",
"text": "axios 1.7.2 allows SSRF via unexpected behavior where requests for path relative URLs get processed as protocol relative URLs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-39338",
"url": "https://www.suse.com/security/cve/CVE-2024-39338"
},
{
"category": "external",
"summary": "SUSE Bug 1229421 for CVE-2024-39338",
"url": "https://bugzilla.suse.com/1229421"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-10-29T12:55:34Z",
"details": "important"
}
],
"title": "CVE-2024-39338"
},
{
"cve": "CVE-2024-4067",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-4067"
}
],
"notes": [
{
"category": "general",
"text": "The NPM package `micromatch` prior to 4.0.8 is vulnerable to Regular Expression Denial of Service (ReDoS). The vulnerability occurs in `micromatch.braces()` in `index.js` because the pattern `.*` will greedily match anything. By passing a malicious payload, the pattern matching will keep backtracking to the input while it doesn\u0027t find the closing bracket. As the input size increases, the consumption time will also increase until it causes the application to hang or slow down. There was a merged fix but further testing shows the issue persists. This issue should be mitigated by using a safe pattern that won\u0027t start backtracking the regular expression due to greedy matching. This issue was fixed in version 4.0.8.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-4067",
"url": "https://www.suse.com/security/cve/CVE-2024-4067"
},
{
"category": "external",
"summary": "SUSE Bug 1224255 for CVE-2024-4067",
"url": "https://bugzilla.suse.com/1224255"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-10-29T12:55:34Z",
"details": "important"
}
],
"title": "CVE-2024-4067"
},
{
"cve": "CVE-2024-4068",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-4068"
}
],
"notes": [
{
"category": "general",
"text": "The NPM package `braces`, versions prior to 3.0.3, fails to limit the number of characters it can handle, which could lead to Memory Exhaustion. In `lib/parse.js,` if a malicious user sends \"imbalanced braces\" as input, the parsing will enter a loop, which will cause the program to start allocating heap memory without freeing it at any moment of the loop. Eventually, the JavaScript heap limit is reached, and the program will crash.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-4068",
"url": "https://www.suse.com/security/cve/CVE-2024-4068"
},
{
"category": "external",
"summary": "SUSE Bug 1224256 for CVE-2024-4068",
"url": "https://bugzilla.suse.com/1224256"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-10-29T12:55:34Z",
"details": "important"
}
],
"title": "CVE-2024-4068"
},
{
"cve": "CVE-2024-43788",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-43788"
}
],
"notes": [
{
"category": "general",
"text": "Webpack is a module bundler. Its main purpose is to bundle JavaScript files for usage in a browser, yet it is also capable of transforming, bundling, or packaging just about any resource or asset. The webpack developers have discovered a DOM Clobbering vulnerability in Webpack\u0027s `AutoPublicPathRuntimeModule`. The DOM Clobbering gadget in the module can lead to cross-site scripting (XSS) in web pages where scriptless attacker-controlled HTML elements (e.g., an `img` tag with an unsanitized `name` attribute) are present. Real-world exploitation of this gadget has been observed in the Canvas LMS which allows a XSS attack to happen through a javascript code compiled by Webpack (the vulnerable part is from Webpack). DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script, seemingly benign HTML markups in the webpage (e.g. through a post or comment) and leverages the gadgets (pieces of js code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or id attributes. This issue has been addressed in release version 5.94.0. All users are advised to upgrade. There are no known workarounds for this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-43788",
"url": "https://www.suse.com/security/cve/CVE-2024-43788"
},
{
"category": "external",
"summary": "SUSE Bug 1229860 for CVE-2024-43788",
"url": "https://bugzilla.suse.com/1229860"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-10-29T12:55:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-43788"
},
{
"cve": "CVE-2024-48948",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-48948"
}
],
"notes": [
{
"category": "general",
"text": "The Elliptic package 6.5.7 for Node.js, in its for ECDSA implementation, does not correctly verify valid signatures if the hash contains at least four leading 0 bytes and when the order of the elliptic curve\u0027s base point is smaller than the hash, because of an _truncateToN anomaly. This leads to valid signatures being rejected. Legitimate transactions or communications may be incorrectly flagged as invalid.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-48948",
"url": "https://www.suse.com/security/cve/CVE-2024-48948"
},
{
"category": "external",
"summary": "SUSE Bug 1231681 for CVE-2024-48948",
"url": "https://bugzilla.suse.com/1231681"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-10-29T12:55:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-48948"
},
{
"cve": "CVE-2024-48949",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-48949"
}
],
"notes": [
{
"category": "general",
"text": "The verify function in lib/elliptic/eddsa/index.js in the Elliptic package before 6.5.6 for Node.js omits \"sig.S().gte(sig.eddsa.curve.n) || sig.S().isNeg()\" validation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-48949",
"url": "https://www.suse.com/security/cve/CVE-2024-48949"
},
{
"category": "external",
"summary": "SUSE Bug 1231557 for CVE-2024-48949",
"url": "https://bugzilla.suse.com/1231557"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-10-29T12:55:34Z",
"details": "important"
}
],
"title": "CVE-2024-48949"
},
{
"cve": "CVE-2024-9014",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-9014"
}
],
"notes": [
{
"category": "general",
"text": "pgAdmin versions 8.11 and earlier are vulnerable to a security flaw in OAuth2 authentication. This vulnerability allows an attacker to potentially obtain the client ID and secret, leading to unauthorized access to user data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-9014",
"url": "https://www.suse.com/security/cve/CVE-2024-9014"
},
{
"category": "external",
"summary": "SUSE Bug 1230928 for CVE-2024-9014",
"url": "https://bugzilla.suse.com/1230928"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-10-29T12:55:34Z",
"details": "important"
}
],
"title": "CVE-2024-9014"
}
]
}
SUSE-SU-2025:01326-1
Vulnerability from csaf_suse - Published: 2025-08-14 13:03 - Updated: 2025-08-14 13:03Summary
Security update for pgadmin4
Severity
Important
Notes
Title of the patch: Security update for pgadmin4
Description of the patch: This update for pgadmin4 fixes the following issues:
- CVE-2025-27152: Fixed SSRF and creadential leakage due to requests sent to absolute URL even when baseURL is set (bsc#1239308)
- CVE-2023-1907: Fixed an issue which could result in users being authenticated in another user's session if two users authenticate simultaneously via ldap (bsc#1234840)
- CVE-2024-4068: Fixed a possible memory exhaustion (bsc#1224295)
Patchnames: SUSE-2025-1326,SUSE-SLE-Module-Python3-15-SP6-2025-1326
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.1 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-4.30-150300.3.18.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-web-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-4.30-150300.3.18.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-web-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-4.30-150300.3.18.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-web-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
Threats
Impact
important
References
16 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for pgadmin4",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for pgadmin4 fixes the following issues:\n\n- CVE-2025-27152: Fixed SSRF and creadential leakage due to requests sent to absolute URL even when baseURL is set (bsc#1239308)\n- CVE-2023-1907: Fixed an issue which could result in users being authenticated in another user\u0027s session if two users authenticate simultaneously via ldap (bsc#1234840)\n- CVE-2024-4068: Fixed a possible memory exhaustion (bsc#1224295)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-1326,SUSE-SLE-Module-Python3-15-SP6-2025-1326",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_01326-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:01326-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501326-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:01326-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-August/041215.html"
},
{
"category": "self",
"summary": "SUSE Bug 1224295",
"url": "https://bugzilla.suse.com/1224295"
},
{
"category": "self",
"summary": "SUSE Bug 1234840",
"url": "https://bugzilla.suse.com/1234840"
},
{
"category": "self",
"summary": "SUSE Bug 1239308",
"url": "https://bugzilla.suse.com/1239308"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-1907 page",
"url": "https://www.suse.com/security/cve/CVE-2023-1907/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-4068 page",
"url": "https://www.suse.com/security/cve/CVE-2024-4068/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-27152 page",
"url": "https://www.suse.com/security/cve/CVE-2025-27152/"
