Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2024-45338 (GCVE-0-2024-45338)
Vulnerability from cvelistv5 – Published: 2024-12-18 20:38 – Updated: 2025-02-21 18:03
VLAI
EPSS
Title
Non-linear parsing of case-insensitive content in golang.org/x/net/html
Summary
An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This could cause a denial of service.
Severity
5.3 (Medium)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| golang.org/x/net | golang.org/x/net/html |
Affected:
0 , < 0.33.0
(semver)
|
Credits
Guido Vranken
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-45338",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-31T19:51:42.228627Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1333",
"description": "CWE-1333 Inefficient Regular Expression Complexity",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-31T19:55:04.864Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-02-21T18:03:32.301Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://security.netapp.com/advisory/ntap-20250221-0001/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://pkg.go.dev",
"defaultStatus": "unaffected",
"packageName": "golang.org/x/net/html",
"product": "golang.org/x/net/html",
"programRoutines": [
{
"name": "parseDoctype"
},
{
"name": "htmlIntegrationPoint"
},
{
"name": "inTableIM"
},
{
"name": "inBodyIM"
},
{
"name": "Parse"
},
{
"name": "ParseFragment"
},
{
"name": "ParseFragmentWithOptions"
},
{
"name": "ParseWithOptions"
}
],
"vendor": "golang.org/x/net",
"versions": [
{
"lessThan": "0.33.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Guido Vranken"
}
],
"descriptions": [
{
"lang": "en",
"value": "An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This could cause a denial of service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-405: Asymmetric Resource Consumption (Amplification)",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-18T20:38:22.660Z",
"orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"shortName": "Go"
},
"references": [
{
"url": "https://go.dev/cl/637536"
},
{
"url": "https://go.dev/issue/70906"
},
{
"url": "https://groups.google.com/g/golang-announce/c/wSCRmFnNmPA/m/Lvcd0mRMAwAJ"
},
{
"url": "https://pkg.go.dev/vuln/GO-2024-3333"
}
],
"title": "Non-linear parsing of case-insensitive content in golang.org/x/net/html"
}
},
"cveMetadata": {
"assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"assignerShortName": "Go",
"cveId": "CVE-2024-45338",
"datePublished": "2024-12-18T20:38:22.660Z",
"dateReserved": "2024-08-27T19:41:58.555Z",
"dateUpdated": "2025-02-21T18:03:32.301Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2024-45338",
"date": "2026-06-05",
"epss": "0.00041",
"percentile": "0.12914"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2024-45338\",\"sourceIdentifier\":\"security@golang.org\",\"published\":\"2024-12-18T21:15:08.173\",\"lastModified\":\"2025-02-21T18:15:17.717\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This could cause a denial of service.\"},{\"lang\":\"es\",\"value\":\"Un atacante puede manipular una entrada para las funciones de an\u00e1lisis que se procesar\u00eda de forma no lineal con respecto a su longitud, lo que dar\u00eda como resultado un an\u00e1lisis extremadamente lento. Esto podr\u00eda causar una denegaci\u00f3n de servicio.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":3.9,\"impactScore\":1.4}]},\"weaknesses\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-1333\"}]}],\"references\":[{\"url\":\"https://go.dev/cl/637536\",\"source\":\"security@golang.org\"},{\"url\":\"https://go.dev/issue/70906\",\"source\":\"security@golang.org\"},{\"url\":\"https://groups.google.com/g/golang-announce/c/wSCRmFnNmPA/m/Lvcd0mRMAwAJ\",\"source\":\"security@golang.org\"},{\"url\":\"https://pkg.go.dev/vuln/GO-2024-3333\",\"source\":\"security@golang.org\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20250221-0001/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://security.netapp.com/advisory/ntap-20250221-0001/\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2025-02-21T18:03:32.301Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 5.3, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"LOW\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-45338\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-12-31T19:51:42.228627Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-1333\", \"description\": \"CWE-1333 Inefficient Regular Expression Complexity\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-12-31T19:54:57.693Z\"}}], \"cna\": {\"title\": \"Non-linear parsing of case-insensitive content in golang.org/x/net/html\", \"credits\": [{\"lang\": \"en\", \"value\": \"Guido Vranken\"}], \"affected\": [{\"vendor\": \"golang.org/x/net\", \"product\": \"golang.org/x/net/html\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"0.33.0\", \"versionType\": \"semver\"}], \"packageName\": \"golang.org/x/net/html\", \"collectionURL\": \"https://pkg.go.dev\", \"defaultStatus\": \"unaffected\", \"programRoutines\": [{\"name\": \"parseDoctype\"}, {\"name\": \"htmlIntegrationPoint\"}, {\"name\": \"inTableIM\"}, {\"name\": \"inBodyIM\"}, {\"name\": \"Parse\"}, {\"name\": \"ParseFragment\"}, {\"name\": \"ParseFragmentWithOptions\"}, {\"name\": \"ParseWithOptions\"}]}], \"references\": [{\"url\": \"https://go.dev/cl/637536\"}, {\"url\": \"https://go.dev/issue/70906\"}, {\"url\": \"https://groups.google.com/g/golang-announce/c/wSCRmFnNmPA/m/Lvcd0mRMAwAJ\"}, {\"url\": \"https://pkg.go.dev/vuln/GO-2024-3333\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This could cause a denial of service.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"description\": \"CWE-405: Asymmetric Resource Consumption (Amplification)\"}]}], \"providerMetadata\": {\"orgId\": \"1bb62c36-49e3-4200-9d77-64a1400537cc\", \"shortName\": \"Go\", \"dateUpdated\": \"2024-12-18T20:38:22.660Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2024-45338\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-02-21T18:03:32.301Z\", \"dateReserved\": \"2024-08-27T19:41:58.555Z\", \"assignerOrgId\": \"1bb62c36-49e3-4200-9d77-64a1400537cc\", \"datePublished\": \"2024-12-18T20:38:22.660Z\", \"assignerShortName\": \"Go\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
RHSA-2025:2903
Vulnerability from csaf_redhat - Published: 2025-03-17 09:37 - Updated: 2026-06-02 21:45Summary
Red Hat Security Advisory: Red Hat OpenShift Pipelines Release 1.18.0
Severity
Important
Notes
Topic: The 1.18.0 GA release of Red Hat OpenShift Pipelines Operator.. For more details see [product documentation](https://docs.redhat.com/en/documentation/red_hat_openshift_pipelines).
Details: The 1.18.0 release of Red Hat OpenShift Pipelines Operator.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the x/crypto/ssh go library. Applications and libraries that misuse the ServerConfig.PublicKeyCallback callback may be susceptible to an authorization bypass. For example, an attacker may send public keys A and B and authenticate with A. PublicKeyCallback would be called only twice, first with A and then with B. A vulnerable application may then make authorization decisions based on key B, for which the attacker does not control the private key. The misuse of ServerConfig.PublicKeyCallback may cause an authorization bypass.
8.2 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Pipelines 1.18.0:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel9@sha256:7ed05b8f3817d96dc942af19f85ba1b1efdb1f1ff1145356a5287d85a0ecce20_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.18.0:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel9@sha256:919ef15e4ad9e152a5856153ef3e8059a78dfc59551ef841dc6e33aa31abd65f_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.18.0:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel9@sha256:a4bdd6a7c3c3bac78a94ac75fb61b0cfc3b674c53163fe606143bfbaf726dd8f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.18.0:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel9@sha256:d31567dafef0040f10b871eae9f6d4dde5b2c7672d11c6607c93ab81bee4c754_s390x | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A flaw was found in golang.org/x/net/html. This flaw allows an attacker to craft input to the parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This issue can cause a denial of service.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Pipelines 1.18.0:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel9@sha256:7ed05b8f3817d96dc942af19f85ba1b1efdb1f1ff1145356a5287d85a0ecce20_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.18.0:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel9@sha256:919ef15e4ad9e152a5856153ef3e8059a78dfc59551ef841dc6e33aa31abd65f_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.18.0:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel9@sha256:a4bdd6a7c3c3bac78a94ac75fb61b0cfc3b674c53163fe606143bfbaf726dd8f_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.18.0:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel9@sha256:d31567dafef0040f10b871eae9f6d4dde5b2c7672d11c6607c93ab81bee4c754_s390x | — |
Vendor Fix
fix
|
Threats
Impact
Important
References
23 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "The 1.18.0 GA release of Red Hat OpenShift Pipelines Operator.. For more details see [product documentation](https://docs.redhat.com/en/documentation/red_hat_openshift_pipelines).",
"title": "Topic"
},
{
"category": "general",
"text": "The 1.18.0 release of Red Hat OpenShift Pipelines Operator.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:2903",
"url": "https://access.redhat.com/errata/RHSA-2025:2903"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_openshift_pipelines",
"url": "https://docs.redhat.com/en/documentation/red_hat_openshift_pipelines"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-45337",
"url": "https://access.redhat.com/security/cve/CVE-2024-45337"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-45338",
"url": "https://access.redhat.com/security/cve/CVE-2024-45338"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification",
"url": "https://access.redhat.com/security/updates/classification"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_2903.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift Pipelines Release 1.18.0",
"tracking": {
"current_release_date": "2026-06-02T21:45:16+00:00",
"generator": {
"date": "2026-06-02T21:45:16+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHSA-2025:2903",
"initial_release_date": "2025-03-17T09:37:38+00:00",
"revision_history": [
{
"date": "2025-03-17T09:37:38+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-03-25T20:51:39+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-02T21:45:16+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Pipelines 1.18.0",
"product": {
"name": "Red Hat OpenShift Pipelines 1.18.0",
"product_id": "Red Hat OpenShift Pipelines 1.18.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_pipelines:1.18::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Pipelines"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel9@sha256:919ef15e4ad9e152a5856153ef3e8059a78dfc59551ef841dc6e33aa31abd65f_arm64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel9@sha256:919ef15e4ad9e152a5856153ef3e8059a78dfc59551ef841dc6e33aa31abd65f_arm64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel9@sha256:919ef15e4ad9e152a5856153ef3e8059a78dfc59551ef841dc6e33aa31abd65f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-chains-controller-rhel9@sha256%3A919ef15e4ad9e152a5856153ef3e8059a78dfc59551ef841dc6e33aa31abd65f?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1.18.0-1742200871"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel9@sha256:7ed05b8f3817d96dc942af19f85ba1b1efdb1f1ff1145356a5287d85a0ecce20_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel9@sha256:7ed05b8f3817d96dc942af19f85ba1b1efdb1f1ff1145356a5287d85a0ecce20_ppc64le",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel9@sha256:7ed05b8f3817d96dc942af19f85ba1b1efdb1f1ff1145356a5287d85a0ecce20_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-chains-controller-rhel9@sha256%3A7ed05b8f3817d96dc942af19f85ba1b1efdb1f1ff1145356a5287d85a0ecce20?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1.18.0-1742200871"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel9@sha256:d31567dafef0040f10b871eae9f6d4dde5b2c7672d11c6607c93ab81bee4c754_s390x",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel9@sha256:d31567dafef0040f10b871eae9f6d4dde5b2c7672d11c6607c93ab81bee4c754_s390x",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel9@sha256:d31567dafef0040f10b871eae9f6d4dde5b2c7672d11c6607c93ab81bee4c754_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-chains-controller-rhel9@sha256%3Ad31567dafef0040f10b871eae9f6d4dde5b2c7672d11c6607c93ab81bee4c754?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1.18.0-1742200871"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel9@sha256:a4bdd6a7c3c3bac78a94ac75fb61b0cfc3b674c53163fe606143bfbaf726dd8f_amd64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel9@sha256:a4bdd6a7c3c3bac78a94ac75fb61b0cfc3b674c53163fe606143bfbaf726dd8f_amd64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel9@sha256:a4bdd6a7c3c3bac78a94ac75fb61b0cfc3b674c53163fe606143bfbaf726dd8f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-chains-controller-rhel9@sha256%3Aa4bdd6a7c3c3bac78a94ac75fb61b0cfc3b674c53163fe606143bfbaf726dd8f?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1.18.0-1742200871"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel9@sha256:7ed05b8f3817d96dc942af19f85ba1b1efdb1f1ff1145356a5287d85a0ecce20_ppc64le as a component of Red Hat OpenShift Pipelines 1.18.0",
"product_id": "Red Hat OpenShift Pipelines 1.18.0:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel9@sha256:7ed05b8f3817d96dc942af19f85ba1b1efdb1f1ff1145356a5287d85a0ecce20_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel9@sha256:7ed05b8f3817d96dc942af19f85ba1b1efdb1f1ff1145356a5287d85a0ecce20_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.18.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel9@sha256:919ef15e4ad9e152a5856153ef3e8059a78dfc59551ef841dc6e33aa31abd65f_arm64 as a component of Red Hat OpenShift Pipelines 1.18.0",
"product_id": "Red Hat OpenShift Pipelines 1.18.0:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel9@sha256:919ef15e4ad9e152a5856153ef3e8059a78dfc59551ef841dc6e33aa31abd65f_arm64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel9@sha256:919ef15e4ad9e152a5856153ef3e8059a78dfc59551ef841dc6e33aa31abd65f_arm64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.18.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel9@sha256:a4bdd6a7c3c3bac78a94ac75fb61b0cfc3b674c53163fe606143bfbaf726dd8f_amd64 as a component of Red Hat OpenShift Pipelines 1.18.0",
"product_id": "Red Hat OpenShift Pipelines 1.18.0:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel9@sha256:a4bdd6a7c3c3bac78a94ac75fb61b0cfc3b674c53163fe606143bfbaf726dd8f_amd64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel9@sha256:a4bdd6a7c3c3bac78a94ac75fb61b0cfc3b674c53163fe606143bfbaf726dd8f_amd64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.18.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel9@sha256:d31567dafef0040f10b871eae9f6d4dde5b2c7672d11c6607c93ab81bee4c754_s390x as a component of Red Hat OpenShift Pipelines 1.18.0",
"product_id": "Red Hat OpenShift Pipelines 1.18.0:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel9@sha256:d31567dafef0040f10b871eae9f6d4dde5b2c7672d11c6607c93ab81bee4c754_s390x"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel9@sha256:d31567dafef0040f10b871eae9f6d4dde5b2c7672d11c6607c93ab81bee4c754_s390x",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.18.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-45337",
"cwe": {
"id": "CWE-285",
"name": "Improper Authorization"
},
"discovery_date": "2024-12-11T19:00:54.247490+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2331720"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the x/crypto/ssh go library. Applications and libraries that misuse the ServerConfig.PublicKeyCallback callback may be susceptible to an authorization bypass. For example, an attacker may send public keys A and B and authenticate with A. PublicKeyCallback would be called only twice, first with A and then with B. A vulnerable application may then make authorization decisions based on key B, for which the attacker does not control the private key. The misuse of ServerConfig.PublicKeyCallback may cause an authorization bypass.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is classified as important rather than critical because it does not directly enable unauthorized access but rather introduces a risk of authorization bypass if the application or library misuses the PublicKeyCallback API. The vulnerability relies on incorrect assumptions made by the application when handling the sequence or state of keys provided during SSH authentication. Properly implemented systems that use the Permissions field or avoid relying on external state remain unaffected. Additionally, the vulnerability does not allow direct exploitation to gain control over a system without the presence of insecure logic in the application\u0027s handling of authentication attempts.\n\n\nRed Hat Enterprise Linux(RHEL) 8 \u0026 9 and Red Hat Openshift marked as not affected as it was determined that the problem function `ServerConfig.PublicKeyCallback`, as noted in the CVE-2024-45337 issue, is not called by Podman, Buildah, containers-common, or the gvisor-tap-vsock projects.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Pipelines 1.18.0:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel9@sha256:7ed05b8f3817d96dc942af19f85ba1b1efdb1f1ff1145356a5287d85a0ecce20_ppc64le",
"Red Hat OpenShift Pipelines 1.18.0:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel9@sha256:919ef15e4ad9e152a5856153ef3e8059a78dfc59551ef841dc6e33aa31abd65f_arm64",
"Red Hat OpenShift Pipelines 1.18.0:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel9@sha256:a4bdd6a7c3c3bac78a94ac75fb61b0cfc3b674c53163fe606143bfbaf726dd8f_amd64",
"Red Hat OpenShift Pipelines 1.18.0:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel9@sha256:d31567dafef0040f10b871eae9f6d4dde5b2c7672d11c6607c93ab81bee4c754_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45337"
},
{
"category": "external",
"summary": "RHBZ#2331720",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331720"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45337"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45337",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45337"
},
{
"category": "external",
"summary": "https://github.com/golang/crypto/commit/b4f1988a35dee11ec3e05d6bf3e90b695fbd8909",
"url": "https://github.com/golang/crypto/commit/b4f1988a35dee11ec3e05d6bf3e90b695fbd8909"
},
{
"category": "external",
"summary": "https://go.dev/cl/635315",
"url": "https://go.dev/cl/635315"
},
{
"category": "external",
"summary": "https://go.dev/issue/70779",
"url": "https://go.dev/issue/70779"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/-nPEi39gI4Q/m/cGVPJCqdAQAJ",
"url": "https://groups.google.com/g/golang-announce/c/-nPEi39gI4Q/m/cGVPJCqdAQAJ"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3321",
"url": "https://pkg.go.dev/vuln/GO-2024-3321"
}
],
"release_date": "2024-12-11T18:55:58.506000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-17T09:37:38+00:00",
"details": "Red Hat OpenShift Pipelines is a cloud-native, continuous integration and continuous delivery (CI/CD) solution based on Kubernetes resources. It uses Tekton building blocks to automate deployments across multiple platforms by abstracting away the underlying implementation details. Tekton introduces a number of standard custom resource definitions (CRDs) for defining CI/CD pipelines that are portable across Kubernetes distributions.",
"product_ids": [
"Red Hat OpenShift Pipelines 1.18.0:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel9@sha256:7ed05b8f3817d96dc942af19f85ba1b1efdb1f1ff1145356a5287d85a0ecce20_ppc64le",
"Red Hat OpenShift Pipelines 1.18.0:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel9@sha256:919ef15e4ad9e152a5856153ef3e8059a78dfc59551ef841dc6e33aa31abd65f_arm64",
"Red Hat OpenShift Pipelines 1.18.0:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel9@sha256:a4bdd6a7c3c3bac78a94ac75fb61b0cfc3b674c53163fe606143bfbaf726dd8f_amd64",
"Red Hat OpenShift Pipelines 1.18.0:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel9@sha256:d31567dafef0040f10b871eae9f6d4dde5b2c7672d11c6607c93ab81bee4c754_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:2903"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift Pipelines 1.18.0:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel9@sha256:7ed05b8f3817d96dc942af19f85ba1b1efdb1f1ff1145356a5287d85a0ecce20_ppc64le",
"Red Hat OpenShift Pipelines 1.18.0:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel9@sha256:919ef15e4ad9e152a5856153ef3e8059a78dfc59551ef841dc6e33aa31abd65f_arm64",
"Red Hat OpenShift Pipelines 1.18.0:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel9@sha256:a4bdd6a7c3c3bac78a94ac75fb61b0cfc3b674c53163fe606143bfbaf726dd8f_amd64",
"Red Hat OpenShift Pipelines 1.18.0:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel9@sha256:d31567dafef0040f10b871eae9f6d4dde5b2c7672d11c6607c93ab81bee4c754_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Pipelines 1.18.0:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel9@sha256:7ed05b8f3817d96dc942af19f85ba1b1efdb1f1ff1145356a5287d85a0ecce20_ppc64le",
"Red Hat OpenShift Pipelines 1.18.0:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel9@sha256:919ef15e4ad9e152a5856153ef3e8059a78dfc59551ef841dc6e33aa31abd65f_arm64",
"Red Hat OpenShift Pipelines 1.18.0:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel9@sha256:a4bdd6a7c3c3bac78a94ac75fb61b0cfc3b674c53163fe606143bfbaf726dd8f_amd64",
"Red Hat OpenShift Pipelines 1.18.0:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel9@sha256:d31567dafef0040f10b871eae9f6d4dde5b2c7672d11c6607c93ab81bee4c754_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto"
},
{
"cve": "CVE-2024-45338",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2024-12-18T21:00:59.938173+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2333122"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/net/html. This flaw allows an attacker to craft input to the parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This issue can cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as an Important severity because an attacker can craft malicious input that causes the parsing functions to process data non-linearly, resulting in significant delays which leads to a denial of service by exhausting system resources.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Pipelines 1.18.0:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel9@sha256:7ed05b8f3817d96dc942af19f85ba1b1efdb1f1ff1145356a5287d85a0ecce20_ppc64le",
"Red Hat OpenShift Pipelines 1.18.0:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel9@sha256:919ef15e4ad9e152a5856153ef3e8059a78dfc59551ef841dc6e33aa31abd65f_arm64",
"Red Hat OpenShift Pipelines 1.18.0:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel9@sha256:a4bdd6a7c3c3bac78a94ac75fb61b0cfc3b674c53163fe606143bfbaf726dd8f_amd64",
"Red Hat OpenShift Pipelines 1.18.0:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel9@sha256:d31567dafef0040f10b871eae9f6d4dde5b2c7672d11c6607c93ab81bee4c754_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45338"
},
{
"category": "external",
"summary": "RHBZ#2333122",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2333122"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45338",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45338"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45338",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45338"
},
{
"category": "external",
"summary": "https://go.dev/cl/637536",
"url": "https://go.dev/cl/637536"
},
{
"category": "external",
"summary": "https://go.dev/issue/70906",
"url": "https://go.dev/issue/70906"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/wSCRmFnNmPA/m/Lvcd0mRMAwAJ",
"url": "https://groups.google.com/g/golang-announce/c/wSCRmFnNmPA/m/Lvcd0mRMAwAJ"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3333",
"url": "https://pkg.go.dev/vuln/GO-2024-3333"
}
],
"release_date": "2024-12-18T20:38:22.660000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-17T09:37:38+00:00",
"details": "Red Hat OpenShift Pipelines is a cloud-native, continuous integration and continuous delivery (CI/CD) solution based on Kubernetes resources. It uses Tekton building blocks to automate deployments across multiple platforms by abstracting away the underlying implementation details. Tekton introduces a number of standard custom resource definitions (CRDs) for defining CI/CD pipelines that are portable across Kubernetes distributions.",
"product_ids": [
"Red Hat OpenShift Pipelines 1.18.0:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel9@sha256:7ed05b8f3817d96dc942af19f85ba1b1efdb1f1ff1145356a5287d85a0ecce20_ppc64le",
"Red Hat OpenShift Pipelines 1.18.0:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel9@sha256:919ef15e4ad9e152a5856153ef3e8059a78dfc59551ef841dc6e33aa31abd65f_arm64",
"Red Hat OpenShift Pipelines 1.18.0:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel9@sha256:a4bdd6a7c3c3bac78a94ac75fb61b0cfc3b674c53163fe606143bfbaf726dd8f_amd64",
"Red Hat OpenShift Pipelines 1.18.0:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel9@sha256:d31567dafef0040f10b871eae9f6d4dde5b2c7672d11c6607c93ab81bee4c754_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:2903"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Pipelines 1.18.0:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel9@sha256:7ed05b8f3817d96dc942af19f85ba1b1efdb1f1ff1145356a5287d85a0ecce20_ppc64le",
"Red Hat OpenShift Pipelines 1.18.0:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel9@sha256:919ef15e4ad9e152a5856153ef3e8059a78dfc59551ef841dc6e33aa31abd65f_arm64",
"Red Hat OpenShift Pipelines 1.18.0:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel9@sha256:a4bdd6a7c3c3bac78a94ac75fb61b0cfc3b674c53163fe606143bfbaf726dd8f_amd64",
"Red Hat OpenShift Pipelines 1.18.0:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel9@sha256:d31567dafef0040f10b871eae9f6d4dde5b2c7672d11c6607c93ab81bee4c754_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html"
}
]
}
RHSA-2025:2933
Vulnerability from csaf_redhat - Published: 2025-03-17 12:53 - Updated: 2026-06-02 21:45Summary
Red Hat Security Advisory: Red Hat OpenShift Pipelines Release 1.18.0
Severity
Important
Notes
Topic: The 1.18.0 GA release of Red Hat OpenShift Pipelines Operator.. For more details see [product documentation](https://docs.redhat.com/en/documentation/red_hat_openshift_pipelines).
Details: The 1.18.0 release of Red Hat OpenShift Pipelines Operator.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the x/crypto/ssh go library. Applications and libraries that misuse the ServerConfig.PublicKeyCallback callback may be susceptible to an authorization bypass. For example, an attacker may send public keys A and B and authenticate with A. PublicKeyCallback would be called only twice, first with A and then with B. A vulnerable application may then make authorization decisions based on key B, for which the attacker does not control the private key. The misuse of ServerConfig.PublicKeyCallback may cause an authorization bypass.
8.2 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Pipelines 1.18.0:registry.redhat.io/openshift-pipelines/pipelines-cli-tkn-rhel9@sha256:0c328a551c4927c815c6e50b9dbd8e77d6c7505f2ec0ee03be16f82bcc228a83_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.18.0:registry.redhat.io/openshift-pipelines/pipelines-cli-tkn-rhel9@sha256:145c1960ffbaed81068376cd28f7b33ee99852faf5413f315e1df496fb194761_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.18.0:registry.redhat.io/openshift-pipelines/pipelines-cli-tkn-rhel9@sha256:771b73b3d77172d48bbf7452e7cc8ae605aec33463aa2e9e02c223e264b44126_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.18.0:registry.redhat.io/openshift-pipelines/pipelines-cli-tkn-rhel9@sha256:95a138747d0fac4b00a70805dd0b9262ed60aba940db894b90a94db8b786ac44_amd64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A flaw was found in golang.org/x/net/html. This flaw allows an attacker to craft input to the parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This issue can cause a denial of service.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Pipelines 1.18.0:registry.redhat.io/openshift-pipelines/pipelines-cli-tkn-rhel9@sha256:0c328a551c4927c815c6e50b9dbd8e77d6c7505f2ec0ee03be16f82bcc228a83_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.18.0:registry.redhat.io/openshift-pipelines/pipelines-cli-tkn-rhel9@sha256:145c1960ffbaed81068376cd28f7b33ee99852faf5413f315e1df496fb194761_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.18.0:registry.redhat.io/openshift-pipelines/pipelines-cli-tkn-rhel9@sha256:771b73b3d77172d48bbf7452e7cc8ae605aec33463aa2e9e02c223e264b44126_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.18.0:registry.redhat.io/openshift-pipelines/pipelines-cli-tkn-rhel9@sha256:95a138747d0fac4b00a70805dd0b9262ed60aba940db894b90a94db8b786ac44_amd64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
References
23 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "The 1.18.0 GA release of Red Hat OpenShift Pipelines Operator.. For more details see [product documentation](https://docs.redhat.com/en/documentation/red_hat_openshift_pipelines).",
"title": "Topic"
},
{
"category": "general",
"text": "The 1.18.0 release of Red Hat OpenShift Pipelines Operator.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:2933",
"url": "https://access.redhat.com/errata/RHSA-2025:2933"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_openshift_pipelines",
"url": "https://docs.redhat.com/en/documentation/red_hat_openshift_pipelines"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-45337",
"url": "https://access.redhat.com/security/cve/CVE-2024-45337"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-45338",
"url": "https://access.redhat.com/security/cve/CVE-2024-45338"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification",
"url": "https://access.redhat.com/security/updates/classification"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_2933.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift Pipelines Release 1.18.0",
"tracking": {
"current_release_date": "2026-06-02T21:45:18+00:00",
"generator": {
"date": "2026-06-02T21:45:18+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHSA-2025:2933",
"initial_release_date": "2025-03-17T12:53:03+00:00",
"revision_history": [
{
"date": "2025-03-17T12:53:03+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-03-25T20:51:39+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-02T21:45:18+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Pipelines 1.18.0",
"product": {
"name": "Red Hat OpenShift Pipelines 1.18.0",
"product_id": "Red Hat OpenShift Pipelines 1.18.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_pipelines:1.18::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Pipelines"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-cli-tkn-rhel9@sha256:771b73b3d77172d48bbf7452e7cc8ae605aec33463aa2e9e02c223e264b44126_arm64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-cli-tkn-rhel9@sha256:771b73b3d77172d48bbf7452e7cc8ae605aec33463aa2e9e02c223e264b44126_arm64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-cli-tkn-rhel9@sha256:771b73b3d77172d48bbf7452e7cc8ae605aec33463aa2e9e02c223e264b44126_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-cli-tkn-rhel9@sha256%3A771b73b3d77172d48bbf7452e7cc8ae605aec33463aa2e9e02c223e264b44126?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1.18.0-1742211959"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-cli-tkn-rhel9@sha256:0c328a551c4927c815c6e50b9dbd8e77d6c7505f2ec0ee03be16f82bcc228a83_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-cli-tkn-rhel9@sha256:0c328a551c4927c815c6e50b9dbd8e77d6c7505f2ec0ee03be16f82bcc228a83_ppc64le",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-cli-tkn-rhel9@sha256:0c328a551c4927c815c6e50b9dbd8e77d6c7505f2ec0ee03be16f82bcc228a83_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-cli-tkn-rhel9@sha256%3A0c328a551c4927c815c6e50b9dbd8e77d6c7505f2ec0ee03be16f82bcc228a83?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1.18.0-1742211959"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-cli-tkn-rhel9@sha256:145c1960ffbaed81068376cd28f7b33ee99852faf5413f315e1df496fb194761_s390x",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-cli-tkn-rhel9@sha256:145c1960ffbaed81068376cd28f7b33ee99852faf5413f315e1df496fb194761_s390x",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-cli-tkn-rhel9@sha256:145c1960ffbaed81068376cd28f7b33ee99852faf5413f315e1df496fb194761_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-cli-tkn-rhel9@sha256%3A145c1960ffbaed81068376cd28f7b33ee99852faf5413f315e1df496fb194761?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1.18.0-1742211959"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-cli-tkn-rhel9@sha256:95a138747d0fac4b00a70805dd0b9262ed60aba940db894b90a94db8b786ac44_amd64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-cli-tkn-rhel9@sha256:95a138747d0fac4b00a70805dd0b9262ed60aba940db894b90a94db8b786ac44_amd64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-cli-tkn-rhel9@sha256:95a138747d0fac4b00a70805dd0b9262ed60aba940db894b90a94db8b786ac44_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-cli-tkn-rhel9@sha256%3A95a138747d0fac4b00a70805dd0b9262ed60aba940db894b90a94db8b786ac44?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1.18.0-1742211959"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-cli-tkn-rhel9@sha256:0c328a551c4927c815c6e50b9dbd8e77d6c7505f2ec0ee03be16f82bcc228a83_ppc64le as a component of Red Hat OpenShift Pipelines 1.18.0",
"product_id": "Red Hat OpenShift Pipelines 1.18.0:registry.redhat.io/openshift-pipelines/pipelines-cli-tkn-rhel9@sha256:0c328a551c4927c815c6e50b9dbd8e77d6c7505f2ec0ee03be16f82bcc228a83_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-cli-tkn-rhel9@sha256:0c328a551c4927c815c6e50b9dbd8e77d6c7505f2ec0ee03be16f82bcc228a83_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.18.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-cli-tkn-rhel9@sha256:145c1960ffbaed81068376cd28f7b33ee99852faf5413f315e1df496fb194761_s390x as a component of Red Hat OpenShift Pipelines 1.18.0",
"product_id": "Red Hat OpenShift Pipelines 1.18.0:registry.redhat.io/openshift-pipelines/pipelines-cli-tkn-rhel9@sha256:145c1960ffbaed81068376cd28f7b33ee99852faf5413f315e1df496fb194761_s390x"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-cli-tkn-rhel9@sha256:145c1960ffbaed81068376cd28f7b33ee99852faf5413f315e1df496fb194761_s390x",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.18.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-cli-tkn-rhel9@sha256:771b73b3d77172d48bbf7452e7cc8ae605aec33463aa2e9e02c223e264b44126_arm64 as a component of Red Hat OpenShift Pipelines 1.18.0",
"product_id": "Red Hat OpenShift Pipelines 1.18.0:registry.redhat.io/openshift-pipelines/pipelines-cli-tkn-rhel9@sha256:771b73b3d77172d48bbf7452e7cc8ae605aec33463aa2e9e02c223e264b44126_arm64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-cli-tkn-rhel9@sha256:771b73b3d77172d48bbf7452e7cc8ae605aec33463aa2e9e02c223e264b44126_arm64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.18.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-cli-tkn-rhel9@sha256:95a138747d0fac4b00a70805dd0b9262ed60aba940db894b90a94db8b786ac44_amd64 as a component of Red Hat OpenShift Pipelines 1.18.0",
"product_id": "Red Hat OpenShift Pipelines 1.18.0:registry.redhat.io/openshift-pipelines/pipelines-cli-tkn-rhel9@sha256:95a138747d0fac4b00a70805dd0b9262ed60aba940db894b90a94db8b786ac44_amd64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-cli-tkn-rhel9@sha256:95a138747d0fac4b00a70805dd0b9262ed60aba940db894b90a94db8b786ac44_amd64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.18.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-45337",
"cwe": {
"id": "CWE-285",
"name": "Improper Authorization"
},
"discovery_date": "2024-12-11T19:00:54.247490+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2331720"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the x/crypto/ssh go library. Applications and libraries that misuse the ServerConfig.PublicKeyCallback callback may be susceptible to an authorization bypass. For example, an attacker may send public keys A and B and authenticate with A. PublicKeyCallback would be called only twice, first with A and then with B. A vulnerable application may then make authorization decisions based on key B, for which the attacker does not control the private key. The misuse of ServerConfig.PublicKeyCallback may cause an authorization bypass.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is classified as important rather than critical because it does not directly enable unauthorized access but rather introduces a risk of authorization bypass if the application or library misuses the PublicKeyCallback API. The vulnerability relies on incorrect assumptions made by the application when handling the sequence or state of keys provided during SSH authentication. Properly implemented systems that use the Permissions field or avoid relying on external state remain unaffected. Additionally, the vulnerability does not allow direct exploitation to gain control over a system without the presence of insecure logic in the application\u0027s handling of authentication attempts.\n\n\nRed Hat Enterprise Linux(RHEL) 8 \u0026 9 and Red Hat Openshift marked as not affected as it was determined that the problem function `ServerConfig.PublicKeyCallback`, as noted in the CVE-2024-45337 issue, is not called by Podman, Buildah, containers-common, or the gvisor-tap-vsock projects.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Pipelines 1.18.0:registry.redhat.io/openshift-pipelines/pipelines-cli-tkn-rhel9@sha256:0c328a551c4927c815c6e50b9dbd8e77d6c7505f2ec0ee03be16f82bcc228a83_ppc64le",
"Red Hat OpenShift Pipelines 1.18.0:registry.redhat.io/openshift-pipelines/pipelines-cli-tkn-rhel9@sha256:145c1960ffbaed81068376cd28f7b33ee99852faf5413f315e1df496fb194761_s390x",
"Red Hat OpenShift Pipelines 1.18.0:registry.redhat.io/openshift-pipelines/pipelines-cli-tkn-rhel9@sha256:771b73b3d77172d48bbf7452e7cc8ae605aec33463aa2e9e02c223e264b44126_arm64",
"Red Hat OpenShift Pipelines 1.18.0:registry.redhat.io/openshift-pipelines/pipelines-cli-tkn-rhel9@sha256:95a138747d0fac4b00a70805dd0b9262ed60aba940db894b90a94db8b786ac44_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45337"
},
{
"category": "external",
"summary": "RHBZ#2331720",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331720"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45337"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45337",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45337"
},
{
"category": "external",
"summary": "https://github.com/golang/crypto/commit/b4f1988a35dee11ec3e05d6bf3e90b695fbd8909",
"url": "https://github.com/golang/crypto/commit/b4f1988a35dee11ec3e05d6bf3e90b695fbd8909"
},
{
"category": "external",
"summary": "https://go.dev/cl/635315",
"url": "https://go.dev/cl/635315"
},
{
"category": "external",
"summary": "https://go.dev/issue/70779",
"url": "https://go.dev/issue/70779"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/-nPEi39gI4Q/m/cGVPJCqdAQAJ",
"url": "https://groups.google.com/g/golang-announce/c/-nPEi39gI4Q/m/cGVPJCqdAQAJ"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3321",
"url": "https://pkg.go.dev/vuln/GO-2024-3321"
}
],
"release_date": "2024-12-11T18:55:58.506000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-17T12:53:03+00:00",
"details": "Red Hat OpenShift Pipelines is a cloud-native, continuous integration and continuous delivery (CI/CD) solution based on Kubernetes resources. It uses Tekton building blocks to automate deployments across multiple platforms by abstracting away the underlying implementation details. Tekton introduces a number of standard custom resource definitions (CRDs) for defining CI/CD pipelines that are portable across Kubernetes distributions.",
"product_ids": [
"Red Hat OpenShift Pipelines 1.18.0:registry.redhat.io/openshift-pipelines/pipelines-cli-tkn-rhel9@sha256:0c328a551c4927c815c6e50b9dbd8e77d6c7505f2ec0ee03be16f82bcc228a83_ppc64le",
"Red Hat OpenShift Pipelines 1.18.0:registry.redhat.io/openshift-pipelines/pipelines-cli-tkn-rhel9@sha256:145c1960ffbaed81068376cd28f7b33ee99852faf5413f315e1df496fb194761_s390x",
"Red Hat OpenShift Pipelines 1.18.0:registry.redhat.io/openshift-pipelines/pipelines-cli-tkn-rhel9@sha256:771b73b3d77172d48bbf7452e7cc8ae605aec33463aa2e9e02c223e264b44126_arm64",
"Red Hat OpenShift Pipelines 1.18.0:registry.redhat.io/openshift-pipelines/pipelines-cli-tkn-rhel9@sha256:95a138747d0fac4b00a70805dd0b9262ed60aba940db894b90a94db8b786ac44_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:2933"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift Pipelines 1.18.0:registry.redhat.io/openshift-pipelines/pipelines-cli-tkn-rhel9@sha256:0c328a551c4927c815c6e50b9dbd8e77d6c7505f2ec0ee03be16f82bcc228a83_ppc64le",
"Red Hat OpenShift Pipelines 1.18.0:registry.redhat.io/openshift-pipelines/pipelines-cli-tkn-rhel9@sha256:145c1960ffbaed81068376cd28f7b33ee99852faf5413f315e1df496fb194761_s390x",
"Red Hat OpenShift Pipelines 1.18.0:registry.redhat.io/openshift-pipelines/pipelines-cli-tkn-rhel9@sha256:771b73b3d77172d48bbf7452e7cc8ae605aec33463aa2e9e02c223e264b44126_arm64",
"Red Hat OpenShift Pipelines 1.18.0:registry.redhat.io/openshift-pipelines/pipelines-cli-tkn-rhel9@sha256:95a138747d0fac4b00a70805dd0b9262ed60aba940db894b90a94db8b786ac44_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Pipelines 1.18.0:registry.redhat.io/openshift-pipelines/pipelines-cli-tkn-rhel9@sha256:0c328a551c4927c815c6e50b9dbd8e77d6c7505f2ec0ee03be16f82bcc228a83_ppc64le",
"Red Hat OpenShift Pipelines 1.18.0:registry.redhat.io/openshift-pipelines/pipelines-cli-tkn-rhel9@sha256:145c1960ffbaed81068376cd28f7b33ee99852faf5413f315e1df496fb194761_s390x",
"Red Hat OpenShift Pipelines 1.18.0:registry.redhat.io/openshift-pipelines/pipelines-cli-tkn-rhel9@sha256:771b73b3d77172d48bbf7452e7cc8ae605aec33463aa2e9e02c223e264b44126_arm64",
"Red Hat OpenShift Pipelines 1.18.0:registry.redhat.io/openshift-pipelines/pipelines-cli-tkn-rhel9@sha256:95a138747d0fac4b00a70805dd0b9262ed60aba940db894b90a94db8b786ac44_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto"
},
{
"cve": "CVE-2024-45338",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2024-12-18T21:00:59.938173+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2333122"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/net/html. This flaw allows an attacker to craft input to the parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This issue can cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as an Important severity because an attacker can craft malicious input that causes the parsing functions to process data non-linearly, resulting in significant delays which leads to a denial of service by exhausting system resources.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Pipelines 1.18.0:registry.redhat.io/openshift-pipelines/pipelines-cli-tkn-rhel9@sha256:0c328a551c4927c815c6e50b9dbd8e77d6c7505f2ec0ee03be16f82bcc228a83_ppc64le",
"Red Hat OpenShift Pipelines 1.18.0:registry.redhat.io/openshift-pipelines/pipelines-cli-tkn-rhel9@sha256:145c1960ffbaed81068376cd28f7b33ee99852faf5413f315e1df496fb194761_s390x",
"Red Hat OpenShift Pipelines 1.18.0:registry.redhat.io/openshift-pipelines/pipelines-cli-tkn-rhel9@sha256:771b73b3d77172d48bbf7452e7cc8ae605aec33463aa2e9e02c223e264b44126_arm64",
"Red Hat OpenShift Pipelines 1.18.0:registry.redhat.io/openshift-pipelines/pipelines-cli-tkn-rhel9@sha256:95a138747d0fac4b00a70805dd0b9262ed60aba940db894b90a94db8b786ac44_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45338"
},
{
"category": "external",
"summary": "RHBZ#2333122",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2333122"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45338",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45338"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45338",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45338"
},
{
"category": "external",
"summary": "https://go.dev/cl/637536",
"url": "https://go.dev/cl/637536"
},
{
"category": "external",
"summary": "https://go.dev/issue/70906",
"url": "https://go.dev/issue/70906"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/wSCRmFnNmPA/m/Lvcd0mRMAwAJ",
"url": "https://groups.google.com/g/golang-announce/c/wSCRmFnNmPA/m/Lvcd0mRMAwAJ"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3333",
"url": "https://pkg.go.dev/vuln/GO-2024-3333"
}
],
"release_date": "2024-12-18T20:38:22.660000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-17T12:53:03+00:00",
"details": "Red Hat OpenShift Pipelines is a cloud-native, continuous integration and continuous delivery (CI/CD) solution based on Kubernetes resources. It uses Tekton building blocks to automate deployments across multiple platforms by abstracting away the underlying implementation details. Tekton introduces a number of standard custom resource definitions (CRDs) for defining CI/CD pipelines that are portable across Kubernetes distributions.",
"product_ids": [
"Red Hat OpenShift Pipelines 1.18.0:registry.redhat.io/openshift-pipelines/pipelines-cli-tkn-rhel9@sha256:0c328a551c4927c815c6e50b9dbd8e77d6c7505f2ec0ee03be16f82bcc228a83_ppc64le",
"Red Hat OpenShift Pipelines 1.18.0:registry.redhat.io/openshift-pipelines/pipelines-cli-tkn-rhel9@sha256:145c1960ffbaed81068376cd28f7b33ee99852faf5413f315e1df496fb194761_s390x",
"Red Hat OpenShift Pipelines 1.18.0:registry.redhat.io/openshift-pipelines/pipelines-cli-tkn-rhel9@sha256:771b73b3d77172d48bbf7452e7cc8ae605aec33463aa2e9e02c223e264b44126_arm64",
"Red Hat OpenShift Pipelines 1.18.0:registry.redhat.io/openshift-pipelines/pipelines-cli-tkn-rhel9@sha256:95a138747d0fac4b00a70805dd0b9262ed60aba940db894b90a94db8b786ac44_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:2933"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Pipelines 1.18.0:registry.redhat.io/openshift-pipelines/pipelines-cli-tkn-rhel9@sha256:0c328a551c4927c815c6e50b9dbd8e77d6c7505f2ec0ee03be16f82bcc228a83_ppc64le",
"Red Hat OpenShift Pipelines 1.18.0:registry.redhat.io/openshift-pipelines/pipelines-cli-tkn-rhel9@sha256:145c1960ffbaed81068376cd28f7b33ee99852faf5413f315e1df496fb194761_s390x",
"Red Hat OpenShift Pipelines 1.18.0:registry.redhat.io/openshift-pipelines/pipelines-cli-tkn-rhel9@sha256:771b73b3d77172d48bbf7452e7cc8ae605aec33463aa2e9e02c223e264b44126_arm64",
"Red Hat OpenShift Pipelines 1.18.0:registry.redhat.io/openshift-pipelines/pipelines-cli-tkn-rhel9@sha256:95a138747d0fac4b00a70805dd0b9262ed60aba940db894b90a94db8b786ac44_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html"
}
]
}
RHSA-2025:3069
Vulnerability from csaf_redhat - Published: 2025-03-20 08:37 - Updated: 2026-06-02 21:45Summary
Red Hat Security Advisory: Errata Advisory for Red Hat OpenShift GitOps v1.14.3 security update
Severity
Important
Notes
Topic: An update is now available for Red Hat OpenShift GitOps v1.14.3. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Errata Advisory for Red Hat OpenShift GitOps v1.14.3.
Security Fix(es):
* openshift-gitops-argocd-rhel9-container: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto [gitops-1.14](CVE-2024-45337)
* openshift-gitops-container: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto [gitops-1.14](CVE-2024-45337)
* openshift-gitops-argocd-rhel9-container: Argo CD does not scrub secret values from patch errors [gitops-1.14](CVE-2025-23216)
* openshift-gitops-container: Argo CD does not scrub secret values from patch errors [gitops-1.14](CVE-2025-23216)
* openshift-gitops-operator-bundle-container: Argo CD does not scrub secret values from patch errors [gitops-1.14](CVE-2025-23216)
* openshift-gitops-operator-container: Argo CD does not scrub secret values from patch errors [gitops-1.14](CVE-2025-23216)
* openshift-gitops-container: Argo CD does not scrub secret values from patch errors [gitops-1.14](CVE-2025-23216)
* openshift-gitops-console-plugin-container: Improper input validation in PostCSS [gitops-1.14](CVE-2023-44270)
* openshift-gitops-argo-rollouts-container: Non-linear parsing of case-insensitive content in golang.org/x/net/html [gitops-1.14](CVE-2024-45338)
* openshift-gitops-argocd-container: Non-linear parsing of case-insensitive content in golang.org/x/net/html [gitops-1.14](CVE-2024-45338)
* openshift-gitops-argocd-rhel9-container: Non-linear parsing of case-insensitive content in golang.org/x/net/html [gitops-1.14](CVE-2024-45338)
* openshift-gitops-dex-container: Non-linear parsing of case-insensitive content in golang.org/x/net/html [gitops-1.14](CVE-2024-45338)
* openshift-gitops-argocd-container: argument injection via the URL field [gitops-1.14](CVE-2025-21613)
* openshift-gitops-argocd-rhel9-container: go-git clients vulnerable to DoS via maliciously crafted Git server replies [gitops-1.14](CVE-2025-21614)
* openshift-gitops-argocd-container: go-git clients vulnerable to DoS via maliciously crafted Git server replies [gitops-1.14](CVE-2025-21614)
* openshift-gitops-container: go-git clients vulnerable to DoS via maliciously crafted Git server replies [gitops-1.14](CVE-2025-21614)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
There's a flaw in the PostCSS package where it fails to properly validate the input CSS, causing commented lines to be interpreted as code. An attacker may leverage that by crafting a CSS file with comments containing CSS code in order to force PostCSS to include the malicious CSS elements in its output. An successful attack may lead to integrity impact as it may inject elements in a web page when parsing untrusted CSS input.
5.3 (Medium)
Affected products
Fixed
35 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:868a4e993d8963e4fb64c1845f54f916f335d3c59f0596e966c6d926373f6ee1_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:9b883e71b2d12f8872b3a37b383087a488f9b74ddde0e0c6daf6ee04bdf15881_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:bf7f9ca8f33c935df306554b778e5291bcff9e92b7e9122498b0ad71d58b9166_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:ce0677023395a6d7c9598b820c6eb73b651eaa698aef9f5c27a25884fba5d643_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:04523979e4ab58120d959f88503957b1e13122952e3de03d9f0540f1e574c0d6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:64df9d55e7196fe56ebab88071f115d7fea26fa4396109bbf3bae11ffbf1f3a5_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:9017ef8967ebe3a14ea1e07d0a9624ef126b2928e233f09451aeea89a7f09366_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:ecb181ba7dfd4a5cdffa8ba9ca251dc4875ad7f41e9d60c4cc0a3462c233e489_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:050b358e7512599f412fddf711f8731d821223ba76c460b114fe4c4bfaf7cf1b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:83ba395adbfdae8d4973cea02ead8392089ac1051edd11e7defc6d07a122bca2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:dc4d641c87a3b65208ef2b46398f64ae69465daeb84b4d1022062d6c5f7347dc_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:e6eba59c8336bde1ed98947b2d4c626feb2113037bc724bd881f25b7f155f47b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:065b95a1612d15b3a7de1c5822555851535199711cc3890d56d7cb01e01666b3_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:1c59649ad569e25c3445e9655c8061b7f0b769514c0739f2e080216a55ca39c7_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:490512fefae58c6092394c8e751b7c1761583bff23b815e6f1649d55e9d43002_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:605123efdd9f31243e039929322b4a4f6ad160baaebce188fdbf2c4e7ff663ff_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-operator-bundle@sha256:ba442571ef9180765055f5224548c73e3da2be31731f8dd5b6b1beaf3e6732ee_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:1b81b7c26d7a848797f9944254963a89c3f6f0e727355bafcda5e483fee7b848_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:2caf6bd42e10f063d0991740706946d4205bf49540865bd4ed9091176add2aed_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:951de21fc848014beb5db2f7307ef639c6c76ec6eb7036b18c07047c8a914c48_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:ed04d67b3bd9ebc21a0aa2503823e5a476da44caa165999a33670198f5d1be37_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:72e761f1d00b0a322d4a7a10c824fe88e4ac7e156a279694b75ce3b42be0b6d6_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d20615c230e1b888bacdc374763eeca9b1f7612741f8ba52ded483ac688b858d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d86dcd96af06a338b577d9c940e6316ed9a807b9fc6a33d9f5c96e2b703679b8_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:f07aa6ccdc324a2631fc01b1f4af4317cdc0471c673bd8f5bf24560e0f012dd9_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:30b687a8309c17d5b4f5be6439b59f2dc540a306d625ee34bdf72626dc36c105_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:62e1ab7267cfd3536c3b2ba9592dffb7fb979cbb039a1a90320a03b751d5f728_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:b5ba9620f23fed74b983a090cec19f6ed74ddffdd1be7d9d89f1201c0c83c1b1_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:c0ec76e307a2867dc1064a3470e17a2e1533233e1a119ce5f32e2b3c07428d08_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:a909f1ebb5cf719e4308bbd162fea14e66b0ad6f7e91163699e8f9cbf61ec852_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:c997c25ec7fee2ce060c6772925548af8d36146ed4632557852a948f496c9823_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:e543925d538de28ab98c71841a47d4384c4354add0fb3457500aafc618be79d9_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:fcbfff3d353947889e627035d1d52d4533ce5713c7e1951d90417bb228499143_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:afe138c16496c84126ecbd5baac4223e61f15ee30ec0249468ed3335ab7d4814_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:cb21a99b094e4609050927687050d8a95675d212bec76e981635ef192925d8ba_amd64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in the x/crypto/ssh go library. Applications and libraries that misuse the ServerConfig.PublicKeyCallback callback may be susceptible to an authorization bypass. For example, an attacker may send public keys A and B and authenticate with A. PublicKeyCallback would be called only twice, first with A and then with B. A vulnerable application may then make authorization decisions based on key B, for which the attacker does not control the private key. The misuse of ServerConfig.PublicKeyCallback may cause an authorization bypass.
8.2 (High)
Affected products
Fixed
35 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:868a4e993d8963e4fb64c1845f54f916f335d3c59f0596e966c6d926373f6ee1_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:9b883e71b2d12f8872b3a37b383087a488f9b74ddde0e0c6daf6ee04bdf15881_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:bf7f9ca8f33c935df306554b778e5291bcff9e92b7e9122498b0ad71d58b9166_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:ce0677023395a6d7c9598b820c6eb73b651eaa698aef9f5c27a25884fba5d643_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:04523979e4ab58120d959f88503957b1e13122952e3de03d9f0540f1e574c0d6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:64df9d55e7196fe56ebab88071f115d7fea26fa4396109bbf3bae11ffbf1f3a5_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:9017ef8967ebe3a14ea1e07d0a9624ef126b2928e233f09451aeea89a7f09366_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:ecb181ba7dfd4a5cdffa8ba9ca251dc4875ad7f41e9d60c4cc0a3462c233e489_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:050b358e7512599f412fddf711f8731d821223ba76c460b114fe4c4bfaf7cf1b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:83ba395adbfdae8d4973cea02ead8392089ac1051edd11e7defc6d07a122bca2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:dc4d641c87a3b65208ef2b46398f64ae69465daeb84b4d1022062d6c5f7347dc_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:e6eba59c8336bde1ed98947b2d4c626feb2113037bc724bd881f25b7f155f47b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:065b95a1612d15b3a7de1c5822555851535199711cc3890d56d7cb01e01666b3_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:1c59649ad569e25c3445e9655c8061b7f0b769514c0739f2e080216a55ca39c7_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:490512fefae58c6092394c8e751b7c1761583bff23b815e6f1649d55e9d43002_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:605123efdd9f31243e039929322b4a4f6ad160baaebce188fdbf2c4e7ff663ff_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-operator-bundle@sha256:ba442571ef9180765055f5224548c73e3da2be31731f8dd5b6b1beaf3e6732ee_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:1b81b7c26d7a848797f9944254963a89c3f6f0e727355bafcda5e483fee7b848_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:2caf6bd42e10f063d0991740706946d4205bf49540865bd4ed9091176add2aed_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:951de21fc848014beb5db2f7307ef639c6c76ec6eb7036b18c07047c8a914c48_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:ed04d67b3bd9ebc21a0aa2503823e5a476da44caa165999a33670198f5d1be37_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:72e761f1d00b0a322d4a7a10c824fe88e4ac7e156a279694b75ce3b42be0b6d6_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d20615c230e1b888bacdc374763eeca9b1f7612741f8ba52ded483ac688b858d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d86dcd96af06a338b577d9c940e6316ed9a807b9fc6a33d9f5c96e2b703679b8_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:f07aa6ccdc324a2631fc01b1f4af4317cdc0471c673bd8f5bf24560e0f012dd9_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:30b687a8309c17d5b4f5be6439b59f2dc540a306d625ee34bdf72626dc36c105_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:62e1ab7267cfd3536c3b2ba9592dffb7fb979cbb039a1a90320a03b751d5f728_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:b5ba9620f23fed74b983a090cec19f6ed74ddffdd1be7d9d89f1201c0c83c1b1_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:c0ec76e307a2867dc1064a3470e17a2e1533233e1a119ce5f32e2b3c07428d08_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:a909f1ebb5cf719e4308bbd162fea14e66b0ad6f7e91163699e8f9cbf61ec852_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:c997c25ec7fee2ce060c6772925548af8d36146ed4632557852a948f496c9823_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:e543925d538de28ab98c71841a47d4384c4354add0fb3457500aafc618be79d9_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:fcbfff3d353947889e627035d1d52d4533ce5713c7e1951d90417bb228499143_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:afe138c16496c84126ecbd5baac4223e61f15ee30ec0249468ed3335ab7d4814_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:cb21a99b094e4609050927687050d8a95675d212bec76e981635ef192925d8ba_amd64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A flaw was found in golang.org/x/net/html. This flaw allows an attacker to craft input to the parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This issue can cause a denial of service.
7.5 (High)
Affected products
Fixed
35 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:868a4e993d8963e4fb64c1845f54f916f335d3c59f0596e966c6d926373f6ee1_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:9b883e71b2d12f8872b3a37b383087a488f9b74ddde0e0c6daf6ee04bdf15881_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:bf7f9ca8f33c935df306554b778e5291bcff9e92b7e9122498b0ad71d58b9166_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:ce0677023395a6d7c9598b820c6eb73b651eaa698aef9f5c27a25884fba5d643_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:04523979e4ab58120d959f88503957b1e13122952e3de03d9f0540f1e574c0d6_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:64df9d55e7196fe56ebab88071f115d7fea26fa4396109bbf3bae11ffbf1f3a5_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:9017ef8967ebe3a14ea1e07d0a9624ef126b2928e233f09451aeea89a7f09366_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:ecb181ba7dfd4a5cdffa8ba9ca251dc4875ad7f41e9d60c4cc0a3462c233e489_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:050b358e7512599f412fddf711f8731d821223ba76c460b114fe4c4bfaf7cf1b_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:83ba395adbfdae8d4973cea02ead8392089ac1051edd11e7defc6d07a122bca2_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:dc4d641c87a3b65208ef2b46398f64ae69465daeb84b4d1022062d6c5f7347dc_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:e6eba59c8336bde1ed98947b2d4c626feb2113037bc724bd881f25b7f155f47b_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:065b95a1612d15b3a7de1c5822555851535199711cc3890d56d7cb01e01666b3_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:1c59649ad569e25c3445e9655c8061b7f0b769514c0739f2e080216a55ca39c7_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:490512fefae58c6092394c8e751b7c1761583bff23b815e6f1649d55e9d43002_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:605123efdd9f31243e039929322b4a4f6ad160baaebce188fdbf2c4e7ff663ff_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-operator-bundle@sha256:ba442571ef9180765055f5224548c73e3da2be31731f8dd5b6b1beaf3e6732ee_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:1b81b7c26d7a848797f9944254963a89c3f6f0e727355bafcda5e483fee7b848_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:2caf6bd42e10f063d0991740706946d4205bf49540865bd4ed9091176add2aed_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:951de21fc848014beb5db2f7307ef639c6c76ec6eb7036b18c07047c8a914c48_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:ed04d67b3bd9ebc21a0aa2503823e5a476da44caa165999a33670198f5d1be37_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:72e761f1d00b0a322d4a7a10c824fe88e4ac7e156a279694b75ce3b42be0b6d6_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d20615c230e1b888bacdc374763eeca9b1f7612741f8ba52ded483ac688b858d_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d86dcd96af06a338b577d9c940e6316ed9a807b9fc6a33d9f5c96e2b703679b8_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:f07aa6ccdc324a2631fc01b1f4af4317cdc0471c673bd8f5bf24560e0f012dd9_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:30b687a8309c17d5b4f5be6439b59f2dc540a306d625ee34bdf72626dc36c105_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:62e1ab7267cfd3536c3b2ba9592dffb7fb979cbb039a1a90320a03b751d5f728_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:b5ba9620f23fed74b983a090cec19f6ed74ddffdd1be7d9d89f1201c0c83c1b1_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:c0ec76e307a2867dc1064a3470e17a2e1533233e1a119ce5f32e2b3c07428d08_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:a909f1ebb5cf719e4308bbd162fea14e66b0ad6f7e91163699e8f9cbf61ec852_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:c997c25ec7fee2ce060c6772925548af8d36146ed4632557852a948f496c9823_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:e543925d538de28ab98c71841a47d4384c4354add0fb3457500aafc618be79d9_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:fcbfff3d353947889e627035d1d52d4533ce5713c7e1951d90417bb228499143_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:afe138c16496c84126ecbd5baac4223e61f15ee30ec0249468ed3335ab7d4814_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:cb21a99b094e4609050927687050d8a95675d212bec76e981635ef192925d8ba_amd64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
An argument injection vulnerability was found in go-git. This flaw allows an attacker to set arbitrary values to git-upload-pack flags, leading to command or code execution, exposure of sensitive data, or other unintended behavior. This is only possible in configurations where the file transport protocol is being used.
8.1 (High)
Affected products
Fixed
35 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:868a4e993d8963e4fb64c1845f54f916f335d3c59f0596e966c6d926373f6ee1_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:9b883e71b2d12f8872b3a37b383087a488f9b74ddde0e0c6daf6ee04bdf15881_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:bf7f9ca8f33c935df306554b778e5291bcff9e92b7e9122498b0ad71d58b9166_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:ce0677023395a6d7c9598b820c6eb73b651eaa698aef9f5c27a25884fba5d643_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:04523979e4ab58120d959f88503957b1e13122952e3de03d9f0540f1e574c0d6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:64df9d55e7196fe56ebab88071f115d7fea26fa4396109bbf3bae11ffbf1f3a5_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:9017ef8967ebe3a14ea1e07d0a9624ef126b2928e233f09451aeea89a7f09366_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:ecb181ba7dfd4a5cdffa8ba9ca251dc4875ad7f41e9d60c4cc0a3462c233e489_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:050b358e7512599f412fddf711f8731d821223ba76c460b114fe4c4bfaf7cf1b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:83ba395adbfdae8d4973cea02ead8392089ac1051edd11e7defc6d07a122bca2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:dc4d641c87a3b65208ef2b46398f64ae69465daeb84b4d1022062d6c5f7347dc_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:e6eba59c8336bde1ed98947b2d4c626feb2113037bc724bd881f25b7f155f47b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:065b95a1612d15b3a7de1c5822555851535199711cc3890d56d7cb01e01666b3_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:1c59649ad569e25c3445e9655c8061b7f0b769514c0739f2e080216a55ca39c7_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:490512fefae58c6092394c8e751b7c1761583bff23b815e6f1649d55e9d43002_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:605123efdd9f31243e039929322b4a4f6ad160baaebce188fdbf2c4e7ff663ff_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-operator-bundle@sha256:ba442571ef9180765055f5224548c73e3da2be31731f8dd5b6b1beaf3e6732ee_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:1b81b7c26d7a848797f9944254963a89c3f6f0e727355bafcda5e483fee7b848_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:2caf6bd42e10f063d0991740706946d4205bf49540865bd4ed9091176add2aed_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:951de21fc848014beb5db2f7307ef639c6c76ec6eb7036b18c07047c8a914c48_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:ed04d67b3bd9ebc21a0aa2503823e5a476da44caa165999a33670198f5d1be37_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:72e761f1d00b0a322d4a7a10c824fe88e4ac7e156a279694b75ce3b42be0b6d6_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d20615c230e1b888bacdc374763eeca9b1f7612741f8ba52ded483ac688b858d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d86dcd96af06a338b577d9c940e6316ed9a807b9fc6a33d9f5c96e2b703679b8_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:f07aa6ccdc324a2631fc01b1f4af4317cdc0471c673bd8f5bf24560e0f012dd9_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:30b687a8309c17d5b4f5be6439b59f2dc540a306d625ee34bdf72626dc36c105_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:62e1ab7267cfd3536c3b2ba9592dffb7fb979cbb039a1a90320a03b751d5f728_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:b5ba9620f23fed74b983a090cec19f6ed74ddffdd1be7d9d89f1201c0c83c1b1_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:c0ec76e307a2867dc1064a3470e17a2e1533233e1a119ce5f32e2b3c07428d08_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:a909f1ebb5cf719e4308bbd162fea14e66b0ad6f7e91163699e8f9cbf61ec852_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:c997c25ec7fee2ce060c6772925548af8d36146ed4632557852a948f496c9823_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:e543925d538de28ab98c71841a47d4384c4354add0fb3457500aafc618be79d9_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:fcbfff3d353947889e627035d1d52d4533ce5713c7e1951d90417bb228499143_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:afe138c16496c84126ecbd5baac4223e61f15ee30ec0249468ed3335ab7d4814_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:cb21a99b094e4609050927687050d8a95675d212bec76e981635ef192925d8ba_amd64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A denial of service (DoS) vulnerability was found in go-git. This vulnerability allows an attacker to perform denial of service attacks by providing specially crafted responses from a Git server, which triggers resource exhaustion in go-git clients.
7.5 (High)
Affected products
Fixed
35 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:868a4e993d8963e4fb64c1845f54f916f335d3c59f0596e966c6d926373f6ee1_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:9b883e71b2d12f8872b3a37b383087a488f9b74ddde0e0c6daf6ee04bdf15881_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:bf7f9ca8f33c935df306554b778e5291bcff9e92b7e9122498b0ad71d58b9166_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:ce0677023395a6d7c9598b820c6eb73b651eaa698aef9f5c27a25884fba5d643_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:04523979e4ab58120d959f88503957b1e13122952e3de03d9f0540f1e574c0d6_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:64df9d55e7196fe56ebab88071f115d7fea26fa4396109bbf3bae11ffbf1f3a5_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:9017ef8967ebe3a14ea1e07d0a9624ef126b2928e233f09451aeea89a7f09366_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:ecb181ba7dfd4a5cdffa8ba9ca251dc4875ad7f41e9d60c4cc0a3462c233e489_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:050b358e7512599f412fddf711f8731d821223ba76c460b114fe4c4bfaf7cf1b_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:83ba395adbfdae8d4973cea02ead8392089ac1051edd11e7defc6d07a122bca2_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:dc4d641c87a3b65208ef2b46398f64ae69465daeb84b4d1022062d6c5f7347dc_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:e6eba59c8336bde1ed98947b2d4c626feb2113037bc724bd881f25b7f155f47b_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:065b95a1612d15b3a7de1c5822555851535199711cc3890d56d7cb01e01666b3_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:1c59649ad569e25c3445e9655c8061b7f0b769514c0739f2e080216a55ca39c7_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:490512fefae58c6092394c8e751b7c1761583bff23b815e6f1649d55e9d43002_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:605123efdd9f31243e039929322b4a4f6ad160baaebce188fdbf2c4e7ff663ff_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-operator-bundle@sha256:ba442571ef9180765055f5224548c73e3da2be31731f8dd5b6b1beaf3e6732ee_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:1b81b7c26d7a848797f9944254963a89c3f6f0e727355bafcda5e483fee7b848_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:2caf6bd42e10f063d0991740706946d4205bf49540865bd4ed9091176add2aed_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:951de21fc848014beb5db2f7307ef639c6c76ec6eb7036b18c07047c8a914c48_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:ed04d67b3bd9ebc21a0aa2503823e5a476da44caa165999a33670198f5d1be37_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:72e761f1d00b0a322d4a7a10c824fe88e4ac7e156a279694b75ce3b42be0b6d6_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d20615c230e1b888bacdc374763eeca9b1f7612741f8ba52ded483ac688b858d_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d86dcd96af06a338b577d9c940e6316ed9a807b9fc6a33d9f5c96e2b703679b8_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:f07aa6ccdc324a2631fc01b1f4af4317cdc0471c673bd8f5bf24560e0f012dd9_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:30b687a8309c17d5b4f5be6439b59f2dc540a306d625ee34bdf72626dc36c105_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:62e1ab7267cfd3536c3b2ba9592dffb7fb979cbb039a1a90320a03b751d5f728_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:b5ba9620f23fed74b983a090cec19f6ed74ddffdd1be7d9d89f1201c0c83c1b1_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:c0ec76e307a2867dc1064a3470e17a2e1533233e1a119ce5f32e2b3c07428d08_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:a909f1ebb5cf719e4308bbd162fea14e66b0ad6f7e91163699e8f9cbf61ec852_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:c997c25ec7fee2ce060c6772925548af8d36146ed4632557852a948f496c9823_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:e543925d538de28ab98c71841a47d4384c4354add0fb3457500aafc618be79d9_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:fcbfff3d353947889e627035d1d52d4533ce5713c7e1951d90417bb228499143_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:afe138c16496c84126ecbd5baac4223e61f15ee30ec0249468ed3335ab7d4814_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:cb21a99b094e4609050927687050d8a95675d212bec76e981635ef192925d8ba_amd64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
A vulnerability was found in Argo CD where secret values can be exposed in error messages when an invalid Kubernetes Secret resource is synced from a repository. An attacker must have write access to the repository and any user with read access can view the exposed data.
6.8 (Medium)
Affected products
Fixed
35 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:868a4e993d8963e4fb64c1845f54f916f335d3c59f0596e966c6d926373f6ee1_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:9b883e71b2d12f8872b3a37b383087a488f9b74ddde0e0c6daf6ee04bdf15881_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:bf7f9ca8f33c935df306554b778e5291bcff9e92b7e9122498b0ad71d58b9166_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:ce0677023395a6d7c9598b820c6eb73b651eaa698aef9f5c27a25884fba5d643_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:04523979e4ab58120d959f88503957b1e13122952e3de03d9f0540f1e574c0d6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:64df9d55e7196fe56ebab88071f115d7fea26fa4396109bbf3bae11ffbf1f3a5_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:9017ef8967ebe3a14ea1e07d0a9624ef126b2928e233f09451aeea89a7f09366_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:ecb181ba7dfd4a5cdffa8ba9ca251dc4875ad7f41e9d60c4cc0a3462c233e489_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:050b358e7512599f412fddf711f8731d821223ba76c460b114fe4c4bfaf7cf1b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:83ba395adbfdae8d4973cea02ead8392089ac1051edd11e7defc6d07a122bca2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:dc4d641c87a3b65208ef2b46398f64ae69465daeb84b4d1022062d6c5f7347dc_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:e6eba59c8336bde1ed98947b2d4c626feb2113037bc724bd881f25b7f155f47b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:065b95a1612d15b3a7de1c5822555851535199711cc3890d56d7cb01e01666b3_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:1c59649ad569e25c3445e9655c8061b7f0b769514c0739f2e080216a55ca39c7_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:490512fefae58c6092394c8e751b7c1761583bff23b815e6f1649d55e9d43002_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:605123efdd9f31243e039929322b4a4f6ad160baaebce188fdbf2c4e7ff663ff_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-operator-bundle@sha256:ba442571ef9180765055f5224548c73e3da2be31731f8dd5b6b1beaf3e6732ee_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:1b81b7c26d7a848797f9944254963a89c3f6f0e727355bafcda5e483fee7b848_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:2caf6bd42e10f063d0991740706946d4205bf49540865bd4ed9091176add2aed_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:951de21fc848014beb5db2f7307ef639c6c76ec6eb7036b18c07047c8a914c48_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:ed04d67b3bd9ebc21a0aa2503823e5a476da44caa165999a33670198f5d1be37_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:72e761f1d00b0a322d4a7a10c824fe88e4ac7e156a279694b75ce3b42be0b6d6_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d20615c230e1b888bacdc374763eeca9b1f7612741f8ba52ded483ac688b858d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d86dcd96af06a338b577d9c940e6316ed9a807b9fc6a33d9f5c96e2b703679b8_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:f07aa6ccdc324a2631fc01b1f4af4317cdc0471c673bd8f5bf24560e0f012dd9_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:30b687a8309c17d5b4f5be6439b59f2dc540a306d625ee34bdf72626dc36c105_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:62e1ab7267cfd3536c3b2ba9592dffb7fb979cbb039a1a90320a03b751d5f728_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:b5ba9620f23fed74b983a090cec19f6ed74ddffdd1be7d9d89f1201c0c83c1b1_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:c0ec76e307a2867dc1064a3470e17a2e1533233e1a119ce5f32e2b3c07428d08_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:a909f1ebb5cf719e4308bbd162fea14e66b0ad6f7e91163699e8f9cbf61ec852_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:c997c25ec7fee2ce060c6772925548af8d36146ed4632557852a948f496c9823_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:e543925d538de28ab98c71841a47d4384c4354add0fb3457500aafc618be79d9_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:fcbfff3d353947889e627035d1d52d4533ce5713c7e1951d90417bb228499143_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:afe138c16496c84126ecbd5baac4223e61f15ee30ec0249468ed3335ab7d4814_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:cb21a99b094e4609050927687050d8a95675d212bec76e981635ef192925d8ba_amd64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
References
55 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat OpenShift GitOps v1.14.3. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Errata Advisory for Red Hat OpenShift GitOps v1.14.3.\n\nSecurity Fix(es):\n\n* openshift-gitops-argocd-rhel9-container: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto [gitops-1.14](CVE-2024-45337)\n* openshift-gitops-container: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto [gitops-1.14](CVE-2024-45337)\n* openshift-gitops-argocd-rhel9-container: Argo CD does not scrub secret values from patch errors [gitops-1.14](CVE-2025-23216)\n* openshift-gitops-container: Argo CD does not scrub secret values from patch errors [gitops-1.14](CVE-2025-23216)\n* openshift-gitops-operator-bundle-container: Argo CD does not scrub secret values from patch errors [gitops-1.14](CVE-2025-23216)\n* openshift-gitops-operator-container: Argo CD does not scrub secret values from patch errors [gitops-1.14](CVE-2025-23216)\n* openshift-gitops-container: Argo CD does not scrub secret values from patch errors [gitops-1.14](CVE-2025-23216)\n* openshift-gitops-console-plugin-container: Improper input validation in PostCSS [gitops-1.14](CVE-2023-44270)\n* openshift-gitops-argo-rollouts-container: Non-linear parsing of case-insensitive content in golang.org/x/net/html [gitops-1.14](CVE-2024-45338)\n* openshift-gitops-argocd-container: Non-linear parsing of case-insensitive content in golang.org/x/net/html [gitops-1.14](CVE-2024-45338)\n* openshift-gitops-argocd-rhel9-container: Non-linear parsing of case-insensitive content in golang.org/x/net/html [gitops-1.14](CVE-2024-45338)\n* openshift-gitops-dex-container: Non-linear parsing of case-insensitive content in golang.org/x/net/html [gitops-1.14](CVE-2024-45338)\n* openshift-gitops-argocd-container: argument injection via the URL field [gitops-1.14](CVE-2025-21613)\n* openshift-gitops-argocd-rhel9-container: go-git clients vulnerable to DoS via maliciously crafted Git server replies [gitops-1.14](CVE-2025-21614)\n* openshift-gitops-argocd-container: go-git clients vulnerable to DoS via maliciously crafted Git server replies [gitops-1.14](CVE-2025-21614)\n* openshift-gitops-container: go-git clients vulnerable to DoS via maliciously crafted Git server replies [gitops-1.14](CVE-2025-21614)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:3069",
"url": "https://access.redhat.com/errata/RHSA-2025:3069"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2326998",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2326998"
},
{
"category": "external",
"summary": "2331720",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331720"
},
{
"category": "external",
"summary": "2333122",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2333122"
},
{
"category": "external",
"summary": "2335888",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2335888"
},
{
"category": "external",
"summary": "2335901",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2335901"
},
{
"category": "external",
"summary": "2342987",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2342987"
},
{
"category": "external",
"summary": "GITOPS-5970",
"url": "https://issues.redhat.com/browse/GITOPS-5970"
},
{
"category": "external",
"summary": "GITOPS-5978",
"url": "https://issues.redhat.com/browse/GITOPS-5978"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_3069.json"
}
],
"title": "Red Hat Security Advisory: Errata Advisory for Red Hat OpenShift GitOps v1.14.3 security update",
"tracking": {
"current_release_date": "2026-06-02T21:45:26+00:00",
"generator": {
"date": "2026-06-02T21:45:26+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHSA-2025:3069",
"initial_release_date": "2025-03-20T08:37:59+00:00",
"revision_history": [
{
"date": "2025-03-20T08:37:59+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-03-20T08:37:59+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-02T21:45:26+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift GitOps 1.14",
"product": {
"name": "Red Hat OpenShift GitOps 1.14",
"product_id": "8Base-GitOps-1.14",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_gitops:1.14::el8"
}
}
},
{
"category": "product_name",
"name": "Red Hat OpenShift GitOps 1.14",
"product": {
"name": "Red Hat OpenShift GitOps 1.14",
"product_id": "9Base-GitOps-1.14",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_gitops:1.14::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift GitOps"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-gitops-1/argocd-rhel8@sha256:9017ef8967ebe3a14ea1e07d0a9624ef126b2928e233f09451aeea89a7f09366_arm64",
"product": {
"name": "openshift-gitops-1/argocd-rhel8@sha256:9017ef8967ebe3a14ea1e07d0a9624ef126b2928e233f09451aeea89a7f09366_arm64",
"product_id": "openshift-gitops-1/argocd-rhel8@sha256:9017ef8967ebe3a14ea1e07d0a9624ef126b2928e233f09451aeea89a7f09366_arm64",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel8@sha256:9017ef8967ebe3a14ea1e07d0a9624ef126b2928e233f09451aeea89a7f09366?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/argocd-rhel8\u0026tag=v1.14.3-4"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/argocd-rhel9@sha256:afe138c16496c84126ecbd5baac4223e61f15ee30ec0249468ed3335ab7d4814_arm64",
"product": {
"name": "openshift-gitops-1/argocd-rhel9@sha256:afe138c16496c84126ecbd5baac4223e61f15ee30ec0249468ed3335ab7d4814_arm64",
"product_id": "openshift-gitops-1/argocd-rhel9@sha256:afe138c16496c84126ecbd5baac4223e61f15ee30ec0249468ed3335ab7d4814_arm64",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel9@sha256:afe138c16496c84126ecbd5baac4223e61f15ee30ec0249468ed3335ab7d4814?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/argocd-rhel9\u0026tag=v1.14.3-1"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:868a4e993d8963e4fb64c1845f54f916f335d3c59f0596e966c6d926373f6ee1_arm64",
"product": {
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:868a4e993d8963e4fb64c1845f54f916f335d3c59f0596e966c6d926373f6ee1_arm64",
"product_id": "openshift-gitops-1/argo-rollouts-rhel8@sha256:868a4e993d8963e4fb64c1845f54f916f335d3c59f0596e966c6d926373f6ee1_arm64",
"product_identification_helper": {
"purl": "pkg:oci/argo-rollouts-rhel8@sha256:868a4e993d8963e4fb64c1845f54f916f335d3c59f0596e966c6d926373f6ee1?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8\u0026tag=v1.14.3-4"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:e6eba59c8336bde1ed98947b2d4c626feb2113037bc724bd881f25b7f155f47b_arm64",
"product": {
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:e6eba59c8336bde1ed98947b2d4c626feb2113037bc724bd881f25b7f155f47b_arm64",
"product_id": "openshift-gitops-1/console-plugin-rhel8@sha256:e6eba59c8336bde1ed98947b2d4c626feb2113037bc724bd881f25b7f155f47b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/console-plugin-rhel8@sha256:e6eba59c8336bde1ed98947b2d4c626feb2113037bc724bd881f25b7f155f47b?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/console-plugin-rhel8\u0026tag=v1.14.3-4"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-rhel8@sha256:f07aa6ccdc324a2631fc01b1f4af4317cdc0471c673bd8f5bf24560e0f012dd9_arm64",
"product": {
"name": "openshift-gitops-1/gitops-rhel8@sha256:f07aa6ccdc324a2631fc01b1f4af4317cdc0471c673bd8f5bf24560e0f012dd9_arm64",
"product_id": "openshift-gitops-1/gitops-rhel8@sha256:f07aa6ccdc324a2631fc01b1f4af4317cdc0471c673bd8f5bf24560e0f012dd9_arm64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8@sha256:f07aa6ccdc324a2631fc01b1f4af4317cdc0471c673bd8f5bf24560e0f012dd9?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8\u0026tag=v1.14.3-4"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/dex-rhel8@sha256:1c59649ad569e25c3445e9655c8061b7f0b769514c0739f2e080216a55ca39c7_arm64",
"product": {
"name": "openshift-gitops-1/dex-rhel8@sha256:1c59649ad569e25c3445e9655c8061b7f0b769514c0739f2e080216a55ca39c7_arm64",
"product_id": "openshift-gitops-1/dex-rhel8@sha256:1c59649ad569e25c3445e9655c8061b7f0b769514c0739f2e080216a55ca39c7_arm64",
"product_identification_helper": {
"purl": "pkg:oci/dex-rhel8@sha256:1c59649ad569e25c3445e9655c8061b7f0b769514c0739f2e080216a55ca39c7?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/dex-rhel8\u0026tag=v1.14.3-4"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:62e1ab7267cfd3536c3b2ba9592dffb7fb979cbb039a1a90320a03b751d5f728_arm64",
"product": {
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:62e1ab7267cfd3536c3b2ba9592dffb7fb979cbb039a1a90320a03b751d5f728_arm64",
"product_id": "openshift-gitops-1/kam-delivery-rhel8@sha256:62e1ab7267cfd3536c3b2ba9592dffb7fb979cbb039a1a90320a03b751d5f728_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kam-delivery-rhel8@sha256:62e1ab7267cfd3536c3b2ba9592dffb7fb979cbb039a1a90320a03b751d5f728?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/kam-delivery-rhel8\u0026tag=v1.14.3-4"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/must-gather-rhel8@sha256:a909f1ebb5cf719e4308bbd162fea14e66b0ad6f7e91163699e8f9cbf61ec852_arm64",
"product": {
"name": "openshift-gitops-1/must-gather-rhel8@sha256:a909f1ebb5cf719e4308bbd162fea14e66b0ad6f7e91163699e8f9cbf61ec852_arm64",
"product_id": "openshift-gitops-1/must-gather-rhel8@sha256:a909f1ebb5cf719e4308bbd162fea14e66b0ad6f7e91163699e8f9cbf61ec852_arm64",
"product_identification_helper": {
"purl": "pkg:oci/must-gather-rhel8@sha256:a909f1ebb5cf719e4308bbd162fea14e66b0ad6f7e91163699e8f9cbf61ec852?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/must-gather-rhel8\u0026tag=v1.14.3-4"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:ed04d67b3bd9ebc21a0aa2503823e5a476da44caa165999a33670198f5d1be37_arm64",
"product": {
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:ed04d67b3bd9ebc21a0aa2503823e5a476da44caa165999a33670198f5d1be37_arm64",
"product_id": "openshift-gitops-1/gitops-rhel8-operator@sha256:ed04d67b3bd9ebc21a0aa2503823e5a476da44caa165999a33670198f5d1be37_arm64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8-operator@sha256:ed04d67b3bd9ebc21a0aa2503823e5a476da44caa165999a33670198f5d1be37?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator\u0026tag=v1.14.3-4"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-gitops-1/argocd-rhel8@sha256:04523979e4ab58120d959f88503957b1e13122952e3de03d9f0540f1e574c0d6_ppc64le",
"product": {
"name": "openshift-gitops-1/argocd-rhel8@sha256:04523979e4ab58120d959f88503957b1e13122952e3de03d9f0540f1e574c0d6_ppc64le",
"product_id": "openshift-gitops-1/argocd-rhel8@sha256:04523979e4ab58120d959f88503957b1e13122952e3de03d9f0540f1e574c0d6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel8@sha256:04523979e4ab58120d959f88503957b1e13122952e3de03d9f0540f1e574c0d6?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/argocd-rhel8\u0026tag=v1.14.3-4"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:bf7f9ca8f33c935df306554b778e5291bcff9e92b7e9122498b0ad71d58b9166_ppc64le",
"product": {
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:bf7f9ca8f33c935df306554b778e5291bcff9e92b7e9122498b0ad71d58b9166_ppc64le",
"product_id": "openshift-gitops-1/argo-rollouts-rhel8@sha256:bf7f9ca8f33c935df306554b778e5291bcff9e92b7e9122498b0ad71d58b9166_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/argo-rollouts-rhel8@sha256:bf7f9ca8f33c935df306554b778e5291bcff9e92b7e9122498b0ad71d58b9166?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8\u0026tag=v1.14.3-4"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:050b358e7512599f412fddf711f8731d821223ba76c460b114fe4c4bfaf7cf1b_ppc64le",
"product": {
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:050b358e7512599f412fddf711f8731d821223ba76c460b114fe4c4bfaf7cf1b_ppc64le",
"product_id": "openshift-gitops-1/console-plugin-rhel8@sha256:050b358e7512599f412fddf711f8731d821223ba76c460b114fe4c4bfaf7cf1b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/console-plugin-rhel8@sha256:050b358e7512599f412fddf711f8731d821223ba76c460b114fe4c4bfaf7cf1b?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/console-plugin-rhel8\u0026tag=v1.14.3-4"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-rhel8@sha256:d20615c230e1b888bacdc374763eeca9b1f7612741f8ba52ded483ac688b858d_ppc64le",
"product": {
"name": "openshift-gitops-1/gitops-rhel8@sha256:d20615c230e1b888bacdc374763eeca9b1f7612741f8ba52ded483ac688b858d_ppc64le",
"product_id": "openshift-gitops-1/gitops-rhel8@sha256:d20615c230e1b888bacdc374763eeca9b1f7612741f8ba52ded483ac688b858d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8@sha256:d20615c230e1b888bacdc374763eeca9b1f7612741f8ba52ded483ac688b858d?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8\u0026tag=v1.14.3-4"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/dex-rhel8@sha256:065b95a1612d15b3a7de1c5822555851535199711cc3890d56d7cb01e01666b3_ppc64le",
"product": {
"name": "openshift-gitops-1/dex-rhel8@sha256:065b95a1612d15b3a7de1c5822555851535199711cc3890d56d7cb01e01666b3_ppc64le",
"product_id": "openshift-gitops-1/dex-rhel8@sha256:065b95a1612d15b3a7de1c5822555851535199711cc3890d56d7cb01e01666b3_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/dex-rhel8@sha256:065b95a1612d15b3a7de1c5822555851535199711cc3890d56d7cb01e01666b3?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/dex-rhel8\u0026tag=v1.14.3-4"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:b5ba9620f23fed74b983a090cec19f6ed74ddffdd1be7d9d89f1201c0c83c1b1_ppc64le",
"product": {
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:b5ba9620f23fed74b983a090cec19f6ed74ddffdd1be7d9d89f1201c0c83c1b1_ppc64le",
"product_id": "openshift-gitops-1/kam-delivery-rhel8@sha256:b5ba9620f23fed74b983a090cec19f6ed74ddffdd1be7d9d89f1201c0c83c1b1_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kam-delivery-rhel8@sha256:b5ba9620f23fed74b983a090cec19f6ed74ddffdd1be7d9d89f1201c0c83c1b1?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/kam-delivery-rhel8\u0026tag=v1.14.3-4"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/must-gather-rhel8@sha256:fcbfff3d353947889e627035d1d52d4533ce5713c7e1951d90417bb228499143_ppc64le",
"product": {
"name": "openshift-gitops-1/must-gather-rhel8@sha256:fcbfff3d353947889e627035d1d52d4533ce5713c7e1951d90417bb228499143_ppc64le",
"product_id": "openshift-gitops-1/must-gather-rhel8@sha256:fcbfff3d353947889e627035d1d52d4533ce5713c7e1951d90417bb228499143_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/must-gather-rhel8@sha256:fcbfff3d353947889e627035d1d52d4533ce5713c7e1951d90417bb228499143?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/must-gather-rhel8\u0026tag=v1.14.3-4"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:2caf6bd42e10f063d0991740706946d4205bf49540865bd4ed9091176add2aed_ppc64le",
"product": {
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:2caf6bd42e10f063d0991740706946d4205bf49540865bd4ed9091176add2aed_ppc64le",
"product_id": "openshift-gitops-1/gitops-rhel8-operator@sha256:2caf6bd42e10f063d0991740706946d4205bf49540865bd4ed9091176add2aed_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8-operator@sha256:2caf6bd42e10f063d0991740706946d4205bf49540865bd4ed9091176add2aed?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator\u0026tag=v1.14.3-4"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-gitops-1/argocd-rhel8@sha256:ecb181ba7dfd4a5cdffa8ba9ca251dc4875ad7f41e9d60c4cc0a3462c233e489_s390x",
"product": {
"name": "openshift-gitops-1/argocd-rhel8@sha256:ecb181ba7dfd4a5cdffa8ba9ca251dc4875ad7f41e9d60c4cc0a3462c233e489_s390x",
"product_id": "openshift-gitops-1/argocd-rhel8@sha256:ecb181ba7dfd4a5cdffa8ba9ca251dc4875ad7f41e9d60c4cc0a3462c233e489_s390x",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel8@sha256:ecb181ba7dfd4a5cdffa8ba9ca251dc4875ad7f41e9d60c4cc0a3462c233e489?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/argocd-rhel8\u0026tag=v1.14.3-4"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:ce0677023395a6d7c9598b820c6eb73b651eaa698aef9f5c27a25884fba5d643_s390x",
"product": {
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:ce0677023395a6d7c9598b820c6eb73b651eaa698aef9f5c27a25884fba5d643_s390x",
"product_id": "openshift-gitops-1/argo-rollouts-rhel8@sha256:ce0677023395a6d7c9598b820c6eb73b651eaa698aef9f5c27a25884fba5d643_s390x",
"product_identification_helper": {
"purl": "pkg:oci/argo-rollouts-rhel8@sha256:ce0677023395a6d7c9598b820c6eb73b651eaa698aef9f5c27a25884fba5d643?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8\u0026tag=v1.14.3-4"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:dc4d641c87a3b65208ef2b46398f64ae69465daeb84b4d1022062d6c5f7347dc_s390x",
"product": {
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:dc4d641c87a3b65208ef2b46398f64ae69465daeb84b4d1022062d6c5f7347dc_s390x",
"product_id": "openshift-gitops-1/console-plugin-rhel8@sha256:dc4d641c87a3b65208ef2b46398f64ae69465daeb84b4d1022062d6c5f7347dc_s390x",
"product_identification_helper": {
"purl": "pkg:oci/console-plugin-rhel8@sha256:dc4d641c87a3b65208ef2b46398f64ae69465daeb84b4d1022062d6c5f7347dc?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/console-plugin-rhel8\u0026tag=v1.14.3-4"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-rhel8@sha256:d86dcd96af06a338b577d9c940e6316ed9a807b9fc6a33d9f5c96e2b703679b8_s390x",
"product": {
"name": "openshift-gitops-1/gitops-rhel8@sha256:d86dcd96af06a338b577d9c940e6316ed9a807b9fc6a33d9f5c96e2b703679b8_s390x",
"product_id": "openshift-gitops-1/gitops-rhel8@sha256:d86dcd96af06a338b577d9c940e6316ed9a807b9fc6a33d9f5c96e2b703679b8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8@sha256:d86dcd96af06a338b577d9c940e6316ed9a807b9fc6a33d9f5c96e2b703679b8?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8\u0026tag=v1.14.3-4"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/dex-rhel8@sha256:490512fefae58c6092394c8e751b7c1761583bff23b815e6f1649d55e9d43002_s390x",
"product": {
"name": "openshift-gitops-1/dex-rhel8@sha256:490512fefae58c6092394c8e751b7c1761583bff23b815e6f1649d55e9d43002_s390x",
"product_id": "openshift-gitops-1/dex-rhel8@sha256:490512fefae58c6092394c8e751b7c1761583bff23b815e6f1649d55e9d43002_s390x",
"product_identification_helper": {
"purl": "pkg:oci/dex-rhel8@sha256:490512fefae58c6092394c8e751b7c1761583bff23b815e6f1649d55e9d43002?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/dex-rhel8\u0026tag=v1.14.3-4"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:c0ec76e307a2867dc1064a3470e17a2e1533233e1a119ce5f32e2b3c07428d08_s390x",
"product": {
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:c0ec76e307a2867dc1064a3470e17a2e1533233e1a119ce5f32e2b3c07428d08_s390x",
"product_id": "openshift-gitops-1/kam-delivery-rhel8@sha256:c0ec76e307a2867dc1064a3470e17a2e1533233e1a119ce5f32e2b3c07428d08_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kam-delivery-rhel8@sha256:c0ec76e307a2867dc1064a3470e17a2e1533233e1a119ce5f32e2b3c07428d08?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/kam-delivery-rhel8\u0026tag=v1.14.3-4"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/must-gather-rhel8@sha256:c997c25ec7fee2ce060c6772925548af8d36146ed4632557852a948f496c9823_s390x",
"product": {
"name": "openshift-gitops-1/must-gather-rhel8@sha256:c997c25ec7fee2ce060c6772925548af8d36146ed4632557852a948f496c9823_s390x",
"product_id": "openshift-gitops-1/must-gather-rhel8@sha256:c997c25ec7fee2ce060c6772925548af8d36146ed4632557852a948f496c9823_s390x",
"product_identification_helper": {
"purl": "pkg:oci/must-gather-rhel8@sha256:c997c25ec7fee2ce060c6772925548af8d36146ed4632557852a948f496c9823?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/must-gather-rhel8\u0026tag=v1.14.3-4"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:951de21fc848014beb5db2f7307ef639c6c76ec6eb7036b18c07047c8a914c48_s390x",
"product": {
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:951de21fc848014beb5db2f7307ef639c6c76ec6eb7036b18c07047c8a914c48_s390x",
"product_id": "openshift-gitops-1/gitops-rhel8-operator@sha256:951de21fc848014beb5db2f7307ef639c6c76ec6eb7036b18c07047c8a914c48_s390x",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8-operator@sha256:951de21fc848014beb5db2f7307ef639c6c76ec6eb7036b18c07047c8a914c48?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator\u0026tag=v1.14.3-4"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-gitops-1/argocd-rhel8@sha256:64df9d55e7196fe56ebab88071f115d7fea26fa4396109bbf3bae11ffbf1f3a5_amd64",
"product": {
"name": "openshift-gitops-1/argocd-rhel8@sha256:64df9d55e7196fe56ebab88071f115d7fea26fa4396109bbf3bae11ffbf1f3a5_amd64",
"product_id": "openshift-gitops-1/argocd-rhel8@sha256:64df9d55e7196fe56ebab88071f115d7fea26fa4396109bbf3bae11ffbf1f3a5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel8@sha256:64df9d55e7196fe56ebab88071f115d7fea26fa4396109bbf3bae11ffbf1f3a5?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/argocd-rhel8\u0026tag=v1.14.3-4"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/argocd-rhel9@sha256:cb21a99b094e4609050927687050d8a95675d212bec76e981635ef192925d8ba_amd64",
"product": {
"name": "openshift-gitops-1/argocd-rhel9@sha256:cb21a99b094e4609050927687050d8a95675d212bec76e981635ef192925d8ba_amd64",
"product_id": "openshift-gitops-1/argocd-rhel9@sha256:cb21a99b094e4609050927687050d8a95675d212bec76e981635ef192925d8ba_amd64",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel9@sha256:cb21a99b094e4609050927687050d8a95675d212bec76e981635ef192925d8ba?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/argocd-rhel9\u0026tag=v1.14.3-1"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:9b883e71b2d12f8872b3a37b383087a488f9b74ddde0e0c6daf6ee04bdf15881_amd64",
"product": {
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:9b883e71b2d12f8872b3a37b383087a488f9b74ddde0e0c6daf6ee04bdf15881_amd64",
"product_id": "openshift-gitops-1/argo-rollouts-rhel8@sha256:9b883e71b2d12f8872b3a37b383087a488f9b74ddde0e0c6daf6ee04bdf15881_amd64",
"product_identification_helper": {
"purl": "pkg:oci/argo-rollouts-rhel8@sha256:9b883e71b2d12f8872b3a37b383087a488f9b74ddde0e0c6daf6ee04bdf15881?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8\u0026tag=v1.14.3-4"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:83ba395adbfdae8d4973cea02ead8392089ac1051edd11e7defc6d07a122bca2_amd64",
"product": {
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:83ba395adbfdae8d4973cea02ead8392089ac1051edd11e7defc6d07a122bca2_amd64",
"product_id": "openshift-gitops-1/console-plugin-rhel8@sha256:83ba395adbfdae8d4973cea02ead8392089ac1051edd11e7defc6d07a122bca2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/console-plugin-rhel8@sha256:83ba395adbfdae8d4973cea02ead8392089ac1051edd11e7defc6d07a122bca2?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/console-plugin-rhel8\u0026tag=v1.14.3-4"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-rhel8@sha256:72e761f1d00b0a322d4a7a10c824fe88e4ac7e156a279694b75ce3b42be0b6d6_amd64",
"product": {
"name": "openshift-gitops-1/gitops-rhel8@sha256:72e761f1d00b0a322d4a7a10c824fe88e4ac7e156a279694b75ce3b42be0b6d6_amd64",
"product_id": "openshift-gitops-1/gitops-rhel8@sha256:72e761f1d00b0a322d4a7a10c824fe88e4ac7e156a279694b75ce3b42be0b6d6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8@sha256:72e761f1d00b0a322d4a7a10c824fe88e4ac7e156a279694b75ce3b42be0b6d6?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8\u0026tag=v1.14.3-4"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/dex-rhel8@sha256:605123efdd9f31243e039929322b4a4f6ad160baaebce188fdbf2c4e7ff663ff_amd64",
"product": {
"name": "openshift-gitops-1/dex-rhel8@sha256:605123efdd9f31243e039929322b4a4f6ad160baaebce188fdbf2c4e7ff663ff_amd64",
"product_id": "openshift-gitops-1/dex-rhel8@sha256:605123efdd9f31243e039929322b4a4f6ad160baaebce188fdbf2c4e7ff663ff_amd64",
"product_identification_helper": {
"purl": "pkg:oci/dex-rhel8@sha256:605123efdd9f31243e039929322b4a4f6ad160baaebce188fdbf2c4e7ff663ff?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/dex-rhel8\u0026tag=v1.14.3-4"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:30b687a8309c17d5b4f5be6439b59f2dc540a306d625ee34bdf72626dc36c105_amd64",
"product": {
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:30b687a8309c17d5b4f5be6439b59f2dc540a306d625ee34bdf72626dc36c105_amd64",
"product_id": "openshift-gitops-1/kam-delivery-rhel8@sha256:30b687a8309c17d5b4f5be6439b59f2dc540a306d625ee34bdf72626dc36c105_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kam-delivery-rhel8@sha256:30b687a8309c17d5b4f5be6439b59f2dc540a306d625ee34bdf72626dc36c105?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/kam-delivery-rhel8\u0026tag=v1.14.3-4"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/must-gather-rhel8@sha256:e543925d538de28ab98c71841a47d4384c4354add0fb3457500aafc618be79d9_amd64",
"product": {
"name": "openshift-gitops-1/must-gather-rhel8@sha256:e543925d538de28ab98c71841a47d4384c4354add0fb3457500aafc618be79d9_amd64",
"product_id": "openshift-gitops-1/must-gather-rhel8@sha256:e543925d538de28ab98c71841a47d4384c4354add0fb3457500aafc618be79d9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/must-gather-rhel8@sha256:e543925d538de28ab98c71841a47d4384c4354add0fb3457500aafc618be79d9?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/must-gather-rhel8\u0026tag=v1.14.3-4"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-operator-bundle@sha256:ba442571ef9180765055f5224548c73e3da2be31731f8dd5b6b1beaf3e6732ee_amd64",
"product": {
"name": "openshift-gitops-1/gitops-operator-bundle@sha256:ba442571ef9180765055f5224548c73e3da2be31731f8dd5b6b1beaf3e6732ee_amd64",
"product_id": "openshift-gitops-1/gitops-operator-bundle@sha256:ba442571ef9180765055f5224548c73e3da2be31731f8dd5b6b1beaf3e6732ee_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-operator-bundle@sha256:ba442571ef9180765055f5224548c73e3da2be31731f8dd5b6b1beaf3e6732ee?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-operator-bundle\u0026tag=v1.14.3-4"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:1b81b7c26d7a848797f9944254963a89c3f6f0e727355bafcda5e483fee7b848_amd64",
"product": {
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:1b81b7c26d7a848797f9944254963a89c3f6f0e727355bafcda5e483fee7b848_amd64",
"product_id": "openshift-gitops-1/gitops-rhel8-operator@sha256:1b81b7c26d7a848797f9944254963a89c3f6f0e727355bafcda5e483fee7b848_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8-operator@sha256:1b81b7c26d7a848797f9944254963a89c3f6f0e727355bafcda5e483fee7b848?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator\u0026tag=v1.14.3-4"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:868a4e993d8963e4fb64c1845f54f916f335d3c59f0596e966c6d926373f6ee1_arm64 as a component of Red Hat OpenShift GitOps 1.14",
"product_id": "8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:868a4e993d8963e4fb64c1845f54f916f335d3c59f0596e966c6d926373f6ee1_arm64"
},
"product_reference": "openshift-gitops-1/argo-rollouts-rhel8@sha256:868a4e993d8963e4fb64c1845f54f916f335d3c59f0596e966c6d926373f6ee1_arm64",
"relates_to_product_reference": "8Base-GitOps-1.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:9b883e71b2d12f8872b3a37b383087a488f9b74ddde0e0c6daf6ee04bdf15881_amd64 as a component of Red Hat OpenShift GitOps 1.14",
"product_id": "8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:9b883e71b2d12f8872b3a37b383087a488f9b74ddde0e0c6daf6ee04bdf15881_amd64"
},
"product_reference": "openshift-gitops-1/argo-rollouts-rhel8@sha256:9b883e71b2d12f8872b3a37b383087a488f9b74ddde0e0c6daf6ee04bdf15881_amd64",
"relates_to_product_reference": "8Base-GitOps-1.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:bf7f9ca8f33c935df306554b778e5291bcff9e92b7e9122498b0ad71d58b9166_ppc64le as a component of Red Hat OpenShift GitOps 1.14",
"product_id": "8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:bf7f9ca8f33c935df306554b778e5291bcff9e92b7e9122498b0ad71d58b9166_ppc64le"
},
"product_reference": "openshift-gitops-1/argo-rollouts-rhel8@sha256:bf7f9ca8f33c935df306554b778e5291bcff9e92b7e9122498b0ad71d58b9166_ppc64le",
"relates_to_product_reference": "8Base-GitOps-1.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:ce0677023395a6d7c9598b820c6eb73b651eaa698aef9f5c27a25884fba5d643_s390x as a component of Red Hat OpenShift GitOps 1.14",
"product_id": "8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:ce0677023395a6d7c9598b820c6eb73b651eaa698aef9f5c27a25884fba5d643_s390x"
},
"product_reference": "openshift-gitops-1/argo-rollouts-rhel8@sha256:ce0677023395a6d7c9598b820c6eb73b651eaa698aef9f5c27a25884fba5d643_s390x",
"relates_to_product_reference": "8Base-GitOps-1.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/argocd-rhel8@sha256:04523979e4ab58120d959f88503957b1e13122952e3de03d9f0540f1e574c0d6_ppc64le as a component of Red Hat OpenShift GitOps 1.14",
"product_id": "8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:04523979e4ab58120d959f88503957b1e13122952e3de03d9f0540f1e574c0d6_ppc64le"
},
"product_reference": "openshift-gitops-1/argocd-rhel8@sha256:04523979e4ab58120d959f88503957b1e13122952e3de03d9f0540f1e574c0d6_ppc64le",
"relates_to_product_reference": "8Base-GitOps-1.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/argocd-rhel8@sha256:64df9d55e7196fe56ebab88071f115d7fea26fa4396109bbf3bae11ffbf1f3a5_amd64 as a component of Red Hat OpenShift GitOps 1.14",
"product_id": "8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:64df9d55e7196fe56ebab88071f115d7fea26fa4396109bbf3bae11ffbf1f3a5_amd64"
},
"product_reference": "openshift-gitops-1/argocd-rhel8@sha256:64df9d55e7196fe56ebab88071f115d7fea26fa4396109bbf3bae11ffbf1f3a5_amd64",
"relates_to_product_reference": "8Base-GitOps-1.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/argocd-rhel8@sha256:9017ef8967ebe3a14ea1e07d0a9624ef126b2928e233f09451aeea89a7f09366_arm64 as a component of Red Hat OpenShift GitOps 1.14",
"product_id": "8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:9017ef8967ebe3a14ea1e07d0a9624ef126b2928e233f09451aeea89a7f09366_arm64"
},
"product_reference": "openshift-gitops-1/argocd-rhel8@sha256:9017ef8967ebe3a14ea1e07d0a9624ef126b2928e233f09451aeea89a7f09366_arm64",
"relates_to_product_reference": "8Base-GitOps-1.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/argocd-rhel8@sha256:ecb181ba7dfd4a5cdffa8ba9ca251dc4875ad7f41e9d60c4cc0a3462c233e489_s390x as a component of Red Hat OpenShift GitOps 1.14",
"product_id": "8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:ecb181ba7dfd4a5cdffa8ba9ca251dc4875ad7f41e9d60c4cc0a3462c233e489_s390x"
},
"product_reference": "openshift-gitops-1/argocd-rhel8@sha256:ecb181ba7dfd4a5cdffa8ba9ca251dc4875ad7f41e9d60c4cc0a3462c233e489_s390x",
"relates_to_product_reference": "8Base-GitOps-1.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:050b358e7512599f412fddf711f8731d821223ba76c460b114fe4c4bfaf7cf1b_ppc64le as a component of Red Hat OpenShift GitOps 1.14",
"product_id": "8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:050b358e7512599f412fddf711f8731d821223ba76c460b114fe4c4bfaf7cf1b_ppc64le"
},
"product_reference": "openshift-gitops-1/console-plugin-rhel8@sha256:050b358e7512599f412fddf711f8731d821223ba76c460b114fe4c4bfaf7cf1b_ppc64le",
"relates_to_product_reference": "8Base-GitOps-1.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:83ba395adbfdae8d4973cea02ead8392089ac1051edd11e7defc6d07a122bca2_amd64 as a component of Red Hat OpenShift GitOps 1.14",
"product_id": "8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:83ba395adbfdae8d4973cea02ead8392089ac1051edd11e7defc6d07a122bca2_amd64"
},
"product_reference": "openshift-gitops-1/console-plugin-rhel8@sha256:83ba395adbfdae8d4973cea02ead8392089ac1051edd11e7defc6d07a122bca2_amd64",
"relates_to_product_reference": "8Base-GitOps-1.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:dc4d641c87a3b65208ef2b46398f64ae69465daeb84b4d1022062d6c5f7347dc_s390x as a component of Red Hat OpenShift GitOps 1.14",
"product_id": "8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:dc4d641c87a3b65208ef2b46398f64ae69465daeb84b4d1022062d6c5f7347dc_s390x"
},
"product_reference": "openshift-gitops-1/console-plugin-rhel8@sha256:dc4d641c87a3b65208ef2b46398f64ae69465daeb84b4d1022062d6c5f7347dc_s390x",
"relates_to_product_reference": "8Base-GitOps-1.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:e6eba59c8336bde1ed98947b2d4c626feb2113037bc724bd881f25b7f155f47b_arm64 as a component of Red Hat OpenShift GitOps 1.14",
"product_id": "8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:e6eba59c8336bde1ed98947b2d4c626feb2113037bc724bd881f25b7f155f47b_arm64"
},
"product_reference": "openshift-gitops-1/console-plugin-rhel8@sha256:e6eba59c8336bde1ed98947b2d4c626feb2113037bc724bd881f25b7f155f47b_arm64",
"relates_to_product_reference": "8Base-GitOps-1.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/dex-rhel8@sha256:065b95a1612d15b3a7de1c5822555851535199711cc3890d56d7cb01e01666b3_ppc64le as a component of Red Hat OpenShift GitOps 1.14",
"product_id": "8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:065b95a1612d15b3a7de1c5822555851535199711cc3890d56d7cb01e01666b3_ppc64le"
},
"product_reference": "openshift-gitops-1/dex-rhel8@sha256:065b95a1612d15b3a7de1c5822555851535199711cc3890d56d7cb01e01666b3_ppc64le",
"relates_to_product_reference": "8Base-GitOps-1.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/dex-rhel8@sha256:1c59649ad569e25c3445e9655c8061b7f0b769514c0739f2e080216a55ca39c7_arm64 as a component of Red Hat OpenShift GitOps 1.14",
"product_id": "8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:1c59649ad569e25c3445e9655c8061b7f0b769514c0739f2e080216a55ca39c7_arm64"
},
"product_reference": "openshift-gitops-1/dex-rhel8@sha256:1c59649ad569e25c3445e9655c8061b7f0b769514c0739f2e080216a55ca39c7_arm64",
"relates_to_product_reference": "8Base-GitOps-1.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/dex-rhel8@sha256:490512fefae58c6092394c8e751b7c1761583bff23b815e6f1649d55e9d43002_s390x as a component of Red Hat OpenShift GitOps 1.14",
"product_id": "8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:490512fefae58c6092394c8e751b7c1761583bff23b815e6f1649d55e9d43002_s390x"
},
"product_reference": "openshift-gitops-1/dex-rhel8@sha256:490512fefae58c6092394c8e751b7c1761583bff23b815e6f1649d55e9d43002_s390x",
"relates_to_product_reference": "8Base-GitOps-1.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/dex-rhel8@sha256:605123efdd9f31243e039929322b4a4f6ad160baaebce188fdbf2c4e7ff663ff_amd64 as a component of Red Hat OpenShift GitOps 1.14",
"product_id": "8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:605123efdd9f31243e039929322b4a4f6ad160baaebce188fdbf2c4e7ff663ff_amd64"
},
"product_reference": "openshift-gitops-1/dex-rhel8@sha256:605123efdd9f31243e039929322b4a4f6ad160baaebce188fdbf2c4e7ff663ff_amd64",
"relates_to_product_reference": "8Base-GitOps-1.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-operator-bundle@sha256:ba442571ef9180765055f5224548c73e3da2be31731f8dd5b6b1beaf3e6732ee_amd64 as a component of Red Hat OpenShift GitOps 1.14",
"product_id": "8Base-GitOps-1.14:openshift-gitops-1/gitops-operator-bundle@sha256:ba442571ef9180765055f5224548c73e3da2be31731f8dd5b6b1beaf3e6732ee_amd64"
},
"product_reference": "openshift-gitops-1/gitops-operator-bundle@sha256:ba442571ef9180765055f5224548c73e3da2be31731f8dd5b6b1beaf3e6732ee_amd64",
"relates_to_product_reference": "8Base-GitOps-1.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:1b81b7c26d7a848797f9944254963a89c3f6f0e727355bafcda5e483fee7b848_amd64 as a component of Red Hat OpenShift GitOps 1.14",
"product_id": "8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:1b81b7c26d7a848797f9944254963a89c3f6f0e727355bafcda5e483fee7b848_amd64"
},
"product_reference": "openshift-gitops-1/gitops-rhel8-operator@sha256:1b81b7c26d7a848797f9944254963a89c3f6f0e727355bafcda5e483fee7b848_amd64",
"relates_to_product_reference": "8Base-GitOps-1.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:2caf6bd42e10f063d0991740706946d4205bf49540865bd4ed9091176add2aed_ppc64le as a component of Red Hat OpenShift GitOps 1.14",
"product_id": "8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:2caf6bd42e10f063d0991740706946d4205bf49540865bd4ed9091176add2aed_ppc64le"
},
"product_reference": "openshift-gitops-1/gitops-rhel8-operator@sha256:2caf6bd42e10f063d0991740706946d4205bf49540865bd4ed9091176add2aed_ppc64le",
"relates_to_product_reference": "8Base-GitOps-1.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:951de21fc848014beb5db2f7307ef639c6c76ec6eb7036b18c07047c8a914c48_s390x as a component of Red Hat OpenShift GitOps 1.14",
"product_id": "8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:951de21fc848014beb5db2f7307ef639c6c76ec6eb7036b18c07047c8a914c48_s390x"
},
"product_reference": "openshift-gitops-1/gitops-rhel8-operator@sha256:951de21fc848014beb5db2f7307ef639c6c76ec6eb7036b18c07047c8a914c48_s390x",
"relates_to_product_reference": "8Base-GitOps-1.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:ed04d67b3bd9ebc21a0aa2503823e5a476da44caa165999a33670198f5d1be37_arm64 as a component of Red Hat OpenShift GitOps 1.14",
"product_id": "8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:ed04d67b3bd9ebc21a0aa2503823e5a476da44caa165999a33670198f5d1be37_arm64"
},
"product_reference": "openshift-gitops-1/gitops-rhel8-operator@sha256:ed04d67b3bd9ebc21a0aa2503823e5a476da44caa165999a33670198f5d1be37_arm64",
"relates_to_product_reference": "8Base-GitOps-1.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-rhel8@sha256:72e761f1d00b0a322d4a7a10c824fe88e4ac7e156a279694b75ce3b42be0b6d6_amd64 as a component of Red Hat OpenShift GitOps 1.14",
"product_id": "8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:72e761f1d00b0a322d4a7a10c824fe88e4ac7e156a279694b75ce3b42be0b6d6_amd64"
},
"product_reference": "openshift-gitops-1/gitops-rhel8@sha256:72e761f1d00b0a322d4a7a10c824fe88e4ac7e156a279694b75ce3b42be0b6d6_amd64",
"relates_to_product_reference": "8Base-GitOps-1.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-rhel8@sha256:d20615c230e1b888bacdc374763eeca9b1f7612741f8ba52ded483ac688b858d_ppc64le as a component of Red Hat OpenShift GitOps 1.14",
"product_id": "8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d20615c230e1b888bacdc374763eeca9b1f7612741f8ba52ded483ac688b858d_ppc64le"
},
"product_reference": "openshift-gitops-1/gitops-rhel8@sha256:d20615c230e1b888bacdc374763eeca9b1f7612741f8ba52ded483ac688b858d_ppc64le",
"relates_to_product_reference": "8Base-GitOps-1.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-rhel8@sha256:d86dcd96af06a338b577d9c940e6316ed9a807b9fc6a33d9f5c96e2b703679b8_s390x as a component of Red Hat OpenShift GitOps 1.14",
"product_id": "8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d86dcd96af06a338b577d9c940e6316ed9a807b9fc6a33d9f5c96e2b703679b8_s390x"
},
"product_reference": "openshift-gitops-1/gitops-rhel8@sha256:d86dcd96af06a338b577d9c940e6316ed9a807b9fc6a33d9f5c96e2b703679b8_s390x",
"relates_to_product_reference": "8Base-GitOps-1.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-rhel8@sha256:f07aa6ccdc324a2631fc01b1f4af4317cdc0471c673bd8f5bf24560e0f012dd9_arm64 as a component of Red Hat OpenShift GitOps 1.14",
"product_id": "8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:f07aa6ccdc324a2631fc01b1f4af4317cdc0471c673bd8f5bf24560e0f012dd9_arm64"
},
"product_reference": "openshift-gitops-1/gitops-rhel8@sha256:f07aa6ccdc324a2631fc01b1f4af4317cdc0471c673bd8f5bf24560e0f012dd9_arm64",
"relates_to_product_reference": "8Base-GitOps-1.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:30b687a8309c17d5b4f5be6439b59f2dc540a306d625ee34bdf72626dc36c105_amd64 as a component of Red Hat OpenShift GitOps 1.14",
"product_id": "8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:30b687a8309c17d5b4f5be6439b59f2dc540a306d625ee34bdf72626dc36c105_amd64"
},
"product_reference": "openshift-gitops-1/kam-delivery-rhel8@sha256:30b687a8309c17d5b4f5be6439b59f2dc540a306d625ee34bdf72626dc36c105_amd64",
"relates_to_product_reference": "8Base-GitOps-1.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:62e1ab7267cfd3536c3b2ba9592dffb7fb979cbb039a1a90320a03b751d5f728_arm64 as a component of Red Hat OpenShift GitOps 1.14",
"product_id": "8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:62e1ab7267cfd3536c3b2ba9592dffb7fb979cbb039a1a90320a03b751d5f728_arm64"
},
"product_reference": "openshift-gitops-1/kam-delivery-rhel8@sha256:62e1ab7267cfd3536c3b2ba9592dffb7fb979cbb039a1a90320a03b751d5f728_arm64",
"relates_to_product_reference": "8Base-GitOps-1.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:b5ba9620f23fed74b983a090cec19f6ed74ddffdd1be7d9d89f1201c0c83c1b1_ppc64le as a component of Red Hat OpenShift GitOps 1.14",
"product_id": "8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:b5ba9620f23fed74b983a090cec19f6ed74ddffdd1be7d9d89f1201c0c83c1b1_ppc64le"
},
"product_reference": "openshift-gitops-1/kam-delivery-rhel8@sha256:b5ba9620f23fed74b983a090cec19f6ed74ddffdd1be7d9d89f1201c0c83c1b1_ppc64le",
"relates_to_product_reference": "8Base-GitOps-1.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:c0ec76e307a2867dc1064a3470e17a2e1533233e1a119ce5f32e2b3c07428d08_s390x as a component of Red Hat OpenShift GitOps 1.14",
"product_id": "8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:c0ec76e307a2867dc1064a3470e17a2e1533233e1a119ce5f32e2b3c07428d08_s390x"
},
"product_reference": "openshift-gitops-1/kam-delivery-rhel8@sha256:c0ec76e307a2867dc1064a3470e17a2e1533233e1a119ce5f32e2b3c07428d08_s390x",
"relates_to_product_reference": "8Base-GitOps-1.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/must-gather-rhel8@sha256:a909f1ebb5cf719e4308bbd162fea14e66b0ad6f7e91163699e8f9cbf61ec852_arm64 as a component of Red Hat OpenShift GitOps 1.14",
"product_id": "8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:a909f1ebb5cf719e4308bbd162fea14e66b0ad6f7e91163699e8f9cbf61ec852_arm64"
},
"product_reference": "openshift-gitops-1/must-gather-rhel8@sha256:a909f1ebb5cf719e4308bbd162fea14e66b0ad6f7e91163699e8f9cbf61ec852_arm64",
"relates_to_product_reference": "8Base-GitOps-1.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/must-gather-rhel8@sha256:c997c25ec7fee2ce060c6772925548af8d36146ed4632557852a948f496c9823_s390x as a component of Red Hat OpenShift GitOps 1.14",
"product_id": "8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:c997c25ec7fee2ce060c6772925548af8d36146ed4632557852a948f496c9823_s390x"
},
"product_reference": "openshift-gitops-1/must-gather-rhel8@sha256:c997c25ec7fee2ce060c6772925548af8d36146ed4632557852a948f496c9823_s390x",
"relates_to_product_reference": "8Base-GitOps-1.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/must-gather-rhel8@sha256:e543925d538de28ab98c71841a47d4384c4354add0fb3457500aafc618be79d9_amd64 as a component of Red Hat OpenShift GitOps 1.14",
"product_id": "8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:e543925d538de28ab98c71841a47d4384c4354add0fb3457500aafc618be79d9_amd64"
},
"product_reference": "openshift-gitops-1/must-gather-rhel8@sha256:e543925d538de28ab98c71841a47d4384c4354add0fb3457500aafc618be79d9_amd64",
"relates_to_product_reference": "8Base-GitOps-1.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/must-gather-rhel8@sha256:fcbfff3d353947889e627035d1d52d4533ce5713c7e1951d90417bb228499143_ppc64le as a component of Red Hat OpenShift GitOps 1.14",
"product_id": "8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:fcbfff3d353947889e627035d1d52d4533ce5713c7e1951d90417bb228499143_ppc64le"
},
"product_reference": "openshift-gitops-1/must-gather-rhel8@sha256:fcbfff3d353947889e627035d1d52d4533ce5713c7e1951d90417bb228499143_ppc64le",
"relates_to_product_reference": "8Base-GitOps-1.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/argocd-rhel9@sha256:afe138c16496c84126ecbd5baac4223e61f15ee30ec0249468ed3335ab7d4814_arm64 as a component of Red Hat OpenShift GitOps 1.14",
"product_id": "9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:afe138c16496c84126ecbd5baac4223e61f15ee30ec0249468ed3335ab7d4814_arm64"
},
"product_reference": "openshift-gitops-1/argocd-rhel9@sha256:afe138c16496c84126ecbd5baac4223e61f15ee30ec0249468ed3335ab7d4814_arm64",
"relates_to_product_reference": "9Base-GitOps-1.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/argocd-rhel9@sha256:cb21a99b094e4609050927687050d8a95675d212bec76e981635ef192925d8ba_amd64 as a component of Red Hat OpenShift GitOps 1.14",
"product_id": "9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:cb21a99b094e4609050927687050d8a95675d212bec76e981635ef192925d8ba_amd64"
},
"product_reference": "openshift-gitops-1/argocd-rhel9@sha256:cb21a99b094e4609050927687050d8a95675d212bec76e981635ef192925d8ba_amd64",
"relates_to_product_reference": "9Base-GitOps-1.14"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-44270",
"cwe": {
"id": "CWE-93",
"name": "Improper Neutralization of CRLF Sequences (\u0027CRLF Injection\u0027)"
},
"discovery_date": "2024-11-18T14:11:50.400987+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2326998"
}
],
"notes": [
{
"category": "description",
"text": "There\u0027s a flaw in the PostCSS package where it fails to properly validate the input CSS, causing commented lines to be interpreted as code. An attacker may leverage that by crafting a CSS file with comments containing CSS code in order to force PostCSS to include the malicious CSS elements in its output. An successful attack may lead to integrity impact as it may inject elements in a web page when parsing untrusted CSS input.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "PostCSS: Improper input validation in PostCSS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:868a4e993d8963e4fb64c1845f54f916f335d3c59f0596e966c6d926373f6ee1_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:9b883e71b2d12f8872b3a37b383087a488f9b74ddde0e0c6daf6ee04bdf15881_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:bf7f9ca8f33c935df306554b778e5291bcff9e92b7e9122498b0ad71d58b9166_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:ce0677023395a6d7c9598b820c6eb73b651eaa698aef9f5c27a25884fba5d643_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:04523979e4ab58120d959f88503957b1e13122952e3de03d9f0540f1e574c0d6_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:64df9d55e7196fe56ebab88071f115d7fea26fa4396109bbf3bae11ffbf1f3a5_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:9017ef8967ebe3a14ea1e07d0a9624ef126b2928e233f09451aeea89a7f09366_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:ecb181ba7dfd4a5cdffa8ba9ca251dc4875ad7f41e9d60c4cc0a3462c233e489_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:050b358e7512599f412fddf711f8731d821223ba76c460b114fe4c4bfaf7cf1b_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:83ba395adbfdae8d4973cea02ead8392089ac1051edd11e7defc6d07a122bca2_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:dc4d641c87a3b65208ef2b46398f64ae69465daeb84b4d1022062d6c5f7347dc_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:e6eba59c8336bde1ed98947b2d4c626feb2113037bc724bd881f25b7f155f47b_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:065b95a1612d15b3a7de1c5822555851535199711cc3890d56d7cb01e01666b3_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:1c59649ad569e25c3445e9655c8061b7f0b769514c0739f2e080216a55ca39c7_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:490512fefae58c6092394c8e751b7c1761583bff23b815e6f1649d55e9d43002_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:605123efdd9f31243e039929322b4a4f6ad160baaebce188fdbf2c4e7ff663ff_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-operator-bundle@sha256:ba442571ef9180765055f5224548c73e3da2be31731f8dd5b6b1beaf3e6732ee_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:1b81b7c26d7a848797f9944254963a89c3f6f0e727355bafcda5e483fee7b848_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:2caf6bd42e10f063d0991740706946d4205bf49540865bd4ed9091176add2aed_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:951de21fc848014beb5db2f7307ef639c6c76ec6eb7036b18c07047c8a914c48_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:ed04d67b3bd9ebc21a0aa2503823e5a476da44caa165999a33670198f5d1be37_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:72e761f1d00b0a322d4a7a10c824fe88e4ac7e156a279694b75ce3b42be0b6d6_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d20615c230e1b888bacdc374763eeca9b1f7612741f8ba52ded483ac688b858d_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d86dcd96af06a338b577d9c940e6316ed9a807b9fc6a33d9f5c96e2b703679b8_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:f07aa6ccdc324a2631fc01b1f4af4317cdc0471c673bd8f5bf24560e0f012dd9_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:30b687a8309c17d5b4f5be6439b59f2dc540a306d625ee34bdf72626dc36c105_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:62e1ab7267cfd3536c3b2ba9592dffb7fb979cbb039a1a90320a03b751d5f728_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:b5ba9620f23fed74b983a090cec19f6ed74ddffdd1be7d9d89f1201c0c83c1b1_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:c0ec76e307a2867dc1064a3470e17a2e1533233e1a119ce5f32e2b3c07428d08_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:a909f1ebb5cf719e4308bbd162fea14e66b0ad6f7e91163699e8f9cbf61ec852_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:c997c25ec7fee2ce060c6772925548af8d36146ed4632557852a948f496c9823_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:e543925d538de28ab98c71841a47d4384c4354add0fb3457500aafc618be79d9_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:fcbfff3d353947889e627035d1d52d4533ce5713c7e1951d90417bb228499143_ppc64le",
"9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:afe138c16496c84126ecbd5baac4223e61f15ee30ec0249468ed3335ab7d4814_arm64",
"9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:cb21a99b094e4609050927687050d8a95675d212bec76e981635ef192925d8ba_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-44270"
},
{
"category": "external",
"summary": "RHBZ#2326998",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2326998"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-44270",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44270"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-44270",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44270"
},
{
"category": "external",
"summary": "https://github.com/github/advisory-database/issues/2820",
"url": "https://github.com/github/advisory-database/issues/2820"
},
{
"category": "external",
"summary": "https://github.com/postcss/postcss/blob/main/lib/tokenize.js#L25",
"url": "https://github.com/postcss/postcss/blob/main/lib/tokenize.js#L25"
},
{
"category": "external",
"summary": "https://github.com/postcss/postcss/commit/58cc860b4c1707510c9cd1bc1fa30b423a9ad6c5",
"url": "https://github.com/postcss/postcss/commit/58cc860b4c1707510c9cd1bc1fa30b423a9ad6c5"
},
{
"category": "external",
"summary": "https://github.com/postcss/postcss/releases/tag/8.4.31",
"url": "https://github.com/postcss/postcss/releases/tag/8.4.31"
}
],
"release_date": "2023-09-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-20T08:37:59+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:868a4e993d8963e4fb64c1845f54f916f335d3c59f0596e966c6d926373f6ee1_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:9b883e71b2d12f8872b3a37b383087a488f9b74ddde0e0c6daf6ee04bdf15881_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:bf7f9ca8f33c935df306554b778e5291bcff9e92b7e9122498b0ad71d58b9166_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:ce0677023395a6d7c9598b820c6eb73b651eaa698aef9f5c27a25884fba5d643_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:04523979e4ab58120d959f88503957b1e13122952e3de03d9f0540f1e574c0d6_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:64df9d55e7196fe56ebab88071f115d7fea26fa4396109bbf3bae11ffbf1f3a5_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:9017ef8967ebe3a14ea1e07d0a9624ef126b2928e233f09451aeea89a7f09366_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:ecb181ba7dfd4a5cdffa8ba9ca251dc4875ad7f41e9d60c4cc0a3462c233e489_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:050b358e7512599f412fddf711f8731d821223ba76c460b114fe4c4bfaf7cf1b_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:83ba395adbfdae8d4973cea02ead8392089ac1051edd11e7defc6d07a122bca2_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:dc4d641c87a3b65208ef2b46398f64ae69465daeb84b4d1022062d6c5f7347dc_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:e6eba59c8336bde1ed98947b2d4c626feb2113037bc724bd881f25b7f155f47b_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:065b95a1612d15b3a7de1c5822555851535199711cc3890d56d7cb01e01666b3_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:1c59649ad569e25c3445e9655c8061b7f0b769514c0739f2e080216a55ca39c7_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:490512fefae58c6092394c8e751b7c1761583bff23b815e6f1649d55e9d43002_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:605123efdd9f31243e039929322b4a4f6ad160baaebce188fdbf2c4e7ff663ff_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-operator-bundle@sha256:ba442571ef9180765055f5224548c73e3da2be31731f8dd5b6b1beaf3e6732ee_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:1b81b7c26d7a848797f9944254963a89c3f6f0e727355bafcda5e483fee7b848_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:2caf6bd42e10f063d0991740706946d4205bf49540865bd4ed9091176add2aed_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:951de21fc848014beb5db2f7307ef639c6c76ec6eb7036b18c07047c8a914c48_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:ed04d67b3bd9ebc21a0aa2503823e5a476da44caa165999a33670198f5d1be37_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:72e761f1d00b0a322d4a7a10c824fe88e4ac7e156a279694b75ce3b42be0b6d6_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d20615c230e1b888bacdc374763eeca9b1f7612741f8ba52ded483ac688b858d_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d86dcd96af06a338b577d9c940e6316ed9a807b9fc6a33d9f5c96e2b703679b8_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:f07aa6ccdc324a2631fc01b1f4af4317cdc0471c673bd8f5bf24560e0f012dd9_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:30b687a8309c17d5b4f5be6439b59f2dc540a306d625ee34bdf72626dc36c105_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:62e1ab7267cfd3536c3b2ba9592dffb7fb979cbb039a1a90320a03b751d5f728_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:b5ba9620f23fed74b983a090cec19f6ed74ddffdd1be7d9d89f1201c0c83c1b1_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:c0ec76e307a2867dc1064a3470e17a2e1533233e1a119ce5f32e2b3c07428d08_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:a909f1ebb5cf719e4308bbd162fea14e66b0ad6f7e91163699e8f9cbf61ec852_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:c997c25ec7fee2ce060c6772925548af8d36146ed4632557852a948f496c9823_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:e543925d538de28ab98c71841a47d4384c4354add0fb3457500aafc618be79d9_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:fcbfff3d353947889e627035d1d52d4533ce5713c7e1951d90417bb228499143_ppc64le",
"9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:afe138c16496c84126ecbd5baac4223e61f15ee30ec0249468ed3335ab7d4814_arm64",
"9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:cb21a99b094e4609050927687050d8a95675d212bec76e981635ef192925d8ba_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:3069"
},
{
"category": "workaround",
"details": "There\u0027s no known mitigation for this issue. Red Hat recommends to not parse untrusted CSS input using PostCSS.",
"product_ids": [
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:868a4e993d8963e4fb64c1845f54f916f335d3c59f0596e966c6d926373f6ee1_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:9b883e71b2d12f8872b3a37b383087a488f9b74ddde0e0c6daf6ee04bdf15881_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:bf7f9ca8f33c935df306554b778e5291bcff9e92b7e9122498b0ad71d58b9166_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:ce0677023395a6d7c9598b820c6eb73b651eaa698aef9f5c27a25884fba5d643_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:04523979e4ab58120d959f88503957b1e13122952e3de03d9f0540f1e574c0d6_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:64df9d55e7196fe56ebab88071f115d7fea26fa4396109bbf3bae11ffbf1f3a5_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:9017ef8967ebe3a14ea1e07d0a9624ef126b2928e233f09451aeea89a7f09366_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:ecb181ba7dfd4a5cdffa8ba9ca251dc4875ad7f41e9d60c4cc0a3462c233e489_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:050b358e7512599f412fddf711f8731d821223ba76c460b114fe4c4bfaf7cf1b_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:83ba395adbfdae8d4973cea02ead8392089ac1051edd11e7defc6d07a122bca2_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:dc4d641c87a3b65208ef2b46398f64ae69465daeb84b4d1022062d6c5f7347dc_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:e6eba59c8336bde1ed98947b2d4c626feb2113037bc724bd881f25b7f155f47b_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:065b95a1612d15b3a7de1c5822555851535199711cc3890d56d7cb01e01666b3_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:1c59649ad569e25c3445e9655c8061b7f0b769514c0739f2e080216a55ca39c7_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:490512fefae58c6092394c8e751b7c1761583bff23b815e6f1649d55e9d43002_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:605123efdd9f31243e039929322b4a4f6ad160baaebce188fdbf2c4e7ff663ff_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-operator-bundle@sha256:ba442571ef9180765055f5224548c73e3da2be31731f8dd5b6b1beaf3e6732ee_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:1b81b7c26d7a848797f9944254963a89c3f6f0e727355bafcda5e483fee7b848_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:2caf6bd42e10f063d0991740706946d4205bf49540865bd4ed9091176add2aed_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:951de21fc848014beb5db2f7307ef639c6c76ec6eb7036b18c07047c8a914c48_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:ed04d67b3bd9ebc21a0aa2503823e5a476da44caa165999a33670198f5d1be37_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:72e761f1d00b0a322d4a7a10c824fe88e4ac7e156a279694b75ce3b42be0b6d6_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d20615c230e1b888bacdc374763eeca9b1f7612741f8ba52ded483ac688b858d_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d86dcd96af06a338b577d9c940e6316ed9a807b9fc6a33d9f5c96e2b703679b8_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:f07aa6ccdc324a2631fc01b1f4af4317cdc0471c673bd8f5bf24560e0f012dd9_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:30b687a8309c17d5b4f5be6439b59f2dc540a306d625ee34bdf72626dc36c105_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:62e1ab7267cfd3536c3b2ba9592dffb7fb979cbb039a1a90320a03b751d5f728_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:b5ba9620f23fed74b983a090cec19f6ed74ddffdd1be7d9d89f1201c0c83c1b1_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:c0ec76e307a2867dc1064a3470e17a2e1533233e1a119ce5f32e2b3c07428d08_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:a909f1ebb5cf719e4308bbd162fea14e66b0ad6f7e91163699e8f9cbf61ec852_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:c997c25ec7fee2ce060c6772925548af8d36146ed4632557852a948f496c9823_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:e543925d538de28ab98c71841a47d4384c4354add0fb3457500aafc618be79d9_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:fcbfff3d353947889e627035d1d52d4533ce5713c7e1951d90417bb228499143_ppc64le",
"9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:afe138c16496c84126ecbd5baac4223e61f15ee30ec0249468ed3335ab7d4814_arm64",
"9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:cb21a99b094e4609050927687050d8a95675d212bec76e981635ef192925d8ba_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:868a4e993d8963e4fb64c1845f54f916f335d3c59f0596e966c6d926373f6ee1_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:9b883e71b2d12f8872b3a37b383087a488f9b74ddde0e0c6daf6ee04bdf15881_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:bf7f9ca8f33c935df306554b778e5291bcff9e92b7e9122498b0ad71d58b9166_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:ce0677023395a6d7c9598b820c6eb73b651eaa698aef9f5c27a25884fba5d643_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:04523979e4ab58120d959f88503957b1e13122952e3de03d9f0540f1e574c0d6_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:64df9d55e7196fe56ebab88071f115d7fea26fa4396109bbf3bae11ffbf1f3a5_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:9017ef8967ebe3a14ea1e07d0a9624ef126b2928e233f09451aeea89a7f09366_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:ecb181ba7dfd4a5cdffa8ba9ca251dc4875ad7f41e9d60c4cc0a3462c233e489_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:050b358e7512599f412fddf711f8731d821223ba76c460b114fe4c4bfaf7cf1b_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:83ba395adbfdae8d4973cea02ead8392089ac1051edd11e7defc6d07a122bca2_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:dc4d641c87a3b65208ef2b46398f64ae69465daeb84b4d1022062d6c5f7347dc_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:e6eba59c8336bde1ed98947b2d4c626feb2113037bc724bd881f25b7f155f47b_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:065b95a1612d15b3a7de1c5822555851535199711cc3890d56d7cb01e01666b3_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:1c59649ad569e25c3445e9655c8061b7f0b769514c0739f2e080216a55ca39c7_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:490512fefae58c6092394c8e751b7c1761583bff23b815e6f1649d55e9d43002_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:605123efdd9f31243e039929322b4a4f6ad160baaebce188fdbf2c4e7ff663ff_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-operator-bundle@sha256:ba442571ef9180765055f5224548c73e3da2be31731f8dd5b6b1beaf3e6732ee_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:1b81b7c26d7a848797f9944254963a89c3f6f0e727355bafcda5e483fee7b848_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:2caf6bd42e10f063d0991740706946d4205bf49540865bd4ed9091176add2aed_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:951de21fc848014beb5db2f7307ef639c6c76ec6eb7036b18c07047c8a914c48_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:ed04d67b3bd9ebc21a0aa2503823e5a476da44caa165999a33670198f5d1be37_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:72e761f1d00b0a322d4a7a10c824fe88e4ac7e156a279694b75ce3b42be0b6d6_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d20615c230e1b888bacdc374763eeca9b1f7612741f8ba52ded483ac688b858d_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d86dcd96af06a338b577d9c940e6316ed9a807b9fc6a33d9f5c96e2b703679b8_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:f07aa6ccdc324a2631fc01b1f4af4317cdc0471c673bd8f5bf24560e0f012dd9_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:30b687a8309c17d5b4f5be6439b59f2dc540a306d625ee34bdf72626dc36c105_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:62e1ab7267cfd3536c3b2ba9592dffb7fb979cbb039a1a90320a03b751d5f728_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:b5ba9620f23fed74b983a090cec19f6ed74ddffdd1be7d9d89f1201c0c83c1b1_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:c0ec76e307a2867dc1064a3470e17a2e1533233e1a119ce5f32e2b3c07428d08_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:a909f1ebb5cf719e4308bbd162fea14e66b0ad6f7e91163699e8f9cbf61ec852_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:c997c25ec7fee2ce060c6772925548af8d36146ed4632557852a948f496c9823_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:e543925d538de28ab98c71841a47d4384c4354add0fb3457500aafc618be79d9_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:fcbfff3d353947889e627035d1d52d4533ce5713c7e1951d90417bb228499143_ppc64le",
"9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:afe138c16496c84126ecbd5baac4223e61f15ee30ec0249468ed3335ab7d4814_arm64",
"9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:cb21a99b094e4609050927687050d8a95675d212bec76e981635ef192925d8ba_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "PostCSS: Improper input validation in PostCSS"
},
{
"cve": "CVE-2024-45337",
"cwe": {
"id": "CWE-285",
"name": "Improper Authorization"
},
"discovery_date": "2024-12-11T19:00:54.247490+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2331720"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the x/crypto/ssh go library. Applications and libraries that misuse the ServerConfig.PublicKeyCallback callback may be susceptible to an authorization bypass. For example, an attacker may send public keys A and B and authenticate with A. PublicKeyCallback would be called only twice, first with A and then with B. A vulnerable application may then make authorization decisions based on key B, for which the attacker does not control the private key. The misuse of ServerConfig.PublicKeyCallback may cause an authorization bypass.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is classified as important rather than critical because it does not directly enable unauthorized access but rather introduces a risk of authorization bypass if the application or library misuses the PublicKeyCallback API. The vulnerability relies on incorrect assumptions made by the application when handling the sequence or state of keys provided during SSH authentication. Properly implemented systems that use the Permissions field or avoid relying on external state remain unaffected. Additionally, the vulnerability does not allow direct exploitation to gain control over a system without the presence of insecure logic in the application\u0027s handling of authentication attempts.\n\n\nRed Hat Enterprise Linux(RHEL) 8 \u0026 9 and Red Hat Openshift marked as not affected as it was determined that the problem function `ServerConfig.PublicKeyCallback`, as noted in the CVE-2024-45337 issue, is not called by Podman, Buildah, containers-common, or the gvisor-tap-vsock projects.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:868a4e993d8963e4fb64c1845f54f916f335d3c59f0596e966c6d926373f6ee1_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:9b883e71b2d12f8872b3a37b383087a488f9b74ddde0e0c6daf6ee04bdf15881_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:bf7f9ca8f33c935df306554b778e5291bcff9e92b7e9122498b0ad71d58b9166_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:ce0677023395a6d7c9598b820c6eb73b651eaa698aef9f5c27a25884fba5d643_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:04523979e4ab58120d959f88503957b1e13122952e3de03d9f0540f1e574c0d6_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:64df9d55e7196fe56ebab88071f115d7fea26fa4396109bbf3bae11ffbf1f3a5_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:9017ef8967ebe3a14ea1e07d0a9624ef126b2928e233f09451aeea89a7f09366_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:ecb181ba7dfd4a5cdffa8ba9ca251dc4875ad7f41e9d60c4cc0a3462c233e489_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:050b358e7512599f412fddf711f8731d821223ba76c460b114fe4c4bfaf7cf1b_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:83ba395adbfdae8d4973cea02ead8392089ac1051edd11e7defc6d07a122bca2_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:dc4d641c87a3b65208ef2b46398f64ae69465daeb84b4d1022062d6c5f7347dc_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:e6eba59c8336bde1ed98947b2d4c626feb2113037bc724bd881f25b7f155f47b_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:065b95a1612d15b3a7de1c5822555851535199711cc3890d56d7cb01e01666b3_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:1c59649ad569e25c3445e9655c8061b7f0b769514c0739f2e080216a55ca39c7_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:490512fefae58c6092394c8e751b7c1761583bff23b815e6f1649d55e9d43002_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:605123efdd9f31243e039929322b4a4f6ad160baaebce188fdbf2c4e7ff663ff_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-operator-bundle@sha256:ba442571ef9180765055f5224548c73e3da2be31731f8dd5b6b1beaf3e6732ee_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:1b81b7c26d7a848797f9944254963a89c3f6f0e727355bafcda5e483fee7b848_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:2caf6bd42e10f063d0991740706946d4205bf49540865bd4ed9091176add2aed_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:951de21fc848014beb5db2f7307ef639c6c76ec6eb7036b18c07047c8a914c48_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:ed04d67b3bd9ebc21a0aa2503823e5a476da44caa165999a33670198f5d1be37_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:72e761f1d00b0a322d4a7a10c824fe88e4ac7e156a279694b75ce3b42be0b6d6_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d20615c230e1b888bacdc374763eeca9b1f7612741f8ba52ded483ac688b858d_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d86dcd96af06a338b577d9c940e6316ed9a807b9fc6a33d9f5c96e2b703679b8_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:f07aa6ccdc324a2631fc01b1f4af4317cdc0471c673bd8f5bf24560e0f012dd9_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:30b687a8309c17d5b4f5be6439b59f2dc540a306d625ee34bdf72626dc36c105_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:62e1ab7267cfd3536c3b2ba9592dffb7fb979cbb039a1a90320a03b751d5f728_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:b5ba9620f23fed74b983a090cec19f6ed74ddffdd1be7d9d89f1201c0c83c1b1_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:c0ec76e307a2867dc1064a3470e17a2e1533233e1a119ce5f32e2b3c07428d08_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:a909f1ebb5cf719e4308bbd162fea14e66b0ad6f7e91163699e8f9cbf61ec852_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:c997c25ec7fee2ce060c6772925548af8d36146ed4632557852a948f496c9823_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:e543925d538de28ab98c71841a47d4384c4354add0fb3457500aafc618be79d9_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:fcbfff3d353947889e627035d1d52d4533ce5713c7e1951d90417bb228499143_ppc64le",
"9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:afe138c16496c84126ecbd5baac4223e61f15ee30ec0249468ed3335ab7d4814_arm64",
"9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:cb21a99b094e4609050927687050d8a95675d212bec76e981635ef192925d8ba_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45337"
},
{
"category": "external",
"summary": "RHBZ#2331720",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331720"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45337"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45337",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45337"
},
{
"category": "external",
"summary": "https://github.com/golang/crypto/commit/b4f1988a35dee11ec3e05d6bf3e90b695fbd8909",
"url": "https://github.com/golang/crypto/commit/b4f1988a35dee11ec3e05d6bf3e90b695fbd8909"
},
{
"category": "external",
"summary": "https://go.dev/cl/635315",
"url": "https://go.dev/cl/635315"
},
{
"category": "external",
"summary": "https://go.dev/issue/70779",
"url": "https://go.dev/issue/70779"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/-nPEi39gI4Q/m/cGVPJCqdAQAJ",
"url": "https://groups.google.com/g/golang-announce/c/-nPEi39gI4Q/m/cGVPJCqdAQAJ"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3321",
"url": "https://pkg.go.dev/vuln/GO-2024-3321"
}
],
"release_date": "2024-12-11T18:55:58.506000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-20T08:37:59+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:868a4e993d8963e4fb64c1845f54f916f335d3c59f0596e966c6d926373f6ee1_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:9b883e71b2d12f8872b3a37b383087a488f9b74ddde0e0c6daf6ee04bdf15881_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:bf7f9ca8f33c935df306554b778e5291bcff9e92b7e9122498b0ad71d58b9166_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:ce0677023395a6d7c9598b820c6eb73b651eaa698aef9f5c27a25884fba5d643_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:04523979e4ab58120d959f88503957b1e13122952e3de03d9f0540f1e574c0d6_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:64df9d55e7196fe56ebab88071f115d7fea26fa4396109bbf3bae11ffbf1f3a5_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:9017ef8967ebe3a14ea1e07d0a9624ef126b2928e233f09451aeea89a7f09366_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:ecb181ba7dfd4a5cdffa8ba9ca251dc4875ad7f41e9d60c4cc0a3462c233e489_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:050b358e7512599f412fddf711f8731d821223ba76c460b114fe4c4bfaf7cf1b_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:83ba395adbfdae8d4973cea02ead8392089ac1051edd11e7defc6d07a122bca2_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:dc4d641c87a3b65208ef2b46398f64ae69465daeb84b4d1022062d6c5f7347dc_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:e6eba59c8336bde1ed98947b2d4c626feb2113037bc724bd881f25b7f155f47b_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:065b95a1612d15b3a7de1c5822555851535199711cc3890d56d7cb01e01666b3_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:1c59649ad569e25c3445e9655c8061b7f0b769514c0739f2e080216a55ca39c7_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:490512fefae58c6092394c8e751b7c1761583bff23b815e6f1649d55e9d43002_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:605123efdd9f31243e039929322b4a4f6ad160baaebce188fdbf2c4e7ff663ff_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-operator-bundle@sha256:ba442571ef9180765055f5224548c73e3da2be31731f8dd5b6b1beaf3e6732ee_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:1b81b7c26d7a848797f9944254963a89c3f6f0e727355bafcda5e483fee7b848_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:2caf6bd42e10f063d0991740706946d4205bf49540865bd4ed9091176add2aed_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:951de21fc848014beb5db2f7307ef639c6c76ec6eb7036b18c07047c8a914c48_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:ed04d67b3bd9ebc21a0aa2503823e5a476da44caa165999a33670198f5d1be37_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:72e761f1d00b0a322d4a7a10c824fe88e4ac7e156a279694b75ce3b42be0b6d6_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d20615c230e1b888bacdc374763eeca9b1f7612741f8ba52ded483ac688b858d_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d86dcd96af06a338b577d9c940e6316ed9a807b9fc6a33d9f5c96e2b703679b8_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:f07aa6ccdc324a2631fc01b1f4af4317cdc0471c673bd8f5bf24560e0f012dd9_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:30b687a8309c17d5b4f5be6439b59f2dc540a306d625ee34bdf72626dc36c105_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:62e1ab7267cfd3536c3b2ba9592dffb7fb979cbb039a1a90320a03b751d5f728_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:b5ba9620f23fed74b983a090cec19f6ed74ddffdd1be7d9d89f1201c0c83c1b1_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:c0ec76e307a2867dc1064a3470e17a2e1533233e1a119ce5f32e2b3c07428d08_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:a909f1ebb5cf719e4308bbd162fea14e66b0ad6f7e91163699e8f9cbf61ec852_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:c997c25ec7fee2ce060c6772925548af8d36146ed4632557852a948f496c9823_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:e543925d538de28ab98c71841a47d4384c4354add0fb3457500aafc618be79d9_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:fcbfff3d353947889e627035d1d52d4533ce5713c7e1951d90417bb228499143_ppc64le",
"9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:afe138c16496c84126ecbd5baac4223e61f15ee30ec0249468ed3335ab7d4814_arm64",
"9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:cb21a99b094e4609050927687050d8a95675d212bec76e981635ef192925d8ba_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:3069"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:868a4e993d8963e4fb64c1845f54f916f335d3c59f0596e966c6d926373f6ee1_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:9b883e71b2d12f8872b3a37b383087a488f9b74ddde0e0c6daf6ee04bdf15881_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:bf7f9ca8f33c935df306554b778e5291bcff9e92b7e9122498b0ad71d58b9166_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:ce0677023395a6d7c9598b820c6eb73b651eaa698aef9f5c27a25884fba5d643_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:04523979e4ab58120d959f88503957b1e13122952e3de03d9f0540f1e574c0d6_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:64df9d55e7196fe56ebab88071f115d7fea26fa4396109bbf3bae11ffbf1f3a5_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:9017ef8967ebe3a14ea1e07d0a9624ef126b2928e233f09451aeea89a7f09366_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:ecb181ba7dfd4a5cdffa8ba9ca251dc4875ad7f41e9d60c4cc0a3462c233e489_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:050b358e7512599f412fddf711f8731d821223ba76c460b114fe4c4bfaf7cf1b_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:83ba395adbfdae8d4973cea02ead8392089ac1051edd11e7defc6d07a122bca2_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:dc4d641c87a3b65208ef2b46398f64ae69465daeb84b4d1022062d6c5f7347dc_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:e6eba59c8336bde1ed98947b2d4c626feb2113037bc724bd881f25b7f155f47b_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:065b95a1612d15b3a7de1c5822555851535199711cc3890d56d7cb01e01666b3_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:1c59649ad569e25c3445e9655c8061b7f0b769514c0739f2e080216a55ca39c7_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:490512fefae58c6092394c8e751b7c1761583bff23b815e6f1649d55e9d43002_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:605123efdd9f31243e039929322b4a4f6ad160baaebce188fdbf2c4e7ff663ff_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-operator-bundle@sha256:ba442571ef9180765055f5224548c73e3da2be31731f8dd5b6b1beaf3e6732ee_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:1b81b7c26d7a848797f9944254963a89c3f6f0e727355bafcda5e483fee7b848_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:2caf6bd42e10f063d0991740706946d4205bf49540865bd4ed9091176add2aed_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:951de21fc848014beb5db2f7307ef639c6c76ec6eb7036b18c07047c8a914c48_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:ed04d67b3bd9ebc21a0aa2503823e5a476da44caa165999a33670198f5d1be37_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:72e761f1d00b0a322d4a7a10c824fe88e4ac7e156a279694b75ce3b42be0b6d6_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d20615c230e1b888bacdc374763eeca9b1f7612741f8ba52ded483ac688b858d_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d86dcd96af06a338b577d9c940e6316ed9a807b9fc6a33d9f5c96e2b703679b8_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:f07aa6ccdc324a2631fc01b1f4af4317cdc0471c673bd8f5bf24560e0f012dd9_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:30b687a8309c17d5b4f5be6439b59f2dc540a306d625ee34bdf72626dc36c105_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:62e1ab7267cfd3536c3b2ba9592dffb7fb979cbb039a1a90320a03b751d5f728_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:b5ba9620f23fed74b983a090cec19f6ed74ddffdd1be7d9d89f1201c0c83c1b1_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:c0ec76e307a2867dc1064a3470e17a2e1533233e1a119ce5f32e2b3c07428d08_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:a909f1ebb5cf719e4308bbd162fea14e66b0ad6f7e91163699e8f9cbf61ec852_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:c997c25ec7fee2ce060c6772925548af8d36146ed4632557852a948f496c9823_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:e543925d538de28ab98c71841a47d4384c4354add0fb3457500aafc618be79d9_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:fcbfff3d353947889e627035d1d52d4533ce5713c7e1951d90417bb228499143_ppc64le",
"9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:afe138c16496c84126ecbd5baac4223e61f15ee30ec0249468ed3335ab7d4814_arm64",
"9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:cb21a99b094e4609050927687050d8a95675d212bec76e981635ef192925d8ba_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:868a4e993d8963e4fb64c1845f54f916f335d3c59f0596e966c6d926373f6ee1_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:9b883e71b2d12f8872b3a37b383087a488f9b74ddde0e0c6daf6ee04bdf15881_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:bf7f9ca8f33c935df306554b778e5291bcff9e92b7e9122498b0ad71d58b9166_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:ce0677023395a6d7c9598b820c6eb73b651eaa698aef9f5c27a25884fba5d643_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:04523979e4ab58120d959f88503957b1e13122952e3de03d9f0540f1e574c0d6_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:64df9d55e7196fe56ebab88071f115d7fea26fa4396109bbf3bae11ffbf1f3a5_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:9017ef8967ebe3a14ea1e07d0a9624ef126b2928e233f09451aeea89a7f09366_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:ecb181ba7dfd4a5cdffa8ba9ca251dc4875ad7f41e9d60c4cc0a3462c233e489_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:050b358e7512599f412fddf711f8731d821223ba76c460b114fe4c4bfaf7cf1b_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:83ba395adbfdae8d4973cea02ead8392089ac1051edd11e7defc6d07a122bca2_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:dc4d641c87a3b65208ef2b46398f64ae69465daeb84b4d1022062d6c5f7347dc_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:e6eba59c8336bde1ed98947b2d4c626feb2113037bc724bd881f25b7f155f47b_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:065b95a1612d15b3a7de1c5822555851535199711cc3890d56d7cb01e01666b3_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:1c59649ad569e25c3445e9655c8061b7f0b769514c0739f2e080216a55ca39c7_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:490512fefae58c6092394c8e751b7c1761583bff23b815e6f1649d55e9d43002_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:605123efdd9f31243e039929322b4a4f6ad160baaebce188fdbf2c4e7ff663ff_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-operator-bundle@sha256:ba442571ef9180765055f5224548c73e3da2be31731f8dd5b6b1beaf3e6732ee_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:1b81b7c26d7a848797f9944254963a89c3f6f0e727355bafcda5e483fee7b848_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:2caf6bd42e10f063d0991740706946d4205bf49540865bd4ed9091176add2aed_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:951de21fc848014beb5db2f7307ef639c6c76ec6eb7036b18c07047c8a914c48_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:ed04d67b3bd9ebc21a0aa2503823e5a476da44caa165999a33670198f5d1be37_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:72e761f1d00b0a322d4a7a10c824fe88e4ac7e156a279694b75ce3b42be0b6d6_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d20615c230e1b888bacdc374763eeca9b1f7612741f8ba52ded483ac688b858d_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d86dcd96af06a338b577d9c940e6316ed9a807b9fc6a33d9f5c96e2b703679b8_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:f07aa6ccdc324a2631fc01b1f4af4317cdc0471c673bd8f5bf24560e0f012dd9_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:30b687a8309c17d5b4f5be6439b59f2dc540a306d625ee34bdf72626dc36c105_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:62e1ab7267cfd3536c3b2ba9592dffb7fb979cbb039a1a90320a03b751d5f728_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:b5ba9620f23fed74b983a090cec19f6ed74ddffdd1be7d9d89f1201c0c83c1b1_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:c0ec76e307a2867dc1064a3470e17a2e1533233e1a119ce5f32e2b3c07428d08_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:a909f1ebb5cf719e4308bbd162fea14e66b0ad6f7e91163699e8f9cbf61ec852_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:c997c25ec7fee2ce060c6772925548af8d36146ed4632557852a948f496c9823_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:e543925d538de28ab98c71841a47d4384c4354add0fb3457500aafc618be79d9_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:fcbfff3d353947889e627035d1d52d4533ce5713c7e1951d90417bb228499143_ppc64le",
"9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:afe138c16496c84126ecbd5baac4223e61f15ee30ec0249468ed3335ab7d4814_arm64",
"9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:cb21a99b094e4609050927687050d8a95675d212bec76e981635ef192925d8ba_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto"
},
{
"cve": "CVE-2024-45338",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2024-12-18T21:00:59.938173+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2333122"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/net/html. This flaw allows an attacker to craft input to the parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This issue can cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as an Important severity because an attacker can craft malicious input that causes the parsing functions to process data non-linearly, resulting in significant delays which leads to a denial of service by exhausting system resources.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:868a4e993d8963e4fb64c1845f54f916f335d3c59f0596e966c6d926373f6ee1_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:9b883e71b2d12f8872b3a37b383087a488f9b74ddde0e0c6daf6ee04bdf15881_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:bf7f9ca8f33c935df306554b778e5291bcff9e92b7e9122498b0ad71d58b9166_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:ce0677023395a6d7c9598b820c6eb73b651eaa698aef9f5c27a25884fba5d643_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:04523979e4ab58120d959f88503957b1e13122952e3de03d9f0540f1e574c0d6_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:64df9d55e7196fe56ebab88071f115d7fea26fa4396109bbf3bae11ffbf1f3a5_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:9017ef8967ebe3a14ea1e07d0a9624ef126b2928e233f09451aeea89a7f09366_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:ecb181ba7dfd4a5cdffa8ba9ca251dc4875ad7f41e9d60c4cc0a3462c233e489_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:050b358e7512599f412fddf711f8731d821223ba76c460b114fe4c4bfaf7cf1b_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:83ba395adbfdae8d4973cea02ead8392089ac1051edd11e7defc6d07a122bca2_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:dc4d641c87a3b65208ef2b46398f64ae69465daeb84b4d1022062d6c5f7347dc_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:e6eba59c8336bde1ed98947b2d4c626feb2113037bc724bd881f25b7f155f47b_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:065b95a1612d15b3a7de1c5822555851535199711cc3890d56d7cb01e01666b3_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:1c59649ad569e25c3445e9655c8061b7f0b769514c0739f2e080216a55ca39c7_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:490512fefae58c6092394c8e751b7c1761583bff23b815e6f1649d55e9d43002_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:605123efdd9f31243e039929322b4a4f6ad160baaebce188fdbf2c4e7ff663ff_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-operator-bundle@sha256:ba442571ef9180765055f5224548c73e3da2be31731f8dd5b6b1beaf3e6732ee_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:1b81b7c26d7a848797f9944254963a89c3f6f0e727355bafcda5e483fee7b848_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:2caf6bd42e10f063d0991740706946d4205bf49540865bd4ed9091176add2aed_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:951de21fc848014beb5db2f7307ef639c6c76ec6eb7036b18c07047c8a914c48_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:ed04d67b3bd9ebc21a0aa2503823e5a476da44caa165999a33670198f5d1be37_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:72e761f1d00b0a322d4a7a10c824fe88e4ac7e156a279694b75ce3b42be0b6d6_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d20615c230e1b888bacdc374763eeca9b1f7612741f8ba52ded483ac688b858d_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d86dcd96af06a338b577d9c940e6316ed9a807b9fc6a33d9f5c96e2b703679b8_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:f07aa6ccdc324a2631fc01b1f4af4317cdc0471c673bd8f5bf24560e0f012dd9_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:30b687a8309c17d5b4f5be6439b59f2dc540a306d625ee34bdf72626dc36c105_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:62e1ab7267cfd3536c3b2ba9592dffb7fb979cbb039a1a90320a03b751d5f728_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:b5ba9620f23fed74b983a090cec19f6ed74ddffdd1be7d9d89f1201c0c83c1b1_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:c0ec76e307a2867dc1064a3470e17a2e1533233e1a119ce5f32e2b3c07428d08_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:a909f1ebb5cf719e4308bbd162fea14e66b0ad6f7e91163699e8f9cbf61ec852_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:c997c25ec7fee2ce060c6772925548af8d36146ed4632557852a948f496c9823_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:e543925d538de28ab98c71841a47d4384c4354add0fb3457500aafc618be79d9_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:fcbfff3d353947889e627035d1d52d4533ce5713c7e1951d90417bb228499143_ppc64le",
"9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:afe138c16496c84126ecbd5baac4223e61f15ee30ec0249468ed3335ab7d4814_arm64",
"9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:cb21a99b094e4609050927687050d8a95675d212bec76e981635ef192925d8ba_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45338"
},
{
"category": "external",
"summary": "RHBZ#2333122",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2333122"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45338",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45338"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45338",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45338"
},
{
"category": "external",
"summary": "https://go.dev/cl/637536",
"url": "https://go.dev/cl/637536"
},
{
"category": "external",
"summary": "https://go.dev/issue/70906",
"url": "https://go.dev/issue/70906"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/wSCRmFnNmPA/m/Lvcd0mRMAwAJ",
"url": "https://groups.google.com/g/golang-announce/c/wSCRmFnNmPA/m/Lvcd0mRMAwAJ"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3333",
"url": "https://pkg.go.dev/vuln/GO-2024-3333"
}
],
"release_date": "2024-12-18T20:38:22.660000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-20T08:37:59+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:868a4e993d8963e4fb64c1845f54f916f335d3c59f0596e966c6d926373f6ee1_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:9b883e71b2d12f8872b3a37b383087a488f9b74ddde0e0c6daf6ee04bdf15881_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:bf7f9ca8f33c935df306554b778e5291bcff9e92b7e9122498b0ad71d58b9166_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:ce0677023395a6d7c9598b820c6eb73b651eaa698aef9f5c27a25884fba5d643_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:04523979e4ab58120d959f88503957b1e13122952e3de03d9f0540f1e574c0d6_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:64df9d55e7196fe56ebab88071f115d7fea26fa4396109bbf3bae11ffbf1f3a5_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:9017ef8967ebe3a14ea1e07d0a9624ef126b2928e233f09451aeea89a7f09366_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:ecb181ba7dfd4a5cdffa8ba9ca251dc4875ad7f41e9d60c4cc0a3462c233e489_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:050b358e7512599f412fddf711f8731d821223ba76c460b114fe4c4bfaf7cf1b_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:83ba395adbfdae8d4973cea02ead8392089ac1051edd11e7defc6d07a122bca2_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:dc4d641c87a3b65208ef2b46398f64ae69465daeb84b4d1022062d6c5f7347dc_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:e6eba59c8336bde1ed98947b2d4c626feb2113037bc724bd881f25b7f155f47b_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:065b95a1612d15b3a7de1c5822555851535199711cc3890d56d7cb01e01666b3_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:1c59649ad569e25c3445e9655c8061b7f0b769514c0739f2e080216a55ca39c7_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:490512fefae58c6092394c8e751b7c1761583bff23b815e6f1649d55e9d43002_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:605123efdd9f31243e039929322b4a4f6ad160baaebce188fdbf2c4e7ff663ff_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-operator-bundle@sha256:ba442571ef9180765055f5224548c73e3da2be31731f8dd5b6b1beaf3e6732ee_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:1b81b7c26d7a848797f9944254963a89c3f6f0e727355bafcda5e483fee7b848_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:2caf6bd42e10f063d0991740706946d4205bf49540865bd4ed9091176add2aed_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:951de21fc848014beb5db2f7307ef639c6c76ec6eb7036b18c07047c8a914c48_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:ed04d67b3bd9ebc21a0aa2503823e5a476da44caa165999a33670198f5d1be37_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:72e761f1d00b0a322d4a7a10c824fe88e4ac7e156a279694b75ce3b42be0b6d6_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d20615c230e1b888bacdc374763eeca9b1f7612741f8ba52ded483ac688b858d_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d86dcd96af06a338b577d9c940e6316ed9a807b9fc6a33d9f5c96e2b703679b8_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:f07aa6ccdc324a2631fc01b1f4af4317cdc0471c673bd8f5bf24560e0f012dd9_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:30b687a8309c17d5b4f5be6439b59f2dc540a306d625ee34bdf72626dc36c105_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:62e1ab7267cfd3536c3b2ba9592dffb7fb979cbb039a1a90320a03b751d5f728_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:b5ba9620f23fed74b983a090cec19f6ed74ddffdd1be7d9d89f1201c0c83c1b1_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:c0ec76e307a2867dc1064a3470e17a2e1533233e1a119ce5f32e2b3c07428d08_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:a909f1ebb5cf719e4308bbd162fea14e66b0ad6f7e91163699e8f9cbf61ec852_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:c997c25ec7fee2ce060c6772925548af8d36146ed4632557852a948f496c9823_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:e543925d538de28ab98c71841a47d4384c4354add0fb3457500aafc618be79d9_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:fcbfff3d353947889e627035d1d52d4533ce5713c7e1951d90417bb228499143_ppc64le",
"9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:afe138c16496c84126ecbd5baac4223e61f15ee30ec0249468ed3335ab7d4814_arm64",
"9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:cb21a99b094e4609050927687050d8a95675d212bec76e981635ef192925d8ba_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:3069"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:868a4e993d8963e4fb64c1845f54f916f335d3c59f0596e966c6d926373f6ee1_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:9b883e71b2d12f8872b3a37b383087a488f9b74ddde0e0c6daf6ee04bdf15881_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:bf7f9ca8f33c935df306554b778e5291bcff9e92b7e9122498b0ad71d58b9166_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:ce0677023395a6d7c9598b820c6eb73b651eaa698aef9f5c27a25884fba5d643_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:04523979e4ab58120d959f88503957b1e13122952e3de03d9f0540f1e574c0d6_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:64df9d55e7196fe56ebab88071f115d7fea26fa4396109bbf3bae11ffbf1f3a5_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:9017ef8967ebe3a14ea1e07d0a9624ef126b2928e233f09451aeea89a7f09366_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:ecb181ba7dfd4a5cdffa8ba9ca251dc4875ad7f41e9d60c4cc0a3462c233e489_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:050b358e7512599f412fddf711f8731d821223ba76c460b114fe4c4bfaf7cf1b_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:83ba395adbfdae8d4973cea02ead8392089ac1051edd11e7defc6d07a122bca2_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:dc4d641c87a3b65208ef2b46398f64ae69465daeb84b4d1022062d6c5f7347dc_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:e6eba59c8336bde1ed98947b2d4c626feb2113037bc724bd881f25b7f155f47b_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:065b95a1612d15b3a7de1c5822555851535199711cc3890d56d7cb01e01666b3_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:1c59649ad569e25c3445e9655c8061b7f0b769514c0739f2e080216a55ca39c7_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:490512fefae58c6092394c8e751b7c1761583bff23b815e6f1649d55e9d43002_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:605123efdd9f31243e039929322b4a4f6ad160baaebce188fdbf2c4e7ff663ff_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-operator-bundle@sha256:ba442571ef9180765055f5224548c73e3da2be31731f8dd5b6b1beaf3e6732ee_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:1b81b7c26d7a848797f9944254963a89c3f6f0e727355bafcda5e483fee7b848_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:2caf6bd42e10f063d0991740706946d4205bf49540865bd4ed9091176add2aed_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:951de21fc848014beb5db2f7307ef639c6c76ec6eb7036b18c07047c8a914c48_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:ed04d67b3bd9ebc21a0aa2503823e5a476da44caa165999a33670198f5d1be37_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:72e761f1d00b0a322d4a7a10c824fe88e4ac7e156a279694b75ce3b42be0b6d6_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d20615c230e1b888bacdc374763eeca9b1f7612741f8ba52ded483ac688b858d_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d86dcd96af06a338b577d9c940e6316ed9a807b9fc6a33d9f5c96e2b703679b8_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:f07aa6ccdc324a2631fc01b1f4af4317cdc0471c673bd8f5bf24560e0f012dd9_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:30b687a8309c17d5b4f5be6439b59f2dc540a306d625ee34bdf72626dc36c105_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:62e1ab7267cfd3536c3b2ba9592dffb7fb979cbb039a1a90320a03b751d5f728_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:b5ba9620f23fed74b983a090cec19f6ed74ddffdd1be7d9d89f1201c0c83c1b1_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:c0ec76e307a2867dc1064a3470e17a2e1533233e1a119ce5f32e2b3c07428d08_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:a909f1ebb5cf719e4308bbd162fea14e66b0ad6f7e91163699e8f9cbf61ec852_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:c997c25ec7fee2ce060c6772925548af8d36146ed4632557852a948f496c9823_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:e543925d538de28ab98c71841a47d4384c4354add0fb3457500aafc618be79d9_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:fcbfff3d353947889e627035d1d52d4533ce5713c7e1951d90417bb228499143_ppc64le",
"9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:afe138c16496c84126ecbd5baac4223e61f15ee30ec0249468ed3335ab7d4814_arm64",
"9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:cb21a99b094e4609050927687050d8a95675d212bec76e981635ef192925d8ba_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html"
},
{
"cve": "CVE-2025-21613",
"cwe": {
"id": "CWE-88",
"name": "Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)"
},
"discovery_date": "2025-01-06T17:00:41.244449+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2335888"
}
],
"notes": [
{
"category": "description",
"text": "An argument injection vulnerability was found in go-git. This flaw allows an attacker to set arbitrary values to git-upload-pack flags, leading to command or code execution, exposure of sensitive data, or other unintended behavior. This is only possible in configurations where the file transport protocol is being used.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "go-git: argument injection via the URL field",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as an Important severity because an argument injection has been discovered in go-git, where an attackers can manipulate git-upload-pack flags, potentially enabling command or code execution leads to an exposure of sensitive data or other unintended actions, this vulnerability occurs exclusively in configurations using the file transport protocol.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:868a4e993d8963e4fb64c1845f54f916f335d3c59f0596e966c6d926373f6ee1_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:9b883e71b2d12f8872b3a37b383087a488f9b74ddde0e0c6daf6ee04bdf15881_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:bf7f9ca8f33c935df306554b778e5291bcff9e92b7e9122498b0ad71d58b9166_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:ce0677023395a6d7c9598b820c6eb73b651eaa698aef9f5c27a25884fba5d643_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:04523979e4ab58120d959f88503957b1e13122952e3de03d9f0540f1e574c0d6_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:64df9d55e7196fe56ebab88071f115d7fea26fa4396109bbf3bae11ffbf1f3a5_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:9017ef8967ebe3a14ea1e07d0a9624ef126b2928e233f09451aeea89a7f09366_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:ecb181ba7dfd4a5cdffa8ba9ca251dc4875ad7f41e9d60c4cc0a3462c233e489_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:050b358e7512599f412fddf711f8731d821223ba76c460b114fe4c4bfaf7cf1b_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:83ba395adbfdae8d4973cea02ead8392089ac1051edd11e7defc6d07a122bca2_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:dc4d641c87a3b65208ef2b46398f64ae69465daeb84b4d1022062d6c5f7347dc_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:e6eba59c8336bde1ed98947b2d4c626feb2113037bc724bd881f25b7f155f47b_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:065b95a1612d15b3a7de1c5822555851535199711cc3890d56d7cb01e01666b3_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:1c59649ad569e25c3445e9655c8061b7f0b769514c0739f2e080216a55ca39c7_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:490512fefae58c6092394c8e751b7c1761583bff23b815e6f1649d55e9d43002_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:605123efdd9f31243e039929322b4a4f6ad160baaebce188fdbf2c4e7ff663ff_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-operator-bundle@sha256:ba442571ef9180765055f5224548c73e3da2be31731f8dd5b6b1beaf3e6732ee_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:1b81b7c26d7a848797f9944254963a89c3f6f0e727355bafcda5e483fee7b848_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:2caf6bd42e10f063d0991740706946d4205bf49540865bd4ed9091176add2aed_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:951de21fc848014beb5db2f7307ef639c6c76ec6eb7036b18c07047c8a914c48_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:ed04d67b3bd9ebc21a0aa2503823e5a476da44caa165999a33670198f5d1be37_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:72e761f1d00b0a322d4a7a10c824fe88e4ac7e156a279694b75ce3b42be0b6d6_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d20615c230e1b888bacdc374763eeca9b1f7612741f8ba52ded483ac688b858d_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d86dcd96af06a338b577d9c940e6316ed9a807b9fc6a33d9f5c96e2b703679b8_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:f07aa6ccdc324a2631fc01b1f4af4317cdc0471c673bd8f5bf24560e0f012dd9_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:30b687a8309c17d5b4f5be6439b59f2dc540a306d625ee34bdf72626dc36c105_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:62e1ab7267cfd3536c3b2ba9592dffb7fb979cbb039a1a90320a03b751d5f728_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:b5ba9620f23fed74b983a090cec19f6ed74ddffdd1be7d9d89f1201c0c83c1b1_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:c0ec76e307a2867dc1064a3470e17a2e1533233e1a119ce5f32e2b3c07428d08_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:a909f1ebb5cf719e4308bbd162fea14e66b0ad6f7e91163699e8f9cbf61ec852_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:c997c25ec7fee2ce060c6772925548af8d36146ed4632557852a948f496c9823_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:e543925d538de28ab98c71841a47d4384c4354add0fb3457500aafc618be79d9_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:fcbfff3d353947889e627035d1d52d4533ce5713c7e1951d90417bb228499143_ppc64le",
"9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:afe138c16496c84126ecbd5baac4223e61f15ee30ec0249468ed3335ab7d4814_arm64",
"9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:cb21a99b094e4609050927687050d8a95675d212bec76e981635ef192925d8ba_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-21613"
},
{
"category": "external",
"summary": "RHBZ#2335888",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2335888"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-21613",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21613"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-21613",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-21613"
},
{
"category": "external",
"summary": "https://github.com/go-git/go-git/security/advisories/GHSA-v725-9546-7q7m",
"url": "https://github.com/go-git/go-git/security/advisories/GHSA-v725-9546-7q7m"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3368",
"url": "https://pkg.go.dev/vuln/GO-2025-3368"
}
],
"release_date": "2025-01-06T16:13:10.611000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-20T08:37:59+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:868a4e993d8963e4fb64c1845f54f916f335d3c59f0596e966c6d926373f6ee1_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:9b883e71b2d12f8872b3a37b383087a488f9b74ddde0e0c6daf6ee04bdf15881_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:bf7f9ca8f33c935df306554b778e5291bcff9e92b7e9122498b0ad71d58b9166_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:ce0677023395a6d7c9598b820c6eb73b651eaa698aef9f5c27a25884fba5d643_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:04523979e4ab58120d959f88503957b1e13122952e3de03d9f0540f1e574c0d6_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:64df9d55e7196fe56ebab88071f115d7fea26fa4396109bbf3bae11ffbf1f3a5_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:9017ef8967ebe3a14ea1e07d0a9624ef126b2928e233f09451aeea89a7f09366_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:ecb181ba7dfd4a5cdffa8ba9ca251dc4875ad7f41e9d60c4cc0a3462c233e489_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:050b358e7512599f412fddf711f8731d821223ba76c460b114fe4c4bfaf7cf1b_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:83ba395adbfdae8d4973cea02ead8392089ac1051edd11e7defc6d07a122bca2_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:dc4d641c87a3b65208ef2b46398f64ae69465daeb84b4d1022062d6c5f7347dc_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:e6eba59c8336bde1ed98947b2d4c626feb2113037bc724bd881f25b7f155f47b_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:065b95a1612d15b3a7de1c5822555851535199711cc3890d56d7cb01e01666b3_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:1c59649ad569e25c3445e9655c8061b7f0b769514c0739f2e080216a55ca39c7_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:490512fefae58c6092394c8e751b7c1761583bff23b815e6f1649d55e9d43002_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:605123efdd9f31243e039929322b4a4f6ad160baaebce188fdbf2c4e7ff663ff_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-operator-bundle@sha256:ba442571ef9180765055f5224548c73e3da2be31731f8dd5b6b1beaf3e6732ee_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:1b81b7c26d7a848797f9944254963a89c3f6f0e727355bafcda5e483fee7b848_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:2caf6bd42e10f063d0991740706946d4205bf49540865bd4ed9091176add2aed_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:951de21fc848014beb5db2f7307ef639c6c76ec6eb7036b18c07047c8a914c48_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:ed04d67b3bd9ebc21a0aa2503823e5a476da44caa165999a33670198f5d1be37_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:72e761f1d00b0a322d4a7a10c824fe88e4ac7e156a279694b75ce3b42be0b6d6_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d20615c230e1b888bacdc374763eeca9b1f7612741f8ba52ded483ac688b858d_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d86dcd96af06a338b577d9c940e6316ed9a807b9fc6a33d9f5c96e2b703679b8_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:f07aa6ccdc324a2631fc01b1f4af4317cdc0471c673bd8f5bf24560e0f012dd9_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:30b687a8309c17d5b4f5be6439b59f2dc540a306d625ee34bdf72626dc36c105_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:62e1ab7267cfd3536c3b2ba9592dffb7fb979cbb039a1a90320a03b751d5f728_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:b5ba9620f23fed74b983a090cec19f6ed74ddffdd1be7d9d89f1201c0c83c1b1_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:c0ec76e307a2867dc1064a3470e17a2e1533233e1a119ce5f32e2b3c07428d08_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:a909f1ebb5cf719e4308bbd162fea14e66b0ad6f7e91163699e8f9cbf61ec852_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:c997c25ec7fee2ce060c6772925548af8d36146ed4632557852a948f496c9823_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:e543925d538de28ab98c71841a47d4384c4354add0fb3457500aafc618be79d9_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:fcbfff3d353947889e627035d1d52d4533ce5713c7e1951d90417bb228499143_ppc64le",
"9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:afe138c16496c84126ecbd5baac4223e61f15ee30ec0249468ed3335ab7d4814_arm64",
"9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:cb21a99b094e4609050927687050d8a95675d212bec76e981635ef192925d8ba_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:3069"
},
{
"category": "workaround",
"details": "In cases where it is not possible to update to the latest version of go-git, it is recommended to enforce validation rules for values passed in the URL field.",
"product_ids": [
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:868a4e993d8963e4fb64c1845f54f916f335d3c59f0596e966c6d926373f6ee1_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:9b883e71b2d12f8872b3a37b383087a488f9b74ddde0e0c6daf6ee04bdf15881_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:bf7f9ca8f33c935df306554b778e5291bcff9e92b7e9122498b0ad71d58b9166_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:ce0677023395a6d7c9598b820c6eb73b651eaa698aef9f5c27a25884fba5d643_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:04523979e4ab58120d959f88503957b1e13122952e3de03d9f0540f1e574c0d6_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:64df9d55e7196fe56ebab88071f115d7fea26fa4396109bbf3bae11ffbf1f3a5_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:9017ef8967ebe3a14ea1e07d0a9624ef126b2928e233f09451aeea89a7f09366_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:ecb181ba7dfd4a5cdffa8ba9ca251dc4875ad7f41e9d60c4cc0a3462c233e489_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:050b358e7512599f412fddf711f8731d821223ba76c460b114fe4c4bfaf7cf1b_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:83ba395adbfdae8d4973cea02ead8392089ac1051edd11e7defc6d07a122bca2_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:dc4d641c87a3b65208ef2b46398f64ae69465daeb84b4d1022062d6c5f7347dc_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:e6eba59c8336bde1ed98947b2d4c626feb2113037bc724bd881f25b7f155f47b_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:065b95a1612d15b3a7de1c5822555851535199711cc3890d56d7cb01e01666b3_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:1c59649ad569e25c3445e9655c8061b7f0b769514c0739f2e080216a55ca39c7_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:490512fefae58c6092394c8e751b7c1761583bff23b815e6f1649d55e9d43002_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:605123efdd9f31243e039929322b4a4f6ad160baaebce188fdbf2c4e7ff663ff_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-operator-bundle@sha256:ba442571ef9180765055f5224548c73e3da2be31731f8dd5b6b1beaf3e6732ee_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:1b81b7c26d7a848797f9944254963a89c3f6f0e727355bafcda5e483fee7b848_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:2caf6bd42e10f063d0991740706946d4205bf49540865bd4ed9091176add2aed_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:951de21fc848014beb5db2f7307ef639c6c76ec6eb7036b18c07047c8a914c48_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:ed04d67b3bd9ebc21a0aa2503823e5a476da44caa165999a33670198f5d1be37_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:72e761f1d00b0a322d4a7a10c824fe88e4ac7e156a279694b75ce3b42be0b6d6_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d20615c230e1b888bacdc374763eeca9b1f7612741f8ba52ded483ac688b858d_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d86dcd96af06a338b577d9c940e6316ed9a807b9fc6a33d9f5c96e2b703679b8_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:f07aa6ccdc324a2631fc01b1f4af4317cdc0471c673bd8f5bf24560e0f012dd9_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:30b687a8309c17d5b4f5be6439b59f2dc540a306d625ee34bdf72626dc36c105_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:62e1ab7267cfd3536c3b2ba9592dffb7fb979cbb039a1a90320a03b751d5f728_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:b5ba9620f23fed74b983a090cec19f6ed74ddffdd1be7d9d89f1201c0c83c1b1_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:c0ec76e307a2867dc1064a3470e17a2e1533233e1a119ce5f32e2b3c07428d08_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:a909f1ebb5cf719e4308bbd162fea14e66b0ad6f7e91163699e8f9cbf61ec852_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:c997c25ec7fee2ce060c6772925548af8d36146ed4632557852a948f496c9823_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:e543925d538de28ab98c71841a47d4384c4354add0fb3457500aafc618be79d9_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:fcbfff3d353947889e627035d1d52d4533ce5713c7e1951d90417bb228499143_ppc64le",
"9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:afe138c16496c84126ecbd5baac4223e61f15ee30ec0249468ed3335ab7d4814_arm64",
"9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:cb21a99b094e4609050927687050d8a95675d212bec76e981635ef192925d8ba_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:868a4e993d8963e4fb64c1845f54f916f335d3c59f0596e966c6d926373f6ee1_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:9b883e71b2d12f8872b3a37b383087a488f9b74ddde0e0c6daf6ee04bdf15881_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:bf7f9ca8f33c935df306554b778e5291bcff9e92b7e9122498b0ad71d58b9166_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:ce0677023395a6d7c9598b820c6eb73b651eaa698aef9f5c27a25884fba5d643_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:04523979e4ab58120d959f88503957b1e13122952e3de03d9f0540f1e574c0d6_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:64df9d55e7196fe56ebab88071f115d7fea26fa4396109bbf3bae11ffbf1f3a5_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:9017ef8967ebe3a14ea1e07d0a9624ef126b2928e233f09451aeea89a7f09366_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:ecb181ba7dfd4a5cdffa8ba9ca251dc4875ad7f41e9d60c4cc0a3462c233e489_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:050b358e7512599f412fddf711f8731d821223ba76c460b114fe4c4bfaf7cf1b_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:83ba395adbfdae8d4973cea02ead8392089ac1051edd11e7defc6d07a122bca2_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:dc4d641c87a3b65208ef2b46398f64ae69465daeb84b4d1022062d6c5f7347dc_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:e6eba59c8336bde1ed98947b2d4c626feb2113037bc724bd881f25b7f155f47b_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:065b95a1612d15b3a7de1c5822555851535199711cc3890d56d7cb01e01666b3_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:1c59649ad569e25c3445e9655c8061b7f0b769514c0739f2e080216a55ca39c7_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:490512fefae58c6092394c8e751b7c1761583bff23b815e6f1649d55e9d43002_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:605123efdd9f31243e039929322b4a4f6ad160baaebce188fdbf2c4e7ff663ff_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-operator-bundle@sha256:ba442571ef9180765055f5224548c73e3da2be31731f8dd5b6b1beaf3e6732ee_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:1b81b7c26d7a848797f9944254963a89c3f6f0e727355bafcda5e483fee7b848_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:2caf6bd42e10f063d0991740706946d4205bf49540865bd4ed9091176add2aed_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:951de21fc848014beb5db2f7307ef639c6c76ec6eb7036b18c07047c8a914c48_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:ed04d67b3bd9ebc21a0aa2503823e5a476da44caa165999a33670198f5d1be37_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:72e761f1d00b0a322d4a7a10c824fe88e4ac7e156a279694b75ce3b42be0b6d6_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d20615c230e1b888bacdc374763eeca9b1f7612741f8ba52ded483ac688b858d_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d86dcd96af06a338b577d9c940e6316ed9a807b9fc6a33d9f5c96e2b703679b8_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:f07aa6ccdc324a2631fc01b1f4af4317cdc0471c673bd8f5bf24560e0f012dd9_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:30b687a8309c17d5b4f5be6439b59f2dc540a306d625ee34bdf72626dc36c105_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:62e1ab7267cfd3536c3b2ba9592dffb7fb979cbb039a1a90320a03b751d5f728_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:b5ba9620f23fed74b983a090cec19f6ed74ddffdd1be7d9d89f1201c0c83c1b1_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:c0ec76e307a2867dc1064a3470e17a2e1533233e1a119ce5f32e2b3c07428d08_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:a909f1ebb5cf719e4308bbd162fea14e66b0ad6f7e91163699e8f9cbf61ec852_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:c997c25ec7fee2ce060c6772925548af8d36146ed4632557852a948f496c9823_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:e543925d538de28ab98c71841a47d4384c4354add0fb3457500aafc618be79d9_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:fcbfff3d353947889e627035d1d52d4533ce5713c7e1951d90417bb228499143_ppc64le",
"9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:afe138c16496c84126ecbd5baac4223e61f15ee30ec0249468ed3335ab7d4814_arm64",
"9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:cb21a99b094e4609050927687050d8a95675d212bec76e981635ef192925d8ba_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "go-git: argument injection via the URL field"
},
{
"cve": "CVE-2025-21614",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-01-06T17:01:36.743039+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2335901"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service (DoS) vulnerability was found in go-git. This vulnerability allows an attacker to perform denial of service attacks by providing specially crafted responses from a Git server, which triggers resource exhaustion in go-git clients.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "go-git: go-git clients vulnerable to DoS via maliciously crafted Git server replies",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:868a4e993d8963e4fb64c1845f54f916f335d3c59f0596e966c6d926373f6ee1_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:9b883e71b2d12f8872b3a37b383087a488f9b74ddde0e0c6daf6ee04bdf15881_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:bf7f9ca8f33c935df306554b778e5291bcff9e92b7e9122498b0ad71d58b9166_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:ce0677023395a6d7c9598b820c6eb73b651eaa698aef9f5c27a25884fba5d643_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:04523979e4ab58120d959f88503957b1e13122952e3de03d9f0540f1e574c0d6_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:64df9d55e7196fe56ebab88071f115d7fea26fa4396109bbf3bae11ffbf1f3a5_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:9017ef8967ebe3a14ea1e07d0a9624ef126b2928e233f09451aeea89a7f09366_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:ecb181ba7dfd4a5cdffa8ba9ca251dc4875ad7f41e9d60c4cc0a3462c233e489_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:050b358e7512599f412fddf711f8731d821223ba76c460b114fe4c4bfaf7cf1b_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:83ba395adbfdae8d4973cea02ead8392089ac1051edd11e7defc6d07a122bca2_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:dc4d641c87a3b65208ef2b46398f64ae69465daeb84b4d1022062d6c5f7347dc_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:e6eba59c8336bde1ed98947b2d4c626feb2113037bc724bd881f25b7f155f47b_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:065b95a1612d15b3a7de1c5822555851535199711cc3890d56d7cb01e01666b3_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:1c59649ad569e25c3445e9655c8061b7f0b769514c0739f2e080216a55ca39c7_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:490512fefae58c6092394c8e751b7c1761583bff23b815e6f1649d55e9d43002_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:605123efdd9f31243e039929322b4a4f6ad160baaebce188fdbf2c4e7ff663ff_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-operator-bundle@sha256:ba442571ef9180765055f5224548c73e3da2be31731f8dd5b6b1beaf3e6732ee_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:1b81b7c26d7a848797f9944254963a89c3f6f0e727355bafcda5e483fee7b848_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:2caf6bd42e10f063d0991740706946d4205bf49540865bd4ed9091176add2aed_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:951de21fc848014beb5db2f7307ef639c6c76ec6eb7036b18c07047c8a914c48_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:ed04d67b3bd9ebc21a0aa2503823e5a476da44caa165999a33670198f5d1be37_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:72e761f1d00b0a322d4a7a10c824fe88e4ac7e156a279694b75ce3b42be0b6d6_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d20615c230e1b888bacdc374763eeca9b1f7612741f8ba52ded483ac688b858d_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d86dcd96af06a338b577d9c940e6316ed9a807b9fc6a33d9f5c96e2b703679b8_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:f07aa6ccdc324a2631fc01b1f4af4317cdc0471c673bd8f5bf24560e0f012dd9_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:30b687a8309c17d5b4f5be6439b59f2dc540a306d625ee34bdf72626dc36c105_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:62e1ab7267cfd3536c3b2ba9592dffb7fb979cbb039a1a90320a03b751d5f728_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:b5ba9620f23fed74b983a090cec19f6ed74ddffdd1be7d9d89f1201c0c83c1b1_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:c0ec76e307a2867dc1064a3470e17a2e1533233e1a119ce5f32e2b3c07428d08_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:a909f1ebb5cf719e4308bbd162fea14e66b0ad6f7e91163699e8f9cbf61ec852_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:c997c25ec7fee2ce060c6772925548af8d36146ed4632557852a948f496c9823_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:e543925d538de28ab98c71841a47d4384c4354add0fb3457500aafc618be79d9_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:fcbfff3d353947889e627035d1d52d4533ce5713c7e1951d90417bb228499143_ppc64le",
"9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:afe138c16496c84126ecbd5baac4223e61f15ee30ec0249468ed3335ab7d4814_arm64",
"9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:cb21a99b094e4609050927687050d8a95675d212bec76e981635ef192925d8ba_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-21614"
},
{
"category": "external",
"summary": "RHBZ#2335901",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2335901"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-21614",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21614"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-21614",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-21614"
},
{
"category": "external",
"summary": "https://github.com/go-git/go-git/security/advisories/GHSA-r9px-m959-cxf4",
"url": "https://github.com/go-git/go-git/security/advisories/GHSA-r9px-m959-cxf4"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3367",
"url": "https://pkg.go.dev/vuln/GO-2025-3367"
}
],
"release_date": "2025-01-06T16:20:16.140000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-20T08:37:59+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:868a4e993d8963e4fb64c1845f54f916f335d3c59f0596e966c6d926373f6ee1_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:9b883e71b2d12f8872b3a37b383087a488f9b74ddde0e0c6daf6ee04bdf15881_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:bf7f9ca8f33c935df306554b778e5291bcff9e92b7e9122498b0ad71d58b9166_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:ce0677023395a6d7c9598b820c6eb73b651eaa698aef9f5c27a25884fba5d643_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:04523979e4ab58120d959f88503957b1e13122952e3de03d9f0540f1e574c0d6_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:64df9d55e7196fe56ebab88071f115d7fea26fa4396109bbf3bae11ffbf1f3a5_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:9017ef8967ebe3a14ea1e07d0a9624ef126b2928e233f09451aeea89a7f09366_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:ecb181ba7dfd4a5cdffa8ba9ca251dc4875ad7f41e9d60c4cc0a3462c233e489_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:050b358e7512599f412fddf711f8731d821223ba76c460b114fe4c4bfaf7cf1b_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:83ba395adbfdae8d4973cea02ead8392089ac1051edd11e7defc6d07a122bca2_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:dc4d641c87a3b65208ef2b46398f64ae69465daeb84b4d1022062d6c5f7347dc_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:e6eba59c8336bde1ed98947b2d4c626feb2113037bc724bd881f25b7f155f47b_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:065b95a1612d15b3a7de1c5822555851535199711cc3890d56d7cb01e01666b3_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:1c59649ad569e25c3445e9655c8061b7f0b769514c0739f2e080216a55ca39c7_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:490512fefae58c6092394c8e751b7c1761583bff23b815e6f1649d55e9d43002_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:605123efdd9f31243e039929322b4a4f6ad160baaebce188fdbf2c4e7ff663ff_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-operator-bundle@sha256:ba442571ef9180765055f5224548c73e3da2be31731f8dd5b6b1beaf3e6732ee_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:1b81b7c26d7a848797f9944254963a89c3f6f0e727355bafcda5e483fee7b848_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:2caf6bd42e10f063d0991740706946d4205bf49540865bd4ed9091176add2aed_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:951de21fc848014beb5db2f7307ef639c6c76ec6eb7036b18c07047c8a914c48_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:ed04d67b3bd9ebc21a0aa2503823e5a476da44caa165999a33670198f5d1be37_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:72e761f1d00b0a322d4a7a10c824fe88e4ac7e156a279694b75ce3b42be0b6d6_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d20615c230e1b888bacdc374763eeca9b1f7612741f8ba52ded483ac688b858d_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d86dcd96af06a338b577d9c940e6316ed9a807b9fc6a33d9f5c96e2b703679b8_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:f07aa6ccdc324a2631fc01b1f4af4317cdc0471c673bd8f5bf24560e0f012dd9_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:30b687a8309c17d5b4f5be6439b59f2dc540a306d625ee34bdf72626dc36c105_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:62e1ab7267cfd3536c3b2ba9592dffb7fb979cbb039a1a90320a03b751d5f728_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:b5ba9620f23fed74b983a090cec19f6ed74ddffdd1be7d9d89f1201c0c83c1b1_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:c0ec76e307a2867dc1064a3470e17a2e1533233e1a119ce5f32e2b3c07428d08_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:a909f1ebb5cf719e4308bbd162fea14e66b0ad6f7e91163699e8f9cbf61ec852_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:c997c25ec7fee2ce060c6772925548af8d36146ed4632557852a948f496c9823_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:e543925d538de28ab98c71841a47d4384c4354add0fb3457500aafc618be79d9_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:fcbfff3d353947889e627035d1d52d4533ce5713c7e1951d90417bb228499143_ppc64le",
"9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:afe138c16496c84126ecbd5baac4223e61f15ee30ec0249468ed3335ab7d4814_arm64",
"9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:cb21a99b094e4609050927687050d8a95675d212bec76e981635ef192925d8ba_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:3069"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:868a4e993d8963e4fb64c1845f54f916f335d3c59f0596e966c6d926373f6ee1_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:9b883e71b2d12f8872b3a37b383087a488f9b74ddde0e0c6daf6ee04bdf15881_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:bf7f9ca8f33c935df306554b778e5291bcff9e92b7e9122498b0ad71d58b9166_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:ce0677023395a6d7c9598b820c6eb73b651eaa698aef9f5c27a25884fba5d643_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:04523979e4ab58120d959f88503957b1e13122952e3de03d9f0540f1e574c0d6_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:64df9d55e7196fe56ebab88071f115d7fea26fa4396109bbf3bae11ffbf1f3a5_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:9017ef8967ebe3a14ea1e07d0a9624ef126b2928e233f09451aeea89a7f09366_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:ecb181ba7dfd4a5cdffa8ba9ca251dc4875ad7f41e9d60c4cc0a3462c233e489_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:050b358e7512599f412fddf711f8731d821223ba76c460b114fe4c4bfaf7cf1b_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:83ba395adbfdae8d4973cea02ead8392089ac1051edd11e7defc6d07a122bca2_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:dc4d641c87a3b65208ef2b46398f64ae69465daeb84b4d1022062d6c5f7347dc_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:e6eba59c8336bde1ed98947b2d4c626feb2113037bc724bd881f25b7f155f47b_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:065b95a1612d15b3a7de1c5822555851535199711cc3890d56d7cb01e01666b3_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:1c59649ad569e25c3445e9655c8061b7f0b769514c0739f2e080216a55ca39c7_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:490512fefae58c6092394c8e751b7c1761583bff23b815e6f1649d55e9d43002_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:605123efdd9f31243e039929322b4a4f6ad160baaebce188fdbf2c4e7ff663ff_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-operator-bundle@sha256:ba442571ef9180765055f5224548c73e3da2be31731f8dd5b6b1beaf3e6732ee_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:1b81b7c26d7a848797f9944254963a89c3f6f0e727355bafcda5e483fee7b848_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:2caf6bd42e10f063d0991740706946d4205bf49540865bd4ed9091176add2aed_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:951de21fc848014beb5db2f7307ef639c6c76ec6eb7036b18c07047c8a914c48_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:ed04d67b3bd9ebc21a0aa2503823e5a476da44caa165999a33670198f5d1be37_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:72e761f1d00b0a322d4a7a10c824fe88e4ac7e156a279694b75ce3b42be0b6d6_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d20615c230e1b888bacdc374763eeca9b1f7612741f8ba52ded483ac688b858d_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d86dcd96af06a338b577d9c940e6316ed9a807b9fc6a33d9f5c96e2b703679b8_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:f07aa6ccdc324a2631fc01b1f4af4317cdc0471c673bd8f5bf24560e0f012dd9_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:30b687a8309c17d5b4f5be6439b59f2dc540a306d625ee34bdf72626dc36c105_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:62e1ab7267cfd3536c3b2ba9592dffb7fb979cbb039a1a90320a03b751d5f728_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:b5ba9620f23fed74b983a090cec19f6ed74ddffdd1be7d9d89f1201c0c83c1b1_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:c0ec76e307a2867dc1064a3470e17a2e1533233e1a119ce5f32e2b3c07428d08_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:a909f1ebb5cf719e4308bbd162fea14e66b0ad6f7e91163699e8f9cbf61ec852_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:c997c25ec7fee2ce060c6772925548af8d36146ed4632557852a948f496c9823_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:e543925d538de28ab98c71841a47d4384c4354add0fb3457500aafc618be79d9_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:fcbfff3d353947889e627035d1d52d4533ce5713c7e1951d90417bb228499143_ppc64le",
"9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:afe138c16496c84126ecbd5baac4223e61f15ee30ec0249468ed3335ab7d4814_arm64",
"9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:cb21a99b094e4609050927687050d8a95675d212bec76e981635ef192925d8ba_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "go-git: go-git clients vulnerable to DoS via maliciously crafted Git server replies"
},
{
"cve": "CVE-2025-23216",
"cwe": {
"id": "CWE-209",
"name": "Generation of Error Message Containing Sensitive Information"
},
"discovery_date": "2025-01-30T16:00:59.817443+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2342987"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Argo CD where secret values can be exposed in error messages when an invalid Kubernetes Secret resource is synced from a repository. An attacker must have write access to the repository and any user with read access can view the exposed data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "argocd: Argo CD does not scrub secret values from patch errors",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:868a4e993d8963e4fb64c1845f54f916f335d3c59f0596e966c6d926373f6ee1_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:9b883e71b2d12f8872b3a37b383087a488f9b74ddde0e0c6daf6ee04bdf15881_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:bf7f9ca8f33c935df306554b778e5291bcff9e92b7e9122498b0ad71d58b9166_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:ce0677023395a6d7c9598b820c6eb73b651eaa698aef9f5c27a25884fba5d643_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:04523979e4ab58120d959f88503957b1e13122952e3de03d9f0540f1e574c0d6_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:64df9d55e7196fe56ebab88071f115d7fea26fa4396109bbf3bae11ffbf1f3a5_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:9017ef8967ebe3a14ea1e07d0a9624ef126b2928e233f09451aeea89a7f09366_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:ecb181ba7dfd4a5cdffa8ba9ca251dc4875ad7f41e9d60c4cc0a3462c233e489_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:050b358e7512599f412fddf711f8731d821223ba76c460b114fe4c4bfaf7cf1b_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:83ba395adbfdae8d4973cea02ead8392089ac1051edd11e7defc6d07a122bca2_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:dc4d641c87a3b65208ef2b46398f64ae69465daeb84b4d1022062d6c5f7347dc_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:e6eba59c8336bde1ed98947b2d4c626feb2113037bc724bd881f25b7f155f47b_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:065b95a1612d15b3a7de1c5822555851535199711cc3890d56d7cb01e01666b3_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:1c59649ad569e25c3445e9655c8061b7f0b769514c0739f2e080216a55ca39c7_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:490512fefae58c6092394c8e751b7c1761583bff23b815e6f1649d55e9d43002_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:605123efdd9f31243e039929322b4a4f6ad160baaebce188fdbf2c4e7ff663ff_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-operator-bundle@sha256:ba442571ef9180765055f5224548c73e3da2be31731f8dd5b6b1beaf3e6732ee_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:1b81b7c26d7a848797f9944254963a89c3f6f0e727355bafcda5e483fee7b848_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:2caf6bd42e10f063d0991740706946d4205bf49540865bd4ed9091176add2aed_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:951de21fc848014beb5db2f7307ef639c6c76ec6eb7036b18c07047c8a914c48_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:ed04d67b3bd9ebc21a0aa2503823e5a476da44caa165999a33670198f5d1be37_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:72e761f1d00b0a322d4a7a10c824fe88e4ac7e156a279694b75ce3b42be0b6d6_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d20615c230e1b888bacdc374763eeca9b1f7612741f8ba52ded483ac688b858d_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d86dcd96af06a338b577d9c940e6316ed9a807b9fc6a33d9f5c96e2b703679b8_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:f07aa6ccdc324a2631fc01b1f4af4317cdc0471c673bd8f5bf24560e0f012dd9_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:30b687a8309c17d5b4f5be6439b59f2dc540a306d625ee34bdf72626dc36c105_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:62e1ab7267cfd3536c3b2ba9592dffb7fb979cbb039a1a90320a03b751d5f728_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:b5ba9620f23fed74b983a090cec19f6ed74ddffdd1be7d9d89f1201c0c83c1b1_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:c0ec76e307a2867dc1064a3470e17a2e1533233e1a119ce5f32e2b3c07428d08_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:a909f1ebb5cf719e4308bbd162fea14e66b0ad6f7e91163699e8f9cbf61ec852_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:c997c25ec7fee2ce060c6772925548af8d36146ed4632557852a948f496c9823_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:e543925d538de28ab98c71841a47d4384c4354add0fb3457500aafc618be79d9_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:fcbfff3d353947889e627035d1d52d4533ce5713c7e1951d90417bb228499143_ppc64le",
"9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:afe138c16496c84126ecbd5baac4223e61f15ee30ec0249468ed3335ab7d4814_arm64",
"9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:cb21a99b094e4609050927687050d8a95675d212bec76e981635ef192925d8ba_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-23216"
},
{
"category": "external",
"summary": "RHBZ#2342987",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2342987"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-23216",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23216"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-23216",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-23216"
},
{
"category": "external",
"summary": "https://github.com/argoproj/argo-cd/commit/6f5537bdf15ddbaa0f27a1a678632ff0743e4107",
"url": "https://github.com/argoproj/argo-cd/commit/6f5537bdf15ddbaa0f27a1a678632ff0743e4107"
},
{
"category": "external",
"summary": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-47g2-qmh2-749v",
"url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-47g2-qmh2-749v"
},
{
"category": "external",
"summary": "https://github.com/argoproj/gitops-engine/commit/7e21b91e9d0f64104c8a661f3f390c5e6d73ddca",
"url": "https://github.com/argoproj/gitops-engine/commit/7e21b91e9d0f64104c8a661f3f390c5e6d73ddca"
}
],
"release_date": "2025-01-30T15:30:05.405000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-20T08:37:59+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:868a4e993d8963e4fb64c1845f54f916f335d3c59f0596e966c6d926373f6ee1_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:9b883e71b2d12f8872b3a37b383087a488f9b74ddde0e0c6daf6ee04bdf15881_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:bf7f9ca8f33c935df306554b778e5291bcff9e92b7e9122498b0ad71d58b9166_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:ce0677023395a6d7c9598b820c6eb73b651eaa698aef9f5c27a25884fba5d643_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:04523979e4ab58120d959f88503957b1e13122952e3de03d9f0540f1e574c0d6_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:64df9d55e7196fe56ebab88071f115d7fea26fa4396109bbf3bae11ffbf1f3a5_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:9017ef8967ebe3a14ea1e07d0a9624ef126b2928e233f09451aeea89a7f09366_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:ecb181ba7dfd4a5cdffa8ba9ca251dc4875ad7f41e9d60c4cc0a3462c233e489_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:050b358e7512599f412fddf711f8731d821223ba76c460b114fe4c4bfaf7cf1b_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:83ba395adbfdae8d4973cea02ead8392089ac1051edd11e7defc6d07a122bca2_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:dc4d641c87a3b65208ef2b46398f64ae69465daeb84b4d1022062d6c5f7347dc_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:e6eba59c8336bde1ed98947b2d4c626feb2113037bc724bd881f25b7f155f47b_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:065b95a1612d15b3a7de1c5822555851535199711cc3890d56d7cb01e01666b3_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:1c59649ad569e25c3445e9655c8061b7f0b769514c0739f2e080216a55ca39c7_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:490512fefae58c6092394c8e751b7c1761583bff23b815e6f1649d55e9d43002_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:605123efdd9f31243e039929322b4a4f6ad160baaebce188fdbf2c4e7ff663ff_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-operator-bundle@sha256:ba442571ef9180765055f5224548c73e3da2be31731f8dd5b6b1beaf3e6732ee_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:1b81b7c26d7a848797f9944254963a89c3f6f0e727355bafcda5e483fee7b848_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:2caf6bd42e10f063d0991740706946d4205bf49540865bd4ed9091176add2aed_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:951de21fc848014beb5db2f7307ef639c6c76ec6eb7036b18c07047c8a914c48_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:ed04d67b3bd9ebc21a0aa2503823e5a476da44caa165999a33670198f5d1be37_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:72e761f1d00b0a322d4a7a10c824fe88e4ac7e156a279694b75ce3b42be0b6d6_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d20615c230e1b888bacdc374763eeca9b1f7612741f8ba52ded483ac688b858d_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d86dcd96af06a338b577d9c940e6316ed9a807b9fc6a33d9f5c96e2b703679b8_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:f07aa6ccdc324a2631fc01b1f4af4317cdc0471c673bd8f5bf24560e0f012dd9_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:30b687a8309c17d5b4f5be6439b59f2dc540a306d625ee34bdf72626dc36c105_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:62e1ab7267cfd3536c3b2ba9592dffb7fb979cbb039a1a90320a03b751d5f728_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:b5ba9620f23fed74b983a090cec19f6ed74ddffdd1be7d9d89f1201c0c83c1b1_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:c0ec76e307a2867dc1064a3470e17a2e1533233e1a119ce5f32e2b3c07428d08_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:a909f1ebb5cf719e4308bbd162fea14e66b0ad6f7e91163699e8f9cbf61ec852_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:c997c25ec7fee2ce060c6772925548af8d36146ed4632557852a948f496c9823_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:e543925d538de28ab98c71841a47d4384c4354add0fb3457500aafc618be79d9_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:fcbfff3d353947889e627035d1d52d4533ce5713c7e1951d90417bb228499143_ppc64le",
"9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:afe138c16496c84126ecbd5baac4223e61f15ee30ec0249468ed3335ab7d4814_arm64",
"9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:cb21a99b094e4609050927687050d8a95675d212bec76e981635ef192925d8ba_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:3069"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:868a4e993d8963e4fb64c1845f54f916f335d3c59f0596e966c6d926373f6ee1_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:9b883e71b2d12f8872b3a37b383087a488f9b74ddde0e0c6daf6ee04bdf15881_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:bf7f9ca8f33c935df306554b778e5291bcff9e92b7e9122498b0ad71d58b9166_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:ce0677023395a6d7c9598b820c6eb73b651eaa698aef9f5c27a25884fba5d643_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:04523979e4ab58120d959f88503957b1e13122952e3de03d9f0540f1e574c0d6_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:64df9d55e7196fe56ebab88071f115d7fea26fa4396109bbf3bae11ffbf1f3a5_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:9017ef8967ebe3a14ea1e07d0a9624ef126b2928e233f09451aeea89a7f09366_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:ecb181ba7dfd4a5cdffa8ba9ca251dc4875ad7f41e9d60c4cc0a3462c233e489_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:050b358e7512599f412fddf711f8731d821223ba76c460b114fe4c4bfaf7cf1b_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:83ba395adbfdae8d4973cea02ead8392089ac1051edd11e7defc6d07a122bca2_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:dc4d641c87a3b65208ef2b46398f64ae69465daeb84b4d1022062d6c5f7347dc_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:e6eba59c8336bde1ed98947b2d4c626feb2113037bc724bd881f25b7f155f47b_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:065b95a1612d15b3a7de1c5822555851535199711cc3890d56d7cb01e01666b3_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:1c59649ad569e25c3445e9655c8061b7f0b769514c0739f2e080216a55ca39c7_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:490512fefae58c6092394c8e751b7c1761583bff23b815e6f1649d55e9d43002_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:605123efdd9f31243e039929322b4a4f6ad160baaebce188fdbf2c4e7ff663ff_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-operator-bundle@sha256:ba442571ef9180765055f5224548c73e3da2be31731f8dd5b6b1beaf3e6732ee_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:1b81b7c26d7a848797f9944254963a89c3f6f0e727355bafcda5e483fee7b848_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:2caf6bd42e10f063d0991740706946d4205bf49540865bd4ed9091176add2aed_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:951de21fc848014beb5db2f7307ef639c6c76ec6eb7036b18c07047c8a914c48_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:ed04d67b3bd9ebc21a0aa2503823e5a476da44caa165999a33670198f5d1be37_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:72e761f1d00b0a322d4a7a10c824fe88e4ac7e156a279694b75ce3b42be0b6d6_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d20615c230e1b888bacdc374763eeca9b1f7612741f8ba52ded483ac688b858d_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d86dcd96af06a338b577d9c940e6316ed9a807b9fc6a33d9f5c96e2b703679b8_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:f07aa6ccdc324a2631fc01b1f4af4317cdc0471c673bd8f5bf24560e0f012dd9_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:30b687a8309c17d5b4f5be6439b59f2dc540a306d625ee34bdf72626dc36c105_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:62e1ab7267cfd3536c3b2ba9592dffb7fb979cbb039a1a90320a03b751d5f728_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:b5ba9620f23fed74b983a090cec19f6ed74ddffdd1be7d9d89f1201c0c83c1b1_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:c0ec76e307a2867dc1064a3470e17a2e1533233e1a119ce5f32e2b3c07428d08_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:a909f1ebb5cf719e4308bbd162fea14e66b0ad6f7e91163699e8f9cbf61ec852_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:c997c25ec7fee2ce060c6772925548af8d36146ed4632557852a948f496c9823_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:e543925d538de28ab98c71841a47d4384c4354add0fb3457500aafc618be79d9_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:fcbfff3d353947889e627035d1d52d4533ce5713c7e1951d90417bb228499143_ppc64le",
"9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:afe138c16496c84126ecbd5baac4223e61f15ee30ec0249468ed3335ab7d4814_arm64",
"9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:cb21a99b094e4609050927687050d8a95675d212bec76e981635ef192925d8ba_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:868a4e993d8963e4fb64c1845f54f916f335d3c59f0596e966c6d926373f6ee1_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:9b883e71b2d12f8872b3a37b383087a488f9b74ddde0e0c6daf6ee04bdf15881_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:bf7f9ca8f33c935df306554b778e5291bcff9e92b7e9122498b0ad71d58b9166_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:ce0677023395a6d7c9598b820c6eb73b651eaa698aef9f5c27a25884fba5d643_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:04523979e4ab58120d959f88503957b1e13122952e3de03d9f0540f1e574c0d6_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:64df9d55e7196fe56ebab88071f115d7fea26fa4396109bbf3bae11ffbf1f3a5_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:9017ef8967ebe3a14ea1e07d0a9624ef126b2928e233f09451aeea89a7f09366_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:ecb181ba7dfd4a5cdffa8ba9ca251dc4875ad7f41e9d60c4cc0a3462c233e489_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:050b358e7512599f412fddf711f8731d821223ba76c460b114fe4c4bfaf7cf1b_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:83ba395adbfdae8d4973cea02ead8392089ac1051edd11e7defc6d07a122bca2_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:dc4d641c87a3b65208ef2b46398f64ae69465daeb84b4d1022062d6c5f7347dc_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:e6eba59c8336bde1ed98947b2d4c626feb2113037bc724bd881f25b7f155f47b_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:065b95a1612d15b3a7de1c5822555851535199711cc3890d56d7cb01e01666b3_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:1c59649ad569e25c3445e9655c8061b7f0b769514c0739f2e080216a55ca39c7_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:490512fefae58c6092394c8e751b7c1761583bff23b815e6f1649d55e9d43002_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:605123efdd9f31243e039929322b4a4f6ad160baaebce188fdbf2c4e7ff663ff_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-operator-bundle@sha256:ba442571ef9180765055f5224548c73e3da2be31731f8dd5b6b1beaf3e6732ee_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:1b81b7c26d7a848797f9944254963a89c3f6f0e727355bafcda5e483fee7b848_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:2caf6bd42e10f063d0991740706946d4205bf49540865bd4ed9091176add2aed_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:951de21fc848014beb5db2f7307ef639c6c76ec6eb7036b18c07047c8a914c48_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:ed04d67b3bd9ebc21a0aa2503823e5a476da44caa165999a33670198f5d1be37_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:72e761f1d00b0a322d4a7a10c824fe88e4ac7e156a279694b75ce3b42be0b6d6_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d20615c230e1b888bacdc374763eeca9b1f7612741f8ba52ded483ac688b858d_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d86dcd96af06a338b577d9c940e6316ed9a807b9fc6a33d9f5c96e2b703679b8_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:f07aa6ccdc324a2631fc01b1f4af4317cdc0471c673bd8f5bf24560e0f012dd9_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:30b687a8309c17d5b4f5be6439b59f2dc540a306d625ee34bdf72626dc36c105_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:62e1ab7267cfd3536c3b2ba9592dffb7fb979cbb039a1a90320a03b751d5f728_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:b5ba9620f23fed74b983a090cec19f6ed74ddffdd1be7d9d89f1201c0c83c1b1_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:c0ec76e307a2867dc1064a3470e17a2e1533233e1a119ce5f32e2b3c07428d08_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:a909f1ebb5cf719e4308bbd162fea14e66b0ad6f7e91163699e8f9cbf61ec852_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:c997c25ec7fee2ce060c6772925548af8d36146ed4632557852a948f496c9823_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:e543925d538de28ab98c71841a47d4384c4354add0fb3457500aafc618be79d9_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:fcbfff3d353947889e627035d1d52d4533ce5713c7e1951d90417bb228499143_ppc64le",
"9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:afe138c16496c84126ecbd5baac4223e61f15ee30ec0249468ed3335ab7d4814_arm64",
"9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:cb21a99b094e4609050927687050d8a95675d212bec76e981635ef192925d8ba_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "argocd: Argo CD does not scrub secret values from patch errors"
}
]
}
RHSA-2025:3131
Vulnerability from csaf_redhat - Published: 2025-03-26 17:39 - Updated: 2026-06-05 19:40Summary
Red Hat Security Advisory: Logging for Red Hat OpenShift - 6.1.4
Severity
Important
Notes
Topic: Logging for Red Hat OpenShift - 6.1.4
Details: Logging for Red Hat OpenShift - 6.1.4
logging-loki-container: Non-linear parsing of case-insensitive content in golang.org/x/net/html (CVE-2024-45338 )
cluster-logging-operator-container: net/http: sensitive headers incorrectly sent after cross-domain redirect (CVE-2024-45336)
lokistack-gateway-container: net/http: sensitive headers incorrectly sent after cross-domain redirect (CVE-2024-45336)
opa-openshift-container: net/http: sensitive headers incorrectly sent after cross-domain redirect (CVE-2024-45336)
lokistack-gateway-container: Go JOSE's Parsing Vulnerable to Denial of Service (CVE-2025-27144)
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the net/http package of the Golang standard library. The HTTP client drops sensitive headers after following a cross-domain redirect. For example, a request to `a.com/` containing an Authorization header redirected to `b.com/` will not send that header to `b.com`. However, the sensitive headers would be restored if the client received a subsequent same-domain redirect. For example, a chain of redirects from `a.com/`, to `b.com/1`, and finally to `b.com/2` would incorrectly send the Authorization header to `b.com/2`.
5.9 (Medium)
Affected products
Fixed
34 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/cluster-logging-operator-bundle@sha256:2ac22e0a4469dbd521e501f94aed9d6f6cfd42c380295fccda70845e624cc344_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/cluster-logging-rhel9-operator@sha256:083dad5f886c60ea9660d32e0afd171395363b6734530e68ee7b1a59a83c4c0f_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/cluster-logging-rhel9-operator@sha256:8027ebaf481eebf1d9b3d0eee35d0f8390ba0aecbc6e2ee06f88043c46340aa8_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/cluster-logging-rhel9-operator@sha256:97252762d4350b97b2bbe65454c52163a925a2c0fc57b2b8bf22ac272cb566cf_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/cluster-logging-rhel9-operator@sha256:fafc296b1270eb068157cccb039599c1159cab5e149b45acf0da57e3a04e7b36_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/eventrouter-rhel9@sha256:0fffb013cc90701c6ab5d6995e5626f897c6902e3a1c2990db8d15dab0807d88_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/eventrouter-rhel9@sha256:5aff59a0f93149b6f22f79556ab034ac5d383674d1bc2bb3d15e795e607f6fe4_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/eventrouter-rhel9@sha256:63d9b83da2752c6fa9a4764afca3e98b82265d0157714eb0e8f4d31351d135f5_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/eventrouter-rhel9@sha256:7b986827ecb1f0014ced0cd8bcdf5db0b2522bd2743e7c76eddedf0846428070_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/log-file-metric-exporter-rhel9@sha256:648290626590d1bf3401882dcf1e0ae0bc783fa422267ae9f769ecb179ddfe00_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/log-file-metric-exporter-rhel9@sha256:a4511102e85d0f6bd2197429d782e47a856024082bf819ba51a9f3dd1106c151_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/log-file-metric-exporter-rhel9@sha256:a9d55d6c654c1fce9b78ba99b7031a11ff8db470113ad0d86e52e0113d117dab_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/log-file-metric-exporter-rhel9@sha256:d2fb75d3c1bfdf061631dffa7113d6410f0fdd9773abd496b91281713489ab45_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/logging-loki-rhel9@sha256:13ad9cfbb796c1a10f3a4cb371e674e6609b7b7d245aca5e5863b508c8f219f6_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/logging-loki-rhel9@sha256:51b6e56d97ba3744ad9e4a34cd11d44a9e6ac76314225171e4806e42a361c773_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/logging-loki-rhel9@sha256:70c70a6eca66d45832f976fe062780cdea17a90ccc34e2e7b380767a375ff1e8_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/logging-loki-rhel9@sha256:af9aa36d2fdf2ca882bac401ac5caff5241b1ae42c1fff0f8cffcd3e8a00a6f2_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/loki-operator-bundle@sha256:6caabb4a166da0c3922e78030e6370cb82b923bd1e80ea2be39d7f9f35ace840_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/loki-rhel9-operator@sha256:1a0ec1a067b407ba7e48e4aeadb0c9a087e0baa0cb36c23361ac65d16426f10c_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/loki-rhel9-operator@sha256:80a8d28b9a04a24139f8b3886c2ef6ab4f27bb6f14b3890f224f7d1ac6379472_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/loki-rhel9-operator@sha256:8df1c6e06cd17e3015c7530fea2312aeff1a9fc3b1ed5317611961cb661487eb_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/loki-rhel9-operator@sha256:cd655287a3a3dd0540e36df230c0c2cdeabbc8d61a6be64c70bb515da9ff0a3f_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/lokistack-gateway-rhel9@sha256:83bcc8176e1171bbbcca67f26c31a9c991dc706f7ed44c1618cb82187414054f_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/lokistack-gateway-rhel9@sha256:8ce642fc6ba84abec046ec4d37e6ae11b841978148d6548c972f93374ef11bec_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/lokistack-gateway-rhel9@sha256:d33dabeb04dc31d194efcec83667928a33481d7bf7086365b9672c1cd150faa3_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/lokistack-gateway-rhel9@sha256:f39bc6a61714802f42aa4c32242d6f0b6ccd416300421bcb5a09d23aba39ee36_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/opa-openshift-rhel9@sha256:2f9ef3a999a0a3677293a4673a5f13ee1e52ad8b010c36098a5fd8db2ba3e932_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/opa-openshift-rhel9@sha256:70ae585e1ae9622b593e4a6cb6505ed918cd564db748526ef0175d984c063028_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/opa-openshift-rhel9@sha256:b49acfeb63ac8dee78ab577b5243a8eb63835f6268384503c1253b53953dc313_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/opa-openshift-rhel9@sha256:c19b42a324d049b71a09f3979b8718220166279ae4f135dc339813d15e2082f6_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/vector-rhel9@sha256:0e1f8896fe6abb6f8d6961b4a390205e001877e7621c78f305e08c7d97235f5e_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/vector-rhel9@sha256:6230e301464371370926ab703049b57f54fa6a1e551ed3b962670415ea08ebaf_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/vector-rhel9@sha256:cccff902663f34e08ae0bd837bd518fa35fa6a91f822b354923e089bd5a24b53_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/vector-rhel9@sha256:cf81df3a0c88ec07bb3f4ac9bd9c8fb41aaea1ab3e24eb9449aa58b5910d2f3b_arm64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in golang.org/x/net/html. This flaw allows an attacker to craft input to the parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This issue can cause a denial of service.
7.5 (High)
Affected products
Fixed
34 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/cluster-logging-operator-bundle@sha256:2ac22e0a4469dbd521e501f94aed9d6f6cfd42c380295fccda70845e624cc344_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/cluster-logging-rhel9-operator@sha256:083dad5f886c60ea9660d32e0afd171395363b6734530e68ee7b1a59a83c4c0f_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/cluster-logging-rhel9-operator@sha256:8027ebaf481eebf1d9b3d0eee35d0f8390ba0aecbc6e2ee06f88043c46340aa8_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/cluster-logging-rhel9-operator@sha256:97252762d4350b97b2bbe65454c52163a925a2c0fc57b2b8bf22ac272cb566cf_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/cluster-logging-rhel9-operator@sha256:fafc296b1270eb068157cccb039599c1159cab5e149b45acf0da57e3a04e7b36_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/eventrouter-rhel9@sha256:0fffb013cc90701c6ab5d6995e5626f897c6902e3a1c2990db8d15dab0807d88_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/eventrouter-rhel9@sha256:5aff59a0f93149b6f22f79556ab034ac5d383674d1bc2bb3d15e795e607f6fe4_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/eventrouter-rhel9@sha256:63d9b83da2752c6fa9a4764afca3e98b82265d0157714eb0e8f4d31351d135f5_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/eventrouter-rhel9@sha256:7b986827ecb1f0014ced0cd8bcdf5db0b2522bd2743e7c76eddedf0846428070_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/log-file-metric-exporter-rhel9@sha256:648290626590d1bf3401882dcf1e0ae0bc783fa422267ae9f769ecb179ddfe00_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/log-file-metric-exporter-rhel9@sha256:a4511102e85d0f6bd2197429d782e47a856024082bf819ba51a9f3dd1106c151_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/log-file-metric-exporter-rhel9@sha256:a9d55d6c654c1fce9b78ba99b7031a11ff8db470113ad0d86e52e0113d117dab_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/log-file-metric-exporter-rhel9@sha256:d2fb75d3c1bfdf061631dffa7113d6410f0fdd9773abd496b91281713489ab45_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/logging-loki-rhel9@sha256:13ad9cfbb796c1a10f3a4cb371e674e6609b7b7d245aca5e5863b508c8f219f6_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/logging-loki-rhel9@sha256:51b6e56d97ba3744ad9e4a34cd11d44a9e6ac76314225171e4806e42a361c773_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/logging-loki-rhel9@sha256:70c70a6eca66d45832f976fe062780cdea17a90ccc34e2e7b380767a375ff1e8_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/logging-loki-rhel9@sha256:af9aa36d2fdf2ca882bac401ac5caff5241b1ae42c1fff0f8cffcd3e8a00a6f2_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/loki-operator-bundle@sha256:6caabb4a166da0c3922e78030e6370cb82b923bd1e80ea2be39d7f9f35ace840_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/loki-rhel9-operator@sha256:1a0ec1a067b407ba7e48e4aeadb0c9a087e0baa0cb36c23361ac65d16426f10c_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/loki-rhel9-operator@sha256:80a8d28b9a04a24139f8b3886c2ef6ab4f27bb6f14b3890f224f7d1ac6379472_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/loki-rhel9-operator@sha256:8df1c6e06cd17e3015c7530fea2312aeff1a9fc3b1ed5317611961cb661487eb_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/loki-rhel9-operator@sha256:cd655287a3a3dd0540e36df230c0c2cdeabbc8d61a6be64c70bb515da9ff0a3f_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/lokistack-gateway-rhel9@sha256:83bcc8176e1171bbbcca67f26c31a9c991dc706f7ed44c1618cb82187414054f_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/lokistack-gateway-rhel9@sha256:8ce642fc6ba84abec046ec4d37e6ae11b841978148d6548c972f93374ef11bec_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/lokistack-gateway-rhel9@sha256:d33dabeb04dc31d194efcec83667928a33481d7bf7086365b9672c1cd150faa3_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/lokistack-gateway-rhel9@sha256:f39bc6a61714802f42aa4c32242d6f0b6ccd416300421bcb5a09d23aba39ee36_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/opa-openshift-rhel9@sha256:2f9ef3a999a0a3677293a4673a5f13ee1e52ad8b010c36098a5fd8db2ba3e932_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/opa-openshift-rhel9@sha256:70ae585e1ae9622b593e4a6cb6505ed918cd564db748526ef0175d984c063028_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/opa-openshift-rhel9@sha256:b49acfeb63ac8dee78ab577b5243a8eb63835f6268384503c1253b53953dc313_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/opa-openshift-rhel9@sha256:c19b42a324d049b71a09f3979b8718220166279ae4f135dc339813d15e2082f6_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/vector-rhel9@sha256:0e1f8896fe6abb6f8d6961b4a390205e001877e7621c78f305e08c7d97235f5e_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/vector-rhel9@sha256:6230e301464371370926ab703049b57f54fa6a1e551ed3b962670415ea08ebaf_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/vector-rhel9@sha256:cccff902663f34e08ae0bd837bd518fa35fa6a91f822b354923e089bd5a24b53_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/vector-rhel9@sha256:cf81df3a0c88ec07bb3f4ac9bd9c8fb41aaea1ab3e24eb9449aa58b5910d2f3b_arm64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
A flaw was found in GO-JOSE. In affected versions, when parsing compact JWS or JWE input, Go JOSE could use excessive memory. The code uses strings.Split(token, ".") to split JWT tokens, which is vulnerable to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters. This issue could be exploied by sending numerous malformed tokens, leading to memory exhaustion and a Denial of Service.