}
],
"title": "Security update for pgadmin4",
"tracking": {
"current_release_date": "2025-08-14T13:03:13Z",
"generator": {
"date": "2025-08-14T13:03:13Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:01326-1",
"initial_release_date": "2025-08-14T13:03:13Z",
"revision_history": [
{
"date": "2025-08-14T13:03:13Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "pgadmin4-4.30-150300.3.18.1.aarch64",
"product": {
"name": "pgadmin4-4.30-150300.3.18.1.aarch64",
"product_id": "pgadmin4-4.30-150300.3.18.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "pgadmin4-4.30-150300.3.18.1.i586",
"product": {
"name": "pgadmin4-4.30-150300.3.18.1.i586",
"product_id": "pgadmin4-4.30-150300.3.18.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "pgadmin4-doc-4.30-150300.3.18.1.noarch",
"product": {
"name": "pgadmin4-doc-4.30-150300.3.18.1.noarch",
"product_id": "pgadmin4-doc-4.30-150300.3.18.1.noarch"
}
},
{
"category": "product_version",
"name": "pgadmin4-web-4.30-150300.3.18.1.noarch",
"product": {
"name": "pgadmin4-web-4.30-150300.3.18.1.noarch",
"product_id": "pgadmin4-web-4.30-150300.3.18.1.noarch"
}
},
{
"category": "product_version",
"name": "pgadmin4-web-uwsgi-4.30-150300.3.18.1.noarch",
"product": {
"name": "pgadmin4-web-uwsgi-4.30-150300.3.18.1.noarch",
"product_id": "pgadmin4-web-uwsgi-4.30-150300.3.18.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "pgadmin4-4.30-150300.3.18.1.ppc64le",
"product": {
"name": "pgadmin4-4.30-150300.3.18.1.ppc64le",
"product_id": "pgadmin4-4.30-150300.3.18.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "pgadmin4-4.30-150300.3.18.1.s390x",
"product": {
"name": "pgadmin4-4.30-150300.3.18.1.s390x",
"product_id": "pgadmin4-4.30-150300.3.18.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "pgadmin4-4.30-150300.3.18.1.x86_64",
"product": {
"name": "pgadmin4-4.30-150300.3.18.1.x86_64",
"product_id": "pgadmin4-4.30-150300.3.18.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Python 3 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Module for Python 3 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Python 3 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-python3:15:sp6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "pgadmin4-4.30-150300.3.18.1.s390x as component of SUSE Linux Enterprise Module for Python 3 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-4.30-150300.3.18.1.s390x"
},
"product_reference": "pgadmin4-4.30-150300.3.18.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Python 3 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pgadmin4-doc-4.30-150300.3.18.1.noarch as component of SUSE Linux Enterprise Module for Python 3 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-4.30-150300.3.18.1.noarch"
},
"product_reference": "pgadmin4-doc-4.30-150300.3.18.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Python 3 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pgadmin4-web-4.30-150300.3.18.1.noarch as component of SUSE Linux Enterprise Module for Python 3 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-web-4.30-150300.3.18.1.noarch"
},
"product_reference": "pgadmin4-web-4.30-150300.3.18.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Python 3 15 SP6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-1907",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-1907"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability was found in pgadmin. Users logging into pgAdmin running in server mode using LDAP authentication may be attached to another user\u0027s session if multiple connection attempts occur simultaneously.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-4.30-150300.3.18.1.s390x",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-web-4.30-150300.3.18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-1907",
"url": "https://www.suse.com/security/cve/CVE-2023-1907"
},
{
"category": "external",
"summary": "SUSE Bug 1234840 for CVE-2023-1907",
"url": "https://bugzilla.suse.com/1234840"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-4.30-150300.3.18.1.s390x",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-web-4.30-150300.3.18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-4.30-150300.3.18.1.s390x",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-web-4.30-150300.3.18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-14T13:03:13Z",
"details": "important"
}
],
"title": "CVE-2023-1907"
},
{
"cve": "CVE-2024-4068",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-4068"
}
],
"notes": [
{
"category": "general",
"text": "The NPM package `braces`, versions prior to 3.0.3, fails to limit the number of characters it can handle, which could lead to Memory Exhaustion. In `lib/parse.js,` if a malicious user sends \"imbalanced braces\" as input, the parsing will enter a loop, which will cause the program to start allocating heap memory without freeing it at any moment of the loop. Eventually, the JavaScript heap limit is reached, and the program will crash.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-4.30-150300.3.18.1.s390x",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-web-4.30-150300.3.18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-4068",
"url": "https://www.suse.com/security/cve/CVE-2024-4068"
},
{
"category": "external",
"summary": "SUSE Bug 1224256 for CVE-2024-4068",
"url": "https://bugzilla.suse.com/1224256"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-4.30-150300.3.18.1.s390x",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-web-4.30-150300.3.18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-4.30-150300.3.18.1.s390x",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-web-4.30-150300.3.18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-14T13:03:13Z",
"details": "important"
}
],
"title": "CVE-2024-4068"
},
{
"cve": "CVE-2025-27152",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-27152"
}
],
"notes": [
{
"category": "general",
"text": "axios is a promise based HTTP client for the browser and node.js. The issue occurs when passing absolute URLs rather than protocol-relative URLs to axios. Even if \u2060baseURL is set, axios sends the request to the specified absolute URL, potentially causing SSRF and credential leakage. This issue impacts both server-side and client-side usage of axios. This issue is fixed in 1.8.2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-4.30-150300.3.18.1.s390x",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-web-4.30-150300.3.18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-27152",
"url": "https://www.suse.com/security/cve/CVE-2025-27152"
},
{
"category": "external",
"summary": "SUSE Bug 1239305 for CVE-2025-27152",
"url": "https://bugzilla.suse.com/1239305"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-4.30-150300.3.18.1.s390x",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-web-4.30-150300.3.18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-4.30-150300.3.18.1.s390x",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-web-4.30-150300.3.18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-14T13:03:13Z",
"details": "important"
}
],
"title": "CVE-2025-27152"
}
]
}
SUSE-SU-2025:1326-1
Vulnerability from csaf_suse - Published: 2025-04-16 08:37 - Updated: 2025-04-16 08:37Summary
Security update for pgadmin4
Severity
Important
Notes
Title of the patch: Security update for pgadmin4
Description of the patch: This update for pgadmin4 fixes the following issues:
- CVE-2025-27152: Fixed SSRF and creadential leakage due to requests sent to absolute URL even when baseURL is set (bsc#1239308)
- CVE-2023-1907: Fixed an issue which could result in users being authenticated in another user's session if two users authenticate simultaneously via ldap (bsc#1234840)
- CVE-2024-4068: Fixed a possible memory exhaustion (bsc#1224295)
Patchnames: SUSE-2025-1326,SUSE-SLE-Module-Python3-15-SP6-2025-1326,SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-1326,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-1326,SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-1326,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-1326,SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-1326,SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-1326,SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-1326,SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-1326,SUSE-SLE-Product-SLES_SAP-15-SP3-2025-1326,SUSE-SLE-Product-SLES_SAP-15-SP4-2025-1326,SUSE-SLE-Product-SLES_SAP-15-SP5-2025-1326,SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-1326,SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-1326,SUSE-Storage-7.1-2025-1326
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.1 (High)
Affected products
Recommended