7.5 (High)
Affected products
Fixed
34 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/cluster-logging-operator-bundle@sha256:2ac22e0a4469dbd521e501f94aed9d6f6cfd42c380295fccda70845e624cc344_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/cluster-logging-rhel9-operator@sha256:083dad5f886c60ea9660d32e0afd171395363b6734530e68ee7b1a59a83c4c0f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/cluster-logging-rhel9-operator@sha256:8027ebaf481eebf1d9b3d0eee35d0f8390ba0aecbc6e2ee06f88043c46340aa8_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/cluster-logging-rhel9-operator@sha256:97252762d4350b97b2bbe65454c52163a925a2c0fc57b2b8bf22ac272cb566cf_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/cluster-logging-rhel9-operator@sha256:fafc296b1270eb068157cccb039599c1159cab5e149b45acf0da57e3a04e7b36_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/eventrouter-rhel9@sha256:0fffb013cc90701c6ab5d6995e5626f897c6902e3a1c2990db8d15dab0807d88_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/eventrouter-rhel9@sha256:5aff59a0f93149b6f22f79556ab034ac5d383674d1bc2bb3d15e795e607f6fe4_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/eventrouter-rhel9@sha256:63d9b83da2752c6fa9a4764afca3e98b82265d0157714eb0e8f4d31351d135f5_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/eventrouter-rhel9@sha256:7b986827ecb1f0014ced0cd8bcdf5db0b2522bd2743e7c76eddedf0846428070_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/log-file-metric-exporter-rhel9@sha256:648290626590d1bf3401882dcf1e0ae0bc783fa422267ae9f769ecb179ddfe00_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/log-file-metric-exporter-rhel9@sha256:a4511102e85d0f6bd2197429d782e47a856024082bf819ba51a9f3dd1106c151_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/log-file-metric-exporter-rhel9@sha256:a9d55d6c654c1fce9b78ba99b7031a11ff8db470113ad0d86e52e0113d117dab_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/log-file-metric-exporter-rhel9@sha256:d2fb75d3c1bfdf061631dffa7113d6410f0fdd9773abd496b91281713489ab45_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/logging-loki-rhel9@sha256:13ad9cfbb796c1a10f3a4cb371e674e6609b7b7d245aca5e5863b508c8f219f6_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/logging-loki-rhel9@sha256:51b6e56d97ba3744ad9e4a34cd11d44a9e6ac76314225171e4806e42a361c773_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/logging-loki-rhel9@sha256:70c70a6eca66d45832f976fe062780cdea17a90ccc34e2e7b380767a375ff1e8_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/logging-loki-rhel9@sha256:af9aa36d2fdf2ca882bac401ac5caff5241b1ae42c1fff0f8cffcd3e8a00a6f2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/loki-operator-bundle@sha256:6caabb4a166da0c3922e78030e6370cb82b923bd1e80ea2be39d7f9f35ace840_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/loki-rhel9-operator@sha256:1a0ec1a067b407ba7e48e4aeadb0c9a087e0baa0cb36c23361ac65d16426f10c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/loki-rhel9-operator@sha256:80a8d28b9a04a24139f8b3886c2ef6ab4f27bb6f14b3890f224f7d1ac6379472_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/loki-rhel9-operator@sha256:8df1c6e06cd17e3015c7530fea2312aeff1a9fc3b1ed5317611961cb661487eb_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/loki-rhel9-operator@sha256:cd655287a3a3dd0540e36df230c0c2cdeabbc8d61a6be64c70bb515da9ff0a3f_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/lokistack-gateway-rhel9@sha256:83bcc8176e1171bbbcca67f26c31a9c991dc706f7ed44c1618cb82187414054f_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/lokistack-gateway-rhel9@sha256:8ce642fc6ba84abec046ec4d37e6ae11b841978148d6548c972f93374ef11bec_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/lokistack-gateway-rhel9@sha256:d33dabeb04dc31d194efcec83667928a33481d7bf7086365b9672c1cd150faa3_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/lokistack-gateway-rhel9@sha256:f39bc6a61714802f42aa4c32242d6f0b6ccd416300421bcb5a09d23aba39ee36_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/opa-openshift-rhel9@sha256:2f9ef3a999a0a3677293a4673a5f13ee1e52ad8b010c36098a5fd8db2ba3e932_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/opa-openshift-rhel9@sha256:70ae585e1ae9622b593e4a6cb6505ed918cd564db748526ef0175d984c063028_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/opa-openshift-rhel9@sha256:b49acfeb63ac8dee78ab577b5243a8eb63835f6268384503c1253b53953dc313_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/opa-openshift-rhel9@sha256:c19b42a324d049b71a09f3979b8718220166279ae4f135dc339813d15e2082f6_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/vector-rhel9@sha256:0e1f8896fe6abb6f8d6961b4a390205e001877e7621c78f305e08c7d97235f5e_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/vector-rhel9@sha256:6230e301464371370926ab703049b57f54fa6a1e551ed3b962670415ea08ebaf_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/vector-rhel9@sha256:cccff902663f34e08ae0bd837bd518fa35fa6a91f822b354923e089bd5a24b53_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-6.1:openshift-logging/vector-rhel9@sha256:cf81df3a0c88ec07bb3f4ac9bd9c8fb41aaea1ab3e24eb9449aa58b5910d2f3b_arm64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
References
30 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Logging for Red Hat OpenShift - 6.1.4",
"title": "Topic"
},
{
"category": "general",
"text": "Logging for Red Hat OpenShift - 6.1.4\nlogging-loki-container: Non-linear parsing of case-insensitive content in golang.org/x/net/html (CVE-2024-45338 )\ncluster-logging-operator-container: net/http: sensitive headers incorrectly sent after cross-domain redirect (CVE-2024-45336)\nlokistack-gateway-container: net/http: sensitive headers incorrectly sent after cross-domain redirect (CVE-2024-45336)\nopa-openshift-container: net/http: sensitive headers incorrectly sent after cross-domain redirect (CVE-2024-45336)\nlokistack-gateway-container: Go JOSE\u0027s Parsing Vulnerable to Denial of Service (CVE-2025-27144)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:3131",
"url": "https://access.redhat.com/errata/RHSA-2025:3131"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2333122",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2333122"
},
{
"category": "external",
"summary": "2341751",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2341751"
},
{
"category": "external",
"summary": "2347423",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2347423"
},
{
"category": "external",
"summary": "LOG-6623",
"url": "https://issues.redhat.com/browse/LOG-6623"
},
{
"category": "external",
"summary": "LOG-6797",
"url": "https://issues.redhat.com/browse/LOG-6797"
},
{
"category": "external",
"summary": "LOG-6816",
"url": "https://issues.redhat.com/browse/LOG-6816"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_3131.json"
}
],
"title": "Red Hat Security Advisory: Logging for Red Hat OpenShift - 6.1.4",
"tracking": {
"current_release_date": "2026-06-05T19:40:05+00:00",
"generator": {
"date": "2026-06-05T19:40:05+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.2"
}
},
"id": "RHSA-2025:3131",
"initial_release_date": "2025-03-26T17:39:24+00:00",
"revision_history": [
{
"date": "2025-03-26T17:39:24+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-03-26T17:39:24+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-05T19:40:05+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHOL 6.1 for RHEL 9",
"product": {
"name": "RHOL 6.1 for RHEL 9",
"product_id": "9Base-RHOL-6.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:logging:6.1::el9"
}
}
}
],
"category": "product_family",
"name": "logging for Red Hat OpenShift"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel9-operator@sha256:8027ebaf481eebf1d9b3d0eee35d0f8390ba0aecbc6e2ee06f88043c46340aa8_arm64",
"product": {
"name": "openshift-logging/cluster-logging-rhel9-operator@sha256:8027ebaf481eebf1d9b3d0eee35d0f8390ba0aecbc6e2ee06f88043c46340aa8_arm64",
"product_id": "openshift-logging/cluster-logging-rhel9-operator@sha256:8027ebaf481eebf1d9b3d0eee35d0f8390ba0aecbc6e2ee06f88043c46340aa8_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel9-operator@sha256:8027ebaf481eebf1d9b3d0eee35d0f8390ba0aecbc6e2ee06f88043c46340aa8?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator\u0026tag=v6.1.4-5"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel9@sha256:a4511102e85d0f6bd2197429d782e47a856024082bf819ba51a9f3dd1106c151_arm64",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel9@sha256:a4511102e85d0f6bd2197429d782e47a856024082bf819ba51a9f3dd1106c151_arm64",
"product_id": "openshift-logging/log-file-metric-exporter-rhel9@sha256:a4511102e85d0f6bd2197429d782e47a856024082bf819ba51a9f3dd1106c151_arm64",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel9@sha256:a4511102e85d0f6bd2197429d782e47a856024082bf819ba51a9f3dd1106c151?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9\u0026tag=v1.1.0-337"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel9@sha256:0fffb013cc90701c6ab5d6995e5626f897c6902e3a1c2990db8d15dab0807d88_arm64",
"product": {
"name": "openshift-logging/eventrouter-rhel9@sha256:0fffb013cc90701c6ab5d6995e5626f897c6902e3a1c2990db8d15dab0807d88_arm64",
"product_id": "openshift-logging/eventrouter-rhel9@sha256:0fffb013cc90701c6ab5d6995e5626f897c6902e3a1c2990db8d15dab0807d88_arm64",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel9@sha256:0fffb013cc90701c6ab5d6995e5626f897c6902e3a1c2990db8d15dab0807d88?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel9\u0026tag=v0.4.0-356"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-loki-rhel9@sha256:13ad9cfbb796c1a10f3a4cb371e674e6609b7b7d245aca5e5863b508c8f219f6_arm64",
"product": {
"name": "openshift-logging/logging-loki-rhel9@sha256:13ad9cfbb796c1a10f3a4cb371e674e6609b7b7d245aca5e5863b508c8f219f6_arm64",
"product_id": "openshift-logging/logging-loki-rhel9@sha256:13ad9cfbb796c1a10f3a4cb371e674e6609b7b7d245aca5e5863b508c8f219f6_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel9@sha256:13ad9cfbb796c1a10f3a4cb371e674e6609b7b7d245aca5e5863b508c8f219f6?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel9\u0026tag=v3.4.2-6"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/vector-rhel9@sha256:cf81df3a0c88ec07bb3f4ac9bd9c8fb41aaea1ab3e24eb9449aa58b5910d2f3b_arm64",
"product": {
"name": "openshift-logging/vector-rhel9@sha256:cf81df3a0c88ec07bb3f4ac9bd9c8fb41aaea1ab3e24eb9449aa58b5910d2f3b_arm64",
"product_id": "openshift-logging/vector-rhel9@sha256:cf81df3a0c88ec07bb3f4ac9bd9c8fb41aaea1ab3e24eb9449aa58b5910d2f3b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel9@sha256:cf81df3a0c88ec07bb3f4ac9bd9c8fb41aaea1ab3e24eb9449aa58b5910d2f3b?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel9\u0026tag=v0.37.1-34"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/loki-rhel9-operator@sha256:8df1c6e06cd17e3015c7530fea2312aeff1a9fc3b1ed5317611961cb661487eb_arm64",
"product": {
"name": "openshift-logging/loki-rhel9-operator@sha256:8df1c6e06cd17e3015c7530fea2312aeff1a9fc3b1ed5317611961cb661487eb_arm64",
"product_id": "openshift-logging/loki-rhel9-operator@sha256:8df1c6e06cd17e3015c7530fea2312aeff1a9fc3b1ed5317611961cb661487eb_arm64",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel9-operator@sha256:8df1c6e06cd17e3015c7530fea2312aeff1a9fc3b1ed5317611961cb661487eb?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel9-operator\u0026tag=v6.1.4-7"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/lokistack-gateway-rhel9@sha256:83bcc8176e1171bbbcca67f26c31a9c991dc706f7ed44c1618cb82187414054f_arm64",
"product": {
"name": "openshift-logging/lokistack-gateway-rhel9@sha256:83bcc8176e1171bbbcca67f26c31a9c991dc706f7ed44c1618cb82187414054f_arm64",
"product_id": "openshift-logging/lokistack-gateway-rhel9@sha256:83bcc8176e1171bbbcca67f26c31a9c991dc706f7ed44c1618cb82187414054f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel9@sha256:83bcc8176e1171bbbcca67f26c31a9c991dc706f7ed44c1618cb82187414054f?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel9\u0026tag=v0.1.0-752"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/opa-openshift-rhel9@sha256:b49acfeb63ac8dee78ab577b5243a8eb63835f6268384503c1253b53953dc313_arm64",
"product": {
"name": "openshift-logging/opa-openshift-rhel9@sha256:b49acfeb63ac8dee78ab577b5243a8eb63835f6268384503c1253b53953dc313_arm64",
"product_id": "openshift-logging/opa-openshift-rhel9@sha256:b49acfeb63ac8dee78ab577b5243a8eb63835f6268384503c1253b53953dc313_arm64",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel9@sha256:b49acfeb63ac8dee78ab577b5243a8eb63835f6268384503c1253b53953dc313?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel9\u0026tag=v0.1.0-369"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel9-operator@sha256:97252762d4350b97b2bbe65454c52163a925a2c0fc57b2b8bf22ac272cb566cf_ppc64le",
"product": {
"name": "openshift-logging/cluster-logging-rhel9-operator@sha256:97252762d4350b97b2bbe65454c52163a925a2c0fc57b2b8bf22ac272cb566cf_ppc64le",
"product_id": "openshift-logging/cluster-logging-rhel9-operator@sha256:97252762d4350b97b2bbe65454c52163a925a2c0fc57b2b8bf22ac272cb566cf_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel9-operator@sha256:97252762d4350b97b2bbe65454c52163a925a2c0fc57b2b8bf22ac272cb566cf?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator\u0026tag=v6.1.4-5"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel9@sha256:a9d55d6c654c1fce9b78ba99b7031a11ff8db470113ad0d86e52e0113d117dab_ppc64le",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel9@sha256:a9d55d6c654c1fce9b78ba99b7031a11ff8db470113ad0d86e52e0113d117dab_ppc64le",
"product_id": "openshift-logging/log-file-metric-exporter-rhel9@sha256:a9d55d6c654c1fce9b78ba99b7031a11ff8db470113ad0d86e52e0113d117dab_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel9@sha256:a9d55d6c654c1fce9b78ba99b7031a11ff8db470113ad0d86e52e0113d117dab?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9\u0026tag=v1.1.0-337"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel9@sha256:63d9b83da2752c6fa9a4764afca3e98b82265d0157714eb0e8f4d31351d135f5_ppc64le",
"product": {
"name": "openshift-logging/eventrouter-rhel9@sha256:63d9b83da2752c6fa9a4764afca3e98b82265d0157714eb0e8f4d31351d135f5_ppc64le",
"product_id": "openshift-logging/eventrouter-rhel9@sha256:63d9b83da2752c6fa9a4764afca3e98b82265d0157714eb0e8f4d31351d135f5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel9@sha256:63d9b83da2752c6fa9a4764afca3e98b82265d0157714eb0e8f4d31351d135f5?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel9\u0026tag=v0.4.0-356"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-loki-rhel9@sha256:51b6e56d97ba3744ad9e4a34cd11d44a9e6ac76314225171e4806e42a361c773_ppc64le",
"product": {
"name": "openshift-logging/logging-loki-rhel9@sha256:51b6e56d97ba3744ad9e4a34cd11d44a9e6ac76314225171e4806e42a361c773_ppc64le",
"product_id": "openshift-logging/logging-loki-rhel9@sha256:51b6e56d97ba3744ad9e4a34cd11d44a9e6ac76314225171e4806e42a361c773_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel9@sha256:51b6e56d97ba3744ad9e4a34cd11d44a9e6ac76314225171e4806e42a361c773?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel9\u0026tag=v3.4.2-6"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/vector-rhel9@sha256:0e1f8896fe6abb6f8d6961b4a390205e001877e7621c78f305e08c7d97235f5e_ppc64le",
"product": {
"name": "openshift-logging/vector-rhel9@sha256:0e1f8896fe6abb6f8d6961b4a390205e001877e7621c78f305e08c7d97235f5e_ppc64le",
"product_id": "openshift-logging/vector-rhel9@sha256:0e1f8896fe6abb6f8d6961b4a390205e001877e7621c78f305e08c7d97235f5e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel9@sha256:0e1f8896fe6abb6f8d6961b4a390205e001877e7621c78f305e08c7d97235f5e?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel9\u0026tag=v0.37.1-34"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/loki-rhel9-operator@sha256:1a0ec1a067b407ba7e48e4aeadb0c9a087e0baa0cb36c23361ac65d16426f10c_ppc64le",
"product": {
"name": "openshift-logging/loki-rhel9-operator@sha256:1a0ec1a067b407ba7e48e4aeadb0c9a087e0baa0cb36c23361ac65d16426f10c_ppc64le",
"product_id": "openshift-logging/loki-rhel9-operator@sha256:1a0ec1a067b407ba7e48e4aeadb0c9a087e0baa0cb36c23361ac65d16426f10c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel9-operator@sha256:1a0ec1a067b407ba7e48e4aeadb0c9a087e0baa0cb36c23361ac65d16426f10c?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel9-operator\u0026tag=v6.1.4-7"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/lokistack-gateway-rhel9@sha256:f39bc6a61714802f42aa4c32242d6f0b6ccd416300421bcb5a09d23aba39ee36_ppc64le",
"product": {
"name": "openshift-logging/lokistack-gateway-rhel9@sha256:f39bc6a61714802f42aa4c32242d6f0b6ccd416300421bcb5a09d23aba39ee36_ppc64le",
"product_id": "openshift-logging/lokistack-gateway-rhel9@sha256:f39bc6a61714802f42aa4c32242d6f0b6ccd416300421bcb5a09d23aba39ee36_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel9@sha256:f39bc6a61714802f42aa4c32242d6f0b6ccd416300421bcb5a09d23aba39ee36?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel9\u0026tag=v0.1.0-752"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/opa-openshift-rhel9@sha256:2f9ef3a999a0a3677293a4673a5f13ee1e52ad8b010c36098a5fd8db2ba3e932_ppc64le",
"product": {
"name": "openshift-logging/opa-openshift-rhel9@sha256:2f9ef3a999a0a3677293a4673a5f13ee1e52ad8b010c36098a5fd8db2ba3e932_ppc64le",
"product_id": "openshift-logging/opa-openshift-rhel9@sha256:2f9ef3a999a0a3677293a4673a5f13ee1e52ad8b010c36098a5fd8db2ba3e932_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel9@sha256:2f9ef3a999a0a3677293a4673a5f13ee1e52ad8b010c36098a5fd8db2ba3e932?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel9\u0026tag=v0.1.0-369"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel9-operator@sha256:083dad5f886c60ea9660d32e0afd171395363b6734530e68ee7b1a59a83c4c0f_amd64",
"product": {
"name": "openshift-logging/cluster-logging-rhel9-operator@sha256:083dad5f886c60ea9660d32e0afd171395363b6734530e68ee7b1a59a83c4c0f_amd64",
"product_id": "openshift-logging/cluster-logging-rhel9-operator@sha256:083dad5f886c60ea9660d32e0afd171395363b6734530e68ee7b1a59a83c4c0f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel9-operator@sha256:083dad5f886c60ea9660d32e0afd171395363b6734530e68ee7b1a59a83c4c0f?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator\u0026tag=v6.1.4-5"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:2ac22e0a4469dbd521e501f94aed9d6f6cfd42c380295fccda70845e624cc344_amd64",
"product": {
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:2ac22e0a4469dbd521e501f94aed9d6f6cfd42c380295fccda70845e624cc344_amd64",
"product_id": "openshift-logging/cluster-logging-operator-bundle@sha256:2ac22e0a4469dbd521e501f94aed9d6f6cfd42c380295fccda70845e624cc344_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-operator-bundle@sha256:2ac22e0a4469dbd521e501f94aed9d6f6cfd42c380295fccda70845e624cc344?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-operator-bundle\u0026tag=v6.1.4-10"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel9@sha256:648290626590d1bf3401882dcf1e0ae0bc783fa422267ae9f769ecb179ddfe00_amd64",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel9@sha256:648290626590d1bf3401882dcf1e0ae0bc783fa422267ae9f769ecb179ddfe00_amd64",
"product_id": "openshift-logging/log-file-metric-exporter-rhel9@sha256:648290626590d1bf3401882dcf1e0ae0bc783fa422267ae9f769ecb179ddfe00_amd64",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel9@sha256:648290626590d1bf3401882dcf1e0ae0bc783fa422267ae9f769ecb179ddfe00?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9\u0026tag=v1.1.0-337"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel9@sha256:7b986827ecb1f0014ced0cd8bcdf5db0b2522bd2743e7c76eddedf0846428070_amd64",
"product": {
"name": "openshift-logging/eventrouter-rhel9@sha256:7b986827ecb1f0014ced0cd8bcdf5db0b2522bd2743e7c76eddedf0846428070_amd64",
"product_id": "openshift-logging/eventrouter-rhel9@sha256:7b986827ecb1f0014ced0cd8bcdf5db0b2522bd2743e7c76eddedf0846428070_amd64",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel9@sha256:7b986827ecb1f0014ced0cd8bcdf5db0b2522bd2743e7c76eddedf0846428070?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel9\u0026tag=v0.4.0-356"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-loki-rhel9@sha256:af9aa36d2fdf2ca882bac401ac5caff5241b1ae42c1fff0f8cffcd3e8a00a6f2_amd64",
"product": {
"name": "openshift-logging/logging-loki-rhel9@sha256:af9aa36d2fdf2ca882bac401ac5caff5241b1ae42c1fff0f8cffcd3e8a00a6f2_amd64",
"product_id": "openshift-logging/logging-loki-rhel9@sha256:af9aa36d2fdf2ca882bac401ac5caff5241b1ae42c1fff0f8cffcd3e8a00a6f2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel9@sha256:af9aa36d2fdf2ca882bac401ac5caff5241b1ae42c1fff0f8cffcd3e8a00a6f2?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel9\u0026tag=v3.4.2-6"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/vector-rhel9@sha256:cccff902663f34e08ae0bd837bd518fa35fa6a91f822b354923e089bd5a24b53_amd64",
"product": {
"name": "openshift-logging/vector-rhel9@sha256:cccff902663f34e08ae0bd837bd518fa35fa6a91f822b354923e089bd5a24b53_amd64",
"product_id": "openshift-logging/vector-rhel9@sha256:cccff902663f34e08ae0bd837bd518fa35fa6a91f822b354923e089bd5a24b53_amd64",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel9@sha256:cccff902663f34e08ae0bd837bd518fa35fa6a91f822b354923e089bd5a24b53?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel9\u0026tag=v0.37.1-34"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/loki-operator-bundle@sha256:6caabb4a166da0c3922e78030e6370cb82b923bd1e80ea2be39d7f9f35ace840_amd64",
"product": {
"name": "openshift-logging/loki-operator-bundle@sha256:6caabb4a166da0c3922e78030e6370cb82b923bd1e80ea2be39d7f9f35ace840_amd64",
"product_id": "openshift-logging/loki-operator-bundle@sha256:6caabb4a166da0c3922e78030e6370cb82b923bd1e80ea2be39d7f9f35ace840_amd64",
"product_identification_helper": {
"purl": "pkg:oci/loki-operator-bundle@sha256:6caabb4a166da0c3922e78030e6370cb82b923bd1e80ea2be39d7f9f35ace840?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/loki-operator-bundle\u0026tag=v6.1.4-13"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/loki-rhel9-operator@sha256:80a8d28b9a04a24139f8b3886c2ef6ab4f27bb6f14b3890f224f7d1ac6379472_amd64",
"product": {
"name": "openshift-logging/loki-rhel9-operator@sha256:80a8d28b9a04a24139f8b3886c2ef6ab4f27bb6f14b3890f224f7d1ac6379472_amd64",
"product_id": "openshift-logging/loki-rhel9-operator@sha256:80a8d28b9a04a24139f8b3886c2ef6ab4f27bb6f14b3890f224f7d1ac6379472_amd64",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel9-operator@sha256:80a8d28b9a04a24139f8b3886c2ef6ab4f27bb6f14b3890f224f7d1ac6379472?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel9-operator\u0026tag=v6.1.4-7"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/lokistack-gateway-rhel9@sha256:d33dabeb04dc31d194efcec83667928a33481d7bf7086365b9672c1cd150faa3_amd64",
"product": {
"name": "openshift-logging/lokistack-gateway-rhel9@sha256:d33dabeb04dc31d194efcec83667928a33481d7bf7086365b9672c1cd150faa3_amd64",
"product_id": "openshift-logging/lokistack-gateway-rhel9@sha256:d33dabeb04dc31d194efcec83667928a33481d7bf7086365b9672c1cd150faa3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel9@sha256:d33dabeb04dc31d194efcec83667928a33481d7bf7086365b9672c1cd150faa3?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel9\u0026tag=v0.1.0-752"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/opa-openshift-rhel9@sha256:70ae585e1ae9622b593e4a6cb6505ed918cd564db748526ef0175d984c063028_amd64",
"product": {
"name": "openshift-logging/opa-openshift-rhel9@sha256:70ae585e1ae9622b593e4a6cb6505ed918cd564db748526ef0175d984c063028_amd64",
"product_id": "openshift-logging/opa-openshift-rhel9@sha256:70ae585e1ae9622b593e4a6cb6505ed918cd564db748526ef0175d984c063028_amd64",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel9@sha256:70ae585e1ae9622b593e4a6cb6505ed918cd564db748526ef0175d984c063028?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel9\u0026tag=v0.1.0-369"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel9-operator@sha256:fafc296b1270eb068157cccb039599c1159cab5e149b45acf0da57e3a04e7b36_s390x",
"product": {
"name": "openshift-logging/cluster-logging-rhel9-operator@sha256:fafc296b1270eb068157cccb039599c1159cab5e149b45acf0da57e3a04e7b36_s390x",
"product_id": "openshift-logging/cluster-logging-rhel9-operator@sha256:fafc296b1270eb068157cccb039599c1159cab5e149b45acf0da57e3a04e7b36_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel9-operator@sha256:fafc296b1270eb068157cccb039599c1159cab5e149b45acf0da57e3a04e7b36?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator\u0026tag=v6.1.4-5"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel9@sha256:d2fb75d3c1bfdf061631dffa7113d6410f0fdd9773abd496b91281713489ab45_s390x",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel9@sha256:d2fb75d3c1bfdf061631dffa7113d6410f0fdd9773abd496b91281713489ab45_s390x",
"product_id": "openshift-logging/log-file-metric-exporter-rhel9@sha256:d2fb75d3c1bfdf061631dffa7113d6410f0fdd9773abd496b91281713489ab45_s390x",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel9@sha256:d2fb75d3c1bfdf061631dffa7113d6410f0fdd9773abd496b91281713489ab45?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9\u0026tag=v1.1.0-337"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel9@sha256:5aff59a0f93149b6f22f79556ab034ac5d383674d1bc2bb3d15e795e607f6fe4_s390x",
"product": {
"name": "openshift-logging/eventrouter-rhel9@sha256:5aff59a0f93149b6f22f79556ab034ac5d383674d1bc2bb3d15e795e607f6fe4_s390x",
"product_id": "openshift-logging/eventrouter-rhel9@sha256:5aff59a0f93149b6f22f79556ab034ac5d383674d1bc2bb3d15e795e607f6fe4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel9@sha256:5aff59a0f93149b6f22f79556ab034ac5d383674d1bc2bb3d15e795e607f6fe4?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel9\u0026tag=v0.4.0-356"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-loki-rhel9@sha256:70c70a6eca66d45832f976fe062780cdea17a90ccc34e2e7b380767a375ff1e8_s390x",
"product": {
"name": "openshift-logging/logging-loki-rhel9@sha256:70c70a6eca66d45832f976fe062780cdea17a90ccc34e2e7b380767a375ff1e8_s390x",
"product_id": "openshift-logging/logging-loki-rhel9@sha256:70c70a6eca66d45832f976fe062780cdea17a90ccc34e2e7b380767a375ff1e8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel9@sha256:70c70a6eca66d45832f976fe062780cdea17a90ccc34e2e7b380767a375ff1e8?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel9\u0026tag=v3.4.2-6"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/vector-rhel9@sha256:6230e301464371370926ab703049b57f54fa6a1e551ed3b962670415ea08ebaf_s390x",
"product": {
"name": "openshift-logging/vector-rhel9@sha256:6230e301464371370926ab703049b57f54fa6a1e551ed3b962670415ea08ebaf_s390x",
"product_id": "openshift-logging/vector-rhel9@sha256:6230e301464371370926ab703049b57f54fa6a1e551ed3b962670415ea08ebaf_s390x",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel9@sha256:6230e301464371370926ab703049b57f54fa6a1e551ed3b962670415ea08ebaf?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel9\u0026tag=v0.37.1-34"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/loki-rhel9-operator@sha256:cd655287a3a3dd0540e36df230c0c2cdeabbc8d61a6be64c70bb515da9ff0a3f_s390x",
"product": {
"name": "openshift-logging/loki-rhel9-operator@sha256:cd655287a3a3dd0540e36df230c0c2cdeabbc8d61a6be64c70bb515da9ff0a3f_s390x",
"product_id": "openshift-logging/loki-rhel9-operator@sha256:cd655287a3a3dd0540e36df230c0c2cdeabbc8d61a6be64c70bb515da9ff0a3f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel9-operator@sha256:cd655287a3a3dd0540e36df230c0c2cdeabbc8d61a6be64c70bb515da9ff0a3f?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel9-operator\u0026tag=v6.1.4-7"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/lokistack-gateway-rhel9@sha256:8ce642fc6ba84abec046ec4d37e6ae11b841978148d6548c972f93374ef11bec_s390x",
"product": {
"name": "openshift-logging/lokistack-gateway-rhel9@sha256:8ce642fc6ba84abec046ec4d37e6ae11b841978148d6548c972f93374ef11bec_s390x",
"product_id": "openshift-logging/lokistack-gateway-rhel9@sha256:8ce642fc6ba84abec046ec4d37e6ae11b841978148d6548c972f93374ef11bec_s390x",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel9@sha256:8ce642fc6ba84abec046ec4d37e6ae11b841978148d6548c972f93374ef11bec?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel9\u0026tag=v0.1.0-752"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/opa-openshift-rhel9@sha256:c19b42a324d049b71a09f3979b8718220166279ae4f135dc339813d15e2082f6_s390x",
"product": {
"name": "openshift-logging/opa-openshift-rhel9@sha256:c19b42a324d049b71a09f3979b8718220166279ae4f135dc339813d15e2082f6_s390x",
"product_id": "openshift-logging/opa-openshift-rhel9@sha256:c19b42a324d049b71a09f3979b8718220166279ae4f135dc339813d15e2082f6_s390x",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel9@sha256:c19b42a324d049b71a09f3979b8718220166279ae4f135dc339813d15e2082f6?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel9\u0026tag=v0.1.0-369"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:2ac22e0a4469dbd521e501f94aed9d6f6cfd42c380295fccda70845e624cc344_amd64 as a component of RHOL 6.1 for RHEL 9",
"product_id": "9Base-RHOL-6.1:openshift-logging/cluster-logging-operator-bundle@sha256:2ac22e0a4469dbd521e501f94aed9d6f6cfd42c380295fccda70845e624cc344_amd64"
},
"product_reference": "openshift-logging/cluster-logging-operator-bundle@sha256:2ac22e0a4469dbd521e501f94aed9d6f6cfd42c380295fccda70845e624cc344_amd64",
"relates_to_product_reference": "9Base-RHOL-6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel9-operator@sha256:083dad5f886c60ea9660d32e0afd171395363b6734530e68ee7b1a59a83c4c0f_amd64 as a component of RHOL 6.1 for RHEL 9",
"product_id": "9Base-RHOL-6.1:openshift-logging/cluster-logging-rhel9-operator@sha256:083dad5f886c60ea9660d32e0afd171395363b6734530e68ee7b1a59a83c4c0f_amd64"
},
"product_reference": "openshift-logging/cluster-logging-rhel9-operator@sha256:083dad5f886c60ea9660d32e0afd171395363b6734530e68ee7b1a59a83c4c0f_amd64",
"relates_to_product_reference": "9Base-RHOL-6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel9-operator@sha256:8027ebaf481eebf1d9b3d0eee35d0f8390ba0aecbc6e2ee06f88043c46340aa8_arm64 as a component of RHOL 6.1 for RHEL 9",
"product_id": "9Base-RHOL-6.1:openshift-logging/cluster-logging-rhel9-operator@sha256:8027ebaf481eebf1d9b3d0eee35d0f8390ba0aecbc6e2ee06f88043c46340aa8_arm64"
},
"product_reference": "openshift-logging/cluster-logging-rhel9-operator@sha256:8027ebaf481eebf1d9b3d0eee35d0f8390ba0aecbc6e2ee06f88043c46340aa8_arm64",
"relates_to_product_reference": "9Base-RHOL-6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel9-operator@sha256:97252762d4350b97b2bbe65454c52163a925a2c0fc57b2b8bf22ac272cb566cf_ppc64le as a component of RHOL 6.1 for RHEL 9",
"product_id": "9Base-RHOL-6.1:openshift-logging/cluster-logging-rhel9-operator@sha256:97252762d4350b97b2bbe65454c52163a925a2c0fc57b2b8bf22ac272cb566cf_ppc64le"
},
"product_reference": "openshift-logging/cluster-logging-rhel9-operator@sha256:97252762d4350b97b2bbe65454c52163a925a2c0fc57b2b8bf22ac272cb566cf_ppc64le",
"relates_to_product_reference": "9Base-RHOL-6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel9-operator@sha256:fafc296b1270eb068157cccb039599c1159cab5e149b45acf0da57e3a04e7b36_s390x as a component of RHOL 6.1 for RHEL 9",
"product_id": "9Base-RHOL-6.1:openshift-logging/cluster-logging-rhel9-operator@sha256:fafc296b1270eb068157cccb039599c1159cab5e149b45acf0da57e3a04e7b36_s390x"
},
"product_reference": "openshift-logging/cluster-logging-rhel9-operator@sha256:fafc296b1270eb068157cccb039599c1159cab5e149b45acf0da57e3a04e7b36_s390x",
"relates_to_product_reference": "9Base-RHOL-6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel9@sha256:0fffb013cc90701c6ab5d6995e5626f897c6902e3a1c2990db8d15dab0807d88_arm64 as a component of RHOL 6.1 for RHEL 9",
"product_id": "9Base-RHOL-6.1:openshift-logging/eventrouter-rhel9@sha256:0fffb013cc90701c6ab5d6995e5626f897c6902e3a1c2990db8d15dab0807d88_arm64"
},
"product_reference": "openshift-logging/eventrouter-rhel9@sha256:0fffb013cc90701c6ab5d6995e5626f897c6902e3a1c2990db8d15dab0807d88_arm64",
"relates_to_product_reference": "9Base-RHOL-6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel9@sha256:5aff59a0f93149b6f22f79556ab034ac5d383674d1bc2bb3d15e795e607f6fe4_s390x as a component of RHOL 6.1 for RHEL 9",
"product_id": "9Base-RHOL-6.1:openshift-logging/eventrouter-rhel9@sha256:5aff59a0f93149b6f22f79556ab034ac5d383674d1bc2bb3d15e795e607f6fe4_s390x"
},
"product_reference": "openshift-logging/eventrouter-rhel9@sha256:5aff59a0f93149b6f22f79556ab034ac5d383674d1bc2bb3d15e795e607f6fe4_s390x",
"relates_to_product_reference": "9Base-RHOL-6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel9@sha256:63d9b83da2752c6fa9a4764afca3e98b82265d0157714eb0e8f4d31351d135f5_ppc64le as a component of RHOL 6.1 for RHEL 9",
"product_id": "9Base-RHOL-6.1:openshift-logging/eventrouter-rhel9@sha256:63d9b83da2752c6fa9a4764afca3e98b82265d0157714eb0e8f4d31351d135f5_ppc64le"
},
"product_reference": "openshift-logging/eventrouter-rhel9@sha256:63d9b83da2752c6fa9a4764afca3e98b82265d0157714eb0e8f4d31351d135f5_ppc64le",
"relates_to_product_reference": "9Base-RHOL-6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel9@sha256:7b986827ecb1f0014ced0cd8bcdf5db0b2522bd2743e7c76eddedf0846428070_amd64 as a component of RHOL 6.1 for RHEL 9",
"product_id": "9Base-RHOL-6.1:openshift-logging/eventrouter-rhel9@sha256:7b986827ecb1f0014ced0cd8bcdf5db0b2522bd2743e7c76eddedf0846428070_amd64"
},
"product_reference": "openshift-logging/eventrouter-rhel9@sha256:7b986827ecb1f0014ced0cd8bcdf5db0b2522bd2743e7c76eddedf0846428070_amd64",
"relates_to_product_reference": "9Base-RHOL-6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel9@sha256:648290626590d1bf3401882dcf1e0ae0bc783fa422267ae9f769ecb179ddfe00_amd64 as a component of RHOL 6.1 for RHEL 9",
"product_id": "9Base-RHOL-6.1:openshift-logging/log-file-metric-exporter-rhel9@sha256:648290626590d1bf3401882dcf1e0ae0bc783fa422267ae9f769ecb179ddfe00_amd64"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel9@sha256:648290626590d1bf3401882dcf1e0ae0bc783fa422267ae9f769ecb179ddfe00_amd64",
"relates_to_product_reference": "9Base-RHOL-6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel9@sha256:a4511102e85d0f6bd2197429d782e47a856024082bf819ba51a9f3dd1106c151_arm64 as a component of RHOL 6.1 for RHEL 9",
"product_id": "9Base-RHOL-6.1:openshift-logging/log-file-metric-exporter-rhel9@sha256:a4511102e85d0f6bd2197429d782e47a856024082bf819ba51a9f3dd1106c151_arm64"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel9@sha256:a4511102e85d0f6bd2197429d782e47a856024082bf819ba51a9f3dd1106c151_arm64",
"relates_to_product_reference": "9Base-RHOL-6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel9@sha256:a9d55d6c654c1fce9b78ba99b7031a11ff8db470113ad0d86e52e0113d117dab_ppc64le as a component of RHOL 6.1 for RHEL 9",
"product_id": "9Base-RHOL-6.1:openshift-logging/log-file-metric-exporter-rhel9@sha256:a9d55d6c654c1fce9b78ba99b7031a11ff8db470113ad0d86e52e0113d117dab_ppc64le"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel9@sha256:a9d55d6c654c1fce9b78ba99b7031a11ff8db470113ad0d86e52e0113d117dab_ppc64le",
"relates_to_product_reference": "9Base-RHOL-6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel9@sha256:d2fb75d3c1bfdf061631dffa7113d6410f0fdd9773abd496b91281713489ab45_s390x as a component of RHOL 6.1 for RHEL 9",
"product_id": "9Base-RHOL-6.1:openshift-logging/log-file-metric-exporter-rhel9@sha256:d2fb75d3c1bfdf061631dffa7113d6410f0fdd9773abd496b91281713489ab45_s390x"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel9@sha256:d2fb75d3c1bfdf061631dffa7113d6410f0fdd9773abd496b91281713489ab45_s390x",
"relates_to_product_reference": "9Base-RHOL-6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-loki-rhel9@sha256:13ad9cfbb796c1a10f3a4cb371e674e6609b7b7d245aca5e5863b508c8f219f6_arm64 as a component of RHOL 6.1 for RHEL 9",
"product_id": "9Base-RHOL-6.1:openshift-logging/logging-loki-rhel9@sha256:13ad9cfbb796c1a10f3a4cb371e674e6609b7b7d245aca5e5863b508c8f219f6_arm64"
},
"product_reference": "openshift-logging/logging-loki-rhel9@sha256:13ad9cfbb796c1a10f3a4cb371e674e6609b7b7d245aca5e5863b508c8f219f6_arm64",
"relates_to_product_reference": "9Base-RHOL-6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-loki-rhel9@sha256:51b6e56d97ba3744ad9e4a34cd11d44a9e6ac76314225171e4806e42a361c773_ppc64le as a component of RHOL 6.1 for RHEL 9",
"product_id": "9Base-RHOL-6.1:openshift-logging/logging-loki-rhel9@sha256:51b6e56d97ba3744ad9e4a34cd11d44a9e6ac76314225171e4806e42a361c773_ppc64le"
},
"product_reference": "openshift-logging/logging-loki-rhel9@sha256:51b6e56d97ba3744ad9e4a34cd11d44a9e6ac76314225171e4806e42a361c773_ppc64le",
"relates_to_product_reference": "9Base-RHOL-6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-loki-rhel9@sha256:70c70a6eca66d45832f976fe062780cdea17a90ccc34e2e7b380767a375ff1e8_s390x as a component of RHOL 6.1 for RHEL 9",
"product_id": "9Base-RHOL-6.1:openshift-logging/logging-loki-rhel9@sha256:70c70a6eca66d45832f976fe062780cdea17a90ccc34e2e7b380767a375ff1e8_s390x"
},
"product_reference": "openshift-logging/logging-loki-rhel9@sha256:70c70a6eca66d45832f976fe062780cdea17a90ccc34e2e7b380767a375ff1e8_s390x",
"relates_to_product_reference": "9Base-RHOL-6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-loki-rhel9@sha256:af9aa36d2fdf2ca882bac401ac5caff5241b1ae42c1fff0f8cffcd3e8a00a6f2_amd64 as a component of RHOL 6.1 for RHEL 9",
"product_id": "9Base-RHOL-6.1:openshift-logging/logging-loki-rhel9@sha256:af9aa36d2fdf2ca882bac401ac5caff5241b1ae42c1fff0f8cffcd3e8a00a6f2_amd64"
},
"product_reference": "openshift-logging/logging-loki-rhel9@sha256:af9aa36d2fdf2ca882bac401ac5caff5241b1ae42c1fff0f8cffcd3e8a00a6f2_amd64",
"relates_to_product_reference": "9Base-RHOL-6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/loki-operator-bundle@sha256:6caabb4a166da0c3922e78030e6370cb82b923bd1e80ea2be39d7f9f35ace840_amd64 as a component of RHOL 6.1 for RHEL 9",
"product_id": "9Base-RHOL-6.1:openshift-logging/loki-operator-bundle@sha256:6caabb4a166da0c3922e78030e6370cb82b923bd1e80ea2be39d7f9f35ace840_amd64"
},
"product_reference": "openshift-logging/loki-operator-bundle@sha256:6caabb4a166da0c3922e78030e6370cb82b923bd1e80ea2be39d7f9f35ace840_amd64",
"relates_to_product_reference": "9Base-RHOL-6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/loki-rhel9-operator@sha256:1a0ec1a067b407ba7e48e4aeadb0c9a087e0baa0cb36c23361ac65d16426f10c_ppc64le as a component of RHOL 6.1 for RHEL 9",
"product_id": "9Base-RHOL-6.1:openshift-logging/loki-rhel9-operator@sha256:1a0ec1a067b407ba7e48e4aeadb0c9a087e0baa0cb36c23361ac65d16426f10c_ppc64le"
},
"product_reference": "openshift-logging/loki-rhel9-operator@sha256:1a0ec1a067b407ba7e48e4aeadb0c9a087e0baa0cb36c23361ac65d16426f10c_ppc64le",
"relates_to_product_reference": "9Base-RHOL-6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/loki-rhel9-operator@sha256:80a8d28b9a04a24139f8b3886c2ef6ab4f27bb6f14b3890f224f7d1ac6379472_amd64 as a component of RHOL 6.1 for RHEL 9",
"product_id": "9Base-RHOL-6.1:openshift-logging/loki-rhel9-operator@sha256:80a8d28b9a04a24139f8b3886c2ef6ab4f27bb6f14b3890f224f7d1ac6379472_amd64"
},
"product_reference": "openshift-logging/loki-rhel9-operator@sha256:80a8d28b9a04a24139f8b3886c2ef6ab4f27bb6f14b3890f224f7d1ac6379472_amd64",
"relates_to_product_reference": "9Base-RHOL-6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/loki-rhel9-operator@sha256:8df1c6e06cd17e3015c7530fea2312aeff1a9fc3b1ed5317611961cb661487eb_arm64 as a component of RHOL 6.1 for RHEL 9",
"product_id": "9Base-RHOL-6.1:openshift-logging/loki-rhel9-operator@sha256:8df1c6e06cd17e3015c7530fea2312aeff1a9fc3b1ed5317611961cb661487eb_arm64"
},
"product_reference": "openshift-logging/loki-rhel9-operator@sha256:8df1c6e06cd17e3015c7530fea2312aeff1a9fc3b1ed5317611961cb661487eb_arm64",
"relates_to_product_reference": "9Base-RHOL-6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/loki-rhel9-operator@sha256:cd655287a3a3dd0540e36df230c0c2cdeabbc8d61a6be64c70bb515da9ff0a3f_s390x as a component of RHOL 6.1 for RHEL 9",
"product_id": "9Base-RHOL-6.1:openshift-logging/loki-rhel9-operator@sha256:cd655287a3a3dd0540e36df230c0c2cdeabbc8d61a6be64c70bb515da9ff0a3f_s390x"
},
"product_reference": "openshift-logging/loki-rhel9-operator@sha256:cd655287a3a3dd0540e36df230c0c2cdeabbc8d61a6be64c70bb515da9ff0a3f_s390x",
"relates_to_product_reference": "9Base-RHOL-6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/lokistack-gateway-rhel9@sha256:83bcc8176e1171bbbcca67f26c31a9c991dc706f7ed44c1618cb82187414054f_arm64 as a component of RHOL 6.1 for RHEL 9",
"product_id": "9Base-RHOL-6.1:openshift-logging/lokistack-gateway-rhel9@sha256:83bcc8176e1171bbbcca67f26c31a9c991dc706f7ed44c1618cb82187414054f_arm64"
},
"product_reference": "openshift-logging/lokistack-gateway-rhel9@sha256:83bcc8176e1171bbbcca67f26c31a9c991dc706f7ed44c1618cb82187414054f_arm64",
"relates_to_product_reference": "9Base-RHOL-6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/lokistack-gateway-rhel9@sha256:8ce642fc6ba84abec046ec4d37e6ae11b841978148d6548c972f93374ef11bec_s390x as a component of RHOL 6.1 for RHEL 9",
"product_id": "9Base-RHOL-6.1:openshift-logging/lokistack-gateway-rhel9@sha256:8ce642fc6ba84abec046ec4d37e6ae11b841978148d6548c972f93374ef11bec_s390x"
},
"product_reference": "openshift-logging/lokistack-gateway-rhel9@sha256:8ce642fc6ba84abec046ec4d37e6ae11b841978148d6548c972f93374ef11bec_s390x",
"relates_to_product_reference": "9Base-RHOL-6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/lokistack-gateway-rhel9@sha256:d33dabeb04dc31d194efcec83667928a33481d7bf7086365b9672c1cd150faa3_amd64 as a component of RHOL 6.1 for RHEL 9",
"product_id": "9Base-RHOL-6.1:openshift-logging/lokistack-gateway-rhel9@sha256:d33dabeb04dc31d194efcec83667928a33481d7bf7086365b9672c1cd150faa3_amd64"
},
"product_reference": "openshift-logging/lokistack-gateway-rhel9@sha256:d33dabeb04dc31d194efcec83667928a33481d7bf7086365b9672c1cd150faa3_amd64",
"relates_to_product_reference": "9Base-RHOL-6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/lokistack-gateway-rhel9@sha256:f39bc6a61714802f42aa4c32242d6f0b6ccd416300421bcb5a09d23aba39ee36_ppc64le as a component of RHOL 6.1 for RHEL 9",
"product_id": "9Base-RHOL-6.1:openshift-logging/lokistack-gateway-rhel9@sha256:f39bc6a61714802f42aa4c32242d6f0b6ccd416300421bcb5a09d23aba39ee36_ppc64le"
},
"product_reference": "openshift-logging/lokistack-gateway-rhel9@sha256:f39bc6a61714802f42aa4c32242d6f0b6ccd416300421bcb5a09d23aba39ee36_ppc64le",
"relates_to_product_reference": "9Base-RHOL-6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/opa-openshift-rhel9@sha256:2f9ef3a999a0a3677293a4673a5f13ee1e52ad8b010c36098a5fd8db2ba3e932_ppc64le as a component of RHOL 6.1 for RHEL 9",
"product_id": "9Base-RHOL-6.1:openshift-logging/opa-openshift-rhel9@sha256:2f9ef3a999a0a3677293a4673a5f13ee1e52ad8b010c36098a5fd8db2ba3e932_ppc64le"
},
"product_reference": "openshift-logging/opa-openshift-rhel9@sha256:2f9ef3a999a0a3677293a4673a5f13ee1e52ad8b010c36098a5fd8db2ba3e932_ppc64le",
"relates_to_product_reference": "9Base-RHOL-6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/opa-openshift-rhel9@sha256:70ae585e1ae9622b593e4a6cb6505ed918cd564db748526ef0175d984c063028_amd64 as a component of RHOL 6.1 for RHEL 9",
"product_id": "9Base-RHOL-6.1:openshift-logging/opa-openshift-rhel9@sha256:70ae585e1ae9622b593e4a6cb6505ed918cd564db748526ef0175d984c063028_amd64"
},
"product_reference": "openshift-logging/opa-openshift-rhel9@sha256:70ae585e1ae9622b593e4a6cb6505ed918cd564db748526ef0175d984c063028_amd64",
"relates_to_product_reference": "9Base-RHOL-6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/opa-openshift-rhel9@sha256:b49acfeb63ac8dee78ab577b5243a8eb63835f6268384503c1253b53953dc313_arm64 as a component of RHOL 6.1 for RHEL 9",
"product_id": "9Base-RHOL-6.1:openshift-logging/opa-openshift-rhel9@sha256:b49acfeb63ac8dee78ab577b5243a8eb63835f6268384503c1253b53953dc313_arm64"
},
"product_reference": "openshift-logging/opa-openshift-rhel9@sha256:b49acfeb63ac8dee78ab577b5243a8eb63835f6268384503c1253b53953dc313_arm64",
"relates_to_product_reference": "9Base-RHOL-6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/opa-openshift-rhel9@sha256:c19b42a324d049b71a09f3979b8718220166279ae4f135dc339813d15e2082f6_s390x as a component of RHOL 6.1 for RHEL 9",
"product_id": "9Base-RHOL-6.1:openshift-logging/opa-openshift-rhel9@sha256:c19b42a324d049b71a09f3979b8718220166279ae4f135dc339813d15e2082f6_s390x"
},
"product_reference": "openshift-logging/opa-openshift-rhel9@sha256:c19b42a324d049b71a09f3979b8718220166279ae4f135dc339813d15e2082f6_s390x",
"relates_to_product_reference": "9Base-RHOL-6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/vector-rhel9@sha256:0e1f8896fe6abb6f8d6961b4a390205e001877e7621c78f305e08c7d97235f5e_ppc64le as a component of RHOL 6.1 for RHEL 9",
"product_id": "9Base-RHOL-6.1:openshift-logging/vector-rhel9@sha256:0e1f8896fe6abb6f8d6961b4a390205e001877e7621c78f305e08c7d97235f5e_ppc64le"
},
"product_reference": "openshift-logging/vector-rhel9@sha256:0e1f8896fe6abb6f8d6961b4a390205e001877e7621c78f305e08c7d97235f5e_ppc64le",
"relates_to_product_reference": "9Base-RHOL-6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/vector-rhel9@sha256:6230e301464371370926ab703049b57f54fa6a1e551ed3b962670415ea08ebaf_s390x as a component of RHOL 6.1 for RHEL 9",
"product_id": "9Base-RHOL-6.1:openshift-logging/vector-rhel9@sha256:6230e301464371370926ab703049b57f54fa6a1e551ed3b962670415ea08ebaf_s390x"
},
"product_reference": "openshift-logging/vector-rhel9@sha256:6230e301464371370926ab703049b57f54fa6a1e551ed3b962670415ea08ebaf_s390x",
"relates_to_product_reference": "9Base-RHOL-6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/vector-rhel9@sha256:cccff902663f34e08ae0bd837bd518fa35fa6a91f822b354923e089bd5a24b53_amd64 as a component of RHOL 6.1 for RHEL 9",
"product_id": "9Base-RHOL-6.1:openshift-logging/vector-rhel9@sha256:cccff902663f34e08ae0bd837bd518fa35fa6a91f822b354923e089bd5a24b53_amd64"
},
"product_reference": "openshift-logging/vector-rhel9@sha256:cccff902663f34e08ae0bd837bd518fa35fa6a91f822b354923e089bd5a24b53_amd64",
"relates_to_product_reference": "9Base-RHOL-6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/vector-rhel9@sha256:cf81df3a0c88ec07bb3f4ac9bd9c8fb41aaea1ab3e24eb9449aa58b5910d2f3b_arm64 as a component of RHOL 6.1 for RHEL 9",
"product_id": "9Base-RHOL-6.1:openshift-logging/vector-rhel9@sha256:cf81df3a0c88ec07bb3f4ac9bd9c8fb41aaea1ab3e24eb9449aa58b5910d2f3b_arm64"
},
"product_reference": "openshift-logging/vector-rhel9@sha256:cf81df3a0c88ec07bb3f4ac9bd9c8fb41aaea1ab3e24eb9449aa58b5910d2f3b_arm64",
"relates_to_product_reference": "9Base-RHOL-6.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-45336",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2025-01-23T12:57:38.123000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2341751"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the net/http package of the Golang standard library. The HTTP client drops sensitive headers after following a cross-domain redirect. For example, a request to `a.com/` containing an Authorization header redirected to `b.com/` will not send that header to `b.com`. However, the sensitive headers would be restored if the client received a subsequent same-domain redirect. For example, a chain of redirects from `a.com/`, to `b.com/1`, and finally to `b.com/2` would incorrectly send the Authorization header to `b.com/2`.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http: net/http: sensitive headers incorrectly sent after cross-domain redirect",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOL-6.1:openshift-logging/cluster-logging-operator-bundle@sha256:2ac22e0a4469dbd521e501f94aed9d6f6cfd42c380295fccda70845e624cc344_amd64",
"9Base-RHOL-6.1:openshift-logging/cluster-logging-rhel9-operator@sha256:083dad5f886c60ea9660d32e0afd171395363b6734530e68ee7b1a59a83c4c0f_amd64",
"9Base-RHOL-6.1:openshift-logging/cluster-logging-rhel9-operator@sha256:8027ebaf481eebf1d9b3d0eee35d0f8390ba0aecbc6e2ee06f88043c46340aa8_arm64",
"9Base-RHOL-6.1:openshift-logging/cluster-logging-rhel9-operator@sha256:97252762d4350b97b2bbe65454c52163a925a2c0fc57b2b8bf22ac272cb566cf_ppc64le",
"9Base-RHOL-6.1:openshift-logging/cluster-logging-rhel9-operator@sha256:fafc296b1270eb068157cccb039599c1159cab5e149b45acf0da57e3a04e7b36_s390x",
"9Base-RHOL-6.1:openshift-logging/eventrouter-rhel9@sha256:0fffb013cc90701c6ab5d6995e5626f897c6902e3a1c2990db8d15dab0807d88_arm64",
"9Base-RHOL-6.1:openshift-logging/eventrouter-rhel9@sha256:5aff59a0f93149b6f22f79556ab034ac5d383674d1bc2bb3d15e795e607f6fe4_s390x",
"9Base-RHOL-6.1:openshift-logging/eventrouter-rhel9@sha256:63d9b83da2752c6fa9a4764afca3e98b82265d0157714eb0e8f4d31351d135f5_ppc64le",
"9Base-RHOL-6.1:openshift-logging/eventrouter-rhel9@sha256:7b986827ecb1f0014ced0cd8bcdf5db0b2522bd2743e7c76eddedf0846428070_amd64",
"9Base-RHOL-6.1:openshift-logging/log-file-metric-exporter-rhel9@sha256:648290626590d1bf3401882dcf1e0ae0bc783fa422267ae9f769ecb179ddfe00_amd64",
"9Base-RHOL-6.1:openshift-logging/log-file-metric-exporter-rhel9@sha256:a4511102e85d0f6bd2197429d782e47a856024082bf819ba51a9f3dd1106c151_arm64",
"9Base-RHOL-6.1:openshift-logging/log-file-metric-exporter-rhel9@sha256:a9d55d6c654c1fce9b78ba99b7031a11ff8db470113ad0d86e52e0113d117dab_ppc64le",
"9Base-RHOL-6.1:openshift-logging/log-file-metric-exporter-rhel9@sha256:d2fb75d3c1bfdf061631dffa7113d6410f0fdd9773abd496b91281713489ab45_s390x",
"9Base-RHOL-6.1:openshift-logging/logging-loki-rhel9@sha256:13ad9cfbb796c1a10f3a4cb371e674e6609b7b7d245aca5e5863b508c8f219f6_arm64",
"9Base-RHOL-6.1:openshift-logging/logging-loki-rhel9@sha256:51b6e56d97ba3744ad9e4a34cd11d44a9e6ac76314225171e4806e42a361c773_ppc64le",
"9Base-RHOL-6.1:openshift-logging/logging-loki-rhel9@sha256:70c70a6eca66d45832f976fe062780cdea17a90ccc34e2e7b380767a375ff1e8_s390x",
"9Base-RHOL-6.1:openshift-logging/logging-loki-rhel9@sha256:af9aa36d2fdf2ca882bac401ac5caff5241b1ae42c1fff0f8cffcd3e8a00a6f2_amd64",
"9Base-RHOL-6.1:openshift-logging/loki-operator-bundle@sha256:6caabb4a166da0c3922e78030e6370cb82b923bd1e80ea2be39d7f9f35ace840_amd64",
"9Base-RHOL-6.1:openshift-logging/loki-rhel9-operator@sha256:1a0ec1a067b407ba7e48e4aeadb0c9a087e0baa0cb36c23361ac65d16426f10c_ppc64le",
"9Base-RHOL-6.1:openshift-logging/loki-rhel9-operator@sha256:80a8d28b9a04a24139f8b3886c2ef6ab4f27bb6f14b3890f224f7d1ac6379472_amd64",
"9Base-RHOL-6.1:openshift-logging/loki-rhel9-operator@sha256:8df1c6e06cd17e3015c7530fea2312aeff1a9fc3b1ed5317611961cb661487eb_arm64",
"9Base-RHOL-6.1:openshift-logging/loki-rhel9-operator@sha256:cd655287a3a3dd0540e36df230c0c2cdeabbc8d61a6be64c70bb515da9ff0a3f_s390x",
"9Base-RHOL-6.1:openshift-logging/lokistack-gateway-rhel9@sha256:83bcc8176e1171bbbcca67f26c31a9c991dc706f7ed44c1618cb82187414054f_arm64",
"9Base-RHOL-6.1:openshift-logging/lokistack-gateway-rhel9@sha256:8ce642fc6ba84abec046ec4d37e6ae11b841978148d6548c972f93374ef11bec_s390x",
"9Base-RHOL-6.1:openshift-logging/lokistack-gateway-rhel9@sha256:d33dabeb04dc31d194efcec83667928a33481d7bf7086365b9672c1cd150faa3_amd64",
"9Base-RHOL-6.1:openshift-logging/lokistack-gateway-rhel9@sha256:f39bc6a61714802f42aa4c32242d6f0b6ccd416300421bcb5a09d23aba39ee36_ppc64le",
"9Base-RHOL-6.1:openshift-logging/opa-openshift-rhel9@sha256:2f9ef3a999a0a3677293a4673a5f13ee1e52ad8b010c36098a5fd8db2ba3e932_ppc64le",
"9Base-RHOL-6.1:openshift-logging/opa-openshift-rhel9@sha256:70ae585e1ae9622b593e4a6cb6505ed918cd564db748526ef0175d984c063028_amd64",
"9Base-RHOL-6.1:openshift-logging/opa-openshift-rhel9@sha256:b49acfeb63ac8dee78ab577b5243a8eb63835f6268384503c1253b53953dc313_arm64",
"9Base-RHOL-6.1:openshift-logging/opa-openshift-rhel9@sha256:c19b42a324d049b71a09f3979b8718220166279ae4f135dc339813d15e2082f6_s390x",
"9Base-RHOL-6.1:openshift-logging/vector-rhel9@sha256:0e1f8896fe6abb6f8d6961b4a390205e001877e7621c78f305e08c7d97235f5e_ppc64le",
"9Base-RHOL-6.1:openshift-logging/vector-rhel9@sha256:6230e301464371370926ab703049b57f54fa6a1e551ed3b962670415ea08ebaf_s390x",
"9Base-RHOL-6.1:openshift-logging/vector-rhel9@sha256:cccff902663f34e08ae0bd837bd518fa35fa6a91f822b354923e089bd5a24b53_amd64",
"9Base-RHOL-6.1:openshift-logging/vector-rhel9@sha256:cf81df3a0c88ec07bb3f4ac9bd9c8fb41aaea1ab3e24eb9449aa58b5910d2f3b_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45336"
},
{
"category": "external",
"summary": "RHBZ#2341751",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2341751"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45336",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45336"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45336",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45336"
},
{
"category": "external",
"summary": "https://github.com/golang/go/issues/70530",
"url": "https://github.com/golang/go/issues/70530"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/sSaUhLA-2SI",
"url": "https://groups.google.com/g/golang-announce/c/sSaUhLA-2SI"
}
],
"release_date": "2025-01-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-26T17:39:24+00:00",
"details": "For OpenShift Container Platform 4.17 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.17/release_notes/ocp-4-17-release-notes.html\n\nFor Red Hat OpenShift Logging 6.1, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.17/observability/logging/logging-6.1/log6x-upgrading-to-6.html",
"product_ids": [
"9Base-RHOL-6.1:openshift-logging/cluster-logging-operator-bundle@sha256:2ac22e0a4469dbd521e501f94aed9d6f6cfd42c380295fccda70845e624cc344_amd64",
"9Base-RHOL-6.1:openshift-logging/cluster-logging-rhel9-operator@sha256:083dad5f886c60ea9660d32e0afd171395363b6734530e68ee7b1a59a83c4c0f_amd64",
"9Base-RHOL-6.1:openshift-logging/cluster-logging-rhel9-operator@sha256:8027ebaf481eebf1d9b3d0eee35d0f8390ba0aecbc6e2ee06f88043c46340aa8_arm64",
"9Base-RHOL-6.1:openshift-logging/cluster-logging-rhel9-operator@sha256:97252762d4350b97b2bbe65454c52163a925a2c0fc57b2b8bf22ac272cb566cf_ppc64le",
"9Base-RHOL-6.1:openshift-logging/cluster-logging-rhel9-operator@sha256:fafc296b1270eb068157cccb039599c1159cab5e149b45acf0da57e3a04e7b36_s390x",
"9Base-RHOL-6.1:openshift-logging/eventrouter-rhel9@sha256:0fffb013cc90701c6ab5d6995e5626f897c6902e3a1c2990db8d15dab0807d88_arm64",
"9Base-RHOL-6.1:openshift-logging/eventrouter-rhel9@sha256:5aff59a0f93149b6f22f79556ab034ac5d383674d1bc2bb3d15e795e607f6fe4_s390x",
"9Base-RHOL-6.1:openshift-logging/eventrouter-rhel9@sha256:63d9b83da2752c6fa9a4764afca3e98b82265d0157714eb0e8f4d31351d135f5_ppc64le",
"9Base-RHOL-6.1:openshift-logging/eventrouter-rhel9@sha256:7b986827ecb1f0014ced0cd8bcdf5db0b2522bd2743e7c76eddedf0846428070_amd64",
"9Base-RHOL-6.1:openshift-logging/log-file-metric-exporter-rhel9@sha256:648290626590d1bf3401882dcf1e0ae0bc783fa422267ae9f769ecb179ddfe00_amd64",
"9Base-RHOL-6.1:openshift-logging/log-file-metric-exporter-rhel9@sha256:a4511102e85d0f6bd2197429d782e47a856024082bf819ba51a9f3dd1106c151_arm64",
"9Base-RHOL-6.1:openshift-logging/log-file-metric-exporter-rhel9@sha256:a9d55d6c654c1fce9b78ba99b7031a11ff8db470113ad0d86e52e0113d117dab_ppc64le",
"9Base-RHOL-6.1:openshift-logging/log-file-metric-exporter-rhel9@sha256:d2fb75d3c1bfdf061631dffa7113d6410f0fdd9773abd496b91281713489ab45_s390x",
"9Base-RHOL-6.1:openshift-logging/logging-loki-rhel9@sha256:13ad9cfbb796c1a10f3a4cb371e674e6609b7b7d245aca5e5863b508c8f219f6_arm64",
"9Base-RHOL-6.1:openshift-logging/logging-loki-rhel9@sha256:51b6e56d97ba3744ad9e4a34cd11d44a9e6ac76314225171e4806e42a361c773_ppc64le",
"9Base-RHOL-6.1:openshift-logging/logging-loki-rhel9@sha256:70c70a6eca66d45832f976fe062780cdea17a90ccc34e2e7b380767a375ff1e8_s390x",
"9Base-RHOL-6.1:openshift-logging/logging-loki-rhel9@sha256:af9aa36d2fdf2ca882bac401ac5caff5241b1ae42c1fff0f8cffcd3e8a00a6f2_amd64",
"9Base-RHOL-6.1:openshift-logging/loki-operator-bundle@sha256:6caabb4a166da0c3922e78030e6370cb82b923bd1e80ea2be39d7f9f35ace840_amd64",
"9Base-RHOL-6.1:openshift-logging/loki-rhel9-operator@sha256:1a0ec1a067b407ba7e48e4aeadb0c9a087e0baa0cb36c23361ac65d16426f10c_ppc64le",
"9Base-RHOL-6.1:openshift-logging/loki-rhel9-operator@sha256:80a8d28b9a04a24139f8b3886c2ef6ab4f27bb6f14b3890f224f7d1ac6379472_amd64",
"9Base-RHOL-6.1:openshift-logging/loki-rhel9-operator@sha256:8df1c6e06cd17e3015c7530fea2312aeff1a9fc3b1ed5317611961cb661487eb_arm64",
"9Base-RHOL-6.1:openshift-logging/loki-rhel9-operator@sha256:cd655287a3a3dd0540e36df230c0c2cdeabbc8d61a6be64c70bb515da9ff0a3f_s390x",
"9Base-RHOL-6.1:openshift-logging/lokistack-gateway-rhel9@sha256:83bcc8176e1171bbbcca67f26c31a9c991dc706f7ed44c1618cb82187414054f_arm64",
"9Base-RHOL-6.1:openshift-logging/lokistack-gateway-rhel9@sha256:8ce642fc6ba84abec046ec4d37e6ae11b841978148d6548c972f93374ef11bec_s390x",
"9Base-RHOL-6.1:openshift-logging/lokistack-gateway-rhel9@sha256:d33dabeb04dc31d194efcec83667928a33481d7bf7086365b9672c1cd150faa3_amd64",
"9Base-RHOL-6.1:openshift-logging/lokistack-gateway-rhel9@sha256:f39bc6a61714802f42aa4c32242d6f0b6ccd416300421bcb5a09d23aba39ee36_ppc64le",
"9Base-RHOL-6.1:openshift-logging/opa-openshift-rhel9@sha256:2f9ef3a999a0a3677293a4673a5f13ee1e52ad8b010c36098a5fd8db2ba3e932_ppc64le",
"9Base-RHOL-6.1:openshift-logging/opa-openshift-rhel9@sha256:70ae585e1ae9622b593e4a6cb6505ed918cd564db748526ef0175d984c063028_amd64",
"9Base-RHOL-6.1:openshift-logging/opa-openshift-rhel9@sha256:b49acfeb63ac8dee78ab577b5243a8eb63835f6268384503c1253b53953dc313_arm64",
"9Base-RHOL-6.1:openshift-logging/opa-openshift-rhel9@sha256:c19b42a324d049b71a09f3979b8718220166279ae4f135dc339813d15e2082f6_s390x",
"9Base-RHOL-6.1:openshift-logging/vector-rhel9@sha256:0e1f8896fe6abb6f8d6961b4a390205e001877e7621c78f305e08c7d97235f5e_ppc64le",
"9Base-RHOL-6.1:openshift-logging/vector-rhel9@sha256:6230e301464371370926ab703049b57f54fa6a1e551ed3b962670415ea08ebaf_s390x",
"9Base-RHOL-6.1:openshift-logging/vector-rhel9@sha256:cccff902663f34e08ae0bd837bd518fa35fa6a91f822b354923e089bd5a24b53_amd64",
"9Base-RHOL-6.1:openshift-logging/vector-rhel9@sha256:cf81df3a0c88ec07bb3f4ac9bd9c8fb41aaea1ab3e24eb9449aa58b5910d2f3b_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:3131"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"9Base-RHOL-6.1:openshift-logging/cluster-logging-operator-bundle@sha256:2ac22e0a4469dbd521e501f94aed9d6f6cfd42c380295fccda70845e624cc344_amd64",
"9Base-RHOL-6.1:openshift-logging/cluster-logging-rhel9-operator@sha256:083dad5f886c60ea9660d32e0afd171395363b6734530e68ee7b1a59a83c4c0f_amd64",
"9Base-RHOL-6.1:openshift-logging/cluster-logging-rhel9-operator@sha256:8027ebaf481eebf1d9b3d0eee35d0f8390ba0aecbc6e2ee06f88043c46340aa8_arm64",
"9Base-RHOL-6.1:openshift-logging/cluster-logging-rhel9-operator@sha256:97252762d4350b97b2bbe65454c52163a925a2c0fc57b2b8bf22ac272cb566cf_ppc64le",
"9Base-RHOL-6.1:openshift-logging/cluster-logging-rhel9-operator@sha256:fafc296b1270eb068157cccb039599c1159cab5e149b45acf0da57e3a04e7b36_s390x",
"9Base-RHOL-6.1:openshift-logging/eventrouter-rhel9@sha256:0fffb013cc90701c6ab5d6995e5626f897c6902e3a1c2990db8d15dab0807d88_arm64",
"9Base-RHOL-6.1:openshift-logging/eventrouter-rhel9@sha256:5aff59a0f93149b6f22f79556ab034ac5d383674d1bc2bb3d15e795e607f6fe4_s390x",
"9Base-RHOL-6.1:openshift-logging/eventrouter-rhel9@sha256:63d9b83da2752c6fa9a4764afca3e98b82265d0157714eb0e8f4d31351d135f5_ppc64le",
"9Base-RHOL-6.1:openshift-logging/eventrouter-rhel9@sha256:7b986827ecb1f0014ced0cd8bcdf5db0b2522bd2743e7c76eddedf0846428070_amd64",
"9Base-RHOL-6.1:openshift-logging/log-file-metric-exporter-rhel9@sha256:648290626590d1bf3401882dcf1e0ae0bc783fa422267ae9f769ecb179ddfe00_amd64",
"9Base-RHOL-6.1:openshift-logging/log-file-metric-exporter-rhel9@sha256:a4511102e85d0f6bd2197429d782e47a856024082bf819ba51a9f3dd1106c151_arm64",
"9Base-RHOL-6.1:openshift-logging/log-file-metric-exporter-rhel9@sha256:a9d55d6c654c1fce9b78ba99b7031a11ff8db470113ad0d86e52e0113d117dab_ppc64le",
"9Base-RHOL-6.1:openshift-logging/log-file-metric-exporter-rhel9@sha256:d2fb75d3c1bfdf061631dffa7113d6410f0fdd9773abd496b91281713489ab45_s390x",
"9Base-RHOL-6.1:openshift-logging/logging-loki-rhel9@sha256:13ad9cfbb796c1a10f3a4cb371e674e6609b7b7d245aca5e5863b508c8f219f6_arm64",
"9Base-RHOL-6.1:openshift-logging/logging-loki-rhel9@sha256:51b6e56d97ba3744ad9e4a34cd11d44a9e6ac76314225171e4806e42a361c773_ppc64le",
"9Base-RHOL-6.1:openshift-logging/logging-loki-rhel9@sha256:70c70a6eca66d45832f976fe062780cdea17a90ccc34e2e7b380767a375ff1e8_s390x",
"9Base-RHOL-6.1:openshift-logging/logging-loki-rhel9@sha256:af9aa36d2fdf2ca882bac401ac5caff5241b1ae42c1fff0f8cffcd3e8a00a6f2_amd64",
"9Base-RHOL-6.1:openshift-logging/loki-operator-bundle@sha256:6caabb4a166da0c3922e78030e6370cb82b923bd1e80ea2be39d7f9f35ace840_amd64",
"9Base-RHOL-6.1:openshift-logging/loki-rhel9-operator@sha256:1a0ec1a067b407ba7e48e4aeadb0c9a087e0baa0cb36c23361ac65d16426f10c_ppc64le",
"9Base-RHOL-6.1:openshift-logging/loki-rhel9-operator@sha256:80a8d28b9a04a24139f8b3886c2ef6ab4f27bb6f14b3890f224f7d1ac6379472_amd64",
"9Base-RHOL-6.1:openshift-logging/loki-rhel9-operator@sha256:8df1c6e06cd17e3015c7530fea2312aeff1a9fc3b1ed5317611961cb661487eb_arm64",
"9Base-RHOL-6.1:openshift-logging/loki-rhel9-operator@sha256:cd655287a3a3dd0540e36df230c0c2cdeabbc8d61a6be64c70bb515da9ff0a3f_s390x",
"9Base-RHOL-6.1:openshift-logging/lokistack-gateway-rhel9@sha256:83bcc8176e1171bbbcca67f26c31a9c991dc706f7ed44c1618cb82187414054f_arm64",
"9Base-RHOL-6.1:openshift-logging/lokistack-gateway-rhel9@sha256:8ce642fc6ba84abec046ec4d37e6ae11b841978148d6548c972f93374ef11bec_s390x",
"9Base-RHOL-6.1:openshift-logging/lokistack-gateway-rhel9@sha256:d33dabeb04dc31d194efcec83667928a33481d7bf7086365b9672c1cd150faa3_amd64",
"9Base-RHOL-6.1:openshift-logging/lokistack-gateway-rhel9@sha256:f39bc6a61714802f42aa4c32242d6f0b6ccd416300421bcb5a09d23aba39ee36_ppc64le",
"9Base-RHOL-6.1:openshift-logging/opa-openshift-rhel9@sha256:2f9ef3a999a0a3677293a4673a5f13ee1e52ad8b010c36098a5fd8db2ba3e932_ppc64le",
"9Base-RHOL-6.1:openshift-logging/opa-openshift-rhel9@sha256:70ae585e1ae9622b593e4a6cb6505ed918cd564db748526ef0175d984c063028_amd64",
"9Base-RHOL-6.1:openshift-logging/opa-openshift-rhel9@sha256:b49acfeb63ac8dee78ab577b5243a8eb63835f6268384503c1253b53953dc313_arm64",
"9Base-RHOL-6.1:openshift-logging/opa-openshift-rhel9@sha256:c19b42a324d049b71a09f3979b8718220166279ae4f135dc339813d15e2082f6_s390x",
"9Base-RHOL-6.1:openshift-logging/vector-rhel9@sha256:0e1f8896fe6abb6f8d6961b4a390205e001877e7621c78f305e08c7d97235f5e_ppc64le",
"9Base-RHOL-6.1:openshift-logging/vector-rhel9@sha256:6230e301464371370926ab703049b57f54fa6a1e551ed3b962670415ea08ebaf_s390x",
"9Base-RHOL-6.1:openshift-logging/vector-rhel9@sha256:cccff902663f34e08ae0bd837bd518fa35fa6a91f822b354923e089bd5a24b53_amd64",
"9Base-RHOL-6.1:openshift-logging/vector-rhel9@sha256:cf81df3a0c88ec07bb3f4ac9bd9c8fb41aaea1ab3e24eb9449aa58b5910d2f3b_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http: net/http: sensitive headers incorrectly sent after cross-domain redirect"
},
{
"cve": "CVE-2024-45338",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2024-12-18T21:00:59.938173+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2333122"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/net/html. This flaw allows an attacker to craft input to the parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This issue can cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as an Important severity because an attacker can craft malicious input that causes the parsing functions to process data non-linearly, resulting in significant delays which leads to a denial of service by exhausting system resources.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOL-6.1:openshift-logging/cluster-logging-operator-bundle@sha256:2ac22e0a4469dbd521e501f94aed9d6f6cfd42c380295fccda70845e624cc344_amd64",
"9Base-RHOL-6.1:openshift-logging/cluster-logging-rhel9-operator@sha256:083dad5f886c60ea9660d32e0afd171395363b6734530e68ee7b1a59a83c4c0f_amd64",
"9Base-RHOL-6.1:openshift-logging/cluster-logging-rhel9-operator@sha256:8027ebaf481eebf1d9b3d0eee35d0f8390ba0aecbc6e2ee06f88043c46340aa8_arm64",
"9Base-RHOL-6.1:openshift-logging/cluster-logging-rhel9-operator@sha256:97252762d4350b97b2bbe65454c52163a925a2c0fc57b2b8bf22ac272cb566cf_ppc64le",
"9Base-RHOL-6.1:openshift-logging/cluster-logging-rhel9-operator@sha256:fafc296b1270eb068157cccb039599c1159cab5e149b45acf0da57e3a04e7b36_s390x",
"9Base-RHOL-6.1:openshift-logging/eventrouter-rhel9@sha256:0fffb013cc90701c6ab5d6995e5626f897c6902e3a1c2990db8d15dab0807d88_arm64",
"9Base-RHOL-6.1:openshift-logging/eventrouter-rhel9@sha256:5aff59a0f93149b6f22f79556ab034ac5d383674d1bc2bb3d15e795e607f6fe4_s390x",
"9Base-RHOL-6.1:openshift-logging/eventrouter-rhel9@sha256:63d9b83da2752c6fa9a4764afca3e98b82265d0157714eb0e8f4d31351d135f5_ppc64le",
"9Base-RHOL-6.1:openshift-logging/eventrouter-rhel9@sha256:7b986827ecb1f0014ced0cd8bcdf5db0b2522bd2743e7c76eddedf0846428070_amd64",
"9Base-RHOL-6.1:openshift-logging/log-file-metric-exporter-rhel9@sha256:648290626590d1bf3401882dcf1e0ae0bc783fa422267ae9f769ecb179ddfe00_amd64",
"9Base-RHOL-6.1:openshift-logging/log-file-metric-exporter-rhel9@sha256:a4511102e85d0f6bd2197429d782e47a856024082bf819ba51a9f3dd1106c151_arm64",
"9Base-RHOL-6.1:openshift-logging/log-file-metric-exporter-rhel9@sha256:a9d55d6c654c1fce9b78ba99b7031a11ff8db470113ad0d86e52e0113d117dab_ppc64le",
"9Base-RHOL-6.1:openshift-logging/log-file-metric-exporter-rhel9@sha256:d2fb75d3c1bfdf061631dffa7113d6410f0fdd9773abd496b91281713489ab45_s390x",
"9Base-RHOL-6.1:openshift-logging/logging-loki-rhel9@sha256:13ad9cfbb796c1a10f3a4cb371e674e6609b7b7d245aca5e5863b508c8f219f6_arm64",
"9Base-RHOL-6.1:openshift-logging/logging-loki-rhel9@sha256:51b6e56d97ba3744ad9e4a34cd11d44a9e6ac76314225171e4806e42a361c773_ppc64le",
"9Base-RHOL-6.1:openshift-logging/logging-loki-rhel9@sha256:70c70a6eca66d45832f976fe062780cdea17a90ccc34e2e7b380767a375ff1e8_s390x",
"9Base-RHOL-6.1:openshift-logging/logging-loki-rhel9@sha256:af9aa36d2fdf2ca882bac401ac5caff5241b1ae42c1fff0f8cffcd3e8a00a6f2_amd64",
"9Base-RHOL-6.1:openshift-logging/loki-operator-bundle@sha256:6caabb4a166da0c3922e78030e6370cb82b923bd1e80ea2be39d7f9f35ace840_amd64",
"9Base-RHOL-6.1:openshift-logging/loki-rhel9-operator@sha256:1a0ec1a067b407ba7e48e4aeadb0c9a087e0baa0cb36c23361ac65d16426f10c_ppc64le",
"9Base-RHOL-6.1:openshift-logging/loki-rhel9-operator@sha256:80a8d28b9a04a24139f8b3886c2ef6ab4f27bb6f14b3890f224f7d1ac6379472_amd64",
"9Base-RHOL-6.1:openshift-logging/loki-rhel9-operator@sha256:8df1c6e06cd17e3015c7530fea2312aeff1a9fc3b1ed5317611961cb661487eb_arm64",
"9Base-RHOL-6.1:openshift-logging/loki-rhel9-operator@sha256:cd655287a3a3dd0540e36df230c0c2cdeabbc8d61a6be64c70bb515da9ff0a3f_s390x",
"9Base-RHOL-6.1:openshift-logging/lokistack-gateway-rhel9@sha256:83bcc8176e1171bbbcca67f26c31a9c991dc706f7ed44c1618cb82187414054f_arm64",
"9Base-RHOL-6.1:openshift-logging/lokistack-gateway-rhel9@sha256:8ce642fc6ba84abec046ec4d37e6ae11b841978148d6548c972f93374ef11bec_s390x",
"9Base-RHOL-6.1:openshift-logging/lokistack-gateway-rhel9@sha256:d33dabeb04dc31d194efcec83667928a33481d7bf7086365b9672c1cd150faa3_amd64",
"9Base-RHOL-6.1:openshift-logging/lokistack-gateway-rhel9@sha256:f39bc6a61714802f42aa4c32242d6f0b6ccd416300421bcb5a09d23aba39ee36_ppc64le",
"9Base-RHOL-6.1:openshift-logging/opa-openshift-rhel9@sha256:2f9ef3a999a0a3677293a4673a5f13ee1e52ad8b010c36098a5fd8db2ba3e932_ppc64le",
"9Base-RHOL-6.1:openshift-logging/opa-openshift-rhel9@sha256:70ae585e1ae9622b593e4a6cb6505ed918cd564db748526ef0175d984c063028_amd64",
"9Base-RHOL-6.1:openshift-logging/opa-openshift-rhel9@sha256:b49acfeb63ac8dee78ab577b5243a8eb63835f6268384503c1253b53953dc313_arm64",
"9Base-RHOL-6.1:openshift-logging/opa-openshift-rhel9@sha256:c19b42a324d049b71a09f3979b8718220166279ae4f135dc339813d15e2082f6_s390x",
"9Base-RHOL-6.1:openshift-logging/vector-rhel9@sha256:0e1f8896fe6abb6f8d6961b4a390205e001877e7621c78f305e08c7d97235f5e_ppc64le",
"9Base-RHOL-6.1:openshift-logging/vector-rhel9@sha256:6230e301464371370926ab703049b57f54fa6a1e551ed3b962670415ea08ebaf_s390x",
"9Base-RHOL-6.1:openshift-logging/vector-rhel9@sha256:cccff902663f34e08ae0bd837bd518fa35fa6a91f822b354923e089bd5a24b53_amd64",
"9Base-RHOL-6.1:openshift-logging/vector-rhel9@sha256:cf81df3a0c88ec07bb3f4ac9bd9c8fb41aaea1ab3e24eb9449aa58b5910d2f3b_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45338"
},
{
"category": "external",
"summary": "RHBZ#2333122",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2333122"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45338",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45338"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45338",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45338"
},
{
"category": "external",
"summary": "https://go.dev/cl/637536",
"url": "https://go.dev/cl/637536"
},
{
"category": "external",
"summary": "https://go.dev/issue/70906",
"url": "https://go.dev/issue/70906"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/wSCRmFnNmPA/m/Lvcd0mRMAwAJ",
"url": "https://groups.google.com/g/golang-announce/c/wSCRmFnNmPA/m/Lvcd0mRMAwAJ"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3333",
"url": "https://pkg.go.dev/vuln/GO-2024-3333"
}
],
"release_date": "2024-12-18T20:38:22.660000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-26T17:39:24+00:00",
"details": "For OpenShift Container Platform 4.17 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.17/release_notes/ocp-4-17-release-notes.html\n\nFor Red Hat OpenShift Logging 6.1, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.17/observability/logging/logging-6.1/log6x-upgrading-to-6.html",
"product_ids": [
"9Base-RHOL-6.1:openshift-logging/cluster-logging-operator-bundle@sha256:2ac22e0a4469dbd521e501f94aed9d6f6cfd42c380295fccda70845e624cc344_amd64",
"9Base-RHOL-6.1:openshift-logging/cluster-logging-rhel9-operator@sha256:083dad5f886c60ea9660d32e0afd171395363b6734530e68ee7b1a59a83c4c0f_amd64",
"9Base-RHOL-6.1:openshift-logging/cluster-logging-rhel9-operator@sha256:8027ebaf481eebf1d9b3d0eee35d0f8390ba0aecbc6e2ee06f88043c46340aa8_arm64",
"9Base-RHOL-6.1:openshift-logging/cluster-logging-rhel9-operator@sha256:97252762d4350b97b2bbe65454c52163a925a2c0fc57b2b8bf22ac272cb566cf_ppc64le",
"9Base-RHOL-6.1:openshift-logging/cluster-logging-rhel9-operator@sha256:fafc296b1270eb068157cccb039599c1159cab5e149b45acf0da57e3a04e7b36_s390x",
"9Base-RHOL-6.1:openshift-logging/eventrouter-rhel9@sha256:0fffb013cc90701c6ab5d6995e5626f897c6902e3a1c2990db8d15dab0807d88_arm64",
"9Base-RHOL-6.1:openshift-logging/eventrouter-rhel9@sha256:5aff59a0f93149b6f22f79556ab034ac5d383674d1bc2bb3d15e795e607f6fe4_s390x",
"9Base-RHOL-6.1:openshift-logging/eventrouter-rhel9@sha256:63d9b83da2752c6fa9a4764afca3e98b82265d0157714eb0e8f4d31351d135f5_ppc64le",
"9Base-RHOL-6.1:openshift-logging/eventrouter-rhel9@sha256:7b986827ecb1f0014ced0cd8bcdf5db0b2522bd2743e7c76eddedf0846428070_amd64",
"9Base-RHOL-6.1:openshift-logging/log-file-metric-exporter-rhel9@sha256:648290626590d1bf3401882dcf1e0ae0bc783fa422267ae9f769ecb179ddfe00_amd64",
"9Base-RHOL-6.1:openshift-logging/log-file-metric-exporter-rhel9@sha256:a4511102e85d0f6bd2197429d782e47a856024082bf819ba51a9f3dd1106c151_arm64",
"9Base-RHOL-6.1:openshift-logging/log-file-metric-exporter-rhel9@sha256:a9d55d6c654c1fce9b78ba99b7031a11ff8db470113ad0d86e52e0113d117dab_ppc64le",
"9Base-RHOL-6.1:openshift-logging/log-file-metric-exporter-rhel9@sha256:d2fb75d3c1bfdf061631dffa7113d6410f0fdd9773abd496b91281713489ab45_s390x",
"9Base-RHOL-6.1:openshift-logging/logging-loki-rhel9@sha256:13ad9cfbb796c1a10f3a4cb371e674e6609b7b7d245aca5e5863b508c8f219f6_arm64",
"9Base-RHOL-6.1:openshift-logging/logging-loki-rhel9@sha256:51b6e56d97ba3744ad9e4a34cd11d44a9e6ac76314225171e4806e42a361c773_ppc64le",
"9Base-RHOL-6.1:openshift-logging/logging-loki-rhel9@sha256:70c70a6eca66d45832f976fe062780cdea17a90ccc34e2e7b380767a375ff1e8_s390x",
"9Base-RHOL-6.1:openshift-logging/logging-loki-rhel9@sha256:af9aa36d2fdf2ca882bac401ac5caff5241b1ae42c1fff0f8cffcd3e8a00a6f2_amd64",
"9Base-RHOL-6.1:openshift-logging/loki-operator-bundle@sha256:6caabb4a166da0c3922e78030e6370cb82b923bd1e80ea2be39d7f9f35ace840_amd64",
"9Base-RHOL-6.1:openshift-logging/loki-rhel9-operator@sha256:1a0ec1a067b407ba7e48e4aeadb0c9a087e0baa0cb36c23361ac65d16426f10c_ppc64le",
"9Base-RHOL-6.1:openshift-logging/loki-rhel9-operator@sha256:80a8d28b9a04a24139f8b3886c2ef6ab4f27bb6f14b3890f224f7d1ac6379472_amd64",
"9Base-RHOL-6.1:openshift-logging/loki-rhel9-operator@sha256:8df1c6e06cd17e3015c7530fea2312aeff1a9fc3b1ed5317611961cb661487eb_arm64",
"9Base-RHOL-6.1:openshift-logging/loki-rhel9-operator@sha256:cd655287a3a3dd0540e36df230c0c2cdeabbc8d61a6be64c70bb515da9ff0a3f_s390x",
"9Base-RHOL-6.1:openshift-logging/lokistack-gateway-rhel9@sha256:83bcc8176e1171bbbcca67f26c31a9c991dc706f7ed44c1618cb82187414054f_arm64",
"9Base-RHOL-6.1:openshift-logging/lokistack-gateway-rhel9@sha256:8ce642fc6ba84abec046ec4d37e6ae11b841978148d6548c972f93374ef11bec_s390x",
"9Base-RHOL-6.1:openshift-logging/lokistack-gateway-rhel9@sha256:d33dabeb04dc31d194efcec83667928a33481d7bf7086365b9672c1cd150faa3_amd64",
"9Base-RHOL-6.1:openshift-logging/lokistack-gateway-rhel9@sha256:f39bc6a61714802f42aa4c32242d6f0b6ccd416300421bcb5a09d23aba39ee36_ppc64le",
"9Base-RHOL-6.1:openshift-logging/opa-openshift-rhel9@sha256:2f9ef3a999a0a3677293a4673a5f13ee1e52ad8b010c36098a5fd8db2ba3e932_ppc64le",
"9Base-RHOL-6.1:openshift-logging/opa-openshift-rhel9@sha256:70ae585e1ae9622b593e4a6cb6505ed918cd564db748526ef0175d984c063028_amd64",
"9Base-RHOL-6.1:openshift-logging/opa-openshift-rhel9@sha256:b49acfeb63ac8dee78ab577b5243a8eb63835f6268384503c1253b53953dc313_arm64",
"9Base-RHOL-6.1:openshift-logging/opa-openshift-rhel9@sha256:c19b42a324d049b71a09f3979b8718220166279ae4f135dc339813d15e2082f6_s390x",
"9Base-RHOL-6.1:openshift-logging/vector-rhel9@sha256:0e1f8896fe6abb6f8d6961b4a390205e001877e7621c78f305e08c7d97235f5e_ppc64le",
"9Base-RHOL-6.1:openshift-logging/vector-rhel9@sha256:6230e301464371370926ab703049b57f54fa6a1e551ed3b962670415ea08ebaf_s390x",
"9Base-RHOL-6.1:openshift-logging/vector-rhel9@sha256:cccff902663f34e08ae0bd837bd518fa35fa6a91f822b354923e089bd5a24b53_amd64",
"9Base-RHOL-6.1:openshift-logging/vector-rhel9@sha256:cf81df3a0c88ec07bb3f4ac9bd9c8fb41aaea1ab3e24eb9449aa58b5910d2f3b_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:3131"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHOL-6.1:openshift-logging/cluster-logging-operator-bundle@sha256:2ac22e0a4469dbd521e501f94aed9d6f6cfd42c380295fccda70845e624cc344_amd64",
"9Base-RHOL-6.1:openshift-logging/cluster-logging-rhel9-operator@sha256:083dad5f886c60ea9660d32e0afd171395363b6734530e68ee7b1a59a83c4c0f_amd64",
"9Base-RHOL-6.1:openshift-logging/cluster-logging-rhel9-operator@sha256:8027ebaf481eebf1d9b3d0eee35d0f8390ba0aecbc6e2ee06f88043c46340aa8_arm64",
"9Base-RHOL-6.1:openshift-logging/cluster-logging-rhel9-operator@sha256:97252762d4350b97b2bbe65454c52163a925a2c0fc57b2b8bf22ac272cb566cf_ppc64le",
"9Base-RHOL-6.1:openshift-logging/cluster-logging-rhel9-operator@sha256:fafc296b1270eb068157cccb039599c1159cab5e149b45acf0da57e3a04e7b36_s390x",
"9Base-RHOL-6.1:openshift-logging/eventrouter-rhel9@sha256:0fffb013cc90701c6ab5d6995e5626f897c6902e3a1c2990db8d15dab0807d88_arm64",
"9Base-RHOL-6.1:openshift-logging/eventrouter-rhel9@sha256:5aff59a0f93149b6f22f79556ab034ac5d383674d1bc2bb3d15e795e607f6fe4_s390x",
"9Base-RHOL-6.1:openshift-logging/eventrouter-rhel9@sha256:63d9b83da2752c6fa9a4764afca3e98b82265d0157714eb0e8f4d31351d135f5_ppc64le",
"9Base-RHOL-6.1:openshift-logging/eventrouter-rhel9@sha256:7b986827ecb1f0014ced0cd8bcdf5db0b2522bd2743e7c76eddedf0846428070_amd64",
"9Base-RHOL-6.1:openshift-logging/log-file-metric-exporter-rhel9@sha256:648290626590d1bf3401882dcf1e0ae0bc783fa422267ae9f769ecb179ddfe00_amd64",
"9Base-RHOL-6.1:openshift-logging/log-file-metric-exporter-rhel9@sha256:a4511102e85d0f6bd2197429d782e47a856024082bf819ba51a9f3dd1106c151_arm64",
"9Base-RHOL-6.1:openshift-logging/log-file-metric-exporter-rhel9@sha256:a9d55d6c654c1fce9b78ba99b7031a11ff8db470113ad0d86e52e0113d117dab_ppc64le",
"9Base-RHOL-6.1:openshift-logging/log-file-metric-exporter-rhel9@sha256:d2fb75d3c1bfdf061631dffa7113d6410f0fdd9773abd496b91281713489ab45_s390x",
"9Base-RHOL-6.1:openshift-logging/logging-loki-rhel9@sha256:13ad9cfbb796c1a10f3a4cb371e674e6609b7b7d245aca5e5863b508c8f219f6_arm64",
"9Base-RHOL-6.1:openshift-logging/logging-loki-rhel9@sha256:51b6e56d97ba3744ad9e4a34cd11d44a9e6ac76314225171e4806e42a361c773_ppc64le",
"9Base-RHOL-6.1:openshift-logging/logging-loki-rhel9@sha256:70c70a6eca66d45832f976fe062780cdea17a90ccc34e2e7b380767a375ff1e8_s390x",
"9Base-RHOL-6.1:openshift-logging/logging-loki-rhel9@sha256:af9aa36d2fdf2ca882bac401ac5caff5241b1ae42c1fff0f8cffcd3e8a00a6f2_amd64",
"9Base-RHOL-6.1:openshift-logging/loki-operator-bundle@sha256:6caabb4a166da0c3922e78030e6370cb82b923bd1e80ea2be39d7f9f35ace840_amd64",
"9Base-RHOL-6.1:openshift-logging/loki-rhel9-operator@sha256:1a0ec1a067b407ba7e48e4aeadb0c9a087e0baa0cb36c23361ac65d16426f10c_ppc64le",
"9Base-RHOL-6.1:openshift-logging/loki-rhel9-operator@sha256:80a8d28b9a04a24139f8b3886c2ef6ab4f27bb6f14b3890f224f7d1ac6379472_amd64",
"9Base-RHOL-6.1:openshift-logging/loki-rhel9-operator@sha256:8df1c6e06cd17e3015c7530fea2312aeff1a9fc3b1ed5317611961cb661487eb_arm64",
"9Base-RHOL-6.1:openshift-logging/loki-rhel9-operator@sha256:cd655287a3a3dd0540e36df230c0c2cdeabbc8d61a6be64c70bb515da9ff0a3f_s390x",
"9Base-RHOL-6.1:openshift-logging/lokistack-gateway-rhel9@sha256:83bcc8176e1171bbbcca67f26c31a9c991dc706f7ed44c1618cb82187414054f_arm64",
"9Base-RHOL-6.1:openshift-logging/lokistack-gateway-rhel9@sha256:8ce642fc6ba84abec046ec4d37e6ae11b841978148d6548c972f93374ef11bec_s390x",
"9Base-RHOL-6.1:openshift-logging/lokistack-gateway-rhel9@sha256:d33dabeb04dc31d194efcec83667928a33481d7bf7086365b9672c1cd150faa3_amd64",
"9Base-RHOL-6.1:openshift-logging/lokistack-gateway-rhel9@sha256:f39bc6a61714802f42aa4c32242d6f0b6ccd416300421bcb5a09d23aba39ee36_ppc64le",
"9Base-RHOL-6.1:openshift-logging/opa-openshift-rhel9@sha256:2f9ef3a999a0a3677293a4673a5f13ee1e52ad8b010c36098a5fd8db2ba3e932_ppc64le",
"9Base-RHOL-6.1:openshift-logging/opa-openshift-rhel9@sha256:70ae585e1ae9622b593e4a6cb6505ed918cd564db748526ef0175d984c063028_amd64",
"9Base-RHOL-6.1:openshift-logging/opa-openshift-rhel9@sha256:b49acfeb63ac8dee78ab577b5243a8eb63835f6268384503c1253b53953dc313_arm64",
"9Base-RHOL-6.1:openshift-logging/opa-openshift-rhel9@sha256:c19b42a324d049b71a09f3979b8718220166279ae4f135dc339813d15e2082f6_s390x",
"9Base-RHOL-6.1:openshift-logging/vector-rhel9@sha256:0e1f8896fe6abb6f8d6961b4a390205e001877e7621c78f305e08c7d97235f5e_ppc64le",
"9Base-RHOL-6.1:openshift-logging/vector-rhel9@sha256:6230e301464371370926ab703049b57f54fa6a1e551ed3b962670415ea08ebaf_s390x",
"9Base-RHOL-6.1:openshift-logging/vector-rhel9@sha256:cccff902663f34e08ae0bd837bd518fa35fa6a91f822b354923e089bd5a24b53_amd64",
"9Base-RHOL-6.1:openshift-logging/vector-rhel9@sha256:cf81df3a0c88ec07bb3f4ac9bd9c8fb41aaea1ab3e24eb9449aa58b5910d2f3b_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html"
},
{
"cve": "CVE-2025-27144",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-02-24T23:00:42.448432+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2347423"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in GO-JOSE. In affected versions, when parsing compact JWS or JWE input, Go JOSE could use excessive memory. The code uses strings.Split(token, \".\") to split JWT tokens, which is vulnerable to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters. This issue could be exploied by sending numerous malformed tokens, leading to memory exhaustion and a Denial of Service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "go-jose: Go JOSE\u0027s Parsing Vulnerable to Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOL-6.1:openshift-logging/cluster-logging-operator-bundle@sha256:2ac22e0a4469dbd521e501f94aed9d6f6cfd42c380295fccda70845e624cc344_amd64",
"9Base-RHOL-6.1:openshift-logging/cluster-logging-rhel9-operator@sha256:083dad5f886c60ea9660d32e0afd171395363b6734530e68ee7b1a59a83c4c0f_amd64",
"9Base-RHOL-6.1:openshift-logging/cluster-logging-rhel9-operator@sha256:8027ebaf481eebf1d9b3d0eee35d0f8390ba0aecbc6e2ee06f88043c46340aa8_arm64",
"9Base-RHOL-6.1:openshift-logging/cluster-logging-rhel9-operator@sha256:97252762d4350b97b2bbe65454c52163a925a2c0fc57b2b8bf22ac272cb566cf_ppc64le",
"9Base-RHOL-6.1:openshift-logging/cluster-logging-rhel9-operator@sha256:fafc296b1270eb068157cccb039599c1159cab5e149b45acf0da57e3a04e7b36_s390x",
"9Base-RHOL-6.1:openshift-logging/eventrouter-rhel9@sha256:0fffb013cc90701c6ab5d6995e5626f897c6902e3a1c2990db8d15dab0807d88_arm64",
"9Base-RHOL-6.1:openshift-logging/eventrouter-rhel9@sha256:5aff59a0f93149b6f22f79556ab034ac5d383674d1bc2bb3d15e795e607f6fe4_s390x",
"9Base-RHOL-6.1:openshift-logging/eventrouter-rhel9@sha256:63d9b83da2752c6fa9a4764afca3e98b82265d0157714eb0e8f4d31351d135f5_ppc64le",
"9Base-RHOL-6.1:openshift-logging/eventrouter-rhel9@sha256:7b986827ecb1f0014ced0cd8bcdf5db0b2522bd2743e7c76eddedf0846428070_amd64",
"9Base-RHOL-6.1:openshift-logging/log-file-metric-exporter-rhel9@sha256:648290626590d1bf3401882dcf1e0ae0bc783fa422267ae9f769ecb179ddfe00_amd64",
"9Base-RHOL-6.1:openshift-logging/log-file-metric-exporter-rhel9@sha256:a4511102e85d0f6bd2197429d782e47a856024082bf819ba51a9f3dd1106c151_arm64",
"9Base-RHOL-6.1:openshift-logging/log-file-metric-exporter-rhel9@sha256:a9d55d6c654c1fce9b78ba99b7031a11ff8db470113ad0d86e52e0113d117dab_ppc64le",
"9Base-RHOL-6.1:openshift-logging/log-file-metric-exporter-rhel9@sha256:d2fb75d3c1bfdf061631dffa7113d6410f0fdd9773abd496b91281713489ab45_s390x",
"9Base-RHOL-6.1:openshift-logging/logging-loki-rhel9@sha256:13ad9cfbb796c1a10f3a4cb371e674e6609b7b7d245aca5e5863b508c8f219f6_arm64",
"9Base-RHOL-6.1:openshift-logging/logging-loki-rhel9@sha256:51b6e56d97ba3744ad9e4a34cd11d44a9e6ac76314225171e4806e42a361c773_ppc64le",
"9Base-RHOL-6.1:openshift-logging/logging-loki-rhel9@sha256:70c70a6eca66d45832f976fe062780cdea17a90ccc34e2e7b380767a375ff1e8_s390x",
"9Base-RHOL-6.1:openshift-logging/logging-loki-rhel9@sha256:af9aa36d2fdf2ca882bac401ac5caff5241b1ae42c1fff0f8cffcd3e8a00a6f2_amd64",
"9Base-RHOL-6.1:openshift-logging/loki-operator-bundle@sha256:6caabb4a166da0c3922e78030e6370cb82b923bd1e80ea2be39d7f9f35ace840_amd64",
"9Base-RHOL-6.1:openshift-logging/loki-rhel9-operator@sha256:1a0ec1a067b407ba7e48e4aeadb0c9a087e0baa0cb36c23361ac65d16426f10c_ppc64le",
"9Base-RHOL-6.1:openshift-logging/loki-rhel9-operator@sha256:80a8d28b9a04a24139f8b3886c2ef6ab4f27bb6f14b3890f224f7d1ac6379472_amd64",
"9Base-RHOL-6.1:openshift-logging/loki-rhel9-operator@sha256:8df1c6e06cd17e3015c7530fea2312aeff1a9fc3b1ed5317611961cb661487eb_arm64",
"9Base-RHOL-6.1:openshift-logging/loki-rhel9-operator@sha256:cd655287a3a3dd0540e36df230c0c2cdeabbc8d61a6be64c70bb515da9ff0a3f_s390x",
"9Base-RHOL-6.1:openshift-logging/lokistack-gateway-rhel9@sha256:83bcc8176e1171bbbcca67f26c31a9c991dc706f7ed44c1618cb82187414054f_arm64",
"9Base-RHOL-6.1:openshift-logging/lokistack-gateway-rhel9@sha256:8ce642fc6ba84abec046ec4d37e6ae11b841978148d6548c972f93374ef11bec_s390x",
"9Base-RHOL-6.1:openshift-logging/lokistack-gateway-rhel9@sha256:d33dabeb04dc31d194efcec83667928a33481d7bf7086365b9672c1cd150faa3_amd64",
"9Base-RHOL-6.1:openshift-logging/lokistack-gateway-rhel9@sha256:f39bc6a61714802f42aa4c32242d6f0b6ccd416300421bcb5a09d23aba39ee36_ppc64le",
"9Base-RHOL-6.1:openshift-logging/opa-openshift-rhel9@sha256:2f9ef3a999a0a3677293a4673a5f13ee1e52ad8b010c36098a5fd8db2ba3e932_ppc64le",
"9Base-RHOL-6.1:openshift-logging/opa-openshift-rhel9@sha256:70ae585e1ae9622b593e4a6cb6505ed918cd564db748526ef0175d984c063028_amd64",
"9Base-RHOL-6.1:openshift-logging/opa-openshift-rhel9@sha256:b49acfeb63ac8dee78ab577b5243a8eb63835f6268384503c1253b53953dc313_arm64",
"9Base-RHOL-6.1:openshift-logging/opa-openshift-rhel9@sha256:c19b42a324d049b71a09f3979b8718220166279ae4f135dc339813d15e2082f6_s390x",
"9Base-RHOL-6.1:openshift-logging/vector-rhel9@sha256:0e1f8896fe6abb6f8d6961b4a390205e001877e7621c78f305e08c7d97235f5e_ppc64le",
"9Base-RHOL-6.1:openshift-logging/vector-rhel9@sha256:6230e301464371370926ab703049b57f54fa6a1e551ed3b962670415ea08ebaf_s390x",
"9Base-RHOL-6.1:openshift-logging/vector-rhel9@sha256:cccff902663f34e08ae0bd837bd518fa35fa6a91f822b354923e089bd5a24b53_amd64",
"9Base-RHOL-6.1:openshift-logging/vector-rhel9@sha256:cf81df3a0c88ec07bb3f4ac9bd9c8fb41aaea1ab3e24eb9449aa58b5910d2f3b_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-27144"
},
{
"category": "external",
"summary": "RHBZ#2347423",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2347423"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-27144",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27144"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-27144",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-27144"
},
{
"category": "external",
"summary": "https://github.com/go-jose/go-jose/commit/99b346cec4e86d102284642c5dcbe9bb0cacfc22",
"url": "https://github.com/go-jose/go-jose/commit/99b346cec4e86d102284642c5dcbe9bb0cacfc22"
},
{
"category": "external",
"summary": "https://github.com/go-jose/go-jose/releases/tag/v4.0.5",
"url": "https://github.com/go-jose/go-jose/releases/tag/v4.0.5"
},
{
"category": "external",
"summary": "https://github.com/go-jose/go-jose/security/advisories/GHSA-c6gw-w398-hv78",
"url": "https://github.com/go-jose/go-jose/security/advisories/GHSA-c6gw-w398-hv78"
}
],
"release_date": "2025-02-24T22:22:22.863000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-26T17:39:24+00:00",
"details": "For OpenShift Container Platform 4.17 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.17/release_notes/ocp-4-17-release-notes.html\n\nFor Red Hat OpenShift Logging 6.1, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.17/observability/logging/logging-6.1/log6x-upgrading-to-6.html",
"product_ids": [
"9Base-RHOL-6.1:openshift-logging/cluster-logging-operator-bundle@sha256:2ac22e0a4469dbd521e501f94aed9d6f6cfd42c380295fccda70845e624cc344_amd64",
"9Base-RHOL-6.1:openshift-logging/cluster-logging-rhel9-operator@sha256:083dad5f886c60ea9660d32e0afd171395363b6734530e68ee7b1a59a83c4c0f_amd64",
"9Base-RHOL-6.1:openshift-logging/cluster-logging-rhel9-operator@sha256:8027ebaf481eebf1d9b3d0eee35d0f8390ba0aecbc6e2ee06f88043c46340aa8_arm64",
"9Base-RHOL-6.1:openshift-logging/cluster-logging-rhel9-operator@sha256:97252762d4350b97b2bbe65454c52163a925a2c0fc57b2b8bf22ac272cb566cf_ppc64le",
"9Base-RHOL-6.1:openshift-logging/cluster-logging-rhel9-operator@sha256:fafc296b1270eb068157cccb039599c1159cab5e149b45acf0da57e3a04e7b36_s390x",
"9Base-RHOL-6.1:openshift-logging/eventrouter-rhel9@sha256:0fffb013cc90701c6ab5d6995e5626f897c6902e3a1c2990db8d15dab0807d88_arm64",
"9Base-RHOL-6.1:openshift-logging/eventrouter-rhel9@sha256:5aff59a0f93149b6f22f79556ab034ac5d383674d1bc2bb3d15e795e607f6fe4_s390x",
"9Base-RHOL-6.1:openshift-logging/eventrouter-rhel9@sha256:63d9b83da2752c6fa9a4764afca3e98b82265d0157714eb0e8f4d31351d135f5_ppc64le",
"9Base-RHOL-6.1:openshift-logging/eventrouter-rhel9@sha256:7b986827ecb1f0014ced0cd8bcdf5db0b2522bd2743e7c76eddedf0846428070_amd64",
"9Base-RHOL-6.1:openshift-logging/log-file-metric-exporter-rhel9@sha256:648290626590d1bf3401882dcf1e0ae0bc783fa422267ae9f769ecb179ddfe00_amd64",
"9Base-RHOL-6.1:openshift-logging/log-file-metric-exporter-rhel9@sha256:a4511102e85d0f6bd2197429d782e47a856024082bf819ba51a9f3dd1106c151_arm64",
"9Base-RHOL-6.1:openshift-logging/log-file-metric-exporter-rhel9@sha256:a9d55d6c654c1fce9b78ba99b7031a11ff8db470113ad0d86e52e0113d117dab_ppc64le",
"9Base-RHOL-6.1:openshift-logging/log-file-metric-exporter-rhel9@sha256:d2fb75d3c1bfdf061631dffa7113d6410f0fdd9773abd496b91281713489ab45_s390x",
"9Base-RHOL-6.1:openshift-logging/logging-loki-rhel9@sha256:13ad9cfbb796c1a10f3a4cb371e674e6609b7b7d245aca5e5863b508c8f219f6_arm64",
"9Base-RHOL-6.1:openshift-logging/logging-loki-rhel9@sha256:51b6e56d97ba3744ad9e4a34cd11d44a9e6ac76314225171e4806e42a361c773_ppc64le",
"9Base-RHOL-6.1:openshift-logging/logging-loki-rhel9@sha256:70c70a6eca66d45832f976fe062780cdea17a90ccc34e2e7b380767a375ff1e8_s390x",
"9Base-RHOL-6.1:openshift-logging/logging-loki-rhel9@sha256:af9aa36d2fdf2ca882bac401ac5caff5241b1ae42c1fff0f8cffcd3e8a00a6f2_amd64",
"9Base-RHOL-6.1:openshift-logging/loki-operator-bundle@sha256:6caabb4a166da0c3922e78030e6370cb82b923bd1e80ea2be39d7f9f35ace840_amd64",
"9Base-RHOL-6.1:openshift-logging/loki-rhel9-operator@sha256:1a0ec1a067b407ba7e48e4aeadb0c9a087e0baa0cb36c23361ac65d16426f10c_ppc64le",
"9Base-RHOL-6.1:openshift-logging/loki-rhel9-operator@sha256:80a8d28b9a04a24139f8b3886c2ef6ab4f27bb6f14b3890f224f7d1ac6379472_amd64",
"9Base-RHOL-6.1:openshift-logging/loki-rhel9-operator@sha256:8df1c6e06cd17e3015c7530fea2312aeff1a9fc3b1ed5317611961cb661487eb_arm64",
"9Base-RHOL-6.1:openshift-logging/loki-rhel9-operator@sha256:cd655287a3a3dd0540e36df230c0c2cdeabbc8d61a6be64c70bb515da9ff0a3f_s390x",
"9Base-RHOL-6.1:openshift-logging/lokistack-gateway-rhel9@sha256:83bcc8176e1171bbbcca67f26c31a9c991dc706f7ed44c1618cb82187414054f_arm64",
"9Base-RHOL-6.1:openshift-logging/lokistack-gateway-rhel9@sha256:8ce642fc6ba84abec046ec4d37e6ae11b841978148d6548c972f93374ef11bec_s390x",
"9Base-RHOL-6.1:openshift-logging/lokistack-gateway-rhel9@sha256:d33dabeb04dc31d194efcec83667928a33481d7bf7086365b9672c1cd150faa3_amd64",
"9Base-RHOL-6.1:openshift-logging/lokistack-gateway-rhel9@sha256:f39bc6a61714802f42aa4c32242d6f0b6ccd416300421bcb5a09d23aba39ee36_ppc64le",
"9Base-RHOL-6.1:openshift-logging/opa-openshift-rhel9@sha256:2f9ef3a999a0a3677293a4673a5f13ee1e52ad8b010c36098a5fd8db2ba3e932_ppc64le",
"9Base-RHOL-6.1:openshift-logging/opa-openshift-rhel9@sha256:70ae585e1ae9622b593e4a6cb6505ed918cd564db748526ef0175d984c063028_amd64",
"9Base-RHOL-6.1:openshift-logging/opa-openshift-rhel9@sha256:b49acfeb63ac8dee78ab577b5243a8eb63835f6268384503c1253b53953dc313_arm64",
"9Base-RHOL-6.1:openshift-logging/opa-openshift-rhel9@sha256:c19b42a324d049b71a09f3979b8718220166279ae4f135dc339813d15e2082f6_s390x",
"9Base-RHOL-6.1:openshift-logging/vector-rhel9@sha256:0e1f8896fe6abb6f8d6961b4a390205e001877e7621c78f305e08c7d97235f5e_ppc64le",
"9Base-RHOL-6.1:openshift-logging/vector-rhel9@sha256:6230e301464371370926ab703049b57f54fa6a1e551ed3b962670415ea08ebaf_s390x",
"9Base-RHOL-6.1:openshift-logging/vector-rhel9@sha256:cccff902663f34e08ae0bd837bd518fa35fa6a91f822b354923e089bd5a24b53_amd64",
"9Base-RHOL-6.1:openshift-logging/vector-rhel9@sha256:cf81df3a0c88ec07bb3f4ac9bd9c8fb41aaea1ab3e24eb9449aa58b5910d2f3b_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:3131"
},
{
"category": "workaround",
"details": "As a workaround, applications can pre-validate that payloads being passed to Go JOSE do not contain an excessive number of `.` characters.",
"product_ids": [
"9Base-RHOL-6.1:openshift-logging/cluster-logging-operator-bundle@sha256:2ac22e0a4469dbd521e501f94aed9d6f6cfd42c380295fccda70845e624cc344_amd64",
"9Base-RHOL-6.1:openshift-logging/cluster-logging-rhel9-operator@sha256:083dad5f886c60ea9660d32e0afd171395363b6734530e68ee7b1a59a83c4c0f_amd64",
"9Base-RHOL-6.1:openshift-logging/cluster-logging-rhel9-operator@sha256:8027ebaf481eebf1d9b3d0eee35d0f8390ba0aecbc6e2ee06f88043c46340aa8_arm64",
"9Base-RHOL-6.1:openshift-logging/cluster-logging-rhel9-operator@sha256:97252762d4350b97b2bbe65454c52163a925a2c0fc57b2b8bf22ac272cb566cf_ppc64le",
"9Base-RHOL-6.1:openshift-logging/cluster-logging-rhel9-operator@sha256:fafc296b1270eb068157cccb039599c1159cab5e149b45acf0da57e3a04e7b36_s390x",
"9Base-RHOL-6.1:openshift-logging/eventrouter-rhel9@sha256:0fffb013cc90701c6ab5d6995e5626f897c6902e3a1c2990db8d15dab0807d88_arm64",
"9Base-RHOL-6.1:openshift-logging/eventrouter-rhel9@sha256:5aff59a0f93149b6f22f79556ab034ac5d383674d1bc2bb3d15e795e607f6fe4_s390x",
"9Base-RHOL-6.1:openshift-logging/eventrouter-rhel9@sha256:63d9b83da2752c6fa9a4764afca3e98b82265d0157714eb0e8f4d31351d135f5_ppc64le",
"9Base-RHOL-6.1:openshift-logging/eventrouter-rhel9@sha256:7b986827ecb1f0014ced0cd8bcdf5db0b2522bd2743e7c76eddedf0846428070_amd64",
"9Base-RHOL-6.1:openshift-logging/log-file-metric-exporter-rhel9@sha256:648290626590d1bf3401882dcf1e0ae0bc783fa422267ae9f769ecb179ddfe00_amd64",
"9Base-RHOL-6.1:openshift-logging/log-file-metric-exporter-rhel9@sha256:a4511102e85d0f6bd2197429d782e47a856024082bf819ba51a9f3dd1106c151_arm64",
"9Base-RHOL-6.1:openshift-logging/log-file-metric-exporter-rhel9@sha256:a9d55d6c654c1fce9b78ba99b7031a11ff8db470113ad0d86e52e0113d117dab_ppc64le",
"9Base-RHOL-6.1:openshift-logging/log-file-metric-exporter-rhel9@sha256:d2fb75d3c1bfdf061631dffa7113d6410f0fdd9773abd496b91281713489ab45_s390x",
"9Base-RHOL-6.1:openshift-logging/logging-loki-rhel9@sha256:13ad9cfbb796c1a10f3a4cb371e674e6609b7b7d245aca5e5863b508c8f219f6_arm64",
"9Base-RHOL-6.1:openshift-logging/logging-loki-rhel9@sha256:51b6e56d97ba3744ad9e4a34cd11d44a9e6ac76314225171e4806e42a361c773_ppc64le",
"9Base-RHOL-6.1:openshift-logging/logging-loki-rhel9@sha256:70c70a6eca66d45832f976fe062780cdea17a90ccc34e2e7b380767a375ff1e8_s390x",
"9Base-RHOL-6.1:openshift-logging/logging-loki-rhel9@sha256:af9aa36d2fdf2ca882bac401ac5caff5241b1ae42c1fff0f8cffcd3e8a00a6f2_amd64",
"9Base-RHOL-6.1:openshift-logging/loki-operator-bundle@sha256:6caabb4a166da0c3922e78030e6370cb82b923bd1e80ea2be39d7f9f35ace840_amd64",
"9Base-RHOL-6.1:openshift-logging/loki-rhel9-operator@sha256:1a0ec1a067b407ba7e48e4aeadb0c9a087e0baa0cb36c23361ac65d16426f10c_ppc64le",
"9Base-RHOL-6.1:openshift-logging/loki-rhel9-operator@sha256:80a8d28b9a04a24139f8b3886c2ef6ab4f27bb6f14b3890f224f7d1ac6379472_amd64",
"9Base-RHOL-6.1:openshift-logging/loki-rhel9-operator@sha256:8df1c6e06cd17e3015c7530fea2312aeff1a9fc3b1ed5317611961cb661487eb_arm64",
"9Base-RHOL-6.1:openshift-logging/loki-rhel9-operator@sha256:cd655287a3a3dd0540e36df230c0c2cdeabbc8d61a6be64c70bb515da9ff0a3f_s390x",
"9Base-RHOL-6.1:openshift-logging/lokistack-gateway-rhel9@sha256:83bcc8176e1171bbbcca67f26c31a9c991dc706f7ed44c1618cb82187414054f_arm64",
"9Base-RHOL-6.1:openshift-logging/lokistack-gateway-rhel9@sha256:8ce642fc6ba84abec046ec4d37e6ae11b841978148d6548c972f93374ef11bec_s390x",
"9Base-RHOL-6.1:openshift-logging/lokistack-gateway-rhel9@sha256:d33dabeb04dc31d194efcec83667928a33481d7bf7086365b9672c1cd150faa3_amd64",
"9Base-RHOL-6.1:openshift-logging/lokistack-gateway-rhel9@sha256:f39bc6a61714802f42aa4c32242d6f0b6ccd416300421bcb5a09d23aba39ee36_ppc64le",
"9Base-RHOL-6.1:openshift-logging/opa-openshift-rhel9@sha256:2f9ef3a999a0a3677293a4673a5f13ee1e52ad8b010c36098a5fd8db2ba3e932_ppc64le",
"9Base-RHOL-6.1:openshift-logging/opa-openshift-rhel9@sha256:70ae585e1ae9622b593e4a6cb6505ed918cd564db748526ef0175d984c063028_amd64",
"9Base-RHOL-6.1:openshift-logging/opa-openshift-rhel9@sha256:b49acfeb63ac8dee78ab577b5243a8eb63835f6268384503c1253b53953dc313_arm64",
"9Base-RHOL-6.1:openshift-logging/opa-openshift-rhel9@sha256:c19b42a324d049b71a09f3979b8718220166279ae4f135dc339813d15e2082f6_s390x",
"9Base-RHOL-6.1:openshift-logging/vector-rhel9@sha256:0e1f8896fe6abb6f8d6961b4a390205e001877e7621c78f305e08c7d97235f5e_ppc64le",
"9Base-RHOL-6.1:openshift-logging/vector-rhel9@sha256:6230e301464371370926ab703049b57f54fa6a1e551ed3b962670415ea08ebaf_s390x",
"9Base-RHOL-6.1:openshift-logging/vector-rhel9@sha256:cccff902663f34e08ae0bd837bd518fa35fa6a91f822b354923e089bd5a24b53_amd64",
"9Base-RHOL-6.1:openshift-logging/vector-rhel9@sha256:cf81df3a0c88ec07bb3f4ac9bd9c8fb41aaea1ab3e24eb9449aa58b5910d2f3b_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHOL-6.1:openshift-logging/cluster-logging-operator-bundle@sha256:2ac22e0a4469dbd521e501f94aed9d6f6cfd42c380295fccda70845e624cc344_amd64",
"9Base-RHOL-6.1:openshift-logging/cluster-logging-rhel9-operator@sha256:083dad5f886c60ea9660d32e0afd171395363b6734530e68ee7b1a59a83c4c0f_amd64",
"9Base-RHOL-6.1:openshift-logging/cluster-logging-rhel9-operator@sha256:8027ebaf481eebf1d9b3d0eee35d0f8390ba0aecbc6e2ee06f88043c46340aa8_arm64",
"9Base-RHOL-6.1:openshift-logging/cluster-logging-rhel9-operator@sha256:97252762d4350b97b2bbe65454c52163a925a2c0fc57b2b8bf22ac272cb566cf_ppc64le",
"9Base-RHOL-6.1:openshift-logging/cluster-logging-rhel9-operator@sha256:fafc296b1270eb068157cccb039599c1159cab5e149b45acf0da57e3a04e7b36_s390x",
"9Base-RHOL-6.1:openshift-logging/eventrouter-rhel9@sha256:0fffb013cc90701c6ab5d6995e5626f897c6902e3a1c2990db8d15dab0807d88_arm64",
"9Base-RHOL-6.1:openshift-logging/eventrouter-rhel9@sha256:5aff59a0f93149b6f22f79556ab034ac5d383674d1bc2bb3d15e795e607f6fe4_s390x",
"9Base-RHOL-6.1:openshift-logging/eventrouter-rhel9@sha256:63d9b83da2752c6fa9a4764afca3e98b82265d0157714eb0e8f4d31351d135f5_ppc64le",
"9Base-RHOL-6.1:openshift-logging/eventrouter-rhel9@sha256:7b986827ecb1f0014ced0cd8bcdf5db0b2522bd2743e7c76eddedf0846428070_amd64",
"9Base-RHOL-6.1:openshift-logging/log-file-metric-exporter-rhel9@sha256:648290626590d1bf3401882dcf1e0ae0bc783fa422267ae9f769ecb179ddfe00_amd64",
"9Base-RHOL-6.1:openshift-logging/log-file-metric-exporter-rhel9@sha256:a4511102e85d0f6bd2197429d782e47a856024082bf819ba51a9f3dd1106c151_arm64",
"9Base-RHOL-6.1:openshift-logging/log-file-metric-exporter-rhel9@sha256:a9d55d6c654c1fce9b78ba99b7031a11ff8db470113ad0d86e52e0113d117dab_ppc64le",
"9Base-RHOL-6.1:openshift-logging/log-file-metric-exporter-rhel9@sha256:d2fb75d3c1bfdf061631dffa7113d6410f0fdd9773abd496b91281713489ab45_s390x",
"9Base-RHOL-6.1:openshift-logging/logging-loki-rhel9@sha256:13ad9cfbb796c1a10f3a4cb371e674e6609b7b7d245aca5e5863b508c8f219f6_arm64",
"9Base-RHOL-6.1:openshift-logging/logging-loki-rhel9@sha256:51b6e56d97ba3744ad9e4a34cd11d44a9e6ac76314225171e4806e42a361c773_ppc64le",
"9Base-RHOL-6.1:openshift-logging/logging-loki-rhel9@sha256:70c70a6eca66d45832f976fe062780cdea17a90ccc34e2e7b380767a375ff1e8_s390x",
"9Base-RHOL-6.1:openshift-logging/logging-loki-rhel9@sha256:af9aa36d2fdf2ca882bac401ac5caff5241b1ae42c1fff0f8cffcd3e8a00a6f2_amd64",
"9Base-RHOL-6.1:openshift-logging/loki-operator-bundle@sha256:6caabb4a166da0c3922e78030e6370cb82b923bd1e80ea2be39d7f9f35ace840_amd64",
"9Base-RHOL-6.1:openshift-logging/loki-rhel9-operator@sha256:1a0ec1a067b407ba7e48e4aeadb0c9a087e0baa0cb36c23361ac65d16426f10c_ppc64le",
"9Base-RHOL-6.1:openshift-logging/loki-rhel9-operator@sha256:80a8d28b9a04a24139f8b3886c2ef6ab4f27bb6f14b3890f224f7d1ac6379472_amd64",
"9Base-RHOL-6.1:openshift-logging/loki-rhel9-operator@sha256:8df1c6e06cd17e3015c7530fea2312aeff1a9fc3b1ed5317611961cb661487eb_arm64",
"9Base-RHOL-6.1:openshift-logging/loki-rhel9-operator@sha256:cd655287a3a3dd0540e36df230c0c2cdeabbc8d61a6be64c70bb515da9ff0a3f_s390x",
"9Base-RHOL-6.1:openshift-logging/lokistack-gateway-rhel9@sha256:83bcc8176e1171bbbcca67f26c31a9c991dc706f7ed44c1618cb82187414054f_arm64",
"9Base-RHOL-6.1:openshift-logging/lokistack-gateway-rhel9@sha256:8ce642fc6ba84abec046ec4d37e6ae11b841978148d6548c972f93374ef11bec_s390x",
"9Base-RHOL-6.1:openshift-logging/lokistack-gateway-rhel9@sha256:d33dabeb04dc31d194efcec83667928a33481d7bf7086365b9672c1cd150faa3_amd64",
"9Base-RHOL-6.1:openshift-logging/lokistack-gateway-rhel9@sha256:f39bc6a61714802f42aa4c32242d6f0b6ccd416300421bcb5a09d23aba39ee36_ppc64le",
"9Base-RHOL-6.1:openshift-logging/opa-openshift-rhel9@sha256:2f9ef3a999a0a3677293a4673a5f13ee1e52ad8b010c36098a5fd8db2ba3e932_ppc64le",
"9Base-RHOL-6.1:openshift-logging/opa-openshift-rhel9@sha256:70ae585e1ae9622b593e4a6cb6505ed918cd564db748526ef0175d984c063028_amd64",
"9Base-RHOL-6.1:openshift-logging/opa-openshift-rhel9@sha256:b49acfeb63ac8dee78ab577b5243a8eb63835f6268384503c1253b53953dc313_arm64",
"9Base-RHOL-6.1:openshift-logging/opa-openshift-rhel9@sha256:c19b42a324d049b71a09f3979b8718220166279ae4f135dc339813d15e2082f6_s390x",
"9Base-RHOL-6.1:openshift-logging/vector-rhel9@sha256:0e1f8896fe6abb6f8d6961b4a390205e001877e7621c78f305e08c7d97235f5e_ppc64le",
"9Base-RHOL-6.1:openshift-logging/vector-rhel9@sha256:6230e301464371370926ab703049b57f54fa6a1e551ed3b962670415ea08ebaf_s390x",
"9Base-RHOL-6.1:openshift-logging/vector-rhel9@sha256:cccff902663f34e08ae0bd837bd518fa35fa6a91f822b354923e089bd5a24b53_amd64",
"9Base-RHOL-6.1:openshift-logging/vector-rhel9@sha256:cf81df3a0c88ec07bb3f4ac9bd9c8fb41aaea1ab3e24eb9449aa58b5910d2f3b_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "go-jose: Go JOSE\u0027s Parsing Vulnerable to Denial of Service"
}
]
}
RHSA-2025:3132
Vulnerability from csaf_redhat - Published: 2025-03-26 17:34 - Updated: 2026-06-05 19:40Summary
Red Hat Security Advisory: Logging for Red Hat OpenShift - 6.0.6
Severity
Important
Notes
Topic: Logging for Red Hat OpenShift - 6.0.6
Details: Logging for Red Hat OpenShift - 6.0.6
lokistack-gateway-container: Go JOSE's Parsing Vulnerable to Denial of Service (CVE-2025-27144)
logging-loki-container: Non-linear parsing of case-insensitive content in golang.org/x/net/html (CVE-2024-45338)
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in golang.org/x/net/html. This flaw allows an attacker to craft input to the parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This issue can cause a denial of service.
7.5 (High)
Affected products
Fixed
34 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHOL-6.0:openshift-logging/cluster-logging-operator-bundle@sha256:04347c5ffe4381dfc2ec48cafa04b65cd85b732ab32c361a03acadc6b12486c5_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.0:openshift-logging/cluster-logging-rhel9-operator@sha256:0a35500c9b027f30669c6f410b468ee528972c18eea0f8783954979f444c28e5_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.0:openshift-logging/cluster-logging-rhel9-operator@sha256:6646e0c4534894aab3169a534326a8bfbee5d4c384bdd94434613e4044c8acc6_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.0:openshift-logging/cluster-logging-rhel9-operator@sha256:98f1e57da45eaaa9dbb54ccf52e50e23e7238de0b1065721a2f1041cc2404757_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.0:openshift-logging/cluster-logging-rhel9-operator@sha256:ff4bc240a5c840d16eb48db373fedafef5a7a2f1db0d90b296af054423789cf7_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.0:openshift-logging/eventrouter-rhel9@sha256:4672ce29ebd5f099aa2afeeae907e4693a7bc9f6cf0a9fa1e7527a12a17976f0_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.0:openshift-logging/eventrouter-rhel9@sha256:4f287a5ae842fc8b87ba0ac19dd9909ce0fb17b4f4b6c582621b559b55a9c0ae_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.0:openshift-logging/eventrouter-rhel9@sha256:6216957ee9e05152231a7816470003822ce706ed768bd9dbf15a7d42ceba0169_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.0:openshift-logging/eventrouter-rhel9@sha256:6fc3e68cc69f8ce6eb93244fc344260b48ac68794da1ce78aeb4fad606576789_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.0:openshift-logging/log-file-metric-exporter-rhel9@sha256:0bc239163627bd0b502d74072d5fd8f6606b222784d24963bcc6d104353221c8_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.0:openshift-logging/log-file-metric-exporter-rhel9@sha256:85164d3f02bdfcc8b1c545c8c8a8a775d6690de8bd27502d70fb686af0ceb53b_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.0:openshift-logging/log-file-metric-exporter-rhel9@sha256:ba8ec092b2b26e83e30d78879196dd8d524ef6805abafa5be562e2b734676e68_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.0:openshift-logging/log-file-metric-exporter-rhel9@sha256:e5fdace6353f81300d3fbf57d89ec1ea5038afdb2120cb0c524ce61d65424e34_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.0:openshift-logging/logging-loki-rhel9@sha256:4c9aae2b3560cb6bc67ef536459ed04e30b0890e3b34c8fbbfaa7557b449bc44_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.0:openshift-logging/logging-loki-rhel9@sha256:75b744971db524a4b218e1f81395ac753d1c392f099b3ab79945809f8714728f_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.0:openshift-logging/logging-loki-rhel9@sha256:ac504d165b83e047af9d8c2a49f136b13e466c43d2d9f679850b3a32f44d96f3_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.0:openshift-logging/logging-loki-rhel9@sha256:c48d43f0a1db7196656f8f71fed383248131117517566034f6e6e9cb67d86695_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.0:openshift-logging/loki-operator-bundle@sha256:47f6a0bc969c7039b027fcff8b8fc97ad88f54fc07efd839e98b95d660124d36_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.0:openshift-logging/loki-rhel9-operator@sha256:161fc8b97a1752329c7456a6e052b7bedb39a566bc0ba4b91a31a1360aabbaa8_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.0:openshift-logging/loki-rhel9-operator@sha256:7e5c29156bfbfe36ba9a3fae143d5bfd4a4cbd6b586183e0338b356e3ebec4f0_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.0:openshift-logging/loki-rhel9-operator@sha256:f6426dc70bc6bfce23a72163afb3229a28bbc340e1e5dbd42696534a6187b6eb_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.0:openshift-logging/loki-rhel9-operator@sha256:f9f2c7e18a194440964e889c99bffd704b260eee5e4202575dd341fea4ab23fd_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.0:openshift-logging/lokistack-gateway-rhel9@sha256:06322689631815e632be8ac68c784641801499b80c7f84ef65a6b6be7d87a85a_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.0:openshift-logging/lokistack-gateway-rhel9@sha256:55d833a3314752d84f5d8fecdec10e1ba933563991e444536aeae17b2e62c397_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.0:openshift-logging/lokistack-gateway-rhel9@sha256:57a6bf54011a5bbff66e9d3f76c619960ac02c2adce88ba84cb73266aaebab32_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.0:openshift-logging/lokistack-gateway-rhel9@sha256:8159842ddd7237c3710ce6a93338bd3647d53a6355989f614a2bc26e8ed81452_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.0:openshift-logging/opa-openshift-rhel9@sha256:89d23ee10b06a32e8424014a6bad13ec4cacc9458a22d829f1539462c8757624_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.0:openshift-logging/opa-openshift-rhel9@sha256:a88fbeca3dce34d749a433de069ac020acd6446be807abbeebb699fbf60e1849_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.0:openshift-logging/opa-openshift-rhel9@sha256:dcbc0f3616072607ef651100b2e9b5817c7ef03c507858bee27bc72a23eb7900_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.0:openshift-logging/opa-openshift-rhel9@sha256:f4209e2eb1cb3a197f64db4d08e8ef67937ce88a987c29391f3a6aa50e6c5606_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.0:openshift-logging/vector-rhel9@sha256:4544bf43eed07afab6f941b7f8fd56a635045eb3ac182bbd180d816a9fc10f76_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.0:openshift-logging/vector-rhel9@sha256:483bb4b32ff0932e96a5572a386ecb3e4c605cacfc515d7029f23f572d0e6254_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.0:openshift-logging/vector-rhel9@sha256:4e73489bf07ff3376c3947f769902acfc206c6f3ed00cfd7f724f4022be97b44_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOL-6.0:openshift-logging/vector-rhel9@sha256:9183e9614e3f963be71158dc75eee5d8f16e1c177775544094cef5c115ba743f_arm64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
A flaw was found in GO-JOSE. In affected versions, when parsing compact JWS or JWE input, Go JOSE could use excessive memory. The code uses strings.Split(token, ".") to split JWT tokens, which is vulnerable to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters. This issue could be exploied by sending numerous malformed tokens, leading to memory exhaustion and a Denial of Service.
7.5 (High)
Affected products
Fixed
34 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHOL-6.0:openshift-logging/cluster-logging-operator-bundle@sha256:04347c5ffe4381dfc2ec48cafa04b65cd85b732ab32c361a03acadc6b12486c5_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-6.0:openshift-logging/cluster-logging-rhel9-operator@sha256:0a35500c9b027f30669c6f410b468ee528972c18eea0f8783954979f444c28e5_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-6.0:openshift-logging/cluster-logging-rhel9-operator@sha256:6646e0c4534894aab3169a534326a8bfbee5d4c384bdd94434613e4044c8acc6_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-6.0:openshift-logging/cluster-logging-rhel9-operator@sha256:98f1e57da45eaaa9dbb54ccf52e50e23e7238de0b1065721a2f1041cc2404757_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-6.0:openshift-logging/cluster-logging-rhel9-operator@sha256:ff4bc240a5c840d16eb48db373fedafef5a7a2f1db0d90b296af054423789cf7_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-6.0:openshift-logging/eventrouter-rhel9@sha256:4672ce29ebd5f099aa2afeeae907e4693a7bc9f6cf0a9fa1e7527a12a17976f0_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-6.0:openshift-logging/eventrouter-rhel9@sha256:4f287a5ae842fc8b87ba0ac19dd9909ce0fb17b4f4b6c582621b559b55a9c0ae_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-6.0:openshift-logging/eventrouter-rhel9@sha256:6216957ee9e05152231a7816470003822ce706ed768bd9dbf15a7d42ceba0169_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-6.0:openshift-logging/eventrouter-rhel9@sha256:6fc3e68cc69f8ce6eb93244fc344260b48ac68794da1ce78aeb4fad606576789_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-6.0:openshift-logging/log-file-metric-exporter-rhel9@sha256:0bc239163627bd0b502d74072d5fd8f6606b222784d24963bcc6d104353221c8_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-6.0:openshift-logging/log-file-metric-exporter-rhel9@sha256:85164d3f02bdfcc8b1c545c8c8a8a775d6690de8bd27502d70fb686af0ceb53b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-6.0:openshift-logging/log-file-metric-exporter-rhel9@sha256:ba8ec092b2b26e83e30d78879196dd8d524ef6805abafa5be562e2b734676e68_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-6.0:openshift-logging/log-file-metric-exporter-rhel9@sha256:e5fdace6353f81300d3fbf57d89ec1ea5038afdb2120cb0c524ce61d65424e34_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-6.0:openshift-logging/logging-loki-rhel9@sha256:4c9aae2b3560cb6bc67ef536459ed04e30b0890e3b34c8fbbfaa7557b449bc44_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-6.0:openshift-logging/logging-loki-rhel9@sha256:75b744971db524a4b218e1f81395ac753d1c392f099b3ab79945809f8714728f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-6.0:openshift-logging/logging-loki-rhel9@sha256:ac504d165b83e047af9d8c2a49f136b13e466c43d2d9f679850b3a32f44d96f3_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-6.0:openshift-logging/logging-loki-rhel9@sha256:c48d43f0a1db7196656f8f71fed383248131117517566034f6e6e9cb67d86695_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-6.0:openshift-logging/loki-operator-bundle@sha256:47f6a0bc969c7039b027fcff8b8fc97ad88f54fc07efd839e98b95d660124d36_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-6.0:openshift-logging/loki-rhel9-operator@sha256:161fc8b97a1752329c7456a6e052b7bedb39a566bc0ba4b91a31a1360aabbaa8_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-6.0:openshift-logging/loki-rhel9-operator@sha256:7e5c29156bfbfe36ba9a3fae143d5bfd4a4cbd6b586183e0338b356e3ebec4f0_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-6.0:openshift-logging/loki-rhel9-operator@sha256:f6426dc70bc6bfce23a72163afb3229a28bbc340e1e5dbd42696534a6187b6eb_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-6.0:openshift-logging/loki-rhel9-operator@sha256:f9f2c7e18a194440964e889c99bffd704b260eee5e4202575dd341fea4ab23fd_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-6.0:openshift-logging/lokistack-gateway-rhel9@sha256:06322689631815e632be8ac68c784641801499b80c7f84ef65a6b6be7d87a85a_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-6.0:openshift-logging/lokistack-gateway-rhel9@sha256:55d833a3314752d84f5d8fecdec10e1ba933563991e444536aeae17b2e62c397_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-6.0:openshift-logging/lokistack-gateway-rhel9@sha256:57a6bf54011a5bbff66e9d3f76c619960ac02c2adce88ba84cb73266aaebab32_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-6.0:openshift-logging/lokistack-gateway-rhel9@sha256:8159842ddd7237c3710ce6a93338bd3647d53a6355989f614a2bc26e8ed81452_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-6.0:openshift-logging/opa-openshift-rhel9@sha256:89d23ee10b06a32e8424014a6bad13ec4cacc9458a22d829f1539462c8757624_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-6.0:openshift-logging/opa-openshift-rhel9@sha256:a88fbeca3dce34d749a433de069ac020acd6446be807abbeebb699fbf60e1849_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-6.0:openshift-logging/opa-openshift-rhel9@sha256:dcbc0f3616072607ef651100b2e9b5817c7ef03c507858bee27bc72a23eb7900_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-6.0:openshift-logging/opa-openshift-rhel9@sha256:f4209e2eb1cb3a197f64db4d08e8ef67937ce88a987c29391f3a6aa50e6c5606_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-6.0:openshift-logging/vector-rhel9@sha256:4544bf43eed07afab6f941b7f8fd56a635045eb3ac182bbd180d816a9fc10f76_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-6.0:openshift-logging/vector-rhel9@sha256:483bb4b32ff0932e96a5572a386ecb3e4c605cacfc515d7029f23f572d0e6254_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-6.0:openshift-logging/vector-rhel9@sha256:4e73489bf07ff3376c3947f769902acfc206c6f3ed00cfd7f724f4022be97b44_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-6.0:openshift-logging/vector-rhel9@sha256:9183e9614e3f963be71158dc75eee5d8f16e1c177775544094cef5c115ba743f_arm64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
References
21 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Logging for Red Hat OpenShift - 6.0.6",
"title": "Topic"
},
{
"category": "general",
"text": "Logging for Red Hat OpenShift - 6.0.6\n\nlokistack-gateway-container: Go JOSE\u0027s Parsing Vulnerable to Denial of Service (CVE-2025-27144)\nlogging-loki-container: Non-linear parsing of case-insensitive content in golang.org/x/net/html (CVE-2024-45338)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:3132",
"url": "https://access.redhat.com/errata/RHSA-2025:3132"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2333122",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2333122"
},
{
"category": "external",
"summary": "2347423",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2347423"
},
{
"category": "external",
"summary": "LOG-6759",
"url": "https://issues.redhat.com/browse/LOG-6759"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_3132.json"
}
],
"title": "Red Hat Security Advisory: Logging for Red Hat OpenShift - 6.0.6",
"tracking": {
"current_release_date": "2026-06-05T19:40:10+00:00",
"generator": {
"date": "2026-06-05T19:40:10+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.2"
}
},
"id": "RHSA-2025:3132",
"initial_release_date": "2025-03-26T17:34:00+00:00",
"revision_history": [
{
"date": "2025-03-26T17:34:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-03-26T17:34:00+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-05T19:40:10+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHOL 6.0 for RHEL 9",
"product": {
"name": "RHOL 6.0 for RHEL 9",
"product_id": "9Base-RHOL-6.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:logging:6.0::el9"
}
}
}
],
"category": "product_family",
"name": "logging for Red Hat OpenShift"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel9-operator@sha256:6646e0c4534894aab3169a534326a8bfbee5d4c384bdd94434613e4044c8acc6_amd64",
"product": {
"name": "openshift-logging/cluster-logging-rhel9-operator@sha256:6646e0c4534894aab3169a534326a8bfbee5d4c384bdd94434613e4044c8acc6_amd64",
"product_id": "openshift-logging/cluster-logging-rhel9-operator@sha256:6646e0c4534894aab3169a534326a8bfbee5d4c384bdd94434613e4044c8acc6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel9-operator@sha256:6646e0c4534894aab3169a534326a8bfbee5d4c384bdd94434613e4044c8acc6?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator\u0026tag=v6.0.6-4"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:04347c5ffe4381dfc2ec48cafa04b65cd85b732ab32c361a03acadc6b12486c5_amd64",
"product": {
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:04347c5ffe4381dfc2ec48cafa04b65cd85b732ab32c361a03acadc6b12486c5_amd64",
"product_id": "openshift-logging/cluster-logging-operator-bundle@sha256:04347c5ffe4381dfc2ec48cafa04b65cd85b732ab32c361a03acadc6b12486c5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-operator-bundle@sha256:04347c5ffe4381dfc2ec48cafa04b65cd85b732ab32c361a03acadc6b12486c5?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-operator-bundle\u0026tag=v6.0.6-8"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel9@sha256:ba8ec092b2b26e83e30d78879196dd8d524ef6805abafa5be562e2b734676e68_amd64",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel9@sha256:ba8ec092b2b26e83e30d78879196dd8d524ef6805abafa5be562e2b734676e68_amd64",
"product_id": "openshift-logging/log-file-metric-exporter-rhel9@sha256:ba8ec092b2b26e83e30d78879196dd8d524ef6805abafa5be562e2b734676e68_amd64",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel9@sha256:ba8ec092b2b26e83e30d78879196dd8d524ef6805abafa5be562e2b734676e68?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9\u0026tag=v1.1.0-338"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel9@sha256:6216957ee9e05152231a7816470003822ce706ed768bd9dbf15a7d42ceba0169_amd64",
"product": {
"name": "openshift-logging/eventrouter-rhel9@sha256:6216957ee9e05152231a7816470003822ce706ed768bd9dbf15a7d42ceba0169_amd64",
"product_id": "openshift-logging/eventrouter-rhel9@sha256:6216957ee9e05152231a7816470003822ce706ed768bd9dbf15a7d42ceba0169_amd64",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel9@sha256:6216957ee9e05152231a7816470003822ce706ed768bd9dbf15a7d42ceba0169?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel9\u0026tag=v0.4.0-357"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-loki-rhel9@sha256:4c9aae2b3560cb6bc67ef536459ed04e30b0890e3b34c8fbbfaa7557b449bc44_amd64",
"product": {
"name": "openshift-logging/logging-loki-rhel9@sha256:4c9aae2b3560cb6bc67ef536459ed04e30b0890e3b34c8fbbfaa7557b449bc44_amd64",
"product_id": "openshift-logging/logging-loki-rhel9@sha256:4c9aae2b3560cb6bc67ef536459ed04e30b0890e3b34c8fbbfaa7557b449bc44_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel9@sha256:4c9aae2b3560cb6bc67ef536459ed04e30b0890e3b34c8fbbfaa7557b449bc44?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel9\u0026tag=v3.4.2-7"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/vector-rhel9@sha256:4544bf43eed07afab6f941b7f8fd56a635045eb3ac182bbd180d816a9fc10f76_amd64",
"product": {
"name": "openshift-logging/vector-rhel9@sha256:4544bf43eed07afab6f941b7f8fd56a635045eb3ac182bbd180d816a9fc10f76_amd64",
"product_id": "openshift-logging/vector-rhel9@sha256:4544bf43eed07afab6f941b7f8fd56a635045eb3ac182bbd180d816a9fc10f76_amd64",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel9@sha256:4544bf43eed07afab6f941b7f8fd56a635045eb3ac182bbd180d816a9fc10f76?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel9\u0026tag=v0.37.1-35"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/loki-operator-bundle@sha256:47f6a0bc969c7039b027fcff8b8fc97ad88f54fc07efd839e98b95d660124d36_amd64",
"product": {
"name": "openshift-logging/loki-operator-bundle@sha256:47f6a0bc969c7039b027fcff8b8fc97ad88f54fc07efd839e98b95d660124d36_amd64",
"product_id": "openshift-logging/loki-operator-bundle@sha256:47f6a0bc969c7039b027fcff8b8fc97ad88f54fc07efd839e98b95d660124d36_amd64",
"product_identification_helper": {
"purl": "pkg:oci/loki-operator-bundle@sha256:47f6a0bc969c7039b027fcff8b8fc97ad88f54fc07efd839e98b95d660124d36?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/loki-operator-bundle\u0026tag=v6.0.6-10"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/loki-rhel9-operator@sha256:7e5c29156bfbfe36ba9a3fae143d5bfd4a4cbd6b586183e0338b356e3ebec4f0_amd64",
"product": {
"name": "openshift-logging/loki-rhel9-operator@sha256:7e5c29156bfbfe36ba9a3fae143d5bfd4a4cbd6b586183e0338b356e3ebec4f0_amd64",
"product_id": "openshift-logging/loki-rhel9-operator@sha256:7e5c29156bfbfe36ba9a3fae143d5bfd4a4cbd6b586183e0338b356e3ebec4f0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel9-operator@sha256:7e5c29156bfbfe36ba9a3fae143d5bfd4a4cbd6b586183e0338b356e3ebec4f0?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel9-operator\u0026tag=v6.0.6-6"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/lokistack-gateway-rhel9@sha256:55d833a3314752d84f5d8fecdec10e1ba933563991e444536aeae17b2e62c397_amd64",
"product": {
"name": "openshift-logging/lokistack-gateway-rhel9@sha256:55d833a3314752d84f5d8fecdec10e1ba933563991e444536aeae17b2e62c397_amd64",
"product_id": "openshift-logging/lokistack-gateway-rhel9@sha256:55d833a3314752d84f5d8fecdec10e1ba933563991e444536aeae17b2e62c397_amd64",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel9@sha256:55d833a3314752d84f5d8fecdec10e1ba933563991e444536aeae17b2e62c397?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel9\u0026tag=v0.1.0-753"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/opa-openshift-rhel9@sha256:dcbc0f3616072607ef651100b2e9b5817c7ef03c507858bee27bc72a23eb7900_amd64",
"product": {
"name": "openshift-logging/opa-openshift-rhel9@sha256:dcbc0f3616072607ef651100b2e9b5817c7ef03c507858bee27bc72a23eb7900_amd64",
"product_id": "openshift-logging/opa-openshift-rhel9@sha256:dcbc0f3616072607ef651100b2e9b5817c7ef03c507858bee27bc72a23eb7900_amd64",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel9@sha256:dcbc0f3616072607ef651100b2e9b5817c7ef03c507858bee27bc72a23eb7900?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel9\u0026tag=v0.1.0-370"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel9-operator@sha256:ff4bc240a5c840d16eb48db373fedafef5a7a2f1db0d90b296af054423789cf7_arm64",
"product": {
"name": "openshift-logging/cluster-logging-rhel9-operator@sha256:ff4bc240a5c840d16eb48db373fedafef5a7a2f1db0d90b296af054423789cf7_arm64",
"product_id": "openshift-logging/cluster-logging-rhel9-operator@sha256:ff4bc240a5c840d16eb48db373fedafef5a7a2f1db0d90b296af054423789cf7_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel9-operator@sha256:ff4bc240a5c840d16eb48db373fedafef5a7a2f1db0d90b296af054423789cf7?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator\u0026tag=v6.0.6-4"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel9@sha256:0bc239163627bd0b502d74072d5fd8f6606b222784d24963bcc6d104353221c8_arm64",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel9@sha256:0bc239163627bd0b502d74072d5fd8f6606b222784d24963bcc6d104353221c8_arm64",
"product_id": "openshift-logging/log-file-metric-exporter-rhel9@sha256:0bc239163627bd0b502d74072d5fd8f6606b222784d24963bcc6d104353221c8_arm64",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel9@sha256:0bc239163627bd0b502d74072d5fd8f6606b222784d24963bcc6d104353221c8?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9\u0026tag=v1.1.0-338"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel9@sha256:6fc3e68cc69f8ce6eb93244fc344260b48ac68794da1ce78aeb4fad606576789_arm64",
"product": {
"name": "openshift-logging/eventrouter-rhel9@sha256:6fc3e68cc69f8ce6eb93244fc344260b48ac68794da1ce78aeb4fad606576789_arm64",
"product_id": "openshift-logging/eventrouter-rhel9@sha256:6fc3e68cc69f8ce6eb93244fc344260b48ac68794da1ce78aeb4fad606576789_arm64",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel9@sha256:6fc3e68cc69f8ce6eb93244fc344260b48ac68794da1ce78aeb4fad606576789?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel9\u0026tag=v0.4.0-357"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-loki-rhel9@sha256:c48d43f0a1db7196656f8f71fed383248131117517566034f6e6e9cb67d86695_arm64",
"product": {
"name": "openshift-logging/logging-loki-rhel9@sha256:c48d43f0a1db7196656f8f71fed383248131117517566034f6e6e9cb67d86695_arm64",
"product_id": "openshift-logging/logging-loki-rhel9@sha256:c48d43f0a1db7196656f8f71fed383248131117517566034f6e6e9cb67d86695_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel9@sha256:c48d43f0a1db7196656f8f71fed383248131117517566034f6e6e9cb67d86695?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel9\u0026tag=v3.4.2-7"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/vector-rhel9@sha256:9183e9614e3f963be71158dc75eee5d8f16e1c177775544094cef5c115ba743f_arm64",
"product": {
"name": "openshift-logging/vector-rhel9@sha256:9183e9614e3f963be71158dc75eee5d8f16e1c177775544094cef5c115ba743f_arm64",
"product_id": "openshift-logging/vector-rhel9@sha256:9183e9614e3f963be71158dc75eee5d8f16e1c177775544094cef5c115ba743f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel9@sha256:9183e9614e3f963be71158dc75eee5d8f16e1c177775544094cef5c115ba743f?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel9\u0026tag=v0.37.1-35"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/loki-rhel9-operator@sha256:161fc8b97a1752329c7456a6e052b7bedb39a566bc0ba4b91a31a1360aabbaa8_arm64",
"product": {
"name": "openshift-logging/loki-rhel9-operator@sha256:161fc8b97a1752329c7456a6e052b7bedb39a566bc0ba4b91a31a1360aabbaa8_arm64",
"product_id": "openshift-logging/loki-rhel9-operator@sha256:161fc8b97a1752329c7456a6e052b7bedb39a566bc0ba4b91a31a1360aabbaa8_arm64",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel9-operator@sha256:161fc8b97a1752329c7456a6e052b7bedb39a566bc0ba4b91a31a1360aabbaa8?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel9-operator\u0026tag=v6.0.6-6"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/lokistack-gateway-rhel9@sha256:06322689631815e632be8ac68c784641801499b80c7f84ef65a6b6be7d87a85a_arm64",
"product": {
"name": "openshift-logging/lokistack-gateway-rhel9@sha256:06322689631815e632be8ac68c784641801499b80c7f84ef65a6b6be7d87a85a_arm64",
"product_id": "openshift-logging/lokistack-gateway-rhel9@sha256:06322689631815e632be8ac68c784641801499b80c7f84ef65a6b6be7d87a85a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel9@sha256:06322689631815e632be8ac68c784641801499b80c7f84ef65a6b6be7d87a85a?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel9\u0026tag=v0.1.0-753"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/opa-openshift-rhel9@sha256:f4209e2eb1cb3a197f64db4d08e8ef67937ce88a987c29391f3a6aa50e6c5606_arm64",
"product": {
"name": "openshift-logging/opa-openshift-rhel9@sha256:f4209e2eb1cb3a197f64db4d08e8ef67937ce88a987c29391f3a6aa50e6c5606_arm64",
"product_id": "openshift-logging/opa-openshift-rhel9@sha256:f4209e2eb1cb3a197f64db4d08e8ef67937ce88a987c29391f3a6aa50e6c5606_arm64",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel9@sha256:f4209e2eb1cb3a197f64db4d08e8ef67937ce88a987c29391f3a6aa50e6c5606?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel9\u0026tag=v0.1.0-370"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel9-operator@sha256:0a35500c9b027f30669c6f410b468ee528972c18eea0f8783954979f444c28e5_s390x",
"product": {
"name": "openshift-logging/cluster-logging-rhel9-operator@sha256:0a35500c9b027f30669c6f410b468ee528972c18eea0f8783954979f444c28e5_s390x",
"product_id": "openshift-logging/cluster-logging-rhel9-operator@sha256:0a35500c9b027f30669c6f410b468ee528972c18eea0f8783954979f444c28e5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel9-operator@sha256:0a35500c9b027f30669c6f410b468ee528972c18eea0f8783954979f444c28e5?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator\u0026tag=v6.0.6-4"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel9@sha256:85164d3f02bdfcc8b1c545c8c8a8a775d6690de8bd27502d70fb686af0ceb53b_s390x",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel9@sha256:85164d3f02bdfcc8b1c545c8c8a8a775d6690de8bd27502d70fb686af0ceb53b_s390x",
"product_id": "openshift-logging/log-file-metric-exporter-rhel9@sha256:85164d3f02bdfcc8b1c545c8c8a8a775d6690de8bd27502d70fb686af0ceb53b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel9@sha256:85164d3f02bdfcc8b1c545c8c8a8a775d6690de8bd27502d70fb686af0ceb53b?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9\u0026tag=v1.1.0-338"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel9@sha256:4672ce29ebd5f099aa2afeeae907e4693a7bc9f6cf0a9fa1e7527a12a17976f0_s390x",
"product": {
"name": "openshift-logging/eventrouter-rhel9@sha256:4672ce29ebd5f099aa2afeeae907e4693a7bc9f6cf0a9fa1e7527a12a17976f0_s390x",
"product_id": "openshift-logging/eventrouter-rhel9@sha256:4672ce29ebd5f099aa2afeeae907e4693a7bc9f6cf0a9fa1e7527a12a17976f0_s390x",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel9@sha256:4672ce29ebd5f099aa2afeeae907e4693a7bc9f6cf0a9fa1e7527a12a17976f0?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel9\u0026tag=v0.4.0-357"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-loki-rhel9@sha256:ac504d165b83e047af9d8c2a49f136b13e466c43d2d9f679850b3a32f44d96f3_s390x",
"product": {
"name": "openshift-logging/logging-loki-rhel9@sha256:ac504d165b83e047af9d8c2a49f136b13e466c43d2d9f679850b3a32f44d96f3_s390x",
"product_id": "openshift-logging/logging-loki-rhel9@sha256:ac504d165b83e047af9d8c2a49f136b13e466c43d2d9f679850b3a32f44d96f3_s390x",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel9@sha256:ac504d165b83e047af9d8c2a49f136b13e466c43d2d9f679850b3a32f44d96f3?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel9\u0026tag=v3.4.2-7"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/vector-rhel9@sha256:483bb4b32ff0932e96a5572a386ecb3e4c605cacfc515d7029f23f572d0e6254_s390x",
"product": {
"name": "openshift-logging/vector-rhel9@sha256:483bb4b32ff0932e96a5572a386ecb3e4c605cacfc515d7029f23f572d0e6254_s390x",
"product_id": "openshift-logging/vector-rhel9@sha256:483bb4b32ff0932e96a5572a386ecb3e4c605cacfc515d7029f23f572d0e6254_s390x",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel9@sha256:483bb4b32ff0932e96a5572a386ecb3e4c605cacfc515d7029f23f572d0e6254?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel9\u0026tag=v0.37.1-35"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/loki-rhel9-operator@sha256:f6426dc70bc6bfce23a72163afb3229a28bbc340e1e5dbd42696534a6187b6eb_s390x",
"product": {
"name": "openshift-logging/loki-rhel9-operator@sha256:f6426dc70bc6bfce23a72163afb3229a28bbc340e1e5dbd42696534a6187b6eb_s390x",
"product_id": "openshift-logging/loki-rhel9-operator@sha256:f6426dc70bc6bfce23a72163afb3229a28bbc340e1e5dbd42696534a6187b6eb_s390x",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel9-operator@sha256:f6426dc70bc6bfce23a72163afb3229a28bbc340e1e5dbd42696534a6187b6eb?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel9-operator\u0026tag=v6.0.6-6"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/lokistack-gateway-rhel9@sha256:8159842ddd7237c3710ce6a93338bd3647d53a6355989f614a2bc26e8ed81452_s390x",
"product": {
"name": "openshift-logging/lokistack-gateway-rhel9@sha256:8159842ddd7237c3710ce6a93338bd3647d53a6355989f614a2bc26e8ed81452_s390x",
"product_id": "openshift-logging/lokistack-gateway-rhel9@sha256:8159842ddd7237c3710ce6a93338bd3647d53a6355989f614a2bc26e8ed81452_s390x",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel9@sha256:8159842ddd7237c3710ce6a93338bd3647d53a6355989f614a2bc26e8ed81452?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel9\u0026tag=v0.1.0-753"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/opa-openshift-rhel9@sha256:89d23ee10b06a32e8424014a6bad13ec4cacc9458a22d829f1539462c8757624_s390x",
"product": {
"name": "openshift-logging/opa-openshift-rhel9@sha256:89d23ee10b06a32e8424014a6bad13ec4cacc9458a22d829f1539462c8757624_s390x",
"product_id": "openshift-logging/opa-openshift-rhel9@sha256:89d23ee10b06a32e8424014a6bad13ec4cacc9458a22d829f1539462c8757624_s390x",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel9@sha256:89d23ee10b06a32e8424014a6bad13ec4cacc9458a22d829f1539462c8757624?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel9\u0026tag=v0.1.0-370"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel9-operator@sha256:98f1e57da45eaaa9dbb54ccf52e50e23e7238de0b1065721a2f1041cc2404757_ppc64le",
"product": {
"name": "openshift-logging/cluster-logging-rhel9-operator@sha256:98f1e57da45eaaa9dbb54ccf52e50e23e7238de0b1065721a2f1041cc2404757_ppc64le",
"product_id": "openshift-logging/cluster-logging-rhel9-operator@sha256:98f1e57da45eaaa9dbb54ccf52e50e23e7238de0b1065721a2f1041cc2404757_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel9-operator@sha256:98f1e57da45eaaa9dbb54ccf52e50e23e7238de0b1065721a2f1041cc2404757?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator\u0026tag=v6.0.6-4"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel9@sha256:e5fdace6353f81300d3fbf57d89ec1ea5038afdb2120cb0c524ce61d65424e34_ppc64le",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel9@sha256:e5fdace6353f81300d3fbf57d89ec1ea5038afdb2120cb0c524ce61d65424e34_ppc64le",
"product_id": "openshift-logging/log-file-metric-exporter-rhel9@sha256:e5fdace6353f81300d3fbf57d89ec1ea5038afdb2120cb0c524ce61d65424e34_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel9@sha256:e5fdace6353f81300d3fbf57d89ec1ea5038afdb2120cb0c524ce61d65424e34?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9\u0026tag=v1.1.0-338"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel9@sha256:4f287a5ae842fc8b87ba0ac19dd9909ce0fb17b4f4b6c582621b559b55a9c0ae_ppc64le",
"product": {
"name": "openshift-logging/eventrouter-rhel9@sha256:4f287a5ae842fc8b87ba0ac19dd9909ce0fb17b4f4b6c582621b559b55a9c0ae_ppc64le",
"product_id": "openshift-logging/eventrouter-rhel9@sha256:4f287a5ae842fc8b87ba0ac19dd9909ce0fb17b4f4b6c582621b559b55a9c0ae_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel9@sha256:4f287a5ae842fc8b87ba0ac19dd9909ce0fb17b4f4b6c582621b559b55a9c0ae?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel9\u0026tag=v0.4.0-357"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-loki-rhel9@sha256:75b744971db524a4b218e1f81395ac753d1c392f099b3ab79945809f8714728f_ppc64le",
"product": {
"name": "openshift-logging/logging-loki-rhel9@sha256:75b744971db524a4b218e1f81395ac753d1c392f099b3ab79945809f8714728f_ppc64le",
"product_id": "openshift-logging/logging-loki-rhel9@sha256:75b744971db524a4b218e1f81395ac753d1c392f099b3ab79945809f8714728f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel9@sha256:75b744971db524a4b218e1f81395ac753d1c392f099b3ab79945809f8714728f?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel9\u0026tag=v3.4.2-7"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/vector-rhel9@sha256:4e73489bf07ff3376c3947f769902acfc206c6f3ed00cfd7f724f4022be97b44_ppc64le",
"product": {
"name": "openshift-logging/vector-rhel9@sha256:4e73489bf07ff3376c3947f769902acfc206c6f3ed00cfd7f724f4022be97b44_ppc64le",
"product_id": "openshift-logging/vector-rhel9@sha256:4e73489bf07ff3376c3947f769902acfc206c6f3ed00cfd7f724f4022be97b44_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel9@sha256:4e73489bf07ff3376c3947f769902acfc206c6f3ed00cfd7f724f4022be97b44?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel9\u0026tag=v0.37.1-35"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/loki-rhel9-operator@sha256:f9f2c7e18a194440964e889c99bffd704b260eee5e4202575dd341fea4ab23fd_ppc64le",
"product": {
"name": "openshift-logging/loki-rhel9-operator@sha256:f9f2c7e18a194440964e889c99bffd704b260eee5e4202575dd341fea4ab23fd_ppc64le",
"product_id": "openshift-logging/loki-rhel9-operator@sha256:f9f2c7e18a194440964e889c99bffd704b260eee5e4202575dd341fea4ab23fd_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel9-operator@sha256:f9f2c7e18a194440964e889c99bffd704b260eee5e4202575dd341fea4ab23fd?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel9-operator\u0026tag=v6.0.6-6"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/lokistack-gateway-rhel9@sha256:57a6bf54011a5bbff66e9d3f76c619960ac02c2adce88ba84cb73266aaebab32_ppc64le",
"product": {
"name": "openshift-logging/lokistack-gateway-rhel9@sha256:57a6bf54011a5bbff66e9d3f76c619960ac02c2adce88ba84cb73266aaebab32_ppc64le",
"product_id": "openshift-logging/lokistack-gateway-rhel9@sha256:57a6bf54011a5bbff66e9d3f76c619960ac02c2adce88ba84cb73266aaebab32_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel9@sha256:57a6bf54011a5bbff66e9d3f76c619960ac02c2adce88ba84cb73266aaebab32?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel9\u0026tag=v0.1.0-753"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/opa-openshift-rhel9@sha256:a88fbeca3dce34d749a433de069ac020acd6446be807abbeebb699fbf60e1849_ppc64le",
"product": {
"name": "openshift-logging/opa-openshift-rhel9@sha256:a88fbeca3dce34d749a433de069ac020acd6446be807abbeebb699fbf60e1849_ppc64le",
"product_id": "openshift-logging/opa-openshift-rhel9@sha256:a88fbeca3dce34d749a433de069ac020acd6446be807abbeebb699fbf60e1849_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel9@sha256:a88fbeca3dce34d749a433de069ac020acd6446be807abbeebb699fbf60e1849?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel9\u0026tag=v0.1.0-370"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:04347c5ffe4381dfc2ec48cafa04b65cd85b732ab32c361a03acadc6b12486c5_amd64 as a component of RHOL 6.0 for RHEL 9",
"product_id": "9Base-RHOL-6.0:openshift-logging/cluster-logging-operator-bundle@sha256:04347c5ffe4381dfc2ec48cafa04b65cd85b732ab32c361a03acadc6b12486c5_amd64"
},
"product_reference": "openshift-logging/cluster-logging-operator-bundle@sha256:04347c5ffe4381dfc2ec48cafa04b65cd85b732ab32c361a03acadc6b12486c5_amd64",
"relates_to_product_reference": "9Base-RHOL-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel9-operator@sha256:0a35500c9b027f30669c6f410b468ee528972c18eea0f8783954979f444c28e5_s390x as a component of RHOL 6.0 for RHEL 9",
"product_id": "9Base-RHOL-6.0:openshift-logging/cluster-logging-rhel9-operator@sha256:0a35500c9b027f30669c6f410b468ee528972c18eea0f8783954979f444c28e5_s390x"
},
"product_reference": "openshift-logging/cluster-logging-rhel9-operator@sha256:0a35500c9b027f30669c6f410b468ee528972c18eea0f8783954979f444c28e5_s390x",
"relates_to_product_reference": "9Base-RHOL-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel9-operator@sha256:6646e0c4534894aab3169a534326a8bfbee5d4c384bdd94434613e4044c8acc6_amd64 as a component of RHOL 6.0 for RHEL 9",
"product_id": "9Base-RHOL-6.0:openshift-logging/cluster-logging-rhel9-operator@sha256:6646e0c4534894aab3169a534326a8bfbee5d4c384bdd94434613e4044c8acc6_amd64"
},
"product_reference": "openshift-logging/cluster-logging-rhel9-operator@sha256:6646e0c4534894aab3169a534326a8bfbee5d4c384bdd94434613e4044c8acc6_amd64",
"relates_to_product_reference": "9Base-RHOL-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel9-operator@sha256:98f1e57da45eaaa9dbb54ccf52e50e23e7238de0b1065721a2f1041cc2404757_ppc64le as a component of RHOL 6.0 for RHEL 9",
"product_id": "9Base-RHOL-6.0:openshift-logging/cluster-logging-rhel9-operator@sha256:98f1e57da45eaaa9dbb54ccf52e50e23e7238de0b1065721a2f1041cc2404757_ppc64le"
},
"product_reference": "openshift-logging/cluster-logging-rhel9-operator@sha256:98f1e57da45eaaa9dbb54ccf52e50e23e7238de0b1065721a2f1041cc2404757_ppc64le",
"relates_to_product_reference": "9Base-RHOL-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel9-operator@sha256:ff4bc240a5c840d16eb48db373fedafef5a7a2f1db0d90b296af054423789cf7_arm64 as a component of RHOL 6.0 for RHEL 9",
"product_id": "9Base-RHOL-6.0:openshift-logging/cluster-logging-rhel9-operator@sha256:ff4bc240a5c840d16eb48db373fedafef5a7a2f1db0d90b296af054423789cf7_arm64"
},
"product_reference": "openshift-logging/cluster-logging-rhel9-operator@sha256:ff4bc240a5c840d16eb48db373fedafef5a7a2f1db0d90b296af054423789cf7_arm64",
"relates_to_product_reference": "9Base-RHOL-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel9@sha256:4672ce29ebd5f099aa2afeeae907e4693a7bc9f6cf0a9fa1e7527a12a17976f0_s390x as a component of RHOL 6.0 for RHEL 9",
"product_id": "9Base-RHOL-6.0:openshift-logging/eventrouter-rhel9@sha256:4672ce29ebd5f099aa2afeeae907e4693a7bc9f6cf0a9fa1e7527a12a17976f0_s390x"
},
"product_reference": "openshift-logging/eventrouter-rhel9@sha256:4672ce29ebd5f099aa2afeeae907e4693a7bc9f6cf0a9fa1e7527a12a17976f0_s390x",
"relates_to_product_reference": "9Base-RHOL-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel9@sha256:4f287a5ae842fc8b87ba0ac19dd9909ce0fb17b4f4b6c582621b559b55a9c0ae_ppc64le as a component of RHOL 6.0 for RHEL 9",
"product_id": "9Base-RHOL-6.0:openshift-logging/eventrouter-rhel9@sha256:4f287a5ae842fc8b87ba0ac19dd9909ce0fb17b4f4b6c582621b559b55a9c0ae_ppc64le"
},
"product_reference": "openshift-logging/eventrouter-rhel9@sha256:4f287a5ae842fc8b87ba0ac19dd9909ce0fb17b4f4b6c582621b559b55a9c0ae_ppc64le",
"relates_to_product_reference": "9Base-RHOL-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel9@sha256:6216957ee9e05152231a7816470003822ce706ed768bd9dbf15a7d42ceba0169_amd64 as a component of RHOL 6.0 for RHEL 9",
"product_id": "9Base-RHOL-6.0:openshift-logging/eventrouter-rhel9@sha256:6216957ee9e05152231a7816470003822ce706ed768bd9dbf15a7d42ceba0169_amd64"
},
"product_reference": "openshift-logging/eventrouter-rhel9@sha256:6216957ee9e05152231a7816470003822ce706ed768bd9dbf15a7d42ceba0169_amd64",
"relates_to_product_reference": "9Base-RHOL-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel9@sha256:6fc3e68cc69f8ce6eb93244fc344260b48ac68794da1ce78aeb4fad606576789_arm64 as a component of RHOL 6.0 for RHEL 9",
"product_id": "9Base-RHOL-6.0:openshift-logging/eventrouter-rhel9@sha256:6fc3e68cc69f8ce6eb93244fc344260b48ac68794da1ce78aeb4fad606576789_arm64"
},
"product_reference": "openshift-logging/eventrouter-rhel9@sha256:6fc3e68cc69f8ce6eb93244fc344260b48ac68794da1ce78aeb4fad606576789_arm64",
"relates_to_product_reference": "9Base-RHOL-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel9@sha256:0bc239163627bd0b502d74072d5fd8f6606b222784d24963bcc6d104353221c8_arm64 as a component of RHOL 6.0 for RHEL 9",
"product_id": "9Base-RHOL-6.0:openshift-logging/log-file-metric-exporter-rhel9@sha256:0bc239163627bd0b502d74072d5fd8f6606b222784d24963bcc6d104353221c8_arm64"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel9@sha256:0bc239163627bd0b502d74072d5fd8f6606b222784d24963bcc6d104353221c8_arm64",
"relates_to_product_reference": "9Base-RHOL-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel9@sha256:85164d3f02bdfcc8b1c545c8c8a8a775d6690de8bd27502d70fb686af0ceb53b_s390x as a component of RHOL 6.0 for RHEL 9",
"product_id": "9Base-RHOL-6.0:openshift-logging/log-file-metric-exporter-rhel9@sha256:85164d3f02bdfcc8b1c545c8c8a8a775d6690de8bd27502d70fb686af0ceb53b_s390x"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel9@sha256:85164d3f02bdfcc8b1c545c8c8a8a775d6690de8bd27502d70fb686af0ceb53b_s390x",
"relates_to_product_reference": "9Base-RHOL-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel9@sha256:ba8ec092b2b26e83e30d78879196dd8d524ef6805abafa5be562e2b734676e68_amd64 as a component of RHOL 6.0 for RHEL 9",
"product_id": "9Base-RHOL-6.0:openshift-logging/log-file-metric-exporter-rhel9@sha256:ba8ec092b2b26e83e30d78879196dd8d524ef6805abafa5be562e2b734676e68_amd64"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel9@sha256:ba8ec092b2b26e83e30d78879196dd8d524ef6805abafa5be562e2b734676e68_amd64",
"relates_to_product_reference": "9Base-RHOL-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel9@sha256:e5fdace6353f81300d3fbf57d89ec1ea5038afdb2120cb0c524ce61d65424e34_ppc64le as a component of RHOL 6.0 for RHEL 9",
"product_id": "9Base-RHOL-6.0:openshift-logging/log-file-metric-exporter-rhel9@sha256:e5fdace6353f81300d3fbf57d89ec1ea5038afdb2120cb0c524ce61d65424e34_ppc64le"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel9@sha256:e5fdace6353f81300d3fbf57d89ec1ea5038afdb2120cb0c524ce61d65424e34_ppc64le",
"relates_to_product_reference": "9Base-RHOL-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-loki-rhel9@sha256:4c9aae2b3560cb6bc67ef536459ed04e30b0890e3b34c8fbbfaa7557b449bc44_amd64 as a component of RHOL 6.0 for RHEL 9",
"product_id": "9Base-RHOL-6.0:openshift-logging/logging-loki-rhel9@sha256:4c9aae2b3560cb6bc67ef536459ed04e30b0890e3b34c8fbbfaa7557b449bc44_amd64"
},
"product_reference": "openshift-logging/logging-loki-rhel9@sha256:4c9aae2b3560cb6bc67ef536459ed04e30b0890e3b34c8fbbfaa7557b449bc44_amd64",
"relates_to_product_reference": "9Base-RHOL-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-loki-rhel9@sha256:75b744971db524a4b218e1f81395ac753d1c392f099b3ab79945809f8714728f_ppc64le as a component of RHOL 6.0 for RHEL 9",
"product_id": "9Base-RHOL-6.0:openshift-logging/logging-loki-rhel9@sha256:75b744971db524a4b218e1f81395ac753d1c392f099b3ab79945809f8714728f_ppc64le"
},
"product_reference": "openshift-logging/logging-loki-rhel9@sha256:75b744971db524a4b218e1f81395ac753d1c392f099b3ab79945809f8714728f_ppc64le",
"relates_to_product_reference": "9Base-RHOL-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-loki-rhel9@sha256:ac504d165b83e047af9d8c2a49f136b13e466c43d2d9f679850b3a32f44d96f3_s390x as a component of RHOL 6.0 for RHEL 9",
"product_id": "9Base-RHOL-6.0:openshift-logging/logging-loki-rhel9@sha256:ac504d165b83e047af9d8c2a49f136b13e466c43d2d9f679850b3a32f44d96f3_s390x"
},
"product_reference": "openshift-logging/logging-loki-rhel9@sha256:ac504d165b83e047af9d8c2a49f136b13e466c43d2d9f679850b3a32f44d96f3_s390x",
"relates_to_product_reference": "9Base-RHOL-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-loki-rhel9@sha256:c48d43f0a1db7196656f8f71fed383248131117517566034f6e6e9cb67d86695_arm64 as a component of RHOL 6.0 for RHEL 9",
"product_id": "9Base-RHOL-6.0:openshift-logging/logging-loki-rhel9@sha256:c48d43f0a1db7196656f8f71fed383248131117517566034f6e6e9cb67d86695_arm64"
},
"product_reference": "openshift-logging/logging-loki-rhel9@sha256:c48d43f0a1db7196656f8f71fed383248131117517566034f6e6e9cb67d86695_arm64",
"relates_to_product_reference": "9Base-RHOL-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/loki-operator-bundle@sha256:47f6a0bc969c7039b027fcff8b8fc97ad88f54fc07efd839e98b95d660124d36_amd64 as a component of RHOL 6.0 for RHEL 9",
"product_id": "9Base-RHOL-6.0:openshift-logging/loki-operator-bundle@sha256:47f6a0bc969c7039b027fcff8b8fc97ad88f54fc07efd839e98b95d660124d36_amd64"
},
"product_reference": "openshift-logging/loki-operator-bundle@sha256:47f6a0bc969c7039b027fcff8b8fc97ad88f54fc07efd839e98b95d660124d36_amd64",
"relates_to_product_reference": "9Base-RHOL-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/loki-rhel9-operator@sha256:161fc8b97a1752329c7456a6e052b7bedb39a566bc0ba4b91a31a1360aabbaa8_arm64 as a component of RHOL 6.0 for RHEL 9",
"product_id": "9Base-RHOL-6.0:openshift-logging/loki-rhel9-operator@sha256:161fc8b97a1752329c7456a6e052b7bedb39a566bc0ba4b91a31a1360aabbaa8_arm64"
},
"product_reference": "openshift-logging/loki-rhel9-operator@sha256:161fc8b97a1752329c7456a6e052b7bedb39a566bc0ba4b91a31a1360aabbaa8_arm64",
"relates_to_product_reference": "9Base-RHOL-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/loki-rhel9-operator@sha256:7e5c29156bfbfe36ba9a3fae143d5bfd4a4cbd6b586183e0338b356e3ebec4f0_amd64 as a component of RHOL 6.0 for RHEL 9",
"product_id": "9Base-RHOL-6.0:openshift-logging/loki-rhel9-operator@sha256:7e5c29156bfbfe36ba9a3fae143d5bfd4a4cbd6b586183e0338b356e3ebec4f0_amd64"
},
"product_reference": "openshift-logging/loki-rhel9-operator@sha256:7e5c29156bfbfe36ba9a3fae143d5bfd4a4cbd6b586183e0338b356e3ebec4f0_amd64",
"relates_to_product_reference": "9Base-RHOL-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/loki-rhel9-operator@sha256:f6426dc70bc6bfce23a72163afb3229a28bbc340e1e5dbd42696534a6187b6eb_s390x as a component of RHOL 6.0 for RHEL 9",
"product_id": "9Base-RHOL-6.0:openshift-logging/loki-rhel9-operator@sha256:f6426dc70bc6bfce23a72163afb3229a28bbc340e1e5dbd42696534a6187b6eb_s390x"
},
"product_reference": "openshift-logging/loki-rhel9-operator@sha256:f6426dc70bc6bfce23a72163afb3229a28bbc340e1e5dbd42696534a6187b6eb_s390x",
"relates_to_product_reference": "9Base-RHOL-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/loki-rhel9-operator@sha256:f9f2c7e18a194440964e889c99bffd704b260eee5e4202575dd341fea4ab23fd_ppc64le as a component of RHOL 6.0 for RHEL 9",
"product_id": "9Base-RHOL-6.0:openshift-logging/loki-rhel9-operator@sha256:f9f2c7e18a194440964e889c99bffd704b260eee5e4202575dd341fea4ab23fd_ppc64le"
},
"product_reference": "openshift-logging/loki-rhel9-operator@sha256:f9f2c7e18a194440964e889c99bffd704b260eee5e4202575dd341fea4ab23fd_ppc64le",
"relates_to_product_reference": "9Base-RHOL-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/lokistack-gateway-rhel9@sha256:06322689631815e632be8ac68c784641801499b80c7f84ef65a6b6be7d87a85a_arm64 as a component of RHOL 6.0 for RHEL 9",
"product_id": "9Base-RHOL-6.0:openshift-logging/lokistack-gateway-rhel9@sha256:06322689631815e632be8ac68c784641801499b80c7f84ef65a6b6be7d87a85a_arm64"
},
"product_reference": "openshift-logging/lokistack-gateway-rhel9@sha256:06322689631815e632be8ac68c784641801499b80c7f84ef65a6b6be7d87a85a_arm64",
"relates_to_product_reference": "9Base-RHOL-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/lokistack-gateway-rhel9@sha256:55d833a3314752d84f5d8fecdec10e1ba933563991e444536aeae17b2e62c397_amd64 as a component of RHOL 6.0 for RHEL 9",
"product_id": "9Base-RHOL-6.0:openshift-logging/lokistack-gateway-rhel9@sha256:55d833a3314752d84f5d8fecdec10e1ba933563991e444536aeae17b2e62c397_amd64"
},
"product_reference": "openshift-logging/lokistack-gateway-rhel9@sha256:55d833a3314752d84f5d8fecdec10e1ba933563991e444536aeae17b2e62c397_amd64",
"relates_to_product_reference": "9Base-RHOL-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/lokistack-gateway-rhel9@sha256:57a6bf54011a5bbff66e9d3f76c619960ac02c2adce88ba84cb73266aaebab32_ppc64le as a component of RHOL 6.0 for RHEL 9",
"product_id": "9Base-RHOL-6.0:openshift-logging/lokistack-gateway-rhel9@sha256:57a6bf54011a5bbff66e9d3f76c619960ac02c2adce88ba84cb73266aaebab32_ppc64le"
},
"product_reference": "openshift-logging/lokistack-gateway-rhel9@sha256:57a6bf54011a5bbff66e9d3f76c619960ac02c2adce88ba84cb73266aaebab32_ppc64le",
"relates_to_product_reference": "9Base-RHOL-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/lokistack-gateway-rhel9@sha256:8159842ddd7237c3710ce6a93338bd3647d53a6355989f614a2bc26e8ed81452_s390x as a component of RHOL 6.0 for RHEL 9",
"product_id": "9Base-RHOL-6.0:openshift-logging/lokistack-gateway-rhel9@sha256:8159842ddd7237c3710ce6a93338bd3647d53a6355989f614a2bc26e8ed81452_s390x"
},
"product_reference": "openshift-logging/lokistack-gateway-rhel9@sha256:8159842ddd7237c3710ce6a93338bd3647d53a6355989f614a2bc26e8ed81452_s390x",
"relates_to_product_reference": "9Base-RHOL-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/opa-openshift-rhel9@sha256:89d23ee10b06a32e8424014a6bad13ec4cacc9458a22d829f1539462c8757624_s390x as a component of RHOL 6.0 for RHEL 9",
"product_id": "9Base-RHOL-6.0:openshift-logging/opa-openshift-rhel9@sha256:89d23ee10b06a32e8424014a6bad13ec4cacc9458a22d829f1539462c8757624_s390x"
},
"product_reference": "openshift-logging/opa-openshift-rhel9@sha256:89d23ee10b06a32e8424014a6bad13ec4cacc9458a22d829f1539462c8757624_s390x",
"relates_to_product_reference": "9Base-RHOL-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/opa-openshift-rhel9@sha256:a88fbeca3dce34d749a433de069ac020acd6446be807abbeebb699fbf60e1849_ppc64le as a component of RHOL 6.0 for RHEL 9",
"product_id": "9Base-RHOL-6.0:openshift-logging/opa-openshift-rhel9@sha256:a88fbeca3dce34d749a433de069ac020acd6446be807abbeebb699fbf60e1849_ppc64le"
},
"product_reference": "openshift-logging/opa-openshift-rhel9@sha256:a88fbeca3dce34d749a433de069ac020acd6446be807abbeebb699fbf60e1849_ppc64le",
"relates_to_product_reference": "9Base-RHOL-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/opa-openshift-rhel9@sha256:dcbc0f3616072607ef651100b2e9b5817c7ef03c507858bee27bc72a23eb7900_amd64 as a component of RHOL 6.0 for RHEL 9",
"product_id": "9Base-RHOL-6.0:openshift-logging/opa-openshift-rhel9@sha256:dcbc0f3616072607ef651100b2e9b5817c7ef03c507858bee27bc72a23eb7900_amd64"
},
"product_reference": "openshift-logging/opa-openshift-rhel9@sha256:dcbc0f3616072607ef651100b2e9b5817c7ef03c507858bee27bc72a23eb7900_amd64",
"relates_to_product_reference": "9Base-RHOL-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/opa-openshift-rhel9@sha256:f4209e2eb1cb3a197f64db4d08e8ef67937ce88a987c29391f3a6aa50e6c5606_arm64 as a component of RHOL 6.0 for RHEL 9",
"product_id": "9Base-RHOL-6.0:openshift-logging/opa-openshift-rhel9@sha256:f4209e2eb1cb3a197f64db4d08e8ef67937ce88a987c29391f3a6aa50e6c5606_arm64"
},
"product_reference": "openshift-logging/opa-openshift-rhel9@sha256:f4209e2eb1cb3a197f64db4d08e8ef67937ce88a987c29391f3a6aa50e6c5606_arm64",
"relates_to_product_reference": "9Base-RHOL-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/vector-rhel9@sha256:4544bf43eed07afab6f941b7f8fd56a635045eb3ac182bbd180d816a9fc10f76_amd64 as a component of RHOL 6.0 for RHEL 9",
"product_id": "9Base-RHOL-6.0:openshift-logging/vector-rhel9@sha256:4544bf43eed07afab6f941b7f8fd56a635045eb3ac182bbd180d816a9fc10f76_amd64"
},
"product_reference": "openshift-logging/vector-rhel9@sha256:4544bf43eed07afab6f941b7f8fd56a635045eb3ac182bbd180d816a9fc10f76_amd64",
"relates_to_product_reference": "9Base-RHOL-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/vector-rhel9@sha256:483bb4b32ff0932e96a5572a386ecb3e4c605cacfc515d7029f23f572d0e6254_s390x as a component of RHOL 6.0 for RHEL 9",
"product_id": "9Base-RHOL-6.0:openshift-logging/vector-rhel9@sha256:483bb4b32ff0932e96a5572a386ecb3e4c605cacfc515d7029f23f572d0e6254_s390x"
},
"product_reference": "openshift-logging/vector-rhel9@sha256:483bb4b32ff0932e96a5572a386ecb3e4c605cacfc515d7029f23f572d0e6254_s390x",
"relates_to_product_reference": "9Base-RHOL-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/vector-rhel9@sha256:4e73489bf07ff3376c3947f769902acfc206c6f3ed00cfd7f724f4022be97b44_ppc64le as a component of RHOL 6.0 for RHEL 9",
"product_id": "9Base-RHOL-6.0:openshift-logging/vector-rhel9@sha256:4e73489bf07ff3376c3947f769902acfc206c6f3ed00cfd7f724f4022be97b44_ppc64le"
},
"product_reference": "openshift-logging/vector-rhel9@sha256:4e73489bf07ff3376c3947f769902acfc206c6f3ed00cfd7f724f4022be97b44_ppc64le",
"relates_to_product_reference": "9Base-RHOL-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/vector-rhel9@sha256:9183e9614e3f963be71158dc75eee5d8f16e1c177775544094cef5c115ba743f_arm64 as a component of RHOL 6.0 for RHEL 9",
"product_id": "9Base-RHOL-6.0:openshift-logging/vector-rhel9@sha256:9183e9614e3f963be71158dc75eee5d8f16e1c177775544094cef5c115ba743f_arm64"
},
"product_reference": "openshift-logging/vector-rhel9@sha256:9183e9614e3f963be71158dc75eee5d8f16e1c177775544094cef5c115ba743f_arm64",
"relates_to_product_reference": "9Base-RHOL-6.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-45338",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2024-12-18T21:00:59.938173+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2333122"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/net/html. This flaw allows an attacker to craft input to the parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This issue can cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as an Important severity because an attacker can craft malicious input that causes the parsing functions to process data non-linearly, resulting in significant delays which leads to a denial of service by exhausting system resources.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOL-6.0:openshift-logging/cluster-logging-operator-bundle@sha256:04347c5ffe4381dfc2ec48cafa04b65cd85b732ab32c361a03acadc6b12486c5_amd64",
"9Base-RHOL-6.0:openshift-logging/cluster-logging-rhel9-operator@sha256:0a35500c9b027f30669c6f410b468ee528972c18eea0f8783954979f444c28e5_s390x",
"9Base-RHOL-6.0:openshift-logging/cluster-logging-rhel9-operator@sha256:6646e0c4534894aab3169a534326a8bfbee5d4c384bdd94434613e4044c8acc6_amd64",
"9Base-RHOL-6.0:openshift-logging/cluster-logging-rhel9-operator@sha256:98f1e57da45eaaa9dbb54ccf52e50e23e7238de0b1065721a2f1041cc2404757_ppc64le",
"9Base-RHOL-6.0:openshift-logging/cluster-logging-rhel9-operator@sha256:ff4bc240a5c840d16eb48db373fedafef5a7a2f1db0d90b296af054423789cf7_arm64",
"9Base-RHOL-6.0:openshift-logging/eventrouter-rhel9@sha256:4672ce29ebd5f099aa2afeeae907e4693a7bc9f6cf0a9fa1e7527a12a17976f0_s390x",
"9Base-RHOL-6.0:openshift-logging/eventrouter-rhel9@sha256:4f287a5ae842fc8b87ba0ac19dd9909ce0fb17b4f4b6c582621b559b55a9c0ae_ppc64le",
"9Base-RHOL-6.0:openshift-logging/eventrouter-rhel9@sha256:6216957ee9e05152231a7816470003822ce706ed768bd9dbf15a7d42ceba0169_amd64",
"9Base-RHOL-6.0:openshift-logging/eventrouter-rhel9@sha256:6fc3e68cc69f8ce6eb93244fc344260b48ac68794da1ce78aeb4fad606576789_arm64",
"9Base-RHOL-6.0:openshift-logging/log-file-metric-exporter-rhel9@sha256:0bc239163627bd0b502d74072d5fd8f6606b222784d24963bcc6d104353221c8_arm64",
"9Base-RHOL-6.0:openshift-logging/log-file-metric-exporter-rhel9@sha256:85164d3f02bdfcc8b1c545c8c8a8a775d6690de8bd27502d70fb686af0ceb53b_s390x",
"9Base-RHOL-6.0:openshift-logging/log-file-metric-exporter-rhel9@sha256:ba8ec092b2b26e83e30d78879196dd8d524ef6805abafa5be562e2b734676e68_amd64",
"9Base-RHOL-6.0:openshift-logging/log-file-metric-exporter-rhel9@sha256:e5fdace6353f81300d3fbf57d89ec1ea5038afdb2120cb0c524ce61d65424e34_ppc64le",
"9Base-RHOL-6.0:openshift-logging/logging-loki-rhel9@sha256:4c9aae2b3560cb6bc67ef536459ed04e30b0890e3b34c8fbbfaa7557b449bc44_amd64",
"9Base-RHOL-6.0:openshift-logging/logging-loki-rhel9@sha256:75b744971db524a4b218e1f81395ac753d1c392f099b3ab79945809f8714728f_ppc64le",
"9Base-RHOL-6.0:openshift-logging/logging-loki-rhel9@sha256:ac504d165b83e047af9d8c2a49f136b13e466c43d2d9f679850b3a32f44d96f3_s390x",
"9Base-RHOL-6.0:openshift-logging/logging-loki-rhel9@sha256:c48d43f0a1db7196656f8f71fed383248131117517566034f6e6e9cb67d86695_arm64",
"9Base-RHOL-6.0:openshift-logging/loki-operator-bundle@sha256:47f6a0bc969c7039b027fcff8b8fc97ad88f54fc07efd839e98b95d660124d36_amd64",
"9Base-RHOL-6.0:openshift-logging/loki-rhel9-operator@sha256:161fc8b97a1752329c7456a6e052b7bedb39a566bc0ba4b91a31a1360aabbaa8_arm64",
"9Base-RHOL-6.0:openshift-logging/loki-rhel9-operator@sha256:7e5c29156bfbfe36ba9a3fae143d5bfd4a4cbd6b586183e0338b356e3ebec4f0_amd64",
"9Base-RHOL-6.0:openshift-logging/loki-rhel9-operator@sha256:f6426dc70bc6bfce23a72163afb3229a28bbc340e1e5dbd42696534a6187b6eb_s390x",
"9Base-RHOL-6.0:openshift-logging/loki-rhel9-operator@sha256:f9f2c7e18a194440964e889c99bffd704b260eee5e4202575dd341fea4ab23fd_ppc64le",
"9Base-RHOL-6.0:openshift-logging/lokistack-gateway-rhel9@sha256:06322689631815e632be8ac68c784641801499b80c7f84ef65a6b6be7d87a85a_arm64",
"9Base-RHOL-6.0:openshift-logging/lokistack-gateway-rhel9@sha256:55d833a3314752d84f5d8fecdec10e1ba933563991e444536aeae17b2e62c397_amd64",
"9Base-RHOL-6.0:openshift-logging/lokistack-gateway-rhel9@sha256:57a6bf54011a5bbff66e9d3f76c619960ac02c2adce88ba84cb73266aaebab32_ppc64le",
"9Base-RHOL-6.0:openshift-logging/lokistack-gateway-rhel9@sha256:8159842ddd7237c3710ce6a93338bd3647d53a6355989f614a2bc26e8ed81452_s390x",
"9Base-RHOL-6.0:openshift-logging/opa-openshift-rhel9@sha256:89d23ee10b06a32e8424014a6bad13ec4cacc9458a22d829f1539462c8757624_s390x",
"9Base-RHOL-6.0:openshift-logging/opa-openshift-rhel9@sha256:a88fbeca3dce34d749a433de069ac020acd6446be807abbeebb699fbf60e1849_ppc64le",
"9Base-RHOL-6.0:openshift-logging/opa-openshift-rhel9@sha256:dcbc0f3616072607ef651100b2e9b5817c7ef03c507858bee27bc72a23eb7900_amd64",
"9Base-RHOL-6.0:openshift-logging/opa-openshift-rhel9@sha256:f4209e2eb1cb3a197f64db4d08e8ef67937ce88a987c29391f3a6aa50e6c5606_arm64",
"9Base-RHOL-6.0:openshift-logging/vector-rhel9@sha256:4544bf43eed07afab6f941b7f8fd56a635045eb3ac182bbd180d816a9fc10f76_amd64",
"9Base-RHOL-6.0:openshift-logging/vector-rhel9@sha256:483bb4b32ff0932e96a5572a386ecb3e4c605cacfc515d7029f23f572d0e6254_s390x",
"9Base-RHOL-6.0:openshift-logging/vector-rhel9@sha256:4e73489bf07ff3376c3947f769902acfc206c6f3ed00cfd7f724f4022be97b44_ppc64le",
"9Base-RHOL-6.0:openshift-logging/vector-rhel9@sha256:9183e9614e3f963be71158dc75eee5d8f16e1c177775544094cef5c115ba743f_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45338"
},
{
"category": "external",
"summary": "RHBZ#2333122",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2333122"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45338",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45338"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45338",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45338"
},
{
"category": "external",
"summary": "https://go.dev/cl/637536",
"url": "https://go.dev/cl/637536"
},
{
"category": "external",
"summary": "https://go.dev/issue/70906",
"url": "https://go.dev/issue/70906"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/wSCRmFnNmPA/m/Lvcd0mRMAwAJ",
"url": "https://groups.google.com/g/golang-announce/c/wSCRmFnNmPA/m/Lvcd0mRMAwAJ"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3333",
"url": "https://pkg.go.dev/vuln/GO-2024-3333"
}
],
"release_date": "2024-12-18T20:38:22.660000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-26T17:34:00+00:00",
"details": "For OpenShift Container Platform 4.16 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.16/release_notes/ocp-4-16-release-notes.html\n\nFor Red Hat OpenShift Logging 6.0, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.16/observability/logging/logging-6.0/log6x-upgrading-to-6.html",
"product_ids": [
"9Base-RHOL-6.0:openshift-logging/cluster-logging-operator-bundle@sha256:04347c5ffe4381dfc2ec48cafa04b65cd85b732ab32c361a03acadc6b12486c5_amd64",
"9Base-RHOL-6.0:openshift-logging/cluster-logging-rhel9-operator@sha256:0a35500c9b027f30669c6f410b468ee528972c18eea0f8783954979f444c28e5_s390x",
"9Base-RHOL-6.0:openshift-logging/cluster-logging-rhel9-operator@sha256:6646e0c4534894aab3169a534326a8bfbee5d4c384bdd94434613e4044c8acc6_amd64",
"9Base-RHOL-6.0:openshift-logging/cluster-logging-rhel9-operator@sha256:98f1e57da45eaaa9dbb54ccf52e50e23e7238de0b1065721a2f1041cc2404757_ppc64le",
"9Base-RHOL-6.0:openshift-logging/cluster-logging-rhel9-operator@sha256:ff4bc240a5c840d16eb48db373fedafef5a7a2f1db0d90b296af054423789cf7_arm64",
"9Base-RHOL-6.0:openshift-logging/eventrouter-rhel9@sha256:4672ce29ebd5f099aa2afeeae907e4693a7bc9f6cf0a9fa1e7527a12a17976f0_s390x",
"9Base-RHOL-6.0:openshift-logging/eventrouter-rhel9@sha256:4f287a5ae842fc8b87ba0ac19dd9909ce0fb17b4f4b6c582621b559b55a9c0ae_ppc64le",
"9Base-RHOL-6.0:openshift-logging/eventrouter-rhel9@sha256:6216957ee9e05152231a7816470003822ce706ed768bd9dbf15a7d42ceba0169_amd64",
"9Base-RHOL-6.0:openshift-logging/eventrouter-rhel9@sha256:6fc3e68cc69f8ce6eb93244fc344260b48ac68794da1ce78aeb4fad606576789_arm64",
"9Base-RHOL-6.0:openshift-logging/log-file-metric-exporter-rhel9@sha256:0bc239163627bd0b502d74072d5fd8f6606b222784d24963bcc6d104353221c8_arm64",
"9Base-RHOL-6.0:openshift-logging/log-file-metric-exporter-rhel9@sha256:85164d3f02bdfcc8b1c545c8c8a8a775d6690de8bd27502d70fb686af0ceb53b_s390x",
"9Base-RHOL-6.0:openshift-logging/log-file-metric-exporter-rhel9@sha256:ba8ec092b2b26e83e30d78879196dd8d524ef6805abafa5be562e2b734676e68_amd64",
"9Base-RHOL-6.0:openshift-logging/log-file-metric-exporter-rhel9@sha256:e5fdace6353f81300d3fbf57d89ec1ea5038afdb2120cb0c524ce61d65424e34_ppc64le",
"9Base-RHOL-6.0:openshift-logging/logging-loki-rhel9@sha256:4c9aae2b3560cb6bc67ef536459ed04e30b0890e3b34c8fbbfaa7557b449bc44_amd64",
"9Base-RHOL-6.0:openshift-logging/logging-loki-rhel9@sha256:75b744971db524a4b218e1f81395ac753d1c392f099b3ab79945809f8714728f_ppc64le",
"9Base-RHOL-6.0:openshift-logging/logging-loki-rhel9@sha256:ac504d165b83e047af9d8c2a49f136b13e466c43d2d9f679850b3a32f44d96f3_s390x",
"9Base-RHOL-6.0:openshift-logging/logging-loki-rhel9@sha256:c48d43f0a1db7196656f8f71fed383248131117517566034f6e6e9cb67d86695_arm64",
"9Base-RHOL-6.0:openshift-logging/loki-operator-bundle@sha256:47f6a0bc969c7039b027fcff8b8fc97ad88f54fc07efd839e98b95d660124d36_amd64",
"9Base-RHOL-6.0:openshift-logging/loki-rhel9-operator@sha256:161fc8b97a1752329c7456a6e052b7bedb39a566bc0ba4b91a31a1360aabbaa8_arm64",
"9Base-RHOL-6.0:openshift-logging/loki-rhel9-operator@sha256:7e5c29156bfbfe36ba9a3fae143d5bfd4a4cbd6b586183e0338b356e3ebec4f0_amd64",
"9Base-RHOL-6.0:openshift-logging/loki-rhel9-operator@sha256:f6426dc70bc6bfce23a72163afb3229a28bbc340e1e5dbd42696534a6187b6eb_s390x",
"9Base-RHOL-6.0:openshift-logging/loki-rhel9-operator@sha256:f9f2c7e18a194440964e889c99bffd704b260eee5e4202575dd341fea4ab23fd_ppc64le",
"9Base-RHOL-6.0:openshift-logging/lokistack-gateway-rhel9@sha256:06322689631815e632be8ac68c784641801499b80c7f84ef65a6b6be7d87a85a_arm64",
"9Base-RHOL-6.0:openshift-logging/lokistack-gateway-rhel9@sha256:55d833a3314752d84f5d8fecdec10e1ba933563991e444536aeae17b2e62c397_amd64",
"9Base-RHOL-6.0:openshift-logging/lokistack-gateway-rhel9@sha256:57a6bf54011a5bbff66e9d3f76c619960ac02c2adce88ba84cb73266aaebab32_ppc64le",
"9Base-RHOL-6.0:openshift-logging/lokistack-gateway-rhel9@sha256:8159842ddd7237c3710ce6a93338bd3647d53a6355989f614a2bc26e8ed81452_s390x",
"9Base-RHOL-6.0:openshift-logging/opa-openshift-rhel9@sha256:89d23ee10b06a32e8424014a6bad13ec4cacc9458a22d829f1539462c8757624_s390x",
"9Base-RHOL-6.0:openshift-logging/opa-openshift-rhel9@sha256:a88fbeca3dce34d749a433de069ac020acd6446be807abbeebb699fbf60e1849_ppc64le",
"9Base-RHOL-6.0:openshift-logging/opa-openshift-rhel9@sha256:dcbc0f3616072607ef651100b2e9b5817c7ef03c507858bee27bc72a23eb7900_amd64",
"9Base-RHOL-6.0:openshift-logging/opa-openshift-rhel9@sha256:f4209e2eb1cb3a197f64db4d08e8ef67937ce88a987c29391f3a6aa50e6c5606_arm64",
"9Base-RHOL-6.0:openshift-logging/vector-rhel9@sha256:4544bf43eed07afab6f941b7f8fd56a635045eb3ac182bbd180d816a9fc10f76_amd64",
"9Base-RHOL-6.0:openshift-logging/vector-rhel9@sha256:483bb4b32ff0932e96a5572a386ecb3e4c605cacfc515d7029f23f572d0e6254_s390x",
"9Base-RHOL-6.0:openshift-logging/vector-rhel9@sha256:4e73489bf07ff3376c3947f769902acfc206c6f3ed00cfd7f724f4022be97b44_ppc64le",
"9Base-RHOL-6.0:openshift-logging/vector-rhel9@sha256:9183e9614e3f963be71158dc75eee5d8f16e1c177775544094cef5c115ba743f_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:3132"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHOL-6.0:openshift-logging/cluster-logging-operator-bundle@sha256:04347c5ffe4381dfc2ec48cafa04b65cd85b732ab32c361a03acadc6b12486c5_amd64",
"9Base-RHOL-6.0:openshift-logging/cluster-logging-rhel9-operator@sha256:0a35500c9b027f30669c6f410b468ee528972c18eea0f8783954979f444c28e5_s390x",
"9Base-RHOL-6.0:openshift-logging/cluster-logging-rhel9-operator@sha256:6646e0c4534894aab3169a534326a8bfbee5d4c384bdd94434613e4044c8acc6_amd64",
"9Base-RHOL-6.0:openshift-logging/cluster-logging-rhel9-operator@sha256:98f1e57da45eaaa9dbb54ccf52e50e23e7238de0b1065721a2f1041cc2404757_ppc64le",
"9Base-RHOL-6.0:openshift-logging/cluster-logging-rhel9-operator@sha256:ff4bc240a5c840d16eb48db373fedafef5a7a2f1db0d90b296af054423789cf7_arm64",
"9Base-RHOL-6.0:openshift-logging/eventrouter-rhel9@sha256:4672ce29ebd5f099aa2afeeae907e4693a7bc9f6cf0a9fa1e7527a12a17976f0_s390x",
"9Base-RHOL-6.0:openshift-logging/eventrouter-rhel9@sha256:4f287a5ae842fc8b87ba0ac19dd9909ce0fb17b4f4b6c582621b559b55a9c0ae_ppc64le",
"9Base-RHOL-6.0:openshift-logging/eventrouter-rhel9@sha256:6216957ee9e05152231a7816470003822ce706ed768bd9dbf15a7d42ceba0169_amd64",
"9Base-RHOL-6.0:openshift-logging/eventrouter-rhel9@sha256:6fc3e68cc69f8ce6eb93244fc344260b48ac68794da1ce78aeb4fad606576789_arm64",
"9Base-RHOL-6.0:openshift-logging/log-file-metric-exporter-rhel9@sha256:0bc239163627bd0b502d74072d5fd8f6606b222784d24963bcc6d104353221c8_arm64",
"9Base-RHOL-6.0:openshift-logging/log-file-metric-exporter-rhel9@sha256:85164d3f02bdfcc8b1c545c8c8a8a775d6690de8bd27502d70fb686af0ceb53b_s390x",
"9Base-RHOL-6.0:openshift-logging/log-file-metric-exporter-rhel9@sha256:ba8ec092b2b26e83e30d78879196dd8d524ef6805abafa5be562e2b734676e68_amd64",
"9Base-RHOL-6.0:openshift-logging/log-file-metric-exporter-rhel9@sha256:e5fdace6353f81300d3fbf57d89ec1ea5038afdb2120cb0c524ce61d65424e34_ppc64le",
"9Base-RHOL-6.0:openshift-logging/logging-loki-rhel9@sha256:4c9aae2b3560cb6bc67ef536459ed04e30b0890e3b34c8fbbfaa7557b449bc44_amd64",
"9Base-RHOL-6.0:openshift-logging/logging-loki-rhel9@sha256:75b744971db524a4b218e1f81395ac753d1c392f099b3ab79945809f8714728f_ppc64le",
"9Base-RHOL-6.0:openshift-logging/logging-loki-rhel9@sha256:ac504d165b83e047af9d8c2a49f136b13e466c43d2d9f679850b3a32f44d96f3_s390x",
"9Base-RHOL-6.0:openshift-logging/logging-loki-rhel9@sha256:c48d43f0a1db7196656f8f71fed383248131117517566034f6e6e9cb67d86695_arm64",
"9Base-RHOL-6.0:openshift-logging/loki-operator-bundle@sha256:47f6a0bc969c7039b027fcff8b8fc97ad88f54fc07efd839e98b95d660124d36_amd64",
"9Base-RHOL-6.0:openshift-logging/loki-rhel9-operator@sha256:161fc8b97a1752329c7456a6e052b7bedb39a566bc0ba4b91a31a1360aabbaa8_arm64",
"9Base-RHOL-6.0:openshift-logging/loki-rhel9-operator@sha256:7e5c29156bfbfe36ba9a3fae143d5bfd4a4cbd6b586183e0338b356e3ebec4f0_amd64",
"9Base-RHOL-6.0:openshift-logging/loki-rhel9-operator@sha256:f6426dc70bc6bfce23a72163afb3229a28bbc340e1e5dbd42696534a6187b6eb_s390x",
"9Base-RHOL-6.0:openshift-logging/loki-rhel9-operator@sha256:f9f2c7e18a194440964e889c99bffd704b260eee5e4202575dd341fea4ab23fd_ppc64le",
"9Base-RHOL-6.0:openshift-logging/lokistack-gateway-rhel9@sha256:06322689631815e632be8ac68c784641801499b80c7f84ef65a6b6be7d87a85a_arm64",
"9Base-RHOL-6.0:openshift-logging/lokistack-gateway-rhel9@sha256:55d833a3314752d84f5d8fecdec10e1ba933563991e444536aeae17b2e62c397_amd64",
"9Base-RHOL-6.0:openshift-logging/lokistack-gateway-rhel9@sha256:57a6bf54011a5bbff66e9d3f76c619960ac02c2adce88ba84cb73266aaebab32_ppc64le",
"9Base-RHOL-6.0:openshift-logging/lokistack-gateway-rhel9@sha256:8159842ddd7237c3710ce6a93338bd3647d53a6355989f614a2bc26e8ed81452_s390x",
"9Base-RHOL-6.0:openshift-logging/opa-openshift-rhel9@sha256:89d23ee10b06a32e8424014a6bad13ec4cacc9458a22d829f1539462c8757624_s390x",
"9Base-RHOL-6.0:openshift-logging/opa-openshift-rhel9@sha256:a88fbeca3dce34d749a433de069ac020acd6446be807abbeebb699fbf60e1849_ppc64le",
"9Base-RHOL-6.0:openshift-logging/opa-openshift-rhel9@sha256:dcbc0f3616072607ef651100b2e9b5817c7ef03c507858bee27bc72a23eb7900_amd64",
"9Base-RHOL-6.0:openshift-logging/opa-openshift-rhel9@sha256:f4209e2eb1cb3a197f64db4d08e8ef67937ce88a987c29391f3a6aa50e6c5606_arm64",
"9Base-RHOL-6.0:openshift-logging/vector-rhel9@sha256:4544bf43eed07afab6f941b7f8fd56a635045eb3ac182bbd180d816a9fc10f76_amd64",
"9Base-RHOL-6.0:openshift-logging/vector-rhel9@sha256:483bb4b32ff0932e96a5572a386ecb3e4c605cacfc515d7029f23f572d0e6254_s390x",
"9Base-RHOL-6.0:openshift-logging/vector-rhel9@sha256:4e73489bf07ff3376c3947f769902acfc206c6f3ed00cfd7f724f4022be97b44_ppc64le",
"9Base-RHOL-6.0:openshift-logging/vector-rhel9@sha256:9183e9614e3f963be71158dc75eee5d8f16e1c177775544094cef5c115ba743f_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html"
},
{
"cve": "CVE-2025-27144",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-02-24T23:00:42.448432+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2347423"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in GO-JOSE. In affected versions, when parsing compact JWS or JWE input, Go JOSE could use excessive memory. The code uses strings.Split(token, \".\") to split JWT tokens, which is vulnerable to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters. This issue could be exploied by sending numerous malformed tokens, leading to memory exhaustion and a Denial of Service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "go-jose: Go JOSE\u0027s Parsing Vulnerable to Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOL-6.0:openshift-logging/cluster-logging-operator-bundle@sha256:04347c5ffe4381dfc2ec48cafa04b65cd85b732ab32c361a03acadc6b12486c5_amd64",
"9Base-RHOL-6.0:openshift-logging/cluster-logging-rhel9-operator@sha256:0a35500c9b027f30669c6f410b468ee528972c18eea0f8783954979f444c28e5_s390x",
"9Base-RHOL-6.0:openshift-logging/cluster-logging-rhel9-operator@sha256:6646e0c4534894aab3169a534326a8bfbee5d4c384bdd94434613e4044c8acc6_amd64",
"9Base-RHOL-6.0:openshift-logging/cluster-logging-rhel9-operator@sha256:98f1e57da45eaaa9dbb54ccf52e50e23e7238de0b1065721a2f1041cc2404757_ppc64le",
"9Base-RHOL-6.0:openshift-logging/cluster-logging-rhel9-operator@sha256:ff4bc240a5c840d16eb48db373fedafef5a7a2f1db0d90b296af054423789cf7_arm64",
"9Base-RHOL-6.0:openshift-logging/eventrouter-rhel9@sha256:4672ce29ebd5f099aa2afeeae907e4693a7bc9f6cf0a9fa1e7527a12a17976f0_s390x",
"9Base-RHOL-6.0:openshift-logging/eventrouter-rhel9@sha256:4f287a5ae842fc8b87ba0ac19dd9909ce0fb17b4f4b6c582621b559b55a9c0ae_ppc64le",
"9Base-RHOL-6.0:openshift-logging/eventrouter-rhel9@sha256:6216957ee9e05152231a7816470003822ce706ed768bd9dbf15a7d42ceba0169_amd64",
"9Base-RHOL-6.0:openshift-logging/eventrouter-rhel9@sha256:6fc3e68cc69f8ce6eb93244fc344260b48ac68794da1ce78aeb4fad606576789_arm64",
"9Base-RHOL-6.0:openshift-logging/log-file-metric-exporter-rhel9@sha256:0bc239163627bd0b502d74072d5fd8f6606b222784d24963bcc6d104353221c8_arm64",
"9Base-RHOL-6.0:openshift-logging/log-file-metric-exporter-rhel9@sha256:85164d3f02bdfcc8b1c545c8c8a8a775d6690de8bd27502d70fb686af0ceb53b_s390x",
"9Base-RHOL-6.0:openshift-logging/log-file-metric-exporter-rhel9@sha256:ba8ec092b2b26e83e30d78879196dd8d524ef6805abafa5be562e2b734676e68_amd64",
"9Base-RHOL-6.0:openshift-logging/log-file-metric-exporter-rhel9@sha256:e5fdace6353f81300d3fbf57d89ec1ea5038afdb2120cb0c524ce61d65424e34_ppc64le",
"9Base-RHOL-6.0:openshift-logging/logging-loki-rhel9@sha256:4c9aae2b3560cb6bc67ef536459ed04e30b0890e3b34c8fbbfaa7557b449bc44_amd64",
"9Base-RHOL-6.0:openshift-logging/logging-loki-rhel9@sha256:75b744971db524a4b218e1f81395ac753d1c392f099b3ab79945809f8714728f_ppc64le",
"9Base-RHOL-6.0:openshift-logging/logging-loki-rhel9@sha256:ac504d165b83e047af9d8c2a49f136b13e466c43d2d9f679850b3a32f44d96f3_s390x",
"9Base-RHOL-6.0:openshift-logging/logging-loki-rhel9@sha256:c48d43f0a1db7196656f8f71fed383248131117517566034f6e6e9cb67d86695_arm64",
"9Base-RHOL-6.0:openshift-logging/loki-operator-bundle@sha256:47f6a0bc969c7039b027fcff8b8fc97ad88f54fc07efd839e98b95d660124d36_amd64",
"9Base-RHOL-6.0:openshift-logging/loki-rhel9-operator@sha256:161fc8b97a1752329c7456a6e052b7bedb39a566bc0ba4b91a31a1360aabbaa8_arm64",
"9Base-RHOL-6.0:openshift-logging/loki-rhel9-operator@sha256:7e5c29156bfbfe36ba9a3fae143d5bfd4a4cbd6b586183e0338b356e3ebec4f0_amd64",
"9Base-RHOL-6.0:openshift-logging/loki-rhel9-operator@sha256:f6426dc70bc6bfce23a72163afb3229a28bbc340e1e5dbd42696534a6187b6eb_s390x",
"9Base-RHOL-6.0:openshift-logging/loki-rhel9-operator@sha256:f9f2c7e18a194440964e889c99bffd704b260eee5e4202575dd341fea4ab23fd_ppc64le",
"9Base-RHOL-6.0:openshift-logging/lokistack-gateway-rhel9@sha256:06322689631815e632be8ac68c784641801499b80c7f84ef65a6b6be7d87a85a_arm64",
"9Base-RHOL-6.0:openshift-logging/lokistack-gateway-rhel9@sha256:55d833a3314752d84f5d8fecdec10e1ba933563991e444536aeae17b2e62c397_amd64",
"9Base-RHOL-6.0:openshift-logging/lokistack-gateway-rhel9@sha256:57a6bf54011a5bbff66e9d3f76c619960ac02c2adce88ba84cb73266aaebab32_ppc64le",
"9Base-RHOL-6.0:openshift-logging/lokistack-gateway-rhel9@sha256:8159842ddd7237c3710ce6a93338bd3647d53a6355989f614a2bc26e8ed81452_s390x",
"9Base-RHOL-6.0:openshift-logging/opa-openshift-rhel9@sha256:89d23ee10b06a32e8424014a6bad13ec4cacc9458a22d829f1539462c8757624_s390x",
"9Base-RHOL-6.0:openshift-logging/opa-openshift-rhel9@sha256:a88fbeca3dce34d749a433de069ac020acd6446be807abbeebb699fbf60e1849_ppc64le",
"9Base-RHOL-6.0:openshift-logging/opa-openshift-rhel9@sha256:dcbc0f3616072607ef651100b2e9b5817c7ef03c507858bee27bc72a23eb7900_amd64",
"9Base-RHOL-6.0:openshift-logging/opa-openshift-rhel9@sha256:f4209e2eb1cb3a197f64db4d08e8ef67937ce88a987c29391f3a6aa50e6c5606_arm64",
"9Base-RHOL-6.0:openshift-logging/vector-rhel9@sha256:4544bf43eed07afab6f941b7f8fd56a635045eb3ac182bbd180d816a9fc10f76_amd64",
"9Base-RHOL-6.0:openshift-logging/vector-rhel9@sha256:483bb4b32ff0932e96a5572a386ecb3e4c605cacfc515d7029f23f572d0e6254_s390x",
"9Base-RHOL-6.0:openshift-logging/vector-rhel9@sha256:4e73489bf07ff3376c3947f769902acfc206c6f3ed00cfd7f724f4022be97b44_ppc64le",
"9Base-RHOL-6.0:openshift-logging/vector-rhel9@sha256:9183e9614e3f963be71158dc75eee5d8f16e1c177775544094cef5c115ba743f_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-27144"
},
{
"category": "external",
"summary": "RHBZ#2347423",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2347423"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-27144",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27144"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-27144",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-27144"
},
{
"category": "external",
"summary": "https://github.com/go-jose/go-jose/commit/99b346cec4e86d102284642c5dcbe9bb0cacfc22",
"url": "https://github.com/go-jose/go-jose/commit/99b346cec4e86d102284642c5dcbe9bb0cacfc22"
},
{
"category": "external",
"summary": "https://github.com/go-jose/go-jose/releases/tag/v4.0.5",
"url": "https://github.com/go-jose/go-jose/releases/tag/v4.0.5"
},
{
"category": "external",
"summary": "https://github.com/go-jose/go-jose/security/advisories/GHSA-c6gw-w398-hv78",
"url": "https://github.com/go-jose/go-jose/security/advisories/GHSA-c6gw-w398-hv78"
}
],
"release_date": "2025-02-24T22:22:22.863000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-26T17:34:00+00:00",
"details": "For OpenShift Container Platform 4.16 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.16/release_notes/ocp-4-16-release-notes.html\n\nFor Red Hat OpenShift Logging 6.0, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.16/observability/logging/logging-6.0/log6x-upgrading-to-6.html",
"product_ids": [
"9Base-RHOL-6.0:openshift-logging/cluster-logging-operator-bundle@sha256:04347c5ffe4381dfc2ec48cafa04b65cd85b732ab32c361a03acadc6b12486c5_amd64",
"9Base-RHOL-6.0:openshift-logging/cluster-logging-rhel9-operator@sha256:0a35500c9b027f30669c6f410b468ee528972c18eea0f8783954979f444c28e5_s390x",
"9Base-RHOL-6.0:openshift-logging/cluster-logging-rhel9-operator@sha256:6646e0c4534894aab3169a534326a8bfbee5d4c384bdd94434613e4044c8acc6_amd64",
"9Base-RHOL-6.0:openshift-logging/cluster-logging-rhel9-operator@sha256:98f1e57da45eaaa9dbb54ccf52e50e23e7238de0b1065721a2f1041cc2404757_ppc64le",
"9Base-RHOL-6.0:openshift-logging/cluster-logging-rhel9-operator@sha256:ff4bc240a5c840d16eb48db373fedafef5a7a2f1db0d90b296af054423789cf7_arm64",
"9Base-RHOL-6.0:openshift-logging/eventrouter-rhel9@sha256:4672ce29ebd5f099aa2afeeae907e4693a7bc9f6cf0a9fa1e7527a12a17976f0_s390x",
"9Base-RHOL-6.0:openshift-logging/eventrouter-rhel9@sha256:4f287a5ae842fc8b87ba0ac19dd9909ce0fb17b4f4b6c582621b559b55a9c0ae_ppc64le",
"9Base-RHOL-6.0:openshift-logging/eventrouter-rhel9@sha256:6216957ee9e05152231a7816470003822ce706ed768bd9dbf15a7d42ceba0169_amd64",
"9Base-RHOL-6.0:openshift-logging/eventrouter-rhel9@sha256:6fc3e68cc69f8ce6eb93244fc344260b48ac68794da1ce78aeb4fad606576789_arm64",
"9Base-RHOL-6.0:openshift-logging/log-file-metric-exporter-rhel9@sha256:0bc239163627bd0b502d74072d5fd8f6606b222784d24963bcc6d104353221c8_arm64",
"9Base-RHOL-6.0:openshift-logging/log-file-metric-exporter-rhel9@sha256:85164d3f02bdfcc8b1c545c8c8a8a775d6690de8bd27502d70fb686af0ceb53b_s390x",
"9Base-RHOL-6.0:openshift-logging/log-file-metric-exporter-rhel9@sha256:ba8ec092b2b26e83e30d78879196dd8d524ef6805abafa5be562e2b734676e68_amd64",
"9Base-RHOL-6.0:openshift-logging/log-file-metric-exporter-rhel9@sha256:e5fdace6353f81300d3fbf57d89ec1ea5038afdb2120cb0c524ce61d65424e34_ppc64le",
"9Base-RHOL-6.0:openshift-logging/logging-loki-rhel9@sha256:4c9aae2b3560cb6bc67ef536459ed04e30b0890e3b34c8fbbfaa7557b449bc44_amd64",
"9Base-RHOL-6.0:openshift-logging/logging-loki-rhel9@sha256:75b744971db524a4b218e1f81395ac753d1c392f099b3ab79945809f8714728f_ppc64le",
"9Base-RHOL-6.0:openshift-logging/logging-loki-rhel9@sha256:ac504d165b83e047af9d8c2a49f136b13e466c43d2d9f679850b3a32f44d96f3_s390x",
"9Base-RHOL-6.0:openshift-logging/logging-loki-rhel9@sha256:c48d43f0a1db7196656f8f71fed383248131117517566034f6e6e9cb67d86695_arm64",
"9Base-RHOL-6.0:openshift-logging/loki-operator-bundle@sha256:47f6a0bc969c7039b027fcff8b8fc97ad88f54fc07efd839e98b95d660124d36_amd64",
"9Base-RHOL-6.0:openshift-logging/loki-rhel9-operator@sha256:161fc8b97a1752329c7456a6e052b7bedb39a566bc0ba4b91a31a1360aabbaa8_arm64",
"9Base-RHOL-6.0:openshift-logging/loki-rhel9-operator@sha256:7e5c29156bfbfe36ba9a3fae143d5bfd4a4cbd6b586183e0338b356e3ebec4f0_amd64",
"9Base-RHOL-6.0:openshift-logging/loki-rhel9-operator@sha256:f6426dc70bc6bfce23a72163afb3229a28bbc340e1e5dbd42696534a6187b6eb_s390x",
"9Base-RHOL-6.0:openshift-logging/loki-rhel9-operator@sha256:f9f2c7e18a194440964e889c99bffd704b260eee5e4202575dd341fea4ab23fd_ppc64le",
"9Base-RHOL-6.0:openshift-logging/lokistack-gateway-rhel9@sha256:06322689631815e632be8ac68c784641801499b80c7f84ef65a6b6be7d87a85a_arm64",
"9Base-RHOL-6.0:openshift-logging/lokistack-gateway-rhel9@sha256:55d833a3314752d84f5d8fecdec10e1ba933563991e444536aeae17b2e62c397_amd64",
"9Base-RHOL-6.0:openshift-logging/lokistack-gateway-rhel9@sha256:57a6bf54011a5bbff66e9d3f76c619960ac02c2adce88ba84cb73266aaebab32_ppc64le",
"9Base-RHOL-6.0:openshift-logging/lokistack-gateway-rhel9@sha256:8159842ddd7237c3710ce6a93338bd3647d53a6355989f614a2bc26e8ed81452_s390x",
"9Base-RHOL-6.0:openshift-logging/opa-openshift-rhel9@sha256:89d23ee10b06a32e8424014a6bad13ec4cacc9458a22d829f1539462c8757624_s390x",
"9Base-RHOL-6.0:openshift-logging/opa-openshift-rhel9@sha256:a88fbeca3dce34d749a433de069ac020acd6446be807abbeebb699fbf60e1849_ppc64le",
"9Base-RHOL-6.0:openshift-logging/opa-openshift-rhel9@sha256:dcbc0f3616072607ef651100b2e9b5817c7ef03c507858bee27bc72a23eb7900_amd64",
"9Base-RHOL-6.0:openshift-logging/opa-openshift-rhel9@sha256:f4209e2eb1cb3a197f64db4d08e8ef67937ce88a987c29391f3a6aa50e6c5606_arm64",
"9Base-RHOL-6.0:openshift-logging/vector-rhel9@sha256:4544bf43eed07afab6f941b7f8fd56a635045eb3ac182bbd180d816a9fc10f76_amd64",
"9Base-RHOL-6.0:openshift-logging/vector-rhel9@sha256:483bb4b32ff0932e96a5572a386ecb3e4c605cacfc515d7029f23f572d0e6254_s390x",
"9Base-RHOL-6.0:openshift-logging/vector-rhel9@sha256:4e73489bf07ff3376c3947f769902acfc206c6f3ed00cfd7f724f4022be97b44_ppc64le",
"9Base-RHOL-6.0:openshift-logging/vector-rhel9@sha256:9183e9614e3f963be71158dc75eee5d8f16e1c177775544094cef5c115ba743f_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:3132"
},
{
"category": "workaround",
"details": "As a workaround, applications can pre-validate that payloads being passed to Go JOSE do not contain an excessive number of `.` characters.",
"product_ids": [
"9Base-RHOL-6.0:openshift-logging/cluster-logging-operator-bundle@sha256:04347c5ffe4381dfc2ec48cafa04b65cd85b732ab32c361a03acadc6b12486c5_amd64",
"9Base-RHOL-6.0:openshift-logging/cluster-logging-rhel9-operator@sha256:0a35500c9b027f30669c6f410b468ee528972c18eea0f8783954979f444c28e5_s390x",
"9Base-RHOL-6.0:openshift-logging/cluster-logging-rhel9-operator@sha256:6646e0c4534894aab3169a534326a8bfbee5d4c384bdd94434613e4044c8acc6_amd64",
"9Base-RHOL-6.0:openshift-logging/cluster-logging-rhel9-operator@sha256:98f1e57da45eaaa9dbb54ccf52e50e23e7238de0b1065721a2f1041cc2404757_ppc64le",
"9Base-RHOL-6.0:openshift-logging/cluster-logging-rhel9-operator@sha256:ff4bc240a5c840d16eb48db373fedafef5a7a2f1db0d90b296af054423789cf7_arm64",
"9Base-RHOL-6.0:openshift-logging/eventrouter-rhel9@sha256:4672ce29ebd5f099aa2afeeae907e4693a7bc9f6cf0a9fa1e7527a12a17976f0_s390x",
"9Base-RHOL-6.0:openshift-logging/eventrouter-rhel9@sha256:4f287a5ae842fc8b87ba0ac19dd9909ce0fb17b4f4b6c582621b559b55a9c0ae_ppc64le",
"9Base-RHOL-6.0:openshift-logging/eventrouter-rhel9@sha256:6216957ee9e05152231a7816470003822ce706ed768bd9dbf15a7d42ceba0169_amd64",
"9Base-RHOL-6.0:openshift-logging/eventrouter-rhel9@sha256:6fc3e68cc69f8ce6eb93244fc344260b48ac68794da1ce78aeb4fad606576789_arm64",
"9Base-RHOL-6.0:openshift-logging/log-file-metric-exporter-rhel9@sha256:0bc239163627bd0b502d74072d5fd8f6606b222784d24963bcc6d104353221c8_arm64",
"9Base-RHOL-6.0:openshift-logging/log-file-metric-exporter-rhel9@sha256:85164d3f02bdfcc8b1c545c8c8a8a775d6690de8bd27502d70fb686af0ceb53b_s390x",
"9Base-RHOL-6.0:openshift-logging/log-file-metric-exporter-rhel9@sha256:ba8ec092b2b26e83e30d78879196dd8d524ef6805abafa5be562e2b734676e68_amd64",
"9Base-RHOL-6.0:openshift-logging/log-file-metric-exporter-rhel9@sha256:e5fdace6353f81300d3fbf57d89ec1ea5038afdb2120cb0c524ce61d65424e34_ppc64le",
"9Base-RHOL-6.0:openshift-logging/logging-loki-rhel9@sha256:4c9aae2b3560cb6bc67ef536459ed04e30b0890e3b34c8fbbfaa7557b449bc44_amd64",
"9Base-RHOL-6.0:openshift-logging/logging-loki-rhel9@sha256:75b744971db524a4b218e1f81395ac753d1c392f099b3ab79945809f8714728f_ppc64le",
"9Base-RHOL-6.0:openshift-logging/logging-loki-rhel9@sha256:ac504d165b83e047af9d8c2a49f136b13e466c43d2d9f679850b3a32f44d96f3_s390x",
"9Base-RHOL-6.0:openshift-logging/logging-loki-rhel9@sha256:c48d43f0a1db7196656f8f71fed383248131117517566034f6e6e9cb67d86695_arm64",
"9Base-RHOL-6.0:openshift-logging/loki-operator-bundle@sha256:47f6a0bc969c7039b027fcff8b8fc97ad88f54fc07efd839e98b95d660124d36_amd64",
"9Base-RHOL-6.0:openshift-logging/loki-rhel9-operator@sha256:161fc8b97a1752329c7456a6e052b7bedb39a566bc0ba4b91a31a1360aabbaa8_arm64",
"9Base-RHOL-6.0:openshift-logging/loki-rhel9-operator@sha256:7e5c29156bfbfe36ba9a3fae143d5bfd4a4cbd6b586183e0338b356e3ebec4f0_amd64",
"9Base-RHOL-6.0:openshift-logging/loki-rhel9-operator@sha256:f6426dc70bc6bfce23a72163afb3229a28bbc340e1e5dbd42696534a6187b6eb_s390x",
"9Base-RHOL-6.0:openshift-logging/loki-rhel9-operator@sha256:f9f2c7e18a194440964e889c99bffd704b260eee5e4202575dd341fea4ab23fd_ppc64le",
"9Base-RHOL-6.0:openshift-logging/lokistack-gateway-rhel9@sha256:06322689631815e632be8ac68c784641801499b80c7f84ef65a6b6be7d87a85a_arm64",
"9Base-RHOL-6.0:openshift-logging/lokistack-gateway-rhel9@sha256:55d833a3314752d84f5d8fecdec10e1ba933563991e444536aeae17b2e62c397_amd64",
"9Base-RHOL-6.0:openshift-logging/lokistack-gateway-rhel9@sha256:57a6bf54011a5bbff66e9d3f76c619960ac02c2adce88ba84cb73266aaebab32_ppc64le",
"9Base-RHOL-6.0:openshift-logging/lokistack-gateway-rhel9@sha256:8159842ddd7237c3710ce6a93338bd3647d53a6355989f614a2bc26e8ed81452_s390x",
"9Base-RHOL-6.0:openshift-logging/opa-openshift-rhel9@sha256:89d23ee10b06a32e8424014a6bad13ec4cacc9458a22d829f1539462c8757624_s390x",
"9Base-RHOL-6.0:openshift-logging/opa-openshift-rhel9@sha256:a88fbeca3dce34d749a433de069ac020acd6446be807abbeebb699fbf60e1849_ppc64le",
"9Base-RHOL-6.0:openshift-logging/opa-openshift-rhel9@sha256:dcbc0f3616072607ef651100b2e9b5817c7ef03c507858bee27bc72a23eb7900_amd64",
"9Base-RHOL-6.0:openshift-logging/opa-openshift-rhel9@sha256:f4209e2eb1cb3a197f64db4d08e8ef67937ce88a987c29391f3a6aa50e6c5606_arm64",
"9Base-RHOL-6.0:openshift-logging/vector-rhel9@sha256:4544bf43eed07afab6f941b7f8fd56a635045eb3ac182bbd180d816a9fc10f76_amd64",
"9Base-RHOL-6.0:openshift-logging/vector-rhel9@sha256:483bb4b32ff0932e96a5572a386ecb3e4c605cacfc515d7029f23f572d0e6254_s390x",
"9Base-RHOL-6.0:openshift-logging/vector-rhel9@sha256:4e73489bf07ff3376c3947f769902acfc206c6f3ed00cfd7f724f4022be97b44_ppc64le",
"9Base-RHOL-6.0:openshift-logging/vector-rhel9@sha256:9183e9614e3f963be71158dc75eee5d8f16e1c177775544094cef5c115ba743f_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHOL-6.0:openshift-logging/cluster-logging-operator-bundle@sha256:04347c5ffe4381dfc2ec48cafa04b65cd85b732ab32c361a03acadc6b12486c5_amd64",
"9Base-RHOL-6.0:openshift-logging/cluster-logging-rhel9-operator@sha256:0a35500c9b027f30669c6f410b468ee528972c18eea0f8783954979f444c28e5_s390x",
"9Base-RHOL-6.0:openshift-logging/cluster-logging-rhel9-operator@sha256:6646e0c4534894aab3169a534326a8bfbee5d4c384bdd94434613e4044c8acc6_amd64",
"9Base-RHOL-6.0:openshift-logging/cluster-logging-rhel9-operator@sha256:98f1e57da45eaaa9dbb54ccf52e50e23e7238de0b1065721a2f1041cc2404757_ppc64le",
"9Base-RHOL-6.0:openshift-logging/cluster-logging-rhel9-operator@sha256:ff4bc240a5c840d16eb48db373fedafef5a7a2f1db0d90b296af054423789cf7_arm64",
"9Base-RHOL-6.0:openshift-logging/eventrouter-rhel9@sha256:4672ce29ebd5f099aa2afeeae907e4693a7bc9f6cf0a9fa1e7527a12a17976f0_s390x",
"9Base-RHOL-6.0:openshift-logging/eventrouter-rhel9@sha256:4f287a5ae842fc8b87ba0ac19dd9909ce0fb17b4f4b6c582621b559b55a9c0ae_ppc64le",
"9Base-RHOL-6.0:openshift-logging/eventrouter-rhel9@sha256:6216957ee9e05152231a7816470003822ce706ed768bd9dbf15a7d42ceba0169_amd64",
"9Base-RHOL-6.0:openshift-logging/eventrouter-rhel9@sha256:6fc3e68cc69f8ce6eb93244fc344260b48ac68794da1ce78aeb4fad606576789_arm64",
"9Base-RHOL-6.0:openshift-logging/log-file-metric-exporter-rhel9@sha256:0bc239163627bd0b502d74072d5fd8f6606b222784d24963bcc6d104353221c8_arm64",
"9Base-RHOL-6.0:openshift-logging/log-file-metric-exporter-rhel9@sha256:85164d3f02bdfcc8b1c545c8c8a8a775d6690de8bd27502d70fb686af0ceb53b_s390x",
"9Base-RHOL-6.0:openshift-logging/log-file-metric-exporter-rhel9@sha256:ba8ec092b2b26e83e30d78879196dd8d524ef6805abafa5be562e2b734676e68_amd64",
"9Base-RHOL-6.0:openshift-logging/log-file-metric-exporter-rhel9@sha256:e5fdace6353f81300d3fbf57d89ec1ea5038afdb2120cb0c524ce61d65424e34_ppc64le",
"9Base-RHOL-6.0:openshift-logging/logging-loki-rhel9@sha256:4c9aae2b3560cb6bc67ef536459ed04e30b0890e3b34c8fbbfaa7557b449bc44_amd64",
"9Base-RHOL-6.0:openshift-logging/logging-loki-rhel9@sha256:75b744971db524a4b218e1f81395ac753d1c392f099b3ab79945809f8714728f_ppc64le",
"9Base-RHOL-6.0:openshift-logging/logging-loki-rhel9@sha256:ac504d165b83e047af9d8c2a49f136b13e466c43d2d9f679850b3a32f44d96f3_s390x",
"9Base-RHOL-6.0:openshift-logging/logging-loki-rhel9@sha256:c48d43f0a1db7196656f8f71fed383248131117517566034f6e6e9cb67d86695_arm64",
"9Base-RHOL-6.0:openshift-logging/loki-operator-bundle@sha256:47f6a0bc969c7039b027fcff8b8fc97ad88f54fc07efd839e98b95d660124d36_amd64",
"9Base-RHOL-6.0:openshift-logging/loki-rhel9-operator@sha256:161fc8b97a1752329c7456a6e052b7bedb39a566bc0ba4b91a31a1360aabbaa8_arm64",
"9Base-RHOL-6.0:openshift-logging/loki-rhel9-operator@sha256:7e5c29156bfbfe36ba9a3fae143d5bfd4a4cbd6b586183e0338b356e3ebec4f0_amd64",
"9Base-RHOL-6.0:openshift-logging/loki-rhel9-operator@sha256:f6426dc70bc6bfce23a72163afb3229a28bbc340e1e5dbd42696534a6187b6eb_s390x",
"9Base-RHOL-6.0:openshift-logging/loki-rhel9-operator@sha256:f9f2c7e18a194440964e889c99bffd704b260eee5e4202575dd341fea4ab23fd_ppc64le",
"9Base-RHOL-6.0:openshift-logging/lokistack-gateway-rhel9@sha256:06322689631815e632be8ac68c784641801499b80c7f84ef65a6b6be7d87a85a_arm64",
"9Base-RHOL-6.0:openshift-logging/lokistack-gateway-rhel9@sha256:55d833a3314752d84f5d8fecdec10e1ba933563991e444536aeae17b2e62c397_amd64",
"9Base-RHOL-6.0:openshift-logging/lokistack-gateway-rhel9@sha256:57a6bf54011a5bbff66e9d3f76c619960ac02c2adce88ba84cb73266aaebab32_ppc64le",
"9Base-RHOL-6.0:openshift-logging/lokistack-gateway-rhel9@sha256:8159842ddd7237c3710ce6a93338bd3647d53a6355989f614a2bc26e8ed81452_s390x",
"9Base-RHOL-6.0:openshift-logging/opa-openshift-rhel9@sha256:89d23ee10b06a32e8424014a6bad13ec4cacc9458a22d829f1539462c8757624_s390x",
"9Base-RHOL-6.0:openshift-logging/opa-openshift-rhel9@sha256:a88fbeca3dce34d749a433de069ac020acd6446be807abbeebb699fbf60e1849_ppc64le",
"9Base-RHOL-6.0:openshift-logging/opa-openshift-rhel9@sha256:dcbc0f3616072607ef651100b2e9b5817c7ef03c507858bee27bc72a23eb7900_amd64",
"9Base-RHOL-6.0:openshift-logging/opa-openshift-rhel9@sha256:f4209e2eb1cb3a197f64db4d08e8ef67937ce88a987c29391f3a6aa50e6c5606_arm64",
"9Base-RHOL-6.0:openshift-logging/vector-rhel9@sha256:4544bf43eed07afab6f941b7f8fd56a635045eb3ac182bbd180d816a9fc10f76_amd64",
"9Base-RHOL-6.0:openshift-logging/vector-rhel9@sha256:483bb4b32ff0932e96a5572a386ecb3e4c605cacfc515d7029f23f572d0e6254_s390x",
"9Base-RHOL-6.0:openshift-logging/vector-rhel9@sha256:4e73489bf07ff3376c3947f769902acfc206c6f3ed00cfd7f724f4022be97b44_ppc64le",
"9Base-RHOL-6.0:openshift-logging/vector-rhel9@sha256:9183e9614e3f963be71158dc75eee5d8f16e1c177775544094cef5c115ba743f_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "go-jose: Go JOSE\u0027s Parsing Vulnerable to Denial of Service"
}
]
}
RHSA-2025:3368
Vulnerability from csaf_redhat - Published: 2025-03-27 17:45 - Updated: 2026-06-02 21:45Summary
Red Hat Security Advisory: RHOAI 2.16.0 - Red Hat OpenShift AI
Severity
Important
Notes
Topic: Updated images are now available for Red Hat OpenShift AI.