65 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 7.1:pgadmin4-4.30-150300.3.18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:pgadmin4-4.30-150300.3.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:pgadmin4-doc-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:pgadmin4-web-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pgadmin4-4.30-150300.3.18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pgadmin4-4.30-150300.3.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pgadmin4-doc-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pgadmin4-web-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pgadmin4-4.30-150300.3.18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pgadmin4-4.30-150300.3.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pgadmin4-doc-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pgadmin4-web-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pgadmin4-4.30-150300.3.18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pgadmin4-4.30-150300.3.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pgadmin4-doc-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pgadmin4-web-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pgadmin4-4.30-150300.3.18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pgadmin4-4.30-150300.3.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pgadmin4-doc-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pgadmin4-web-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pgadmin4-4.30-150300.3.18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pgadmin4-4.30-150300.3.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pgadmin4-doc-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pgadmin4-web-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-4.30-150300.3.18.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-web-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:pgadmin4-4.30-150300.3.18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:pgadmin4-4.30-150300.3.18.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:pgadmin4-4.30-150300.3.18.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:pgadmin4-4.30-150300.3.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:pgadmin4-doc-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:pgadmin4-web-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:pgadmin4-4.30-150300.3.18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:pgadmin4-4.30-150300.3.18.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:pgadmin4-4.30-150300.3.18.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:pgadmin4-4.30-150300.3.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:pgadmin4-doc-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:pgadmin4-web-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:pgadmin4-4.30-150300.3.18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:pgadmin4-4.30-150300.3.18.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:pgadmin4-4.30-150300.3.18.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:pgadmin4-4.30-150300.3.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:pgadmin4-doc-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:pgadmin4-web-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:pgadmin4-4.30-150300.3.18.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:pgadmin4-4.30-150300.3.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:pgadmin4-doc-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:pgadmin4-web-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:pgadmin4-4.30-150300.3.18.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:pgadmin4-4.30-150300.3.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:pgadmin4-doc-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:pgadmin4-web-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:pgadmin4-4.30-150300.3.18.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:pgadmin4-4.30-150300.3.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:pgadmin4-doc-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:pgadmin4-web-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.3:pgadmin4-4.30-150300.3.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.3:pgadmin4-doc-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.3:pgadmin4-web-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:pgadmin4-4.30-150300.3.18.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:pgadmin4-4.30-150300.3.18.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:pgadmin4-4.30-150300.3.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:pgadmin4-doc-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:pgadmin4-web-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
65 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 7.1:pgadmin4-4.30-150300.3.18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:pgadmin4-4.30-150300.3.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:pgadmin4-doc-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:pgadmin4-web-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pgadmin4-4.30-150300.3.18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pgadmin4-4.30-150300.3.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pgadmin4-doc-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pgadmin4-web-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pgadmin4-4.30-150300.3.18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pgadmin4-4.30-150300.3.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pgadmin4-doc-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pgadmin4-web-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pgadmin4-4.30-150300.3.18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pgadmin4-4.30-150300.3.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pgadmin4-doc-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pgadmin4-web-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pgadmin4-4.30-150300.3.18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pgadmin4-4.30-150300.3.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pgadmin4-doc-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pgadmin4-web-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pgadmin4-4.30-150300.3.18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pgadmin4-4.30-150300.3.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pgadmin4-doc-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pgadmin4-web-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-4.30-150300.3.18.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-web-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:pgadmin4-4.30-150300.3.18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:pgadmin4-4.30-150300.3.18.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:pgadmin4-4.30-150300.3.18.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:pgadmin4-4.30-150300.3.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:pgadmin4-doc-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:pgadmin4-web-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:pgadmin4-4.30-150300.3.18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:pgadmin4-4.30-150300.3.18.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:pgadmin4-4.30-150300.3.18.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:pgadmin4-4.30-150300.3.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:pgadmin4-doc-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:pgadmin4-web-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:pgadmin4-4.30-150300.3.18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:pgadmin4-4.30-150300.3.18.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:pgadmin4-4.30-150300.3.18.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:pgadmin4-4.30-150300.3.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:pgadmin4-doc-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:pgadmin4-web-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:pgadmin4-4.30-150300.3.18.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:pgadmin4-4.30-150300.3.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:pgadmin4-doc-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:pgadmin4-web-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:pgadmin4-4.30-150300.3.18.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:pgadmin4-4.30-150300.3.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:pgadmin4-doc-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:pgadmin4-web-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:pgadmin4-4.30-150300.3.18.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:pgadmin4-4.30-150300.3.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:pgadmin4-doc-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:pgadmin4-web-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.3:pgadmin4-4.30-150300.3.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.3:pgadmin4-doc-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.3:pgadmin4-web-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:pgadmin4-4.30-150300.3.18.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:pgadmin4-4.30-150300.3.18.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:pgadmin4-4.30-150300.3.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:pgadmin4-doc-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:pgadmin4-web-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
65 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 7.1:pgadmin4-4.30-150300.3.18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:pgadmin4-4.30-150300.3.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:pgadmin4-doc-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:pgadmin4-web-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pgadmin4-4.30-150300.3.18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pgadmin4-4.30-150300.3.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pgadmin4-doc-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pgadmin4-web-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pgadmin4-4.30-150300.3.18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pgadmin4-4.30-150300.3.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pgadmin4-doc-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pgadmin4-web-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pgadmin4-4.30-150300.3.18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pgadmin4-4.30-150300.3.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pgadmin4-doc-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pgadmin4-web-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pgadmin4-4.30-150300.3.18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pgadmin4-4.30-150300.3.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pgadmin4-doc-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pgadmin4-web-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pgadmin4-4.30-150300.3.18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pgadmin4-4.30-150300.3.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pgadmin4-doc-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pgadmin4-web-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-4.30-150300.3.18.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-web-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:pgadmin4-4.30-150300.3.18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:pgadmin4-4.30-150300.3.18.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:pgadmin4-4.30-150300.3.18.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:pgadmin4-4.30-150300.3.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:pgadmin4-doc-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:pgadmin4-web-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:pgadmin4-4.30-150300.3.18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:pgadmin4-4.30-150300.3.18.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:pgadmin4-4.30-150300.3.18.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:pgadmin4-4.30-150300.3.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:pgadmin4-doc-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:pgadmin4-web-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:pgadmin4-4.30-150300.3.18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:pgadmin4-4.30-150300.3.18.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:pgadmin4-4.30-150300.3.18.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:pgadmin4-4.30-150300.3.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:pgadmin4-doc-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:pgadmin4-web-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:pgadmin4-4.30-150300.3.18.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:pgadmin4-4.30-150300.3.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:pgadmin4-doc-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:pgadmin4-web-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:pgadmin4-4.30-150300.3.18.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:pgadmin4-4.30-150300.3.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:pgadmin4-doc-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:pgadmin4-web-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:pgadmin4-4.30-150300.3.18.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:pgadmin4-4.30-150300.3.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:pgadmin4-doc-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:pgadmin4-web-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.3:pgadmin4-4.30-150300.3.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.3:pgadmin4-doc-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.3:pgadmin4-web-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:pgadmin4-4.30-150300.3.18.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:pgadmin4-4.30-150300.3.18.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:pgadmin4-4.30-150300.3.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:pgadmin4-doc-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:pgadmin4-web-4.30-150300.3.18.1.noarch | — |
Vendor Fix
|
Threats
Impact
important
References
16 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for pgadmin4",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for pgadmin4 fixes the following issues:\n\n- CVE-2025-27152: Fixed SSRF and creadential leakage due to requests sent to absolute URL even when baseURL is set (bsc#1239308)\n- CVE-2023-1907: Fixed an issue which could result in users being authenticated in another user\u0027s session if two users authenticate simultaneously via ldap (bsc#1234840)\n- CVE-2024-4068: Fixed a possible memory exhaustion (bsc#1224295)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-1326,SUSE-SLE-Module-Python3-15-SP6-2025-1326,SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-1326,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-1326,SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-1326,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-1326,SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-1326,SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-1326,SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-1326,SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-1326,SUSE-SLE-Product-SLES_SAP-15-SP3-2025-1326,SUSE-SLE-Product-SLES_SAP-15-SP4-2025-1326,SUSE-SLE-Product-SLES_SAP-15-SP5-2025-1326,SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-1326,SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-1326,SUSE-Storage-7.1-2025-1326",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_1326-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:1326-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20251326-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:1326-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-April/039030.html"
},
{
"category": "self",
"summary": "SUSE Bug 1224295",
"url": "https://bugzilla.suse.com/1224295"
},
{
"category": "self",
"summary": "SUSE Bug 1234840",
"url": "https://bugzilla.suse.com/1234840"
},
{
"category": "self",
"summary": "SUSE Bug 1239308",
"url": "https://bugzilla.suse.com/1239308"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-1907 page",
"url": "https://www.suse.com/security/cve/CVE-2023-1907/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-4068 page",
"url": "https://www.suse.com/security/cve/CVE-2024-4068/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-27152 page",
"url": "https://www.suse.com/security/cve/CVE-2025-27152/"
}
],
"title": "Security update for pgadmin4",
"tracking": {
"current_release_date": "2025-04-16T08:37:10Z",
"generator": {
"date": "2025-04-16T08:37:10Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:1326-1",
"initial_release_date": "2025-04-16T08:37:10Z",
"revision_history": [
{
"date": "2025-04-16T08:37:10Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "pgadmin4-4.30-150300.3.18.1.aarch64",
"product": {
"name": "pgadmin4-4.30-150300.3.18.1.aarch64",
"product_id": "pgadmin4-4.30-150300.3.18.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "pgadmin4-4.30-150300.3.18.1.i586",
"product": {
"name": "pgadmin4-4.30-150300.3.18.1.i586",
"product_id": "pgadmin4-4.30-150300.3.18.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "pgadmin4-doc-4.30-150300.3.18.1.noarch",
"product": {
"name": "pgadmin4-doc-4.30-150300.3.18.1.noarch",
"product_id": "pgadmin4-doc-4.30-150300.3.18.1.noarch"
}
},
{
"category": "product_version",
"name": "pgadmin4-web-4.30-150300.3.18.1.noarch",
"product": {
"name": "pgadmin4-web-4.30-150300.3.18.1.noarch",
"product_id": "pgadmin4-web-4.30-150300.3.18.1.noarch"
}
},
{
"category": "product_version",
"name": "pgadmin4-web-uwsgi-4.30-150300.3.18.1.noarch",
"product": {
"name": "pgadmin4-web-uwsgi-4.30-150300.3.18.1.noarch",
"product_id": "pgadmin4-web-uwsgi-4.30-150300.3.18.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "pgadmin4-4.30-150300.3.18.1.ppc64le",
"product": {
"name": "pgadmin4-4.30-150300.3.18.1.ppc64le",
"product_id": "pgadmin4-4.30-150300.3.18.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "pgadmin4-4.30-150300.3.18.1.s390x",
"product": {
"name": "pgadmin4-4.30-150300.3.18.1.s390x",
"product_id": "pgadmin4-4.30-150300.3.18.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "pgadmin4-4.30-150300.3.18.1.x86_64",
"product": {
"name": "pgadmin4-4.30-150300.3.18.1.x86_64",
"product_id": "pgadmin4-4.30-150300.3.18.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Python 3 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Module for Python 3 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Python 3 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-python3:15:sp6"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Proxy 4.3",
"product": {
"name": "SUSE Manager Proxy 4.3",
"product_id": "SUSE Manager Proxy 4.3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-proxy:4.3"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Server 4.3",
"product": {
"name": "SUSE Manager Server 4.3",
"product_id": "SUSE Manager Server 4.3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-server:4.3"
}
}
},
{
"category": "product_name",
"name": "SUSE Enterprise Storage 7.1",
"product": {
"name": "SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:ses:7.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "pgadmin4-4.30-150300.3.18.1.s390x as component of SUSE Linux Enterprise Module for Python 3 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-4.30-150300.3.18.1.s390x"
},