Details: Release of RHOAI 2.16.0 provides these changes:
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A Regular Expression Denial of Service (ReDoS) vulnerability was found in the cross-spawn package for Node.js. Due to improper input sanitization, an attacker can increase CPU usage and crash the program with a large, specially crafted string.
4.4 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64 | — |
Vendor Fix
fix
|
Known not affected
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64 | — |
Threats
Impact
Low
A flaw was found in path-to-regexp package, where it turns path strings into regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance. Because JavaScript is single-threaded and regex matching runs on the main thread, poor performance will block the event loop and lead to a denial of service (DoS).
5.3 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64 | — |
Workaround
|
Threats
Impact
Moderate
A flaw was found in golang.org/x/net/html. This flaw allows an attacker to craft input to the parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This issue can cause a denial of service.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64 | — |
Vendor Fix
fix
|
Known not affected
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64 | — |
Threats
Impact
Important
A flaw was found in glog, a logging library. This vulnerability allows an unprivileged attacker to overwrite sensitive files via a symbolic link planted in a widely writable directory, exploiting the log file path predictability.
7.1 (High)
Affected products
Fixed
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in path-to-regexp. A path-to-regexp turns path strings into regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance.
5.3 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64 | — |
Workaround
|
Threats
Impact
Moderate
A flaw was found in nanoid. Affected versions of nanoid mishandles non-integer values. When nanoid is called with a fractional value, there were a number of undesirable effects: - In browser and non-secure, the code infinite loops on while (size--) - In node, the value of poolOffset becomes fractional, causing calls to nanoid to return zeroes until the pool is next filled: when i is initialized to poolOffset, pool[i] & 63 -> undefined & 63 -> 0 - If the first call in node is a fractional argument, the initial buffer allocation fails with an error The highest impact of this issue system availability.
6.5 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64 | — |
Vendor Fix
fix
|
Known not affected
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64 | — |
Threats
Impact
Moderate
A flaw was found in libxml2. This vulnerability allows a use-after-free via a crafted XML document validated against an XML schema with certain identity constraints or a crafted XML schema.
8.1 (High)
Affected products
Fixed
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64 | — |
Vendor Fix
fix
|
Known not affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64 | — |
Threats
Impact
Important
A flaw was found in the Jinja2 package. A bug in the Jinja compiler allows an attacker that controls both the content and filename of a template to execute arbitrary Python code, regardless of Jinja's sandbox being used. An attacker needs to be able to control both the filename and the contents of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications that execute untrusted templates where the template author can also choose the template filename.
7.3 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in the undici package for Node.js. Undici uses `Math.random()` to choose the boundary for a multipart/form-data request. It is known that the output of `Math.random()` can be predicted if several of its generated values are known. If an app has a mechanism that sends multipart requests to an attacker-controlled website, it can leak the necessary values. Therefore, an attacker can tamper with the requests going to the backend APIs if certain conditions are met.
6.8 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64 | — |
Vendor Fix
fix
|
Known not affected
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64 | — |
Threats
Impact
Moderate
A flaw was found in libxml2. This vulnerability allows a stack-based buffer overflow via DTD validation of an untrusted document or untrusted DTD.
7.8 (High)
Affected products
Fixed
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64 | — |
Vendor Fix
fix
|
Known not affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64 | — |
Threats
Impact
Important
A flaw was found in DOMPurify. This vulnerability allows attackers to execute mutation-based Cross-site scripting (mXSS) via an incorrect template literal regular expression.
4.5 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64 | — |
Vendor Fix
fix
|
Known not affected
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64 | — |
Threats
Impact
Moderate
References
98 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated images are now available for Red Hat OpenShift AI.",
"title": "Topic"
},
{
"category": "general",
"text": "Release of RHOAI 2.16.0 provides these changes:",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:3368",
"url": "https://access.redhat.com/errata/RHSA-2025:3368"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"url": "https://docs.redhat.com/en/documentation/red_hat_openshift_ai/"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-21538",
"url": "https://access.redhat.com/security/cve/CVE-2024-21538"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-45296",
"url": "https://access.redhat.com/security/cve/CVE-2024-45296"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-45338",
"url": "https://access.redhat.com/security/cve/CVE-2024-45338"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-45339",
"url": "https://access.redhat.com/security/cve/CVE-2024-45339"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-52798",
"url": "https://access.redhat.com/security/cve/CVE-2024-52798"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-55565",
"url": "https://access.redhat.com/security/cve/CVE-2024-55565"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-56171",
"url": "https://access.redhat.com/security/cve/CVE-2024-56171"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-56201",
"url": "https://access.redhat.com/security/cve/CVE-2024-56201"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-22150",
"url": "https://access.redhat.com/security/cve/CVE-2025-22150"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-24928",
"url": "https://access.redhat.com/security/cve/CVE-2025-24928"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-26791",
"url": "https://access.redhat.com/security/cve/CVE-2025-26791"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_3368.json"
}
],
"title": "Red Hat Security Advisory: RHOAI 2.16.0 - Red Hat OpenShift AI",
"tracking": {
"current_release_date": "2026-06-02T21:45:52+00:00",
"generator": {
"date": "2026-06-02T21:45:52+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHSA-2025:3368",
"initial_release_date": "2025-03-27T17:45:39+00:00",
"revision_history": [
{
"date": "2025-03-27T17:45:39+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-08-20T09:36:30+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-02T21:45:52+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift AI 2.16",
"product": {
"name": "Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_ai:2.16::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift AI"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64",
"product_id": "registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-codeflare-operator-rhel8@sha256%3A8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=v2.16.2-1742489156"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64",
"product_id": "registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-dashboard-rhel8@sha256%3A13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=v2.16.2-1741963152"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64",
"product_id": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-data-science-pipelines-argo-argoexec-rhel8@sha256%3Aee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=v2.16.2-1742851855"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64",
"product_id": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256%3Ad7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=v2.16.2-1742851855"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64",
"product_id": "registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-data-science-pipelines-operator-controller-rhel8@sha256%3Aa0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=v2.16.2-1742487380"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64",
"product_id": "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-kf-notebook-controller-rhel8@sha256%3A2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=v2.16.2-1742487225"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64",
"product_id": "registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-kuberay-operator-controller-rhel8@sha256%3A5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=v2.16.2-1742487199"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64",
"product_id": "registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-kueue-controller-rhel8@sha256%3A036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=v2.16.2-1742569683"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64",
"product_id": "registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-ml-pipelines-api-server-v2-rhel8@sha256%3Abe47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=v2.16.2-1742851679"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64",
"product_id": "registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-ml-pipelines-driver-rhel8@sha256%3A2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=v2.16.2-1742851679"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64",
"product_id": "registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-ml-pipelines-launcher-rhel8@sha256%3A8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=v2.16.2-1742851679"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64",
"product_id": "registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256%3A96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=v2.16.2-1742851679"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64",
"product_id": "registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256%3A52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=v2.16.2-1742851679"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64",
"product_id": "registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-mlmd-grpc-server-rhel8@sha256%3A5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=v2.16.2-1742487039"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64",
"product_id": "registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-mm-rest-proxy-rhel8@sha256%3Af738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=v2.16.2-1741882429"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64",
"product_id": "registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-model-controller-rhel8@sha256%3A6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=v2.16.2-1742480582"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64",
"product_id": "registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-model-registry-operator-rhel8@sha256%3A22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=v2.16.2-1742488678"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64",
"product_id": "registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-model-registry-rhel8@sha256%3Ade5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=v2.16.2-1742489233"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64",
"product_id": "registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-modelmesh-runtime-adapter-rhel8@sha256%3A4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=v2.16.2-1742488070"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64",
"product_id": "registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-modelmesh-serving-controller-rhel8@sha256%3A11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=v2.16.2-1742487789"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64",
"product_id": "registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-modelmesh-rhel8@sha256%3Ac499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=v2.16.2-1742490565"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64",
"product_id": "registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-notebook-controller-rhel8@sha256%3A4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=v2.16.2-1742487225"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64",
"product_id": "registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-operator-bundle@sha256%3A0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=v2.16.2-1742921697"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64",
"product_id": "registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-rhel8-operator@sha256%3Ac11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=v2.16.1-1742921168"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64",
"product_id": "registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-training-operator-rhel8@sha256%3Ac8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=v2.16.2-1742896493"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64",
"product_id": "registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-trustyai-service-operator-rhel8@sha256%3A3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=v2.16.2-1742891516"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64",
"product_id": "registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-trustyai-service-rhel8@sha256%3A633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=v2.16.2-1742487757"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-21538",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2024-11-08T13:44:29.182678+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2324550"
}
],
"notes": [
{
"category": "description",
"text": "A Regular Expression Denial of Service (ReDoS) vulnerability was found in the cross-spawn package for Node.js. Due to improper input sanitization, an attacker can increase CPU usage and crash the program with a large, specially crafted string.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cross-spawn: regular expression denial of service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-21538"
},
{
"category": "external",
"summary": "RHBZ#2324550",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2324550"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-21538",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21538"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-21538",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-21538"
},
{
"category": "external",
"summary": "https://github.com/moxystudio/node-cross-spawn/commit/5ff3a07d9add449021d806e45c4168203aa833ff",
"url": "https://github.com/moxystudio/node-cross-spawn/commit/5ff3a07d9add449021d806e45c4168203aa833ff"
},
{
"category": "external",
"summary": "https://github.com/moxystudio/node-cross-spawn/commit/640d391fde65388548601d95abedccc12943374f",
"url": "https://github.com/moxystudio/node-cross-spawn/commit/640d391fde65388548601d95abedccc12943374f"
},
{
"category": "external",
"summary": "https://github.com/moxystudio/node-cross-spawn/pull/160",
"url": "https://github.com/moxystudio/node-cross-spawn/pull/160"
},
{
"category": "external",
"summary": "https://security.snyk.io/vuln/SNYK-JS-CROSSSPAWN-8303230",
"url": "https://security.snyk.io/vuln/SNYK-JS-CROSSSPAWN-8303230"
}
],
"release_date": "2024-11-08T05:00:04.695000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-27T17:45:39+00:00",
"details": "For Red Hat OpenShift AI 2.16.0 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:3368"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "cross-spawn: regular expression denial of service"
},
{
"cve": "CVE-2024-45296",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2024-09-09T19:20:18.127723+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2310908"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in path-to-regexp package, where it turns path strings into regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance. Because JavaScript is single-threaded and regex matching runs on the main thread, poor performance will block the event loop and lead to a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "path-to-regexp: Backtracking regular expressions cause ReDoS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45296"
},
{
"category": "external",
"summary": "RHBZ#2310908",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310908"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45296",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45296"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45296",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45296"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/path-to-regexp/commit/29b96b4a1de52824e1ca0f49a701183cc4ed476f",
"url": "https://github.com/pillarjs/path-to-regexp/commit/29b96b4a1de52824e1ca0f49a701183cc4ed476f"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/path-to-regexp/commit/60f2121e9b66b7b622cc01080df0aabda9eedee6",
"url": "https://github.com/pillarjs/path-to-regexp/commit/60f2121e9b66b7b622cc01080df0aabda9eedee6"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j",
"url": "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j"
}
],
"release_date": "2024-09-09T19:15:13.330000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-27T17:45:39+00:00",
"details": "For Red Hat OpenShift AI 2.16.0 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:3368"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "path-to-regexp: Backtracking regular expressions cause ReDoS"
},
{
"cve": "CVE-2024-45338",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2024-12-18T21:00:59.938173+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2333122"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/net/html. This flaw allows an attacker to craft input to the parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This issue can cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as an Important severity because an attacker can craft malicious input that causes the parsing functions to process data non-linearly, resulting in significant delays which leads to a denial of service by exhausting system resources.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45338"
},
{
"category": "external",
"summary": "RHBZ#2333122",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2333122"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45338",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45338"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45338",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45338"
},
{
"category": "external",
"summary": "https://go.dev/cl/637536",
"url": "https://go.dev/cl/637536"
},
{
"category": "external",
"summary": "https://go.dev/issue/70906",
"url": "https://go.dev/issue/70906"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/wSCRmFnNmPA/m/Lvcd0mRMAwAJ",
"url": "https://groups.google.com/g/golang-announce/c/wSCRmFnNmPA/m/Lvcd0mRMAwAJ"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3333",
"url": "https://pkg.go.dev/vuln/GO-2024-3333"
}
],
"release_date": "2024-12-18T20:38:22.660000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-27T17:45:39+00:00",
"details": "For Red Hat OpenShift AI 2.16.0 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:3368"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html"
},
{
"cve": "CVE-2024-45339",
"cwe": {
"id": "CWE-59",
"name": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
},
"discovery_date": "2025-01-28T02:00:48.029971+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2342463"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in glog, a logging library. This vulnerability allows an unprivileged attacker to overwrite sensitive files via a symbolic link planted in a widely writable directory, exploiting the log file path predictability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/golang/glog: Vulnerability when creating log files in github.com/golang/glog",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45339"
},
{
"category": "external",
"summary": "RHBZ#2342463",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2342463"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45339",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45339"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45339",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45339"
},
{
"category": "external",
"summary": "https://github.com/golang/glog/pull/74",
"url": "https://github.com/golang/glog/pull/74"
},
{
"category": "external",
"summary": "https://github.com/golang/glog/pull/74/commits/b8741656e406e66d6992bc2c9575e460ecaa0ec2",
"url": "https://github.com/golang/glog/pull/74/commits/b8741656e406e66d6992bc2c9575e460ecaa0ec2"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/H-Q4ouHWyKs",
"url": "https://groups.google.com/g/golang-announce/c/H-Q4ouHWyKs"
},
{
"category": "external",
"summary": "https://owasp.org/www-community/vulnerabilities/Insecure_Temporary_File",
"url": "https://owasp.org/www-community/vulnerabilities/Insecure_Temporary_File"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3372",
"url": "https://pkg.go.dev/vuln/GO-2025-3372"
}
],
"release_date": "2025-01-28T01:03:24.105000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-27T17:45:39+00:00",
"details": "For Red Hat OpenShift AI 2.16.0 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:3368"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/golang/glog: Vulnerability when creating log files in github.com/golang/glog"
},
{
"cve": "CVE-2024-52798",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2024-12-05T23:00:59.020167+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2330689"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in path-to-regexp. A path-to-regexp turns path strings into regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "path-to-regexp: path-to-regexp Unpatched `path-to-regexp` ReDoS in 0.1.x",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability exists because of an incomplete fix for CVE-2024-45296.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-52798"
},
{
"category": "external",
"summary": "RHBZ#2330689",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2330689"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-52798",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52798"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-52798",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-52798"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/path-to-regexp/commit/f01c26a013b1889f0c217c643964513acf17f6a4",
"url": "https://github.com/pillarjs/path-to-regexp/commit/f01c26a013b1889f0c217c643964513acf17f6a4"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-rhx6-c78j-4q9w",
"url": "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-rhx6-c78j-4q9w"
}
],
"release_date": "2024-12-05T22:45:42.774000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-27T17:45:39+00:00",
"details": "For Red Hat OpenShift AI 2.16.0 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:3368"
},
{
"category": "workaround",
"details": "Avoid using two parameters within a single path segment when the separator is not, for example, /:a-:b. Alternatively, you can define the regex used for both parameters and ensure they do not overlap to allow backtracking.",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "path-to-regexp: path-to-regexp Unpatched `path-to-regexp` ReDoS in 0.1.x"
},
{
"cve": "CVE-2024-55565",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2024-12-09T02:00:45.255738+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2331063"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in nanoid. Affected versions of nanoid mishandles non-integer values. When nanoid is called with a fractional value, there were a number of undesirable effects:\n\n- In browser and non-secure, the code infinite loops on while (size--)\n- In node, the value of poolOffset becomes fractional, causing calls to nanoid to return zeroes until the pool is next filled: when i is initialized to poolOffset, pool[i] \u0026 63 -\u003e undefined \u0026 63 -\u003e 0\n- If the first call in node is a fractional argument, the initial buffer allocation fails with an error\n\nThe highest impact of this issue system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nanoid: nanoid mishandles non-integer values",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-55565"
},
{
"category": "external",
"summary": "RHBZ#2331063",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331063"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-55565",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-55565"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-55565",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-55565"
},
{
"category": "external",
"summary": "https://github.com/ai/nanoid/compare/3.3.7...3.3.8",
"url": "https://github.com/ai/nanoid/compare/3.3.7...3.3.8"
},
{
"category": "external",
"summary": "https://github.com/ai/nanoid/pull/510",
"url": "https://github.com/ai/nanoid/pull/510"
},
{
"category": "external",
"summary": "https://github.com/ai/nanoid/releases/tag/5.0.9",
"url": "https://github.com/ai/nanoid/releases/tag/5.0.9"
}
],
"release_date": "2024-12-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-27T17:45:39+00:00",
"details": "For Red Hat OpenShift AI 2.16.0 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:3368"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nanoid: nanoid mishandles non-integer values"
},
{
"cve": "CVE-2024-56171",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2025-02-18T23:01:25.366636+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2346416"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in libxml2. This vulnerability allows a use-after-free via a crafted XML document validated against an XML schema with certain identity constraints or a crafted XML schema.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml2: Use-After-Free in libxml2",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as important because it involves a use-after-free flaw in the xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables functions. A maliciously crafted XML document or schema, containing specific identity constraints, can be used to trigger this vulnerability and potentially gain unauthorized access or cause a denial-of-service condition.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-56171"
},
{
"category": "external",
"summary": "RHBZ#2346416",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2346416"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-56171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56171"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-56171",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-56171"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/828",
"url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/828"
}
],
"release_date": "2025-02-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-27T17:45:39+00:00",
"details": "For Red Hat OpenShift AI 2.16.0 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:3368"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libxml2: Use-After-Free in libxml2"
},
{
"cve": "CVE-2024-56201",
"cwe": {
"id": "CWE-150",
"name": "Improper Neutralization of Escape, Meta, or Control Sequences"
},
"discovery_date": "2024-12-23T16:00:38.768252+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2333854"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Jinja2 package. A bug in the Jinja compiler allows an attacker that controls both the content and filename of a template to execute arbitrary Python code, regardless of Jinja\u0027s sandbox being used. An attacker needs to be able to control both the filename and the contents of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications that execute untrusted templates where the template author can also choose the template filename.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jinja2: Jinja has a sandbox breakout through malicious filenames",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability has rated as a IMPORTANT flaw because an attacker controlling both the template content and filename to execute arbitrary Python code, bypassing the sandbox.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-56201"
},
{
"category": "external",
"summary": "RHBZ#2333854",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2333854"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-56201",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56201"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-56201",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-56201"
},
{
"category": "external",
"summary": "https://github.com/pallets/jinja/commit/767b23617628419ae3709ccfb02f9602ae9fe51f",
"url": "https://github.com/pallets/jinja/commit/767b23617628419ae3709ccfb02f9602ae9fe51f"
},
{
"category": "external",
"summary": "https://github.com/pallets/jinja/issues/1792",
"url": "https://github.com/pallets/jinja/issues/1792"
},
{
"category": "external",
"summary": "https://github.com/pallets/jinja/releases/tag/3.1.5",
"url": "https://github.com/pallets/jinja/releases/tag/3.1.5"
},
{
"category": "external",
"summary": "https://github.com/pallets/jinja/security/advisories/GHSA-gmj6-6f8f-6699",
"url": "https://github.com/pallets/jinja/security/advisories/GHSA-gmj6-6f8f-6699"
}
],
"release_date": "2024-12-23T15:37:36.110000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-27T17:45:39+00:00",
"details": "For Red Hat OpenShift AI 2.16.0 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:3368"
},
{
"category": "workaround",
"details": "To mitigate this vulnerabilty restrict user-controlled template filenames, ensuring they follow a predefined templates.",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jinja2: Jinja has a sandbox breakout through malicious filenames"
},
{
"cve": "CVE-2025-22150",
"cwe": {
"id": "CWE-330",
"name": "Use of Insufficiently Random Values"
},
"discovery_date": "2025-01-21T18:01:24.182126+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2339176"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the undici package for Node.js. Undici uses `Math.random()` to choose the boundary for a multipart/form-data request. It is known that the output of `Math.random()` can be predicted if several of its generated values are known. If an app has a mechanism that sends multipart requests to an attacker-controlled website, it can leak the necessary values. Therefore, an attacker can tamper with the requests going to the backend APIs if certain conditions are met.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undici: Undici Uses Insufficiently Random Values",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-22150"
},
{
"category": "external",
"summary": "RHBZ#2339176",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2339176"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-22150",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22150"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-22150",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22150"
},
{
"category": "external",
"summary": "https://blog.securityevaluators.com/hacking-the-javascript-lottery-80cc437e3b7f",
"url": "https://blog.securityevaluators.com/hacking-the-javascript-lottery-80cc437e3b7f"
},
{
"category": "external",
"summary": "https://github.com/nodejs/undici/blob/8b06b8250907d92fead664b3368f1d2aa27c1f35/lib/web/fetch/body.js#L113",
"url": "https://github.com/nodejs/undici/blob/8b06b8250907d92fead664b3368f1d2aa27c1f35/lib/web/fetch/body.js#L113"
},
{
"category": "external",
"summary": "https://github.com/nodejs/undici/commit/711e20772764c29f6622ddc937c63b6eefdf07d0",
"url": "https://github.com/nodejs/undici/commit/711e20772764c29f6622ddc937c63b6eefdf07d0"
},
{
"category": "external",
"summary": "https://github.com/nodejs/undici/commit/c2d78cd19fe4f4c621424491e26ce299e65e934a",
"url": "https://github.com/nodejs/undici/commit/c2d78cd19fe4f4c621424491e26ce299e65e934a"
},
{
"category": "external",
"summary": "https://github.com/nodejs/undici/commit/c3acc6050b781b827d80c86cbbab34f14458d385",
"url": "https://github.com/nodejs/undici/commit/c3acc6050b781b827d80c86cbbab34f14458d385"
},
{
"category": "external",
"summary": "https://github.com/nodejs/undici/security/advisories/GHSA-c76h-2ccp-4975",
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-c76h-2ccp-4975"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/2913312",
"url": "https://hackerone.com/reports/2913312"
}
],
"release_date": "2025-01-21T17:46:58.872000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-27T17:45:39+00:00",
"details": "For Red Hat OpenShift AI 2.16.0 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:3368"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "undici: Undici Uses Insufficiently Random Values"
},
{
"cve": "CVE-2025-24928",
"cwe": {
"id": "CWE-121",
"name": "Stack-based Buffer Overflow"
},
"discovery_date": "2025-02-18T23:01:36.502916+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2346421"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in libxml2. This vulnerability allows a stack-based buffer overflow via DTD validation of an untrusted document or untrusted DTD.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml2: Stack-based buffer overflow in xmlSnprintfElements of libxml2",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as important because it involves a stack-based buffer overflow in the xmlSnprintfElements function within valid.c. Exploiting this issue requires DTD validation to occur on an untrusted document or untrusted DTD, making it a potential security risk for applications using libxml2 that do not adequately restrict DTD input.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-24928"
},
{
"category": "external",
"summary": "RHBZ#2346421",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2346421"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-24928",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24928"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-24928",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24928"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/847",
"url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/847"
},
{
"category": "external",
"summary": "https://issues.oss-fuzz.com/issues/392687022",
"url": "https://issues.oss-fuzz.com/issues/392687022"
}
],
"release_date": "2025-02-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-27T17:45:39+00:00",
"details": "For Red Hat OpenShift AI 2.16.0 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:3368"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libxml2: Stack-based buffer overflow in xmlSnprintfElements of libxml2"
},
{
"cve": "CVE-2025-26791",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2025-02-14T09:00:45.578144+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2345695"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in DOMPurify. This vulnerability allows attackers to execute mutation-based Cross-site scripting (mXSS) via an incorrect template literal regular expression.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "dompurify: Mutation XSS in DOMPurify Due to Improper Template Literal Handling",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-26791"
},
{
"category": "external",
"summary": "RHBZ#2345695",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2345695"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-26791",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-26791"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-26791",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-26791"
},
{
"category": "external",
"summary": "https://ensy.zip/posts/dompurify-323-bypass/",
"url": "https://ensy.zip/posts/dompurify-323-bypass/"
},
{
"category": "external",
"summary": "https://github.com/cure53/DOMPurify/commit/d18ffcb554e0001748865da03ac75dd7829f0f02",
"url": "https://github.com/cure53/DOMPurify/commit/d18ffcb554e0001748865da03ac75dd7829f0f02"
},
{
"category": "external",
"summary": "https://github.com/cure53/DOMPurify/releases/tag/3.2.4",
"url": "https://github.com/cure53/DOMPurify/releases/tag/3.2.4"
},
{
"category": "external",
"summary": "https://nsysean.github.io/posts/dompurify-323-bypass/",
"url": "https://nsysean.github.io/posts/dompurify-323-bypass/"
}
],
"release_date": "2025-02-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-27T17:45:39+00:00",
"details": "For Red Hat OpenShift AI 2.16.0 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:3368"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "dompurify: Mutation XSS in DOMPurify Due to Improper Template Literal Handling"
}
]
}
RHSA-2025:3374
Vulnerability from csaf_redhat - Published: 2025-03-27 20:51 - Updated: 2026-06-02 21:45Summary
Red Hat Security Advisory: Red Hat Developer Hub 1.5.1 release.
Severity
Important
Notes
Topic: Red Hat Developer Hub 1.5.1 has been released.
Details: Red Hat Developer Hub (RHDH) is Red Hat's enterprise-grade, self-managed, customizable developer portal based on Backstage.io. RHDH is supported on OpenShift and other major Kubernetes clusters (AKS, EKS, GKE). The core features of RHDH include a single pane of glass, a centralized software catalog, self-service via golden path templates, and Tech Docs. RHDH is extensible by plugins.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in golang.org/x/net/html. This flaw allows an attacker to craft input to the parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This issue can cause a denial of service.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:fb4e2008ce87732246bebff004496125f7562b10a60f01eda658e4266d9d0158_amd64 | — |
Vendor Fix
fix
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:56bfbb2328f42e91d0462e142f3434e5d771737defbc07d8a21dbdf50e468665_amd64 | — | ||
| Unresolved product id: Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:c870eb3d17807a9d04011df5244ea39db66af76aefd0af68244c95ed8322d8b5_amd64 | — |
Threats
Impact
Important
A flaw was found in the Rollup module bundler for JavaScript. Certain versions are susceptible to a DOM Clobbering vulnerability when bundling scripts with properties from `import.meta` such as `import.meta.url` in the `cjs`/`umd`/`iife` format. The DOM Clobbering gadget can lead to cross-site scripting (XSS) in web pages where scriptless attacker-controlled HTML elements are present, for example, an `img` tag with an unsanitized `name` attribute.
6.4 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:56bfbb2328f42e91d0462e142f3434e5d771737defbc07d8a21dbdf50e468665_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:c870eb3d17807a9d04011df5244ea39db66af76aefd0af68244c95ed8322d8b5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:fb4e2008ce87732246bebff004496125f7562b10a60f01eda658e4266d9d0158_amd64 | — |
Workaround
|
Threats
Impact
Moderate
A flaw was found in path-to-regexp. A path-to-regexp turns path strings into regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance.
5.3 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:56bfbb2328f42e91d0462e142f3434e5d771737defbc07d8a21dbdf50e468665_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:c870eb3d17807a9d04011df5244ea39db66af76aefd0af68244c95ed8322d8b5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:fb4e2008ce87732246bebff004496125f7562b10a60f01eda658e4266d9d0158_amd64 | — |
Workaround
|
Threats
Impact
Moderate
A flaw was found in nanoid. Affected versions of nanoid mishandles non-integer values. When nanoid is called with a fractional value, there were a number of undesirable effects: - In browser and non-secure, the code infinite loops on while (size--) - In node, the value of poolOffset becomes fractional, causing calls to nanoid to return zeroes until the pool is next filled: when i is initialized to poolOffset, pool[i] & 63 -> undefined & 63 -> 0 - If the first call in node is a fractional argument, the initial buffer allocation fails with an error The highest impact of this issue system availability.
6.5 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:56bfbb2328f42e91d0462e142f3434e5d771737defbc07d8a21dbdf50e468665_amd64 | — |
Vendor Fix
fix
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:c870eb3d17807a9d04011df5244ea39db66af76aefd0af68244c95ed8322d8b5_amd64 | — | ||
| Unresolved product id: Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:fb4e2008ce87732246bebff004496125f7562b10a60f01eda658e4266d9d0158_amd64 | — |
Threats
Impact
Moderate
A flaw was found in the Jinja2 package. A bug in the Jinja compiler allows an attacker that controls both the content and filename of a template to execute arbitrary Python code, regardless of Jinja's sandbox being used. An attacker needs to be able to control both the filename and the contents of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications that execute untrusted templates where the template author can also choose the template filename.
7.3 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:56bfbb2328f42e91d0462e142f3434e5d771737defbc07d8a21dbdf50e468665_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:c870eb3d17807a9d04011df5244ea39db66af76aefd0af68244c95ed8322d8b5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:fb4e2008ce87732246bebff004496125f7562b10a60f01eda658e4266d9d0158_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in the Jinja package. In affected versions of Jinja, an oversight in how the Jinja sandboxed environment detects calls to str.format allows an attacker that controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker needs to control the content of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications that execute untrusted templates. Jinja's sandbox does catch calls to str.format and ensures they don't escape the sandbox. However, storing a reference to a malicious string's format method is possible, then passing that to a filter that calls it. No such filters are built into Jinja but could be present through custom filters in an application. After the fix, such indirect calls are also handled by the sandbox.
6.3 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:56bfbb2328f42e91d0462e142f3434e5d771737defbc07d8a21dbdf50e468665_amd64 | — |
Vendor Fix
fix
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:c870eb3d17807a9d04011df5244ea39db66af76aefd0af68244c95ed8322d8b5_amd64 | — | ||
| Unresolved product id: Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:fb4e2008ce87732246bebff004496125f7562b10a60f01eda658e4266d9d0158_amd64 | — |
Threats
Impact
Moderate
A flaw was found in the systeminformation library for Node.js. In Windows systems, the SSID parameter of the `getWindowsIEEE8021x` function is not sanitized before it is passed to cmd.exe. This may allow a remote attacker to execute arbitrary commands on the target system.
8.0 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:56bfbb2328f42e91d0462e142f3434e5d771737defbc07d8a21dbdf50e468665_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:c870eb3d17807a9d04011df5244ea39db66af76aefd0af68244c95ed8322d8b5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:fb4e2008ce87732246bebff004496125f7562b10a60f01eda658e4266d9d0158_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in the undici package for Node.js. Undici uses `Math.random()` to choose the boundary for a multipart/form-data request. It is known that the output of `Math.random()` can be predicted if several of its generated values are known. If an app has a mechanism that sends multipart requests to an attacker-controlled website, it can leak the necessary values. Therefore, an attacker can tamper with the requests going to the backend APIs if certain conditions are met.
6.8 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:56bfbb2328f42e91d0462e142f3434e5d771737defbc07d8a21dbdf50e468665_amd64 | — |
Vendor Fix
fix
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:c870eb3d17807a9d04011df5244ea39db66af76aefd0af68244c95ed8322d8b5_amd64 | — | ||
| Unresolved product id: Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:fb4e2008ce87732246bebff004496125f7562b10a60f01eda658e4266d9d0158_amd64 | — |
Threats
Impact
Moderate
A flaw was found in Jinja. In affected versions, an oversight in how the Jinja sandboxed environment interacts with the `|attr` filter allows an attacker who controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker needs to control the content of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications that execute untrusted templates. Jinja's sandbox does catch calls to `str.format` and ensures they don't escape the sandbox. However, it's possible to use the `|attr` filter to get a reference to a string's plain format method, bypassing the sandbox.
7.3 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:56bfbb2328f42e91d0462e142f3434e5d771737defbc07d8a21dbdf50e468665_amd64 | — |
Vendor Fix
fix
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:c870eb3d17807a9d04011df5244ea39db66af76aefd0af68244c95ed8322d8b5_amd64 | — | ||
| Unresolved product id: Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:fb4e2008ce87732246bebff004496125f7562b10a60f01eda658e4266d9d0158_amd64 | — |
Threats
Impact
Important
A flaw was found in the xml-crypto library for Node.js. An attacker can exploit this vulnerability to bypass authentication or authorization mechanisms in systems that rely on xml-crypto to verify signed XML documents. The vulnerability allows an attacker to modify a valid signed XML message in a way that still passes signature verification checks.
9.1 (Critical)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:56bfbb2328f42e91d0462e142f3434e5d771737defbc07d8a21dbdf50e468665_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:c870eb3d17807a9d04011df5244ea39db66af76aefd0af68244c95ed8322d8b5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:fb4e2008ce87732246bebff004496125f7562b10a60f01eda658e4266d9d0158_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in the xml-crypto library for Node.js. An attacker can exploit this vulnerability to bypass authentication or authorization mechanisms in systems that rely on xml-crypto to verify signed XML documents. The vulnerability allows an attacker to modify a valid signed XML message in a way that still passes signature verification checks.
9.1 (Critical)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:56bfbb2328f42e91d0462e142f3434e5d771737defbc07d8a21dbdf50e468665_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:c870eb3d17807a9d04011df5244ea39db66af76aefd0af68244c95ed8322d8b5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:fb4e2008ce87732246bebff004496125f7562b10a60f01eda658e4266d9d0158_amd64 | — |
Workaround
|
Threats
Impact
Important
References
100 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat Developer Hub 1.5.1 has been released.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Developer Hub (RHDH) is Red Hat\u0027s enterprise-grade, self-managed, customizable developer portal based on Backstage.io. RHDH is supported on OpenShift and other major Kubernetes clusters (AKS, EKS, GKE). The core features of RHDH include a single pane of glass, a centralized software catalog, self-service via golden path templates, and Tech Docs. RHDH is extensible by plugins.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:3374",
"url": "https://access.redhat.com/errata/RHSA-2025:3374"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-45338",
"url": "https://access.redhat.com/security/cve/CVE-2024-45338"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-47068",
"url": "https://access.redhat.com/security/cve/CVE-2024-47068"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-52798",
"url": "https://access.redhat.com/security/cve/CVE-2024-52798"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-55565",
"url": "https://access.redhat.com/security/cve/CVE-2024-55565"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-56201",
"url": "https://access.redhat.com/security/cve/CVE-2024-56201"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-56326",
"url": "https://access.redhat.com/security/cve/CVE-2024-56326"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-56334",
"url": "https://access.redhat.com/security/cve/CVE-2024-56334"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-22150",
"url": "https://access.redhat.com/security/cve/CVE-2025-22150"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-29774",
"url": "https://access.redhat.com/security/cve/CVE-2025-29774"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-29775",
"url": "https://access.redhat.com/security/cve/CVE-2025-29775"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/cve-2025-27516",
"url": "https://access.redhat.com/security/cve/cve-2025-27516"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://catalog.redhat.com/search?gs\u0026searchType=containers\u0026q=rhdh",
"url": "https://catalog.redhat.com/search?gs\u0026searchType=containers\u0026q=rhdh"
},
{
"category": "external",
"summary": "https://developers.redhat.com/rhdh/overview",
"url": "https://developers.redhat.com/rhdh/overview"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_developer_hub",
"url": "https://docs.redhat.com/en/documentation/red_hat_developer_hub"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_3374.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Developer Hub 1.5.1 release.",
"tracking": {
"current_release_date": "2026-06-02T21:45:57+00:00",
"generator": {
"date": "2026-06-02T21:45:57+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHSA-2025:3374",
"initial_release_date": "2025-03-27T20:51:32+00:00",
"revision_history": [
{
"date": "2025-03-27T20:51:32+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-04-04T11:00:58+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-02T21:45:57+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Developer Hub 1.5",
"product": {
"name": "Red Hat Developer Hub 1.5",
"product_id": "Red Hat Developer Hub 1.5",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhdh:1.5::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Developer Hub"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:56bfbb2328f42e91d0462e142f3434e5d771737defbc07d8a21dbdf50e468665_amd64",
"product": {
"name": "registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:56bfbb2328f42e91d0462e142f3434e5d771737defbc07d8a21dbdf50e468665_amd64",
"product_id": "registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:56bfbb2328f42e91d0462e142f3434e5d771737defbc07d8a21dbdf50e468665_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhdh-hub-rhel9@sha256%3A56bfbb2328f42e91d0462e142f3434e5d771737defbc07d8a21dbdf50e468665?arch=amd64\u0026repository_url=registry.redhat.io/rhdh"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:fb4e2008ce87732246bebff004496125f7562b10a60f01eda658e4266d9d0158_amd64",
"product": {
"name": "registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:fb4e2008ce87732246bebff004496125f7562b10a60f01eda658e4266d9d0158_amd64",
"product_id": "registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:fb4e2008ce87732246bebff004496125f7562b10a60f01eda658e4266d9d0158_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhdh-rhel9-operator@sha256%3Afb4e2008ce87732246bebff004496125f7562b10a60f01eda658e4266d9d0158?arch=amd64\u0026repository_url=registry.redhat.io/rhdh"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:c870eb3d17807a9d04011df5244ea39db66af76aefd0af68244c95ed8322d8b5_amd64",
"product": {
"name": "registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:c870eb3d17807a9d04011df5244ea39db66af76aefd0af68244c95ed8322d8b5_amd64",
"product_id": "registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:c870eb3d17807a9d04011df5244ea39db66af76aefd0af68244c95ed8322d8b5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhdh-operator-bundle@sha256%3Ac870eb3d17807a9d04011df5244ea39db66af76aefd0af68244c95ed8322d8b5?arch=amd64\u0026repository_url=registry.redhat.io/rhdh"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:56bfbb2328f42e91d0462e142f3434e5d771737defbc07d8a21dbdf50e468665_amd64 as a component of Red Hat Developer Hub 1.5",
"product_id": "Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:56bfbb2328f42e91d0462e142f3434e5d771737defbc07d8a21dbdf50e468665_amd64"
},
"product_reference": "registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:56bfbb2328f42e91d0462e142f3434e5d771737defbc07d8a21dbdf50e468665_amd64",
"relates_to_product_reference": "Red Hat Developer Hub 1.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:c870eb3d17807a9d04011df5244ea39db66af76aefd0af68244c95ed8322d8b5_amd64 as a component of Red Hat Developer Hub 1.5",
"product_id": "Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:c870eb3d17807a9d04011df5244ea39db66af76aefd0af68244c95ed8322d8b5_amd64"
},
"product_reference": "registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:c870eb3d17807a9d04011df5244ea39db66af76aefd0af68244c95ed8322d8b5_amd64",
"relates_to_product_reference": "Red Hat Developer Hub 1.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:fb4e2008ce87732246bebff004496125f7562b10a60f01eda658e4266d9d0158_amd64 as a component of Red Hat Developer Hub 1.5",
"product_id": "Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:fb4e2008ce87732246bebff004496125f7562b10a60f01eda658e4266d9d0158_amd64"
},
"product_reference": "registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:fb4e2008ce87732246bebff004496125f7562b10a60f01eda658e4266d9d0158_amd64",
"relates_to_product_reference": "Red Hat Developer Hub 1.5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-45338",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2024-12-18T21:00:59.938173+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:56bfbb2328f42e91d0462e142f3434e5d771737defbc07d8a21dbdf50e468665_amd64",
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:c870eb3d17807a9d04011df5244ea39db66af76aefd0af68244c95ed8322d8b5_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2333122"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/net/html. This flaw allows an attacker to craft input to the parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This issue can cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as an Important severity because an attacker can craft malicious input that causes the parsing functions to process data non-linearly, resulting in significant delays which leads to a denial of service by exhausting system resources.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:fb4e2008ce87732246bebff004496125f7562b10a60f01eda658e4266d9d0158_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:56bfbb2328f42e91d0462e142f3434e5d771737defbc07d8a21dbdf50e468665_amd64",
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:c870eb3d17807a9d04011df5244ea39db66af76aefd0af68244c95ed8322d8b5_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45338"
},
{
"category": "external",
"summary": "RHBZ#2333122",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2333122"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45338",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45338"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45338",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45338"
},
{
"category": "external",
"summary": "https://go.dev/cl/637536",
"url": "https://go.dev/cl/637536"
},
{
"category": "external",
"summary": "https://go.dev/issue/70906",
"url": "https://go.dev/issue/70906"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/wSCRmFnNmPA/m/Lvcd0mRMAwAJ",
"url": "https://groups.google.com/g/golang-announce/c/wSCRmFnNmPA/m/Lvcd0mRMAwAJ"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3333",
"url": "https://pkg.go.dev/vuln/GO-2024-3333"
}
],
"release_date": "2024-12-18T20:38:22.660000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-27T20:51:32+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:fb4e2008ce87732246bebff004496125f7562b10a60f01eda658e4266d9d0158_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:3374"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:56bfbb2328f42e91d0462e142f3434e5d771737defbc07d8a21dbdf50e468665_amd64",
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:c870eb3d17807a9d04011df5244ea39db66af76aefd0af68244c95ed8322d8b5_amd64",
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:fb4e2008ce87732246bebff004496125f7562b10a60f01eda658e4266d9d0158_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html"
},
{
"cve": "CVE-2024-47068",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-09-23T16:20:20.383320+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:c870eb3d17807a9d04011df5244ea39db66af76aefd0af68244c95ed8322d8b5_amd64",
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:fb4e2008ce87732246bebff004496125f7562b10a60f01eda658e4266d9d0158_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2314249"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Rollup module bundler for JavaScript. Certain versions are susceptible to a DOM Clobbering vulnerability when bundling scripts with properties from `import.meta` such as `import.meta.url` in the `cjs`/`umd`/`iife` format. The DOM Clobbering gadget can lead to cross-site scripting (XSS) in web pages where scriptless attacker-controlled HTML elements are present, for example, an `img` tag with an unsanitized `name` attribute.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rollup: DOM Clobbering Gadget found in rollup bundled scripts that leads to XSS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is classified as moderate severity rather than important because it requires a specific and relatively uncommon attack vector to exploit\u2014namely, attacker-controlled scriptless HTML elements, such as an unsanitized name attribute in an img tag, which are typically less prevalent in well-maintained web applications. Additionally, the impact is limited to scenarios where import.meta is improperly handled in specific module formats (`cjs`, `umd`, `iife`), and the vulnerability can only lead to cross-site scripting (XSS) under specific conditions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:56bfbb2328f42e91d0462e142f3434e5d771737defbc07d8a21dbdf50e468665_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:c870eb3d17807a9d04011df5244ea39db66af76aefd0af68244c95ed8322d8b5_amd64",
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:fb4e2008ce87732246bebff004496125f7562b10a60f01eda658e4266d9d0158_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-47068"
},
{
"category": "external",
"summary": "RHBZ#2314249",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2314249"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-47068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47068"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-47068",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-47068"
},
{
"category": "external",
"summary": "https://github.com/rollup/rollup/blob/b86ffd776cfa906573d36c3f019316d02445d9ef/src/ast/nodes/MetaProperty.ts#L157-L162",
"url": "https://github.com/rollup/rollup/blob/b86ffd776cfa906573d36c3f019316d02445d9ef/src/ast/nodes/MetaProperty.ts#L157-L162"
},
{
"category": "external",
"summary": "https://github.com/rollup/rollup/blob/b86ffd776cfa906573d36c3f019316d02445d9ef/src/ast/nodes/MetaProperty.ts#L180-L185",
"url": "https://github.com/rollup/rollup/blob/b86ffd776cfa906573d36c3f019316d02445d9ef/src/ast/nodes/MetaProperty.ts#L180-L185"
},
{
"category": "external",
"summary": "https://github.com/rollup/rollup/commit/2ef77c00ec2635d42697cff2c0567ccc8db34fb4",
"url": "https://github.com/rollup/rollup/commit/2ef77c00ec2635d42697cff2c0567ccc8db34fb4"
},
{
"category": "external",
"summary": "https://github.com/rollup/rollup/commit/e2552c9e955e0a61f70f508200ee9f752f85a541",
"url": "https://github.com/rollup/rollup/commit/e2552c9e955e0a61f70f508200ee9f752f85a541"
},
{
"category": "external",
"summary": "https://github.com/rollup/rollup/security/advisories/GHSA-gcx4-mw62-g8wm",
"url": "https://github.com/rollup/rollup/security/advisories/GHSA-gcx4-mw62-g8wm"
}
],
"release_date": "2024-09-23T16:15:06.947000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-27T20:51:32+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:56bfbb2328f42e91d0462e142f3434e5d771737defbc07d8a21dbdf50e468665_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:3374"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:56bfbb2328f42e91d0462e142f3434e5d771737defbc07d8a21dbdf50e468665_amd64",
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:c870eb3d17807a9d04011df5244ea39db66af76aefd0af68244c95ed8322d8b5_amd64",
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:fb4e2008ce87732246bebff004496125f7562b10a60f01eda658e4266d9d0158_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:56bfbb2328f42e91d0462e142f3434e5d771737defbc07d8a21dbdf50e468665_amd64",
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:c870eb3d17807a9d04011df5244ea39db66af76aefd0af68244c95ed8322d8b5_amd64",
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:fb4e2008ce87732246bebff004496125f7562b10a60f01eda658e4266d9d0158_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "rollup: DOM Clobbering Gadget found in rollup bundled scripts that leads to XSS"
},
{
"cve": "CVE-2024-52798",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2024-12-05T23:00:59.020167+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:c870eb3d17807a9d04011df5244ea39db66af76aefd0af68244c95ed8322d8b5_amd64",
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:fb4e2008ce87732246bebff004496125f7562b10a60f01eda658e4266d9d0158_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2330689"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in path-to-regexp. A path-to-regexp turns path strings into regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "path-to-regexp: path-to-regexp Unpatched `path-to-regexp` ReDoS in 0.1.x",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability exists because of an incomplete fix for CVE-2024-45296.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:56bfbb2328f42e91d0462e142f3434e5d771737defbc07d8a21dbdf50e468665_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:c870eb3d17807a9d04011df5244ea39db66af76aefd0af68244c95ed8322d8b5_amd64",
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:fb4e2008ce87732246bebff004496125f7562b10a60f01eda658e4266d9d0158_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-52798"
},
{
"category": "external",
"summary": "RHBZ#2330689",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2330689"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-52798",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52798"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-52798",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-52798"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/path-to-regexp/commit/f01c26a013b1889f0c217c643964513acf17f6a4",
"url": "https://github.com/pillarjs/path-to-regexp/commit/f01c26a013b1889f0c217c643964513acf17f6a4"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-rhx6-c78j-4q9w",
"url": "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-rhx6-c78j-4q9w"
}
],
"release_date": "2024-12-05T22:45:42.774000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-27T20:51:32+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:56bfbb2328f42e91d0462e142f3434e5d771737defbc07d8a21dbdf50e468665_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:3374"
},
{
"category": "workaround",
"details": "Avoid using two parameters within a single path segment when the separator is not, for example, /:a-:b. Alternatively, you can define the regex used for both parameters and ensure they do not overlap to allow backtracking.",
"product_ids": [
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:56bfbb2328f42e91d0462e142f3434e5d771737defbc07d8a21dbdf50e468665_amd64",
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:c870eb3d17807a9d04011df5244ea39db66af76aefd0af68244c95ed8322d8b5_amd64",
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:fb4e2008ce87732246bebff004496125f7562b10a60f01eda658e4266d9d0158_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:56bfbb2328f42e91d0462e142f3434e5d771737defbc07d8a21dbdf50e468665_amd64",
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:c870eb3d17807a9d04011df5244ea39db66af76aefd0af68244c95ed8322d8b5_amd64",
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:fb4e2008ce87732246bebff004496125f7562b10a60f01eda658e4266d9d0158_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "path-to-regexp: path-to-regexp Unpatched `path-to-regexp` ReDoS in 0.1.x"
},
{
"cve": "CVE-2024-55565",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2024-12-09T02:00:45.255738+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:c870eb3d17807a9d04011df5244ea39db66af76aefd0af68244c95ed8322d8b5_amd64",
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:fb4e2008ce87732246bebff004496125f7562b10a60f01eda658e4266d9d0158_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2331063"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in nanoid. Affected versions of nanoid mishandles non-integer values. When nanoid is called with a fractional value, there were a number of undesirable effects:\n\n- In browser and non-secure, the code infinite loops on while (size--)\n- In node, the value of poolOffset becomes fractional, causing calls to nanoid to return zeroes until the pool is next filled: when i is initialized to poolOffset, pool[i] \u0026 63 -\u003e undefined \u0026 63 -\u003e 0\n- If the first call in node is a fractional argument, the initial buffer allocation fails with an error\n\nThe highest impact of this issue system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nanoid: nanoid mishandles non-integer values",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:56bfbb2328f42e91d0462e142f3434e5d771737defbc07d8a21dbdf50e468665_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:c870eb3d17807a9d04011df5244ea39db66af76aefd0af68244c95ed8322d8b5_amd64",
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:fb4e2008ce87732246bebff004496125f7562b10a60f01eda658e4266d9d0158_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-55565"
},
{
"category": "external",
"summary": "RHBZ#2331063",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331063"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-55565",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-55565"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-55565",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-55565"
},
{
"category": "external",
"summary": "https://github.com/ai/nanoid/compare/3.3.7...3.3.8",
"url": "https://github.com/ai/nanoid/compare/3.3.7...3.3.8"
},
{
"category": "external",
"summary": "https://github.com/ai/nanoid/pull/510",
"url": "https://github.com/ai/nanoid/pull/510"
},
{
"category": "external",
"summary": "https://github.com/ai/nanoid/releases/tag/5.0.9",
"url": "https://github.com/ai/nanoid/releases/tag/5.0.9"
}
],
"release_date": "2024-12-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-27T20:51:32+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:56bfbb2328f42e91d0462e142f3434e5d771737defbc07d8a21dbdf50e468665_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:3374"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:56bfbb2328f42e91d0462e142f3434e5d771737defbc07d8a21dbdf50e468665_amd64",
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:c870eb3d17807a9d04011df5244ea39db66af76aefd0af68244c95ed8322d8b5_amd64",
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:fb4e2008ce87732246bebff004496125f7562b10a60f01eda658e4266d9d0158_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nanoid: nanoid mishandles non-integer values"
},
{
"cve": "CVE-2024-56201",
"cwe": {
"id": "CWE-150",
"name": "Improper Neutralization of Escape, Meta, or Control Sequences"
},
"discovery_date": "2024-12-23T16:00:38.768252+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:c870eb3d17807a9d04011df5244ea39db66af76aefd0af68244c95ed8322d8b5_amd64",
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:fb4e2008ce87732246bebff004496125f7562b10a60f01eda658e4266d9d0158_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2333854"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Jinja2 package. A bug in the Jinja compiler allows an attacker that controls both the content and filename of a template to execute arbitrary Python code, regardless of Jinja\u0027s sandbox being used. An attacker needs to be able to control both the filename and the contents of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications that execute untrusted templates where the template author can also choose the template filename.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jinja2: Jinja has a sandbox breakout through malicious filenames",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability has rated as a IMPORTANT flaw because an attacker controlling both the template content and filename to execute arbitrary Python code, bypassing the sandbox.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:56bfbb2328f42e91d0462e142f3434e5d771737defbc07d8a21dbdf50e468665_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:c870eb3d17807a9d04011df5244ea39db66af76aefd0af68244c95ed8322d8b5_amd64",
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:fb4e2008ce87732246bebff004496125f7562b10a60f01eda658e4266d9d0158_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-56201"
},
{
"category": "external",
"summary": "RHBZ#2333854",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2333854"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-56201",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56201"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-56201",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-56201"
},
{
"category": "external",
"summary": "https://github.com/pallets/jinja/commit/767b23617628419ae3709ccfb02f9602ae9fe51f",
"url": "https://github.com/pallets/jinja/commit/767b23617628419ae3709ccfb02f9602ae9fe51f"
},
{
"category": "external",
"summary": "https://github.com/pallets/jinja/issues/1792",
"url": "https://github.com/pallets/jinja/issues/1792"
},
{
"category": "external",
"summary": "https://github.com/pallets/jinja/releases/tag/3.1.5",
"url": "https://github.com/pallets/jinja/releases/tag/3.1.5"
},
{
"category": "external",
"summary": "https://github.com/pallets/jinja/security/advisories/GHSA-gmj6-6f8f-6699",
"url": "https://github.com/pallets/jinja/security/advisories/GHSA-gmj6-6f8f-6699"
}
],
"release_date": "2024-12-23T15:37:36.110000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-27T20:51:32+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:56bfbb2328f42e91d0462e142f3434e5d771737defbc07d8a21dbdf50e468665_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:3374"
},
{
"category": "workaround",
"details": "To mitigate this vulnerabilty restrict user-controlled template filenames, ensuring they follow a predefined templates.",
"product_ids": [
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:56bfbb2328f42e91d0462e142f3434e5d771737defbc07d8a21dbdf50e468665_amd64",
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:c870eb3d17807a9d04011df5244ea39db66af76aefd0af68244c95ed8322d8b5_amd64",
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:fb4e2008ce87732246bebff004496125f7562b10a60f01eda658e4266d9d0158_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:56bfbb2328f42e91d0462e142f3434e5d771737defbc07d8a21dbdf50e468665_amd64",
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:c870eb3d17807a9d04011df5244ea39db66af76aefd0af68244c95ed8322d8b5_amd64",
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:fb4e2008ce87732246bebff004496125f7562b10a60f01eda658e4266d9d0158_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jinja2: Jinja has a sandbox breakout through malicious filenames"
},
{
"cve": "CVE-2024-56326",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2024-12-23T16:00:46.619763+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:c870eb3d17807a9d04011df5244ea39db66af76aefd0af68244c95ed8322d8b5_amd64",
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:fb4e2008ce87732246bebff004496125f7562b10a60f01eda658e4266d9d0158_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2333856"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Jinja package. In affected versions of Jinja, an oversight in how the Jinja sandboxed environment detects calls to str.format allows an attacker that controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker needs to control the content of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications that execute untrusted templates. Jinja\u0027s sandbox does catch calls to str.format and ensures they don\u0027t escape the sandbox. However, storing a reference to a malicious string\u0027s format method is possible, then passing that to a filter that calls it. No such filters are built into Jinja but could be present through custom filters in an application. After the fix, such indirect calls are also handled by the sandbox.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jinja2: Jinja has a sandbox breakout through indirect reference to format method",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as Moderate due to an oversight in Jinja\u0027s sandbox environment, allowing attackers to execute arbitrary Python code through controlled template content. This requires control over template content, making exploitation possible only in specific applications, thus limiting its overall impact.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:56bfbb2328f42e91d0462e142f3434e5d771737defbc07d8a21dbdf50e468665_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:c870eb3d17807a9d04011df5244ea39db66af76aefd0af68244c95ed8322d8b5_amd64",
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:fb4e2008ce87732246bebff004496125f7562b10a60f01eda658e4266d9d0158_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-56326"
},
{
"category": "external",
"summary": "RHBZ#2333856",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2333856"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-56326",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56326"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-56326",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-56326"
},
{
"category": "external",
"summary": "https://github.com/pallets/jinja/commit/48b0687e05a5466a91cd5812d604fa37ad0943b4",
"url": "https://github.com/pallets/jinja/commit/48b0687e05a5466a91cd5812d604fa37ad0943b4"
},
{
"category": "external",
"summary": "https://github.com/pallets/jinja/releases/tag/3.1.5",
"url": "https://github.com/pallets/jinja/releases/tag/3.1.5"
},
{
"category": "external",
"summary": "https://github.com/pallets/jinja/security/advisories/GHSA-q2x7-8rv6-6q7h",
"url": "https://github.com/pallets/jinja/security/advisories/GHSA-q2x7-8rv6-6q7h"
}
],
"release_date": "2024-12-23T15:43:49.400000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-27T20:51:32+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:56bfbb2328f42e91d0462e142f3434e5d771737defbc07d8a21dbdf50e468665_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:3374"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:56bfbb2328f42e91d0462e142f3434e5d771737defbc07d8a21dbdf50e468665_amd64",
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:c870eb3d17807a9d04011df5244ea39db66af76aefd0af68244c95ed8322d8b5_amd64",
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:fb4e2008ce87732246bebff004496125f7562b10a60f01eda658e4266d9d0158_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jinja2: Jinja has a sandbox breakout through indirect reference to format method"
},
{
"cve": "CVE-2024-56334",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2024-12-20T21:00:48.166699+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:c870eb3d17807a9d04011df5244ea39db66af76aefd0af68244c95ed8322d8b5_amd64",
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:fb4e2008ce87732246bebff004496125f7562b10a60f01eda658e4266d9d0158_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2333587"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the systeminformation library for Node.js. In Windows systems, the SSID parameter of the `getWindowsIEEE8021x` function is not sanitized before it is passed to cmd.exe. This may allow a remote attacker to execute arbitrary commands on the target system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "systeminformation: Command injection vulnerability in getWindowsIEEE8021x (SSID) function in systeminformation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in the systeminformation library is marked as a high-severity issue because it allows for the execution of arbitrary commands via an unsanitized SSID input passed to `cmd.exe`. Since this flaw can lead to remote code execution (RCE) or local privilege escalation, it provides an attacker with the potential to execute malicious scripts on the affected system.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:56bfbb2328f42e91d0462e142f3434e5d771737defbc07d8a21dbdf50e468665_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:c870eb3d17807a9d04011df5244ea39db66af76aefd0af68244c95ed8322d8b5_amd64",
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:fb4e2008ce87732246bebff004496125f7562b10a60f01eda658e4266d9d0158_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-56334"
},
{
"category": "external",
"summary": "RHBZ#2333587",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2333587"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-56334",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56334"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-56334",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-56334"
},
{
"category": "external",
"summary": "https://github.com/sebhildebrandt/systeminformation/commit/f7af0a67b78e7894335a6cad510566a25e06ae41",
"url": "https://github.com/sebhildebrandt/systeminformation/commit/f7af0a67b78e7894335a6cad510566a25e06ae41"
},
{
"category": "external",
"summary": "https://github.com/sebhildebrandt/systeminformation/security/advisories/GHSA-cvv5-9h9w-qp2m",
"url": "https://github.com/sebhildebrandt/systeminformation/security/advisories/GHSA-cvv5-9h9w-qp2m"
}
],
"release_date": "2024-12-20T20:10:12.578000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-27T20:51:32+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:56bfbb2328f42e91d0462e142f3434e5d771737defbc07d8a21dbdf50e468665_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:3374"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:56bfbb2328f42e91d0462e142f3434e5d771737defbc07d8a21dbdf50e468665_amd64",
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:c870eb3d17807a9d04011df5244ea39db66af76aefd0af68244c95ed8322d8b5_amd64",
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:fb4e2008ce87732246bebff004496125f7562b10a60f01eda658e4266d9d0158_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:56bfbb2328f42e91d0462e142f3434e5d771737defbc07d8a21dbdf50e468665_amd64",
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:c870eb3d17807a9d04011df5244ea39db66af76aefd0af68244c95ed8322d8b5_amd64",
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:fb4e2008ce87732246bebff004496125f7562b10a60f01eda658e4266d9d0158_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "systeminformation: Command injection vulnerability in getWindowsIEEE8021x (SSID) function in systeminformation"
},
{
"cve": "CVE-2025-22150",
"cwe": {
"id": "CWE-330",
"name": "Use of Insufficiently Random Values"
},
"discovery_date": "2025-01-21T18:01:24.182126+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:c870eb3d17807a9d04011df5244ea39db66af76aefd0af68244c95ed8322d8b5_amd64",
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:fb4e2008ce87732246bebff004496125f7562b10a60f01eda658e4266d9d0158_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2339176"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the undici package for Node.js. Undici uses `Math.random()` to choose the boundary for a multipart/form-data request. It is known that the output of `Math.random()` can be predicted if several of its generated values are known. If an app has a mechanism that sends multipart requests to an attacker-controlled website, it can leak the necessary values. Therefore, an attacker can tamper with the requests going to the backend APIs if certain conditions are met.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undici: Undici Uses Insufficiently Random Values",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:56bfbb2328f42e91d0462e142f3434e5d771737defbc07d8a21dbdf50e468665_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:c870eb3d17807a9d04011df5244ea39db66af76aefd0af68244c95ed8322d8b5_amd64",
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:fb4e2008ce87732246bebff004496125f7562b10a60f01eda658e4266d9d0158_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-22150"
},
{
"category": "external",
"summary": "RHBZ#2339176",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2339176"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-22150",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22150"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-22150",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22150"
},
{
"category": "external",
"summary": "https://blog.securityevaluators.com/hacking-the-javascript-lottery-80cc437e3b7f",
"url": "https://blog.securityevaluators.com/hacking-the-javascript-lottery-80cc437e3b7f"
},
{
"category": "external",
"summary": "https://github.com/nodejs/undici/blob/8b06b8250907d92fead664b3368f1d2aa27c1f35/lib/web/fetch/body.js#L113",
"url": "https://github.com/nodejs/undici/blob/8b06b8250907d92fead664b3368f1d2aa27c1f35/lib/web/fetch/body.js#L113"
},
{
"category": "external",
"summary": "https://github.com/nodejs/undici/commit/711e20772764c29f6622ddc937c63b6eefdf07d0",
"url": "https://github.com/nodejs/undici/commit/711e20772764c29f6622ddc937c63b6eefdf07d0"
},
{
"category": "external",
"summary": "https://github.com/nodejs/undici/commit/c2d78cd19fe4f4c621424491e26ce299e65e934a",
"url": "https://github.com/nodejs/undici/commit/c2d78cd19fe4f4c621424491e26ce299e65e934a"
},
{
"category": "external",
"summary": "https://github.com/nodejs/undici/commit/c3acc6050b781b827d80c86cbbab34f14458d385",
"url": "https://github.com/nodejs/undici/commit/c3acc6050b781b827d80c86cbbab34f14458d385"
},
{
"category": "external",
"summary": "https://github.com/nodejs/undici/security/advisories/GHSA-c76h-2ccp-4975",
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-c76h-2ccp-4975"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/2913312",
"url": "https://hackerone.com/reports/2913312"
}
],
"release_date": "2025-01-21T17:46:58.872000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-27T20:51:32+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:56bfbb2328f42e91d0462e142f3434e5d771737defbc07d8a21dbdf50e468665_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:3374"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:56bfbb2328f42e91d0462e142f3434e5d771737defbc07d8a21dbdf50e468665_amd64",
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:c870eb3d17807a9d04011df5244ea39db66af76aefd0af68244c95ed8322d8b5_amd64",
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:fb4e2008ce87732246bebff004496125f7562b10a60f01eda658e4266d9d0158_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "undici: Undici Uses Insufficiently Random Values"
},
{
"cve": "CVE-2025-27516",
"cwe": {
"id": "CWE-1336",
"name": "Improper Neutralization of Special Elements Used in a Template Engine"
},
"discovery_date": "2025-03-05T21:01:07.674606+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:c870eb3d17807a9d04011df5244ea39db66af76aefd0af68244c95ed8322d8b5_amd64",
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:fb4e2008ce87732246bebff004496125f7562b10a60f01eda658e4266d9d0158_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2350190"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jinja. In affected versions, an oversight in how the Jinja sandboxed environment interacts with the `|attr` filter allows an attacker who controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker needs to control the content of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications that execute untrusted templates. Jinja\u0027s sandbox does catch calls to `str.format` and ensures they don\u0027t escape the sandbox. However, it\u0027s possible to use the `|attr` filter to get a reference to a string\u0027s plain format method, bypassing the sandbox.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jinja2: Jinja sandbox breakout through attr filter selecting format method",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as important severity due to the potential for an attacker to bypass Jinja\u0027s sandbox by exploiting the |attr filter, by controlling template content, an attacker can execute arbitrary Python code, impacting the integrity, confidentiality, and availability of the system. While the attack requires user interaction to trigger untrusted templates, the risk is significant in applications that allow such templates to be executed.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:56bfbb2328f42e91d0462e142f3434e5d771737defbc07d8a21dbdf50e468665_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:c870eb3d17807a9d04011df5244ea39db66af76aefd0af68244c95ed8322d8b5_amd64",
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:fb4e2008ce87732246bebff004496125f7562b10a60f01eda658e4266d9d0158_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-27516"
},
{
"category": "external",
"summary": "RHBZ#2350190",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2350190"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-27516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27516"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-27516",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-27516"
},
{
"category": "external",
"summary": "https://github.com/pallets/jinja/commit/90457bbf33b8662926ae65cdde4c4c32e756e403",
"url": "https://github.com/pallets/jinja/commit/90457bbf33b8662926ae65cdde4c4c32e756e403"
},
{
"category": "external",
"summary": "https://github.com/pallets/jinja/security/advisories/GHSA-cpwx-vrp4-4pq7",
"url": "https://github.com/pallets/jinja/security/advisories/GHSA-cpwx-vrp4-4pq7"
}
],
"release_date": "2025-03-05T20:40:06.568000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-27T20:51:32+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:56bfbb2328f42e91d0462e142f3434e5d771737defbc07d8a21dbdf50e468665_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:3374"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:56bfbb2328f42e91d0462e142f3434e5d771737defbc07d8a21dbdf50e468665_amd64",
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:c870eb3d17807a9d04011df5244ea39db66af76aefd0af68244c95ed8322d8b5_amd64",
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:fb4e2008ce87732246bebff004496125f7562b10a60f01eda658e4266d9d0158_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jinja2: Jinja sandbox breakout through attr filter selecting format method"
},
{
"cve": "CVE-2025-29774",
"cwe": {
"id": "CWE-347",
"name": "Improper Verification of Cryptographic Signature"
},
"discovery_date": "2025-03-14T18:01:09.149253+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:c870eb3d17807a9d04011df5244ea39db66af76aefd0af68244c95ed8322d8b5_amd64",
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:fb4e2008ce87732246bebff004496125f7562b10a60f01eda658e4266d9d0158_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2352596"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the xml-crypto library for Node.js. An attacker can exploit this vulnerability to bypass authentication or authorization mechanisms in systems that rely on xml-crypto to verify signed XML documents. The vulnerability allows an attacker to modify a valid signed XML message in a way that still passes signature verification checks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "xml-crypto: xml-crypto Vulnerable to XML Signature Verification Bypass via Multiple SignedInfo References",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:56bfbb2328f42e91d0462e142f3434e5d771737defbc07d8a21dbdf50e468665_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:c870eb3d17807a9d04011df5244ea39db66af76aefd0af68244c95ed8322d8b5_amd64",
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:fb4e2008ce87732246bebff004496125f7562b10a60f01eda658e4266d9d0158_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-29774"
},
{
"category": "external",
"summary": "RHBZ#2352596",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2352596"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-29774",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-29774"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-29774",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-29774"
},
{
"category": "external",
"summary": "https://github.com/node-saml/xml-crypto/commit/28f92218ecbb8dcbd238afa4efbbd50302aa9aed",
"url": "https://github.com/node-saml/xml-crypto/commit/28f92218ecbb8dcbd238afa4efbbd50302aa9aed"
},
{
"category": "external",
"summary": "https://github.com/node-saml/xml-crypto/commit/886dc63a8b4bb5ae1db9f41c7854b171eb83aa98",
"url": "https://github.com/node-saml/xml-crypto/commit/886dc63a8b4bb5ae1db9f41c7854b171eb83aa98"
},
{
"category": "external",
"summary": "https://github.com/node-saml/xml-crypto/commit/8ac6118ee7978b46aa56b82cbcaa5fca58c93a07",
"url": "https://github.com/node-saml/xml-crypto/commit/8ac6118ee7978b46aa56b82cbcaa5fca58c93a07"
},
{
"category": "external",
"summary": "https://github.com/node-saml/xml-crypto/releases/tag/v2.1.6",
"url": "https://github.com/node-saml/xml-crypto/releases/tag/v2.1.6"
},
{
"category": "external",
"summary": "https://github.com/node-saml/xml-crypto/releases/tag/v3.2.1",
"url": "https://github.com/node-saml/xml-crypto/releases/tag/v3.2.1"
},
{
"category": "external",
"summary": "https://github.com/node-saml/xml-crypto/releases/tag/v6.0.1",
"url": "https://github.com/node-saml/xml-crypto/releases/tag/v6.0.1"
},
{
"category": "external",
"summary": "https://github.com/node-saml/xml-crypto/security/advisories/GHSA-9p8x-f768-wp2g",
"url": "https://github.com/node-saml/xml-crypto/security/advisories/GHSA-9p8x-f768-wp2g"
}
],
"release_date": "2025-03-14T17:05:53.943000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-27T20:51:32+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:56bfbb2328f42e91d0462e142f3434e5d771737defbc07d8a21dbdf50e468665_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:3374"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:56bfbb2328f42e91d0462e142f3434e5d771737defbc07d8a21dbdf50e468665_amd64",
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:c870eb3d17807a9d04011df5244ea39db66af76aefd0af68244c95ed8322d8b5_amd64",
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:fb4e2008ce87732246bebff004496125f7562b10a60f01eda658e4266d9d0158_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:56bfbb2328f42e91d0462e142f3434e5d771737defbc07d8a21dbdf50e468665_amd64",
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:c870eb3d17807a9d04011df5244ea39db66af76aefd0af68244c95ed8322d8b5_amd64",
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:fb4e2008ce87732246bebff004496125f7562b10a60f01eda658e4266d9d0158_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "xml-crypto: xml-crypto Vulnerable to XML Signature Verification Bypass via Multiple SignedInfo References"
},
{
"cve": "CVE-2025-29775",
"cwe": {
"id": "CWE-347",
"name": "Improper Verification of Cryptographic Signature"
},
"discovery_date": "2025-03-14T18:01:22.409532+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:c870eb3d17807a9d04011df5244ea39db66af76aefd0af68244c95ed8322d8b5_amd64",
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:fb4e2008ce87732246bebff004496125f7562b10a60f01eda658e4266d9d0158_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2352600"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the xml-crypto library for Node.js. An attacker can exploit this vulnerability to bypass authentication or authorization mechanisms in systems that rely on xml-crypto to verify signed XML documents. The vulnerability allows an attacker to modify a valid signed XML message in a way that still passes signature verification checks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "xml-crypto: xml-crypto Vulnerable to XML Signature Verification Bypass via DigestValue Comment",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:56bfbb2328f42e91d0462e142f3434e5d771737defbc07d8a21dbdf50e468665_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:c870eb3d17807a9d04011df5244ea39db66af76aefd0af68244c95ed8322d8b5_amd64",
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:fb4e2008ce87732246bebff004496125f7562b10a60f01eda658e4266d9d0158_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-29775"
},
{
"category": "external",
"summary": "RHBZ#2352600",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2352600"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-29775",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-29775"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-29775",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-29775"
},
{
"category": "external",
"summary": "https://github.com/node-saml/xml-crypto/commit/28f92218ecbb8dcbd238afa4efbbd50302aa9aed",
"url": "https://github.com/node-saml/xml-crypto/commit/28f92218ecbb8dcbd238afa4efbbd50302aa9aed"
},
{
"category": "external",
"summary": "https://github.com/node-saml/xml-crypto/commit/886dc63a8b4bb5ae1db9f41c7854b171eb83aa98",
"url": "https://github.com/node-saml/xml-crypto/commit/886dc63a8b4bb5ae1db9f41c7854b171eb83aa98"
},
{
"category": "external",
"summary": "https://github.com/node-saml/xml-crypto/commit/8ac6118ee7978b46aa56b82cbcaa5fca58c93a07",
"url": "https://github.com/node-saml/xml-crypto/commit/8ac6118ee7978b46aa56b82cbcaa5fca58c93a07"
},
{
"category": "external",
"summary": "https://github.com/node-saml/xml-crypto/releases/tag/v2.1.6",
"url": "https://github.com/node-saml/xml-crypto/releases/tag/v2.1.6"
},
{
"category": "external",
"summary": "https://github.com/node-saml/xml-crypto/releases/tag/v3.2.1",
"url": "https://github.com/node-saml/xml-crypto/releases/tag/v3.2.1"
},
{
"category": "external",
"summary": "https://github.com/node-saml/xml-crypto/releases/tag/v6.0.1",
"url": "https://github.com/node-saml/xml-crypto/releases/tag/v6.0.1"
},
{
"category": "external",
"summary": "https://github.com/node-saml/xml-crypto/security/advisories/GHSA-x3m8-899r-f7c3",
"url": "https://github.com/node-saml/xml-crypto/security/advisories/GHSA-x3m8-899r-f7c3"
}
],
"release_date": "2025-03-14T17:11:05.590000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-27T20:51:32+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:56bfbb2328f42e91d0462e142f3434e5d771737defbc07d8a21dbdf50e468665_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:3374"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:56bfbb2328f42e91d0462e142f3434e5d771737defbc07d8a21dbdf50e468665_amd64",
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:c870eb3d17807a9d04011df5244ea39db66af76aefd0af68244c95ed8322d8b5_amd64",
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:fb4e2008ce87732246bebff004496125f7562b10a60f01eda658e4266d9d0158_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:56bfbb2328f42e91d0462e142f3434e5d771737defbc07d8a21dbdf50e468665_amd64",
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:c870eb3d17807a9d04011df5244ea39db66af76aefd0af68244c95ed8322d8b5_amd64",
"Red Hat Developer Hub 1.5:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:fb4e2008ce87732246bebff004496125f7562b10a60f01eda658e4266d9d0158_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "xml-crypto: xml-crypto Vulnerable to XML Signature Verification Bypass via DigestValue Comment"
}
]
}
RHSA-2025:3397
Vulnerability from csaf_redhat - Published: 2025-03-31 08:04 - Updated: 2026-06-02 21:46Summary
Red Hat Security Advisory: RHOAI 2.16.0 - Red Hat OpenShift AI
Severity
Important
Notes
Topic: Updated images are now available for Red Hat OpenShift AI.
Details: Release of RHOAI 2.16.0 provides these changes:
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A Regular Expression Denial of Service (ReDoS) vulnerability was found in the cross-spawn package for Node.js. Due to improper input sanitization, an attacker can increase CPU usage and crash the program with a large, specially crafted string.
4.4 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64 | — |
Vendor Fix
fix
|
Known not affected
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64 | — |
Threats
Impact
Low
A flaw was found in path-to-regexp package, where it turns path strings into regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance. Because JavaScript is single-threaded and regex matching runs on the main thread, poor performance will block the event loop and lead to a denial of service (DoS).
5.3 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64 | — |
Workaround
|
Threats
Impact
Moderate
A flaw was found in golang.org/x/net/html. This flaw allows an attacker to craft input to the parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This issue can cause a denial of service.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64 | — |
Vendor Fix
fix
|
Known not affected
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64 | — |
Threats
Impact
Important
A flaw was found in glog, a logging library. This vulnerability allows an unprivileged attacker to overwrite sensitive files via a symbolic link planted in a widely writable directory, exploiting the log file path predictability.
7.1 (High)
Affected products
Fixed
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in path-to-regexp. A path-to-regexp turns path strings into regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance.
5.3 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64 | — |
Workaround
|
Threats
Impact
Moderate
A flaw was found in nanoid. Affected versions of nanoid mishandles non-integer values. When nanoid is called with a fractional value, there were a number of undesirable effects: - In browser and non-secure, the code infinite loops on while (size--) - In node, the value of poolOffset becomes fractional, causing calls to nanoid to return zeroes until the pool is next filled: when i is initialized to poolOffset, pool[i] & 63 -> undefined & 63 -> 0 - If the first call in node is a fractional argument, the initial buffer allocation fails with an error The highest impact of this issue system availability.
6.5 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64 | — |
Vendor Fix
fix
|
Known not affected
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64 | — |
Threats
Impact
Moderate
A flaw was found in libxml2. This vulnerability allows a use-after-free via a crafted XML document validated against an XML schema with certain identity constraints or a crafted XML schema.
8.1 (High)
Affected products
Fixed
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64 | — |
Vendor Fix
fix
|
Known not affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64 | — |
Threats
Impact
Important
A flaw was found in the Jinja2 package. A bug in the Jinja compiler allows an attacker that controls both the content and filename of a template to execute arbitrary Python code, regardless of Jinja's sandbox being used. An attacker needs to be able to control both the filename and the contents of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications that execute untrusted templates where the template author can also choose the template filename.
7.3 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in the undici package for Node.js. Undici uses `Math.random()` to choose the boundary for a multipart/form-data request. It is known that the output of `Math.random()` can be predicted if several of its generated values are known. If an app has a mechanism that sends multipart requests to an attacker-controlled website, it can leak the necessary values. Therefore, an attacker can tamper with the requests going to the backend APIs if certain conditions are met.
6.8 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64 | — |
Vendor Fix
fix
|
Known not affected
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64 | — |
Threats
Impact
Moderate
A flaw was found in libxml2. This vulnerability allows a stack-based buffer overflow via DTD validation of an untrusted document or untrusted DTD.
7.8 (High)
Affected products
Fixed
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64 | — |
Vendor Fix
fix
|
Known not affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64 | — |
Threats
Impact
Important
A flaw was found in DOMPurify. This vulnerability allows attackers to execute mutation-based Cross-site scripting (mXSS) via an incorrect template literal regular expression.
4.5 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64 | — |
Vendor Fix
fix
|
Known not affected
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64 | — |
Threats
Impact
Moderate
References
98 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated images are now available for Red Hat OpenShift AI.",
"title": "Topic"
},
{
"category": "general",
"text": "Release of RHOAI 2.16.0 provides these changes:",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:3397",
"url": "https://access.redhat.com/errata/RHSA-2025:3397"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"url": "https://docs.redhat.com/en/documentation/red_hat_openshift_ai/"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-21538",
"url": "https://access.redhat.com/security/cve/CVE-2024-21538"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-45296",
"url": "https://access.redhat.com/security/cve/CVE-2024-45296"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-45338",
"url": "https://access.redhat.com/security/cve/CVE-2024-45338"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-45339",
"url": "https://access.redhat.com/security/cve/CVE-2024-45339"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-52798",
"url": "https://access.redhat.com/security/cve/CVE-2024-52798"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-55565",
"url": "https://access.redhat.com/security/cve/CVE-2024-55565"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-56171",
"url": "https://access.redhat.com/security/cve/CVE-2024-56171"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-56201",
"url": "https://access.redhat.com/security/cve/CVE-2024-56201"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-22150",
"url": "https://access.redhat.com/security/cve/CVE-2025-22150"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-24928",
"url": "https://access.redhat.com/security/cve/CVE-2025-24928"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-26791",
"url": "https://access.redhat.com/security/cve/CVE-2025-26791"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_3397.json"
}
],
"title": "Red Hat Security Advisory: RHOAI 2.16.0 - Red Hat OpenShift AI",
"tracking": {
"current_release_date": "2026-06-02T21:46:02+00:00",
"generator": {
"date": "2026-06-02T21:46:02+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHSA-2025:3397",
"initial_release_date": "2025-03-31T08:04:43+00:00",
"revision_history": [
{
"date": "2025-03-31T08:04:43+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-08-20T09:36:30+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-02T21:46:02+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift AI 2.16",
"product": {
"name": "Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_ai:2.16::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift AI"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64",
"product_id": "registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-codeflare-operator-rhel8@sha256%3A04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=v2.16.2-1743007500"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64",
"product_id": "registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-dashboard-rhel8@sha256%3A13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=v2.16.2-1741963152"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64",
"product_id": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-data-science-pipelines-argo-argoexec-rhel8@sha256%3Aee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=v2.16.2-1742851855"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64",
"product_id": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256%3Ad7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=v2.16.2-1742851855"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64",
"product_id": "registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-data-science-pipelines-operator-controller-rhel8@sha256%3Aa0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=v2.16.2-1742487380"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64",
"product_id": "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-kf-notebook-controller-rhel8@sha256%3A2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=v2.16.2-1742487225"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64",
"product_id": "registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-kuberay-operator-controller-rhel8@sha256%3A65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=v2.16.2-1743007122"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64",
"product_id": "registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-kueue-controller-rhel8@sha256%3A7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=v2.16.2-1743007660"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64",
"product_id": "registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-ml-pipelines-api-server-v2-rhel8@sha256%3A23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=v2.16.2-1743008335"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64",
"product_id": "registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-ml-pipelines-driver-rhel8@sha256%3Aefd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=v2.16.2-1743008335"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64",
"product_id": "registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-ml-pipelines-launcher-rhel8@sha256%3A27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=v2.16.2-1743008335"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64",
"product_id": "registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256%3A5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=v2.16.2-1743008335"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64",
"product_id": "registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256%3A4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=v2.16.2-1743008335"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64",
"product_id": "registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-mlmd-grpc-server-rhel8@sha256%3A5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=v2.16.2-1742487039"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64",
"product_id": "registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-mm-rest-proxy-rhel8@sha256%3Af738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=v2.16.2-1741882429"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64",
"product_id": "registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-model-controller-rhel8@sha256%3A6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=v2.16.2-1742480582"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64",
"product_id": "registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-model-registry-operator-rhel8@sha256%3A22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=v2.16.2-1742488678"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64",
"product_id": "registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-model-registry-rhel8@sha256%3Ade5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=v2.16.2-1742489233"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64",
"product_id": "registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-modelmesh-runtime-adapter-rhel8@sha256%3A4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=v2.16.2-1742488070"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64",
"product_id": "registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-modelmesh-serving-controller-rhel8@sha256%3A11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=v2.16.2-1742487789"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64",
"product_id": "registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-modelmesh-rhel8@sha256%3Ac499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=v2.16.2-1742490565"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64",
"product_id": "registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-notebook-controller-rhel8@sha256%3A4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=v2.16.2-1742487225"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64",
"product_id": "registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-operator-bundle@sha256%3Ac249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=v2.16.2-1743106241"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64",
"product_id": "registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-rhel8-operator@sha256%3A3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=v2.16.2-1743105405"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64",
"product_id": "registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-training-operator-rhel8@sha256%3Ac8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=v2.16.2-1742896493"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64",
"product_id": "registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-trustyai-service-operator-rhel8@sha256%3Af37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=v2.16.2-1742982653"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64",
"product_id": "registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-trustyai-service-rhel8@sha256%3A633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=v2.16.2-1742487757"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-21538",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2024-11-08T13:44:29.182678+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2324550"
}
],
"notes": [
{
"category": "description",
"text": "A Regular Expression Denial of Service (ReDoS) vulnerability was found in the cross-spawn package for Node.js. Due to improper input sanitization, an attacker can increase CPU usage and crash the program with a large, specially crafted string.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cross-spawn: regular expression denial of service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-21538"
},
{
"category": "external",
"summary": "RHBZ#2324550",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2324550"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-21538",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21538"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-21538",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-21538"
},
{
"category": "external",
"summary": "https://github.com/moxystudio/node-cross-spawn/commit/5ff3a07d9add449021d806e45c4168203aa833ff",
"url": "https://github.com/moxystudio/node-cross-spawn/commit/5ff3a07d9add449021d806e45c4168203aa833ff"
},
{
"category": "external",
"summary": "https://github.com/moxystudio/node-cross-spawn/commit/640d391fde65388548601d95abedccc12943374f",
"url": "https://github.com/moxystudio/node-cross-spawn/commit/640d391fde65388548601d95abedccc12943374f"
},
{
"category": "external",
"summary": "https://github.com/moxystudio/node-cross-spawn/pull/160",
"url": "https://github.com/moxystudio/node-cross-spawn/pull/160"
},
{
"category": "external",
"summary": "https://security.snyk.io/vuln/SNYK-JS-CROSSSPAWN-8303230",
"url": "https://security.snyk.io/vuln/SNYK-JS-CROSSSPAWN-8303230"
}
],
"release_date": "2024-11-08T05:00:04.695000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-31T08:04:43+00:00",
"details": "For Red Hat OpenShift AI 2.16.0 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:3397"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "cross-spawn: regular expression denial of service"
},
{
"cve": "CVE-2024-45296",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2024-09-09T19:20:18.127723+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2310908"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in path-to-regexp package, where it turns path strings into regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance. Because JavaScript is single-threaded and regex matching runs on the main thread, poor performance will block the event loop and lead to a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "path-to-regexp: Backtracking regular expressions cause ReDoS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45296"
},
{
"category": "external",
"summary": "RHBZ#2310908",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310908"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45296",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45296"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45296",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45296"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/path-to-regexp/commit/29b96b4a1de52824e1ca0f49a701183cc4ed476f",
"url": "https://github.com/pillarjs/path-to-regexp/commit/29b96b4a1de52824e1ca0f49a701183cc4ed476f"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/path-to-regexp/commit/60f2121e9b66b7b622cc01080df0aabda9eedee6",
"url": "https://github.com/pillarjs/path-to-regexp/commit/60f2121e9b66b7b622cc01080df0aabda9eedee6"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j",
"url": "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j"
}
],
"release_date": "2024-09-09T19:15:13.330000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-31T08:04:43+00:00",
"details": "For Red Hat OpenShift AI 2.16.0 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:3397"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "path-to-regexp: Backtracking regular expressions cause ReDoS"
},
{
"cve": "CVE-2024-45338",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2024-12-18T21:00:59.938173+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2333122"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/net/html. This flaw allows an attacker to craft input to the parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This issue can cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as an Important severity because an attacker can craft malicious input that causes the parsing functions to process data non-linearly, resulting in significant delays which leads to a denial of service by exhausting system resources.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45338"
},
{
"category": "external",
"summary": "RHBZ#2333122",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2333122"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45338",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45338"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45338",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45338"
},
{
"category": "external",
"summary": "https://go.dev/cl/637536",
"url": "https://go.dev/cl/637536"
},
{
"category": "external",
"summary": "https://go.dev/issue/70906",
"url": "https://go.dev/issue/70906"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/wSCRmFnNmPA/m/Lvcd0mRMAwAJ",
"url": "https://groups.google.com/g/golang-announce/c/wSCRmFnNmPA/m/Lvcd0mRMAwAJ"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3333",
"url": "https://pkg.go.dev/vuln/GO-2024-3333"
}
],
"release_date": "2024-12-18T20:38:22.660000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-31T08:04:43+00:00",
"details": "For Red Hat OpenShift AI 2.16.0 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:3397"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html"
},
{
"cve": "CVE-2024-45339",
"cwe": {
"id": "CWE-59",
"name": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
},
"discovery_date": "2025-01-28T02:00:48.029971+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2342463"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in glog, a logging library. This vulnerability allows an unprivileged attacker to overwrite sensitive files via a symbolic link planted in a widely writable directory, exploiting the log file path predictability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/golang/glog: Vulnerability when creating log files in github.com/golang/glog",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45339"
},
{
"category": "external",
"summary": "RHBZ#2342463",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2342463"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45339",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45339"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45339",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45339"
},
{
"category": "external",
"summary": "https://github.com/golang/glog/pull/74",
"url": "https://github.com/golang/glog/pull/74"
},
{
"category": "external",
"summary": "https://github.com/golang/glog/pull/74/commits/b8741656e406e66d6992bc2c9575e460ecaa0ec2",
"url": "https://github.com/golang/glog/pull/74/commits/b8741656e406e66d6992bc2c9575e460ecaa0ec2"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/H-Q4ouHWyKs",
"url": "https://groups.google.com/g/golang-announce/c/H-Q4ouHWyKs"
},
{
"category": "external",
"summary": "https://owasp.org/www-community/vulnerabilities/Insecure_Temporary_File",
"url": "https://owasp.org/www-community/vulnerabilities/Insecure_Temporary_File"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3372",
"url": "https://pkg.go.dev/vuln/GO-2025-3372"
}
],
"release_date": "2025-01-28T01:03:24.105000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-31T08:04:43+00:00",
"details": "For Red Hat OpenShift AI 2.16.0 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:3397"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/golang/glog: Vulnerability when creating log files in github.com/golang/glog"
},
{
"cve": "CVE-2024-52798",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2024-12-05T23:00:59.020167+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2330689"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in path-to-regexp. A path-to-regexp turns path strings into regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "path-to-regexp: path-to-regexp Unpatched `path-to-regexp` ReDoS in 0.1.x",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability exists because of an incomplete fix for CVE-2024-45296.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-52798"
},
{
"category": "external",
"summary": "RHBZ#2330689",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2330689"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-52798",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52798"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-52798",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-52798"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/path-to-regexp/commit/f01c26a013b1889f0c217c643964513acf17f6a4",
"url": "https://github.com/pillarjs/path-to-regexp/commit/f01c26a013b1889f0c217c643964513acf17f6a4"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-rhx6-c78j-4q9w",
"url": "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-rhx6-c78j-4q9w"
}
],
"release_date": "2024-12-05T22:45:42.774000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-31T08:04:43+00:00",
"details": "For Red Hat OpenShift AI 2.16.0 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:3397"
},
{
"category": "workaround",
"details": "Avoid using two parameters within a single path segment when the separator is not, for example, /:a-:b. Alternatively, you can define the regex used for both parameters and ensure they do not overlap to allow backtracking.",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "path-to-regexp: path-to-regexp Unpatched `path-to-regexp` ReDoS in 0.1.x"
},
{
"cve": "CVE-2024-55565",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2024-12-09T02:00:45.255738+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2331063"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in nanoid. Affected versions of nanoid mishandles non-integer values. When nanoid is called with a fractional value, there were a number of undesirable effects:\n\n- In browser and non-secure, the code infinite loops on while (size--)\n- In node, the value of poolOffset becomes fractional, causing calls to nanoid to return zeroes until the pool is next filled: when i is initialized to poolOffset, pool[i] \u0026 63 -\u003e undefined \u0026 63 -\u003e 0\n- If the first call in node is a fractional argument, the initial buffer allocation fails with an error\n\nThe highest impact of this issue system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nanoid: nanoid mishandles non-integer values",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-55565"
},
{
"category": "external",
"summary": "RHBZ#2331063",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331063"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-55565",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-55565"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-55565",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-55565"
},
{
"category": "external",
"summary": "https://github.com/ai/nanoid/compare/3.3.7...3.3.8",
"url": "https://github.com/ai/nanoid/compare/3.3.7...3.3.8"
},
{
"category": "external",
"summary": "https://github.com/ai/nanoid/pull/510",
"url": "https://github.com/ai/nanoid/pull/510"
},
{
"category": "external",
"summary": "https://github.com/ai/nanoid/releases/tag/5.0.9",
"url": "https://github.com/ai/nanoid/releases/tag/5.0.9"
}
],
"release_date": "2024-12-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-31T08:04:43+00:00",
"details": "For Red Hat OpenShift AI 2.16.0 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:3397"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nanoid: nanoid mishandles non-integer values"
},
{
"cve": "CVE-2024-56171",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2025-02-18T23:01:25.366636+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2346416"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in libxml2. This vulnerability allows a use-after-free via a crafted XML document validated against an XML schema with certain identity constraints or a crafted XML schema.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml2: Use-After-Free in libxml2",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as important because it involves a use-after-free flaw in the xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables functions. A maliciously crafted XML document or schema, containing specific identity constraints, can be used to trigger this vulnerability and potentially gain unauthorized access or cause a denial-of-service condition.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-56171"
},
{
"category": "external",
"summary": "RHBZ#2346416",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2346416"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-56171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56171"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-56171",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-56171"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/828",
"url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/828"
}
],
"release_date": "2025-02-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-31T08:04:43+00:00",
"details": "For Red Hat OpenShift AI 2.16.0 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:3397"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libxml2: Use-After-Free in libxml2"
},
{
"cve": "CVE-2024-56201",
"cwe": {
"id": "CWE-150",
"name": "Improper Neutralization of Escape, Meta, or Control Sequences"
},
"discovery_date": "2024-12-23T16:00:38.768252+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2333854"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Jinja2 package. A bug in the Jinja compiler allows an attacker that controls both the content and filename of a template to execute arbitrary Python code, regardless of Jinja\u0027s sandbox being used. An attacker needs to be able to control both the filename and the contents of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications that execute untrusted templates where the template author can also choose the template filename.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jinja2: Jinja has a sandbox breakout through malicious filenames",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability has rated as a IMPORTANT flaw because an attacker controlling both the template content and filename to execute arbitrary Python code, bypassing the sandbox.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-56201"
},
{
"category": "external",
"summary": "RHBZ#2333854",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2333854"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-56201",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56201"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-56201",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-56201"
},
{
"category": "external",
"summary": "https://github.com/pallets/jinja/commit/767b23617628419ae3709ccfb02f9602ae9fe51f",
"url": "https://github.com/pallets/jinja/commit/767b23617628419ae3709ccfb02f9602ae9fe51f"
},
{
"category": "external",
"summary": "https://github.com/pallets/jinja/issues/1792",
"url": "https://github.com/pallets/jinja/issues/1792"
},
{
"category": "external",
"summary": "https://github.com/pallets/jinja/releases/tag/3.1.5",
"url": "https://github.com/pallets/jinja/releases/tag/3.1.5"
},
{
"category": "external",
"summary": "https://github.com/pallets/jinja/security/advisories/GHSA-gmj6-6f8f-6699",
"url": "https://github.com/pallets/jinja/security/advisories/GHSA-gmj6-6f8f-6699"
}
],
"release_date": "2024-12-23T15:37:36.110000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-31T08:04:43+00:00",
"details": "For Red Hat OpenShift AI 2.16.0 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:3397"
},
{
"category": "workaround",
"details": "To mitigate this vulnerabilty restrict user-controlled template filenames, ensuring they follow a predefined templates.",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jinja2: Jinja has a sandbox breakout through malicious filenames"
},
{
"cve": "CVE-2025-22150",
"cwe": {
"id": "CWE-330",
"name": "Use of Insufficiently Random Values"
},
"discovery_date": "2025-01-21T18:01:24.182126+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2339176"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the undici package for Node.js. Undici uses `Math.random()` to choose the boundary for a multipart/form-data request. It is known that the output of `Math.random()` can be predicted if several of its generated values are known. If an app has a mechanism that sends multipart requests to an attacker-controlled website, it can leak the necessary values. Therefore, an attacker can tamper with the requests going to the backend APIs if certain conditions are met.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undici: Undici Uses Insufficiently Random Values",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-22150"
},
{
"category": "external",
"summary": "RHBZ#2339176",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2339176"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-22150",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22150"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-22150",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22150"
},
{
"category": "external",
"summary": "https://blog.securityevaluators.com/hacking-the-javascript-lottery-80cc437e3b7f",
"url": "https://blog.securityevaluators.com/hacking-the-javascript-lottery-80cc437e3b7f"
},
{
"category": "external",
"summary": "https://github.com/nodejs/undici/blob/8b06b8250907d92fead664b3368f1d2aa27c1f35/lib/web/fetch/body.js#L113",
"url": "https://github.com/nodejs/undici/blob/8b06b8250907d92fead664b3368f1d2aa27c1f35/lib/web/fetch/body.js#L113"
},
{
"category": "external",
"summary": "https://github.com/nodejs/undici/commit/711e20772764c29f6622ddc937c63b6eefdf07d0",
"url": "https://github.com/nodejs/undici/commit/711e20772764c29f6622ddc937c63b6eefdf07d0"
},
{
"category": "external",
"summary": "https://github.com/nodejs/undici/commit/c2d78cd19fe4f4c621424491e26ce299e65e934a",
"url": "https://github.com/nodejs/undici/commit/c2d78cd19fe4f4c621424491e26ce299e65e934a"
},
{
"category": "external",
"summary": "https://github.com/nodejs/undici/commit/c3acc6050b781b827d80c86cbbab34f14458d385",
"url": "https://github.com/nodejs/undici/commit/c3acc6050b781b827d80c86cbbab34f14458d385"
},
{
"category": "external",
"summary": "https://github.com/nodejs/undici/security/advisories/GHSA-c76h-2ccp-4975",
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-c76h-2ccp-4975"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/2913312",
"url": "https://hackerone.com/reports/2913312"
}
],
"release_date": "2025-01-21T17:46:58.872000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-31T08:04:43+00:00",
"details": "For Red Hat OpenShift AI 2.16.0 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:3397"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "undici: Undici Uses Insufficiently Random Values"
},
{
"cve": "CVE-2025-24928",
"cwe": {
"id": "CWE-121",
"name": "Stack-based Buffer Overflow"
},
"discovery_date": "2025-02-18T23:01:36.502916+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2346421"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in libxml2. This vulnerability allows a stack-based buffer overflow via DTD validation of an untrusted document or untrusted DTD.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml2: Stack-based buffer overflow in xmlSnprintfElements of libxml2",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as important because it involves a stack-based buffer overflow in the xmlSnprintfElements function within valid.c. Exploiting this issue requires DTD validation to occur on an untrusted document or untrusted DTD, making it a potential security risk for applications using libxml2 that do not adequately restrict DTD input.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-24928"
},
{
"category": "external",
"summary": "RHBZ#2346421",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2346421"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-24928",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24928"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-24928",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24928"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/847",
"url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/847"
},
{
"category": "external",
"summary": "https://issues.oss-fuzz.com/issues/392687022",
"url": "https://issues.oss-fuzz.com/issues/392687022"
}
],
"release_date": "2025-02-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-31T08:04:43+00:00",
"details": "For Red Hat OpenShift AI 2.16.0 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:3397"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libxml2: Stack-based buffer overflow in xmlSnprintfElements of libxml2"
},
{
"cve": "CVE-2025-26791",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2025-02-14T09:00:45.578144+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2345695"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in DOMPurify. This vulnerability allows attackers to execute mutation-based Cross-site scripting (mXSS) via an incorrect template literal regular expression.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "dompurify: Mutation XSS in DOMPurify Due to Improper Template Literal Handling",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-26791"
},
{
"category": "external",
"summary": "RHBZ#2345695",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2345695"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-26791",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-26791"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-26791",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-26791"
},
{
"category": "external",
"summary": "https://ensy.zip/posts/dompurify-323-bypass/",
"url": "https://ensy.zip/posts/dompurify-323-bypass/"
},
{
"category": "external",
"summary": "https://github.com/cure53/DOMPurify/commit/d18ffcb554e0001748865da03ac75dd7829f0f02",
"url": "https://github.com/cure53/DOMPurify/commit/d18ffcb554e0001748865da03ac75dd7829f0f02"
},
{
"category": "external",
"summary": "https://github.com/cure53/DOMPurify/releases/tag/3.2.4",
"url": "https://github.com/cure53/DOMPurify/releases/tag/3.2.4"
},
{
"category": "external",
"summary": "https://nsysean.github.io/posts/dompurify-323-bypass/",
"url": "https://nsysean.github.io/posts/dompurify-323-bypass/"
}
],
"release_date": "2025-02-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-31T08:04:43+00:00",
"details": "For Red Hat OpenShift AI 2.16.0 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:3397"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "dompurify: Mutation XSS in DOMPurify Due to Improper Template Literal Handling"
}
]
}
RHSA-2025:3500
Vulnerability from csaf_redhat - Published: 2025-04-01 19:42 - Updated: 2026-06-02 21:46Summary
Red Hat Security Advisory: RHODF-4.17-RHEL-9 security update
Severity
Important
Notes
Topic: Updated images are now available for RHODF-4.17-RHEL-9.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Data Foundation. Red Hat OpenShift DataFoundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform. In addition to persistent storage, Red Hat OpenShift Data Foundation provisions a multi-cloud data management service with an S3 compatible API.