"product_reference": "pgadmin4-4.30-150300.3.18.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Python 3 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pgadmin4-doc-4.30-150300.3.18.1.noarch as component of SUSE Linux Enterprise Module for Python 3 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-4.30-150300.3.18.1.noarch"
},
"product_reference": "pgadmin4-doc-4.30-150300.3.18.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Python 3 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pgadmin4-web-4.30-150300.3.18.1.noarch as component of SUSE Linux Enterprise Module for Python 3 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-web-4.30-150300.3.18.1.noarch"
},
"product_reference": "pgadmin4-web-4.30-150300.3.18.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Python 3 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pgadmin4-4.30-150300.3.18.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pgadmin4-4.30-150300.3.18.1.aarch64"
},
"product_reference": "pgadmin4-4.30-150300.3.18.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pgadmin4-4.30-150300.3.18.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pgadmin4-4.30-150300.3.18.1.x86_64"
},
"product_reference": "pgadmin4-4.30-150300.3.18.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pgadmin4-doc-4.30-150300.3.18.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pgadmin4-doc-4.30-150300.3.18.1.noarch"
},
"product_reference": "pgadmin4-doc-4.30-150300.3.18.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pgadmin4-web-4.30-150300.3.18.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pgadmin4-web-4.30-150300.3.18.1.noarch"
},
"product_reference": "pgadmin4-web-4.30-150300.3.18.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pgadmin4-4.30-150300.3.18.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pgadmin4-4.30-150300.3.18.1.aarch64"
},
"product_reference": "pgadmin4-4.30-150300.3.18.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pgadmin4-4.30-150300.3.18.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pgadmin4-4.30-150300.3.18.1.x86_64"
},
"product_reference": "pgadmin4-4.30-150300.3.18.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pgadmin4-doc-4.30-150300.3.18.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pgadmin4-doc-4.30-150300.3.18.1.noarch"
},
"product_reference": "pgadmin4-doc-4.30-150300.3.18.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pgadmin4-web-4.30-150300.3.18.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pgadmin4-web-4.30-150300.3.18.1.noarch"
},
"product_reference": "pgadmin4-web-4.30-150300.3.18.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pgadmin4-4.30-150300.3.18.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pgadmin4-4.30-150300.3.18.1.aarch64"
},
"product_reference": "pgadmin4-4.30-150300.3.18.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pgadmin4-4.30-150300.3.18.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pgadmin4-4.30-150300.3.18.1.x86_64"
},
"product_reference": "pgadmin4-4.30-150300.3.18.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pgadmin4-doc-4.30-150300.3.18.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pgadmin4-doc-4.30-150300.3.18.1.noarch"
},
"product_reference": "pgadmin4-doc-4.30-150300.3.18.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pgadmin4-web-4.30-150300.3.18.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pgadmin4-web-4.30-150300.3.18.1.noarch"
},
"product_reference": "pgadmin4-web-4.30-150300.3.18.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pgadmin4-4.30-150300.3.18.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pgadmin4-4.30-150300.3.18.1.aarch64"
},
"product_reference": "pgadmin4-4.30-150300.3.18.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pgadmin4-4.30-150300.3.18.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pgadmin4-4.30-150300.3.18.1.x86_64"
},
"product_reference": "pgadmin4-4.30-150300.3.18.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pgadmin4-doc-4.30-150300.3.18.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pgadmin4-doc-4.30-150300.3.18.1.noarch"
},
"product_reference": "pgadmin4-doc-4.30-150300.3.18.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pgadmin4-web-4.30-150300.3.18.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pgadmin4-web-4.30-150300.3.18.1.noarch"
},
"product_reference": "pgadmin4-web-4.30-150300.3.18.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pgadmin4-4.30-150300.3.18.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pgadmin4-4.30-150300.3.18.1.aarch64"
},
"product_reference": "pgadmin4-4.30-150300.3.18.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pgadmin4-4.30-150300.3.18.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pgadmin4-4.30-150300.3.18.1.x86_64"
},
"product_reference": "pgadmin4-4.30-150300.3.18.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pgadmin4-doc-4.30-150300.3.18.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pgadmin4-doc-4.30-150300.3.18.1.noarch"
},
"product_reference": "pgadmin4-doc-4.30-150300.3.18.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pgadmin4-web-4.30-150300.3.18.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pgadmin4-web-4.30-150300.3.18.1.noarch"
},
"product_reference": "pgadmin4-web-4.30-150300.3.18.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pgadmin4-4.30-150300.3.18.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:pgadmin4-4.30-150300.3.18.1.aarch64"
},
"product_reference": "pgadmin4-4.30-150300.3.18.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pgadmin4-4.30-150300.3.18.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:pgadmin4-4.30-150300.3.18.1.ppc64le"
},
"product_reference": "pgadmin4-4.30-150300.3.18.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pgadmin4-4.30-150300.3.18.1.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:pgadmin4-4.30-150300.3.18.1.s390x"
},
"product_reference": "pgadmin4-4.30-150300.3.18.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pgadmin4-4.30-150300.3.18.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:pgadmin4-4.30-150300.3.18.1.x86_64"
},
"product_reference": "pgadmin4-4.30-150300.3.18.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pgadmin4-doc-4.30-150300.3.18.1.noarch as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:pgadmin4-doc-4.30-150300.3.18.1.noarch"
},
"product_reference": "pgadmin4-doc-4.30-150300.3.18.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pgadmin4-web-4.30-150300.3.18.1.noarch as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:pgadmin4-web-4.30-150300.3.18.1.noarch"
},
"product_reference": "pgadmin4-web-4.30-150300.3.18.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pgadmin4-4.30-150300.3.18.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:pgadmin4-4.30-150300.3.18.1.aarch64"
},
"product_reference": "pgadmin4-4.30-150300.3.18.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pgadmin4-4.30-150300.3.18.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:pgadmin4-4.30-150300.3.18.1.ppc64le"
},
"product_reference": "pgadmin4-4.30-150300.3.18.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pgadmin4-4.30-150300.3.18.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:pgadmin4-4.30-150300.3.18.1.s390x"
},
"product_reference": "pgadmin4-4.30-150300.3.18.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pgadmin4-4.30-150300.3.18.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:pgadmin4-4.30-150300.3.18.1.x86_64"
},
"product_reference": "pgadmin4-4.30-150300.3.18.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pgadmin4-doc-4.30-150300.3.18.1.noarch as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:pgadmin4-doc-4.30-150300.3.18.1.noarch"
},
"product_reference": "pgadmin4-doc-4.30-150300.3.18.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pgadmin4-web-4.30-150300.3.18.1.noarch as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:pgadmin4-web-4.30-150300.3.18.1.noarch"
},
"product_reference": "pgadmin4-web-4.30-150300.3.18.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pgadmin4-4.30-150300.3.18.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:pgadmin4-4.30-150300.3.18.1.aarch64"
},
"product_reference": "pgadmin4-4.30-150300.3.18.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pgadmin4-4.30-150300.3.18.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:pgadmin4-4.30-150300.3.18.1.ppc64le"
},
"product_reference": "pgadmin4-4.30-150300.3.18.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pgadmin4-4.30-150300.3.18.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:pgadmin4-4.30-150300.3.18.1.s390x"
},
"product_reference": "pgadmin4-4.30-150300.3.18.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pgadmin4-4.30-150300.3.18.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:pgadmin4-4.30-150300.3.18.1.x86_64"
},
"product_reference": "pgadmin4-4.30-150300.3.18.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pgadmin4-doc-4.30-150300.3.18.1.noarch as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:pgadmin4-doc-4.30-150300.3.18.1.noarch"
},
"product_reference": "pgadmin4-doc-4.30-150300.3.18.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pgadmin4-web-4.30-150300.3.18.1.noarch as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:pgadmin4-web-4.30-150300.3.18.1.noarch"
},
"product_reference": "pgadmin4-web-4.30-150300.3.18.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pgadmin4-4.30-150300.3.18.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:pgadmin4-4.30-150300.3.18.1.ppc64le"
},
"product_reference": "pgadmin4-4.30-150300.3.18.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pgadmin4-4.30-150300.3.18.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:pgadmin4-4.30-150300.3.18.1.x86_64"
},
"product_reference": "pgadmin4-4.30-150300.3.18.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pgadmin4-doc-4.30-150300.3.18.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:pgadmin4-doc-4.30-150300.3.18.1.noarch"
},
"product_reference": "pgadmin4-doc-4.30-150300.3.18.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pgadmin4-web-4.30-150300.3.18.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:pgadmin4-web-4.30-150300.3.18.1.noarch"
},
"product_reference": "pgadmin4-web-4.30-150300.3.18.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pgadmin4-4.30-150300.3.18.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:pgadmin4-4.30-150300.3.18.1.ppc64le"
},
"product_reference": "pgadmin4-4.30-150300.3.18.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pgadmin4-4.30-150300.3.18.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:pgadmin4-4.30-150300.3.18.1.x86_64"
},
"product_reference": "pgadmin4-4.30-150300.3.18.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pgadmin4-doc-4.30-150300.3.18.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:pgadmin4-doc-4.30-150300.3.18.1.noarch"
},
"product_reference": "pgadmin4-doc-4.30-150300.3.18.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pgadmin4-web-4.30-150300.3.18.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:pgadmin4-web-4.30-150300.3.18.1.noarch"
},
"product_reference": "pgadmin4-web-4.30-150300.3.18.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pgadmin4-4.30-150300.3.18.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:pgadmin4-4.30-150300.3.18.1.ppc64le"
},
"product_reference": "pgadmin4-4.30-150300.3.18.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pgadmin4-4.30-150300.3.18.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:pgadmin4-4.30-150300.3.18.1.x86_64"
},
"product_reference": "pgadmin4-4.30-150300.3.18.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pgadmin4-doc-4.30-150300.3.18.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:pgadmin4-doc-4.30-150300.3.18.1.noarch"
},
"product_reference": "pgadmin4-doc-4.30-150300.3.18.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pgadmin4-web-4.30-150300.3.18.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:pgadmin4-web-4.30-150300.3.18.1.noarch"
},
"product_reference": "pgadmin4-web-4.30-150300.3.18.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pgadmin4-4.30-150300.3.18.1.x86_64 as component of SUSE Manager Proxy 4.3",
"product_id": "SUSE Manager Proxy 4.3:pgadmin4-4.30-150300.3.18.1.x86_64"
},
"product_reference": "pgadmin4-4.30-150300.3.18.1.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pgadmin4-doc-4.30-150300.3.18.1.noarch as component of SUSE Manager Proxy 4.3",
"product_id": "SUSE Manager Proxy 4.3:pgadmin4-doc-4.30-150300.3.18.1.noarch"
},
"product_reference": "pgadmin4-doc-4.30-150300.3.18.1.noarch",
"relates_to_product_reference": "SUSE Manager Proxy 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pgadmin4-web-4.30-150300.3.18.1.noarch as component of SUSE Manager Proxy 4.3",
"product_id": "SUSE Manager Proxy 4.3:pgadmin4-web-4.30-150300.3.18.1.noarch"
},
"product_reference": "pgadmin4-web-4.30-150300.3.18.1.noarch",
"relates_to_product_reference": "SUSE Manager Proxy 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pgadmin4-4.30-150300.3.18.1.ppc64le as component of SUSE Manager Server 4.3",
"product_id": "SUSE Manager Server 4.3:pgadmin4-4.30-150300.3.18.1.ppc64le"
},
"product_reference": "pgadmin4-4.30-150300.3.18.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Server 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pgadmin4-4.30-150300.3.18.1.s390x as component of SUSE Manager Server 4.3",
"product_id": "SUSE Manager Server 4.3:pgadmin4-4.30-150300.3.18.1.s390x"
},
"product_reference": "pgadmin4-4.30-150300.3.18.1.s390x",
"relates_to_product_reference": "SUSE Manager Server 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pgadmin4-4.30-150300.3.18.1.x86_64 as component of SUSE Manager Server 4.3",
"product_id": "SUSE Manager Server 4.3:pgadmin4-4.30-150300.3.18.1.x86_64"
},
"product_reference": "pgadmin4-4.30-150300.3.18.1.x86_64",
"relates_to_product_reference": "SUSE Manager Server 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pgadmin4-doc-4.30-150300.3.18.1.noarch as component of SUSE Manager Server 4.3",
"product_id": "SUSE Manager Server 4.3:pgadmin4-doc-4.30-150300.3.18.1.noarch"
},
"product_reference": "pgadmin4-doc-4.30-150300.3.18.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pgadmin4-web-4.30-150300.3.18.1.noarch as component of SUSE Manager Server 4.3",
"product_id": "SUSE Manager Server 4.3:pgadmin4-web-4.30-150300.3.18.1.noarch"
},
"product_reference": "pgadmin4-web-4.30-150300.3.18.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pgadmin4-4.30-150300.3.18.1.aarch64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:pgadmin4-4.30-150300.3.18.1.aarch64"
},
"product_reference": "pgadmin4-4.30-150300.3.18.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pgadmin4-4.30-150300.3.18.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:pgadmin4-4.30-150300.3.18.1.x86_64"
},
"product_reference": "pgadmin4-4.30-150300.3.18.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pgadmin4-doc-4.30-150300.3.18.1.noarch as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:pgadmin4-doc-4.30-150300.3.18.1.noarch"
},
"product_reference": "pgadmin4-doc-4.30-150300.3.18.1.noarch",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pgadmin4-web-4.30-150300.3.18.1.noarch as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:pgadmin4-web-4.30-150300.3.18.1.noarch"
},
"product_reference": "pgadmin4-web-4.30-150300.3.18.1.noarch",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-1907",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-1907"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability was found in pgadmin. Users logging into pgAdmin running in server mode using LDAP authentication may be attached to another user\u0027s session if multiple connection attempts occur simultaneously.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:pgadmin4-4.30-150300.3.18.1.aarch64",
"SUSE Enterprise Storage 7.1:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Enterprise Storage 7.1:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Enterprise Storage 7.1:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pgadmin4-4.30-150300.3.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pgadmin4-4.30-150300.3.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pgadmin4-4.30-150300.3.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pgadmin4-4.30-150300.3.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pgadmin4-4.30-150300.3.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-4.30-150300.3.18.1.s390x",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pgadmin4-4.30-150300.3.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pgadmin4-4.30-150300.3.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pgadmin4-4.30-150300.3.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pgadmin4-4.30-150300.3.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pgadmin4-4.30-150300.3.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pgadmin4-4.30-150300.3.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pgadmin4-4.30-150300.3.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pgadmin4-4.30-150300.3.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pgadmin4-4.30-150300.3.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pgadmin4-4.30-150300.3.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pgadmin4-4.30-150300.3.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pgadmin4-4.30-150300.3.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Manager Proxy 4.3:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Manager Proxy 4.3:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Manager Proxy 4.3:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Manager Server 4.3:pgadmin4-4.30-150300.3.18.1.ppc64le",
"SUSE Manager Server 4.3:pgadmin4-4.30-150300.3.18.1.s390x",
"SUSE Manager Server 4.3:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Manager Server 4.3:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Manager Server 4.3:pgadmin4-web-4.30-150300.3.18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-1907",
"url": "https://www.suse.com/security/cve/CVE-2023-1907"
},
{
"category": "external",
"summary": "SUSE Bug 1234840 for CVE-2023-1907",
"url": "https://bugzilla.suse.com/1234840"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:pgadmin4-4.30-150300.3.18.1.aarch64",