Security Fix(es):
* golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html (CVE-2024-45338)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in golang.org/x/net/html. This flaw allows an attacker to craft input to the parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This issue can cause a denial of service.
7.5 (High)
Affected products
Fixed
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:693657a7827d74ae8c0d270b269dede3c5f91e4b6b7521b6ec4e26b841ecda25_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:9e303d40097486dc50d743323ba6a8de7e3e2e5a8d8bc607728fed47220530a4_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:ad7b98f476a6fd8d89fcada9f368170aff1d211632af78be7daa63400435a913_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:158e10c527c54e5372752a3fdf97ba0362af04996e5b24b538d295bd1efbbd2f_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:a8037be2de7db50028ce66df96573d6d5347a68c4211656d82e50a3344343aab_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:a9fb83224900a2f71d8968ff1304448fc35008c4d1ba480e142f61fad9eafb17_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:b66b767663b821dbff9cb43a4099482556b8d5cbc66d5c2959697c9b3caf0034_ppc64le | — |
Vendor Fix
fix
|
Known not affected
98 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:3338eb8159127a7dead6006255ed0ae073a110a402ed498e2e8cc9493c0b4d8e_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:576f28c9638f00f39d664301d96462601d5d17a1e288d4b606c8d662bc440753_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:b3b09619c0ffdd27075c0127e0e17e0f358a67ea8820e27925747da71c1c30e5_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:21600fa74a0b9a12d469d1cdaddd804b4b73d6afdb9106eeb4f34596bb2d1258_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:266591c571adb2c8ef62b3e47988533d635ad9aa642781455524410f7c7221ea_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:59bf592b53efafdc5dbedf6b28ff037cfa4de042afd6b9e9271e6117b539f4a2_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:b3229b38502b13863e43c46ededec4fd651a3530ff645afe2588176f0d1348f7_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:30f2376f37765eb5b3beb424018d217f65475a8fecad4dd525ba2970ec6332b5_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:5772eea82b20bacc81da0531239927bde720f338c19bb5430eee7527d7d7b191_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:6709b4595c2ca391378a8eff9d2b8d86475cf886c27d0ad12c5aa448203dd49f_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:e1afc357b3ca4c8ada9d42a2886097c64a5d4e498d4cc913762de8653608f0e0_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:b399bbdde09923dd23bfc65d088894a79610e53d895c1de2d26e91850b2735f4_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:d49e1d8b7ddaf0f6168966635c46c6797683aa2ee695bd481c924e3c2a55141f_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ec4b600c35f4d299733f0fea636424f34c7a4538ade6d38f9fb53be048a9d261_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:0cf22d86b267794025ba19591a306c81e0fdb2cf3dca05b9dcea3ecdf34f261d_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:846b4f6065937b93beba0900488f9692ad87bc8bc3419514d8565bb25760ff9e_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:96fb1b5997e08fb6c8531d8a1d1ccb1ddb640701ecab86c4a582672a2aafd8c2_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:4b27ec9797836d789c1cf94a7e88b50b61604611b08eeb6bb0d8e6981463aaa6_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:8fca3b0219de02595ada4a1ff022c5cd8a78a13f585fe59cf6cd34ef360b3a73_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:f76d5822501de4895c092e82ee8869edb48695d2583118296fb16fea62f5f120_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:5755f2253c923b09e64a1fb6482fc17b611913db3cc5adb895b8e1f1db8e3d85_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:83ff074d8c07017826fd332423ddd4d7893ddb64b0db6fc3e5994af11ec362d2_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:98b3861c54df97fa1a9df15f717c5b6608d41d6b2151ba80d57aabc245f1955a_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:f55c4b5b8232bf964ea94ceeea7fd6935025530582931d6b2751a28abc145eae_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:963317814b12fc9024857eabc03252fcd5219fc94daf9727c0d15543c61cc57e_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:bae59c8cababf340258b8b675d920de77fd7d5787b4b91277f653254cbee9861_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:eebd7024bb98308262f5e10c5b479a005af8b41aa0e1e52fd80421ce578ba862_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:2ea120791aa41e227e048c9acf90e393ebe3b5ee040b37a77410d1bb344b2e40_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:737b733433b50195a2b488325242311f300713ed785b4c152332a97af54b0966_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:f8d44006d6ba9cc03f369b55d65922d21062fdc886a0ec45e5c4066e249affe4_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:280214cb617f217e35da35b62a5ac94f2e3602bc6f91206699fd0211812b8fa8_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:425e79644175eb15f83982417dbc53b13883a217022d4a9a04ca17cff5cc6f73_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:af34f03adc5c18cb2a6fbc099239cbe962db9573902b45a7188d74369738ea87_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:ba6ce5bc4a51ad0662b66a19b7baece2beff6a6a3a37a17fcee5d4c25191bd59_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:050e0f2d20690c2a10f61c367652289395bf44b8de0bf9b304fb538e8ddd5ba8_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:4778eb4267c9bc0de3b16460eca81fda4f14e258ff9e549040b00e4e89905a0a_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:afa180b0de79509f795b19282536ad87751eec1cbae2f1a897e2bb5632b5a917_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:dc1e0173b629ff8695aa694845d53399143d90fef25aad72b24ab4185d8d7f95_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:a7b7c1091d641ceae8f03233ec51b2d4ea149792ff7850bc5a0bed6280b3d3de_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:eb9ba1f0ed9f26c423ee06de5001e49d6d331a085a8edf8a82318b816a8d38fc_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:ff2d2d94d954ccbfc051247d8ed2c060dfd395b421a5fcd1da31c2bd4dc29d8b_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:55cd05deff37a44ba1d07c4fb36fa4e4ec2b4e89c4eb98d5ff3e0172f21521b2_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:883fa40b1605c897a3d06822663ed8f14ea8fa078c114d99e41447857c7db919_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:c70eb5b401fb8cf7cbbbb41f183027be6ca97a806481067103557a5fcad1de14_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:16d9ce4c9806f06bae0b55c712d95d690a18ca9ae861b73e3690cac600967e98_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:3ebb8ef1441dcf1d1c0a65311f26575a05eefe599e5339324fad2009db060406_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:ec3a6e74ca2f0fbc8d7ed2344a2bb0c409a7a5adf0d7cf7388251f89174b7339_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:4b45c8e60604449f6c74150baacb3d11e50b3a10e1e7e5a2ae5568b94e8eddfe_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:933c9ca1ac5fa25d45bb519c44ab4830739f5822ad3136e4f8fbdf8484566423_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:cd948f94ceabaf729040a60ecf6603da00de782249c79691f6562cbb2b19d404_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:e9bea6672693d064ef865d4eaaacfcd5a8ef792ba2f3f36ae358995dcce281e5_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:1cad36a0edfa987179c44783a3354efd2f8ef7ed933119de2b16838679f84e94_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:9a50d51c19235bc004c592f53891aa7895f0d79692309ce21a681e48f5844480_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:a5d0c18c9af49ec036b10b3c5f74aee018e5104ce83bfdda42fac315ef492642_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:eb2797c3d0366304caaf99bbf37122f225ff589e69713a766409800eb735da4a_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:52369ab175c6776a642224675eb4f21fcadc233528aadf324e713d76526dc0e0_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:9e12f4588faf2bd93bc2b25815a318770d8fafbdddb5d2d43e71e4b75610cb94_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:ea469bde819cd85a738bc338508eb7c49bd3c5c1e913f5e99836a30432ae15f1_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:35a72ddb58c1cc102bc0fb93d11882e83aa391a3987029f3b07f0c89e6f6c016_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:4dc4e7ca38c7dce1404bc4ac833fed1c2901cb73a7bf8e2eaecc3af6a235746a_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:d81efbf15f4e5a7b9f828e4628099535a3d6e1f836520d79ba4759ae72d1a269_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:1ee982829bd22343ed58067526297979c1aefc1bb3e6d8a33d573241f754f68a_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:3c1f1037fa46c3a0846dfeefcbdbf5b468d7d3de4330e3e3afc0564ebf61de82_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:59b6aadac2ac4afdf697c3bfda9d220572fdf2ec2cff887f0350f0a589180141_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:bf70cf7ee50fe6d336160240abf24a7da99c4a4d9a731100c3bf39f85fb15c4f_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:4cab9c3030988130f02052704003ab0be7f279e5cc316512fce5094591700947_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:68f31b7965a66577d4484e58958a00c4f6f69c73c29ad1807d714eafc1c17a07_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7d30ac852d491738439e09b3480ea18f093abf9c3a2e4dc9e2f3adb64f308be7_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:aed2fb7d743758677584df771751bad1d586eac50595bc96a8463dae7e7caed2_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:1206983cd08b8996ad169724bbf6e76ae7c493e31ecf089204a1b7730f4ba2ea_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:14516c830d0abad30598bbb0268e865057672dcc22e85cfa7f7b28d73e06dc54_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:8e7e16acc43e32a656750ce1e91cb9d1cbee827573bda726a31200d70fff3d5a_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:43671627156b45f44ad8a1416f1337f2971f51f08f9d9a52e95cb07c0ef2392e_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:b242be5f5d66e30089d038f5c236b5b1f8ae15925db9b108abd5d4651f5e981f_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:fe3072cb4c35027b0077e373cbfe1e7f75072dc804dc56e7c4da7a327e039a6b_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:4ee94cf5ee9d4e7ac73ea85fda01f07b165ab0ce6b46468f47b7d824487f5071_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:6e7bd199fdbc5a5cb522dcdaece770a3e193f95c4e98b61998348a0b1eb7eabf_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:d516efc653232a34a79b22cb04902ca2582c9782f137569efb3570e33b17aaf3_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:dfa4317f423206b5ba89d1f8d1e108b4163b818414cd4af47b3e689ae5c8e87c_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b9b58c6bf71a39c75901b09ffb9a31c21456b2dd310f2dd35c3ed0041e96384_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:8ba1bc142f839128a93cb596e60cb7241eddbf159b90cc795889272020073dad_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:eae3e0f32787993f73e1825e01db411608b8855922ee2a00acc70f377e872170_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:4f5dc03c98b9a6d6bdb84e0e041f8a189040033b379ef6e6615c5156505b9d10_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:57844c5d07c49c33ba9071f0b90748771c8d62b73f0cc37ce44bdadae214ea0f_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:7f9c1fa47739a7f397ba8d8524e023f8a66ab446c8b4f160726ebc7c6b589c16_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0350bfbd7e4eaee91c043edbc2ea1d49aae2f0eba1dff6f3ae84c874a0aa1082_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0c7e13348770572d3737eb8045933a8ce358966c1598e0a41b50631b6332a6f7_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:d0f85b64303b0f9e892520be07b2d5e211fa806602e4ba7e1fbaa9edfa488a36_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:58556e90e62d85b211d8410cfe94497073e405cfd5269979e73749ceafccda67_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:a9ce6ff0ef32d029f026757522afe224774058252e36e978f27b12d9e2940585_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:de563b32b7c20314a99e44a85e036884ad579b71f66e4beca89988fffe7f4ab6_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:ded381a718b98ea7a4abb7e75db96e98b84b73eb7529359ece7fa61ea0ab8eab_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:c66ffb2fa00181c983e4ff78bcad4ec5a4d766ed801ed323bdd7e5748d22fa97_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:df17a31226a5a883e07be468ac20fb153a334f5d8b2718c17d7cf448b28fbd47_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:e12ab810e2383f952b5317f0bfe16baa8736e9b1c6c26573352550c934b8e1f6_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:8e758d1c053be265048bd7945975c07e63f5b430152f69a3726c9c2edd1e4488_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:914f27949481999de5aa5b9c5face266828cd501246243181da786a87afcbdee_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:aafa9bbd59727e6593c6522e1b6a53d35ff44bd80f4837ab22a3f40904249f7b_ppc64le | — |
Threats
Impact
Important
References
16 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated images are now available for RHODF-4.17-RHEL-9.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Data Foundation. Red Hat OpenShift DataFoundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform. In addition to persistent storage, Red Hat OpenShift Data Foundation provisions a multi-cloud data management service with an S3 compatible API.\n\nSecurity Fix(es):\n\n* golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html (CVE-2024-45338)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:3500",
"url": "https://access.redhat.com/errata/RHSA-2025:3500"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2333122",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2333122"
},
{
"category": "external",
"summary": "DFBUGS-1670",
"url": "https://issues.redhat.com/browse/DFBUGS-1670"
},
{
"category": "external",
"summary": "DFBUGS-319",
"url": "https://issues.redhat.com/browse/DFBUGS-319"
},
{
"category": "external",
"summary": "DFBUGS-910",
"url": "https://issues.redhat.com/browse/DFBUGS-910"
},
{
"category": "external",
"summary": "DFBUGS-981",
"url": "https://issues.redhat.com/browse/DFBUGS-981"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_3500.json"
}
],
"title": "Red Hat Security Advisory: RHODF-4.17-RHEL-9 security update",
"tracking": {
"current_release_date": "2026-06-02T21:46:21+00:00",
"generator": {
"date": "2026-06-02T21:46:21+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHSA-2025:3500",
"initial_release_date": "2025-04-01T19:42:34+00:00",
"revision_history": [
{
"date": "2025-04-01T19:42:34+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-04-01T19:42:34+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-02T21:46:21+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHODF 4.17 for RHEL 9",
"product": {
"name": "RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_data_foundation:4.17::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Data Foundation"
},
{
"branches": [
{
"category": "product_version",
"name": "odf4/cephcsi-rhel9@sha256:693657a7827d74ae8c0d270b269dede3c5f91e4b6b7521b6ec4e26b841ecda25_s390x",
"product": {
"name": "odf4/cephcsi-rhel9@sha256:693657a7827d74ae8c0d270b269dede3c5f91e4b6b7521b6ec4e26b841ecda25_s390x",
"product_id": "odf4/cephcsi-rhel9@sha256:693657a7827d74ae8c0d270b269dede3c5f91e4b6b7521b6ec4e26b841ecda25_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cephcsi-rhel9@sha256:693657a7827d74ae8c0d270b269dede3c5f91e4b6b7521b6ec4e26b841ecda25?arch=s390x\u0026repository_url=registry.redhat.io/odf4/cephcsi-rhel9\u0026tag=v4.17.6-2"
}
}
},
{
"category": "product_version",
"name": "odf4/cephcsi-operator-bundle@sha256:b3b09619c0ffdd27075c0127e0e17e0f358a67ea8820e27925747da71c1c30e5_s390x",
"product": {
"name": "odf4/cephcsi-operator-bundle@sha256:b3b09619c0ffdd27075c0127e0e17e0f358a67ea8820e27925747da71c1c30e5_s390x",
"product_id": "odf4/cephcsi-operator-bundle@sha256:b3b09619c0ffdd27075c0127e0e17e0f358a67ea8820e27925747da71c1c30e5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cephcsi-operator-bundle@sha256:b3b09619c0ffdd27075c0127e0e17e0f358a67ea8820e27925747da71c1c30e5?arch=s390x\u0026repository_url=registry.redhat.io/odf4/cephcsi-operator-bundle\u0026tag=v4.17.6-4"
}
}
},
{
"category": "product_version",
"name": "odf4/cephcsi-rhel9-operator@sha256:266591c571adb2c8ef62b3e47988533d635ad9aa642781455524410f7c7221ea_s390x",
"product": {
"name": "odf4/cephcsi-rhel9-operator@sha256:266591c571adb2c8ef62b3e47988533d635ad9aa642781455524410f7c7221ea_s390x",
"product_id": "odf4/cephcsi-rhel9-operator@sha256:266591c571adb2c8ef62b3e47988533d635ad9aa642781455524410f7c7221ea_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cephcsi-rhel9-operator@sha256:266591c571adb2c8ef62b3e47988533d635ad9aa642781455524410f7c7221ea?arch=s390x\u0026repository_url=registry.redhat.io/odf4/cephcsi-rhel9-operator\u0026tag=v4.17.6-2"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-core-rhel9@sha256:5772eea82b20bacc81da0531239927bde720f338c19bb5430eee7527d7d7b191_s390x",
"product": {
"name": "odf4/mcg-core-rhel9@sha256:5772eea82b20bacc81da0531239927bde720f338c19bb5430eee7527d7d7b191_s390x",
"product_id": "odf4/mcg-core-rhel9@sha256:5772eea82b20bacc81da0531239927bde720f338c19bb5430eee7527d7d7b191_s390x",
"product_identification_helper": {
"purl": "pkg:oci/mcg-core-rhel9@sha256:5772eea82b20bacc81da0531239927bde720f338c19bb5430eee7527d7d7b191?arch=s390x\u0026repository_url=registry.redhat.io/odf4/mcg-core-rhel9\u0026tag=v4.17.6-2"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-operator-bundle@sha256:d49e1d8b7ddaf0f6168966635c46c6797683aa2ee695bd481c924e3c2a55141f_s390x",
"product": {
"name": "odf4/mcg-operator-bundle@sha256:d49e1d8b7ddaf0f6168966635c46c6797683aa2ee695bd481c924e3c2a55141f_s390x",
"product_id": "odf4/mcg-operator-bundle@sha256:d49e1d8b7ddaf0f6168966635c46c6797683aa2ee695bd481c924e3c2a55141f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/mcg-operator-bundle@sha256:d49e1d8b7ddaf0f6168966635c46c6797683aa2ee695bd481c924e3c2a55141f?arch=s390x\u0026repository_url=registry.redhat.io/odf4/mcg-operator-bundle\u0026tag=v4.17.6-4"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-rhel9-operator@sha256:158e10c527c54e5372752a3fdf97ba0362af04996e5b24b538d295bd1efbbd2f_s390x",
"product": {
"name": "odf4/mcg-rhel9-operator@sha256:158e10c527c54e5372752a3fdf97ba0362af04996e5b24b538d295bd1efbbd2f_s390x",
"product_id": "odf4/mcg-rhel9-operator@sha256:158e10c527c54e5372752a3fdf97ba0362af04996e5b24b538d295bd1efbbd2f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/mcg-rhel9-operator@sha256:158e10c527c54e5372752a3fdf97ba0362af04996e5b24b538d295bd1efbbd2f?arch=s390x\u0026repository_url=registry.redhat.io/odf4/mcg-rhel9-operator\u0026tag=v4.17.6-2"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-console-rhel9@sha256:96fb1b5997e08fb6c8531d8a1d1ccb1ddb640701ecab86c4a582672a2aafd8c2_s390x",
"product": {
"name": "odf4/ocs-client-console-rhel9@sha256:96fb1b5997e08fb6c8531d8a1d1ccb1ddb640701ecab86c4a582672a2aafd8c2_s390x",
"product_id": "odf4/ocs-client-console-rhel9@sha256:96fb1b5997e08fb6c8531d8a1d1ccb1ddb640701ecab86c4a582672a2aafd8c2_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-console-rhel9@sha256:96fb1b5997e08fb6c8531d8a1d1ccb1ddb640701ecab86c4a582672a2aafd8c2?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-client-console-rhel9\u0026tag=v4.17.6-2"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-operator-bundle@sha256:f76d5822501de4895c092e82ee8869edb48695d2583118296fb16fea62f5f120_s390x",
"product": {
"name": "odf4/ocs-client-operator-bundle@sha256:f76d5822501de4895c092e82ee8869edb48695d2583118296fb16fea62f5f120_s390x",
"product_id": "odf4/ocs-client-operator-bundle@sha256:f76d5822501de4895c092e82ee8869edb48695d2583118296fb16fea62f5f120_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-operator-bundle@sha256:f76d5822501de4895c092e82ee8869edb48695d2583118296fb16fea62f5f120?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-client-operator-bundle\u0026tag=v4.17.6-4"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-rhel9-operator@sha256:f55c4b5b8232bf964ea94ceeea7fd6935025530582931d6b2751a28abc145eae_s390x",
"product": {
"name": "odf4/ocs-client-rhel9-operator@sha256:f55c4b5b8232bf964ea94ceeea7fd6935025530582931d6b2751a28abc145eae_s390x",
"product_id": "odf4/ocs-client-rhel9-operator@sha256:f55c4b5b8232bf964ea94ceeea7fd6935025530582931d6b2751a28abc145eae_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-rhel9-operator@sha256:f55c4b5b8232bf964ea94ceeea7fd6935025530582931d6b2751a28abc145eae?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-client-rhel9-operator\u0026tag=v4.17.6-2"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:eebd7024bb98308262f5e10c5b479a005af8b41aa0e1e52fd80421ce578ba862_s390x",
"product": {
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:eebd7024bb98308262f5e10c5b479a005af8b41aa0e1e52fd80421ce578ba862_s390x",
"product_id": "odf4/ocs-metrics-exporter-rhel9@sha256:eebd7024bb98308262f5e10c5b479a005af8b41aa0e1e52fd80421ce578ba862_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ocs-metrics-exporter-rhel9@sha256:eebd7024bb98308262f5e10c5b479a005af8b41aa0e1e52fd80421ce578ba862?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-metrics-exporter-rhel9\u0026tag=v4.17.6-2"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-operator-bundle@sha256:f8d44006d6ba9cc03f369b55d65922d21062fdc886a0ec45e5c4066e249affe4_s390x",
"product": {
"name": "odf4/ocs-operator-bundle@sha256:f8d44006d6ba9cc03f369b55d65922d21062fdc886a0ec45e5c4066e249affe4_s390x",
"product_id": "odf4/ocs-operator-bundle@sha256:f8d44006d6ba9cc03f369b55d65922d21062fdc886a0ec45e5c4066e249affe4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ocs-operator-bundle@sha256:f8d44006d6ba9cc03f369b55d65922d21062fdc886a0ec45e5c4066e249affe4?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-operator-bundle\u0026tag=v4.17.6-4"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-rhel9-operator@sha256:ba6ce5bc4a51ad0662b66a19b7baece2beff6a6a3a37a17fcee5d4c25191bd59_s390x",
"product": {
"name": "odf4/ocs-rhel9-operator@sha256:ba6ce5bc4a51ad0662b66a19b7baece2beff6a6a3a37a17fcee5d4c25191bd59_s390x",
"product_id": "odf4/ocs-rhel9-operator@sha256:ba6ce5bc4a51ad0662b66a19b7baece2beff6a6a3a37a17fcee5d4c25191bd59_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ocs-rhel9-operator@sha256:ba6ce5bc4a51ad0662b66a19b7baece2beff6a6a3a37a17fcee5d4c25191bd59?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-rhel9-operator\u0026tag=v4.17.6-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-cli-rhel9@sha256:afa180b0de79509f795b19282536ad87751eec1cbae2f1a897e2bb5632b5a917_s390x",
"product": {
"name": "odf4/odf-cli-rhel9@sha256:afa180b0de79509f795b19282536ad87751eec1cbae2f1a897e2bb5632b5a917_s390x",
"product_id": "odf4/odf-cli-rhel9@sha256:afa180b0de79509f795b19282536ad87751eec1cbae2f1a897e2bb5632b5a917_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-cli-rhel9@sha256:afa180b0de79509f795b19282536ad87751eec1cbae2f1a897e2bb5632b5a917?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-cli-rhel9\u0026tag=v4.17.6-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-console-rhel9@sha256:ff2d2d94d954ccbfc051247d8ed2c060dfd395b421a5fcd1da31c2bd4dc29d8b_s390x",
"product": {
"name": "odf4/odf-console-rhel9@sha256:ff2d2d94d954ccbfc051247d8ed2c060dfd395b421a5fcd1da31c2bd4dc29d8b_s390x",
"product_id": "odf4/odf-console-rhel9@sha256:ff2d2d94d954ccbfc051247d8ed2c060dfd395b421a5fcd1da31c2bd4dc29d8b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-console-rhel9@sha256:ff2d2d94d954ccbfc051247d8ed2c060dfd395b421a5fcd1da31c2bd4dc29d8b?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-console-rhel9\u0026tag=v4.17.6-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-cosi-sidecar-rhel9@sha256:883fa40b1605c897a3d06822663ed8f14ea8fa078c114d99e41447857c7db919_s390x",
"product": {
"name": "odf4/odf-cosi-sidecar-rhel9@sha256:883fa40b1605c897a3d06822663ed8f14ea8fa078c114d99e41447857c7db919_s390x",
"product_id": "odf4/odf-cosi-sidecar-rhel9@sha256:883fa40b1605c897a3d06822663ed8f14ea8fa078c114d99e41447857c7db919_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-cosi-sidecar-rhel9@sha256:883fa40b1605c897a3d06822663ed8f14ea8fa078c114d99e41447857c7db919?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-cosi-sidecar-rhel9\u0026tag=v4.17.6-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-operator-bundle@sha256:3ebb8ef1441dcf1d1c0a65311f26575a05eefe599e5339324fad2009db060406_s390x",
"product": {
"name": "odf4/odf-csi-addons-operator-bundle@sha256:3ebb8ef1441dcf1d1c0a65311f26575a05eefe599e5339324fad2009db060406_s390x",
"product_id": "odf4/odf-csi-addons-operator-bundle@sha256:3ebb8ef1441dcf1d1c0a65311f26575a05eefe599e5339324fad2009db060406_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-operator-bundle@sha256:3ebb8ef1441dcf1d1c0a65311f26575a05eefe599e5339324fad2009db060406?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-operator-bundle\u0026tag=v4.17.6-4"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:933c9ca1ac5fa25d45bb519c44ab4830739f5822ad3136e4f8fbdf8484566423_s390x",
"product": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:933c9ca1ac5fa25d45bb519c44ab4830739f5822ad3136e4f8fbdf8484566423_s390x",
"product_id": "odf4/odf-csi-addons-rhel9-operator@sha256:933c9ca1ac5fa25d45bb519c44ab4830739f5822ad3136e4f8fbdf8484566423_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-rhel9-operator@sha256:933c9ca1ac5fa25d45bb519c44ab4830739f5822ad3136e4f8fbdf8484566423?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel9-operator\u0026tag=v4.17.6-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:a5d0c18c9af49ec036b10b3c5f74aee018e5104ce83bfdda42fac315ef492642_s390x",
"product": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:a5d0c18c9af49ec036b10b3c5f74aee018e5104ce83bfdda42fac315ef492642_s390x",
"product_id": "odf4/odf-csi-addons-sidecar-rhel9@sha256:a5d0c18c9af49ec036b10b3c5f74aee018e5104ce83bfdda42fac315ef492642_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-sidecar-rhel9@sha256:a5d0c18c9af49ec036b10b3c5f74aee018e5104ce83bfdda42fac315ef492642?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9\u0026tag=v4.17.6-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-console-rhel9@sha256:9e12f4588faf2bd93bc2b25815a318770d8fafbdddb5d2d43e71e4b75610cb94_s390x",
"product": {
"name": "odf4/odf-multicluster-console-rhel9@sha256:9e12f4588faf2bd93bc2b25815a318770d8fafbdddb5d2d43e71e4b75610cb94_s390x",
"product_id": "odf4/odf-multicluster-console-rhel9@sha256:9e12f4588faf2bd93bc2b25815a318770d8fafbdddb5d2d43e71e4b75610cb94_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-console-rhel9@sha256:9e12f4588faf2bd93bc2b25815a318770d8fafbdddb5d2d43e71e4b75610cb94?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-console-rhel9\u0026tag=v4.17.6-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-operator-bundle@sha256:d81efbf15f4e5a7b9f828e4628099535a3d6e1f836520d79ba4759ae72d1a269_s390x",
"product": {
"name": "odf4/odf-multicluster-operator-bundle@sha256:d81efbf15f4e5a7b9f828e4628099535a3d6e1f836520d79ba4759ae72d1a269_s390x",
"product_id": "odf4/odf-multicluster-operator-bundle@sha256:d81efbf15f4e5a7b9f828e4628099535a3d6e1f836520d79ba4759ae72d1a269_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-operator-bundle@sha256:d81efbf15f4e5a7b9f828e4628099535a3d6e1f836520d79ba4759ae72d1a269?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-operator-bundle\u0026tag=v4.17.6-4"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-rhel9-operator@sha256:bf70cf7ee50fe6d336160240abf24a7da99c4a4d9a731100c3bf39f85fb15c4f_s390x",
"product": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:bf70cf7ee50fe6d336160240abf24a7da99c4a4d9a731100c3bf39f85fb15c4f_s390x",
"product_id": "odf4/odf-multicluster-rhel9-operator@sha256:bf70cf7ee50fe6d336160240abf24a7da99c4a4d9a731100c3bf39f85fb15c4f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-rhel9-operator@sha256:bf70cf7ee50fe6d336160240abf24a7da99c4a4d9a731100c3bf39f85fb15c4f?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-rhel9-operator\u0026tag=v4.17.6-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-must-gather-rhel9@sha256:aed2fb7d743758677584df771751bad1d586eac50595bc96a8463dae7e7caed2_s390x",
"product": {
"name": "odf4/odf-must-gather-rhel9@sha256:aed2fb7d743758677584df771751bad1d586eac50595bc96a8463dae7e7caed2_s390x",
"product_id": "odf4/odf-must-gather-rhel9@sha256:aed2fb7d743758677584df771751bad1d586eac50595bc96a8463dae7e7caed2_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-must-gather-rhel9@sha256:aed2fb7d743758677584df771751bad1d586eac50595bc96a8463dae7e7caed2?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-must-gather-rhel9\u0026tag=v4.17.6-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-operator-bundle@sha256:14516c830d0abad30598bbb0268e865057672dcc22e85cfa7f7b28d73e06dc54_s390x",
"product": {
"name": "odf4/odf-operator-bundle@sha256:14516c830d0abad30598bbb0268e865057672dcc22e85cfa7f7b28d73e06dc54_s390x",
"product_id": "odf4/odf-operator-bundle@sha256:14516c830d0abad30598bbb0268e865057672dcc22e85cfa7f7b28d73e06dc54_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-operator-bundle@sha256:14516c830d0abad30598bbb0268e865057672dcc22e85cfa7f7b28d73e06dc54?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-operator-bundle\u0026tag=v4.17.6-4"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-rhel9-operator@sha256:d516efc653232a34a79b22cb04902ca2582c9782f137569efb3570e33b17aaf3_s390x",
"product": {
"name": "odf4/odf-rhel9-operator@sha256:d516efc653232a34a79b22cb04902ca2582c9782f137569efb3570e33b17aaf3_s390x",
"product_id": "odf4/odf-rhel9-operator@sha256:d516efc653232a34a79b22cb04902ca2582c9782f137569efb3570e33b17aaf3_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-rhel9-operator@sha256:d516efc653232a34a79b22cb04902ca2582c9782f137569efb3570e33b17aaf3?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-rhel9-operator\u0026tag=v4.17.6-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-prometheus-operator-bundle@sha256:43671627156b45f44ad8a1416f1337f2971f51f08f9d9a52e95cb07c0ef2392e_s390x",
"product": {
"name": "odf4/odf-prometheus-operator-bundle@sha256:43671627156b45f44ad8a1416f1337f2971f51f08f9d9a52e95cb07c0ef2392e_s390x",
"product_id": "odf4/odf-prometheus-operator-bundle@sha256:43671627156b45f44ad8a1416f1337f2971f51f08f9d9a52e95cb07c0ef2392e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-prometheus-operator-bundle@sha256:43671627156b45f44ad8a1416f1337f2971f51f08f9d9a52e95cb07c0ef2392e?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-prometheus-operator-bundle\u0026tag=v4.17.6-4"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-cluster-operator-bundle@sha256:eae3e0f32787993f73e1825e01db411608b8855922ee2a00acc70f377e872170_s390x",
"product": {
"name": "odf4/odr-cluster-operator-bundle@sha256:eae3e0f32787993f73e1825e01db411608b8855922ee2a00acc70f377e872170_s390x",
"product_id": "odf4/odr-cluster-operator-bundle@sha256:eae3e0f32787993f73e1825e01db411608b8855922ee2a00acc70f377e872170_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odr-cluster-operator-bundle@sha256:eae3e0f32787993f73e1825e01db411608b8855922ee2a00acc70f377e872170?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odr-cluster-operator-bundle\u0026tag=v4.17.6-4"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-hub-operator-bundle@sha256:57844c5d07c49c33ba9071f0b90748771c8d62b73f0cc37ce44bdadae214ea0f_s390x",
"product": {
"name": "odf4/odr-hub-operator-bundle@sha256:57844c5d07c49c33ba9071f0b90748771c8d62b73f0cc37ce44bdadae214ea0f_s390x",
"product_id": "odf4/odr-hub-operator-bundle@sha256:57844c5d07c49c33ba9071f0b90748771c8d62b73f0cc37ce44bdadae214ea0f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odr-hub-operator-bundle@sha256:57844c5d07c49c33ba9071f0b90748771c8d62b73f0cc37ce44bdadae214ea0f?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odr-hub-operator-bundle\u0026tag=v4.17.6-4"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-rhel9-operator@sha256:ded381a718b98ea7a4abb7e75db96e98b84b73eb7529359ece7fa61ea0ab8eab_s390x",
"product": {
"name": "odf4/odr-rhel9-operator@sha256:ded381a718b98ea7a4abb7e75db96e98b84b73eb7529359ece7fa61ea0ab8eab_s390x",
"product_id": "odf4/odr-rhel9-operator@sha256:ded381a718b98ea7a4abb7e75db96e98b84b73eb7529359ece7fa61ea0ab8eab_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odr-rhel9-operator@sha256:ded381a718b98ea7a4abb7e75db96e98b84b73eb7529359ece7fa61ea0ab8eab?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odr-rhel9-operator\u0026tag=v4.17.6-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-recipe-operator-bundle@sha256:d0f85b64303b0f9e892520be07b2d5e211fa806602e4ba7e1fbaa9edfa488a36_s390x",
"product": {
"name": "odf4/odr-recipe-operator-bundle@sha256:d0f85b64303b0f9e892520be07b2d5e211fa806602e4ba7e1fbaa9edfa488a36_s390x",
"product_id": "odf4/odr-recipe-operator-bundle@sha256:d0f85b64303b0f9e892520be07b2d5e211fa806602e4ba7e1fbaa9edfa488a36_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odr-recipe-operator-bundle@sha256:d0f85b64303b0f9e892520be07b2d5e211fa806602e4ba7e1fbaa9edfa488a36?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odr-recipe-operator-bundle\u0026tag=v4.17.6-4"
}
}
},
{
"category": "product_version",
"name": "odf4/rook-ceph-operator-bundle@sha256:df17a31226a5a883e07be468ac20fb153a334f5d8b2718c17d7cf448b28fbd47_s390x",
"product": {
"name": "odf4/rook-ceph-operator-bundle@sha256:df17a31226a5a883e07be468ac20fb153a334f5d8b2718c17d7cf448b28fbd47_s390x",
"product_id": "odf4/rook-ceph-operator-bundle@sha256:df17a31226a5a883e07be468ac20fb153a334f5d8b2718c17d7cf448b28fbd47_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rook-ceph-operator-bundle@sha256:df17a31226a5a883e07be468ac20fb153a334f5d8b2718c17d7cf448b28fbd47?arch=s390x\u0026repository_url=registry.redhat.io/odf4/rook-ceph-operator-bundle\u0026tag=v4.17.6-4"
}
}
},
{
"category": "product_version",
"name": "odf4/rook-ceph-rhel9-operator@sha256:914f27949481999de5aa5b9c5face266828cd501246243181da786a87afcbdee_s390x",
"product": {
"name": "odf4/rook-ceph-rhel9-operator@sha256:914f27949481999de5aa5b9c5face266828cd501246243181da786a87afcbdee_s390x",
"product_id": "odf4/rook-ceph-rhel9-operator@sha256:914f27949481999de5aa5b9c5face266828cd501246243181da786a87afcbdee_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rook-ceph-rhel9-operator@sha256:914f27949481999de5aa5b9c5face266828cd501246243181da786a87afcbdee?arch=s390x\u0026repository_url=registry.redhat.io/odf4/rook-ceph-rhel9-operator\u0026tag=v4.17.6-2"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "odf4/cephcsi-rhel9@sha256:9e303d40097486dc50d743323ba6a8de7e3e2e5a8d8bc607728fed47220530a4_amd64",
"product": {
"name": "odf4/cephcsi-rhel9@sha256:9e303d40097486dc50d743323ba6a8de7e3e2e5a8d8bc607728fed47220530a4_amd64",
"product_id": "odf4/cephcsi-rhel9@sha256:9e303d40097486dc50d743323ba6a8de7e3e2e5a8d8bc607728fed47220530a4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cephcsi-rhel9@sha256:9e303d40097486dc50d743323ba6a8de7e3e2e5a8d8bc607728fed47220530a4?arch=amd64\u0026repository_url=registry.redhat.io/odf4/cephcsi-rhel9\u0026tag=v4.17.6-2"
}
}
},
{
"category": "product_version",
"name": "odf4/cephcsi-operator-bundle@sha256:3338eb8159127a7dead6006255ed0ae073a110a402ed498e2e8cc9493c0b4d8e_amd64",
"product": {
"name": "odf4/cephcsi-operator-bundle@sha256:3338eb8159127a7dead6006255ed0ae073a110a402ed498e2e8cc9493c0b4d8e_amd64",
"product_id": "odf4/cephcsi-operator-bundle@sha256:3338eb8159127a7dead6006255ed0ae073a110a402ed498e2e8cc9493c0b4d8e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cephcsi-operator-bundle@sha256:3338eb8159127a7dead6006255ed0ae073a110a402ed498e2e8cc9493c0b4d8e?arch=amd64\u0026repository_url=registry.redhat.io/odf4/cephcsi-operator-bundle\u0026tag=v4.17.6-4"
}
}
},
{
"category": "product_version",
"name": "odf4/cephcsi-rhel9-operator@sha256:21600fa74a0b9a12d469d1cdaddd804b4b73d6afdb9106eeb4f34596bb2d1258_amd64",
"product": {
"name": "odf4/cephcsi-rhel9-operator@sha256:21600fa74a0b9a12d469d1cdaddd804b4b73d6afdb9106eeb4f34596bb2d1258_amd64",
"product_id": "odf4/cephcsi-rhel9-operator@sha256:21600fa74a0b9a12d469d1cdaddd804b4b73d6afdb9106eeb4f34596bb2d1258_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cephcsi-rhel9-operator@sha256:21600fa74a0b9a12d469d1cdaddd804b4b73d6afdb9106eeb4f34596bb2d1258?arch=amd64\u0026repository_url=registry.redhat.io/odf4/cephcsi-rhel9-operator\u0026tag=v4.17.6-2"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-core-rhel9@sha256:30f2376f37765eb5b3beb424018d217f65475a8fecad4dd525ba2970ec6332b5_amd64",
"product": {
"name": "odf4/mcg-core-rhel9@sha256:30f2376f37765eb5b3beb424018d217f65475a8fecad4dd525ba2970ec6332b5_amd64",
"product_id": "odf4/mcg-core-rhel9@sha256:30f2376f37765eb5b3beb424018d217f65475a8fecad4dd525ba2970ec6332b5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mcg-core-rhel9@sha256:30f2376f37765eb5b3beb424018d217f65475a8fecad4dd525ba2970ec6332b5?arch=amd64\u0026repository_url=registry.redhat.io/odf4/mcg-core-rhel9\u0026tag=v4.17.6-2"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-operator-bundle@sha256:b399bbdde09923dd23bfc65d088894a79610e53d895c1de2d26e91850b2735f4_amd64",
"product": {
"name": "odf4/mcg-operator-bundle@sha256:b399bbdde09923dd23bfc65d088894a79610e53d895c1de2d26e91850b2735f4_amd64",
"product_id": "odf4/mcg-operator-bundle@sha256:b399bbdde09923dd23bfc65d088894a79610e53d895c1de2d26e91850b2735f4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mcg-operator-bundle@sha256:b399bbdde09923dd23bfc65d088894a79610e53d895c1de2d26e91850b2735f4?arch=amd64\u0026repository_url=registry.redhat.io/odf4/mcg-operator-bundle\u0026tag=v4.17.6-4"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-rhel9-operator@sha256:a8037be2de7db50028ce66df96573d6d5347a68c4211656d82e50a3344343aab_amd64",
"product": {
"name": "odf4/mcg-rhel9-operator@sha256:a8037be2de7db50028ce66df96573d6d5347a68c4211656d82e50a3344343aab_amd64",
"product_id": "odf4/mcg-rhel9-operator@sha256:a8037be2de7db50028ce66df96573d6d5347a68c4211656d82e50a3344343aab_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mcg-rhel9-operator@sha256:a8037be2de7db50028ce66df96573d6d5347a68c4211656d82e50a3344343aab?arch=amd64\u0026repository_url=registry.redhat.io/odf4/mcg-rhel9-operator\u0026tag=v4.17.6-2"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-console-rhel9@sha256:0cf22d86b267794025ba19591a306c81e0fdb2cf3dca05b9dcea3ecdf34f261d_amd64",
"product": {
"name": "odf4/ocs-client-console-rhel9@sha256:0cf22d86b267794025ba19591a306c81e0fdb2cf3dca05b9dcea3ecdf34f261d_amd64",
"product_id": "odf4/ocs-client-console-rhel9@sha256:0cf22d86b267794025ba19591a306c81e0fdb2cf3dca05b9dcea3ecdf34f261d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-console-rhel9@sha256:0cf22d86b267794025ba19591a306c81e0fdb2cf3dca05b9dcea3ecdf34f261d?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-client-console-rhel9\u0026tag=v4.17.6-2"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-operator-bundle@sha256:8fca3b0219de02595ada4a1ff022c5cd8a78a13f585fe59cf6cd34ef360b3a73_amd64",
"product": {
"name": "odf4/ocs-client-operator-bundle@sha256:8fca3b0219de02595ada4a1ff022c5cd8a78a13f585fe59cf6cd34ef360b3a73_amd64",
"product_id": "odf4/ocs-client-operator-bundle@sha256:8fca3b0219de02595ada4a1ff022c5cd8a78a13f585fe59cf6cd34ef360b3a73_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-operator-bundle@sha256:8fca3b0219de02595ada4a1ff022c5cd8a78a13f585fe59cf6cd34ef360b3a73?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-client-operator-bundle\u0026tag=v4.17.6-4"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-rhel9-operator@sha256:5755f2253c923b09e64a1fb6482fc17b611913db3cc5adb895b8e1f1db8e3d85_amd64",
"product": {
"name": "odf4/ocs-client-rhel9-operator@sha256:5755f2253c923b09e64a1fb6482fc17b611913db3cc5adb895b8e1f1db8e3d85_amd64",
"product_id": "odf4/ocs-client-rhel9-operator@sha256:5755f2253c923b09e64a1fb6482fc17b611913db3cc5adb895b8e1f1db8e3d85_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-rhel9-operator@sha256:5755f2253c923b09e64a1fb6482fc17b611913db3cc5adb895b8e1f1db8e3d85?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-client-rhel9-operator\u0026tag=v4.17.6-2"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:963317814b12fc9024857eabc03252fcd5219fc94daf9727c0d15543c61cc57e_amd64",
"product": {
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:963317814b12fc9024857eabc03252fcd5219fc94daf9727c0d15543c61cc57e_amd64",
"product_id": "odf4/ocs-metrics-exporter-rhel9@sha256:963317814b12fc9024857eabc03252fcd5219fc94daf9727c0d15543c61cc57e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-metrics-exporter-rhel9@sha256:963317814b12fc9024857eabc03252fcd5219fc94daf9727c0d15543c61cc57e?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-metrics-exporter-rhel9\u0026tag=v4.17.6-2"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-operator-bundle@sha256:2ea120791aa41e227e048c9acf90e393ebe3b5ee040b37a77410d1bb344b2e40_amd64",
"product": {
"name": "odf4/ocs-operator-bundle@sha256:2ea120791aa41e227e048c9acf90e393ebe3b5ee040b37a77410d1bb344b2e40_amd64",
"product_id": "odf4/ocs-operator-bundle@sha256:2ea120791aa41e227e048c9acf90e393ebe3b5ee040b37a77410d1bb344b2e40_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-operator-bundle@sha256:2ea120791aa41e227e048c9acf90e393ebe3b5ee040b37a77410d1bb344b2e40?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-operator-bundle\u0026tag=v4.17.6-4"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-rhel9-operator@sha256:af34f03adc5c18cb2a6fbc099239cbe962db9573902b45a7188d74369738ea87_amd64",
"product": {
"name": "odf4/ocs-rhel9-operator@sha256:af34f03adc5c18cb2a6fbc099239cbe962db9573902b45a7188d74369738ea87_amd64",
"product_id": "odf4/ocs-rhel9-operator@sha256:af34f03adc5c18cb2a6fbc099239cbe962db9573902b45a7188d74369738ea87_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-rhel9-operator@sha256:af34f03adc5c18cb2a6fbc099239cbe962db9573902b45a7188d74369738ea87?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-rhel9-operator\u0026tag=v4.17.6-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-cli-rhel9@sha256:dc1e0173b629ff8695aa694845d53399143d90fef25aad72b24ab4185d8d7f95_amd64",
"product": {
"name": "odf4/odf-cli-rhel9@sha256:dc1e0173b629ff8695aa694845d53399143d90fef25aad72b24ab4185d8d7f95_amd64",
"product_id": "odf4/odf-cli-rhel9@sha256:dc1e0173b629ff8695aa694845d53399143d90fef25aad72b24ab4185d8d7f95_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-cli-rhel9@sha256:dc1e0173b629ff8695aa694845d53399143d90fef25aad72b24ab4185d8d7f95?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-cli-rhel9\u0026tag=v4.17.6-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-console-rhel9@sha256:eb9ba1f0ed9f26c423ee06de5001e49d6d331a085a8edf8a82318b816a8d38fc_amd64",
"product": {
"name": "odf4/odf-console-rhel9@sha256:eb9ba1f0ed9f26c423ee06de5001e49d6d331a085a8edf8a82318b816a8d38fc_amd64",
"product_id": "odf4/odf-console-rhel9@sha256:eb9ba1f0ed9f26c423ee06de5001e49d6d331a085a8edf8a82318b816a8d38fc_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-console-rhel9@sha256:eb9ba1f0ed9f26c423ee06de5001e49d6d331a085a8edf8a82318b816a8d38fc?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-console-rhel9\u0026tag=v4.17.6-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-cosi-sidecar-rhel9@sha256:55cd05deff37a44ba1d07c4fb36fa4e4ec2b4e89c4eb98d5ff3e0172f21521b2_amd64",
"product": {
"name": "odf4/odf-cosi-sidecar-rhel9@sha256:55cd05deff37a44ba1d07c4fb36fa4e4ec2b4e89c4eb98d5ff3e0172f21521b2_amd64",
"product_id": "odf4/odf-cosi-sidecar-rhel9@sha256:55cd05deff37a44ba1d07c4fb36fa4e4ec2b4e89c4eb98d5ff3e0172f21521b2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-cosi-sidecar-rhel9@sha256:55cd05deff37a44ba1d07c4fb36fa4e4ec2b4e89c4eb98d5ff3e0172f21521b2?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-cosi-sidecar-rhel9\u0026tag=v4.17.6-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-operator-bundle@sha256:ec3a6e74ca2f0fbc8d7ed2344a2bb0c409a7a5adf0d7cf7388251f89174b7339_amd64",
"product": {
"name": "odf4/odf-csi-addons-operator-bundle@sha256:ec3a6e74ca2f0fbc8d7ed2344a2bb0c409a7a5adf0d7cf7388251f89174b7339_amd64",
"product_id": "odf4/odf-csi-addons-operator-bundle@sha256:ec3a6e74ca2f0fbc8d7ed2344a2bb0c409a7a5adf0d7cf7388251f89174b7339_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-operator-bundle@sha256:ec3a6e74ca2f0fbc8d7ed2344a2bb0c409a7a5adf0d7cf7388251f89174b7339?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-operator-bundle\u0026tag=v4.17.6-4"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:cd948f94ceabaf729040a60ecf6603da00de782249c79691f6562cbb2b19d404_amd64",
"product": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:cd948f94ceabaf729040a60ecf6603da00de782249c79691f6562cbb2b19d404_amd64",
"product_id": "odf4/odf-csi-addons-rhel9-operator@sha256:cd948f94ceabaf729040a60ecf6603da00de782249c79691f6562cbb2b19d404_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-rhel9-operator@sha256:cd948f94ceabaf729040a60ecf6603da00de782249c79691f6562cbb2b19d404?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel9-operator\u0026tag=v4.17.6-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:9a50d51c19235bc004c592f53891aa7895f0d79692309ce21a681e48f5844480_amd64",
"product": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:9a50d51c19235bc004c592f53891aa7895f0d79692309ce21a681e48f5844480_amd64",
"product_id": "odf4/odf-csi-addons-sidecar-rhel9@sha256:9a50d51c19235bc004c592f53891aa7895f0d79692309ce21a681e48f5844480_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-sidecar-rhel9@sha256:9a50d51c19235bc004c592f53891aa7895f0d79692309ce21a681e48f5844480?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9\u0026tag=v4.17.6-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-console-rhel9@sha256:ea469bde819cd85a738bc338508eb7c49bd3c5c1e913f5e99836a30432ae15f1_amd64",
"product": {
"name": "odf4/odf-multicluster-console-rhel9@sha256:ea469bde819cd85a738bc338508eb7c49bd3c5c1e913f5e99836a30432ae15f1_amd64",
"product_id": "odf4/odf-multicluster-console-rhel9@sha256:ea469bde819cd85a738bc338508eb7c49bd3c5c1e913f5e99836a30432ae15f1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-console-rhel9@sha256:ea469bde819cd85a738bc338508eb7c49bd3c5c1e913f5e99836a30432ae15f1?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-console-rhel9\u0026tag=v4.17.6-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-operator-bundle@sha256:4dc4e7ca38c7dce1404bc4ac833fed1c2901cb73a7bf8e2eaecc3af6a235746a_amd64",
"product": {
"name": "odf4/odf-multicluster-operator-bundle@sha256:4dc4e7ca38c7dce1404bc4ac833fed1c2901cb73a7bf8e2eaecc3af6a235746a_amd64",
"product_id": "odf4/odf-multicluster-operator-bundle@sha256:4dc4e7ca38c7dce1404bc4ac833fed1c2901cb73a7bf8e2eaecc3af6a235746a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-operator-bundle@sha256:4dc4e7ca38c7dce1404bc4ac833fed1c2901cb73a7bf8e2eaecc3af6a235746a?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-operator-bundle\u0026tag=v4.17.6-4"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-rhel9-operator@sha256:59b6aadac2ac4afdf697c3bfda9d220572fdf2ec2cff887f0350f0a589180141_amd64",
"product": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:59b6aadac2ac4afdf697c3bfda9d220572fdf2ec2cff887f0350f0a589180141_amd64",
"product_id": "odf4/odf-multicluster-rhel9-operator@sha256:59b6aadac2ac4afdf697c3bfda9d220572fdf2ec2cff887f0350f0a589180141_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-rhel9-operator@sha256:59b6aadac2ac4afdf697c3bfda9d220572fdf2ec2cff887f0350f0a589180141?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-rhel9-operator\u0026tag=v4.17.6-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-must-gather-rhel9@sha256:4cab9c3030988130f02052704003ab0be7f279e5cc316512fce5094591700947_amd64",
"product": {
"name": "odf4/odf-must-gather-rhel9@sha256:4cab9c3030988130f02052704003ab0be7f279e5cc316512fce5094591700947_amd64",
"product_id": "odf4/odf-must-gather-rhel9@sha256:4cab9c3030988130f02052704003ab0be7f279e5cc316512fce5094591700947_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-must-gather-rhel9@sha256:4cab9c3030988130f02052704003ab0be7f279e5cc316512fce5094591700947?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-must-gather-rhel9\u0026tag=v4.17.6-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-operator-bundle@sha256:1206983cd08b8996ad169724bbf6e76ae7c493e31ecf089204a1b7730f4ba2ea_amd64",
"product": {
"name": "odf4/odf-operator-bundle@sha256:1206983cd08b8996ad169724bbf6e76ae7c493e31ecf089204a1b7730f4ba2ea_amd64",
"product_id": "odf4/odf-operator-bundle@sha256:1206983cd08b8996ad169724bbf6e76ae7c493e31ecf089204a1b7730f4ba2ea_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-operator-bundle@sha256:1206983cd08b8996ad169724bbf6e76ae7c493e31ecf089204a1b7730f4ba2ea?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-operator-bundle\u0026tag=v4.17.6-4"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-rhel9-operator@sha256:6e7bd199fdbc5a5cb522dcdaece770a3e193f95c4e98b61998348a0b1eb7eabf_amd64",
"product": {
"name": "odf4/odf-rhel9-operator@sha256:6e7bd199fdbc5a5cb522dcdaece770a3e193f95c4e98b61998348a0b1eb7eabf_amd64",
"product_id": "odf4/odf-rhel9-operator@sha256:6e7bd199fdbc5a5cb522dcdaece770a3e193f95c4e98b61998348a0b1eb7eabf_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-rhel9-operator@sha256:6e7bd199fdbc5a5cb522dcdaece770a3e193f95c4e98b61998348a0b1eb7eabf?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-rhel9-operator\u0026tag=v4.17.6-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-prometheus-operator-bundle@sha256:fe3072cb4c35027b0077e373cbfe1e7f75072dc804dc56e7c4da7a327e039a6b_amd64",
"product": {
"name": "odf4/odf-prometheus-operator-bundle@sha256:fe3072cb4c35027b0077e373cbfe1e7f75072dc804dc56e7c4da7a327e039a6b_amd64",
"product_id": "odf4/odf-prometheus-operator-bundle@sha256:fe3072cb4c35027b0077e373cbfe1e7f75072dc804dc56e7c4da7a327e039a6b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-prometheus-operator-bundle@sha256:fe3072cb4c35027b0077e373cbfe1e7f75072dc804dc56e7c4da7a327e039a6b?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-prometheus-operator-bundle\u0026tag=v4.17.6-4"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-cluster-operator-bundle@sha256:8ba1bc142f839128a93cb596e60cb7241eddbf159b90cc795889272020073dad_amd64",
"product": {
"name": "odf4/odr-cluster-operator-bundle@sha256:8ba1bc142f839128a93cb596e60cb7241eddbf159b90cc795889272020073dad_amd64",
"product_id": "odf4/odr-cluster-operator-bundle@sha256:8ba1bc142f839128a93cb596e60cb7241eddbf159b90cc795889272020073dad_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odr-cluster-operator-bundle@sha256:8ba1bc142f839128a93cb596e60cb7241eddbf159b90cc795889272020073dad?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odr-cluster-operator-bundle\u0026tag=v4.17.6-4"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-hub-operator-bundle@sha256:4f5dc03c98b9a6d6bdb84e0e041f8a189040033b379ef6e6615c5156505b9d10_amd64",
"product": {
"name": "odf4/odr-hub-operator-bundle@sha256:4f5dc03c98b9a6d6bdb84e0e041f8a189040033b379ef6e6615c5156505b9d10_amd64",
"product_id": "odf4/odr-hub-operator-bundle@sha256:4f5dc03c98b9a6d6bdb84e0e041f8a189040033b379ef6e6615c5156505b9d10_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odr-hub-operator-bundle@sha256:4f5dc03c98b9a6d6bdb84e0e041f8a189040033b379ef6e6615c5156505b9d10?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odr-hub-operator-bundle\u0026tag=v4.17.6-4"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-rhel9-operator@sha256:a9ce6ff0ef32d029f026757522afe224774058252e36e978f27b12d9e2940585_amd64",
"product": {
"name": "odf4/odr-rhel9-operator@sha256:a9ce6ff0ef32d029f026757522afe224774058252e36e978f27b12d9e2940585_amd64",
"product_id": "odf4/odr-rhel9-operator@sha256:a9ce6ff0ef32d029f026757522afe224774058252e36e978f27b12d9e2940585_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odr-rhel9-operator@sha256:a9ce6ff0ef32d029f026757522afe224774058252e36e978f27b12d9e2940585?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odr-rhel9-operator\u0026tag=v4.17.6-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-recipe-operator-bundle@sha256:0350bfbd7e4eaee91c043edbc2ea1d49aae2f0eba1dff6f3ae84c874a0aa1082_amd64",
"product": {
"name": "odf4/odr-recipe-operator-bundle@sha256:0350bfbd7e4eaee91c043edbc2ea1d49aae2f0eba1dff6f3ae84c874a0aa1082_amd64",
"product_id": "odf4/odr-recipe-operator-bundle@sha256:0350bfbd7e4eaee91c043edbc2ea1d49aae2f0eba1dff6f3ae84c874a0aa1082_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odr-recipe-operator-bundle@sha256:0350bfbd7e4eaee91c043edbc2ea1d49aae2f0eba1dff6f3ae84c874a0aa1082?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odr-recipe-operator-bundle\u0026tag=v4.17.6-4"
}
}
},
{
"category": "product_version",
"name": "odf4/rook-ceph-operator-bundle@sha256:c66ffb2fa00181c983e4ff78bcad4ec5a4d766ed801ed323bdd7e5748d22fa97_amd64",
"product": {
"name": "odf4/rook-ceph-operator-bundle@sha256:c66ffb2fa00181c983e4ff78bcad4ec5a4d766ed801ed323bdd7e5748d22fa97_amd64",
"product_id": "odf4/rook-ceph-operator-bundle@sha256:c66ffb2fa00181c983e4ff78bcad4ec5a4d766ed801ed323bdd7e5748d22fa97_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rook-ceph-operator-bundle@sha256:c66ffb2fa00181c983e4ff78bcad4ec5a4d766ed801ed323bdd7e5748d22fa97?arch=amd64\u0026repository_url=registry.redhat.io/odf4/rook-ceph-operator-bundle\u0026tag=v4.17.6-4"
}
}
},
{
"category": "product_version",
"name": "odf4/rook-ceph-rhel9-operator@sha256:8e758d1c053be265048bd7945975c07e63f5b430152f69a3726c9c2edd1e4488_amd64",
"product": {
"name": "odf4/rook-ceph-rhel9-operator@sha256:8e758d1c053be265048bd7945975c07e63f5b430152f69a3726c9c2edd1e4488_amd64",
"product_id": "odf4/rook-ceph-rhel9-operator@sha256:8e758d1c053be265048bd7945975c07e63f5b430152f69a3726c9c2edd1e4488_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rook-ceph-rhel9-operator@sha256:8e758d1c053be265048bd7945975c07e63f5b430152f69a3726c9c2edd1e4488?arch=amd64\u0026repository_url=registry.redhat.io/odf4/rook-ceph-rhel9-operator\u0026tag=v4.17.6-2"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "odf4/cephcsi-rhel9@sha256:ad7b98f476a6fd8d89fcada9f368170aff1d211632af78be7daa63400435a913_ppc64le",
"product": {
"name": "odf4/cephcsi-rhel9@sha256:ad7b98f476a6fd8d89fcada9f368170aff1d211632af78be7daa63400435a913_ppc64le",
"product_id": "odf4/cephcsi-rhel9@sha256:ad7b98f476a6fd8d89fcada9f368170aff1d211632af78be7daa63400435a913_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cephcsi-rhel9@sha256:ad7b98f476a6fd8d89fcada9f368170aff1d211632af78be7daa63400435a913?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/cephcsi-rhel9\u0026tag=v4.17.6-2"
}
}
},
{
"category": "product_version",
"name": "odf4/cephcsi-operator-bundle@sha256:576f28c9638f00f39d664301d96462601d5d17a1e288d4b606c8d662bc440753_ppc64le",
"product": {
"name": "odf4/cephcsi-operator-bundle@sha256:576f28c9638f00f39d664301d96462601d5d17a1e288d4b606c8d662bc440753_ppc64le",
"product_id": "odf4/cephcsi-operator-bundle@sha256:576f28c9638f00f39d664301d96462601d5d17a1e288d4b606c8d662bc440753_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cephcsi-operator-bundle@sha256:576f28c9638f00f39d664301d96462601d5d17a1e288d4b606c8d662bc440753?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/cephcsi-operator-bundle\u0026tag=v4.17.6-4"
}
}
},
{
"category": "product_version",
"name": "odf4/cephcsi-rhel9-operator@sha256:b3229b38502b13863e43c46ededec4fd651a3530ff645afe2588176f0d1348f7_ppc64le",
"product": {
"name": "odf4/cephcsi-rhel9-operator@sha256:b3229b38502b13863e43c46ededec4fd651a3530ff645afe2588176f0d1348f7_ppc64le",
"product_id": "odf4/cephcsi-rhel9-operator@sha256:b3229b38502b13863e43c46ededec4fd651a3530ff645afe2588176f0d1348f7_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cephcsi-rhel9-operator@sha256:b3229b38502b13863e43c46ededec4fd651a3530ff645afe2588176f0d1348f7?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/cephcsi-rhel9-operator\u0026tag=v4.17.6-2"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-core-rhel9@sha256:6709b4595c2ca391378a8eff9d2b8d86475cf886c27d0ad12c5aa448203dd49f_ppc64le",
"product": {
"name": "odf4/mcg-core-rhel9@sha256:6709b4595c2ca391378a8eff9d2b8d86475cf886c27d0ad12c5aa448203dd49f_ppc64le",
"product_id": "odf4/mcg-core-rhel9@sha256:6709b4595c2ca391378a8eff9d2b8d86475cf886c27d0ad12c5aa448203dd49f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/mcg-core-rhel9@sha256:6709b4595c2ca391378a8eff9d2b8d86475cf886c27d0ad12c5aa448203dd49f?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/mcg-core-rhel9\u0026tag=v4.17.6-2"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-operator-bundle@sha256:ec4b600c35f4d299733f0fea636424f34c7a4538ade6d38f9fb53be048a9d261_ppc64le",
"product": {
"name": "odf4/mcg-operator-bundle@sha256:ec4b600c35f4d299733f0fea636424f34c7a4538ade6d38f9fb53be048a9d261_ppc64le",
"product_id": "odf4/mcg-operator-bundle@sha256:ec4b600c35f4d299733f0fea636424f34c7a4538ade6d38f9fb53be048a9d261_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/mcg-operator-bundle@sha256:ec4b600c35f4d299733f0fea636424f34c7a4538ade6d38f9fb53be048a9d261?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/mcg-operator-bundle\u0026tag=v4.17.6-4"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-rhel9-operator@sha256:b66b767663b821dbff9cb43a4099482556b8d5cbc66d5c2959697c9b3caf0034_ppc64le",
"product": {
"name": "odf4/mcg-rhel9-operator@sha256:b66b767663b821dbff9cb43a4099482556b8d5cbc66d5c2959697c9b3caf0034_ppc64le",
"product_id": "odf4/mcg-rhel9-operator@sha256:b66b767663b821dbff9cb43a4099482556b8d5cbc66d5c2959697c9b3caf0034_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/mcg-rhel9-operator@sha256:b66b767663b821dbff9cb43a4099482556b8d5cbc66d5c2959697c9b3caf0034?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/mcg-rhel9-operator\u0026tag=v4.17.6-2"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-console-rhel9@sha256:846b4f6065937b93beba0900488f9692ad87bc8bc3419514d8565bb25760ff9e_ppc64le",
"product": {
"name": "odf4/ocs-client-console-rhel9@sha256:846b4f6065937b93beba0900488f9692ad87bc8bc3419514d8565bb25760ff9e_ppc64le",
"product_id": "odf4/ocs-client-console-rhel9@sha256:846b4f6065937b93beba0900488f9692ad87bc8bc3419514d8565bb25760ff9e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-console-rhel9@sha256:846b4f6065937b93beba0900488f9692ad87bc8bc3419514d8565bb25760ff9e?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-client-console-rhel9\u0026tag=v4.17.6-2"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-operator-bundle@sha256:4b27ec9797836d789c1cf94a7e88b50b61604611b08eeb6bb0d8e6981463aaa6_ppc64le",
"product": {
"name": "odf4/ocs-client-operator-bundle@sha256:4b27ec9797836d789c1cf94a7e88b50b61604611b08eeb6bb0d8e6981463aaa6_ppc64le",
"product_id": "odf4/ocs-client-operator-bundle@sha256:4b27ec9797836d789c1cf94a7e88b50b61604611b08eeb6bb0d8e6981463aaa6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-operator-bundle@sha256:4b27ec9797836d789c1cf94a7e88b50b61604611b08eeb6bb0d8e6981463aaa6?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-client-operator-bundle\u0026tag=v4.17.6-4"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-rhel9-operator@sha256:83ff074d8c07017826fd332423ddd4d7893ddb64b0db6fc3e5994af11ec362d2_ppc64le",
"product": {
"name": "odf4/ocs-client-rhel9-operator@sha256:83ff074d8c07017826fd332423ddd4d7893ddb64b0db6fc3e5994af11ec362d2_ppc64le",
"product_id": "odf4/ocs-client-rhel9-operator@sha256:83ff074d8c07017826fd332423ddd4d7893ddb64b0db6fc3e5994af11ec362d2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-rhel9-operator@sha256:83ff074d8c07017826fd332423ddd4d7893ddb64b0db6fc3e5994af11ec362d2?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-client-rhel9-operator\u0026tag=v4.17.6-2"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:bae59c8cababf340258b8b675d920de77fd7d5787b4b91277f653254cbee9861_ppc64le",
"product": {
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:bae59c8cababf340258b8b675d920de77fd7d5787b4b91277f653254cbee9861_ppc64le",
"product_id": "odf4/ocs-metrics-exporter-rhel9@sha256:bae59c8cababf340258b8b675d920de77fd7d5787b4b91277f653254cbee9861_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ocs-metrics-exporter-rhel9@sha256:bae59c8cababf340258b8b675d920de77fd7d5787b4b91277f653254cbee9861?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-metrics-exporter-rhel9\u0026tag=v4.17.6-2"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-operator-bundle@sha256:737b733433b50195a2b488325242311f300713ed785b4c152332a97af54b0966_ppc64le",
"product": {
"name": "odf4/ocs-operator-bundle@sha256:737b733433b50195a2b488325242311f300713ed785b4c152332a97af54b0966_ppc64le",
"product_id": "odf4/ocs-operator-bundle@sha256:737b733433b50195a2b488325242311f300713ed785b4c152332a97af54b0966_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ocs-operator-bundle@sha256:737b733433b50195a2b488325242311f300713ed785b4c152332a97af54b0966?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-operator-bundle\u0026tag=v4.17.6-4"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-rhel9-operator@sha256:425e79644175eb15f83982417dbc53b13883a217022d4a9a04ca17cff5cc6f73_ppc64le",
"product": {
"name": "odf4/ocs-rhel9-operator@sha256:425e79644175eb15f83982417dbc53b13883a217022d4a9a04ca17cff5cc6f73_ppc64le",
"product_id": "odf4/ocs-rhel9-operator@sha256:425e79644175eb15f83982417dbc53b13883a217022d4a9a04ca17cff5cc6f73_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ocs-rhel9-operator@sha256:425e79644175eb15f83982417dbc53b13883a217022d4a9a04ca17cff5cc6f73?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-rhel9-operator\u0026tag=v4.17.6-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-cli-rhel9@sha256:050e0f2d20690c2a10f61c367652289395bf44b8de0bf9b304fb538e8ddd5ba8_ppc64le",
"product": {
"name": "odf4/odf-cli-rhel9@sha256:050e0f2d20690c2a10f61c367652289395bf44b8de0bf9b304fb538e8ddd5ba8_ppc64le",
"product_id": "odf4/odf-cli-rhel9@sha256:050e0f2d20690c2a10f61c367652289395bf44b8de0bf9b304fb538e8ddd5ba8_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-cli-rhel9@sha256:050e0f2d20690c2a10f61c367652289395bf44b8de0bf9b304fb538e8ddd5ba8?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-cli-rhel9\u0026tag=v4.17.6-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-console-rhel9@sha256:a7b7c1091d641ceae8f03233ec51b2d4ea149792ff7850bc5a0bed6280b3d3de_ppc64le",
"product": {
"name": "odf4/odf-console-rhel9@sha256:a7b7c1091d641ceae8f03233ec51b2d4ea149792ff7850bc5a0bed6280b3d3de_ppc64le",
"product_id": "odf4/odf-console-rhel9@sha256:a7b7c1091d641ceae8f03233ec51b2d4ea149792ff7850bc5a0bed6280b3d3de_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-console-rhel9@sha256:a7b7c1091d641ceae8f03233ec51b2d4ea149792ff7850bc5a0bed6280b3d3de?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-console-rhel9\u0026tag=v4.17.6-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-cosi-sidecar-rhel9@sha256:c70eb5b401fb8cf7cbbbb41f183027be6ca97a806481067103557a5fcad1de14_ppc64le",
"product": {
"name": "odf4/odf-cosi-sidecar-rhel9@sha256:c70eb5b401fb8cf7cbbbb41f183027be6ca97a806481067103557a5fcad1de14_ppc64le",
"product_id": "odf4/odf-cosi-sidecar-rhel9@sha256:c70eb5b401fb8cf7cbbbb41f183027be6ca97a806481067103557a5fcad1de14_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-cosi-sidecar-rhel9@sha256:c70eb5b401fb8cf7cbbbb41f183027be6ca97a806481067103557a5fcad1de14?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-cosi-sidecar-rhel9\u0026tag=v4.17.6-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-operator-bundle@sha256:16d9ce4c9806f06bae0b55c712d95d690a18ca9ae861b73e3690cac600967e98_ppc64le",
"product": {
"name": "odf4/odf-csi-addons-operator-bundle@sha256:16d9ce4c9806f06bae0b55c712d95d690a18ca9ae861b73e3690cac600967e98_ppc64le",
"product_id": "odf4/odf-csi-addons-operator-bundle@sha256:16d9ce4c9806f06bae0b55c712d95d690a18ca9ae861b73e3690cac600967e98_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-operator-bundle@sha256:16d9ce4c9806f06bae0b55c712d95d690a18ca9ae861b73e3690cac600967e98?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-operator-bundle\u0026tag=v4.17.6-4"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:e9bea6672693d064ef865d4eaaacfcd5a8ef792ba2f3f36ae358995dcce281e5_ppc64le",
"product": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:e9bea6672693d064ef865d4eaaacfcd5a8ef792ba2f3f36ae358995dcce281e5_ppc64le",
"product_id": "odf4/odf-csi-addons-rhel9-operator@sha256:e9bea6672693d064ef865d4eaaacfcd5a8ef792ba2f3f36ae358995dcce281e5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-rhel9-operator@sha256:e9bea6672693d064ef865d4eaaacfcd5a8ef792ba2f3f36ae358995dcce281e5?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel9-operator\u0026tag=v4.17.6-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:eb2797c3d0366304caaf99bbf37122f225ff589e69713a766409800eb735da4a_ppc64le",
"product": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:eb2797c3d0366304caaf99bbf37122f225ff589e69713a766409800eb735da4a_ppc64le",
"product_id": "odf4/odf-csi-addons-sidecar-rhel9@sha256:eb2797c3d0366304caaf99bbf37122f225ff589e69713a766409800eb735da4a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-sidecar-rhel9@sha256:eb2797c3d0366304caaf99bbf37122f225ff589e69713a766409800eb735da4a?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9\u0026tag=v4.17.6-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-console-rhel9@sha256:52369ab175c6776a642224675eb4f21fcadc233528aadf324e713d76526dc0e0_ppc64le",
"product": {
"name": "odf4/odf-multicluster-console-rhel9@sha256:52369ab175c6776a642224675eb4f21fcadc233528aadf324e713d76526dc0e0_ppc64le",
"product_id": "odf4/odf-multicluster-console-rhel9@sha256:52369ab175c6776a642224675eb4f21fcadc233528aadf324e713d76526dc0e0_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-console-rhel9@sha256:52369ab175c6776a642224675eb4f21fcadc233528aadf324e713d76526dc0e0?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-console-rhel9\u0026tag=v4.17.6-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-operator-bundle@sha256:35a72ddb58c1cc102bc0fb93d11882e83aa391a3987029f3b07f0c89e6f6c016_ppc64le",
"product": {
"name": "odf4/odf-multicluster-operator-bundle@sha256:35a72ddb58c1cc102bc0fb93d11882e83aa391a3987029f3b07f0c89e6f6c016_ppc64le",
"product_id": "odf4/odf-multicluster-operator-bundle@sha256:35a72ddb58c1cc102bc0fb93d11882e83aa391a3987029f3b07f0c89e6f6c016_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-operator-bundle@sha256:35a72ddb58c1cc102bc0fb93d11882e83aa391a3987029f3b07f0c89e6f6c016?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-operator-bundle\u0026tag=v4.17.6-4"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-rhel9-operator@sha256:1ee982829bd22343ed58067526297979c1aefc1bb3e6d8a33d573241f754f68a_ppc64le",
"product": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:1ee982829bd22343ed58067526297979c1aefc1bb3e6d8a33d573241f754f68a_ppc64le",
"product_id": "odf4/odf-multicluster-rhel9-operator@sha256:1ee982829bd22343ed58067526297979c1aefc1bb3e6d8a33d573241f754f68a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-rhel9-operator@sha256:1ee982829bd22343ed58067526297979c1aefc1bb3e6d8a33d573241f754f68a?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-rhel9-operator\u0026tag=v4.17.6-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-must-gather-rhel9@sha256:68f31b7965a66577d4484e58958a00c4f6f69c73c29ad1807d714eafc1c17a07_ppc64le",
"product": {
"name": "odf4/odf-must-gather-rhel9@sha256:68f31b7965a66577d4484e58958a00c4f6f69c73c29ad1807d714eafc1c17a07_ppc64le",
"product_id": "odf4/odf-must-gather-rhel9@sha256:68f31b7965a66577d4484e58958a00c4f6f69c73c29ad1807d714eafc1c17a07_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-must-gather-rhel9@sha256:68f31b7965a66577d4484e58958a00c4f6f69c73c29ad1807d714eafc1c17a07?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-must-gather-rhel9\u0026tag=v4.17.6-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-operator-bundle@sha256:8e7e16acc43e32a656750ce1e91cb9d1cbee827573bda726a31200d70fff3d5a_ppc64le",
"product": {
"name": "odf4/odf-operator-bundle@sha256:8e7e16acc43e32a656750ce1e91cb9d1cbee827573bda726a31200d70fff3d5a_ppc64le",
"product_id": "odf4/odf-operator-bundle@sha256:8e7e16acc43e32a656750ce1e91cb9d1cbee827573bda726a31200d70fff3d5a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-operator-bundle@sha256:8e7e16acc43e32a656750ce1e91cb9d1cbee827573bda726a31200d70fff3d5a?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-operator-bundle\u0026tag=v4.17.6-4"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-rhel9-operator@sha256:dfa4317f423206b5ba89d1f8d1e108b4163b818414cd4af47b3e689ae5c8e87c_ppc64le",
"product": {
"name": "odf4/odf-rhel9-operator@sha256:dfa4317f423206b5ba89d1f8d1e108b4163b818414cd4af47b3e689ae5c8e87c_ppc64le",
"product_id": "odf4/odf-rhel9-operator@sha256:dfa4317f423206b5ba89d1f8d1e108b4163b818414cd4af47b3e689ae5c8e87c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-rhel9-operator@sha256:dfa4317f423206b5ba89d1f8d1e108b4163b818414cd4af47b3e689ae5c8e87c?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-rhel9-operator\u0026tag=v4.17.6-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-prometheus-operator-bundle@sha256:b242be5f5d66e30089d038f5c236b5b1f8ae15925db9b108abd5d4651f5e981f_ppc64le",
"product": {
"name": "odf4/odf-prometheus-operator-bundle@sha256:b242be5f5d66e30089d038f5c236b5b1f8ae15925db9b108abd5d4651f5e981f_ppc64le",
"product_id": "odf4/odf-prometheus-operator-bundle@sha256:b242be5f5d66e30089d038f5c236b5b1f8ae15925db9b108abd5d4651f5e981f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-prometheus-operator-bundle@sha256:b242be5f5d66e30089d038f5c236b5b1f8ae15925db9b108abd5d4651f5e981f?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-prometheus-operator-bundle\u0026tag=v4.17.6-4"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-cluster-operator-bundle@sha256:1b9b58c6bf71a39c75901b09ffb9a31c21456b2dd310f2dd35c3ed0041e96384_ppc64le",
"product": {
"name": "odf4/odr-cluster-operator-bundle@sha256:1b9b58c6bf71a39c75901b09ffb9a31c21456b2dd310f2dd35c3ed0041e96384_ppc64le",
"product_id": "odf4/odr-cluster-operator-bundle@sha256:1b9b58c6bf71a39c75901b09ffb9a31c21456b2dd310f2dd35c3ed0041e96384_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odr-cluster-operator-bundle@sha256:1b9b58c6bf71a39c75901b09ffb9a31c21456b2dd310f2dd35c3ed0041e96384?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odr-cluster-operator-bundle\u0026tag=v4.17.6-4"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-hub-operator-bundle@sha256:7f9c1fa47739a7f397ba8d8524e023f8a66ab446c8b4f160726ebc7c6b589c16_ppc64le",
"product": {
"name": "odf4/odr-hub-operator-bundle@sha256:7f9c1fa47739a7f397ba8d8524e023f8a66ab446c8b4f160726ebc7c6b589c16_ppc64le",
"product_id": "odf4/odr-hub-operator-bundle@sha256:7f9c1fa47739a7f397ba8d8524e023f8a66ab446c8b4f160726ebc7c6b589c16_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odr-hub-operator-bundle@sha256:7f9c1fa47739a7f397ba8d8524e023f8a66ab446c8b4f160726ebc7c6b589c16?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odr-hub-operator-bundle\u0026tag=v4.17.6-4"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-rhel9-operator@sha256:de563b32b7c20314a99e44a85e036884ad579b71f66e4beca89988fffe7f4ab6_ppc64le",
"product": {
"name": "odf4/odr-rhel9-operator@sha256:de563b32b7c20314a99e44a85e036884ad579b71f66e4beca89988fffe7f4ab6_ppc64le",
"product_id": "odf4/odr-rhel9-operator@sha256:de563b32b7c20314a99e44a85e036884ad579b71f66e4beca89988fffe7f4ab6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odr-rhel9-operator@sha256:de563b32b7c20314a99e44a85e036884ad579b71f66e4beca89988fffe7f4ab6?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odr-rhel9-operator\u0026tag=v4.17.6-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-recipe-operator-bundle@sha256:0c7e13348770572d3737eb8045933a8ce358966c1598e0a41b50631b6332a6f7_ppc64le",
"product": {
"name": "odf4/odr-recipe-operator-bundle@sha256:0c7e13348770572d3737eb8045933a8ce358966c1598e0a41b50631b6332a6f7_ppc64le",
"product_id": "odf4/odr-recipe-operator-bundle@sha256:0c7e13348770572d3737eb8045933a8ce358966c1598e0a41b50631b6332a6f7_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odr-recipe-operator-bundle@sha256:0c7e13348770572d3737eb8045933a8ce358966c1598e0a41b50631b6332a6f7?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odr-recipe-operator-bundle\u0026tag=v4.17.6-4"
}
}
},
{
"category": "product_version",
"name": "odf4/rook-ceph-operator-bundle@sha256:e12ab810e2383f952b5317f0bfe16baa8736e9b1c6c26573352550c934b8e1f6_ppc64le",
"product": {
"name": "odf4/rook-ceph-operator-bundle@sha256:e12ab810e2383f952b5317f0bfe16baa8736e9b1c6c26573352550c934b8e1f6_ppc64le",
"product_id": "odf4/rook-ceph-operator-bundle@sha256:e12ab810e2383f952b5317f0bfe16baa8736e9b1c6c26573352550c934b8e1f6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rook-ceph-operator-bundle@sha256:e12ab810e2383f952b5317f0bfe16baa8736e9b1c6c26573352550c934b8e1f6?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/rook-ceph-operator-bundle\u0026tag=v4.17.6-4"
}
}
},
{
"category": "product_version",
"name": "odf4/rook-ceph-rhel9-operator@sha256:aafa9bbd59727e6593c6522e1b6a53d35ff44bd80f4837ab22a3f40904249f7b_ppc64le",
"product": {
"name": "odf4/rook-ceph-rhel9-operator@sha256:aafa9bbd59727e6593c6522e1b6a53d35ff44bd80f4837ab22a3f40904249f7b_ppc64le",
"product_id": "odf4/rook-ceph-rhel9-operator@sha256:aafa9bbd59727e6593c6522e1b6a53d35ff44bd80f4837ab22a3f40904249f7b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rook-ceph-rhel9-operator@sha256:aafa9bbd59727e6593c6522e1b6a53d35ff44bd80f4837ab22a3f40904249f7b?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/rook-ceph-rhel9-operator\u0026tag=v4.17.6-2"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "odf4/cephcsi-rhel9-operator@sha256:59bf592b53efafdc5dbedf6b28ff037cfa4de042afd6b9e9271e6117b539f4a2_arm64",
"product": {
"name": "odf4/cephcsi-rhel9-operator@sha256:59bf592b53efafdc5dbedf6b28ff037cfa4de042afd6b9e9271e6117b539f4a2_arm64",
"product_id": "odf4/cephcsi-rhel9-operator@sha256:59bf592b53efafdc5dbedf6b28ff037cfa4de042afd6b9e9271e6117b539f4a2_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cephcsi-rhel9-operator@sha256:59bf592b53efafdc5dbedf6b28ff037cfa4de042afd6b9e9271e6117b539f4a2?arch=arm64\u0026repository_url=registry.redhat.io/odf4/cephcsi-rhel9-operator\u0026tag=v4.17.6-2"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-core-rhel9@sha256:e1afc357b3ca4c8ada9d42a2886097c64a5d4e498d4cc913762de8653608f0e0_arm64",
"product": {
"name": "odf4/mcg-core-rhel9@sha256:e1afc357b3ca4c8ada9d42a2886097c64a5d4e498d4cc913762de8653608f0e0_arm64",
"product_id": "odf4/mcg-core-rhel9@sha256:e1afc357b3ca4c8ada9d42a2886097c64a5d4e498d4cc913762de8653608f0e0_arm64",
"product_identification_helper": {
"purl": "pkg:oci/mcg-core-rhel9@sha256:e1afc357b3ca4c8ada9d42a2886097c64a5d4e498d4cc913762de8653608f0e0?arch=arm64\u0026repository_url=registry.redhat.io/odf4/mcg-core-rhel9\u0026tag=v4.17.6-2"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-rhel9-operator@sha256:a9fb83224900a2f71d8968ff1304448fc35008c4d1ba480e142f61fad9eafb17_arm64",
"product": {
"name": "odf4/mcg-rhel9-operator@sha256:a9fb83224900a2f71d8968ff1304448fc35008c4d1ba480e142f61fad9eafb17_arm64",
"product_id": "odf4/mcg-rhel9-operator@sha256:a9fb83224900a2f71d8968ff1304448fc35008c4d1ba480e142f61fad9eafb17_arm64",
"product_identification_helper": {
"purl": "pkg:oci/mcg-rhel9-operator@sha256:a9fb83224900a2f71d8968ff1304448fc35008c4d1ba480e142f61fad9eafb17?arch=arm64\u0026repository_url=registry.redhat.io/odf4/mcg-rhel9-operator\u0026tag=v4.17.6-2"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-rhel9-operator@sha256:98b3861c54df97fa1a9df15f717c5b6608d41d6b2151ba80d57aabc245f1955a_arm64",
"product": {
"name": "odf4/ocs-client-rhel9-operator@sha256:98b3861c54df97fa1a9df15f717c5b6608d41d6b2151ba80d57aabc245f1955a_arm64",
"product_id": "odf4/ocs-client-rhel9-operator@sha256:98b3861c54df97fa1a9df15f717c5b6608d41d6b2151ba80d57aabc245f1955a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-rhel9-operator@sha256:98b3861c54df97fa1a9df15f717c5b6608d41d6b2151ba80d57aabc245f1955a?arch=arm64\u0026repository_url=registry.redhat.io/odf4/ocs-client-rhel9-operator\u0026tag=v4.17.6-2"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-rhel9-operator@sha256:280214cb617f217e35da35b62a5ac94f2e3602bc6f91206699fd0211812b8fa8_arm64",
"product": {
"name": "odf4/ocs-rhel9-operator@sha256:280214cb617f217e35da35b62a5ac94f2e3602bc6f91206699fd0211812b8fa8_arm64",
"product_id": "odf4/ocs-rhel9-operator@sha256:280214cb617f217e35da35b62a5ac94f2e3602bc6f91206699fd0211812b8fa8_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-rhel9-operator@sha256:280214cb617f217e35da35b62a5ac94f2e3602bc6f91206699fd0211812b8fa8?arch=arm64\u0026repository_url=registry.redhat.io/odf4/ocs-rhel9-operator\u0026tag=v4.17.6-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-cli-rhel9@sha256:4778eb4267c9bc0de3b16460eca81fda4f14e258ff9e549040b00e4e89905a0a_arm64",
"product": {
"name": "odf4/odf-cli-rhel9@sha256:4778eb4267c9bc0de3b16460eca81fda4f14e258ff9e549040b00e4e89905a0a_arm64",
"product_id": "odf4/odf-cli-rhel9@sha256:4778eb4267c9bc0de3b16460eca81fda4f14e258ff9e549040b00e4e89905a0a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odf-cli-rhel9@sha256:4778eb4267c9bc0de3b16460eca81fda4f14e258ff9e549040b00e4e89905a0a?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odf-cli-rhel9\u0026tag=v4.17.6-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:4b45c8e60604449f6c74150baacb3d11e50b3a10e1e7e5a2ae5568b94e8eddfe_arm64",
"product": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:4b45c8e60604449f6c74150baacb3d11e50b3a10e1e7e5a2ae5568b94e8eddfe_arm64",
"product_id": "odf4/odf-csi-addons-rhel9-operator@sha256:4b45c8e60604449f6c74150baacb3d11e50b3a10e1e7e5a2ae5568b94e8eddfe_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-rhel9-operator@sha256:4b45c8e60604449f6c74150baacb3d11e50b3a10e1e7e5a2ae5568b94e8eddfe?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel9-operator\u0026tag=v4.17.6-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:1cad36a0edfa987179c44783a3354efd2f8ef7ed933119de2b16838679f84e94_arm64",
"product": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:1cad36a0edfa987179c44783a3354efd2f8ef7ed933119de2b16838679f84e94_arm64",
"product_id": "odf4/odf-csi-addons-sidecar-rhel9@sha256:1cad36a0edfa987179c44783a3354efd2f8ef7ed933119de2b16838679f84e94_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-sidecar-rhel9@sha256:1cad36a0edfa987179c44783a3354efd2f8ef7ed933119de2b16838679f84e94?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9\u0026tag=v4.17.6-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-rhel9-operator@sha256:3c1f1037fa46c3a0846dfeefcbdbf5b468d7d3de4330e3e3afc0564ebf61de82_arm64",
"product": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:3c1f1037fa46c3a0846dfeefcbdbf5b468d7d3de4330e3e3afc0564ebf61de82_arm64",
"product_id": "odf4/odf-multicluster-rhel9-operator@sha256:3c1f1037fa46c3a0846dfeefcbdbf5b468d7d3de4330e3e3afc0564ebf61de82_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-rhel9-operator@sha256:3c1f1037fa46c3a0846dfeefcbdbf5b468d7d3de4330e3e3afc0564ebf61de82?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-rhel9-operator\u0026tag=v4.17.6-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-must-gather-rhel9@sha256:7d30ac852d491738439e09b3480ea18f093abf9c3a2e4dc9e2f3adb64f308be7_arm64",
"product": {
"name": "odf4/odf-must-gather-rhel9@sha256:7d30ac852d491738439e09b3480ea18f093abf9c3a2e4dc9e2f3adb64f308be7_arm64",
"product_id": "odf4/odf-must-gather-rhel9@sha256:7d30ac852d491738439e09b3480ea18f093abf9c3a2e4dc9e2f3adb64f308be7_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odf-must-gather-rhel9@sha256:7d30ac852d491738439e09b3480ea18f093abf9c3a2e4dc9e2f3adb64f308be7?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odf-must-gather-rhel9\u0026tag=v4.17.6-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-rhel9-operator@sha256:4ee94cf5ee9d4e7ac73ea85fda01f07b165ab0ce6b46468f47b7d824487f5071_arm64",
"product": {
"name": "odf4/odf-rhel9-operator@sha256:4ee94cf5ee9d4e7ac73ea85fda01f07b165ab0ce6b46468f47b7d824487f5071_arm64",
"product_id": "odf4/odf-rhel9-operator@sha256:4ee94cf5ee9d4e7ac73ea85fda01f07b165ab0ce6b46468f47b7d824487f5071_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odf-rhel9-operator@sha256:4ee94cf5ee9d4e7ac73ea85fda01f07b165ab0ce6b46468f47b7d824487f5071?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odf-rhel9-operator\u0026tag=v4.17.6-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-rhel9-operator@sha256:58556e90e62d85b211d8410cfe94497073e405cfd5269979e73749ceafccda67_arm64",
"product": {
"name": "odf4/odr-rhel9-operator@sha256:58556e90e62d85b211d8410cfe94497073e405cfd5269979e73749ceafccda67_arm64",
"product_id": "odf4/odr-rhel9-operator@sha256:58556e90e62d85b211d8410cfe94497073e405cfd5269979e73749ceafccda67_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odr-rhel9-operator@sha256:58556e90e62d85b211d8410cfe94497073e405cfd5269979e73749ceafccda67?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odr-rhel9-operator\u0026tag=v4.17.6-2"
}
}
}
],
"category": "architecture",
"name": "arm64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/cephcsi-operator-bundle@sha256:3338eb8159127a7dead6006255ed0ae073a110a402ed498e2e8cc9493c0b4d8e_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:3338eb8159127a7dead6006255ed0ae073a110a402ed498e2e8cc9493c0b4d8e_amd64"
},
"product_reference": "odf4/cephcsi-operator-bundle@sha256:3338eb8159127a7dead6006255ed0ae073a110a402ed498e2e8cc9493c0b4d8e_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/cephcsi-operator-bundle@sha256:576f28c9638f00f39d664301d96462601d5d17a1e288d4b606c8d662bc440753_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:576f28c9638f00f39d664301d96462601d5d17a1e288d4b606c8d662bc440753_ppc64le"
},
"product_reference": "odf4/cephcsi-operator-bundle@sha256:576f28c9638f00f39d664301d96462601d5d17a1e288d4b606c8d662bc440753_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/cephcsi-operator-bundle@sha256:b3b09619c0ffdd27075c0127e0e17e0f358a67ea8820e27925747da71c1c30e5_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:b3b09619c0ffdd27075c0127e0e17e0f358a67ea8820e27925747da71c1c30e5_s390x"
},
"product_reference": "odf4/cephcsi-operator-bundle@sha256:b3b09619c0ffdd27075c0127e0e17e0f358a67ea8820e27925747da71c1c30e5_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/cephcsi-rhel9-operator@sha256:21600fa74a0b9a12d469d1cdaddd804b4b73d6afdb9106eeb4f34596bb2d1258_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:21600fa74a0b9a12d469d1cdaddd804b4b73d6afdb9106eeb4f34596bb2d1258_amd64"
},
"product_reference": "odf4/cephcsi-rhel9-operator@sha256:21600fa74a0b9a12d469d1cdaddd804b4b73d6afdb9106eeb4f34596bb2d1258_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/cephcsi-rhel9-operator@sha256:266591c571adb2c8ef62b3e47988533d635ad9aa642781455524410f7c7221ea_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:266591c571adb2c8ef62b3e47988533d635ad9aa642781455524410f7c7221ea_s390x"
},
"product_reference": "odf4/cephcsi-rhel9-operator@sha256:266591c571adb2c8ef62b3e47988533d635ad9aa642781455524410f7c7221ea_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/cephcsi-rhel9-operator@sha256:59bf592b53efafdc5dbedf6b28ff037cfa4de042afd6b9e9271e6117b539f4a2_arm64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:59bf592b53efafdc5dbedf6b28ff037cfa4de042afd6b9e9271e6117b539f4a2_arm64"
},
"product_reference": "odf4/cephcsi-rhel9-operator@sha256:59bf592b53efafdc5dbedf6b28ff037cfa4de042afd6b9e9271e6117b539f4a2_arm64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/cephcsi-rhel9-operator@sha256:b3229b38502b13863e43c46ededec4fd651a3530ff645afe2588176f0d1348f7_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:b3229b38502b13863e43c46ededec4fd651a3530ff645afe2588176f0d1348f7_ppc64le"
},
"product_reference": "odf4/cephcsi-rhel9-operator@sha256:b3229b38502b13863e43c46ededec4fd651a3530ff645afe2588176f0d1348f7_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/cephcsi-rhel9@sha256:693657a7827d74ae8c0d270b269dede3c5f91e4b6b7521b6ec4e26b841ecda25_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:693657a7827d74ae8c0d270b269dede3c5f91e4b6b7521b6ec4e26b841ecda25_s390x"
},
"product_reference": "odf4/cephcsi-rhel9@sha256:693657a7827d74ae8c0d270b269dede3c5f91e4b6b7521b6ec4e26b841ecda25_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/cephcsi-rhel9@sha256:9e303d40097486dc50d743323ba6a8de7e3e2e5a8d8bc607728fed47220530a4_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:9e303d40097486dc50d743323ba6a8de7e3e2e5a8d8bc607728fed47220530a4_amd64"
},
"product_reference": "odf4/cephcsi-rhel9@sha256:9e303d40097486dc50d743323ba6a8de7e3e2e5a8d8bc607728fed47220530a4_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/cephcsi-rhel9@sha256:ad7b98f476a6fd8d89fcada9f368170aff1d211632af78be7daa63400435a913_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:ad7b98f476a6fd8d89fcada9f368170aff1d211632af78be7daa63400435a913_ppc64le"
},
"product_reference": "odf4/cephcsi-rhel9@sha256:ad7b98f476a6fd8d89fcada9f368170aff1d211632af78be7daa63400435a913_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-core-rhel9@sha256:30f2376f37765eb5b3beb424018d217f65475a8fecad4dd525ba2970ec6332b5_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:30f2376f37765eb5b3beb424018d217f65475a8fecad4dd525ba2970ec6332b5_amd64"
},
"product_reference": "odf4/mcg-core-rhel9@sha256:30f2376f37765eb5b3beb424018d217f65475a8fecad4dd525ba2970ec6332b5_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-core-rhel9@sha256:5772eea82b20bacc81da0531239927bde720f338c19bb5430eee7527d7d7b191_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:5772eea82b20bacc81da0531239927bde720f338c19bb5430eee7527d7d7b191_s390x"
},
"product_reference": "odf4/mcg-core-rhel9@sha256:5772eea82b20bacc81da0531239927bde720f338c19bb5430eee7527d7d7b191_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-core-rhel9@sha256:6709b4595c2ca391378a8eff9d2b8d86475cf886c27d0ad12c5aa448203dd49f_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:6709b4595c2ca391378a8eff9d2b8d86475cf886c27d0ad12c5aa448203dd49f_ppc64le"
},
"product_reference": "odf4/mcg-core-rhel9@sha256:6709b4595c2ca391378a8eff9d2b8d86475cf886c27d0ad12c5aa448203dd49f_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-core-rhel9@sha256:e1afc357b3ca4c8ada9d42a2886097c64a5d4e498d4cc913762de8653608f0e0_arm64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:e1afc357b3ca4c8ada9d42a2886097c64a5d4e498d4cc913762de8653608f0e0_arm64"
},
"product_reference": "odf4/mcg-core-rhel9@sha256:e1afc357b3ca4c8ada9d42a2886097c64a5d4e498d4cc913762de8653608f0e0_arm64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-operator-bundle@sha256:b399bbdde09923dd23bfc65d088894a79610e53d895c1de2d26e91850b2735f4_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:b399bbdde09923dd23bfc65d088894a79610e53d895c1de2d26e91850b2735f4_amd64"
},
"product_reference": "odf4/mcg-operator-bundle@sha256:b399bbdde09923dd23bfc65d088894a79610e53d895c1de2d26e91850b2735f4_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-operator-bundle@sha256:d49e1d8b7ddaf0f6168966635c46c6797683aa2ee695bd481c924e3c2a55141f_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:d49e1d8b7ddaf0f6168966635c46c6797683aa2ee695bd481c924e3c2a55141f_s390x"
},
"product_reference": "odf4/mcg-operator-bundle@sha256:d49e1d8b7ddaf0f6168966635c46c6797683aa2ee695bd481c924e3c2a55141f_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-operator-bundle@sha256:ec4b600c35f4d299733f0fea636424f34c7a4538ade6d38f9fb53be048a9d261_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ec4b600c35f4d299733f0fea636424f34c7a4538ade6d38f9fb53be048a9d261_ppc64le"
},
"product_reference": "odf4/mcg-operator-bundle@sha256:ec4b600c35f4d299733f0fea636424f34c7a4538ade6d38f9fb53be048a9d261_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-rhel9-operator@sha256:158e10c527c54e5372752a3fdf97ba0362af04996e5b24b538d295bd1efbbd2f_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:158e10c527c54e5372752a3fdf97ba0362af04996e5b24b538d295bd1efbbd2f_s390x"
},
"product_reference": "odf4/mcg-rhel9-operator@sha256:158e10c527c54e5372752a3fdf97ba0362af04996e5b24b538d295bd1efbbd2f_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-rhel9-operator@sha256:a8037be2de7db50028ce66df96573d6d5347a68c4211656d82e50a3344343aab_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:a8037be2de7db50028ce66df96573d6d5347a68c4211656d82e50a3344343aab_amd64"
},
"product_reference": "odf4/mcg-rhel9-operator@sha256:a8037be2de7db50028ce66df96573d6d5347a68c4211656d82e50a3344343aab_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-rhel9-operator@sha256:a9fb83224900a2f71d8968ff1304448fc35008c4d1ba480e142f61fad9eafb17_arm64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:a9fb83224900a2f71d8968ff1304448fc35008c4d1ba480e142f61fad9eafb17_arm64"
},
"product_reference": "odf4/mcg-rhel9-operator@sha256:a9fb83224900a2f71d8968ff1304448fc35008c4d1ba480e142f61fad9eafb17_arm64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-rhel9-operator@sha256:b66b767663b821dbff9cb43a4099482556b8d5cbc66d5c2959697c9b3caf0034_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:b66b767663b821dbff9cb43a4099482556b8d5cbc66d5c2959697c9b3caf0034_ppc64le"
},
"product_reference": "odf4/mcg-rhel9-operator@sha256:b66b767663b821dbff9cb43a4099482556b8d5cbc66d5c2959697c9b3caf0034_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-console-rhel9@sha256:0cf22d86b267794025ba19591a306c81e0fdb2cf3dca05b9dcea3ecdf34f261d_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:0cf22d86b267794025ba19591a306c81e0fdb2cf3dca05b9dcea3ecdf34f261d_amd64"
},
"product_reference": "odf4/ocs-client-console-rhel9@sha256:0cf22d86b267794025ba19591a306c81e0fdb2cf3dca05b9dcea3ecdf34f261d_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-console-rhel9@sha256:846b4f6065937b93beba0900488f9692ad87bc8bc3419514d8565bb25760ff9e_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:846b4f6065937b93beba0900488f9692ad87bc8bc3419514d8565bb25760ff9e_ppc64le"
},
"product_reference": "odf4/ocs-client-console-rhel9@sha256:846b4f6065937b93beba0900488f9692ad87bc8bc3419514d8565bb25760ff9e_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-console-rhel9@sha256:96fb1b5997e08fb6c8531d8a1d1ccb1ddb640701ecab86c4a582672a2aafd8c2_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:96fb1b5997e08fb6c8531d8a1d1ccb1ddb640701ecab86c4a582672a2aafd8c2_s390x"
},
"product_reference": "odf4/ocs-client-console-rhel9@sha256:96fb1b5997e08fb6c8531d8a1d1ccb1ddb640701ecab86c4a582672a2aafd8c2_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-operator-bundle@sha256:4b27ec9797836d789c1cf94a7e88b50b61604611b08eeb6bb0d8e6981463aaa6_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:4b27ec9797836d789c1cf94a7e88b50b61604611b08eeb6bb0d8e6981463aaa6_ppc64le"
},
"product_reference": "odf4/ocs-client-operator-bundle@sha256:4b27ec9797836d789c1cf94a7e88b50b61604611b08eeb6bb0d8e6981463aaa6_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-operator-bundle@sha256:8fca3b0219de02595ada4a1ff022c5cd8a78a13f585fe59cf6cd34ef360b3a73_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:8fca3b0219de02595ada4a1ff022c5cd8a78a13f585fe59cf6cd34ef360b3a73_amd64"
},
"product_reference": "odf4/ocs-client-operator-bundle@sha256:8fca3b0219de02595ada4a1ff022c5cd8a78a13f585fe59cf6cd34ef360b3a73_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-operator-bundle@sha256:f76d5822501de4895c092e82ee8869edb48695d2583118296fb16fea62f5f120_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:f76d5822501de4895c092e82ee8869edb48695d2583118296fb16fea62f5f120_s390x"
},
"product_reference": "odf4/ocs-client-operator-bundle@sha256:f76d5822501de4895c092e82ee8869edb48695d2583118296fb16fea62f5f120_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-rhel9-operator@sha256:5755f2253c923b09e64a1fb6482fc17b611913db3cc5adb895b8e1f1db8e3d85_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:5755f2253c923b09e64a1fb6482fc17b611913db3cc5adb895b8e1f1db8e3d85_amd64"
},
"product_reference": "odf4/ocs-client-rhel9-operator@sha256:5755f2253c923b09e64a1fb6482fc17b611913db3cc5adb895b8e1f1db8e3d85_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-rhel9-operator@sha256:83ff074d8c07017826fd332423ddd4d7893ddb64b0db6fc3e5994af11ec362d2_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:83ff074d8c07017826fd332423ddd4d7893ddb64b0db6fc3e5994af11ec362d2_ppc64le"
},
"product_reference": "odf4/ocs-client-rhel9-operator@sha256:83ff074d8c07017826fd332423ddd4d7893ddb64b0db6fc3e5994af11ec362d2_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-rhel9-operator@sha256:98b3861c54df97fa1a9df15f717c5b6608d41d6b2151ba80d57aabc245f1955a_arm64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:98b3861c54df97fa1a9df15f717c5b6608d41d6b2151ba80d57aabc245f1955a_arm64"
},
"product_reference": "odf4/ocs-client-rhel9-operator@sha256:98b3861c54df97fa1a9df15f717c5b6608d41d6b2151ba80d57aabc245f1955a_arm64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-rhel9-operator@sha256:f55c4b5b8232bf964ea94ceeea7fd6935025530582931d6b2751a28abc145eae_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:f55c4b5b8232bf964ea94ceeea7fd6935025530582931d6b2751a28abc145eae_s390x"
},
"product_reference": "odf4/ocs-client-rhel9-operator@sha256:f55c4b5b8232bf964ea94ceeea7fd6935025530582931d6b2751a28abc145eae_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:963317814b12fc9024857eabc03252fcd5219fc94daf9727c0d15543c61cc57e_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:963317814b12fc9024857eabc03252fcd5219fc94daf9727c0d15543c61cc57e_amd64"
},
"product_reference": "odf4/ocs-metrics-exporter-rhel9@sha256:963317814b12fc9024857eabc03252fcd5219fc94daf9727c0d15543c61cc57e_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:bae59c8cababf340258b8b675d920de77fd7d5787b4b91277f653254cbee9861_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:bae59c8cababf340258b8b675d920de77fd7d5787b4b91277f653254cbee9861_ppc64le"
},
"product_reference": "odf4/ocs-metrics-exporter-rhel9@sha256:bae59c8cababf340258b8b675d920de77fd7d5787b4b91277f653254cbee9861_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:eebd7024bb98308262f5e10c5b479a005af8b41aa0e1e52fd80421ce578ba862_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:eebd7024bb98308262f5e10c5b479a005af8b41aa0e1e52fd80421ce578ba862_s390x"
},
"product_reference": "odf4/ocs-metrics-exporter-rhel9@sha256:eebd7024bb98308262f5e10c5b479a005af8b41aa0e1e52fd80421ce578ba862_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-operator-bundle@sha256:2ea120791aa41e227e048c9acf90e393ebe3b5ee040b37a77410d1bb344b2e40_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:2ea120791aa41e227e048c9acf90e393ebe3b5ee040b37a77410d1bb344b2e40_amd64"
},
"product_reference": "odf4/ocs-operator-bundle@sha256:2ea120791aa41e227e048c9acf90e393ebe3b5ee040b37a77410d1bb344b2e40_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-operator-bundle@sha256:737b733433b50195a2b488325242311f300713ed785b4c152332a97af54b0966_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:737b733433b50195a2b488325242311f300713ed785b4c152332a97af54b0966_ppc64le"
},
"product_reference": "odf4/ocs-operator-bundle@sha256:737b733433b50195a2b488325242311f300713ed785b4c152332a97af54b0966_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-operator-bundle@sha256:f8d44006d6ba9cc03f369b55d65922d21062fdc886a0ec45e5c4066e249affe4_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:f8d44006d6ba9cc03f369b55d65922d21062fdc886a0ec45e5c4066e249affe4_s390x"
},
"product_reference": "odf4/ocs-operator-bundle@sha256:f8d44006d6ba9cc03f369b55d65922d21062fdc886a0ec45e5c4066e249affe4_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-rhel9-operator@sha256:280214cb617f217e35da35b62a5ac94f2e3602bc6f91206699fd0211812b8fa8_arm64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:280214cb617f217e35da35b62a5ac94f2e3602bc6f91206699fd0211812b8fa8_arm64"
},
"product_reference": "odf4/ocs-rhel9-operator@sha256:280214cb617f217e35da35b62a5ac94f2e3602bc6f91206699fd0211812b8fa8_arm64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-rhel9-operator@sha256:425e79644175eb15f83982417dbc53b13883a217022d4a9a04ca17cff5cc6f73_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:425e79644175eb15f83982417dbc53b13883a217022d4a9a04ca17cff5cc6f73_ppc64le"
},
"product_reference": "odf4/ocs-rhel9-operator@sha256:425e79644175eb15f83982417dbc53b13883a217022d4a9a04ca17cff5cc6f73_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-rhel9-operator@sha256:af34f03adc5c18cb2a6fbc099239cbe962db9573902b45a7188d74369738ea87_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:af34f03adc5c18cb2a6fbc099239cbe962db9573902b45a7188d74369738ea87_amd64"
},
"product_reference": "odf4/ocs-rhel9-operator@sha256:af34f03adc5c18cb2a6fbc099239cbe962db9573902b45a7188d74369738ea87_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-rhel9-operator@sha256:ba6ce5bc4a51ad0662b66a19b7baece2beff6a6a3a37a17fcee5d4c25191bd59_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:ba6ce5bc4a51ad0662b66a19b7baece2beff6a6a3a37a17fcee5d4c25191bd59_s390x"
},
"product_reference": "odf4/ocs-rhel9-operator@sha256:ba6ce5bc4a51ad0662b66a19b7baece2beff6a6a3a37a17fcee5d4c25191bd59_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-cli-rhel9@sha256:050e0f2d20690c2a10f61c367652289395bf44b8de0bf9b304fb538e8ddd5ba8_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:050e0f2d20690c2a10f61c367652289395bf44b8de0bf9b304fb538e8ddd5ba8_ppc64le"
},
"product_reference": "odf4/odf-cli-rhel9@sha256:050e0f2d20690c2a10f61c367652289395bf44b8de0bf9b304fb538e8ddd5ba8_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-cli-rhel9@sha256:4778eb4267c9bc0de3b16460eca81fda4f14e258ff9e549040b00e4e89905a0a_arm64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:4778eb4267c9bc0de3b16460eca81fda4f14e258ff9e549040b00e4e89905a0a_arm64"
},
"product_reference": "odf4/odf-cli-rhel9@sha256:4778eb4267c9bc0de3b16460eca81fda4f14e258ff9e549040b00e4e89905a0a_arm64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-cli-rhel9@sha256:afa180b0de79509f795b19282536ad87751eec1cbae2f1a897e2bb5632b5a917_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:afa180b0de79509f795b19282536ad87751eec1cbae2f1a897e2bb5632b5a917_s390x"
},
"product_reference": "odf4/odf-cli-rhel9@sha256:afa180b0de79509f795b19282536ad87751eec1cbae2f1a897e2bb5632b5a917_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-cli-rhel9@sha256:dc1e0173b629ff8695aa694845d53399143d90fef25aad72b24ab4185d8d7f95_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:dc1e0173b629ff8695aa694845d53399143d90fef25aad72b24ab4185d8d7f95_amd64"
},
"product_reference": "odf4/odf-cli-rhel9@sha256:dc1e0173b629ff8695aa694845d53399143d90fef25aad72b24ab4185d8d7f95_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-console-rhel9@sha256:a7b7c1091d641ceae8f03233ec51b2d4ea149792ff7850bc5a0bed6280b3d3de_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:a7b7c1091d641ceae8f03233ec51b2d4ea149792ff7850bc5a0bed6280b3d3de_ppc64le"
},
"product_reference": "odf4/odf-console-rhel9@sha256:a7b7c1091d641ceae8f03233ec51b2d4ea149792ff7850bc5a0bed6280b3d3de_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-console-rhel9@sha256:eb9ba1f0ed9f26c423ee06de5001e49d6d331a085a8edf8a82318b816a8d38fc_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:eb9ba1f0ed9f26c423ee06de5001e49d6d331a085a8edf8a82318b816a8d38fc_amd64"
},
"product_reference": "odf4/odf-console-rhel9@sha256:eb9ba1f0ed9f26c423ee06de5001e49d6d331a085a8edf8a82318b816a8d38fc_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-console-rhel9@sha256:ff2d2d94d954ccbfc051247d8ed2c060dfd395b421a5fcd1da31c2bd4dc29d8b_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:ff2d2d94d954ccbfc051247d8ed2c060dfd395b421a5fcd1da31c2bd4dc29d8b_s390x"
},
"product_reference": "odf4/odf-console-rhel9@sha256:ff2d2d94d954ccbfc051247d8ed2c060dfd395b421a5fcd1da31c2bd4dc29d8b_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-cosi-sidecar-rhel9@sha256:55cd05deff37a44ba1d07c4fb36fa4e4ec2b4e89c4eb98d5ff3e0172f21521b2_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:55cd05deff37a44ba1d07c4fb36fa4e4ec2b4e89c4eb98d5ff3e0172f21521b2_amd64"
},
"product_reference": "odf4/odf-cosi-sidecar-rhel9@sha256:55cd05deff37a44ba1d07c4fb36fa4e4ec2b4e89c4eb98d5ff3e0172f21521b2_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-cosi-sidecar-rhel9@sha256:883fa40b1605c897a3d06822663ed8f14ea8fa078c114d99e41447857c7db919_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:883fa40b1605c897a3d06822663ed8f14ea8fa078c114d99e41447857c7db919_s390x"
},
"product_reference": "odf4/odf-cosi-sidecar-rhel9@sha256:883fa40b1605c897a3d06822663ed8f14ea8fa078c114d99e41447857c7db919_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-cosi-sidecar-rhel9@sha256:c70eb5b401fb8cf7cbbbb41f183027be6ca97a806481067103557a5fcad1de14_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:c70eb5b401fb8cf7cbbbb41f183027be6ca97a806481067103557a5fcad1de14_ppc64le"
},
"product_reference": "odf4/odf-cosi-sidecar-rhel9@sha256:c70eb5b401fb8cf7cbbbb41f183027be6ca97a806481067103557a5fcad1de14_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-operator-bundle@sha256:16d9ce4c9806f06bae0b55c712d95d690a18ca9ae861b73e3690cac600967e98_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:16d9ce4c9806f06bae0b55c712d95d690a18ca9ae861b73e3690cac600967e98_ppc64le"
},
"product_reference": "odf4/odf-csi-addons-operator-bundle@sha256:16d9ce4c9806f06bae0b55c712d95d690a18ca9ae861b73e3690cac600967e98_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-operator-bundle@sha256:3ebb8ef1441dcf1d1c0a65311f26575a05eefe599e5339324fad2009db060406_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:3ebb8ef1441dcf1d1c0a65311f26575a05eefe599e5339324fad2009db060406_s390x"
},
"product_reference": "odf4/odf-csi-addons-operator-bundle@sha256:3ebb8ef1441dcf1d1c0a65311f26575a05eefe599e5339324fad2009db060406_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-operator-bundle@sha256:ec3a6e74ca2f0fbc8d7ed2344a2bb0c409a7a5adf0d7cf7388251f89174b7339_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:ec3a6e74ca2f0fbc8d7ed2344a2bb0c409a7a5adf0d7cf7388251f89174b7339_amd64"
},
"product_reference": "odf4/odf-csi-addons-operator-bundle@sha256:ec3a6e74ca2f0fbc8d7ed2344a2bb0c409a7a5adf0d7cf7388251f89174b7339_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:4b45c8e60604449f6c74150baacb3d11e50b3a10e1e7e5a2ae5568b94e8eddfe_arm64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:4b45c8e60604449f6c74150baacb3d11e50b3a10e1e7e5a2ae5568b94e8eddfe_arm64"
},
"product_reference": "odf4/odf-csi-addons-rhel9-operator@sha256:4b45c8e60604449f6c74150baacb3d11e50b3a10e1e7e5a2ae5568b94e8eddfe_arm64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:933c9ca1ac5fa25d45bb519c44ab4830739f5822ad3136e4f8fbdf8484566423_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:933c9ca1ac5fa25d45bb519c44ab4830739f5822ad3136e4f8fbdf8484566423_s390x"
},
"product_reference": "odf4/odf-csi-addons-rhel9-operator@sha256:933c9ca1ac5fa25d45bb519c44ab4830739f5822ad3136e4f8fbdf8484566423_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:cd948f94ceabaf729040a60ecf6603da00de782249c79691f6562cbb2b19d404_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:cd948f94ceabaf729040a60ecf6603da00de782249c79691f6562cbb2b19d404_amd64"
},
"product_reference": "odf4/odf-csi-addons-rhel9-operator@sha256:cd948f94ceabaf729040a60ecf6603da00de782249c79691f6562cbb2b19d404_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:e9bea6672693d064ef865d4eaaacfcd5a8ef792ba2f3f36ae358995dcce281e5_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:e9bea6672693d064ef865d4eaaacfcd5a8ef792ba2f3f36ae358995dcce281e5_ppc64le"
},
"product_reference": "odf4/odf-csi-addons-rhel9-operator@sha256:e9bea6672693d064ef865d4eaaacfcd5a8ef792ba2f3f36ae358995dcce281e5_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:1cad36a0edfa987179c44783a3354efd2f8ef7ed933119de2b16838679f84e94_arm64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:1cad36a0edfa987179c44783a3354efd2f8ef7ed933119de2b16838679f84e94_arm64"
},
"product_reference": "odf4/odf-csi-addons-sidecar-rhel9@sha256:1cad36a0edfa987179c44783a3354efd2f8ef7ed933119de2b16838679f84e94_arm64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:9a50d51c19235bc004c592f53891aa7895f0d79692309ce21a681e48f5844480_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:9a50d51c19235bc004c592f53891aa7895f0d79692309ce21a681e48f5844480_amd64"
},
"product_reference": "odf4/odf-csi-addons-sidecar-rhel9@sha256:9a50d51c19235bc004c592f53891aa7895f0d79692309ce21a681e48f5844480_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:a5d0c18c9af49ec036b10b3c5f74aee018e5104ce83bfdda42fac315ef492642_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:a5d0c18c9af49ec036b10b3c5f74aee018e5104ce83bfdda42fac315ef492642_s390x"
},