"SUSE Enterprise Storage 7.1:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Enterprise Storage 7.1:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Enterprise Storage 7.1:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pgadmin4-4.30-150300.3.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pgadmin4-4.30-150300.3.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pgadmin4-4.30-150300.3.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pgadmin4-4.30-150300.3.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pgadmin4-4.30-150300.3.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-4.30-150300.3.18.1.s390x",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pgadmin4-4.30-150300.3.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pgadmin4-4.30-150300.3.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pgadmin4-4.30-150300.3.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pgadmin4-4.30-150300.3.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pgadmin4-4.30-150300.3.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pgadmin4-4.30-150300.3.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pgadmin4-4.30-150300.3.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pgadmin4-4.30-150300.3.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pgadmin4-4.30-150300.3.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pgadmin4-4.30-150300.3.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pgadmin4-4.30-150300.3.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pgadmin4-4.30-150300.3.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Manager Proxy 4.3:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Manager Proxy 4.3:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Manager Proxy 4.3:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Manager Server 4.3:pgadmin4-4.30-150300.3.18.1.ppc64le",
"SUSE Manager Server 4.3:pgadmin4-4.30-150300.3.18.1.s390x",
"SUSE Manager Server 4.3:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Manager Server 4.3:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Manager Server 4.3:pgadmin4-web-4.30-150300.3.18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:pgadmin4-4.30-150300.3.18.1.aarch64",
"SUSE Enterprise Storage 7.1:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Enterprise Storage 7.1:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Enterprise Storage 7.1:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pgadmin4-4.30-150300.3.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pgadmin4-4.30-150300.3.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pgadmin4-4.30-150300.3.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pgadmin4-4.30-150300.3.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pgadmin4-4.30-150300.3.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-4.30-150300.3.18.1.s390x",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pgadmin4-4.30-150300.3.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pgadmin4-4.30-150300.3.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pgadmin4-4.30-150300.3.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pgadmin4-4.30-150300.3.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pgadmin4-4.30-150300.3.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pgadmin4-4.30-150300.3.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pgadmin4-4.30-150300.3.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pgadmin4-4.30-150300.3.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pgadmin4-4.30-150300.3.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pgadmin4-4.30-150300.3.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pgadmin4-4.30-150300.3.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pgadmin4-4.30-150300.3.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Manager Proxy 4.3:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Manager Proxy 4.3:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Manager Proxy 4.3:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Manager Server 4.3:pgadmin4-4.30-150300.3.18.1.ppc64le",
"SUSE Manager Server 4.3:pgadmin4-4.30-150300.3.18.1.s390x",
"SUSE Manager Server 4.3:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Manager Server 4.3:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Manager Server 4.3:pgadmin4-web-4.30-150300.3.18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-16T08:37:10Z",
"details": "important"
}
],
"title": "CVE-2023-1907"
},
{
"cve": "CVE-2024-4068",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-4068"
}
],
"notes": [
{
"category": "general",
"text": "The NPM package `braces`, versions prior to 3.0.3, fails to limit the number of characters it can handle, which could lead to Memory Exhaustion. In `lib/parse.js,` if a malicious user sends \"imbalanced braces\" as input, the parsing will enter a loop, which will cause the program to start allocating heap memory without freeing it at any moment of the loop. Eventually, the JavaScript heap limit is reached, and the program will crash.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:pgadmin4-4.30-150300.3.18.1.aarch64",
"SUSE Enterprise Storage 7.1:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Enterprise Storage 7.1:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Enterprise Storage 7.1:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pgadmin4-4.30-150300.3.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pgadmin4-4.30-150300.3.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pgadmin4-4.30-150300.3.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pgadmin4-4.30-150300.3.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pgadmin4-4.30-150300.3.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-4.30-150300.3.18.1.s390x",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pgadmin4-4.30-150300.3.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pgadmin4-4.30-150300.3.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pgadmin4-4.30-150300.3.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pgadmin4-4.30-150300.3.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pgadmin4-4.30-150300.3.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pgadmin4-4.30-150300.3.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pgadmin4-4.30-150300.3.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pgadmin4-4.30-150300.3.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pgadmin4-4.30-150300.3.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pgadmin4-4.30-150300.3.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pgadmin4-4.30-150300.3.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pgadmin4-4.30-150300.3.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Manager Proxy 4.3:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Manager Proxy 4.3:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Manager Proxy 4.3:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Manager Server 4.3:pgadmin4-4.30-150300.3.18.1.ppc64le",
"SUSE Manager Server 4.3:pgadmin4-4.30-150300.3.18.1.s390x",
"SUSE Manager Server 4.3:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Manager Server 4.3:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Manager Server 4.3:pgadmin4-web-4.30-150300.3.18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-4068",
"url": "https://www.suse.com/security/cve/CVE-2024-4068"
},
{
"category": "external",
"summary": "SUSE Bug 1224256 for CVE-2024-4068",
"url": "https://bugzilla.suse.com/1224256"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:pgadmin4-4.30-150300.3.18.1.aarch64",
"SUSE Enterprise Storage 7.1:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Enterprise Storage 7.1:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Enterprise Storage 7.1:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pgadmin4-4.30-150300.3.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pgadmin4-4.30-150300.3.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pgadmin4-4.30-150300.3.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pgadmin4-4.30-150300.3.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pgadmin4-4.30-150300.3.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-4.30-150300.3.18.1.s390x",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pgadmin4-4.30-150300.3.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pgadmin4-4.30-150300.3.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pgadmin4-4.30-150300.3.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pgadmin4-4.30-150300.3.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pgadmin4-4.30-150300.3.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pgadmin4-4.30-150300.3.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pgadmin4-4.30-150300.3.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pgadmin4-4.30-150300.3.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pgadmin4-4.30-150300.3.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pgadmin4-4.30-150300.3.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pgadmin4-4.30-150300.3.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pgadmin4-4.30-150300.3.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Manager Proxy 4.3:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Manager Proxy 4.3:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Manager Proxy 4.3:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Manager Server 4.3:pgadmin4-4.30-150300.3.18.1.ppc64le",
"SUSE Manager Server 4.3:pgadmin4-4.30-150300.3.18.1.s390x",
"SUSE Manager Server 4.3:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Manager Server 4.3:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Manager Server 4.3:pgadmin4-web-4.30-150300.3.18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:pgadmin4-4.30-150300.3.18.1.aarch64",
"SUSE Enterprise Storage 7.1:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Enterprise Storage 7.1:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Enterprise Storage 7.1:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pgadmin4-4.30-150300.3.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pgadmin4-4.30-150300.3.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pgadmin4-4.30-150300.3.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pgadmin4-4.30-150300.3.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pgadmin4-4.30-150300.3.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-4.30-150300.3.18.1.s390x",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pgadmin4-4.30-150300.3.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pgadmin4-4.30-150300.3.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pgadmin4-4.30-150300.3.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pgadmin4-4.30-150300.3.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pgadmin4-4.30-150300.3.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pgadmin4-4.30-150300.3.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pgadmin4-4.30-150300.3.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pgadmin4-4.30-150300.3.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pgadmin4-4.30-150300.3.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pgadmin4-4.30-150300.3.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pgadmin4-4.30-150300.3.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pgadmin4-4.30-150300.3.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Manager Proxy 4.3:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Manager Proxy 4.3:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Manager Proxy 4.3:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Manager Server 4.3:pgadmin4-4.30-150300.3.18.1.ppc64le",
"SUSE Manager Server 4.3:pgadmin4-4.30-150300.3.18.1.s390x",
"SUSE Manager Server 4.3:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Manager Server 4.3:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Manager Server 4.3:pgadmin4-web-4.30-150300.3.18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-16T08:37:10Z",
"details": "important"
}
],
"title": "CVE-2024-4068"
},
{
"cve": "CVE-2025-27152",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-27152"
}
],
"notes": [
{
"category": "general",
"text": "axios is a promise based HTTP client for the browser and node.js. The issue occurs when passing absolute URLs rather than protocol-relative URLs to axios. Even if \u2060baseURL is set, axios sends the request to the specified absolute URL, potentially causing SSRF and credential leakage. This issue impacts both server-side and client-side usage of axios. This issue is fixed in 1.8.2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:pgadmin4-4.30-150300.3.18.1.aarch64",
"SUSE Enterprise Storage 7.1:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Enterprise Storage 7.1:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Enterprise Storage 7.1:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pgadmin4-4.30-150300.3.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pgadmin4-4.30-150300.3.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pgadmin4-4.30-150300.3.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pgadmin4-4.30-150300.3.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pgadmin4-4.30-150300.3.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-4.30-150300.3.18.1.s390x",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pgadmin4-4.30-150300.3.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pgadmin4-4.30-150300.3.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pgadmin4-4.30-150300.3.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pgadmin4-4.30-150300.3.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pgadmin4-4.30-150300.3.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pgadmin4-4.30-150300.3.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pgadmin4-4.30-150300.3.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pgadmin4-4.30-150300.3.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pgadmin4-4.30-150300.3.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pgadmin4-4.30-150300.3.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pgadmin4-4.30-150300.3.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pgadmin4-4.30-150300.3.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Manager Proxy 4.3:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Manager Proxy 4.3:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Manager Proxy 4.3:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Manager Server 4.3:pgadmin4-4.30-150300.3.18.1.ppc64le",
"SUSE Manager Server 4.3:pgadmin4-4.30-150300.3.18.1.s390x",
"SUSE Manager Server 4.3:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Manager Server 4.3:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Manager Server 4.3:pgadmin4-web-4.30-150300.3.18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-27152",
"url": "https://www.suse.com/security/cve/CVE-2025-27152"
},
{
"category": "external",
"summary": "SUSE Bug 1239305 for CVE-2025-27152",
"url": "https://bugzilla.suse.com/1239305"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:pgadmin4-4.30-150300.3.18.1.aarch64",
"SUSE Enterprise Storage 7.1:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Enterprise Storage 7.1:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Enterprise Storage 7.1:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pgadmin4-4.30-150300.3.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pgadmin4-4.30-150300.3.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pgadmin4-4.30-150300.3.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pgadmin4-4.30-150300.3.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pgadmin4-4.30-150300.3.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-4.30-150300.3.18.1.s390x",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pgadmin4-4.30-150300.3.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pgadmin4-4.30-150300.3.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pgadmin4-4.30-150300.3.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pgadmin4-4.30-150300.3.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pgadmin4-4.30-150300.3.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pgadmin4-4.30-150300.3.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pgadmin4-4.30-150300.3.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pgadmin4-4.30-150300.3.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pgadmin4-4.30-150300.3.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pgadmin4-4.30-150300.3.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pgadmin4-4.30-150300.3.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pgadmin4-4.30-150300.3.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Manager Proxy 4.3:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Manager Proxy 4.3:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Manager Proxy 4.3:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Manager Server 4.3:pgadmin4-4.30-150300.3.18.1.ppc64le",
"SUSE Manager Server 4.3:pgadmin4-4.30-150300.3.18.1.s390x",
"SUSE Manager Server 4.3:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Manager Server 4.3:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Manager Server 4.3:pgadmin4-web-4.30-150300.3.18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:pgadmin4-4.30-150300.3.18.1.aarch64",
"SUSE Enterprise Storage 7.1:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Enterprise Storage 7.1:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Enterprise Storage 7.1:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pgadmin4-4.30-150300.3.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pgadmin4-4.30-150300.3.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pgadmin4-4.30-150300.3.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pgadmin4-4.30-150300.3.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pgadmin4-4.30-150300.3.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-4.30-150300.3.18.1.s390x",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pgadmin4-4.30-150300.3.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pgadmin4-4.30-150300.3.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pgadmin4-4.30-150300.3.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pgadmin4-4.30-150300.3.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pgadmin4-4.30-150300.3.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pgadmin4-4.30-150300.3.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pgadmin4-4.30-150300.3.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pgadmin4-4.30-150300.3.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pgadmin4-4.30-150300.3.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pgadmin4-4.30-150300.3.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pgadmin4-4.30-150300.3.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pgadmin4-4.30-150300.3.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Manager Proxy 4.3:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Manager Proxy 4.3:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Manager Proxy 4.3:pgadmin4-web-4.30-150300.3.18.1.noarch",
"SUSE Manager Server 4.3:pgadmin4-4.30-150300.3.18.1.ppc64le",
"SUSE Manager Server 4.3:pgadmin4-4.30-150300.3.18.1.s390x",
"SUSE Manager Server 4.3:pgadmin4-4.30-150300.3.18.1.x86_64",
"SUSE Manager Server 4.3:pgadmin4-doc-4.30-150300.3.18.1.noarch",
"SUSE Manager Server 4.3:pgadmin4-web-4.30-150300.3.18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-16T08:37:10Z",
"details": "important"
}
],
"title": "CVE-2025-27152"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…