"product_reference": "odf4/odf-csi-addons-sidecar-rhel9@sha256:a5d0c18c9af49ec036b10b3c5f74aee018e5104ce83bfdda42fac315ef492642_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:eb2797c3d0366304caaf99bbf37122f225ff589e69713a766409800eb735da4a_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:eb2797c3d0366304caaf99bbf37122f225ff589e69713a766409800eb735da4a_ppc64le"
},
"product_reference": "odf4/odf-csi-addons-sidecar-rhel9@sha256:eb2797c3d0366304caaf99bbf37122f225ff589e69713a766409800eb735da4a_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-console-rhel9@sha256:52369ab175c6776a642224675eb4f21fcadc233528aadf324e713d76526dc0e0_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:52369ab175c6776a642224675eb4f21fcadc233528aadf324e713d76526dc0e0_ppc64le"
},
"product_reference": "odf4/odf-multicluster-console-rhel9@sha256:52369ab175c6776a642224675eb4f21fcadc233528aadf324e713d76526dc0e0_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-console-rhel9@sha256:9e12f4588faf2bd93bc2b25815a318770d8fafbdddb5d2d43e71e4b75610cb94_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:9e12f4588faf2bd93bc2b25815a318770d8fafbdddb5d2d43e71e4b75610cb94_s390x"
},
"product_reference": "odf4/odf-multicluster-console-rhel9@sha256:9e12f4588faf2bd93bc2b25815a318770d8fafbdddb5d2d43e71e4b75610cb94_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-console-rhel9@sha256:ea469bde819cd85a738bc338508eb7c49bd3c5c1e913f5e99836a30432ae15f1_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:ea469bde819cd85a738bc338508eb7c49bd3c5c1e913f5e99836a30432ae15f1_amd64"
},
"product_reference": "odf4/odf-multicluster-console-rhel9@sha256:ea469bde819cd85a738bc338508eb7c49bd3c5c1e913f5e99836a30432ae15f1_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-operator-bundle@sha256:35a72ddb58c1cc102bc0fb93d11882e83aa391a3987029f3b07f0c89e6f6c016_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:35a72ddb58c1cc102bc0fb93d11882e83aa391a3987029f3b07f0c89e6f6c016_ppc64le"
},
"product_reference": "odf4/odf-multicluster-operator-bundle@sha256:35a72ddb58c1cc102bc0fb93d11882e83aa391a3987029f3b07f0c89e6f6c016_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-operator-bundle@sha256:4dc4e7ca38c7dce1404bc4ac833fed1c2901cb73a7bf8e2eaecc3af6a235746a_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:4dc4e7ca38c7dce1404bc4ac833fed1c2901cb73a7bf8e2eaecc3af6a235746a_amd64"
},
"product_reference": "odf4/odf-multicluster-operator-bundle@sha256:4dc4e7ca38c7dce1404bc4ac833fed1c2901cb73a7bf8e2eaecc3af6a235746a_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-operator-bundle@sha256:d81efbf15f4e5a7b9f828e4628099535a3d6e1f836520d79ba4759ae72d1a269_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:d81efbf15f4e5a7b9f828e4628099535a3d6e1f836520d79ba4759ae72d1a269_s390x"
},
"product_reference": "odf4/odf-multicluster-operator-bundle@sha256:d81efbf15f4e5a7b9f828e4628099535a3d6e1f836520d79ba4759ae72d1a269_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:1ee982829bd22343ed58067526297979c1aefc1bb3e6d8a33d573241f754f68a_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:1ee982829bd22343ed58067526297979c1aefc1bb3e6d8a33d573241f754f68a_ppc64le"
},
"product_reference": "odf4/odf-multicluster-rhel9-operator@sha256:1ee982829bd22343ed58067526297979c1aefc1bb3e6d8a33d573241f754f68a_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:3c1f1037fa46c3a0846dfeefcbdbf5b468d7d3de4330e3e3afc0564ebf61de82_arm64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:3c1f1037fa46c3a0846dfeefcbdbf5b468d7d3de4330e3e3afc0564ebf61de82_arm64"
},
"product_reference": "odf4/odf-multicluster-rhel9-operator@sha256:3c1f1037fa46c3a0846dfeefcbdbf5b468d7d3de4330e3e3afc0564ebf61de82_arm64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:59b6aadac2ac4afdf697c3bfda9d220572fdf2ec2cff887f0350f0a589180141_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:59b6aadac2ac4afdf697c3bfda9d220572fdf2ec2cff887f0350f0a589180141_amd64"
},
"product_reference": "odf4/odf-multicluster-rhel9-operator@sha256:59b6aadac2ac4afdf697c3bfda9d220572fdf2ec2cff887f0350f0a589180141_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:bf70cf7ee50fe6d336160240abf24a7da99c4a4d9a731100c3bf39f85fb15c4f_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:bf70cf7ee50fe6d336160240abf24a7da99c4a4d9a731100c3bf39f85fb15c4f_s390x"
},
"product_reference": "odf4/odf-multicluster-rhel9-operator@sha256:bf70cf7ee50fe6d336160240abf24a7da99c4a4d9a731100c3bf39f85fb15c4f_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-must-gather-rhel9@sha256:4cab9c3030988130f02052704003ab0be7f279e5cc316512fce5094591700947_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:4cab9c3030988130f02052704003ab0be7f279e5cc316512fce5094591700947_amd64"
},
"product_reference": "odf4/odf-must-gather-rhel9@sha256:4cab9c3030988130f02052704003ab0be7f279e5cc316512fce5094591700947_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-must-gather-rhel9@sha256:68f31b7965a66577d4484e58958a00c4f6f69c73c29ad1807d714eafc1c17a07_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:68f31b7965a66577d4484e58958a00c4f6f69c73c29ad1807d714eafc1c17a07_ppc64le"
},
"product_reference": "odf4/odf-must-gather-rhel9@sha256:68f31b7965a66577d4484e58958a00c4f6f69c73c29ad1807d714eafc1c17a07_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-must-gather-rhel9@sha256:7d30ac852d491738439e09b3480ea18f093abf9c3a2e4dc9e2f3adb64f308be7_arm64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7d30ac852d491738439e09b3480ea18f093abf9c3a2e4dc9e2f3adb64f308be7_arm64"
},
"product_reference": "odf4/odf-must-gather-rhel9@sha256:7d30ac852d491738439e09b3480ea18f093abf9c3a2e4dc9e2f3adb64f308be7_arm64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-must-gather-rhel9@sha256:aed2fb7d743758677584df771751bad1d586eac50595bc96a8463dae7e7caed2_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:aed2fb7d743758677584df771751bad1d586eac50595bc96a8463dae7e7caed2_s390x"
},
"product_reference": "odf4/odf-must-gather-rhel9@sha256:aed2fb7d743758677584df771751bad1d586eac50595bc96a8463dae7e7caed2_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-operator-bundle@sha256:1206983cd08b8996ad169724bbf6e76ae7c493e31ecf089204a1b7730f4ba2ea_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:1206983cd08b8996ad169724bbf6e76ae7c493e31ecf089204a1b7730f4ba2ea_amd64"
},
"product_reference": "odf4/odf-operator-bundle@sha256:1206983cd08b8996ad169724bbf6e76ae7c493e31ecf089204a1b7730f4ba2ea_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-operator-bundle@sha256:14516c830d0abad30598bbb0268e865057672dcc22e85cfa7f7b28d73e06dc54_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:14516c830d0abad30598bbb0268e865057672dcc22e85cfa7f7b28d73e06dc54_s390x"
},
"product_reference": "odf4/odf-operator-bundle@sha256:14516c830d0abad30598bbb0268e865057672dcc22e85cfa7f7b28d73e06dc54_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-operator-bundle@sha256:8e7e16acc43e32a656750ce1e91cb9d1cbee827573bda726a31200d70fff3d5a_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:8e7e16acc43e32a656750ce1e91cb9d1cbee827573bda726a31200d70fff3d5a_ppc64le"
},
"product_reference": "odf4/odf-operator-bundle@sha256:8e7e16acc43e32a656750ce1e91cb9d1cbee827573bda726a31200d70fff3d5a_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-prometheus-operator-bundle@sha256:43671627156b45f44ad8a1416f1337f2971f51f08f9d9a52e95cb07c0ef2392e_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:43671627156b45f44ad8a1416f1337f2971f51f08f9d9a52e95cb07c0ef2392e_s390x"
},
"product_reference": "odf4/odf-prometheus-operator-bundle@sha256:43671627156b45f44ad8a1416f1337f2971f51f08f9d9a52e95cb07c0ef2392e_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-prometheus-operator-bundle@sha256:b242be5f5d66e30089d038f5c236b5b1f8ae15925db9b108abd5d4651f5e981f_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:b242be5f5d66e30089d038f5c236b5b1f8ae15925db9b108abd5d4651f5e981f_ppc64le"
},
"product_reference": "odf4/odf-prometheus-operator-bundle@sha256:b242be5f5d66e30089d038f5c236b5b1f8ae15925db9b108abd5d4651f5e981f_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-prometheus-operator-bundle@sha256:fe3072cb4c35027b0077e373cbfe1e7f75072dc804dc56e7c4da7a327e039a6b_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:fe3072cb4c35027b0077e373cbfe1e7f75072dc804dc56e7c4da7a327e039a6b_amd64"
},
"product_reference": "odf4/odf-prometheus-operator-bundle@sha256:fe3072cb4c35027b0077e373cbfe1e7f75072dc804dc56e7c4da7a327e039a6b_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-rhel9-operator@sha256:4ee94cf5ee9d4e7ac73ea85fda01f07b165ab0ce6b46468f47b7d824487f5071_arm64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:4ee94cf5ee9d4e7ac73ea85fda01f07b165ab0ce6b46468f47b7d824487f5071_arm64"
},
"product_reference": "odf4/odf-rhel9-operator@sha256:4ee94cf5ee9d4e7ac73ea85fda01f07b165ab0ce6b46468f47b7d824487f5071_arm64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-rhel9-operator@sha256:6e7bd199fdbc5a5cb522dcdaece770a3e193f95c4e98b61998348a0b1eb7eabf_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:6e7bd199fdbc5a5cb522dcdaece770a3e193f95c4e98b61998348a0b1eb7eabf_amd64"
},
"product_reference": "odf4/odf-rhel9-operator@sha256:6e7bd199fdbc5a5cb522dcdaece770a3e193f95c4e98b61998348a0b1eb7eabf_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-rhel9-operator@sha256:d516efc653232a34a79b22cb04902ca2582c9782f137569efb3570e33b17aaf3_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:d516efc653232a34a79b22cb04902ca2582c9782f137569efb3570e33b17aaf3_s390x"
},
"product_reference": "odf4/odf-rhel9-operator@sha256:d516efc653232a34a79b22cb04902ca2582c9782f137569efb3570e33b17aaf3_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-rhel9-operator@sha256:dfa4317f423206b5ba89d1f8d1e108b4163b818414cd4af47b3e689ae5c8e87c_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:dfa4317f423206b5ba89d1f8d1e108b4163b818414cd4af47b3e689ae5c8e87c_ppc64le"
},
"product_reference": "odf4/odf-rhel9-operator@sha256:dfa4317f423206b5ba89d1f8d1e108b4163b818414cd4af47b3e689ae5c8e87c_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-cluster-operator-bundle@sha256:1b9b58c6bf71a39c75901b09ffb9a31c21456b2dd310f2dd35c3ed0041e96384_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b9b58c6bf71a39c75901b09ffb9a31c21456b2dd310f2dd35c3ed0041e96384_ppc64le"
},
"product_reference": "odf4/odr-cluster-operator-bundle@sha256:1b9b58c6bf71a39c75901b09ffb9a31c21456b2dd310f2dd35c3ed0041e96384_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-cluster-operator-bundle@sha256:8ba1bc142f839128a93cb596e60cb7241eddbf159b90cc795889272020073dad_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:8ba1bc142f839128a93cb596e60cb7241eddbf159b90cc795889272020073dad_amd64"
},
"product_reference": "odf4/odr-cluster-operator-bundle@sha256:8ba1bc142f839128a93cb596e60cb7241eddbf159b90cc795889272020073dad_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-cluster-operator-bundle@sha256:eae3e0f32787993f73e1825e01db411608b8855922ee2a00acc70f377e872170_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:eae3e0f32787993f73e1825e01db411608b8855922ee2a00acc70f377e872170_s390x"
},
"product_reference": "odf4/odr-cluster-operator-bundle@sha256:eae3e0f32787993f73e1825e01db411608b8855922ee2a00acc70f377e872170_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-hub-operator-bundle@sha256:4f5dc03c98b9a6d6bdb84e0e041f8a189040033b379ef6e6615c5156505b9d10_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:4f5dc03c98b9a6d6bdb84e0e041f8a189040033b379ef6e6615c5156505b9d10_amd64"
},
"product_reference": "odf4/odr-hub-operator-bundle@sha256:4f5dc03c98b9a6d6bdb84e0e041f8a189040033b379ef6e6615c5156505b9d10_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-hub-operator-bundle@sha256:57844c5d07c49c33ba9071f0b90748771c8d62b73f0cc37ce44bdadae214ea0f_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:57844c5d07c49c33ba9071f0b90748771c8d62b73f0cc37ce44bdadae214ea0f_s390x"
},
"product_reference": "odf4/odr-hub-operator-bundle@sha256:57844c5d07c49c33ba9071f0b90748771c8d62b73f0cc37ce44bdadae214ea0f_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-hub-operator-bundle@sha256:7f9c1fa47739a7f397ba8d8524e023f8a66ab446c8b4f160726ebc7c6b589c16_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:7f9c1fa47739a7f397ba8d8524e023f8a66ab446c8b4f160726ebc7c6b589c16_ppc64le"
},
"product_reference": "odf4/odr-hub-operator-bundle@sha256:7f9c1fa47739a7f397ba8d8524e023f8a66ab446c8b4f160726ebc7c6b589c16_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-recipe-operator-bundle@sha256:0350bfbd7e4eaee91c043edbc2ea1d49aae2f0eba1dff6f3ae84c874a0aa1082_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0350bfbd7e4eaee91c043edbc2ea1d49aae2f0eba1dff6f3ae84c874a0aa1082_amd64"
},
"product_reference": "odf4/odr-recipe-operator-bundle@sha256:0350bfbd7e4eaee91c043edbc2ea1d49aae2f0eba1dff6f3ae84c874a0aa1082_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-recipe-operator-bundle@sha256:0c7e13348770572d3737eb8045933a8ce358966c1598e0a41b50631b6332a6f7_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0c7e13348770572d3737eb8045933a8ce358966c1598e0a41b50631b6332a6f7_ppc64le"
},
"product_reference": "odf4/odr-recipe-operator-bundle@sha256:0c7e13348770572d3737eb8045933a8ce358966c1598e0a41b50631b6332a6f7_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-recipe-operator-bundle@sha256:d0f85b64303b0f9e892520be07b2d5e211fa806602e4ba7e1fbaa9edfa488a36_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:d0f85b64303b0f9e892520be07b2d5e211fa806602e4ba7e1fbaa9edfa488a36_s390x"
},
"product_reference": "odf4/odr-recipe-operator-bundle@sha256:d0f85b64303b0f9e892520be07b2d5e211fa806602e4ba7e1fbaa9edfa488a36_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-rhel9-operator@sha256:58556e90e62d85b211d8410cfe94497073e405cfd5269979e73749ceafccda67_arm64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:58556e90e62d85b211d8410cfe94497073e405cfd5269979e73749ceafccda67_arm64"
},
"product_reference": "odf4/odr-rhel9-operator@sha256:58556e90e62d85b211d8410cfe94497073e405cfd5269979e73749ceafccda67_arm64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-rhel9-operator@sha256:a9ce6ff0ef32d029f026757522afe224774058252e36e978f27b12d9e2940585_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:a9ce6ff0ef32d029f026757522afe224774058252e36e978f27b12d9e2940585_amd64"
},
"product_reference": "odf4/odr-rhel9-operator@sha256:a9ce6ff0ef32d029f026757522afe224774058252e36e978f27b12d9e2940585_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-rhel9-operator@sha256:de563b32b7c20314a99e44a85e036884ad579b71f66e4beca89988fffe7f4ab6_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:de563b32b7c20314a99e44a85e036884ad579b71f66e4beca89988fffe7f4ab6_ppc64le"
},
"product_reference": "odf4/odr-rhel9-operator@sha256:de563b32b7c20314a99e44a85e036884ad579b71f66e4beca89988fffe7f4ab6_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-rhel9-operator@sha256:ded381a718b98ea7a4abb7e75db96e98b84b73eb7529359ece7fa61ea0ab8eab_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:ded381a718b98ea7a4abb7e75db96e98b84b73eb7529359ece7fa61ea0ab8eab_s390x"
},
"product_reference": "odf4/odr-rhel9-operator@sha256:ded381a718b98ea7a4abb7e75db96e98b84b73eb7529359ece7fa61ea0ab8eab_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/rook-ceph-operator-bundle@sha256:c66ffb2fa00181c983e4ff78bcad4ec5a4d766ed801ed323bdd7e5748d22fa97_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:c66ffb2fa00181c983e4ff78bcad4ec5a4d766ed801ed323bdd7e5748d22fa97_amd64"
},
"product_reference": "odf4/rook-ceph-operator-bundle@sha256:c66ffb2fa00181c983e4ff78bcad4ec5a4d766ed801ed323bdd7e5748d22fa97_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/rook-ceph-operator-bundle@sha256:df17a31226a5a883e07be468ac20fb153a334f5d8b2718c17d7cf448b28fbd47_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:df17a31226a5a883e07be468ac20fb153a334f5d8b2718c17d7cf448b28fbd47_s390x"
},
"product_reference": "odf4/rook-ceph-operator-bundle@sha256:df17a31226a5a883e07be468ac20fb153a334f5d8b2718c17d7cf448b28fbd47_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/rook-ceph-operator-bundle@sha256:e12ab810e2383f952b5317f0bfe16baa8736e9b1c6c26573352550c934b8e1f6_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:e12ab810e2383f952b5317f0bfe16baa8736e9b1c6c26573352550c934b8e1f6_ppc64le"
},
"product_reference": "odf4/rook-ceph-operator-bundle@sha256:e12ab810e2383f952b5317f0bfe16baa8736e9b1c6c26573352550c934b8e1f6_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/rook-ceph-rhel9-operator@sha256:8e758d1c053be265048bd7945975c07e63f5b430152f69a3726c9c2edd1e4488_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:8e758d1c053be265048bd7945975c07e63f5b430152f69a3726c9c2edd1e4488_amd64"
},
"product_reference": "odf4/rook-ceph-rhel9-operator@sha256:8e758d1c053be265048bd7945975c07e63f5b430152f69a3726c9c2edd1e4488_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/rook-ceph-rhel9-operator@sha256:914f27949481999de5aa5b9c5face266828cd501246243181da786a87afcbdee_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:914f27949481999de5aa5b9c5face266828cd501246243181da786a87afcbdee_s390x"
},
"product_reference": "odf4/rook-ceph-rhel9-operator@sha256:914f27949481999de5aa5b9c5face266828cd501246243181da786a87afcbdee_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/rook-ceph-rhel9-operator@sha256:aafa9bbd59727e6593c6522e1b6a53d35ff44bd80f4837ab22a3f40904249f7b_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:aafa9bbd59727e6593c6522e1b6a53d35ff44bd80f4837ab22a3f40904249f7b_ppc64le"
},
"product_reference": "odf4/rook-ceph-rhel9-operator@sha256:aafa9bbd59727e6593c6522e1b6a53d35ff44bd80f4837ab22a3f40904249f7b_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-45338",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2024-12-18T21:00:59.938173+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:3338eb8159127a7dead6006255ed0ae073a110a402ed498e2e8cc9493c0b4d8e_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:576f28c9638f00f39d664301d96462601d5d17a1e288d4b606c8d662bc440753_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:b3b09619c0ffdd27075c0127e0e17e0f358a67ea8820e27925747da71c1c30e5_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:21600fa74a0b9a12d469d1cdaddd804b4b73d6afdb9106eeb4f34596bb2d1258_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:266591c571adb2c8ef62b3e47988533d635ad9aa642781455524410f7c7221ea_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:59bf592b53efafdc5dbedf6b28ff037cfa4de042afd6b9e9271e6117b539f4a2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:b3229b38502b13863e43c46ededec4fd651a3530ff645afe2588176f0d1348f7_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:30f2376f37765eb5b3beb424018d217f65475a8fecad4dd525ba2970ec6332b5_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:5772eea82b20bacc81da0531239927bde720f338c19bb5430eee7527d7d7b191_s390x",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:6709b4595c2ca391378a8eff9d2b8d86475cf886c27d0ad12c5aa448203dd49f_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:e1afc357b3ca4c8ada9d42a2886097c64a5d4e498d4cc913762de8653608f0e0_arm64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:b399bbdde09923dd23bfc65d088894a79610e53d895c1de2d26e91850b2735f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:d49e1d8b7ddaf0f6168966635c46c6797683aa2ee695bd481c924e3c2a55141f_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ec4b600c35f4d299733f0fea636424f34c7a4538ade6d38f9fb53be048a9d261_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:0cf22d86b267794025ba19591a306c81e0fdb2cf3dca05b9dcea3ecdf34f261d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:846b4f6065937b93beba0900488f9692ad87bc8bc3419514d8565bb25760ff9e_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:96fb1b5997e08fb6c8531d8a1d1ccb1ddb640701ecab86c4a582672a2aafd8c2_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:4b27ec9797836d789c1cf94a7e88b50b61604611b08eeb6bb0d8e6981463aaa6_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:8fca3b0219de02595ada4a1ff022c5cd8a78a13f585fe59cf6cd34ef360b3a73_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:f76d5822501de4895c092e82ee8869edb48695d2583118296fb16fea62f5f120_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:5755f2253c923b09e64a1fb6482fc17b611913db3cc5adb895b8e1f1db8e3d85_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:83ff074d8c07017826fd332423ddd4d7893ddb64b0db6fc3e5994af11ec362d2_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:98b3861c54df97fa1a9df15f717c5b6608d41d6b2151ba80d57aabc245f1955a_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:f55c4b5b8232bf964ea94ceeea7fd6935025530582931d6b2751a28abc145eae_s390x",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:963317814b12fc9024857eabc03252fcd5219fc94daf9727c0d15543c61cc57e_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:bae59c8cababf340258b8b675d920de77fd7d5787b4b91277f653254cbee9861_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:eebd7024bb98308262f5e10c5b479a005af8b41aa0e1e52fd80421ce578ba862_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:2ea120791aa41e227e048c9acf90e393ebe3b5ee040b37a77410d1bb344b2e40_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:737b733433b50195a2b488325242311f300713ed785b4c152332a97af54b0966_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:f8d44006d6ba9cc03f369b55d65922d21062fdc886a0ec45e5c4066e249affe4_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:280214cb617f217e35da35b62a5ac94f2e3602bc6f91206699fd0211812b8fa8_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:425e79644175eb15f83982417dbc53b13883a217022d4a9a04ca17cff5cc6f73_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:af34f03adc5c18cb2a6fbc099239cbe962db9573902b45a7188d74369738ea87_amd64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:ba6ce5bc4a51ad0662b66a19b7baece2beff6a6a3a37a17fcee5d4c25191bd59_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:050e0f2d20690c2a10f61c367652289395bf44b8de0bf9b304fb538e8ddd5ba8_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:4778eb4267c9bc0de3b16460eca81fda4f14e258ff9e549040b00e4e89905a0a_arm64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:afa180b0de79509f795b19282536ad87751eec1cbae2f1a897e2bb5632b5a917_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:dc1e0173b629ff8695aa694845d53399143d90fef25aad72b24ab4185d8d7f95_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:a7b7c1091d641ceae8f03233ec51b2d4ea149792ff7850bc5a0bed6280b3d3de_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:eb9ba1f0ed9f26c423ee06de5001e49d6d331a085a8edf8a82318b816a8d38fc_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:ff2d2d94d954ccbfc051247d8ed2c060dfd395b421a5fcd1da31c2bd4dc29d8b_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:55cd05deff37a44ba1d07c4fb36fa4e4ec2b4e89c4eb98d5ff3e0172f21521b2_amd64",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:883fa40b1605c897a3d06822663ed8f14ea8fa078c114d99e41447857c7db919_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:c70eb5b401fb8cf7cbbbb41f183027be6ca97a806481067103557a5fcad1de14_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:16d9ce4c9806f06bae0b55c712d95d690a18ca9ae861b73e3690cac600967e98_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:3ebb8ef1441dcf1d1c0a65311f26575a05eefe599e5339324fad2009db060406_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:ec3a6e74ca2f0fbc8d7ed2344a2bb0c409a7a5adf0d7cf7388251f89174b7339_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:4b45c8e60604449f6c74150baacb3d11e50b3a10e1e7e5a2ae5568b94e8eddfe_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:933c9ca1ac5fa25d45bb519c44ab4830739f5822ad3136e4f8fbdf8484566423_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:cd948f94ceabaf729040a60ecf6603da00de782249c79691f6562cbb2b19d404_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:e9bea6672693d064ef865d4eaaacfcd5a8ef792ba2f3f36ae358995dcce281e5_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:1cad36a0edfa987179c44783a3354efd2f8ef7ed933119de2b16838679f84e94_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:9a50d51c19235bc004c592f53891aa7895f0d79692309ce21a681e48f5844480_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:a5d0c18c9af49ec036b10b3c5f74aee018e5104ce83bfdda42fac315ef492642_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:eb2797c3d0366304caaf99bbf37122f225ff589e69713a766409800eb735da4a_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:52369ab175c6776a642224675eb4f21fcadc233528aadf324e713d76526dc0e0_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:9e12f4588faf2bd93bc2b25815a318770d8fafbdddb5d2d43e71e4b75610cb94_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:ea469bde819cd85a738bc338508eb7c49bd3c5c1e913f5e99836a30432ae15f1_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:35a72ddb58c1cc102bc0fb93d11882e83aa391a3987029f3b07f0c89e6f6c016_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:4dc4e7ca38c7dce1404bc4ac833fed1c2901cb73a7bf8e2eaecc3af6a235746a_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:d81efbf15f4e5a7b9f828e4628099535a3d6e1f836520d79ba4759ae72d1a269_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:1ee982829bd22343ed58067526297979c1aefc1bb3e6d8a33d573241f754f68a_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:3c1f1037fa46c3a0846dfeefcbdbf5b468d7d3de4330e3e3afc0564ebf61de82_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:59b6aadac2ac4afdf697c3bfda9d220572fdf2ec2cff887f0350f0a589180141_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:bf70cf7ee50fe6d336160240abf24a7da99c4a4d9a731100c3bf39f85fb15c4f_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:4cab9c3030988130f02052704003ab0be7f279e5cc316512fce5094591700947_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:68f31b7965a66577d4484e58958a00c4f6f69c73c29ad1807d714eafc1c17a07_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7d30ac852d491738439e09b3480ea18f093abf9c3a2e4dc9e2f3adb64f308be7_arm64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:aed2fb7d743758677584df771751bad1d586eac50595bc96a8463dae7e7caed2_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:1206983cd08b8996ad169724bbf6e76ae7c493e31ecf089204a1b7730f4ba2ea_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:14516c830d0abad30598bbb0268e865057672dcc22e85cfa7f7b28d73e06dc54_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:8e7e16acc43e32a656750ce1e91cb9d1cbee827573bda726a31200d70fff3d5a_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:43671627156b45f44ad8a1416f1337f2971f51f08f9d9a52e95cb07c0ef2392e_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:b242be5f5d66e30089d038f5c236b5b1f8ae15925db9b108abd5d4651f5e981f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:fe3072cb4c35027b0077e373cbfe1e7f75072dc804dc56e7c4da7a327e039a6b_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:4ee94cf5ee9d4e7ac73ea85fda01f07b165ab0ce6b46468f47b7d824487f5071_arm64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:6e7bd199fdbc5a5cb522dcdaece770a3e193f95c4e98b61998348a0b1eb7eabf_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:d516efc653232a34a79b22cb04902ca2582c9782f137569efb3570e33b17aaf3_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:dfa4317f423206b5ba89d1f8d1e108b4163b818414cd4af47b3e689ae5c8e87c_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b9b58c6bf71a39c75901b09ffb9a31c21456b2dd310f2dd35c3ed0041e96384_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:8ba1bc142f839128a93cb596e60cb7241eddbf159b90cc795889272020073dad_amd64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:eae3e0f32787993f73e1825e01db411608b8855922ee2a00acc70f377e872170_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:4f5dc03c98b9a6d6bdb84e0e041f8a189040033b379ef6e6615c5156505b9d10_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:57844c5d07c49c33ba9071f0b90748771c8d62b73f0cc37ce44bdadae214ea0f_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:7f9c1fa47739a7f397ba8d8524e023f8a66ab446c8b4f160726ebc7c6b589c16_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0350bfbd7e4eaee91c043edbc2ea1d49aae2f0eba1dff6f3ae84c874a0aa1082_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0c7e13348770572d3737eb8045933a8ce358966c1598e0a41b50631b6332a6f7_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:d0f85b64303b0f9e892520be07b2d5e211fa806602e4ba7e1fbaa9edfa488a36_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:58556e90e62d85b211d8410cfe94497073e405cfd5269979e73749ceafccda67_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:a9ce6ff0ef32d029f026757522afe224774058252e36e978f27b12d9e2940585_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:de563b32b7c20314a99e44a85e036884ad579b71f66e4beca89988fffe7f4ab6_ppc64le",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:ded381a718b98ea7a4abb7e75db96e98b84b73eb7529359ece7fa61ea0ab8eab_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:c66ffb2fa00181c983e4ff78bcad4ec5a4d766ed801ed323bdd7e5748d22fa97_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:df17a31226a5a883e07be468ac20fb153a334f5d8b2718c17d7cf448b28fbd47_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:e12ab810e2383f952b5317f0bfe16baa8736e9b1c6c26573352550c934b8e1f6_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:8e758d1c053be265048bd7945975c07e63f5b430152f69a3726c9c2edd1e4488_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:914f27949481999de5aa5b9c5face266828cd501246243181da786a87afcbdee_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:aafa9bbd59727e6593c6522e1b6a53d35ff44bd80f4837ab22a3f40904249f7b_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2333122"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/net/html. This flaw allows an attacker to craft input to the parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This issue can cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as an Important severity because an attacker can craft malicious input that causes the parsing functions to process data non-linearly, resulting in significant delays which leads to a denial of service by exhausting system resources.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:693657a7827d74ae8c0d270b269dede3c5f91e4b6b7521b6ec4e26b841ecda25_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:9e303d40097486dc50d743323ba6a8de7e3e2e5a8d8bc607728fed47220530a4_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:ad7b98f476a6fd8d89fcada9f368170aff1d211632af78be7daa63400435a913_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:158e10c527c54e5372752a3fdf97ba0362af04996e5b24b538d295bd1efbbd2f_s390x",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:a8037be2de7db50028ce66df96573d6d5347a68c4211656d82e50a3344343aab_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:a9fb83224900a2f71d8968ff1304448fc35008c4d1ba480e142f61fad9eafb17_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:b66b767663b821dbff9cb43a4099482556b8d5cbc66d5c2959697c9b3caf0034_ppc64le"
],
"known_not_affected": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:3338eb8159127a7dead6006255ed0ae073a110a402ed498e2e8cc9493c0b4d8e_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:576f28c9638f00f39d664301d96462601d5d17a1e288d4b606c8d662bc440753_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:b3b09619c0ffdd27075c0127e0e17e0f358a67ea8820e27925747da71c1c30e5_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:21600fa74a0b9a12d469d1cdaddd804b4b73d6afdb9106eeb4f34596bb2d1258_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:266591c571adb2c8ef62b3e47988533d635ad9aa642781455524410f7c7221ea_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:59bf592b53efafdc5dbedf6b28ff037cfa4de042afd6b9e9271e6117b539f4a2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:b3229b38502b13863e43c46ededec4fd651a3530ff645afe2588176f0d1348f7_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:30f2376f37765eb5b3beb424018d217f65475a8fecad4dd525ba2970ec6332b5_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:5772eea82b20bacc81da0531239927bde720f338c19bb5430eee7527d7d7b191_s390x",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:6709b4595c2ca391378a8eff9d2b8d86475cf886c27d0ad12c5aa448203dd49f_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:e1afc357b3ca4c8ada9d42a2886097c64a5d4e498d4cc913762de8653608f0e0_arm64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:b399bbdde09923dd23bfc65d088894a79610e53d895c1de2d26e91850b2735f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:d49e1d8b7ddaf0f6168966635c46c6797683aa2ee695bd481c924e3c2a55141f_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ec4b600c35f4d299733f0fea636424f34c7a4538ade6d38f9fb53be048a9d261_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:0cf22d86b267794025ba19591a306c81e0fdb2cf3dca05b9dcea3ecdf34f261d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:846b4f6065937b93beba0900488f9692ad87bc8bc3419514d8565bb25760ff9e_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:96fb1b5997e08fb6c8531d8a1d1ccb1ddb640701ecab86c4a582672a2aafd8c2_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:4b27ec9797836d789c1cf94a7e88b50b61604611b08eeb6bb0d8e6981463aaa6_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:8fca3b0219de02595ada4a1ff022c5cd8a78a13f585fe59cf6cd34ef360b3a73_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:f76d5822501de4895c092e82ee8869edb48695d2583118296fb16fea62f5f120_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:5755f2253c923b09e64a1fb6482fc17b611913db3cc5adb895b8e1f1db8e3d85_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:83ff074d8c07017826fd332423ddd4d7893ddb64b0db6fc3e5994af11ec362d2_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:98b3861c54df97fa1a9df15f717c5b6608d41d6b2151ba80d57aabc245f1955a_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:f55c4b5b8232bf964ea94ceeea7fd6935025530582931d6b2751a28abc145eae_s390x",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:963317814b12fc9024857eabc03252fcd5219fc94daf9727c0d15543c61cc57e_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:bae59c8cababf340258b8b675d920de77fd7d5787b4b91277f653254cbee9861_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:eebd7024bb98308262f5e10c5b479a005af8b41aa0e1e52fd80421ce578ba862_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:2ea120791aa41e227e048c9acf90e393ebe3b5ee040b37a77410d1bb344b2e40_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:737b733433b50195a2b488325242311f300713ed785b4c152332a97af54b0966_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:f8d44006d6ba9cc03f369b55d65922d21062fdc886a0ec45e5c4066e249affe4_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:280214cb617f217e35da35b62a5ac94f2e3602bc6f91206699fd0211812b8fa8_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:425e79644175eb15f83982417dbc53b13883a217022d4a9a04ca17cff5cc6f73_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:af34f03adc5c18cb2a6fbc099239cbe962db9573902b45a7188d74369738ea87_amd64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:ba6ce5bc4a51ad0662b66a19b7baece2beff6a6a3a37a17fcee5d4c25191bd59_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:050e0f2d20690c2a10f61c367652289395bf44b8de0bf9b304fb538e8ddd5ba8_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:4778eb4267c9bc0de3b16460eca81fda4f14e258ff9e549040b00e4e89905a0a_arm64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:afa180b0de79509f795b19282536ad87751eec1cbae2f1a897e2bb5632b5a917_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:dc1e0173b629ff8695aa694845d53399143d90fef25aad72b24ab4185d8d7f95_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:a7b7c1091d641ceae8f03233ec51b2d4ea149792ff7850bc5a0bed6280b3d3de_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:eb9ba1f0ed9f26c423ee06de5001e49d6d331a085a8edf8a82318b816a8d38fc_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:ff2d2d94d954ccbfc051247d8ed2c060dfd395b421a5fcd1da31c2bd4dc29d8b_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:55cd05deff37a44ba1d07c4fb36fa4e4ec2b4e89c4eb98d5ff3e0172f21521b2_amd64",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:883fa40b1605c897a3d06822663ed8f14ea8fa078c114d99e41447857c7db919_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:c70eb5b401fb8cf7cbbbb41f183027be6ca97a806481067103557a5fcad1de14_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:16d9ce4c9806f06bae0b55c712d95d690a18ca9ae861b73e3690cac600967e98_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:3ebb8ef1441dcf1d1c0a65311f26575a05eefe599e5339324fad2009db060406_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:ec3a6e74ca2f0fbc8d7ed2344a2bb0c409a7a5adf0d7cf7388251f89174b7339_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:4b45c8e60604449f6c74150baacb3d11e50b3a10e1e7e5a2ae5568b94e8eddfe_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:933c9ca1ac5fa25d45bb519c44ab4830739f5822ad3136e4f8fbdf8484566423_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:cd948f94ceabaf729040a60ecf6603da00de782249c79691f6562cbb2b19d404_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:e9bea6672693d064ef865d4eaaacfcd5a8ef792ba2f3f36ae358995dcce281e5_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:1cad36a0edfa987179c44783a3354efd2f8ef7ed933119de2b16838679f84e94_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:9a50d51c19235bc004c592f53891aa7895f0d79692309ce21a681e48f5844480_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:a5d0c18c9af49ec036b10b3c5f74aee018e5104ce83bfdda42fac315ef492642_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:eb2797c3d0366304caaf99bbf37122f225ff589e69713a766409800eb735da4a_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:52369ab175c6776a642224675eb4f21fcadc233528aadf324e713d76526dc0e0_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:9e12f4588faf2bd93bc2b25815a318770d8fafbdddb5d2d43e71e4b75610cb94_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:ea469bde819cd85a738bc338508eb7c49bd3c5c1e913f5e99836a30432ae15f1_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:35a72ddb58c1cc102bc0fb93d11882e83aa391a3987029f3b07f0c89e6f6c016_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:4dc4e7ca38c7dce1404bc4ac833fed1c2901cb73a7bf8e2eaecc3af6a235746a_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:d81efbf15f4e5a7b9f828e4628099535a3d6e1f836520d79ba4759ae72d1a269_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:1ee982829bd22343ed58067526297979c1aefc1bb3e6d8a33d573241f754f68a_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:3c1f1037fa46c3a0846dfeefcbdbf5b468d7d3de4330e3e3afc0564ebf61de82_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:59b6aadac2ac4afdf697c3bfda9d220572fdf2ec2cff887f0350f0a589180141_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:bf70cf7ee50fe6d336160240abf24a7da99c4a4d9a731100c3bf39f85fb15c4f_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:4cab9c3030988130f02052704003ab0be7f279e5cc316512fce5094591700947_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:68f31b7965a66577d4484e58958a00c4f6f69c73c29ad1807d714eafc1c17a07_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7d30ac852d491738439e09b3480ea18f093abf9c3a2e4dc9e2f3adb64f308be7_arm64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:aed2fb7d743758677584df771751bad1d586eac50595bc96a8463dae7e7caed2_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:1206983cd08b8996ad169724bbf6e76ae7c493e31ecf089204a1b7730f4ba2ea_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:14516c830d0abad30598bbb0268e865057672dcc22e85cfa7f7b28d73e06dc54_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:8e7e16acc43e32a656750ce1e91cb9d1cbee827573bda726a31200d70fff3d5a_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:43671627156b45f44ad8a1416f1337f2971f51f08f9d9a52e95cb07c0ef2392e_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:b242be5f5d66e30089d038f5c236b5b1f8ae15925db9b108abd5d4651f5e981f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:fe3072cb4c35027b0077e373cbfe1e7f75072dc804dc56e7c4da7a327e039a6b_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:4ee94cf5ee9d4e7ac73ea85fda01f07b165ab0ce6b46468f47b7d824487f5071_arm64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:6e7bd199fdbc5a5cb522dcdaece770a3e193f95c4e98b61998348a0b1eb7eabf_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:d516efc653232a34a79b22cb04902ca2582c9782f137569efb3570e33b17aaf3_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:dfa4317f423206b5ba89d1f8d1e108b4163b818414cd4af47b3e689ae5c8e87c_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b9b58c6bf71a39c75901b09ffb9a31c21456b2dd310f2dd35c3ed0041e96384_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:8ba1bc142f839128a93cb596e60cb7241eddbf159b90cc795889272020073dad_amd64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:eae3e0f32787993f73e1825e01db411608b8855922ee2a00acc70f377e872170_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:4f5dc03c98b9a6d6bdb84e0e041f8a189040033b379ef6e6615c5156505b9d10_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:57844c5d07c49c33ba9071f0b90748771c8d62b73f0cc37ce44bdadae214ea0f_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:7f9c1fa47739a7f397ba8d8524e023f8a66ab446c8b4f160726ebc7c6b589c16_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0350bfbd7e4eaee91c043edbc2ea1d49aae2f0eba1dff6f3ae84c874a0aa1082_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0c7e13348770572d3737eb8045933a8ce358966c1598e0a41b50631b6332a6f7_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:d0f85b64303b0f9e892520be07b2d5e211fa806602e4ba7e1fbaa9edfa488a36_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:58556e90e62d85b211d8410cfe94497073e405cfd5269979e73749ceafccda67_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:a9ce6ff0ef32d029f026757522afe224774058252e36e978f27b12d9e2940585_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:de563b32b7c20314a99e44a85e036884ad579b71f66e4beca89988fffe7f4ab6_ppc64le",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:ded381a718b98ea7a4abb7e75db96e98b84b73eb7529359ece7fa61ea0ab8eab_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:c66ffb2fa00181c983e4ff78bcad4ec5a4d766ed801ed323bdd7e5748d22fa97_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:df17a31226a5a883e07be468ac20fb153a334f5d8b2718c17d7cf448b28fbd47_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:e12ab810e2383f952b5317f0bfe16baa8736e9b1c6c26573352550c934b8e1f6_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:8e758d1c053be265048bd7945975c07e63f5b430152f69a3726c9c2edd1e4488_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:914f27949481999de5aa5b9c5face266828cd501246243181da786a87afcbdee_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:aafa9bbd59727e6593c6522e1b6a53d35ff44bd80f4837ab22a3f40904249f7b_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45338"
},
{
"category": "external",
"summary": "RHBZ#2333122",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2333122"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45338",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45338"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45338",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45338"
},
{
"category": "external",
"summary": "https://go.dev/cl/637536",
"url": "https://go.dev/cl/637536"
},
{
"category": "external",
"summary": "https://go.dev/issue/70906",
"url": "https://go.dev/issue/70906"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/wSCRmFnNmPA/m/Lvcd0mRMAwAJ",
"url": "https://groups.google.com/g/golang-announce/c/wSCRmFnNmPA/m/Lvcd0mRMAwAJ"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3333",
"url": "https://pkg.go.dev/vuln/GO-2024-3333"
}
],
"release_date": "2024-12-18T20:38:22.660000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-04-01T19:42:34+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:693657a7827d74ae8c0d270b269dede3c5f91e4b6b7521b6ec4e26b841ecda25_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:9e303d40097486dc50d743323ba6a8de7e3e2e5a8d8bc607728fed47220530a4_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:ad7b98f476a6fd8d89fcada9f368170aff1d211632af78be7daa63400435a913_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:158e10c527c54e5372752a3fdf97ba0362af04996e5b24b538d295bd1efbbd2f_s390x",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:a8037be2de7db50028ce66df96573d6d5347a68c4211656d82e50a3344343aab_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:a9fb83224900a2f71d8968ff1304448fc35008c4d1ba480e142f61fad9eafb17_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:b66b767663b821dbff9cb43a4099482556b8d5cbc66d5c2959697c9b3caf0034_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:3500"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:3338eb8159127a7dead6006255ed0ae073a110a402ed498e2e8cc9493c0b4d8e_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:576f28c9638f00f39d664301d96462601d5d17a1e288d4b606c8d662bc440753_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:b3b09619c0ffdd27075c0127e0e17e0f358a67ea8820e27925747da71c1c30e5_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:21600fa74a0b9a12d469d1cdaddd804b4b73d6afdb9106eeb4f34596bb2d1258_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:266591c571adb2c8ef62b3e47988533d635ad9aa642781455524410f7c7221ea_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:59bf592b53efafdc5dbedf6b28ff037cfa4de042afd6b9e9271e6117b539f4a2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:b3229b38502b13863e43c46ededec4fd651a3530ff645afe2588176f0d1348f7_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:693657a7827d74ae8c0d270b269dede3c5f91e4b6b7521b6ec4e26b841ecda25_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:9e303d40097486dc50d743323ba6a8de7e3e2e5a8d8bc607728fed47220530a4_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:ad7b98f476a6fd8d89fcada9f368170aff1d211632af78be7daa63400435a913_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:30f2376f37765eb5b3beb424018d217f65475a8fecad4dd525ba2970ec6332b5_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:5772eea82b20bacc81da0531239927bde720f338c19bb5430eee7527d7d7b191_s390x",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:6709b4595c2ca391378a8eff9d2b8d86475cf886c27d0ad12c5aa448203dd49f_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:e1afc357b3ca4c8ada9d42a2886097c64a5d4e498d4cc913762de8653608f0e0_arm64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:b399bbdde09923dd23bfc65d088894a79610e53d895c1de2d26e91850b2735f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:d49e1d8b7ddaf0f6168966635c46c6797683aa2ee695bd481c924e3c2a55141f_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ec4b600c35f4d299733f0fea636424f34c7a4538ade6d38f9fb53be048a9d261_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:158e10c527c54e5372752a3fdf97ba0362af04996e5b24b538d295bd1efbbd2f_s390x",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:a8037be2de7db50028ce66df96573d6d5347a68c4211656d82e50a3344343aab_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:a9fb83224900a2f71d8968ff1304448fc35008c4d1ba480e142f61fad9eafb17_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:b66b767663b821dbff9cb43a4099482556b8d5cbc66d5c2959697c9b3caf0034_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:0cf22d86b267794025ba19591a306c81e0fdb2cf3dca05b9dcea3ecdf34f261d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:846b4f6065937b93beba0900488f9692ad87bc8bc3419514d8565bb25760ff9e_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:96fb1b5997e08fb6c8531d8a1d1ccb1ddb640701ecab86c4a582672a2aafd8c2_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:4b27ec9797836d789c1cf94a7e88b50b61604611b08eeb6bb0d8e6981463aaa6_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:8fca3b0219de02595ada4a1ff022c5cd8a78a13f585fe59cf6cd34ef360b3a73_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:f76d5822501de4895c092e82ee8869edb48695d2583118296fb16fea62f5f120_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:5755f2253c923b09e64a1fb6482fc17b611913db3cc5adb895b8e1f1db8e3d85_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:83ff074d8c07017826fd332423ddd4d7893ddb64b0db6fc3e5994af11ec362d2_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:98b3861c54df97fa1a9df15f717c5b6608d41d6b2151ba80d57aabc245f1955a_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:f55c4b5b8232bf964ea94ceeea7fd6935025530582931d6b2751a28abc145eae_s390x",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:963317814b12fc9024857eabc03252fcd5219fc94daf9727c0d15543c61cc57e_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:bae59c8cababf340258b8b675d920de77fd7d5787b4b91277f653254cbee9861_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:eebd7024bb98308262f5e10c5b479a005af8b41aa0e1e52fd80421ce578ba862_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:2ea120791aa41e227e048c9acf90e393ebe3b5ee040b37a77410d1bb344b2e40_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:737b733433b50195a2b488325242311f300713ed785b4c152332a97af54b0966_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:f8d44006d6ba9cc03f369b55d65922d21062fdc886a0ec45e5c4066e249affe4_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:280214cb617f217e35da35b62a5ac94f2e3602bc6f91206699fd0211812b8fa8_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:425e79644175eb15f83982417dbc53b13883a217022d4a9a04ca17cff5cc6f73_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:af34f03adc5c18cb2a6fbc099239cbe962db9573902b45a7188d74369738ea87_amd64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:ba6ce5bc4a51ad0662b66a19b7baece2beff6a6a3a37a17fcee5d4c25191bd59_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:050e0f2d20690c2a10f61c367652289395bf44b8de0bf9b304fb538e8ddd5ba8_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:4778eb4267c9bc0de3b16460eca81fda4f14e258ff9e549040b00e4e89905a0a_arm64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:afa180b0de79509f795b19282536ad87751eec1cbae2f1a897e2bb5632b5a917_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:dc1e0173b629ff8695aa694845d53399143d90fef25aad72b24ab4185d8d7f95_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:a7b7c1091d641ceae8f03233ec51b2d4ea149792ff7850bc5a0bed6280b3d3de_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:eb9ba1f0ed9f26c423ee06de5001e49d6d331a085a8edf8a82318b816a8d38fc_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:ff2d2d94d954ccbfc051247d8ed2c060dfd395b421a5fcd1da31c2bd4dc29d8b_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:55cd05deff37a44ba1d07c4fb36fa4e4ec2b4e89c4eb98d5ff3e0172f21521b2_amd64",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:883fa40b1605c897a3d06822663ed8f14ea8fa078c114d99e41447857c7db919_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:c70eb5b401fb8cf7cbbbb41f183027be6ca97a806481067103557a5fcad1de14_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:16d9ce4c9806f06bae0b55c712d95d690a18ca9ae861b73e3690cac600967e98_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:3ebb8ef1441dcf1d1c0a65311f26575a05eefe599e5339324fad2009db060406_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:ec3a6e74ca2f0fbc8d7ed2344a2bb0c409a7a5adf0d7cf7388251f89174b7339_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:4b45c8e60604449f6c74150baacb3d11e50b3a10e1e7e5a2ae5568b94e8eddfe_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:933c9ca1ac5fa25d45bb519c44ab4830739f5822ad3136e4f8fbdf8484566423_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:cd948f94ceabaf729040a60ecf6603da00de782249c79691f6562cbb2b19d404_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:e9bea6672693d064ef865d4eaaacfcd5a8ef792ba2f3f36ae358995dcce281e5_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:1cad36a0edfa987179c44783a3354efd2f8ef7ed933119de2b16838679f84e94_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:9a50d51c19235bc004c592f53891aa7895f0d79692309ce21a681e48f5844480_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:a5d0c18c9af49ec036b10b3c5f74aee018e5104ce83bfdda42fac315ef492642_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:eb2797c3d0366304caaf99bbf37122f225ff589e69713a766409800eb735da4a_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:52369ab175c6776a642224675eb4f21fcadc233528aadf324e713d76526dc0e0_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:9e12f4588faf2bd93bc2b25815a318770d8fafbdddb5d2d43e71e4b75610cb94_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:ea469bde819cd85a738bc338508eb7c49bd3c5c1e913f5e99836a30432ae15f1_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:35a72ddb58c1cc102bc0fb93d11882e83aa391a3987029f3b07f0c89e6f6c016_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:4dc4e7ca38c7dce1404bc4ac833fed1c2901cb73a7bf8e2eaecc3af6a235746a_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:d81efbf15f4e5a7b9f828e4628099535a3d6e1f836520d79ba4759ae72d1a269_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:1ee982829bd22343ed58067526297979c1aefc1bb3e6d8a33d573241f754f68a_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:3c1f1037fa46c3a0846dfeefcbdbf5b468d7d3de4330e3e3afc0564ebf61de82_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:59b6aadac2ac4afdf697c3bfda9d220572fdf2ec2cff887f0350f0a589180141_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:bf70cf7ee50fe6d336160240abf24a7da99c4a4d9a731100c3bf39f85fb15c4f_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:4cab9c3030988130f02052704003ab0be7f279e5cc316512fce5094591700947_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:68f31b7965a66577d4484e58958a00c4f6f69c73c29ad1807d714eafc1c17a07_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7d30ac852d491738439e09b3480ea18f093abf9c3a2e4dc9e2f3adb64f308be7_arm64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:aed2fb7d743758677584df771751bad1d586eac50595bc96a8463dae7e7caed2_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:1206983cd08b8996ad169724bbf6e76ae7c493e31ecf089204a1b7730f4ba2ea_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:14516c830d0abad30598bbb0268e865057672dcc22e85cfa7f7b28d73e06dc54_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:8e7e16acc43e32a656750ce1e91cb9d1cbee827573bda726a31200d70fff3d5a_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:43671627156b45f44ad8a1416f1337f2971f51f08f9d9a52e95cb07c0ef2392e_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:b242be5f5d66e30089d038f5c236b5b1f8ae15925db9b108abd5d4651f5e981f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:fe3072cb4c35027b0077e373cbfe1e7f75072dc804dc56e7c4da7a327e039a6b_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:4ee94cf5ee9d4e7ac73ea85fda01f07b165ab0ce6b46468f47b7d824487f5071_arm64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:6e7bd199fdbc5a5cb522dcdaece770a3e193f95c4e98b61998348a0b1eb7eabf_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:d516efc653232a34a79b22cb04902ca2582c9782f137569efb3570e33b17aaf3_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:dfa4317f423206b5ba89d1f8d1e108b4163b818414cd4af47b3e689ae5c8e87c_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b9b58c6bf71a39c75901b09ffb9a31c21456b2dd310f2dd35c3ed0041e96384_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:8ba1bc142f839128a93cb596e60cb7241eddbf159b90cc795889272020073dad_amd64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:eae3e0f32787993f73e1825e01db411608b8855922ee2a00acc70f377e872170_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:4f5dc03c98b9a6d6bdb84e0e041f8a189040033b379ef6e6615c5156505b9d10_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:57844c5d07c49c33ba9071f0b90748771c8d62b73f0cc37ce44bdadae214ea0f_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:7f9c1fa47739a7f397ba8d8524e023f8a66ab446c8b4f160726ebc7c6b589c16_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0350bfbd7e4eaee91c043edbc2ea1d49aae2f0eba1dff6f3ae84c874a0aa1082_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0c7e13348770572d3737eb8045933a8ce358966c1598e0a41b50631b6332a6f7_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:d0f85b64303b0f9e892520be07b2d5e211fa806602e4ba7e1fbaa9edfa488a36_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:58556e90e62d85b211d8410cfe94497073e405cfd5269979e73749ceafccda67_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:a9ce6ff0ef32d029f026757522afe224774058252e36e978f27b12d9e2940585_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:de563b32b7c20314a99e44a85e036884ad579b71f66e4beca89988fffe7f4ab6_ppc64le",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:ded381a718b98ea7a4abb7e75db96e98b84b73eb7529359ece7fa61ea0ab8eab_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:c66ffb2fa00181c983e4ff78bcad4ec5a4d766ed801ed323bdd7e5748d22fa97_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:df17a31226a5a883e07be468ac20fb153a334f5d8b2718c17d7cf448b28fbd47_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:e12ab810e2383f952b5317f0bfe16baa8736e9b1c6c26573352550c934b8e1f6_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:8e758d1c053be265048bd7945975c07e63f5b430152f69a3726c9c2edd1e4488_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:914f27949481999de5aa5b9c5face266828cd501246243181da786a87afcbdee_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:aafa9bbd59727e6593c6522e1b6a53d35ff44bd80f4837ab22a3f40904249f7b_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html"
}
]
}
RHSA-2025:3502
Vulnerability from csaf_redhat - Published: 2025-04-01 21:25 - Updated: 2026-06-02 21:46Summary
Red Hat Security Advisory: RHODF-4.16-RHEL-9 security update
Severity
Important
Notes
Topic: Updated images are now available for RHODF-4.16-RHEL-9.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Data Foundation. Red Hat OpenShift DataFoundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform. In addition to persistent storage, Red Hat OpenShift Data Foundation provisions a multi-cloud data management service with an S3 compatible API.
Security Fix(es):
* golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html (CVE-2024-45338)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in golang.org/x/net/html. This flaw allows an attacker to craft input to the parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This issue can cause a denial of service.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0b7a3d603a5275d83492747cfa071cb626001938b174847619cf343b1fcd81b3_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:2960acdb44de44e4bc26f222f16c9fef9dca561ab90b3c088da822dcfbda0a7c_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:a815540a133b0864ba427bf5f5a8153dd3e316bb39bbbbf464511fc0732782fd_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:f7c64b8539be7e027bac1547ece04653976d5bea6ead519b2ed6499de7180dbe_ppc64le | — |
Vendor Fix
fix
|
Known not affected
94 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:1cf35f815de351a2c37340f850101d5b108fea0c4e5619a98080840ef3552e0e_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:4a1de6a1af1b47680caa36a69c6a8b438d01a0810f4df1d9dbb8fc82f8e06284_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:f9a4390a3de6eb274c185a1cc3382b6c10a29b16d39de6f59df316b2d7a85ad4_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:068a72256237bdd0a579b3aa76fc4bf37930b1f048ae6c3eb72f44c2f4599ee4_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:10fedd0456d7f81015f93e597932cb19b3576a5bffd95de325f160c44f78cfca_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:698896a47d4fd9f1bddf8fb1fb22b99f6eaec3c9591815e25e120e7df1844ae6_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b0f34ed1b4c0f9a4176fd959d929c3755508ce881e431c2c2069428847ed76e7_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:a8c32134d2cb1a5db655586f65bd1fac568b010bc1f7697069b83e7c245f29af_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:b2b86eea9f1808e65ee3bfb0daad68e470bbe9d2525adcaff08d4fde8e52b4f0_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:d7f607b353806840c3a2fb9fb02e5a96cd83e6747f67deb73ed0875df76828e0_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:409becedde385970154269f5dc84ac7961e219a1956930a14aa68183fb80fb49_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:52c70b591ad9bcaca488d0338b82c11fbccd63762f5fad40119d4e8419ded145_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:a06f898fe1be5935accc20fd1ee6a1e29f2350297e36ef7392392a359d4f7c47_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:3a07afbc05696f593190e75aabe6f32416d03574df873367458a62676409caf8_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:7b86fe3d3ac9ef7df8a851c7c1f24eb8212f4c8640bfbe1dbf25ca13e8754cb3_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:e677334c3782188f6aafb252308c9a1c8db6101b0bba4b79f3662b9c3804350a_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:4f0fb6d02abae76a35f386dab1b2250bfe632a3c7a36a68688407d205b886ea2_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:6d1dc63e8040cbd6e82514ded593540a16f4dde956b04d88649551a4333e7616_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:ac83a0734f93025f3ab42ee520e0445240d043a4775664c6d44a87c7fac71d68_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:cea3919db348953e14f270af58a711c7073ad65ad4fbc375d80117fbabf936da_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:1b602bb5459440906a466e9687301dc3c1233264de86498c94f26581060f9033_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:a0f521d4f1ac22e066a109ae38ae11e248195f9520c3730e5053b27da5e7eafd_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:bb2f890d57d4341eff0476325eadce481f38dd0bccb8f5f9974f61220bbce44f_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8682c22f78b4e5b7d7a9ece542f02ec7d6172ccfcd85e82dfcbeb9c81fe7a6dd_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:d648a6305dab917bc9094481a84bd0521bd48cac367670b6a723c6d59e9ec4d8_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:fcc77519a4cc442b1bd61e5606efb35a4afc4fe6dc93e8093c2f306b3b5faacd_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:087bffeeca3ed6f80ae7674c5a147b27a2f1feba965acbb27379c438c9686f91_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:18ede0783538a2037a6b090c3e9c7ebeed3361f6594f865303e51677cf228e90_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:9df0962604f30ad2dd9861675ed4018ec4e1847d645a5f395a9755bfc3dcf74c_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:c09589e1e0deb7e952806d235c1037f5c6e90d5eb037c9b7585f2dfbe2d53968_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:10aa2a02209ef8f37238f873edde98369e15e738b2a7b80099be4b2b8647edbc_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:78f071161808fcf3a228a8fe8bd2c8de1beb49a3963ef5efc589e45cff1a02a6_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:85ea82a8bcbbb0e39e5b8b5535f2468d3d61ab1507548acf9ba2a89777382483_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:bb1aec4a92322116499401febc6982178deee5e989fd68a9635d9b31f7dd8db2_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:74b5fae3ab9b1cb951f533e9717e8dddf74cc20dbdbffa7753498fd851429392_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:8eed4974c6b9dedd5cb4f7ff1027908ad4ab8274dafffa00f12eb9c63a15d288_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:c766a6b85cd3bef81bc6f626589b569695d1742c1f961c4175a742de8dfc9712_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:0f13b14109bbebcb40bdcd8f0fdfd7f61a25ea7f39af746644b0861c7ff49626_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:afe5fffaa37933af2ac55390ed46d37a277bdfafb63f504645b9d29bd23b6e30_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:d5b01a44782ed114af0d96a357faa2ce00950194f8a6c63a37081bb3bfa8550e_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:d0a94174a1cdec08532959658b4dfe0e9adafb83314f69d4902c0b93e6ad4798_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:d2bff2e8f293034a8a7d80a063d35d5ba3fdc279b0d03440c1d2a47ff2606adf_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:fa43d6f2db3e6da5f5ae82a14b8631fdefee1ece7e8c714ca78d467b79f3b4a0_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:088c5f7549320be94fcfe1d759a6c0b12b82b0eb2c7ad7ea8a65533db3c701d2_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:27c832da54d32ada85fff3fb7d04d733143a1df7cb2e419b355191c1d91d1540_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:9a83557ae92af7bf8ca4c687aee1ba82311acf55c98b17fc44dff6e8206f4c7e_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:d2ae76ccd354cc34c46be21f3ba074fcfa1ebbdf7b32f4c61c4f45e55c23f270_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:13700b4ed1c50daa091652fd7b74779c06249ac21b9a741574bb5069b000f16b_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:65d1d96f56293f276c8574363d872c8c89686e3a61ee577cb4393165e9bbac0f_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:71a8e62888c5d7522d44045b373595ec4188c7946d60f1e2c8eb0f0e93954a03_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:fb501c55629dc8f44267c6813a84d111cb3c98bf5185a04fddd41c4f47f05621_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:28075f58315b04c3aa4c9f4a23689c76f4645837ef6eae79cc3633f389610407_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:31dc2d31b429e63fe599141392370e529b597e41e3b6bd9da387eba8971cedeb_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:f65ebe3bc2af885f04ac47d94d676a4bd95fb6534a24a9d436c215dbe40c41ad_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:137909bdc89b6e2b6bc672333ab53ff56ebc0695311c5df09266f793bf4e81aa_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:42f94d2ec5d022c829bec6b88624b27ec21c444fe5c19396ce248dbb0582cd82_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:951633082e542b42ec641cd9866518da79cfddafa069ef189281e2d580728c5d_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:20322293ce1012ddae0f395d5604e38a815e5da109bd11ac11e635c1773b1522_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:3527b74ae473b71b54fc4dcf53d247688ba11cc8656d7e96200b120bb2087f56_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:8ec79d06669ee36eae6d6c2ed3ef835934ca6b5d6d27fc1ba524e17c5a2df2e3_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:e83d5ec4974bedfb763845ea371c74f050cb38ba8bd8a9c7416dae502a7af87e_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:2d0383fe62f6636118612bcb987ce484a4131656b27a31bcc1ee6299ff51a813_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:53913fa206b297eb4e93d54efd6e0c3935a6b700f6c34cd9995d5483a855c854_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:c2b68542390a7e4336da0147eb19dfc1b5104a4be9fdfbce0f383d2e3c6012ab_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:ea8f5dd86da91bd16a2b79a011dcbdc975383fdc736a19867d42e6318c691552_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:af735766b79a34a3bde546255f3a54b08b4ffc2c5a45e071cd887bf40a9f51b4_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d900dff1d730a61b9f1eb78f4902bd233113216973874cd0c77e2d27b249dadb_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e58f88c021243d4616127c177bd9c0aeabca99e8e57e0648311d3fde0c192dcb_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a1d9cc4aff1553cdd490cdbbf49d927edf9320dfabc8327571805c04c87f1120_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:c8c04af9ba9c10d8c32ac3c7004ba0c4ccf0c14ac683a1a685e97669ee387cca_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:f30254e9df41cf4049cc7b35610abd0a716a13f41a1c4523fc1e7bf2211085b0_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:1973a2cc13ee9a32f8fa426511c69804821cd92a3f778ede9dc1dad3070132db_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6850637e14d8acc7f88cd2b2c936b52ca66af159d7f97d37608da66cbfdcc825_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:c75a9897a89243b793642d1d5918a666b08b465797212cfa29022a8fcbeb358e_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:d917d45adf63e8659d589eee79ccb9d1623252b7339b1e93524b7dea229c8f09_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:601fbb866efcab2fec4a675094cfe1d5259b6e475f9e6dadda69fc21cc178aee_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:9dfbd7fb7a6ca22a2a7f18cf4ec5c9539d30879db0623798d1ec8e4f5eb84dcc_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:c34e9f57958dc3bec472ee9b91ea31503fd939b07faae596677a36d7d73d3b59_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:08f5697d5460d1e509bfb4bf4b177e79a68c52b55cf693aa15b49a3951f972cf_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:1823f0fa1f0bf3097fa61cf9fa7dd6c591d43c7443942538ae126b6ab4d59653_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:4d22347dbd2f7c1e243b440304e05f2749d88888924e913b661ce8fe4e219496_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:36292e60b543154590ff245f4c4b233b8ad5857c7bac5fa0c45fa161500df1b2_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:424de07f469a52d905d50a126e0d0c48e5c2a8bfcc5fa6be37f4b0c806cf50b5_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:5045c0a773df2d4bff134934a4b61b3ed3653bce4bf1224495f71c14d0e34c7d_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:3466ff8766747872e8cb3c7d4e388e95bc93375509ee81076884e27b51875ef8_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:6ea22220e927607742e39622db5fcaf52bd03bd363db7c41d9e6b869c305859b_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:c98e251621146b479822a517c9556bd9e49c8dc57b4afccede822aac5699b37a_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:f9dea8ea9ecae53cce167218abbe0b354279d8bb73115312ef413653d91d21f3_arm64 | — | ||
| Unresolved product id: 9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:04751a4c128f21d5f1ec2ddae1107ceb5902ed63fd705441dc7280ea66c8941b_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:7e846eac9b45ddae80fd7bbd24f92809554c1b4c0fd915ff67ed5e1d08dd5c93_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:a115350e444d74bd30b86b6f8d9a2c15f28ab5418cbf1fe599c2251b043708b8_s390x | — | ||
| Unresolved product id: 9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:666b25c348e6275207b9bb2ef6ca1cf109fa935fd7d2dead4a764b5d7d243392_amd64 | — | ||
| Unresolved product id: 9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:80a4e57074bf6bd9cd8fd1e0beeddebe6d6e0986c9c0a9fe8839268341763e2e_ppc64le | — | ||
| Unresolved product id: 9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:e388f3c0faa2505b6960c815043477034012d79660c3e5fdcc24b2272b93f218_s390x | — |
Threats
Impact
Important
References
16 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated images are now available for RHODF-4.16-RHEL-9.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Data Foundation. Red Hat OpenShift DataFoundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform. In addition to persistent storage, Red Hat OpenShift Data Foundation provisions a multi-cloud data management service with an S3 compatible API.\n\nSecurity Fix(es):\n\n* golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html (CVE-2024-45338)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:3502",
"url": "https://access.redhat.com/errata/RHSA-2025:3502"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2333122",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2333122"
},
{
"category": "external",
"summary": "DFBUGS-1011",
"url": "https://issues.redhat.com/browse/DFBUGS-1011"
},
{
"category": "external",
"summary": "DFBUGS-1671",
"url": "https://issues.redhat.com/browse/DFBUGS-1671"
},
{
"category": "external",
"summary": "DFBUGS-945",
"url": "https://issues.redhat.com/browse/DFBUGS-945"
},
{
"category": "external",
"summary": "DFBUGS-978",
"url": "https://issues.redhat.com/browse/DFBUGS-978"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_3502.json"
}
],
"title": "Red Hat Security Advisory: RHODF-4.16-RHEL-9 security update",
"tracking": {
"current_release_date": "2026-06-02T21:46:24+00:00",
"generator": {
"date": "2026-06-02T21:46:24+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHSA-2025:3502",
"initial_release_date": "2025-04-01T21:25:57+00:00",
"revision_history": [
{
"date": "2025-04-01T21:25:57+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-04-01T21:25:57+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-02T21:46:24+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHODF 4.16 for RHEL 9",
"product": {
"name": "RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_data_foundation:4.16::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Data Foundation"
},
{
"branches": [
{
"category": "product_version",
"name": "odf4/cephcsi-rhel9@sha256:1cf35f815de351a2c37340f850101d5b108fea0c4e5619a98080840ef3552e0e_amd64",
"product": {
"name": "odf4/cephcsi-rhel9@sha256:1cf35f815de351a2c37340f850101d5b108fea0c4e5619a98080840ef3552e0e_amd64",
"product_id": "odf4/cephcsi-rhel9@sha256:1cf35f815de351a2c37340f850101d5b108fea0c4e5619a98080840ef3552e0e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cephcsi-rhel9@sha256:1cf35f815de351a2c37340f850101d5b108fea0c4e5619a98080840ef3552e0e?arch=amd64\u0026repository_url=registry.redhat.io/odf4/cephcsi-rhel9\u0026tag=v4.16.9-3"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-core-rhel9@sha256:b0f34ed1b4c0f9a4176fd959d929c3755508ce881e431c2c2069428847ed76e7_amd64",
"product": {
"name": "odf4/mcg-core-rhel9@sha256:b0f34ed1b4c0f9a4176fd959d929c3755508ce881e431c2c2069428847ed76e7_amd64",
"product_id": "odf4/mcg-core-rhel9@sha256:b0f34ed1b4c0f9a4176fd959d929c3755508ce881e431c2c2069428847ed76e7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mcg-core-rhel9@sha256:b0f34ed1b4c0f9a4176fd959d929c3755508ce881e431c2c2069428847ed76e7?arch=amd64\u0026repository_url=registry.redhat.io/odf4/mcg-core-rhel9\u0026tag=v4.16.9-4"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-operator-bundle@sha256:d7f607b353806840c3a2fb9fb02e5a96cd83e6747f67deb73ed0875df76828e0_amd64",
"product": {
"name": "odf4/mcg-operator-bundle@sha256:d7f607b353806840c3a2fb9fb02e5a96cd83e6747f67deb73ed0875df76828e0_amd64",
"product_id": "odf4/mcg-operator-bundle@sha256:d7f607b353806840c3a2fb9fb02e5a96cd83e6747f67deb73ed0875df76828e0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mcg-operator-bundle@sha256:d7f607b353806840c3a2fb9fb02e5a96cd83e6747f67deb73ed0875df76828e0?arch=amd64\u0026repository_url=registry.redhat.io/odf4/mcg-operator-bundle\u0026tag=v4.16.9-5"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-rhel9-operator@sha256:a815540a133b0864ba427bf5f5a8153dd3e316bb39bbbbf464511fc0732782fd_amd64",
"product": {
"name": "odf4/mcg-rhel9-operator@sha256:a815540a133b0864ba427bf5f5a8153dd3e316bb39bbbbf464511fc0732782fd_amd64",
"product_id": "odf4/mcg-rhel9-operator@sha256:a815540a133b0864ba427bf5f5a8153dd3e316bb39bbbbf464511fc0732782fd_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mcg-rhel9-operator@sha256:a815540a133b0864ba427bf5f5a8153dd3e316bb39bbbbf464511fc0732782fd?arch=amd64\u0026repository_url=registry.redhat.io/odf4/mcg-rhel9-operator\u0026tag=v4.16.9-3"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-console-rhel9@sha256:a06f898fe1be5935accc20fd1ee6a1e29f2350297e36ef7392392a359d4f7c47_amd64",
"product": {
"name": "odf4/ocs-client-console-rhel9@sha256:a06f898fe1be5935accc20fd1ee6a1e29f2350297e36ef7392392a359d4f7c47_amd64",
"product_id": "odf4/ocs-client-console-rhel9@sha256:a06f898fe1be5935accc20fd1ee6a1e29f2350297e36ef7392392a359d4f7c47_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-console-rhel9@sha256:a06f898fe1be5935accc20fd1ee6a1e29f2350297e36ef7392392a359d4f7c47?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-client-console-rhel9\u0026tag=v4.16.9-3"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-operator-bundle@sha256:7b86fe3d3ac9ef7df8a851c7c1f24eb8212f4c8640bfbe1dbf25ca13e8754cb3_amd64",
"product": {
"name": "odf4/ocs-client-operator-bundle@sha256:7b86fe3d3ac9ef7df8a851c7c1f24eb8212f4c8640bfbe1dbf25ca13e8754cb3_amd64",
"product_id": "odf4/ocs-client-operator-bundle@sha256:7b86fe3d3ac9ef7df8a851c7c1f24eb8212f4c8640bfbe1dbf25ca13e8754cb3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-operator-bundle@sha256:7b86fe3d3ac9ef7df8a851c7c1f24eb8212f4c8640bfbe1dbf25ca13e8754cb3?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-client-operator-bundle\u0026tag=v4.16.9-5"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-rhel9-operator@sha256:cea3919db348953e14f270af58a711c7073ad65ad4fbc375d80117fbabf936da_amd64",
"product": {
"name": "odf4/ocs-client-rhel9-operator@sha256:cea3919db348953e14f270af58a711c7073ad65ad4fbc375d80117fbabf936da_amd64",
"product_id": "odf4/ocs-client-rhel9-operator@sha256:cea3919db348953e14f270af58a711c7073ad65ad4fbc375d80117fbabf936da_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-rhel9-operator@sha256:cea3919db348953e14f270af58a711c7073ad65ad4fbc375d80117fbabf936da?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-client-rhel9-operator\u0026tag=v4.16.9-3"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:1b602bb5459440906a466e9687301dc3c1233264de86498c94f26581060f9033_amd64",
"product": {
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:1b602bb5459440906a466e9687301dc3c1233264de86498c94f26581060f9033_amd64",
"product_id": "odf4/ocs-metrics-exporter-rhel9@sha256:1b602bb5459440906a466e9687301dc3c1233264de86498c94f26581060f9033_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-metrics-exporter-rhel9@sha256:1b602bb5459440906a466e9687301dc3c1233264de86498c94f26581060f9033?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-metrics-exporter-rhel9\u0026tag=v4.16.9-3"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-operator-bundle@sha256:8682c22f78b4e5b7d7a9ece542f02ec7d6172ccfcd85e82dfcbeb9c81fe7a6dd_amd64",
"product": {
"name": "odf4/ocs-operator-bundle@sha256:8682c22f78b4e5b7d7a9ece542f02ec7d6172ccfcd85e82dfcbeb9c81fe7a6dd_amd64",
"product_id": "odf4/ocs-operator-bundle@sha256:8682c22f78b4e5b7d7a9ece542f02ec7d6172ccfcd85e82dfcbeb9c81fe7a6dd_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-operator-bundle@sha256:8682c22f78b4e5b7d7a9ece542f02ec7d6172ccfcd85e82dfcbeb9c81fe7a6dd?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-operator-bundle\u0026tag=v4.16.9-5"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-rhel9-operator@sha256:087bffeeca3ed6f80ae7674c5a147b27a2f1feba965acbb27379c438c9686f91_amd64",
"product": {
"name": "odf4/ocs-rhel9-operator@sha256:087bffeeca3ed6f80ae7674c5a147b27a2f1feba965acbb27379c438c9686f91_amd64",
"product_id": "odf4/ocs-rhel9-operator@sha256:087bffeeca3ed6f80ae7674c5a147b27a2f1feba965acbb27379c438c9686f91_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-rhel9-operator@sha256:087bffeeca3ed6f80ae7674c5a147b27a2f1feba965acbb27379c438c9686f91?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-rhel9-operator\u0026tag=v4.16.9-3"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-cli-rhel9@sha256:bb1aec4a92322116499401febc6982178deee5e989fd68a9635d9b31f7dd8db2_amd64",
"product": {
"name": "odf4/odf-cli-rhel9@sha256:bb1aec4a92322116499401febc6982178deee5e989fd68a9635d9b31f7dd8db2_amd64",
"product_id": "odf4/odf-cli-rhel9@sha256:bb1aec4a92322116499401febc6982178deee5e989fd68a9635d9b31f7dd8db2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-cli-rhel9@sha256:bb1aec4a92322116499401febc6982178deee5e989fd68a9635d9b31f7dd8db2?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-cli-rhel9\u0026tag=v4.16.9-3"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-console-rhel9@sha256:8eed4974c6b9dedd5cb4f7ff1027908ad4ab8274dafffa00f12eb9c63a15d288_amd64",
"product": {
"name": "odf4/odf-console-rhel9@sha256:8eed4974c6b9dedd5cb4f7ff1027908ad4ab8274dafffa00f12eb9c63a15d288_amd64",
"product_id": "odf4/odf-console-rhel9@sha256:8eed4974c6b9dedd5cb4f7ff1027908ad4ab8274dafffa00f12eb9c63a15d288_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-console-rhel9@sha256:8eed4974c6b9dedd5cb4f7ff1027908ad4ab8274dafffa00f12eb9c63a15d288?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-console-rhel9\u0026tag=v4.16.9-3"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-cosi-sidecar-rhel9@sha256:d5b01a44782ed114af0d96a357faa2ce00950194f8a6c63a37081bb3bfa8550e_amd64",
"product": {
"name": "odf4/odf-cosi-sidecar-rhel9@sha256:d5b01a44782ed114af0d96a357faa2ce00950194f8a6c63a37081bb3bfa8550e_amd64",
"product_id": "odf4/odf-cosi-sidecar-rhel9@sha256:d5b01a44782ed114af0d96a357faa2ce00950194f8a6c63a37081bb3bfa8550e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-cosi-sidecar-rhel9@sha256:d5b01a44782ed114af0d96a357faa2ce00950194f8a6c63a37081bb3bfa8550e?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-cosi-sidecar-rhel9\u0026tag=v4.16.9-3"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-operator-bundle@sha256:fa43d6f2db3e6da5f5ae82a14b8631fdefee1ece7e8c714ca78d467b79f3b4a0_amd64",
"product": {
"name": "odf4/odf-csi-addons-operator-bundle@sha256:fa43d6f2db3e6da5f5ae82a14b8631fdefee1ece7e8c714ca78d467b79f3b4a0_amd64",
"product_id": "odf4/odf-csi-addons-operator-bundle@sha256:fa43d6f2db3e6da5f5ae82a14b8631fdefee1ece7e8c714ca78d467b79f3b4a0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-operator-bundle@sha256:fa43d6f2db3e6da5f5ae82a14b8631fdefee1ece7e8c714ca78d467b79f3b4a0?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-operator-bundle\u0026tag=v4.16.9-5"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:9a83557ae92af7bf8ca4c687aee1ba82311acf55c98b17fc44dff6e8206f4c7e_amd64",
"product": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:9a83557ae92af7bf8ca4c687aee1ba82311acf55c98b17fc44dff6e8206f4c7e_amd64",
"product_id": "odf4/odf-csi-addons-rhel9-operator@sha256:9a83557ae92af7bf8ca4c687aee1ba82311acf55c98b17fc44dff6e8206f4c7e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-rhel9-operator@sha256:9a83557ae92af7bf8ca4c687aee1ba82311acf55c98b17fc44dff6e8206f4c7e?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel9-operator\u0026tag=v4.16.9-3"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:65d1d96f56293f276c8574363d872c8c89686e3a61ee577cb4393165e9bbac0f_amd64",
"product": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:65d1d96f56293f276c8574363d872c8c89686e3a61ee577cb4393165e9bbac0f_amd64",
"product_id": "odf4/odf-csi-addons-sidecar-rhel9@sha256:65d1d96f56293f276c8574363d872c8c89686e3a61ee577cb4393165e9bbac0f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-sidecar-rhel9@sha256:65d1d96f56293f276c8574363d872c8c89686e3a61ee577cb4393165e9bbac0f?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9\u0026tag=v4.16.9-3"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-console-rhel9@sha256:31dc2d31b429e63fe599141392370e529b597e41e3b6bd9da387eba8971cedeb_amd64",
"product": {
"name": "odf4/odf-multicluster-console-rhel9@sha256:31dc2d31b429e63fe599141392370e529b597e41e3b6bd9da387eba8971cedeb_amd64",
"product_id": "odf4/odf-multicluster-console-rhel9@sha256:31dc2d31b429e63fe599141392370e529b597e41e3b6bd9da387eba8971cedeb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-console-rhel9@sha256:31dc2d31b429e63fe599141392370e529b597e41e3b6bd9da387eba8971cedeb?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-console-rhel9\u0026tag=v4.16.9-3"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-operator-bundle@sha256:951633082e542b42ec641cd9866518da79cfddafa069ef189281e2d580728c5d_amd64",
"product": {
"name": "odf4/odf-multicluster-operator-bundle@sha256:951633082e542b42ec641cd9866518da79cfddafa069ef189281e2d580728c5d_amd64",
"product_id": "odf4/odf-multicluster-operator-bundle@sha256:951633082e542b42ec641cd9866518da79cfddafa069ef189281e2d580728c5d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-operator-bundle@sha256:951633082e542b42ec641cd9866518da79cfddafa069ef189281e2d580728c5d?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-operator-bundle\u0026tag=v4.16.9-5"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-rhel9-operator@sha256:8ec79d06669ee36eae6d6c2ed3ef835934ca6b5d6d27fc1ba524e17c5a2df2e3_amd64",
"product": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:8ec79d06669ee36eae6d6c2ed3ef835934ca6b5d6d27fc1ba524e17c5a2df2e3_amd64",
"product_id": "odf4/odf-multicluster-rhel9-operator@sha256:8ec79d06669ee36eae6d6c2ed3ef835934ca6b5d6d27fc1ba524e17c5a2df2e3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-rhel9-operator@sha256:8ec79d06669ee36eae6d6c2ed3ef835934ca6b5d6d27fc1ba524e17c5a2df2e3?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-rhel9-operator\u0026tag=v4.16.9-3"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-must-gather-rhel9@sha256:ea8f5dd86da91bd16a2b79a011dcbdc975383fdc736a19867d42e6318c691552_amd64",
"product": {
"name": "odf4/odf-must-gather-rhel9@sha256:ea8f5dd86da91bd16a2b79a011dcbdc975383fdc736a19867d42e6318c691552_amd64",
"product_id": "odf4/odf-must-gather-rhel9@sha256:ea8f5dd86da91bd16a2b79a011dcbdc975383fdc736a19867d42e6318c691552_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-must-gather-rhel9@sha256:ea8f5dd86da91bd16a2b79a011dcbdc975383fdc736a19867d42e6318c691552?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-must-gather-rhel9\u0026tag=v4.16.9-3"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-operator-bundle@sha256:e58f88c021243d4616127c177bd9c0aeabca99e8e57e0648311d3fde0c192dcb_amd64",
"product": {
"name": "odf4/odf-operator-bundle@sha256:e58f88c021243d4616127c177bd9c0aeabca99e8e57e0648311d3fde0c192dcb_amd64",
"product_id": "odf4/odf-operator-bundle@sha256:e58f88c021243d4616127c177bd9c0aeabca99e8e57e0648311d3fde0c192dcb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-operator-bundle@sha256:e58f88c021243d4616127c177bd9c0aeabca99e8e57e0648311d3fde0c192dcb?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-operator-bundle\u0026tag=v4.16.9-5"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-rhel9-operator@sha256:c75a9897a89243b793642d1d5918a666b08b465797212cfa29022a8fcbeb358e_amd64",
"product": {
"name": "odf4/odf-rhel9-operator@sha256:c75a9897a89243b793642d1d5918a666b08b465797212cfa29022a8fcbeb358e_amd64",
"product_id": "odf4/odf-rhel9-operator@sha256:c75a9897a89243b793642d1d5918a666b08b465797212cfa29022a8fcbeb358e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-rhel9-operator@sha256:c75a9897a89243b793642d1d5918a666b08b465797212cfa29022a8fcbeb358e?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-rhel9-operator\u0026tag=v4.16.9-3"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-prometheus-operator-bundle@sha256:f30254e9df41cf4049cc7b35610abd0a716a13f41a1c4523fc1e7bf2211085b0_amd64",
"product": {
"name": "odf4/odf-prometheus-operator-bundle@sha256:f30254e9df41cf4049cc7b35610abd0a716a13f41a1c4523fc1e7bf2211085b0_amd64",
"product_id": "odf4/odf-prometheus-operator-bundle@sha256:f30254e9df41cf4049cc7b35610abd0a716a13f41a1c4523fc1e7bf2211085b0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-prometheus-operator-bundle@sha256:f30254e9df41cf4049cc7b35610abd0a716a13f41a1c4523fc1e7bf2211085b0?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-prometheus-operator-bundle\u0026tag=v4.16.9-5"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-cluster-operator-bundle@sha256:601fbb866efcab2fec4a675094cfe1d5259b6e475f9e6dadda69fc21cc178aee_amd64",
"product": {
"name": "odf4/odr-cluster-operator-bundle@sha256:601fbb866efcab2fec4a675094cfe1d5259b6e475f9e6dadda69fc21cc178aee_amd64",
"product_id": "odf4/odr-cluster-operator-bundle@sha256:601fbb866efcab2fec4a675094cfe1d5259b6e475f9e6dadda69fc21cc178aee_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odr-cluster-operator-bundle@sha256:601fbb866efcab2fec4a675094cfe1d5259b6e475f9e6dadda69fc21cc178aee?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odr-cluster-operator-bundle\u0026tag=v4.16.9-5"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-hub-operator-bundle@sha256:1823f0fa1f0bf3097fa61cf9fa7dd6c591d43c7443942538ae126b6ab4d59653_amd64",
"product": {
"name": "odf4/odr-hub-operator-bundle@sha256:1823f0fa1f0bf3097fa61cf9fa7dd6c591d43c7443942538ae126b6ab4d59653_amd64",
"product_id": "odf4/odr-hub-operator-bundle@sha256:1823f0fa1f0bf3097fa61cf9fa7dd6c591d43c7443942538ae126b6ab4d59653_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odr-hub-operator-bundle@sha256:1823f0fa1f0bf3097fa61cf9fa7dd6c591d43c7443942538ae126b6ab4d59653?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odr-hub-operator-bundle\u0026tag=v4.16.9-5"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-rhel9-operator@sha256:c98e251621146b479822a517c9556bd9e49c8dc57b4afccede822aac5699b37a_amd64",
"product": {
"name": "odf4/odr-rhel9-operator@sha256:c98e251621146b479822a517c9556bd9e49c8dc57b4afccede822aac5699b37a_amd64",
"product_id": "odf4/odr-rhel9-operator@sha256:c98e251621146b479822a517c9556bd9e49c8dc57b4afccede822aac5699b37a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odr-rhel9-operator@sha256:c98e251621146b479822a517c9556bd9e49c8dc57b4afccede822aac5699b37a?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odr-rhel9-operator\u0026tag=v4.16.9-3"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-recipe-operator-bundle@sha256:424de07f469a52d905d50a126e0d0c48e5c2a8bfcc5fa6be37f4b0c806cf50b5_amd64",
"product": {
"name": "odf4/odr-recipe-operator-bundle@sha256:424de07f469a52d905d50a126e0d0c48e5c2a8bfcc5fa6be37f4b0c806cf50b5_amd64",
"product_id": "odf4/odr-recipe-operator-bundle@sha256:424de07f469a52d905d50a126e0d0c48e5c2a8bfcc5fa6be37f4b0c806cf50b5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odr-recipe-operator-bundle@sha256:424de07f469a52d905d50a126e0d0c48e5c2a8bfcc5fa6be37f4b0c806cf50b5?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odr-recipe-operator-bundle\u0026tag=v4.16.9-5"
}
}
},
{
"category": "product_version",
"name": "odf4/rook-ceph-operator-bundle@sha256:04751a4c128f21d5f1ec2ddae1107ceb5902ed63fd705441dc7280ea66c8941b_amd64",
"product": {
"name": "odf4/rook-ceph-operator-bundle@sha256:04751a4c128f21d5f1ec2ddae1107ceb5902ed63fd705441dc7280ea66c8941b_amd64",
"product_id": "odf4/rook-ceph-operator-bundle@sha256:04751a4c128f21d5f1ec2ddae1107ceb5902ed63fd705441dc7280ea66c8941b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rook-ceph-operator-bundle@sha256:04751a4c128f21d5f1ec2ddae1107ceb5902ed63fd705441dc7280ea66c8941b?arch=amd64\u0026repository_url=registry.redhat.io/odf4/rook-ceph-operator-bundle\u0026tag=v4.16.9-5"
}
}
},
{
"category": "product_version",
"name": "odf4/rook-ceph-rhel9-operator@sha256:666b25c348e6275207b9bb2ef6ca1cf109fa935fd7d2dead4a764b5d7d243392_amd64",
"product": {
"name": "odf4/rook-ceph-rhel9-operator@sha256:666b25c348e6275207b9bb2ef6ca1cf109fa935fd7d2dead4a764b5d7d243392_amd64",
"product_id": "odf4/rook-ceph-rhel9-operator@sha256:666b25c348e6275207b9bb2ef6ca1cf109fa935fd7d2dead4a764b5d7d243392_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rook-ceph-rhel9-operator@sha256:666b25c348e6275207b9bb2ef6ca1cf109fa935fd7d2dead4a764b5d7d243392?arch=amd64\u0026repository_url=registry.redhat.io/odf4/rook-ceph-rhel9-operator\u0026tag=v4.16.9-3"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "odf4/cephcsi-rhel9@sha256:f9a4390a3de6eb274c185a1cc3382b6c10a29b16d39de6f59df316b2d7a85ad4_ppc64le",
"product": {
"name": "odf4/cephcsi-rhel9@sha256:f9a4390a3de6eb274c185a1cc3382b6c10a29b16d39de6f59df316b2d7a85ad4_ppc64le",
"product_id": "odf4/cephcsi-rhel9@sha256:f9a4390a3de6eb274c185a1cc3382b6c10a29b16d39de6f59df316b2d7a85ad4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cephcsi-rhel9@sha256:f9a4390a3de6eb274c185a1cc3382b6c10a29b16d39de6f59df316b2d7a85ad4?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/cephcsi-rhel9\u0026tag=v4.16.9-3"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-core-rhel9@sha256:698896a47d4fd9f1bddf8fb1fb22b99f6eaec3c9591815e25e120e7df1844ae6_ppc64le",
"product": {
"name": "odf4/mcg-core-rhel9@sha256:698896a47d4fd9f1bddf8fb1fb22b99f6eaec3c9591815e25e120e7df1844ae6_ppc64le",
"product_id": "odf4/mcg-core-rhel9@sha256:698896a47d4fd9f1bddf8fb1fb22b99f6eaec3c9591815e25e120e7df1844ae6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/mcg-core-rhel9@sha256:698896a47d4fd9f1bddf8fb1fb22b99f6eaec3c9591815e25e120e7df1844ae6?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/mcg-core-rhel9\u0026tag=v4.16.9-4"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-operator-bundle@sha256:a8c32134d2cb1a5db655586f65bd1fac568b010bc1f7697069b83e7c245f29af_ppc64le",
"product": {
"name": "odf4/mcg-operator-bundle@sha256:a8c32134d2cb1a5db655586f65bd1fac568b010bc1f7697069b83e7c245f29af_ppc64le",
"product_id": "odf4/mcg-operator-bundle@sha256:a8c32134d2cb1a5db655586f65bd1fac568b010bc1f7697069b83e7c245f29af_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/mcg-operator-bundle@sha256:a8c32134d2cb1a5db655586f65bd1fac568b010bc1f7697069b83e7c245f29af?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/mcg-operator-bundle\u0026tag=v4.16.9-5"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-rhel9-operator@sha256:f7c64b8539be7e027bac1547ece04653976d5bea6ead519b2ed6499de7180dbe_ppc64le",
"product": {
"name": "odf4/mcg-rhel9-operator@sha256:f7c64b8539be7e027bac1547ece04653976d5bea6ead519b2ed6499de7180dbe_ppc64le",
"product_id": "odf4/mcg-rhel9-operator@sha256:f7c64b8539be7e027bac1547ece04653976d5bea6ead519b2ed6499de7180dbe_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/mcg-rhel9-operator@sha256:f7c64b8539be7e027bac1547ece04653976d5bea6ead519b2ed6499de7180dbe?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/mcg-rhel9-operator\u0026tag=v4.16.9-3"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-console-rhel9@sha256:409becedde385970154269f5dc84ac7961e219a1956930a14aa68183fb80fb49_ppc64le",
"product": {
"name": "odf4/ocs-client-console-rhel9@sha256:409becedde385970154269f5dc84ac7961e219a1956930a14aa68183fb80fb49_ppc64le",
"product_id": "odf4/ocs-client-console-rhel9@sha256:409becedde385970154269f5dc84ac7961e219a1956930a14aa68183fb80fb49_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-console-rhel9@sha256:409becedde385970154269f5dc84ac7961e219a1956930a14aa68183fb80fb49?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-client-console-rhel9\u0026tag=v4.16.9-3"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-operator-bundle@sha256:e677334c3782188f6aafb252308c9a1c8db6101b0bba4b79f3662b9c3804350a_ppc64le",
"product": {
"name": "odf4/ocs-client-operator-bundle@sha256:e677334c3782188f6aafb252308c9a1c8db6101b0bba4b79f3662b9c3804350a_ppc64le",
"product_id": "odf4/ocs-client-operator-bundle@sha256:e677334c3782188f6aafb252308c9a1c8db6101b0bba4b79f3662b9c3804350a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-operator-bundle@sha256:e677334c3782188f6aafb252308c9a1c8db6101b0bba4b79f3662b9c3804350a?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-client-operator-bundle\u0026tag=v4.16.9-5"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-rhel9-operator@sha256:ac83a0734f93025f3ab42ee520e0445240d043a4775664c6d44a87c7fac71d68_ppc64le",
"product": {
"name": "odf4/ocs-client-rhel9-operator@sha256:ac83a0734f93025f3ab42ee520e0445240d043a4775664c6d44a87c7fac71d68_ppc64le",
"product_id": "odf4/ocs-client-rhel9-operator@sha256:ac83a0734f93025f3ab42ee520e0445240d043a4775664c6d44a87c7fac71d68_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-rhel9-operator@sha256:ac83a0734f93025f3ab42ee520e0445240d043a4775664c6d44a87c7fac71d68?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-client-rhel9-operator\u0026tag=v4.16.9-3"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:bb2f890d57d4341eff0476325eadce481f38dd0bccb8f5f9974f61220bbce44f_ppc64le",
"product": {
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:bb2f890d57d4341eff0476325eadce481f38dd0bccb8f5f9974f61220bbce44f_ppc64le",
"product_id": "odf4/ocs-metrics-exporter-rhel9@sha256:bb2f890d57d4341eff0476325eadce481f38dd0bccb8f5f9974f61220bbce44f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ocs-metrics-exporter-rhel9@sha256:bb2f890d57d4341eff0476325eadce481f38dd0bccb8f5f9974f61220bbce44f?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-metrics-exporter-rhel9\u0026tag=v4.16.9-3"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-operator-bundle@sha256:d648a6305dab917bc9094481a84bd0521bd48cac367670b6a723c6d59e9ec4d8_ppc64le",
"product": {
"name": "odf4/ocs-operator-bundle@sha256:d648a6305dab917bc9094481a84bd0521bd48cac367670b6a723c6d59e9ec4d8_ppc64le",
"product_id": "odf4/ocs-operator-bundle@sha256:d648a6305dab917bc9094481a84bd0521bd48cac367670b6a723c6d59e9ec4d8_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ocs-operator-bundle@sha256:d648a6305dab917bc9094481a84bd0521bd48cac367670b6a723c6d59e9ec4d8?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-operator-bundle\u0026tag=v4.16.9-5"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-rhel9-operator@sha256:18ede0783538a2037a6b090c3e9c7ebeed3361f6594f865303e51677cf228e90_ppc64le",
"product": {
"name": "odf4/ocs-rhel9-operator@sha256:18ede0783538a2037a6b090c3e9c7ebeed3361f6594f865303e51677cf228e90_ppc64le",
"product_id": "odf4/ocs-rhel9-operator@sha256:18ede0783538a2037a6b090c3e9c7ebeed3361f6594f865303e51677cf228e90_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ocs-rhel9-operator@sha256:18ede0783538a2037a6b090c3e9c7ebeed3361f6594f865303e51677cf228e90?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-rhel9-operator\u0026tag=v4.16.9-3"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-cli-rhel9@sha256:78f071161808fcf3a228a8fe8bd2c8de1beb49a3963ef5efc589e45cff1a02a6_ppc64le",
"product": {
"name": "odf4/odf-cli-rhel9@sha256:78f071161808fcf3a228a8fe8bd2c8de1beb49a3963ef5efc589e45cff1a02a6_ppc64le",
"product_id": "odf4/odf-cli-rhel9@sha256:78f071161808fcf3a228a8fe8bd2c8de1beb49a3963ef5efc589e45cff1a02a6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-cli-rhel9@sha256:78f071161808fcf3a228a8fe8bd2c8de1beb49a3963ef5efc589e45cff1a02a6?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-cli-rhel9\u0026tag=v4.16.9-3"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-console-rhel9@sha256:c766a6b85cd3bef81bc6f626589b569695d1742c1f961c4175a742de8dfc9712_ppc64le",
"product": {
"name": "odf4/odf-console-rhel9@sha256:c766a6b85cd3bef81bc6f626589b569695d1742c1f961c4175a742de8dfc9712_ppc64le",
"product_id": "odf4/odf-console-rhel9@sha256:c766a6b85cd3bef81bc6f626589b569695d1742c1f961c4175a742de8dfc9712_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-console-rhel9@sha256:c766a6b85cd3bef81bc6f626589b569695d1742c1f961c4175a742de8dfc9712?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-console-rhel9\u0026tag=v4.16.9-3"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-cosi-sidecar-rhel9@sha256:afe5fffaa37933af2ac55390ed46d37a277bdfafb63f504645b9d29bd23b6e30_ppc64le",
"product": {
"name": "odf4/odf-cosi-sidecar-rhel9@sha256:afe5fffaa37933af2ac55390ed46d37a277bdfafb63f504645b9d29bd23b6e30_ppc64le",
"product_id": "odf4/odf-cosi-sidecar-rhel9@sha256:afe5fffaa37933af2ac55390ed46d37a277bdfafb63f504645b9d29bd23b6e30_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-cosi-sidecar-rhel9@sha256:afe5fffaa37933af2ac55390ed46d37a277bdfafb63f504645b9d29bd23b6e30?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-cosi-sidecar-rhel9\u0026tag=v4.16.9-3"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-operator-bundle@sha256:d0a94174a1cdec08532959658b4dfe0e9adafb83314f69d4902c0b93e6ad4798_ppc64le",
"product": {
"name": "odf4/odf-csi-addons-operator-bundle@sha256:d0a94174a1cdec08532959658b4dfe0e9adafb83314f69d4902c0b93e6ad4798_ppc64le",
"product_id": "odf4/odf-csi-addons-operator-bundle@sha256:d0a94174a1cdec08532959658b4dfe0e9adafb83314f69d4902c0b93e6ad4798_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-operator-bundle@sha256:d0a94174a1cdec08532959658b4dfe0e9adafb83314f69d4902c0b93e6ad4798?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-operator-bundle\u0026tag=v4.16.9-5"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:088c5f7549320be94fcfe1d759a6c0b12b82b0eb2c7ad7ea8a65533db3c701d2_ppc64le",
"product": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:088c5f7549320be94fcfe1d759a6c0b12b82b0eb2c7ad7ea8a65533db3c701d2_ppc64le",
"product_id": "odf4/odf-csi-addons-rhel9-operator@sha256:088c5f7549320be94fcfe1d759a6c0b12b82b0eb2c7ad7ea8a65533db3c701d2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-rhel9-operator@sha256:088c5f7549320be94fcfe1d759a6c0b12b82b0eb2c7ad7ea8a65533db3c701d2?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel9-operator\u0026tag=v4.16.9-3"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:13700b4ed1c50daa091652fd7b74779c06249ac21b9a741574bb5069b000f16b_ppc64le",
"product": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:13700b4ed1c50daa091652fd7b74779c06249ac21b9a741574bb5069b000f16b_ppc64le",
"product_id": "odf4/odf-csi-addons-sidecar-rhel9@sha256:13700b4ed1c50daa091652fd7b74779c06249ac21b9a741574bb5069b000f16b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-sidecar-rhel9@sha256:13700b4ed1c50daa091652fd7b74779c06249ac21b9a741574bb5069b000f16b?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9\u0026tag=v4.16.9-3"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-console-rhel9@sha256:28075f58315b04c3aa4c9f4a23689c76f4645837ef6eae79cc3633f389610407_ppc64le",
"product": {
"name": "odf4/odf-multicluster-console-rhel9@sha256:28075f58315b04c3aa4c9f4a23689c76f4645837ef6eae79cc3633f389610407_ppc64le",
"product_id": "odf4/odf-multicluster-console-rhel9@sha256:28075f58315b04c3aa4c9f4a23689c76f4645837ef6eae79cc3633f389610407_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-console-rhel9@sha256:28075f58315b04c3aa4c9f4a23689c76f4645837ef6eae79cc3633f389610407?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-console-rhel9\u0026tag=v4.16.9-3"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-operator-bundle@sha256:42f94d2ec5d022c829bec6b88624b27ec21c444fe5c19396ce248dbb0582cd82_ppc64le",
"product": {
"name": "odf4/odf-multicluster-operator-bundle@sha256:42f94d2ec5d022c829bec6b88624b27ec21c444fe5c19396ce248dbb0582cd82_ppc64le",
"product_id": "odf4/odf-multicluster-operator-bundle@sha256:42f94d2ec5d022c829bec6b88624b27ec21c444fe5c19396ce248dbb0582cd82_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-operator-bundle@sha256:42f94d2ec5d022c829bec6b88624b27ec21c444fe5c19396ce248dbb0582cd82?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-operator-bundle\u0026tag=v4.16.9-5"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-rhel9-operator@sha256:e83d5ec4974bedfb763845ea371c74f050cb38ba8bd8a9c7416dae502a7af87e_ppc64le",
"product": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:e83d5ec4974bedfb763845ea371c74f050cb38ba8bd8a9c7416dae502a7af87e_ppc64le",
"product_id": "odf4/odf-multicluster-rhel9-operator@sha256:e83d5ec4974bedfb763845ea371c74f050cb38ba8bd8a9c7416dae502a7af87e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-rhel9-operator@sha256:e83d5ec4974bedfb763845ea371c74f050cb38ba8bd8a9c7416dae502a7af87e?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-rhel9-operator\u0026tag=v4.16.9-3"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-must-gather-rhel9@sha256:2d0383fe62f6636118612bcb987ce484a4131656b27a31bcc1ee6299ff51a813_ppc64le",
"product": {
"name": "odf4/odf-must-gather-rhel9@sha256:2d0383fe62f6636118612bcb987ce484a4131656b27a31bcc1ee6299ff51a813_ppc64le",
"product_id": "odf4/odf-must-gather-rhel9@sha256:2d0383fe62f6636118612bcb987ce484a4131656b27a31bcc1ee6299ff51a813_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-must-gather-rhel9@sha256:2d0383fe62f6636118612bcb987ce484a4131656b27a31bcc1ee6299ff51a813?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-must-gather-rhel9\u0026tag=v4.16.9-3"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-operator-bundle@sha256:af735766b79a34a3bde546255f3a54b08b4ffc2c5a45e071cd887bf40a9f51b4_ppc64le",
"product": {
"name": "odf4/odf-operator-bundle@sha256:af735766b79a34a3bde546255f3a54b08b4ffc2c5a45e071cd887bf40a9f51b4_ppc64le",
"product_id": "odf4/odf-operator-bundle@sha256:af735766b79a34a3bde546255f3a54b08b4ffc2c5a45e071cd887bf40a9f51b4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-operator-bundle@sha256:af735766b79a34a3bde546255f3a54b08b4ffc2c5a45e071cd887bf40a9f51b4?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-operator-bundle\u0026tag=v4.16.9-5"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-rhel9-operator@sha256:d917d45adf63e8659d589eee79ccb9d1623252b7339b1e93524b7dea229c8f09_ppc64le",
"product": {
"name": "odf4/odf-rhel9-operator@sha256:d917d45adf63e8659d589eee79ccb9d1623252b7339b1e93524b7dea229c8f09_ppc64le",
"product_id": "odf4/odf-rhel9-operator@sha256:d917d45adf63e8659d589eee79ccb9d1623252b7339b1e93524b7dea229c8f09_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-rhel9-operator@sha256:d917d45adf63e8659d589eee79ccb9d1623252b7339b1e93524b7dea229c8f09?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-rhel9-operator\u0026tag=v4.16.9-3"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-prometheus-operator-bundle@sha256:a1d9cc4aff1553cdd490cdbbf49d927edf9320dfabc8327571805c04c87f1120_ppc64le",
"product": {
"name": "odf4/odf-prometheus-operator-bundle@sha256:a1d9cc4aff1553cdd490cdbbf49d927edf9320dfabc8327571805c04c87f1120_ppc64le",
"product_id": "odf4/odf-prometheus-operator-bundle@sha256:a1d9cc4aff1553cdd490cdbbf49d927edf9320dfabc8327571805c04c87f1120_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-prometheus-operator-bundle@sha256:a1d9cc4aff1553cdd490cdbbf49d927edf9320dfabc8327571805c04c87f1120?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-prometheus-operator-bundle\u0026tag=v4.16.9-5"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-cluster-operator-bundle@sha256:9dfbd7fb7a6ca22a2a7f18cf4ec5c9539d30879db0623798d1ec8e4f5eb84dcc_ppc64le",
"product": {
"name": "odf4/odr-cluster-operator-bundle@sha256:9dfbd7fb7a6ca22a2a7f18cf4ec5c9539d30879db0623798d1ec8e4f5eb84dcc_ppc64le",
"product_id": "odf4/odr-cluster-operator-bundle@sha256:9dfbd7fb7a6ca22a2a7f18cf4ec5c9539d30879db0623798d1ec8e4f5eb84dcc_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odr-cluster-operator-bundle@sha256:9dfbd7fb7a6ca22a2a7f18cf4ec5c9539d30879db0623798d1ec8e4f5eb84dcc?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odr-cluster-operator-bundle\u0026tag=v4.16.9-5"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-hub-operator-bundle@sha256:08f5697d5460d1e509bfb4bf4b177e79a68c52b55cf693aa15b49a3951f972cf_ppc64le",
"product": {
"name": "odf4/odr-hub-operator-bundle@sha256:08f5697d5460d1e509bfb4bf4b177e79a68c52b55cf693aa15b49a3951f972cf_ppc64le",
"product_id": "odf4/odr-hub-operator-bundle@sha256:08f5697d5460d1e509bfb4bf4b177e79a68c52b55cf693aa15b49a3951f972cf_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odr-hub-operator-bundle@sha256:08f5697d5460d1e509bfb4bf4b177e79a68c52b55cf693aa15b49a3951f972cf?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odr-hub-operator-bundle\u0026tag=v4.16.9-5"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-rhel9-operator@sha256:3466ff8766747872e8cb3c7d4e388e95bc93375509ee81076884e27b51875ef8_ppc64le",
"product": {
"name": "odf4/odr-rhel9-operator@sha256:3466ff8766747872e8cb3c7d4e388e95bc93375509ee81076884e27b51875ef8_ppc64le",
"product_id": "odf4/odr-rhel9-operator@sha256:3466ff8766747872e8cb3c7d4e388e95bc93375509ee81076884e27b51875ef8_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odr-rhel9-operator@sha256:3466ff8766747872e8cb3c7d4e388e95bc93375509ee81076884e27b51875ef8?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odr-rhel9-operator\u0026tag=v4.16.9-3"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-recipe-operator-bundle@sha256:36292e60b543154590ff245f4c4b233b8ad5857c7bac5fa0c45fa161500df1b2_ppc64le",
"product": {
"name": "odf4/odr-recipe-operator-bundle@sha256:36292e60b543154590ff245f4c4b233b8ad5857c7bac5fa0c45fa161500df1b2_ppc64le",
"product_id": "odf4/odr-recipe-operator-bundle@sha256:36292e60b543154590ff245f4c4b233b8ad5857c7bac5fa0c45fa161500df1b2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odr-recipe-operator-bundle@sha256:36292e60b543154590ff245f4c4b233b8ad5857c7bac5fa0c45fa161500df1b2?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odr-recipe-operator-bundle\u0026tag=v4.16.9-5"
}
}
},
{
"category": "product_version",
"name": "odf4/rook-ceph-operator-bundle@sha256:7e846eac9b45ddae80fd7bbd24f92809554c1b4c0fd915ff67ed5e1d08dd5c93_ppc64le",
"product": {
"name": "odf4/rook-ceph-operator-bundle@sha256:7e846eac9b45ddae80fd7bbd24f92809554c1b4c0fd915ff67ed5e1d08dd5c93_ppc64le",
"product_id": "odf4/rook-ceph-operator-bundle@sha256:7e846eac9b45ddae80fd7bbd24f92809554c1b4c0fd915ff67ed5e1d08dd5c93_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rook-ceph-operator-bundle@sha256:7e846eac9b45ddae80fd7bbd24f92809554c1b4c0fd915ff67ed5e1d08dd5c93?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/rook-ceph-operator-bundle\u0026tag=v4.16.9-5"
}
}
},
{
"category": "product_version",
"name": "odf4/rook-ceph-rhel9-operator@sha256:80a4e57074bf6bd9cd8fd1e0beeddebe6d6e0986c9c0a9fe8839268341763e2e_ppc64le",
"product": {
"name": "odf4/rook-ceph-rhel9-operator@sha256:80a4e57074bf6bd9cd8fd1e0beeddebe6d6e0986c9c0a9fe8839268341763e2e_ppc64le",
"product_id": "odf4/rook-ceph-rhel9-operator@sha256:80a4e57074bf6bd9cd8fd1e0beeddebe6d6e0986c9c0a9fe8839268341763e2e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rook-ceph-rhel9-operator@sha256:80a4e57074bf6bd9cd8fd1e0beeddebe6d6e0986c9c0a9fe8839268341763e2e?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/rook-ceph-rhel9-operator\u0026tag=v4.16.9-3"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "odf4/cephcsi-rhel9@sha256:4a1de6a1af1b47680caa36a69c6a8b438d01a0810f4df1d9dbb8fc82f8e06284_s390x",
"product": {
"name": "odf4/cephcsi-rhel9@sha256:4a1de6a1af1b47680caa36a69c6a8b438d01a0810f4df1d9dbb8fc82f8e06284_s390x",
"product_id": "odf4/cephcsi-rhel9@sha256:4a1de6a1af1b47680caa36a69c6a8b438d01a0810f4df1d9dbb8fc82f8e06284_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cephcsi-rhel9@sha256:4a1de6a1af1b47680caa36a69c6a8b438d01a0810f4df1d9dbb8fc82f8e06284?arch=s390x\u0026repository_url=registry.redhat.io/odf4/cephcsi-rhel9\u0026tag=v4.16.9-3"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-core-rhel9@sha256:10fedd0456d7f81015f93e597932cb19b3576a5bffd95de325f160c44f78cfca_s390x",
"product": {
"name": "odf4/mcg-core-rhel9@sha256:10fedd0456d7f81015f93e597932cb19b3576a5bffd95de325f160c44f78cfca_s390x",
"product_id": "odf4/mcg-core-rhel9@sha256:10fedd0456d7f81015f93e597932cb19b3576a5bffd95de325f160c44f78cfca_s390x",
"product_identification_helper": {
"purl": "pkg:oci/mcg-core-rhel9@sha256:10fedd0456d7f81015f93e597932cb19b3576a5bffd95de325f160c44f78cfca?arch=s390x\u0026repository_url=registry.redhat.io/odf4/mcg-core-rhel9\u0026tag=v4.16.9-4"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-operator-bundle@sha256:b2b86eea9f1808e65ee3bfb0daad68e470bbe9d2525adcaff08d4fde8e52b4f0_s390x",
"product": {
"name": "odf4/mcg-operator-bundle@sha256:b2b86eea9f1808e65ee3bfb0daad68e470bbe9d2525adcaff08d4fde8e52b4f0_s390x",
"product_id": "odf4/mcg-operator-bundle@sha256:b2b86eea9f1808e65ee3bfb0daad68e470bbe9d2525adcaff08d4fde8e52b4f0_s390x",
"product_identification_helper": {
"purl": "pkg:oci/mcg-operator-bundle@sha256:b2b86eea9f1808e65ee3bfb0daad68e470bbe9d2525adcaff08d4fde8e52b4f0?arch=s390x\u0026repository_url=registry.redhat.io/odf4/mcg-operator-bundle\u0026tag=v4.16.9-5"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-rhel9-operator@sha256:0b7a3d603a5275d83492747cfa071cb626001938b174847619cf343b1fcd81b3_s390x",
"product": {
"name": "odf4/mcg-rhel9-operator@sha256:0b7a3d603a5275d83492747cfa071cb626001938b174847619cf343b1fcd81b3_s390x",
"product_id": "odf4/mcg-rhel9-operator@sha256:0b7a3d603a5275d83492747cfa071cb626001938b174847619cf343b1fcd81b3_s390x",
"product_identification_helper": {
"purl": "pkg:oci/mcg-rhel9-operator@sha256:0b7a3d603a5275d83492747cfa071cb626001938b174847619cf343b1fcd81b3?arch=s390x\u0026repository_url=registry.redhat.io/odf4/mcg-rhel9-operator\u0026tag=v4.16.9-3"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-console-rhel9@sha256:52c70b591ad9bcaca488d0338b82c11fbccd63762f5fad40119d4e8419ded145_s390x",
"product": {
"name": "odf4/ocs-client-console-rhel9@sha256:52c70b591ad9bcaca488d0338b82c11fbccd63762f5fad40119d4e8419ded145_s390x",
"product_id": "odf4/ocs-client-console-rhel9@sha256:52c70b591ad9bcaca488d0338b82c11fbccd63762f5fad40119d4e8419ded145_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-console-rhel9@sha256:52c70b591ad9bcaca488d0338b82c11fbccd63762f5fad40119d4e8419ded145?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-client-console-rhel9\u0026tag=v4.16.9-3"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-operator-bundle@sha256:3a07afbc05696f593190e75aabe6f32416d03574df873367458a62676409caf8_s390x",
"product": {
"name": "odf4/ocs-client-operator-bundle@sha256:3a07afbc05696f593190e75aabe6f32416d03574df873367458a62676409caf8_s390x",
"product_id": "odf4/ocs-client-operator-bundle@sha256:3a07afbc05696f593190e75aabe6f32416d03574df873367458a62676409caf8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-operator-bundle@sha256:3a07afbc05696f593190e75aabe6f32416d03574df873367458a62676409caf8?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-client-operator-bundle\u0026tag=v4.16.9-5"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-rhel9-operator@sha256:6d1dc63e8040cbd6e82514ded593540a16f4dde956b04d88649551a4333e7616_s390x",
"product": {
"name": "odf4/ocs-client-rhel9-operator@sha256:6d1dc63e8040cbd6e82514ded593540a16f4dde956b04d88649551a4333e7616_s390x",
"product_id": "odf4/ocs-client-rhel9-operator@sha256:6d1dc63e8040cbd6e82514ded593540a16f4dde956b04d88649551a4333e7616_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-rhel9-operator@sha256:6d1dc63e8040cbd6e82514ded593540a16f4dde956b04d88649551a4333e7616?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-client-rhel9-operator\u0026tag=v4.16.9-3"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:a0f521d4f1ac22e066a109ae38ae11e248195f9520c3730e5053b27da5e7eafd_s390x",
"product": {
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:a0f521d4f1ac22e066a109ae38ae11e248195f9520c3730e5053b27da5e7eafd_s390x",
"product_id": "odf4/ocs-metrics-exporter-rhel9@sha256:a0f521d4f1ac22e066a109ae38ae11e248195f9520c3730e5053b27da5e7eafd_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ocs-metrics-exporter-rhel9@sha256:a0f521d4f1ac22e066a109ae38ae11e248195f9520c3730e5053b27da5e7eafd?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-metrics-exporter-rhel9\u0026tag=v4.16.9-3"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-operator-bundle@sha256:fcc77519a4cc442b1bd61e5606efb35a4afc4fe6dc93e8093c2f306b3b5faacd_s390x",
"product": {
"name": "odf4/ocs-operator-bundle@sha256:fcc77519a4cc442b1bd61e5606efb35a4afc4fe6dc93e8093c2f306b3b5faacd_s390x",
"product_id": "odf4/ocs-operator-bundle@sha256:fcc77519a4cc442b1bd61e5606efb35a4afc4fe6dc93e8093c2f306b3b5faacd_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ocs-operator-bundle@sha256:fcc77519a4cc442b1bd61e5606efb35a4afc4fe6dc93e8093c2f306b3b5faacd?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-operator-bundle\u0026tag=v4.16.9-5"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-rhel9-operator@sha256:9df0962604f30ad2dd9861675ed4018ec4e1847d645a5f395a9755bfc3dcf74c_s390x",
"product": {
"name": "odf4/ocs-rhel9-operator@sha256:9df0962604f30ad2dd9861675ed4018ec4e1847d645a5f395a9755bfc3dcf74c_s390x",
"product_id": "odf4/ocs-rhel9-operator@sha256:9df0962604f30ad2dd9861675ed4018ec4e1847d645a5f395a9755bfc3dcf74c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ocs-rhel9-operator@sha256:9df0962604f30ad2dd9861675ed4018ec4e1847d645a5f395a9755bfc3dcf74c?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-rhel9-operator\u0026tag=v4.16.9-3"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-cli-rhel9@sha256:10aa2a02209ef8f37238f873edde98369e15e738b2a7b80099be4b2b8647edbc_s390x",
"product": {
"name": "odf4/odf-cli-rhel9@sha256:10aa2a02209ef8f37238f873edde98369e15e738b2a7b80099be4b2b8647edbc_s390x",
"product_id": "odf4/odf-cli-rhel9@sha256:10aa2a02209ef8f37238f873edde98369e15e738b2a7b80099be4b2b8647edbc_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-cli-rhel9@sha256:10aa2a02209ef8f37238f873edde98369e15e738b2a7b80099be4b2b8647edbc?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-cli-rhel9\u0026tag=v4.16.9-3"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-console-rhel9@sha256:74b5fae3ab9b1cb951f533e9717e8dddf74cc20dbdbffa7753498fd851429392_s390x",
"product": {
"name": "odf4/odf-console-rhel9@sha256:74b5fae3ab9b1cb951f533e9717e8dddf74cc20dbdbffa7753498fd851429392_s390x",
"product_id": "odf4/odf-console-rhel9@sha256:74b5fae3ab9b1cb951f533e9717e8dddf74cc20dbdbffa7753498fd851429392_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-console-rhel9@sha256:74b5fae3ab9b1cb951f533e9717e8dddf74cc20dbdbffa7753498fd851429392?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-console-rhel9\u0026tag=v4.16.9-3"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-cosi-sidecar-rhel9@sha256:0f13b14109bbebcb40bdcd8f0fdfd7f61a25ea7f39af746644b0861c7ff49626_s390x",
"product": {
"name": "odf4/odf-cosi-sidecar-rhel9@sha256:0f13b14109bbebcb40bdcd8f0fdfd7f61a25ea7f39af746644b0861c7ff49626_s390x",
"product_id": "odf4/odf-cosi-sidecar-rhel9@sha256:0f13b14109bbebcb40bdcd8f0fdfd7f61a25ea7f39af746644b0861c7ff49626_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-cosi-sidecar-rhel9@sha256:0f13b14109bbebcb40bdcd8f0fdfd7f61a25ea7f39af746644b0861c7ff49626?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-cosi-sidecar-rhel9\u0026tag=v4.16.9-3"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-operator-bundle@sha256:d2bff2e8f293034a8a7d80a063d35d5ba3fdc279b0d03440c1d2a47ff2606adf_s390x",
"product": {
"name": "odf4/odf-csi-addons-operator-bundle@sha256:d2bff2e8f293034a8a7d80a063d35d5ba3fdc279b0d03440c1d2a47ff2606adf_s390x",
"product_id": "odf4/odf-csi-addons-operator-bundle@sha256:d2bff2e8f293034a8a7d80a063d35d5ba3fdc279b0d03440c1d2a47ff2606adf_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-operator-bundle@sha256:d2bff2e8f293034a8a7d80a063d35d5ba3fdc279b0d03440c1d2a47ff2606adf?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-operator-bundle\u0026tag=v4.16.9-5"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:d2ae76ccd354cc34c46be21f3ba074fcfa1ebbdf7b32f4c61c4f45e55c23f270_s390x",
"product": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:d2ae76ccd354cc34c46be21f3ba074fcfa1ebbdf7b32f4c61c4f45e55c23f270_s390x",
"product_id": "odf4/odf-csi-addons-rhel9-operator@sha256:d2ae76ccd354cc34c46be21f3ba074fcfa1ebbdf7b32f4c61c4f45e55c23f270_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-rhel9-operator@sha256:d2ae76ccd354cc34c46be21f3ba074fcfa1ebbdf7b32f4c61c4f45e55c23f270?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel9-operator\u0026tag=v4.16.9-3"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:fb501c55629dc8f44267c6813a84d111cb3c98bf5185a04fddd41c4f47f05621_s390x",
"product": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:fb501c55629dc8f44267c6813a84d111cb3c98bf5185a04fddd41c4f47f05621_s390x",
"product_id": "odf4/odf-csi-addons-sidecar-rhel9@sha256:fb501c55629dc8f44267c6813a84d111cb3c98bf5185a04fddd41c4f47f05621_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-sidecar-rhel9@sha256:fb501c55629dc8f44267c6813a84d111cb3c98bf5185a04fddd41c4f47f05621?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9\u0026tag=v4.16.9-3"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-console-rhel9@sha256:f65ebe3bc2af885f04ac47d94d676a4bd95fb6534a24a9d436c215dbe40c41ad_s390x",
"product": {
"name": "odf4/odf-multicluster-console-rhel9@sha256:f65ebe3bc2af885f04ac47d94d676a4bd95fb6534a24a9d436c215dbe40c41ad_s390x",
"product_id": "odf4/odf-multicluster-console-rhel9@sha256:f65ebe3bc2af885f04ac47d94d676a4bd95fb6534a24a9d436c215dbe40c41ad_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-console-rhel9@sha256:f65ebe3bc2af885f04ac47d94d676a4bd95fb6534a24a9d436c215dbe40c41ad?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-console-rhel9\u0026tag=v4.16.9-3"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-operator-bundle@sha256:137909bdc89b6e2b6bc672333ab53ff56ebc0695311c5df09266f793bf4e81aa_s390x",
"product": {
"name": "odf4/odf-multicluster-operator-bundle@sha256:137909bdc89b6e2b6bc672333ab53ff56ebc0695311c5df09266f793bf4e81aa_s390x",
"product_id": "odf4/odf-multicluster-operator-bundle@sha256:137909bdc89b6e2b6bc672333ab53ff56ebc0695311c5df09266f793bf4e81aa_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-operator-bundle@sha256:137909bdc89b6e2b6bc672333ab53ff56ebc0695311c5df09266f793bf4e81aa?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-operator-bundle\u0026tag=v4.16.9-5"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-rhel9-operator@sha256:20322293ce1012ddae0f395d5604e38a815e5da109bd11ac11e635c1773b1522_s390x",
"product": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:20322293ce1012ddae0f395d5604e38a815e5da109bd11ac11e635c1773b1522_s390x",
"product_id": "odf4/odf-multicluster-rhel9-operator@sha256:20322293ce1012ddae0f395d5604e38a815e5da109bd11ac11e635c1773b1522_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-rhel9-operator@sha256:20322293ce1012ddae0f395d5604e38a815e5da109bd11ac11e635c1773b1522?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-rhel9-operator\u0026tag=v4.16.9-3"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-must-gather-rhel9@sha256:53913fa206b297eb4e93d54efd6e0c3935a6b700f6c34cd9995d5483a855c854_s390x",
"product": {
"name": "odf4/odf-must-gather-rhel9@sha256:53913fa206b297eb4e93d54efd6e0c3935a6b700f6c34cd9995d5483a855c854_s390x",
"product_id": "odf4/odf-must-gather-rhel9@sha256:53913fa206b297eb4e93d54efd6e0c3935a6b700f6c34cd9995d5483a855c854_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-must-gather-rhel9@sha256:53913fa206b297eb4e93d54efd6e0c3935a6b700f6c34cd9995d5483a855c854?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-must-gather-rhel9\u0026tag=v4.16.9-3"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-operator-bundle@sha256:d900dff1d730a61b9f1eb78f4902bd233113216973874cd0c77e2d27b249dadb_s390x",
"product": {
"name": "odf4/odf-operator-bundle@sha256:d900dff1d730a61b9f1eb78f4902bd233113216973874cd0c77e2d27b249dadb_s390x",
"product_id": "odf4/odf-operator-bundle@sha256:d900dff1d730a61b9f1eb78f4902bd233113216973874cd0c77e2d27b249dadb_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-operator-bundle@sha256:d900dff1d730a61b9f1eb78f4902bd233113216973874cd0c77e2d27b249dadb?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-operator-bundle\u0026tag=v4.16.9-5"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-rhel9-operator@sha256:6850637e14d8acc7f88cd2b2c936b52ca66af159d7f97d37608da66cbfdcc825_s390x",
"product": {
"name": "odf4/odf-rhel9-operator@sha256:6850637e14d8acc7f88cd2b2c936b52ca66af159d7f97d37608da66cbfdcc825_s390x",
"product_id": "odf4/odf-rhel9-operator@sha256:6850637e14d8acc7f88cd2b2c936b52ca66af159d7f97d37608da66cbfdcc825_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-rhel9-operator@sha256:6850637e14d8acc7f88cd2b2c936b52ca66af159d7f97d37608da66cbfdcc825?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-rhel9-operator\u0026tag=v4.16.9-3"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-prometheus-operator-bundle@sha256:c8c04af9ba9c10d8c32ac3c7004ba0c4ccf0c14ac683a1a685e97669ee387cca_s390x",
"product": {
"name": "odf4/odf-prometheus-operator-bundle@sha256:c8c04af9ba9c10d8c32ac3c7004ba0c4ccf0c14ac683a1a685e97669ee387cca_s390x",
"product_id": "odf4/odf-prometheus-operator-bundle@sha256:c8c04af9ba9c10d8c32ac3c7004ba0c4ccf0c14ac683a1a685e97669ee387cca_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-prometheus-operator-bundle@sha256:c8c04af9ba9c10d8c32ac3c7004ba0c4ccf0c14ac683a1a685e97669ee387cca?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-prometheus-operator-bundle\u0026tag=v4.16.9-5"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-cluster-operator-bundle@sha256:c34e9f57958dc3bec472ee9b91ea31503fd939b07faae596677a36d7d73d3b59_s390x",
"product": {
"name": "odf4/odr-cluster-operator-bundle@sha256:c34e9f57958dc3bec472ee9b91ea31503fd939b07faae596677a36d7d73d3b59_s390x",
"product_id": "odf4/odr-cluster-operator-bundle@sha256:c34e9f57958dc3bec472ee9b91ea31503fd939b07faae596677a36d7d73d3b59_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odr-cluster-operator-bundle@sha256:c34e9f57958dc3bec472ee9b91ea31503fd939b07faae596677a36d7d73d3b59?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odr-cluster-operator-bundle\u0026tag=v4.16.9-5"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-hub-operator-bundle@sha256:4d22347dbd2f7c1e243b440304e05f2749d88888924e913b661ce8fe4e219496_s390x",
"product": {
"name": "odf4/odr-hub-operator-bundle@sha256:4d22347dbd2f7c1e243b440304e05f2749d88888924e913b661ce8fe4e219496_s390x",
"product_id": "odf4/odr-hub-operator-bundle@sha256:4d22347dbd2f7c1e243b440304e05f2749d88888924e913b661ce8fe4e219496_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odr-hub-operator-bundle@sha256:4d22347dbd2f7c1e243b440304e05f2749d88888924e913b661ce8fe4e219496?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odr-hub-operator-bundle\u0026tag=v4.16.9-5"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-rhel9-operator@sha256:6ea22220e927607742e39622db5fcaf52bd03bd363db7c41d9e6b869c305859b_s390x",
"product": {
"name": "odf4/odr-rhel9-operator@sha256:6ea22220e927607742e39622db5fcaf52bd03bd363db7c41d9e6b869c305859b_s390x",
"product_id": "odf4/odr-rhel9-operator@sha256:6ea22220e927607742e39622db5fcaf52bd03bd363db7c41d9e6b869c305859b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odr-rhel9-operator@sha256:6ea22220e927607742e39622db5fcaf52bd03bd363db7c41d9e6b869c305859b?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odr-rhel9-operator\u0026tag=v4.16.9-3"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-recipe-operator-bundle@sha256:5045c0a773df2d4bff134934a4b61b3ed3653bce4bf1224495f71c14d0e34c7d_s390x",
"product": {
"name": "odf4/odr-recipe-operator-bundle@sha256:5045c0a773df2d4bff134934a4b61b3ed3653bce4bf1224495f71c14d0e34c7d_s390x",
"product_id": "odf4/odr-recipe-operator-bundle@sha256:5045c0a773df2d4bff134934a4b61b3ed3653bce4bf1224495f71c14d0e34c7d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odr-recipe-operator-bundle@sha256:5045c0a773df2d4bff134934a4b61b3ed3653bce4bf1224495f71c14d0e34c7d?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odr-recipe-operator-bundle\u0026tag=v4.16.9-5"
}
}
},
{
"category": "product_version",
"name": "odf4/rook-ceph-operator-bundle@sha256:a115350e444d74bd30b86b6f8d9a2c15f28ab5418cbf1fe599c2251b043708b8_s390x",
"product": {
"name": "odf4/rook-ceph-operator-bundle@sha256:a115350e444d74bd30b86b6f8d9a2c15f28ab5418cbf1fe599c2251b043708b8_s390x",
"product_id": "odf4/rook-ceph-operator-bundle@sha256:a115350e444d74bd30b86b6f8d9a2c15f28ab5418cbf1fe599c2251b043708b8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rook-ceph-operator-bundle@sha256:a115350e444d74bd30b86b6f8d9a2c15f28ab5418cbf1fe599c2251b043708b8?arch=s390x\u0026repository_url=registry.redhat.io/odf4/rook-ceph-operator-bundle\u0026tag=v4.16.9-5"
}
}
},
{
"category": "product_version",
"name": "odf4/rook-ceph-rhel9-operator@sha256:e388f3c0faa2505b6960c815043477034012d79660c3e5fdcc24b2272b93f218_s390x",
"product": {
"name": "odf4/rook-ceph-rhel9-operator@sha256:e388f3c0faa2505b6960c815043477034012d79660c3e5fdcc24b2272b93f218_s390x",
"product_id": "odf4/rook-ceph-rhel9-operator@sha256:e388f3c0faa2505b6960c815043477034012d79660c3e5fdcc24b2272b93f218_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rook-ceph-rhel9-operator@sha256:e388f3c0faa2505b6960c815043477034012d79660c3e5fdcc24b2272b93f218?arch=s390x\u0026repository_url=registry.redhat.io/odf4/rook-ceph-rhel9-operator\u0026tag=v4.16.9-3"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "odf4/mcg-core-rhel9@sha256:068a72256237bdd0a579b3aa76fc4bf37930b1f048ae6c3eb72f44c2f4599ee4_arm64",
"product": {
"name": "odf4/mcg-core-rhel9@sha256:068a72256237bdd0a579b3aa76fc4bf37930b1f048ae6c3eb72f44c2f4599ee4_arm64",
"product_id": "odf4/mcg-core-rhel9@sha256:068a72256237bdd0a579b3aa76fc4bf37930b1f048ae6c3eb72f44c2f4599ee4_arm64",
"product_identification_helper": {
"purl": "pkg:oci/mcg-core-rhel9@sha256:068a72256237bdd0a579b3aa76fc4bf37930b1f048ae6c3eb72f44c2f4599ee4?arch=arm64\u0026repository_url=registry.redhat.io/odf4/mcg-core-rhel9\u0026tag=v4.16.9-4"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-rhel9-operator@sha256:2960acdb44de44e4bc26f222f16c9fef9dca561ab90b3c088da822dcfbda0a7c_arm64",
"product": {
"name": "odf4/mcg-rhel9-operator@sha256:2960acdb44de44e4bc26f222f16c9fef9dca561ab90b3c088da822dcfbda0a7c_arm64",
"product_id": "odf4/mcg-rhel9-operator@sha256:2960acdb44de44e4bc26f222f16c9fef9dca561ab90b3c088da822dcfbda0a7c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/mcg-rhel9-operator@sha256:2960acdb44de44e4bc26f222f16c9fef9dca561ab90b3c088da822dcfbda0a7c?arch=arm64\u0026repository_url=registry.redhat.io/odf4/mcg-rhel9-operator\u0026tag=v4.16.9-3"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-rhel9-operator@sha256:4f0fb6d02abae76a35f386dab1b2250bfe632a3c7a36a68688407d205b886ea2_arm64",
"product": {
"name": "odf4/ocs-client-rhel9-operator@sha256:4f0fb6d02abae76a35f386dab1b2250bfe632a3c7a36a68688407d205b886ea2_arm64",
"product_id": "odf4/ocs-client-rhel9-operator@sha256:4f0fb6d02abae76a35f386dab1b2250bfe632a3c7a36a68688407d205b886ea2_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-rhel9-operator@sha256:4f0fb6d02abae76a35f386dab1b2250bfe632a3c7a36a68688407d205b886ea2?arch=arm64\u0026repository_url=registry.redhat.io/odf4/ocs-client-rhel9-operator\u0026tag=v4.16.9-3"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-rhel9-operator@sha256:c09589e1e0deb7e952806d235c1037f5c6e90d5eb037c9b7585f2dfbe2d53968_arm64",
"product": {
"name": "odf4/ocs-rhel9-operator@sha256:c09589e1e0deb7e952806d235c1037f5c6e90d5eb037c9b7585f2dfbe2d53968_arm64",
"product_id": "odf4/ocs-rhel9-operator@sha256:c09589e1e0deb7e952806d235c1037f5c6e90d5eb037c9b7585f2dfbe2d53968_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-rhel9-operator@sha256:c09589e1e0deb7e952806d235c1037f5c6e90d5eb037c9b7585f2dfbe2d53968?arch=arm64\u0026repository_url=registry.redhat.io/odf4/ocs-rhel9-operator\u0026tag=v4.16.9-3"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-cli-rhel9@sha256:85ea82a8bcbbb0e39e5b8b5535f2468d3d61ab1507548acf9ba2a89777382483_arm64",
"product": {
"name": "odf4/odf-cli-rhel9@sha256:85ea82a8bcbbb0e39e5b8b5535f2468d3d61ab1507548acf9ba2a89777382483_arm64",
"product_id": "odf4/odf-cli-rhel9@sha256:85ea82a8bcbbb0e39e5b8b5535f2468d3d61ab1507548acf9ba2a89777382483_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odf-cli-rhel9@sha256:85ea82a8bcbbb0e39e5b8b5535f2468d3d61ab1507548acf9ba2a89777382483?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odf-cli-rhel9\u0026tag=v4.16.9-3"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:27c832da54d32ada85fff3fb7d04d733143a1df7cb2e419b355191c1d91d1540_arm64",
"product": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:27c832da54d32ada85fff3fb7d04d733143a1df7cb2e419b355191c1d91d1540_arm64",
"product_id": "odf4/odf-csi-addons-rhel9-operator@sha256:27c832da54d32ada85fff3fb7d04d733143a1df7cb2e419b355191c1d91d1540_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-rhel9-operator@sha256:27c832da54d32ada85fff3fb7d04d733143a1df7cb2e419b355191c1d91d1540?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel9-operator\u0026tag=v4.16.9-3"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:71a8e62888c5d7522d44045b373595ec4188c7946d60f1e2c8eb0f0e93954a03_arm64",
"product": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:71a8e62888c5d7522d44045b373595ec4188c7946d60f1e2c8eb0f0e93954a03_arm64",
"product_id": "odf4/odf-csi-addons-sidecar-rhel9@sha256:71a8e62888c5d7522d44045b373595ec4188c7946d60f1e2c8eb0f0e93954a03_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-sidecar-rhel9@sha256:71a8e62888c5d7522d44045b373595ec4188c7946d60f1e2c8eb0f0e93954a03?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9\u0026tag=v4.16.9-3"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-rhel9-operator@sha256:3527b74ae473b71b54fc4dcf53d247688ba11cc8656d7e96200b120bb2087f56_arm64",
"product": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:3527b74ae473b71b54fc4dcf53d247688ba11cc8656d7e96200b120bb2087f56_arm64",
"product_id": "odf4/odf-multicluster-rhel9-operator@sha256:3527b74ae473b71b54fc4dcf53d247688ba11cc8656d7e96200b120bb2087f56_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-rhel9-operator@sha256:3527b74ae473b71b54fc4dcf53d247688ba11cc8656d7e96200b120bb2087f56?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-rhel9-operator\u0026tag=v4.16.9-3"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-must-gather-rhel9@sha256:c2b68542390a7e4336da0147eb19dfc1b5104a4be9fdfbce0f383d2e3c6012ab_arm64",
"product": {
"name": "odf4/odf-must-gather-rhel9@sha256:c2b68542390a7e4336da0147eb19dfc1b5104a4be9fdfbce0f383d2e3c6012ab_arm64",
"product_id": "odf4/odf-must-gather-rhel9@sha256:c2b68542390a7e4336da0147eb19dfc1b5104a4be9fdfbce0f383d2e3c6012ab_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odf-must-gather-rhel9@sha256:c2b68542390a7e4336da0147eb19dfc1b5104a4be9fdfbce0f383d2e3c6012ab?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odf-must-gather-rhel9\u0026tag=v4.16.9-3"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-rhel9-operator@sha256:1973a2cc13ee9a32f8fa426511c69804821cd92a3f778ede9dc1dad3070132db_arm64",
"product": {
"name": "odf4/odf-rhel9-operator@sha256:1973a2cc13ee9a32f8fa426511c69804821cd92a3f778ede9dc1dad3070132db_arm64",
"product_id": "odf4/odf-rhel9-operator@sha256:1973a2cc13ee9a32f8fa426511c69804821cd92a3f778ede9dc1dad3070132db_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odf-rhel9-operator@sha256:1973a2cc13ee9a32f8fa426511c69804821cd92a3f778ede9dc1dad3070132db?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odf-rhel9-operator\u0026tag=v4.16.9-3"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-rhel9-operator@sha256:f9dea8ea9ecae53cce167218abbe0b354279d8bb73115312ef413653d91d21f3_arm64",
"product": {
"name": "odf4/odr-rhel9-operator@sha256:f9dea8ea9ecae53cce167218abbe0b354279d8bb73115312ef413653d91d21f3_arm64",
"product_id": "odf4/odr-rhel9-operator@sha256:f9dea8ea9ecae53cce167218abbe0b354279d8bb73115312ef413653d91d21f3_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odr-rhel9-operator@sha256:f9dea8ea9ecae53cce167218abbe0b354279d8bb73115312ef413653d91d21f3?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odr-rhel9-operator\u0026tag=v4.16.9-3"
}
}
}
],
"category": "architecture",
"name": "arm64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/cephcsi-rhel9@sha256:1cf35f815de351a2c37340f850101d5b108fea0c4e5619a98080840ef3552e0e_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:1cf35f815de351a2c37340f850101d5b108fea0c4e5619a98080840ef3552e0e_amd64"
},
"product_reference": "odf4/cephcsi-rhel9@sha256:1cf35f815de351a2c37340f850101d5b108fea0c4e5619a98080840ef3552e0e_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/cephcsi-rhel9@sha256:4a1de6a1af1b47680caa36a69c6a8b438d01a0810f4df1d9dbb8fc82f8e06284_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:4a1de6a1af1b47680caa36a69c6a8b438d01a0810f4df1d9dbb8fc82f8e06284_s390x"
},
"product_reference": "odf4/cephcsi-rhel9@sha256:4a1de6a1af1b47680caa36a69c6a8b438d01a0810f4df1d9dbb8fc82f8e06284_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/cephcsi-rhel9@sha256:f9a4390a3de6eb274c185a1cc3382b6c10a29b16d39de6f59df316b2d7a85ad4_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:f9a4390a3de6eb274c185a1cc3382b6c10a29b16d39de6f59df316b2d7a85ad4_ppc64le"
},
"product_reference": "odf4/cephcsi-rhel9@sha256:f9a4390a3de6eb274c185a1cc3382b6c10a29b16d39de6f59df316b2d7a85ad4_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-core-rhel9@sha256:068a72256237bdd0a579b3aa76fc4bf37930b1f048ae6c3eb72f44c2f4599ee4_arm64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:068a72256237bdd0a579b3aa76fc4bf37930b1f048ae6c3eb72f44c2f4599ee4_arm64"
},
"product_reference": "odf4/mcg-core-rhel9@sha256:068a72256237bdd0a579b3aa76fc4bf37930b1f048ae6c3eb72f44c2f4599ee4_arm64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-core-rhel9@sha256:10fedd0456d7f81015f93e597932cb19b3576a5bffd95de325f160c44f78cfca_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:10fedd0456d7f81015f93e597932cb19b3576a5bffd95de325f160c44f78cfca_s390x"
},
"product_reference": "odf4/mcg-core-rhel9@sha256:10fedd0456d7f81015f93e597932cb19b3576a5bffd95de325f160c44f78cfca_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-core-rhel9@sha256:698896a47d4fd9f1bddf8fb1fb22b99f6eaec3c9591815e25e120e7df1844ae6_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:698896a47d4fd9f1bddf8fb1fb22b99f6eaec3c9591815e25e120e7df1844ae6_ppc64le"
},
"product_reference": "odf4/mcg-core-rhel9@sha256:698896a47d4fd9f1bddf8fb1fb22b99f6eaec3c9591815e25e120e7df1844ae6_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-core-rhel9@sha256:b0f34ed1b4c0f9a4176fd959d929c3755508ce881e431c2c2069428847ed76e7_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b0f34ed1b4c0f9a4176fd959d929c3755508ce881e431c2c2069428847ed76e7_amd64"
},
"product_reference": "odf4/mcg-core-rhel9@sha256:b0f34ed1b4c0f9a4176fd959d929c3755508ce881e431c2c2069428847ed76e7_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-operator-bundle@sha256:a8c32134d2cb1a5db655586f65bd1fac568b010bc1f7697069b83e7c245f29af_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:a8c32134d2cb1a5db655586f65bd1fac568b010bc1f7697069b83e7c245f29af_ppc64le"
},
"product_reference": "odf4/mcg-operator-bundle@sha256:a8c32134d2cb1a5db655586f65bd1fac568b010bc1f7697069b83e7c245f29af_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-operator-bundle@sha256:b2b86eea9f1808e65ee3bfb0daad68e470bbe9d2525adcaff08d4fde8e52b4f0_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:b2b86eea9f1808e65ee3bfb0daad68e470bbe9d2525adcaff08d4fde8e52b4f0_s390x"
},
"product_reference": "odf4/mcg-operator-bundle@sha256:b2b86eea9f1808e65ee3bfb0daad68e470bbe9d2525adcaff08d4fde8e52b4f0_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-operator-bundle@sha256:d7f607b353806840c3a2fb9fb02e5a96cd83e6747f67deb73ed0875df76828e0_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:d7f607b353806840c3a2fb9fb02e5a96cd83e6747f67deb73ed0875df76828e0_amd64"
},
"product_reference": "odf4/mcg-operator-bundle@sha256:d7f607b353806840c3a2fb9fb02e5a96cd83e6747f67deb73ed0875df76828e0_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-rhel9-operator@sha256:0b7a3d603a5275d83492747cfa071cb626001938b174847619cf343b1fcd81b3_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0b7a3d603a5275d83492747cfa071cb626001938b174847619cf343b1fcd81b3_s390x"
},
"product_reference": "odf4/mcg-rhel9-operator@sha256:0b7a3d603a5275d83492747cfa071cb626001938b174847619cf343b1fcd81b3_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-rhel9-operator@sha256:2960acdb44de44e4bc26f222f16c9fef9dca561ab90b3c088da822dcfbda0a7c_arm64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:2960acdb44de44e4bc26f222f16c9fef9dca561ab90b3c088da822dcfbda0a7c_arm64"
},
"product_reference": "odf4/mcg-rhel9-operator@sha256:2960acdb44de44e4bc26f222f16c9fef9dca561ab90b3c088da822dcfbda0a7c_arm64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-rhel9-operator@sha256:a815540a133b0864ba427bf5f5a8153dd3e316bb39bbbbf464511fc0732782fd_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:a815540a133b0864ba427bf5f5a8153dd3e316bb39bbbbf464511fc0732782fd_amd64"
},
"product_reference": "odf4/mcg-rhel9-operator@sha256:a815540a133b0864ba427bf5f5a8153dd3e316bb39bbbbf464511fc0732782fd_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-rhel9-operator@sha256:f7c64b8539be7e027bac1547ece04653976d5bea6ead519b2ed6499de7180dbe_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:f7c64b8539be7e027bac1547ece04653976d5bea6ead519b2ed6499de7180dbe_ppc64le"
},
"product_reference": "odf4/mcg-rhel9-operator@sha256:f7c64b8539be7e027bac1547ece04653976d5bea6ead519b2ed6499de7180dbe_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-console-rhel9@sha256:409becedde385970154269f5dc84ac7961e219a1956930a14aa68183fb80fb49_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:409becedde385970154269f5dc84ac7961e219a1956930a14aa68183fb80fb49_ppc64le"
},
"product_reference": "odf4/ocs-client-console-rhel9@sha256:409becedde385970154269f5dc84ac7961e219a1956930a14aa68183fb80fb49_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-console-rhel9@sha256:52c70b591ad9bcaca488d0338b82c11fbccd63762f5fad40119d4e8419ded145_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:52c70b591ad9bcaca488d0338b82c11fbccd63762f5fad40119d4e8419ded145_s390x"
},
"product_reference": "odf4/ocs-client-console-rhel9@sha256:52c70b591ad9bcaca488d0338b82c11fbccd63762f5fad40119d4e8419ded145_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-console-rhel9@sha256:a06f898fe1be5935accc20fd1ee6a1e29f2350297e36ef7392392a359d4f7c47_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:a06f898fe1be5935accc20fd1ee6a1e29f2350297e36ef7392392a359d4f7c47_amd64"
},
"product_reference": "odf4/ocs-client-console-rhel9@sha256:a06f898fe1be5935accc20fd1ee6a1e29f2350297e36ef7392392a359d4f7c47_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-operator-bundle@sha256:3a07afbc05696f593190e75aabe6f32416d03574df873367458a62676409caf8_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:3a07afbc05696f593190e75aabe6f32416d03574df873367458a62676409caf8_s390x"
},
"product_reference": "odf4/ocs-client-operator-bundle@sha256:3a07afbc05696f593190e75aabe6f32416d03574df873367458a62676409caf8_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-operator-bundle@sha256:7b86fe3d3ac9ef7df8a851c7c1f24eb8212f4c8640bfbe1dbf25ca13e8754cb3_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:7b86fe3d3ac9ef7df8a851c7c1f24eb8212f4c8640bfbe1dbf25ca13e8754cb3_amd64"
},
"product_reference": "odf4/ocs-client-operator-bundle@sha256:7b86fe3d3ac9ef7df8a851c7c1f24eb8212f4c8640bfbe1dbf25ca13e8754cb3_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-operator-bundle@sha256:e677334c3782188f6aafb252308c9a1c8db6101b0bba4b79f3662b9c3804350a_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:e677334c3782188f6aafb252308c9a1c8db6101b0bba4b79f3662b9c3804350a_ppc64le"
},
"product_reference": "odf4/ocs-client-operator-bundle@sha256:e677334c3782188f6aafb252308c9a1c8db6101b0bba4b79f3662b9c3804350a_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-rhel9-operator@sha256:4f0fb6d02abae76a35f386dab1b2250bfe632a3c7a36a68688407d205b886ea2_arm64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:4f0fb6d02abae76a35f386dab1b2250bfe632a3c7a36a68688407d205b886ea2_arm64"
},
"product_reference": "odf4/ocs-client-rhel9-operator@sha256:4f0fb6d02abae76a35f386dab1b2250bfe632a3c7a36a68688407d205b886ea2_arm64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-rhel9-operator@sha256:6d1dc63e8040cbd6e82514ded593540a16f4dde956b04d88649551a4333e7616_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:6d1dc63e8040cbd6e82514ded593540a16f4dde956b04d88649551a4333e7616_s390x"
},
"product_reference": "odf4/ocs-client-rhel9-operator@sha256:6d1dc63e8040cbd6e82514ded593540a16f4dde956b04d88649551a4333e7616_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-rhel9-operator@sha256:ac83a0734f93025f3ab42ee520e0445240d043a4775664c6d44a87c7fac71d68_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:ac83a0734f93025f3ab42ee520e0445240d043a4775664c6d44a87c7fac71d68_ppc64le"
},
"product_reference": "odf4/ocs-client-rhel9-operator@sha256:ac83a0734f93025f3ab42ee520e0445240d043a4775664c6d44a87c7fac71d68_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-rhel9-operator@sha256:cea3919db348953e14f270af58a711c7073ad65ad4fbc375d80117fbabf936da_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:cea3919db348953e14f270af58a711c7073ad65ad4fbc375d80117fbabf936da_amd64"
},
"product_reference": "odf4/ocs-client-rhel9-operator@sha256:cea3919db348953e14f270af58a711c7073ad65ad4fbc375d80117fbabf936da_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:1b602bb5459440906a466e9687301dc3c1233264de86498c94f26581060f9033_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:1b602bb5459440906a466e9687301dc3c1233264de86498c94f26581060f9033_amd64"
},
"product_reference": "odf4/ocs-metrics-exporter-rhel9@sha256:1b602bb5459440906a466e9687301dc3c1233264de86498c94f26581060f9033_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:a0f521d4f1ac22e066a109ae38ae11e248195f9520c3730e5053b27da5e7eafd_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:a0f521d4f1ac22e066a109ae38ae11e248195f9520c3730e5053b27da5e7eafd_s390x"
},
"product_reference": "odf4/ocs-metrics-exporter-rhel9@sha256:a0f521d4f1ac22e066a109ae38ae11e248195f9520c3730e5053b27da5e7eafd_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:bb2f890d57d4341eff0476325eadce481f38dd0bccb8f5f9974f61220bbce44f_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:bb2f890d57d4341eff0476325eadce481f38dd0bccb8f5f9974f61220bbce44f_ppc64le"
},
"product_reference": "odf4/ocs-metrics-exporter-rhel9@sha256:bb2f890d57d4341eff0476325eadce481f38dd0bccb8f5f9974f61220bbce44f_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-operator-bundle@sha256:8682c22f78b4e5b7d7a9ece542f02ec7d6172ccfcd85e82dfcbeb9c81fe7a6dd_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8682c22f78b4e5b7d7a9ece542f02ec7d6172ccfcd85e82dfcbeb9c81fe7a6dd_amd64"
},
"product_reference": "odf4/ocs-operator-bundle@sha256:8682c22f78b4e5b7d7a9ece542f02ec7d6172ccfcd85e82dfcbeb9c81fe7a6dd_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-operator-bundle@sha256:d648a6305dab917bc9094481a84bd0521bd48cac367670b6a723c6d59e9ec4d8_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:d648a6305dab917bc9094481a84bd0521bd48cac367670b6a723c6d59e9ec4d8_ppc64le"
},
"product_reference": "odf4/ocs-operator-bundle@sha256:d648a6305dab917bc9094481a84bd0521bd48cac367670b6a723c6d59e9ec4d8_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-operator-bundle@sha256:fcc77519a4cc442b1bd61e5606efb35a4afc4fe6dc93e8093c2f306b3b5faacd_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:fcc77519a4cc442b1bd61e5606efb35a4afc4fe6dc93e8093c2f306b3b5faacd_s390x"
},
"product_reference": "odf4/ocs-operator-bundle@sha256:fcc77519a4cc442b1bd61e5606efb35a4afc4fe6dc93e8093c2f306b3b5faacd_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-rhel9-operator@sha256:087bffeeca3ed6f80ae7674c5a147b27a2f1feba965acbb27379c438c9686f91_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:087bffeeca3ed6f80ae7674c5a147b27a2f1feba965acbb27379c438c9686f91_amd64"
},
"product_reference": "odf4/ocs-rhel9-operator@sha256:087bffeeca3ed6f80ae7674c5a147b27a2f1feba965acbb27379c438c9686f91_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-rhel9-operator@sha256:18ede0783538a2037a6b090c3e9c7ebeed3361f6594f865303e51677cf228e90_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:18ede0783538a2037a6b090c3e9c7ebeed3361f6594f865303e51677cf228e90_ppc64le"
},
"product_reference": "odf4/ocs-rhel9-operator@sha256:18ede0783538a2037a6b090c3e9c7ebeed3361f6594f865303e51677cf228e90_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-rhel9-operator@sha256:9df0962604f30ad2dd9861675ed4018ec4e1847d645a5f395a9755bfc3dcf74c_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:9df0962604f30ad2dd9861675ed4018ec4e1847d645a5f395a9755bfc3dcf74c_s390x"
},
"product_reference": "odf4/ocs-rhel9-operator@sha256:9df0962604f30ad2dd9861675ed4018ec4e1847d645a5f395a9755bfc3dcf74c_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-rhel9-operator@sha256:c09589e1e0deb7e952806d235c1037f5c6e90d5eb037c9b7585f2dfbe2d53968_arm64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:c09589e1e0deb7e952806d235c1037f5c6e90d5eb037c9b7585f2dfbe2d53968_arm64"
},
"product_reference": "odf4/ocs-rhel9-operator@sha256:c09589e1e0deb7e952806d235c1037f5c6e90d5eb037c9b7585f2dfbe2d53968_arm64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-cli-rhel9@sha256:10aa2a02209ef8f37238f873edde98369e15e738b2a7b80099be4b2b8647edbc_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:10aa2a02209ef8f37238f873edde98369e15e738b2a7b80099be4b2b8647edbc_s390x"
},
"product_reference": "odf4/odf-cli-rhel9@sha256:10aa2a02209ef8f37238f873edde98369e15e738b2a7b80099be4b2b8647edbc_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-cli-rhel9@sha256:78f071161808fcf3a228a8fe8bd2c8de1beb49a3963ef5efc589e45cff1a02a6_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:78f071161808fcf3a228a8fe8bd2c8de1beb49a3963ef5efc589e45cff1a02a6_ppc64le"
},
"product_reference": "odf4/odf-cli-rhel9@sha256:78f071161808fcf3a228a8fe8bd2c8de1beb49a3963ef5efc589e45cff1a02a6_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-cli-rhel9@sha256:85ea82a8bcbbb0e39e5b8b5535f2468d3d61ab1507548acf9ba2a89777382483_arm64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:85ea82a8bcbbb0e39e5b8b5535f2468d3d61ab1507548acf9ba2a89777382483_arm64"
},
"product_reference": "odf4/odf-cli-rhel9@sha256:85ea82a8bcbbb0e39e5b8b5535f2468d3d61ab1507548acf9ba2a89777382483_arm64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-cli-rhel9@sha256:bb1aec4a92322116499401febc6982178deee5e989fd68a9635d9b31f7dd8db2_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:bb1aec4a92322116499401febc6982178deee5e989fd68a9635d9b31f7dd8db2_amd64"
},
"product_reference": "odf4/odf-cli-rhel9@sha256:bb1aec4a92322116499401febc6982178deee5e989fd68a9635d9b31f7dd8db2_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-console-rhel9@sha256:74b5fae3ab9b1cb951f533e9717e8dddf74cc20dbdbffa7753498fd851429392_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:74b5fae3ab9b1cb951f533e9717e8dddf74cc20dbdbffa7753498fd851429392_s390x"
},
"product_reference": "odf4/odf-console-rhel9@sha256:74b5fae3ab9b1cb951f533e9717e8dddf74cc20dbdbffa7753498fd851429392_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-console-rhel9@sha256:8eed4974c6b9dedd5cb4f7ff1027908ad4ab8274dafffa00f12eb9c63a15d288_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:8eed4974c6b9dedd5cb4f7ff1027908ad4ab8274dafffa00f12eb9c63a15d288_amd64"
},
"product_reference": "odf4/odf-console-rhel9@sha256:8eed4974c6b9dedd5cb4f7ff1027908ad4ab8274dafffa00f12eb9c63a15d288_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-console-rhel9@sha256:c766a6b85cd3bef81bc6f626589b569695d1742c1f961c4175a742de8dfc9712_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:c766a6b85cd3bef81bc6f626589b569695d1742c1f961c4175a742de8dfc9712_ppc64le"
},
"product_reference": "odf4/odf-console-rhel9@sha256:c766a6b85cd3bef81bc6f626589b569695d1742c1f961c4175a742de8dfc9712_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-cosi-sidecar-rhel9@sha256:0f13b14109bbebcb40bdcd8f0fdfd7f61a25ea7f39af746644b0861c7ff49626_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:0f13b14109bbebcb40bdcd8f0fdfd7f61a25ea7f39af746644b0861c7ff49626_s390x"
},
"product_reference": "odf4/odf-cosi-sidecar-rhel9@sha256:0f13b14109bbebcb40bdcd8f0fdfd7f61a25ea7f39af746644b0861c7ff49626_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-cosi-sidecar-rhel9@sha256:afe5fffaa37933af2ac55390ed46d37a277bdfafb63f504645b9d29bd23b6e30_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:afe5fffaa37933af2ac55390ed46d37a277bdfafb63f504645b9d29bd23b6e30_ppc64le"
},
"product_reference": "odf4/odf-cosi-sidecar-rhel9@sha256:afe5fffaa37933af2ac55390ed46d37a277bdfafb63f504645b9d29bd23b6e30_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-cosi-sidecar-rhel9@sha256:d5b01a44782ed114af0d96a357faa2ce00950194f8a6c63a37081bb3bfa8550e_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:d5b01a44782ed114af0d96a357faa2ce00950194f8a6c63a37081bb3bfa8550e_amd64"
},
"product_reference": "odf4/odf-cosi-sidecar-rhel9@sha256:d5b01a44782ed114af0d96a357faa2ce00950194f8a6c63a37081bb3bfa8550e_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-operator-bundle@sha256:d0a94174a1cdec08532959658b4dfe0e9adafb83314f69d4902c0b93e6ad4798_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:d0a94174a1cdec08532959658b4dfe0e9adafb83314f69d4902c0b93e6ad4798_ppc64le"
},
"product_reference": "odf4/odf-csi-addons-operator-bundle@sha256:d0a94174a1cdec08532959658b4dfe0e9adafb83314f69d4902c0b93e6ad4798_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-operator-bundle@sha256:d2bff2e8f293034a8a7d80a063d35d5ba3fdc279b0d03440c1d2a47ff2606adf_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:d2bff2e8f293034a8a7d80a063d35d5ba3fdc279b0d03440c1d2a47ff2606adf_s390x"
},
"product_reference": "odf4/odf-csi-addons-operator-bundle@sha256:d2bff2e8f293034a8a7d80a063d35d5ba3fdc279b0d03440c1d2a47ff2606adf_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-operator-bundle@sha256:fa43d6f2db3e6da5f5ae82a14b8631fdefee1ece7e8c714ca78d467b79f3b4a0_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:fa43d6f2db3e6da5f5ae82a14b8631fdefee1ece7e8c714ca78d467b79f3b4a0_amd64"
},
"product_reference": "odf4/odf-csi-addons-operator-bundle@sha256:fa43d6f2db3e6da5f5ae82a14b8631fdefee1ece7e8c714ca78d467b79f3b4a0_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:088c5f7549320be94fcfe1d759a6c0b12b82b0eb2c7ad7ea8a65533db3c701d2_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:088c5f7549320be94fcfe1d759a6c0b12b82b0eb2c7ad7ea8a65533db3c701d2_ppc64le"
},
"product_reference": "odf4/odf-csi-addons-rhel9-operator@sha256:088c5f7549320be94fcfe1d759a6c0b12b82b0eb2c7ad7ea8a65533db3c701d2_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:27c832da54d32ada85fff3fb7d04d733143a1df7cb2e419b355191c1d91d1540_arm64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:27c832da54d32ada85fff3fb7d04d733143a1df7cb2e419b355191c1d91d1540_arm64"
},
"product_reference": "odf4/odf-csi-addons-rhel9-operator@sha256:27c832da54d32ada85fff3fb7d04d733143a1df7cb2e419b355191c1d91d1540_arm64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:9a83557ae92af7bf8ca4c687aee1ba82311acf55c98b17fc44dff6e8206f4c7e_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:9a83557ae92af7bf8ca4c687aee1ba82311acf55c98b17fc44dff6e8206f4c7e_amd64"
},
"product_reference": "odf4/odf-csi-addons-rhel9-operator@sha256:9a83557ae92af7bf8ca4c687aee1ba82311acf55c98b17fc44dff6e8206f4c7e_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:d2ae76ccd354cc34c46be21f3ba074fcfa1ebbdf7b32f4c61c4f45e55c23f270_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:d2ae76ccd354cc34c46be21f3ba074fcfa1ebbdf7b32f4c61c4f45e55c23f270_s390x"
},
"product_reference": "odf4/odf-csi-addons-rhel9-operator@sha256:d2ae76ccd354cc34c46be21f3ba074fcfa1ebbdf7b32f4c61c4f45e55c23f270_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:13700b4ed1c50daa091652fd7b74779c06249ac21b9a741574bb5069b000f16b_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:13700b4ed1c50daa091652fd7b74779c06249ac21b9a741574bb5069b000f16b_ppc64le"
},
"product_reference": "odf4/odf-csi-addons-sidecar-rhel9@sha256:13700b4ed1c50daa091652fd7b74779c06249ac21b9a741574bb5069b000f16b_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:65d1d96f56293f276c8574363d872c8c89686e3a61ee577cb4393165e9bbac0f_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:65d1d96f56293f276c8574363d872c8c89686e3a61ee577cb4393165e9bbac0f_amd64"
},
"product_reference": "odf4/odf-csi-addons-sidecar-rhel9@sha256:65d1d96f56293f276c8574363d872c8c89686e3a61ee577cb4393165e9bbac0f_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:71a8e62888c5d7522d44045b373595ec4188c7946d60f1e2c8eb0f0e93954a03_arm64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:71a8e62888c5d7522d44045b373595ec4188c7946d60f1e2c8eb0f0e93954a03_arm64"
},
"product_reference": "odf4/odf-csi-addons-sidecar-rhel9@sha256:71a8e62888c5d7522d44045b373595ec4188c7946d60f1e2c8eb0f0e93954a03_arm64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:fb501c55629dc8f44267c6813a84d111cb3c98bf5185a04fddd41c4f47f05621_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:fb501c55629dc8f44267c6813a84d111cb3c98bf5185a04fddd41c4f47f05621_s390x"
},
"product_reference": "odf4/odf-csi-addons-sidecar-rhel9@sha256:fb501c55629dc8f44267c6813a84d111cb3c98bf5185a04fddd41c4f47f05621_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-console-rhel9@sha256:28075f58315b04c3aa4c9f4a23689c76f4645837ef6eae79cc3633f389610407_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:28075f58315b04c3aa4c9f4a23689c76f4645837ef6eae79cc3633f389610407_ppc64le"
},
"product_reference": "odf4/odf-multicluster-console-rhel9@sha256:28075f58315b04c3aa4c9f4a23689c76f4645837ef6eae79cc3633f389610407_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-console-rhel9@sha256:31dc2d31b429e63fe599141392370e529b597e41e3b6bd9da387eba8971cedeb_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:31dc2d31b429e63fe599141392370e529b597e41e3b6bd9da387eba8971cedeb_amd64"
},
"product_reference": "odf4/odf-multicluster-console-rhel9@sha256:31dc2d31b429e63fe599141392370e529b597e41e3b6bd9da387eba8971cedeb_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-console-rhel9@sha256:f65ebe3bc2af885f04ac47d94d676a4bd95fb6534a24a9d436c215dbe40c41ad_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:f65ebe3bc2af885f04ac47d94d676a4bd95fb6534a24a9d436c215dbe40c41ad_s390x"
},
"product_reference": "odf4/odf-multicluster-console-rhel9@sha256:f65ebe3bc2af885f04ac47d94d676a4bd95fb6534a24a9d436c215dbe40c41ad_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-operator-bundle@sha256:137909bdc89b6e2b6bc672333ab53ff56ebc0695311c5df09266f793bf4e81aa_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:137909bdc89b6e2b6bc672333ab53ff56ebc0695311c5df09266f793bf4e81aa_s390x"
},
"product_reference": "odf4/odf-multicluster-operator-bundle@sha256:137909bdc89b6e2b6bc672333ab53ff56ebc0695311c5df09266f793bf4e81aa_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-operator-bundle@sha256:42f94d2ec5d022c829bec6b88624b27ec21c444fe5c19396ce248dbb0582cd82_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:42f94d2ec5d022c829bec6b88624b27ec21c444fe5c19396ce248dbb0582cd82_ppc64le"
},
"product_reference": "odf4/odf-multicluster-operator-bundle@sha256:42f94d2ec5d022c829bec6b88624b27ec21c444fe5c19396ce248dbb0582cd82_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-operator-bundle@sha256:951633082e542b42ec641cd9866518da79cfddafa069ef189281e2d580728c5d_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:951633082e542b42ec641cd9866518da79cfddafa069ef189281e2d580728c5d_amd64"
},
"product_reference": "odf4/odf-multicluster-operator-bundle@sha256:951633082e542b42ec641cd9866518da79cfddafa069ef189281e2d580728c5d_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:20322293ce1012ddae0f395d5604e38a815e5da109bd11ac11e635c1773b1522_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:20322293ce1012ddae0f395d5604e38a815e5da109bd11ac11e635c1773b1522_s390x"
},
"product_reference": "odf4/odf-multicluster-rhel9-operator@sha256:20322293ce1012ddae0f395d5604e38a815e5da109bd11ac11e635c1773b1522_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:3527b74ae473b71b54fc4dcf53d247688ba11cc8656d7e96200b120bb2087f56_arm64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:3527b74ae473b71b54fc4dcf53d247688ba11cc8656d7e96200b120bb2087f56_arm64"
},
"product_reference": "odf4/odf-multicluster-rhel9-operator@sha256:3527b74ae473b71b54fc4dcf53d247688ba11cc8656d7e96200b120bb2087f56_arm64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:8ec79d06669ee36eae6d6c2ed3ef835934ca6b5d6d27fc1ba524e17c5a2df2e3_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:8ec79d06669ee36eae6d6c2ed3ef835934ca6b5d6d27fc1ba524e17c5a2df2e3_amd64"
},
"product_reference": "odf4/odf-multicluster-rhel9-operator@sha256:8ec79d06669ee36eae6d6c2ed3ef835934ca6b5d6d27fc1ba524e17c5a2df2e3_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:e83d5ec4974bedfb763845ea371c74f050cb38ba8bd8a9c7416dae502a7af87e_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:e83d5ec4974bedfb763845ea371c74f050cb38ba8bd8a9c7416dae502a7af87e_ppc64le"
},
"product_reference": "odf4/odf-multicluster-rhel9-operator@sha256:e83d5ec4974bedfb763845ea371c74f050cb38ba8bd8a9c7416dae502a7af87e_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-must-gather-rhel9@sha256:2d0383fe62f6636118612bcb987ce484a4131656b27a31bcc1ee6299ff51a813_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:2d0383fe62f6636118612bcb987ce484a4131656b27a31bcc1ee6299ff51a813_ppc64le"
},
"product_reference": "odf4/odf-must-gather-rhel9@sha256:2d0383fe62f6636118612bcb987ce484a4131656b27a31bcc1ee6299ff51a813_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-must-gather-rhel9@sha256:53913fa206b297eb4e93d54efd6e0c3935a6b700f6c34cd9995d5483a855c854_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:53913fa206b297eb4e93d54efd6e0c3935a6b700f6c34cd9995d5483a855c854_s390x"
},
"product_reference": "odf4/odf-must-gather-rhel9@sha256:53913fa206b297eb4e93d54efd6e0c3935a6b700f6c34cd9995d5483a855c854_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-must-gather-rhel9@sha256:c2b68542390a7e4336da0147eb19dfc1b5104a4be9fdfbce0f383d2e3c6012ab_arm64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:c2b68542390a7e4336da0147eb19dfc1b5104a4be9fdfbce0f383d2e3c6012ab_arm64"
},
"product_reference": "odf4/odf-must-gather-rhel9@sha256:c2b68542390a7e4336da0147eb19dfc1b5104a4be9fdfbce0f383d2e3c6012ab_arm64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-must-gather-rhel9@sha256:ea8f5dd86da91bd16a2b79a011dcbdc975383fdc736a19867d42e6318c691552_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:ea8f5dd86da91bd16a2b79a011dcbdc975383fdc736a19867d42e6318c691552_amd64"
},
"product_reference": "odf4/odf-must-gather-rhel9@sha256:ea8f5dd86da91bd16a2b79a011dcbdc975383fdc736a19867d42e6318c691552_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-operator-bundle@sha256:af735766b79a34a3bde546255f3a54b08b4ffc2c5a45e071cd887bf40a9f51b4_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:af735766b79a34a3bde546255f3a54b08b4ffc2c5a45e071cd887bf40a9f51b4_ppc64le"
},
"product_reference": "odf4/odf-operator-bundle@sha256:af735766b79a34a3bde546255f3a54b08b4ffc2c5a45e071cd887bf40a9f51b4_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-operator-bundle@sha256:d900dff1d730a61b9f1eb78f4902bd233113216973874cd0c77e2d27b249dadb_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d900dff1d730a61b9f1eb78f4902bd233113216973874cd0c77e2d27b249dadb_s390x"
},
"product_reference": "odf4/odf-operator-bundle@sha256:d900dff1d730a61b9f1eb78f4902bd233113216973874cd0c77e2d27b249dadb_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-operator-bundle@sha256:e58f88c021243d4616127c177bd9c0aeabca99e8e57e0648311d3fde0c192dcb_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e58f88c021243d4616127c177bd9c0aeabca99e8e57e0648311d3fde0c192dcb_amd64"
},
"product_reference": "odf4/odf-operator-bundle@sha256:e58f88c021243d4616127c177bd9c0aeabca99e8e57e0648311d3fde0c192dcb_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-prometheus-operator-bundle@sha256:a1d9cc4aff1553cdd490cdbbf49d927edf9320dfabc8327571805c04c87f1120_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a1d9cc4aff1553cdd490cdbbf49d927edf9320dfabc8327571805c04c87f1120_ppc64le"
},
"product_reference": "odf4/odf-prometheus-operator-bundle@sha256:a1d9cc4aff1553cdd490cdbbf49d927edf9320dfabc8327571805c04c87f1120_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-prometheus-operator-bundle@sha256:c8c04af9ba9c10d8c32ac3c7004ba0c4ccf0c14ac683a1a685e97669ee387cca_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:c8c04af9ba9c10d8c32ac3c7004ba0c4ccf0c14ac683a1a685e97669ee387cca_s390x"
},
"product_reference": "odf4/odf-prometheus-operator-bundle@sha256:c8c04af9ba9c10d8c32ac3c7004ba0c4ccf0c14ac683a1a685e97669ee387cca_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-prometheus-operator-bundle@sha256:f30254e9df41cf4049cc7b35610abd0a716a13f41a1c4523fc1e7bf2211085b0_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:f30254e9df41cf4049cc7b35610abd0a716a13f41a1c4523fc1e7bf2211085b0_amd64"
},
"product_reference": "odf4/odf-prometheus-operator-bundle@sha256:f30254e9df41cf4049cc7b35610abd0a716a13f41a1c4523fc1e7bf2211085b0_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-rhel9-operator@sha256:1973a2cc13ee9a32f8fa426511c69804821cd92a3f778ede9dc1dad3070132db_arm64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:1973a2cc13ee9a32f8fa426511c69804821cd92a3f778ede9dc1dad3070132db_arm64"
},
"product_reference": "odf4/odf-rhel9-operator@sha256:1973a2cc13ee9a32f8fa426511c69804821cd92a3f778ede9dc1dad3070132db_arm64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-rhel9-operator@sha256:6850637e14d8acc7f88cd2b2c936b52ca66af159d7f97d37608da66cbfdcc825_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6850637e14d8acc7f88cd2b2c936b52ca66af159d7f97d37608da66cbfdcc825_s390x"
},
"product_reference": "odf4/odf-rhel9-operator@sha256:6850637e14d8acc7f88cd2b2c936b52ca66af159d7f97d37608da66cbfdcc825_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-rhel9-operator@sha256:c75a9897a89243b793642d1d5918a666b08b465797212cfa29022a8fcbeb358e_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:c75a9897a89243b793642d1d5918a666b08b465797212cfa29022a8fcbeb358e_amd64"
},
"product_reference": "odf4/odf-rhel9-operator@sha256:c75a9897a89243b793642d1d5918a666b08b465797212cfa29022a8fcbeb358e_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-rhel9-operator@sha256:d917d45adf63e8659d589eee79ccb9d1623252b7339b1e93524b7dea229c8f09_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:d917d45adf63e8659d589eee79ccb9d1623252b7339b1e93524b7dea229c8f09_ppc64le"
},
"product_reference": "odf4/odf-rhel9-operator@sha256:d917d45adf63e8659d589eee79ccb9d1623252b7339b1e93524b7dea229c8f09_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-cluster-operator-bundle@sha256:601fbb866efcab2fec4a675094cfe1d5259b6e475f9e6dadda69fc21cc178aee_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:601fbb866efcab2fec4a675094cfe1d5259b6e475f9e6dadda69fc21cc178aee_amd64"
},
"product_reference": "odf4/odr-cluster-operator-bundle@sha256:601fbb866efcab2fec4a675094cfe1d5259b6e475f9e6dadda69fc21cc178aee_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-cluster-operator-bundle@sha256:9dfbd7fb7a6ca22a2a7f18cf4ec5c9539d30879db0623798d1ec8e4f5eb84dcc_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:9dfbd7fb7a6ca22a2a7f18cf4ec5c9539d30879db0623798d1ec8e4f5eb84dcc_ppc64le"
},
"product_reference": "odf4/odr-cluster-operator-bundle@sha256:9dfbd7fb7a6ca22a2a7f18cf4ec5c9539d30879db0623798d1ec8e4f5eb84dcc_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-cluster-operator-bundle@sha256:c34e9f57958dc3bec472ee9b91ea31503fd939b07faae596677a36d7d73d3b59_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:c34e9f57958dc3bec472ee9b91ea31503fd939b07faae596677a36d7d73d3b59_s390x"
},
"product_reference": "odf4/odr-cluster-operator-bundle@sha256:c34e9f57958dc3bec472ee9b91ea31503fd939b07faae596677a36d7d73d3b59_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-hub-operator-bundle@sha256:08f5697d5460d1e509bfb4bf4b177e79a68c52b55cf693aa15b49a3951f972cf_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:08f5697d5460d1e509bfb4bf4b177e79a68c52b55cf693aa15b49a3951f972cf_ppc64le"
},
"product_reference": "odf4/odr-hub-operator-bundle@sha256:08f5697d5460d1e509bfb4bf4b177e79a68c52b55cf693aa15b49a3951f972cf_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-hub-operator-bundle@sha256:1823f0fa1f0bf3097fa61cf9fa7dd6c591d43c7443942538ae126b6ab4d59653_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:1823f0fa1f0bf3097fa61cf9fa7dd6c591d43c7443942538ae126b6ab4d59653_amd64"
},
"product_reference": "odf4/odr-hub-operator-bundle@sha256:1823f0fa1f0bf3097fa61cf9fa7dd6c591d43c7443942538ae126b6ab4d59653_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-hub-operator-bundle@sha256:4d22347dbd2f7c1e243b440304e05f2749d88888924e913b661ce8fe4e219496_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:4d22347dbd2f7c1e243b440304e05f2749d88888924e913b661ce8fe4e219496_s390x"
},
"product_reference": "odf4/odr-hub-operator-bundle@sha256:4d22347dbd2f7c1e243b440304e05f2749d88888924e913b661ce8fe4e219496_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-recipe-operator-bundle@sha256:36292e60b543154590ff245f4c4b233b8ad5857c7bac5fa0c45fa161500df1b2_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:36292e60b543154590ff245f4c4b233b8ad5857c7bac5fa0c45fa161500df1b2_ppc64le"
},
"product_reference": "odf4/odr-recipe-operator-bundle@sha256:36292e60b543154590ff245f4c4b233b8ad5857c7bac5fa0c45fa161500df1b2_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-recipe-operator-bundle@sha256:424de07f469a52d905d50a126e0d0c48e5c2a8bfcc5fa6be37f4b0c806cf50b5_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:424de07f469a52d905d50a126e0d0c48e5c2a8bfcc5fa6be37f4b0c806cf50b5_amd64"
},
"product_reference": "odf4/odr-recipe-operator-bundle@sha256:424de07f469a52d905d50a126e0d0c48e5c2a8bfcc5fa6be37f4b0c806cf50b5_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-recipe-operator-bundle@sha256:5045c0a773df2d4bff134934a4b61b3ed3653bce4bf1224495f71c14d0e34c7d_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:5045c0a773df2d4bff134934a4b61b3ed3653bce4bf1224495f71c14d0e34c7d_s390x"
},
"product_reference": "odf4/odr-recipe-operator-bundle@sha256:5045c0a773df2d4bff134934a4b61b3ed3653bce4bf1224495f71c14d0e34c7d_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-rhel9-operator@sha256:3466ff8766747872e8cb3c7d4e388e95bc93375509ee81076884e27b51875ef8_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:3466ff8766747872e8cb3c7d4e388e95bc93375509ee81076884e27b51875ef8_ppc64le"
},
"product_reference": "odf4/odr-rhel9-operator@sha256:3466ff8766747872e8cb3c7d4e388e95bc93375509ee81076884e27b51875ef8_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-rhel9-operator@sha256:6ea22220e927607742e39622db5fcaf52bd03bd363db7c41d9e6b869c305859b_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:6ea22220e927607742e39622db5fcaf52bd03bd363db7c41d9e6b869c305859b_s390x"
},
"product_reference": "odf4/odr-rhel9-operator@sha256:6ea22220e927607742e39622db5fcaf52bd03bd363db7c41d9e6b869c305859b_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-rhel9-operator@sha256:c98e251621146b479822a517c9556bd9e49c8dc57b4afccede822aac5699b37a_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:c98e251621146b479822a517c9556bd9e49c8dc57b4afccede822aac5699b37a_amd64"
},
"product_reference": "odf4/odr-rhel9-operator@sha256:c98e251621146b479822a517c9556bd9e49c8dc57b4afccede822aac5699b37a_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-rhel9-operator@sha256:f9dea8ea9ecae53cce167218abbe0b354279d8bb73115312ef413653d91d21f3_arm64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:f9dea8ea9ecae53cce167218abbe0b354279d8bb73115312ef413653d91d21f3_arm64"
},
"product_reference": "odf4/odr-rhel9-operator@sha256:f9dea8ea9ecae53cce167218abbe0b354279d8bb73115312ef413653d91d21f3_arm64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/rook-ceph-operator-bundle@sha256:04751a4c128f21d5f1ec2ddae1107ceb5902ed63fd705441dc7280ea66c8941b_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:04751a4c128f21d5f1ec2ddae1107ceb5902ed63fd705441dc7280ea66c8941b_amd64"
},
"product_reference": "odf4/rook-ceph-operator-bundle@sha256:04751a4c128f21d5f1ec2ddae1107ceb5902ed63fd705441dc7280ea66c8941b_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/rook-ceph-operator-bundle@sha256:7e846eac9b45ddae80fd7bbd24f92809554c1b4c0fd915ff67ed5e1d08dd5c93_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:7e846eac9b45ddae80fd7bbd24f92809554c1b4c0fd915ff67ed5e1d08dd5c93_ppc64le"
},
"product_reference": "odf4/rook-ceph-operator-bundle@sha256:7e846eac9b45ddae80fd7bbd24f92809554c1b4c0fd915ff67ed5e1d08dd5c93_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/rook-ceph-operator-bundle@sha256:a115350e444d74bd30b86b6f8d9a2c15f28ab5418cbf1fe599c2251b043708b8_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:a115350e444d74bd30b86b6f8d9a2c15f28ab5418cbf1fe599c2251b043708b8_s390x"
},
"product_reference": "odf4/rook-ceph-operator-bundle@sha256:a115350e444d74bd30b86b6f8d9a2c15f28ab5418cbf1fe599c2251b043708b8_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/rook-ceph-rhel9-operator@sha256:666b25c348e6275207b9bb2ef6ca1cf109fa935fd7d2dead4a764b5d7d243392_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:666b25c348e6275207b9bb2ef6ca1cf109fa935fd7d2dead4a764b5d7d243392_amd64"
},
"product_reference": "odf4/rook-ceph-rhel9-operator@sha256:666b25c348e6275207b9bb2ef6ca1cf109fa935fd7d2dead4a764b5d7d243392_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/rook-ceph-rhel9-operator@sha256:80a4e57074bf6bd9cd8fd1e0beeddebe6d6e0986c9c0a9fe8839268341763e2e_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:80a4e57074bf6bd9cd8fd1e0beeddebe6d6e0986c9c0a9fe8839268341763e2e_ppc64le"
},
"product_reference": "odf4/rook-ceph-rhel9-operator@sha256:80a4e57074bf6bd9cd8fd1e0beeddebe6d6e0986c9c0a9fe8839268341763e2e_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/rook-ceph-rhel9-operator@sha256:e388f3c0faa2505b6960c815043477034012d79660c3e5fdcc24b2272b93f218_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:e388f3c0faa2505b6960c815043477034012d79660c3e5fdcc24b2272b93f218_s390x"
},
"product_reference": "odf4/rook-ceph-rhel9-operator@sha256:e388f3c0faa2505b6960c815043477034012d79660c3e5fdcc24b2272b93f218_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-45338",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2024-12-18T21:00:59.938173+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:1cf35f815de351a2c37340f850101d5b108fea0c4e5619a98080840ef3552e0e_amd64",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:4a1de6a1af1b47680caa36a69c6a8b438d01a0810f4df1d9dbb8fc82f8e06284_s390x",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:f9a4390a3de6eb274c185a1cc3382b6c10a29b16d39de6f59df316b2d7a85ad4_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:068a72256237bdd0a579b3aa76fc4bf37930b1f048ae6c3eb72f44c2f4599ee4_arm64",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:10fedd0456d7f81015f93e597932cb19b3576a5bffd95de325f160c44f78cfca_s390x",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:698896a47d4fd9f1bddf8fb1fb22b99f6eaec3c9591815e25e120e7df1844ae6_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b0f34ed1b4c0f9a4176fd959d929c3755508ce881e431c2c2069428847ed76e7_amd64",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:a8c32134d2cb1a5db655586f65bd1fac568b010bc1f7697069b83e7c245f29af_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:b2b86eea9f1808e65ee3bfb0daad68e470bbe9d2525adcaff08d4fde8e52b4f0_s390x",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:d7f607b353806840c3a2fb9fb02e5a96cd83e6747f67deb73ed0875df76828e0_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:409becedde385970154269f5dc84ac7961e219a1956930a14aa68183fb80fb49_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:52c70b591ad9bcaca488d0338b82c11fbccd63762f5fad40119d4e8419ded145_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:a06f898fe1be5935accc20fd1ee6a1e29f2350297e36ef7392392a359d4f7c47_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:3a07afbc05696f593190e75aabe6f32416d03574df873367458a62676409caf8_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:7b86fe3d3ac9ef7df8a851c7c1f24eb8212f4c8640bfbe1dbf25ca13e8754cb3_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:e677334c3782188f6aafb252308c9a1c8db6101b0bba4b79f3662b9c3804350a_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:4f0fb6d02abae76a35f386dab1b2250bfe632a3c7a36a68688407d205b886ea2_arm64",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:6d1dc63e8040cbd6e82514ded593540a16f4dde956b04d88649551a4333e7616_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:ac83a0734f93025f3ab42ee520e0445240d043a4775664c6d44a87c7fac71d68_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:cea3919db348953e14f270af58a711c7073ad65ad4fbc375d80117fbabf936da_amd64",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:1b602bb5459440906a466e9687301dc3c1233264de86498c94f26581060f9033_amd64",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:a0f521d4f1ac22e066a109ae38ae11e248195f9520c3730e5053b27da5e7eafd_s390x",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:bb2f890d57d4341eff0476325eadce481f38dd0bccb8f5f9974f61220bbce44f_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8682c22f78b4e5b7d7a9ece542f02ec7d6172ccfcd85e82dfcbeb9c81fe7a6dd_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:d648a6305dab917bc9094481a84bd0521bd48cac367670b6a723c6d59e9ec4d8_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:fcc77519a4cc442b1bd61e5606efb35a4afc4fe6dc93e8093c2f306b3b5faacd_s390x",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:087bffeeca3ed6f80ae7674c5a147b27a2f1feba965acbb27379c438c9686f91_amd64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:18ede0783538a2037a6b090c3e9c7ebeed3361f6594f865303e51677cf228e90_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:9df0962604f30ad2dd9861675ed4018ec4e1847d645a5f395a9755bfc3dcf74c_s390x",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:c09589e1e0deb7e952806d235c1037f5c6e90d5eb037c9b7585f2dfbe2d53968_arm64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:10aa2a02209ef8f37238f873edde98369e15e738b2a7b80099be4b2b8647edbc_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:78f071161808fcf3a228a8fe8bd2c8de1beb49a3963ef5efc589e45cff1a02a6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:85ea82a8bcbbb0e39e5b8b5535f2468d3d61ab1507548acf9ba2a89777382483_arm64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:bb1aec4a92322116499401febc6982178deee5e989fd68a9635d9b31f7dd8db2_amd64",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:74b5fae3ab9b1cb951f533e9717e8dddf74cc20dbdbffa7753498fd851429392_s390x",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:8eed4974c6b9dedd5cb4f7ff1027908ad4ab8274dafffa00f12eb9c63a15d288_amd64",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:c766a6b85cd3bef81bc6f626589b569695d1742c1f961c4175a742de8dfc9712_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:0f13b14109bbebcb40bdcd8f0fdfd7f61a25ea7f39af746644b0861c7ff49626_s390x",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:afe5fffaa37933af2ac55390ed46d37a277bdfafb63f504645b9d29bd23b6e30_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:d5b01a44782ed114af0d96a357faa2ce00950194f8a6c63a37081bb3bfa8550e_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:d0a94174a1cdec08532959658b4dfe0e9adafb83314f69d4902c0b93e6ad4798_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:d2bff2e8f293034a8a7d80a063d35d5ba3fdc279b0d03440c1d2a47ff2606adf_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:fa43d6f2db3e6da5f5ae82a14b8631fdefee1ece7e8c714ca78d467b79f3b4a0_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:088c5f7549320be94fcfe1d759a6c0b12b82b0eb2c7ad7ea8a65533db3c701d2_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:27c832da54d32ada85fff3fb7d04d733143a1df7cb2e419b355191c1d91d1540_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:9a83557ae92af7bf8ca4c687aee1ba82311acf55c98b17fc44dff6e8206f4c7e_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:d2ae76ccd354cc34c46be21f3ba074fcfa1ebbdf7b32f4c61c4f45e55c23f270_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:13700b4ed1c50daa091652fd7b74779c06249ac21b9a741574bb5069b000f16b_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:65d1d96f56293f276c8574363d872c8c89686e3a61ee577cb4393165e9bbac0f_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:71a8e62888c5d7522d44045b373595ec4188c7946d60f1e2c8eb0f0e93954a03_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:fb501c55629dc8f44267c6813a84d111cb3c98bf5185a04fddd41c4f47f05621_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:28075f58315b04c3aa4c9f4a23689c76f4645837ef6eae79cc3633f389610407_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:31dc2d31b429e63fe599141392370e529b597e41e3b6bd9da387eba8971cedeb_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:f65ebe3bc2af885f04ac47d94d676a4bd95fb6534a24a9d436c215dbe40c41ad_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:137909bdc89b6e2b6bc672333ab53ff56ebc0695311c5df09266f793bf4e81aa_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:42f94d2ec5d022c829bec6b88624b27ec21c444fe5c19396ce248dbb0582cd82_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:951633082e542b42ec641cd9866518da79cfddafa069ef189281e2d580728c5d_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:20322293ce1012ddae0f395d5604e38a815e5da109bd11ac11e635c1773b1522_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:3527b74ae473b71b54fc4dcf53d247688ba11cc8656d7e96200b120bb2087f56_arm64",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:8ec79d06669ee36eae6d6c2ed3ef835934ca6b5d6d27fc1ba524e17c5a2df2e3_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:e83d5ec4974bedfb763845ea371c74f050cb38ba8bd8a9c7416dae502a7af87e_ppc64le",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:2d0383fe62f6636118612bcb987ce484a4131656b27a31bcc1ee6299ff51a813_ppc64le",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:53913fa206b297eb4e93d54efd6e0c3935a6b700f6c34cd9995d5483a855c854_s390x",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:c2b68542390a7e4336da0147eb19dfc1b5104a4be9fdfbce0f383d2e3c6012ab_arm64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:ea8f5dd86da91bd16a2b79a011dcbdc975383fdc736a19867d42e6318c691552_amd64",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:af735766b79a34a3bde546255f3a54b08b4ffc2c5a45e071cd887bf40a9f51b4_ppc64le",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d900dff1d730a61b9f1eb78f4902bd233113216973874cd0c77e2d27b249dadb_s390x",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e58f88c021243d4616127c177bd9c0aeabca99e8e57e0648311d3fde0c192dcb_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a1d9cc4aff1553cdd490cdbbf49d927edf9320dfabc8327571805c04c87f1120_ppc64le",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:c8c04af9ba9c10d8c32ac3c7004ba0c4ccf0c14ac683a1a685e97669ee387cca_s390x",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:f30254e9df41cf4049cc7b35610abd0a716a13f41a1c4523fc1e7bf2211085b0_amd64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:1973a2cc13ee9a32f8fa426511c69804821cd92a3f778ede9dc1dad3070132db_arm64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6850637e14d8acc7f88cd2b2c936b52ca66af159d7f97d37608da66cbfdcc825_s390x",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:c75a9897a89243b793642d1d5918a666b08b465797212cfa29022a8fcbeb358e_amd64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:d917d45adf63e8659d589eee79ccb9d1623252b7339b1e93524b7dea229c8f09_ppc64le",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:601fbb866efcab2fec4a675094cfe1d5259b6e475f9e6dadda69fc21cc178aee_amd64",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:9dfbd7fb7a6ca22a2a7f18cf4ec5c9539d30879db0623798d1ec8e4f5eb84dcc_ppc64le",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:c34e9f57958dc3bec472ee9b91ea31503fd939b07faae596677a36d7d73d3b59_s390x",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:08f5697d5460d1e509bfb4bf4b177e79a68c52b55cf693aa15b49a3951f972cf_ppc64le",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:1823f0fa1f0bf3097fa61cf9fa7dd6c591d43c7443942538ae126b6ab4d59653_amd64",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:4d22347dbd2f7c1e243b440304e05f2749d88888924e913b661ce8fe4e219496_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:36292e60b543154590ff245f4c4b233b8ad5857c7bac5fa0c45fa161500df1b2_ppc64le",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:424de07f469a52d905d50a126e0d0c48e5c2a8bfcc5fa6be37f4b0c806cf50b5_amd64",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:5045c0a773df2d4bff134934a4b61b3ed3653bce4bf1224495f71c14d0e34c7d_s390x",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:3466ff8766747872e8cb3c7d4e388e95bc93375509ee81076884e27b51875ef8_ppc64le",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:6ea22220e927607742e39622db5fcaf52bd03bd363db7c41d9e6b869c305859b_s390x",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:c98e251621146b479822a517c9556bd9e49c8dc57b4afccede822aac5699b37a_amd64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:f9dea8ea9ecae53cce167218abbe0b354279d8bb73115312ef413653d91d21f3_arm64",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:04751a4c128f21d5f1ec2ddae1107ceb5902ed63fd705441dc7280ea66c8941b_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:7e846eac9b45ddae80fd7bbd24f92809554c1b4c0fd915ff67ed5e1d08dd5c93_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:a115350e444d74bd30b86b6f8d9a2c15f28ab5418cbf1fe599c2251b043708b8_s390x",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:666b25c348e6275207b9bb2ef6ca1cf109fa935fd7d2dead4a764b5d7d243392_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:80a4e57074bf6bd9cd8fd1e0beeddebe6d6e0986c9c0a9fe8839268341763e2e_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:e388f3c0faa2505b6960c815043477034012d79660c3e5fdcc24b2272b93f218_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2333122"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/net/html. This flaw allows an attacker to craft input to the parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This issue can cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as an Important severity because an attacker can craft malicious input that causes the parsing functions to process data non-linearly, resulting in significant delays which leads to a denial of service by exhausting system resources.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0b7a3d603a5275d83492747cfa071cb626001938b174847619cf343b1fcd81b3_s390x",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:2960acdb44de44e4bc26f222f16c9fef9dca561ab90b3c088da822dcfbda0a7c_arm64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:a815540a133b0864ba427bf5f5a8153dd3e316bb39bbbbf464511fc0732782fd_amd64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:f7c64b8539be7e027bac1547ece04653976d5bea6ead519b2ed6499de7180dbe_ppc64le"
],
"known_not_affected": [
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:1cf35f815de351a2c37340f850101d5b108fea0c4e5619a98080840ef3552e0e_amd64",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:4a1de6a1af1b47680caa36a69c6a8b438d01a0810f4df1d9dbb8fc82f8e06284_s390x",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:f9a4390a3de6eb274c185a1cc3382b6c10a29b16d39de6f59df316b2d7a85ad4_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:068a72256237bdd0a579b3aa76fc4bf37930b1f048ae6c3eb72f44c2f4599ee4_arm64",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:10fedd0456d7f81015f93e597932cb19b3576a5bffd95de325f160c44f78cfca_s390x",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:698896a47d4fd9f1bddf8fb1fb22b99f6eaec3c9591815e25e120e7df1844ae6_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b0f34ed1b4c0f9a4176fd959d929c3755508ce881e431c2c2069428847ed76e7_amd64",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:a8c32134d2cb1a5db655586f65bd1fac568b010bc1f7697069b83e7c245f29af_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:b2b86eea9f1808e65ee3bfb0daad68e470bbe9d2525adcaff08d4fde8e52b4f0_s390x",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:d7f607b353806840c3a2fb9fb02e5a96cd83e6747f67deb73ed0875df76828e0_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:409becedde385970154269f5dc84ac7961e219a1956930a14aa68183fb80fb49_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:52c70b591ad9bcaca488d0338b82c11fbccd63762f5fad40119d4e8419ded145_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:a06f898fe1be5935accc20fd1ee6a1e29f2350297e36ef7392392a359d4f7c47_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:3a07afbc05696f593190e75aabe6f32416d03574df873367458a62676409caf8_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:7b86fe3d3ac9ef7df8a851c7c1f24eb8212f4c8640bfbe1dbf25ca13e8754cb3_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:e677334c3782188f6aafb252308c9a1c8db6101b0bba4b79f3662b9c3804350a_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:4f0fb6d02abae76a35f386dab1b2250bfe632a3c7a36a68688407d205b886ea2_arm64",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:6d1dc63e8040cbd6e82514ded593540a16f4dde956b04d88649551a4333e7616_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:ac83a0734f93025f3ab42ee520e0445240d043a4775664c6d44a87c7fac71d68_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:cea3919db348953e14f270af58a711c7073ad65ad4fbc375d80117fbabf936da_amd64",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:1b602bb5459440906a466e9687301dc3c1233264de86498c94f26581060f9033_amd64",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:a0f521d4f1ac22e066a109ae38ae11e248195f9520c3730e5053b27da5e7eafd_s390x",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:bb2f890d57d4341eff0476325eadce481f38dd0bccb8f5f9974f61220bbce44f_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8682c22f78b4e5b7d7a9ece542f02ec7d6172ccfcd85e82dfcbeb9c81fe7a6dd_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:d648a6305dab917bc9094481a84bd0521bd48cac367670b6a723c6d59e9ec4d8_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:fcc77519a4cc442b1bd61e5606efb35a4afc4fe6dc93e8093c2f306b3b5faacd_s390x",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:087bffeeca3ed6f80ae7674c5a147b27a2f1feba965acbb27379c438c9686f91_amd64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:18ede0783538a2037a6b090c3e9c7ebeed3361f6594f865303e51677cf228e90_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:9df0962604f30ad2dd9861675ed4018ec4e1847d645a5f395a9755bfc3dcf74c_s390x",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:c09589e1e0deb7e952806d235c1037f5c6e90d5eb037c9b7585f2dfbe2d53968_arm64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:10aa2a02209ef8f37238f873edde98369e15e738b2a7b80099be4b2b8647edbc_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:78f071161808fcf3a228a8fe8bd2c8de1beb49a3963ef5efc589e45cff1a02a6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:85ea82a8bcbbb0e39e5b8b5535f2468d3d61ab1507548acf9ba2a89777382483_arm64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:bb1aec4a92322116499401febc6982178deee5e989fd68a9635d9b31f7dd8db2_amd64",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:74b5fae3ab9b1cb951f533e9717e8dddf74cc20dbdbffa7753498fd851429392_s390x",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:8eed4974c6b9dedd5cb4f7ff1027908ad4ab8274dafffa00f12eb9c63a15d288_amd64",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:c766a6b85cd3bef81bc6f626589b569695d1742c1f961c4175a742de8dfc9712_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:0f13b14109bbebcb40bdcd8f0fdfd7f61a25ea7f39af746644b0861c7ff49626_s390x",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:afe5fffaa37933af2ac55390ed46d37a277bdfafb63f504645b9d29bd23b6e30_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:d5b01a44782ed114af0d96a357faa2ce00950194f8a6c63a37081bb3bfa8550e_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:d0a94174a1cdec08532959658b4dfe0e9adafb83314f69d4902c0b93e6ad4798_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:d2bff2e8f293034a8a7d80a063d35d5ba3fdc279b0d03440c1d2a47ff2606adf_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:fa43d6f2db3e6da5f5ae82a14b8631fdefee1ece7e8c714ca78d467b79f3b4a0_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:088c5f7549320be94fcfe1d759a6c0b12b82b0eb2c7ad7ea8a65533db3c701d2_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:27c832da54d32ada85fff3fb7d04d733143a1df7cb2e419b355191c1d91d1540_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:9a83557ae92af7bf8ca4c687aee1ba82311acf55c98b17fc44dff6e8206f4c7e_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:d2ae76ccd354cc34c46be21f3ba074fcfa1ebbdf7b32f4c61c4f45e55c23f270_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:13700b4ed1c50daa091652fd7b74779c06249ac21b9a741574bb5069b000f16b_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:65d1d96f56293f276c8574363d872c8c89686e3a61ee577cb4393165e9bbac0f_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:71a8e62888c5d7522d44045b373595ec4188c7946d60f1e2c8eb0f0e93954a03_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:fb501c55629dc8f44267c6813a84d111cb3c98bf5185a04fddd41c4f47f05621_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:28075f58315b04c3aa4c9f4a23689c76f4645837ef6eae79cc3633f389610407_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:31dc2d31b429e63fe599141392370e529b597e41e3b6bd9da387eba8971cedeb_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:f65ebe3bc2af885f04ac47d94d676a4bd95fb6534a24a9d436c215dbe40c41ad_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:137909bdc89b6e2b6bc672333ab53ff56ebc0695311c5df09266f793bf4e81aa_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:42f94d2ec5d022c829bec6b88624b27ec21c444fe5c19396ce248dbb0582cd82_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:951633082e542b42ec641cd9866518da79cfddafa069ef189281e2d580728c5d_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:20322293ce1012ddae0f395d5604e38a815e5da109bd11ac11e635c1773b1522_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:3527b74ae473b71b54fc4dcf53d247688ba11cc8656d7e96200b120bb2087f56_arm64",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:8ec79d06669ee36eae6d6c2ed3ef835934ca6b5d6d27fc1ba524e17c5a2df2e3_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:e83d5ec4974bedfb763845ea371c74f050cb38ba8bd8a9c7416dae502a7af87e_ppc64le",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:2d0383fe62f6636118612bcb987ce484a4131656b27a31bcc1ee6299ff51a813_ppc64le",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:53913fa206b297eb4e93d54efd6e0c3935a6b700f6c34cd9995d5483a855c854_s390x",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:c2b68542390a7e4336da0147eb19dfc1b5104a4be9fdfbce0f383d2e3c6012ab_arm64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:ea8f5dd86da91bd16a2b79a011dcbdc975383fdc736a19867d42e6318c691552_amd64",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:af735766b79a34a3bde546255f3a54b08b4ffc2c5a45e071cd887bf40a9f51b4_ppc64le",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d900dff1d730a61b9f1eb78f4902bd233113216973874cd0c77e2d27b249dadb_s390x",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e58f88c021243d4616127c177bd9c0aeabca99e8e57e0648311d3fde0c192dcb_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a1d9cc4aff1553cdd490cdbbf49d927edf9320dfabc8327571805c04c87f1120_ppc64le",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:c8c04af9ba9c10d8c32ac3c7004ba0c4ccf0c14ac683a1a685e97669ee387cca_s390x",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:f30254e9df41cf4049cc7b35610abd0a716a13f41a1c4523fc1e7bf2211085b0_amd64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:1973a2cc13ee9a32f8fa426511c69804821cd92a3f778ede9dc1dad3070132db_arm64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6850637e14d8acc7f88cd2b2c936b52ca66af159d7f97d37608da66cbfdcc825_s390x",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:c75a9897a89243b793642d1d5918a666b08b465797212cfa29022a8fcbeb358e_amd64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:d917d45adf63e8659d589eee79ccb9d1623252b7339b1e93524b7dea229c8f09_ppc64le",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:601fbb866efcab2fec4a675094cfe1d5259b6e475f9e6dadda69fc21cc178aee_amd64",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:9dfbd7fb7a6ca22a2a7f18cf4ec5c9539d30879db0623798d1ec8e4f5eb84dcc_ppc64le",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:c34e9f57958dc3bec472ee9b91ea31503fd939b07faae596677a36d7d73d3b59_s390x",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:08f5697d5460d1e509bfb4bf4b177e79a68c52b55cf693aa15b49a3951f972cf_ppc64le",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:1823f0fa1f0bf3097fa61cf9fa7dd6c591d43c7443942538ae126b6ab4d59653_amd64",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:4d22347dbd2f7c1e243b440304e05f2749d88888924e913b661ce8fe4e219496_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:36292e60b543154590ff245f4c4b233b8ad5857c7bac5fa0c45fa161500df1b2_ppc64le",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:424de07f469a52d905d50a126e0d0c48e5c2a8bfcc5fa6be37f4b0c806cf50b5_amd64",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:5045c0a773df2d4bff134934a4b61b3ed3653bce4bf1224495f71c14d0e34c7d_s390x",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:3466ff8766747872e8cb3c7d4e388e95bc93375509ee81076884e27b51875ef8_ppc64le",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:6ea22220e927607742e39622db5fcaf52bd03bd363db7c41d9e6b869c305859b_s390x",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:c98e251621146b479822a517c9556bd9e49c8dc57b4afccede822aac5699b37a_amd64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:f9dea8ea9ecae53cce167218abbe0b354279d8bb73115312ef413653d91d21f3_arm64",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:04751a4c128f21d5f1ec2ddae1107ceb5902ed63fd705441dc7280ea66c8941b_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:7e846eac9b45ddae80fd7bbd24f92809554c1b4c0fd915ff67ed5e1d08dd5c93_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:a115350e444d74bd30b86b6f8d9a2c15f28ab5418cbf1fe599c2251b043708b8_s390x",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:666b25c348e6275207b9bb2ef6ca1cf109fa935fd7d2dead4a764b5d7d243392_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:80a4e57074bf6bd9cd8fd1e0beeddebe6d6e0986c9c0a9fe8839268341763e2e_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:e388f3c0faa2505b6960c815043477034012d79660c3e5fdcc24b2272b93f218_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45338"
},
{
"category": "external",
"summary": "RHBZ#2333122",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2333122"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45338",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45338"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45338",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45338"
},
{
"category": "external",
"summary": "https://go.dev/cl/637536",
"url": "https://go.dev/cl/637536"
},
{
"category": "external",
"summary": "https://go.dev/issue/70906",
"url": "https://go.dev/issue/70906"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/wSCRmFnNmPA/m/Lvcd0mRMAwAJ",
"url": "https://groups.google.com/g/golang-announce/c/wSCRmFnNmPA/m/Lvcd0mRMAwAJ"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3333",
"url": "https://pkg.go.dev/vuln/GO-2024-3333"
}
],
"release_date": "2024-12-18T20:38:22.660000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-04-01T21:25:57+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0b7a3d603a5275d83492747cfa071cb626001938b174847619cf343b1fcd81b3_s390x",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:2960acdb44de44e4bc26f222f16c9fef9dca561ab90b3c088da822dcfbda0a7c_arm64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:a815540a133b0864ba427bf5f5a8153dd3e316bb39bbbbf464511fc0732782fd_amd64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:f7c64b8539be7e027bac1547ece04653976d5bea6ead519b2ed6499de7180dbe_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:3502"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:1cf35f815de351a2c37340f850101d5b108fea0c4e5619a98080840ef3552e0e_amd64",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:4a1de6a1af1b47680caa36a69c6a8b438d01a0810f4df1d9dbb8fc82f8e06284_s390x",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:f9a4390a3de6eb274c185a1cc3382b6c10a29b16d39de6f59df316b2d7a85ad4_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:068a72256237bdd0a579b3aa76fc4bf37930b1f048ae6c3eb72f44c2f4599ee4_arm64",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:10fedd0456d7f81015f93e597932cb19b3576a5bffd95de325f160c44f78cfca_s390x",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:698896a47d4fd9f1bddf8fb1fb22b99f6eaec3c9591815e25e120e7df1844ae6_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b0f34ed1b4c0f9a4176fd959d929c3755508ce881e431c2c2069428847ed76e7_amd64",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:a8c32134d2cb1a5db655586f65bd1fac568b010bc1f7697069b83e7c245f29af_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:b2b86eea9f1808e65ee3bfb0daad68e470bbe9d2525adcaff08d4fde8e52b4f0_s390x",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:d7f607b353806840c3a2fb9fb02e5a96cd83e6747f67deb73ed0875df76828e0_amd64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0b7a3d603a5275d83492747cfa071cb626001938b174847619cf343b1fcd81b3_s390x",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:2960acdb44de44e4bc26f222f16c9fef9dca561ab90b3c088da822dcfbda0a7c_arm64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:a815540a133b0864ba427bf5f5a8153dd3e316bb39bbbbf464511fc0732782fd_amd64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:f7c64b8539be7e027bac1547ece04653976d5bea6ead519b2ed6499de7180dbe_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:409becedde385970154269f5dc84ac7961e219a1956930a14aa68183fb80fb49_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:52c70b591ad9bcaca488d0338b82c11fbccd63762f5fad40119d4e8419ded145_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:a06f898fe1be5935accc20fd1ee6a1e29f2350297e36ef7392392a359d4f7c47_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:3a07afbc05696f593190e75aabe6f32416d03574df873367458a62676409caf8_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:7b86fe3d3ac9ef7df8a851c7c1f24eb8212f4c8640bfbe1dbf25ca13e8754cb3_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:e677334c3782188f6aafb252308c9a1c8db6101b0bba4b79f3662b9c3804350a_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:4f0fb6d02abae76a35f386dab1b2250bfe632a3c7a36a68688407d205b886ea2_arm64",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:6d1dc63e8040cbd6e82514ded593540a16f4dde956b04d88649551a4333e7616_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:ac83a0734f93025f3ab42ee520e0445240d043a4775664c6d44a87c7fac71d68_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:cea3919db348953e14f270af58a711c7073ad65ad4fbc375d80117fbabf936da_amd64",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:1b602bb5459440906a466e9687301dc3c1233264de86498c94f26581060f9033_amd64",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:a0f521d4f1ac22e066a109ae38ae11e248195f9520c3730e5053b27da5e7eafd_s390x",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:bb2f890d57d4341eff0476325eadce481f38dd0bccb8f5f9974f61220bbce44f_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8682c22f78b4e5b7d7a9ece542f02ec7d6172ccfcd85e82dfcbeb9c81fe7a6dd_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:d648a6305dab917bc9094481a84bd0521bd48cac367670b6a723c6d59e9ec4d8_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:fcc77519a4cc442b1bd61e5606efb35a4afc4fe6dc93e8093c2f306b3b5faacd_s390x",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:087bffeeca3ed6f80ae7674c5a147b27a2f1feba965acbb27379c438c9686f91_amd64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:18ede0783538a2037a6b090c3e9c7ebeed3361f6594f865303e51677cf228e90_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:9df0962604f30ad2dd9861675ed4018ec4e1847d645a5f395a9755bfc3dcf74c_s390x",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:c09589e1e0deb7e952806d235c1037f5c6e90d5eb037c9b7585f2dfbe2d53968_arm64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:10aa2a02209ef8f37238f873edde98369e15e738b2a7b80099be4b2b8647edbc_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:78f071161808fcf3a228a8fe8bd2c8de1beb49a3963ef5efc589e45cff1a02a6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:85ea82a8bcbbb0e39e5b8b5535f2468d3d61ab1507548acf9ba2a89777382483_arm64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:bb1aec4a92322116499401febc6982178deee5e989fd68a9635d9b31f7dd8db2_amd64",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:74b5fae3ab9b1cb951f533e9717e8dddf74cc20dbdbffa7753498fd851429392_s390x",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:8eed4974c6b9dedd5cb4f7ff1027908ad4ab8274dafffa00f12eb9c63a15d288_amd64",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:c766a6b85cd3bef81bc6f626589b569695d1742c1f961c4175a742de8dfc9712_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:0f13b14109bbebcb40bdcd8f0fdfd7f61a25ea7f39af746644b0861c7ff49626_s390x",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:afe5fffaa37933af2ac55390ed46d37a277bdfafb63f504645b9d29bd23b6e30_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:d5b01a44782ed114af0d96a357faa2ce00950194f8a6c63a37081bb3bfa8550e_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:d0a94174a1cdec08532959658b4dfe0e9adafb83314f69d4902c0b93e6ad4798_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:d2bff2e8f293034a8a7d80a063d35d5ba3fdc279b0d03440c1d2a47ff2606adf_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:fa43d6f2db3e6da5f5ae82a14b8631fdefee1ece7e8c714ca78d467b79f3b4a0_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:088c5f7549320be94fcfe1d759a6c0b12b82b0eb2c7ad7ea8a65533db3c701d2_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:27c832da54d32ada85fff3fb7d04d733143a1df7cb2e419b355191c1d91d1540_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:9a83557ae92af7bf8ca4c687aee1ba82311acf55c98b17fc44dff6e8206f4c7e_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:d2ae76ccd354cc34c46be21f3ba074fcfa1ebbdf7b32f4c61c4f45e55c23f270_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:13700b4ed1c50daa091652fd7b74779c06249ac21b9a741574bb5069b000f16b_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:65d1d96f56293f276c8574363d872c8c89686e3a61ee577cb4393165e9bbac0f_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:71a8e62888c5d7522d44045b373595ec4188c7946d60f1e2c8eb0f0e93954a03_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:fb501c55629dc8f44267c6813a84d111cb3c98bf5185a04fddd41c4f47f05621_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:28075f58315b04c3aa4c9f4a23689c76f4645837ef6eae79cc3633f389610407_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:31dc2d31b429e63fe599141392370e529b597e41e3b6bd9da387eba8971cedeb_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:f65ebe3bc2af885f04ac47d94d676a4bd95fb6534a24a9d436c215dbe40c41ad_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:137909bdc89b6e2b6bc672333ab53ff56ebc0695311c5df09266f793bf4e81aa_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:42f94d2ec5d022c829bec6b88624b27ec21c444fe5c19396ce248dbb0582cd82_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:951633082e542b42ec641cd9866518da79cfddafa069ef189281e2d580728c5d_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:20322293ce1012ddae0f395d5604e38a815e5da109bd11ac11e635c1773b1522_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:3527b74ae473b71b54fc4dcf53d247688ba11cc8656d7e96200b120bb2087f56_arm64",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:8ec79d06669ee36eae6d6c2ed3ef835934ca6b5d6d27fc1ba524e17c5a2df2e3_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:e83d5ec4974bedfb763845ea371c74f050cb38ba8bd8a9c7416dae502a7af87e_ppc64le",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:2d0383fe62f6636118612bcb987ce484a4131656b27a31bcc1ee6299ff51a813_ppc64le",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:53913fa206b297eb4e93d54efd6e0c3935a6b700f6c34cd9995d5483a855c854_s390x",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:c2b68542390a7e4336da0147eb19dfc1b5104a4be9fdfbce0f383d2e3c6012ab_arm64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:ea8f5dd86da91bd16a2b79a011dcbdc975383fdc736a19867d42e6318c691552_amd64",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:af735766b79a34a3bde546255f3a54b08b4ffc2c5a45e071cd887bf40a9f51b4_ppc64le",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d900dff1d730a61b9f1eb78f4902bd233113216973874cd0c77e2d27b249dadb_s390x",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e58f88c021243d4616127c177bd9c0aeabca99e8e57e0648311d3fde0c192dcb_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a1d9cc4aff1553cdd490cdbbf49d927edf9320dfabc8327571805c04c87f1120_ppc64le",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:c8c04af9ba9c10d8c32ac3c7004ba0c4ccf0c14ac683a1a685e97669ee387cca_s390x",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:f30254e9df41cf4049cc7b35610abd0a716a13f41a1c4523fc1e7bf2211085b0_amd64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:1973a2cc13ee9a32f8fa426511c69804821cd92a3f778ede9dc1dad3070132db_arm64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6850637e14d8acc7f88cd2b2c936b52ca66af159d7f97d37608da66cbfdcc825_s390x",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:c75a9897a89243b793642d1d5918a666b08b465797212cfa29022a8fcbeb358e_amd64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:d917d45adf63e8659d589eee79ccb9d1623252b7339b1e93524b7dea229c8f09_ppc64le",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:601fbb866efcab2fec4a675094cfe1d5259b6e475f9e6dadda69fc21cc178aee_amd64",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:9dfbd7fb7a6ca22a2a7f18cf4ec5c9539d30879db0623798d1ec8e4f5eb84dcc_ppc64le",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:c34e9f57958dc3bec472ee9b91ea31503fd939b07faae596677a36d7d73d3b59_s390x",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:08f5697d5460d1e509bfb4bf4b177e79a68c52b55cf693aa15b49a3951f972cf_ppc64le",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:1823f0fa1f0bf3097fa61cf9fa7dd6c591d43c7443942538ae126b6ab4d59653_amd64",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:4d22347dbd2f7c1e243b440304e05f2749d88888924e913b661ce8fe4e219496_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:36292e60b543154590ff245f4c4b233b8ad5857c7bac5fa0c45fa161500df1b2_ppc64le",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:424de07f469a52d905d50a126e0d0c48e5c2a8bfcc5fa6be37f4b0c806cf50b5_amd64",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:5045c0a773df2d4bff134934a4b61b3ed3653bce4bf1224495f71c14d0e34c7d_s390x",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:3466ff8766747872e8cb3c7d4e388e95bc93375509ee81076884e27b51875ef8_ppc64le",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:6ea22220e927607742e39622db5fcaf52bd03bd363db7c41d9e6b869c305859b_s390x",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:c98e251621146b479822a517c9556bd9e49c8dc57b4afccede822aac5699b37a_amd64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:f9dea8ea9ecae53cce167218abbe0b354279d8bb73115312ef413653d91d21f3_arm64",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:04751a4c128f21d5f1ec2ddae1107ceb5902ed63fd705441dc7280ea66c8941b_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:7e846eac9b45ddae80fd7bbd24f92809554c1b4c0fd915ff67ed5e1d08dd5c93_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:a115350e444d74bd30b86b6f8d9a2c15f28ab5418cbf1fe599c2251b043708b8_s390x",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:666b25c348e6275207b9bb2ef6ca1cf109fa935fd7d2dead4a764b5d7d243392_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:80a4e57074bf6bd9cd8fd1e0beeddebe6d6e0986c9c0a9fe8839268341763e2e_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:e388f3c0faa2505b6960c815043477034012d79660c3e5fdcc24b2272b93f218_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…