Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2024-47875 (GCVE-0-2024-47875)
Vulnerability from cvelistv5 – Published: 2024-10-11 14:59 – Updated: 2025-11-03 20:40
VLAI
EPSS
Title
DOMPurify nesting-based mXSS
Summary
DOMPurify is a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMpurify was vulnerable to nesting-based mXSS. This vulnerability is fixed in 2.5.0 and 3.1.3.
Severity
10 (Critical)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
6 references
| URL | Tags |
|---|---|
| https://github.com/cure53/DOMPurify/security/advi… | x_refsource_CONFIRM |
| https://github.com/cure53/DOMPurify/commit/0ef5e5… | x_refsource_MISC |
| https://github.com/cure53/DOMPurify/commit/6ea80c… | x_refsource_MISC |
| https://github.com/cure53/DOMPurify/blob/0ef5e537… | x_refsource_MISC |
| http://seclists.org/fulldisclosure/2025/Apr/14 | |
| https://lists.debian.org/debian-lts-announce/2025… |
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-47875",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-11T19:27:35.590076Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-11T19:27:57.706Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T20:40:56.817Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://seclists.org/fulldisclosure/2025/Apr/14"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2025/02/msg00010.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "DOMPurify",
"vendor": "cure53",
"versions": [
{
"status": "affected",
"version": "\u003c 2.5.0"
},
{
"status": "affected",
"version": "\u003c 3.1.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "DOMPurify is a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMpurify was vulnerable to nesting-based mXSS. This vulnerability is fixed in 2.5.0 and 3.1.3."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-11T14:59:27.641Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/cure53/DOMPurify/security/advisories/GHSA-gx9m-whjm-85jf",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/cure53/DOMPurify/security/advisories/GHSA-gx9m-whjm-85jf"
},
{
"name": "https://github.com/cure53/DOMPurify/commit/0ef5e537a514f904b6aa1d7ad9e749e365d7185f",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/cure53/DOMPurify/commit/0ef5e537a514f904b6aa1d7ad9e749e365d7185f"
},
{
"name": "https://github.com/cure53/DOMPurify/commit/6ea80cd8b47640c20f2f230c7920b1f4ce4fdf7a",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/cure53/DOMPurify/commit/6ea80cd8b47640c20f2f230c7920b1f4ce4fdf7a"
},
{
"name": "https://github.com/cure53/DOMPurify/blob/0ef5e537a514f904b6aa1d7ad9e749e365d7185f/test/test-suite.js#L2098",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/cure53/DOMPurify/blob/0ef5e537a514f904b6aa1d7ad9e749e365d7185f/test/test-suite.js#L2098"
}
],
"source": {
"advisory": "GHSA-gx9m-whjm-85jf",
"discovery": "UNKNOWN"
},
"title": "DOMPurify nesting-based mXSS"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-47875",
"datePublished": "2024-10-11T14:59:27.641Z",
"dateReserved": "2024-10-04T16:00:09.630Z",
"dateUpdated": "2025-11-03T20:40:56.817Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2024-47875",
"date": "2026-06-06",
"epss": "0.00699",
"percentile": "0.72412"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2024-47875\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2024-10-11T15:15:05.860\",\"lastModified\":\"2025-11-03T21:16:30.820\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"DOMPurify is a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMpurify was vulnerable to nesting-based mXSS. This vulnerability is fixed in 2.5.0 and 3.1.3.\"},{\"lang\":\"es\",\"value\":\"DOMPurify es un desinfectante de XSS ultrarr\u00e1pido, ultratolerante y exclusivo de DOM para HTML, MathML y SVG. DOMpurify era vulnerable a mXSS basado en anidamiento. Esta vulnerabilidad se solucion\u00f3 en 2.5.0 y 3.1.3.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H\",\"baseScore\":10.0,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":6.0},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\",\"baseScore\":6.1,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":2.7}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cure53:dompurify:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.5.0\",\"matchCriteriaId\":\"96A7E042-49AC-4CDC-953F-36145750CB51\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cure53:dompurify:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.0.0\",\"versionEndExcluding\":\"3.1.3\",\"matchCriteriaId\":\"9100F264-A79C-440E-A3F1-6970B87B4FD4\"}]}]}],\"references\":[{\"url\":\"https://github.com/cure53/DOMPurify/blob/0ef5e537a514f904b6aa1d7ad9e749e365d7185f/test/test-suite.js#L2098\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Product\"]},{\"url\":\"https://github.com/cure53/DOMPurify/commit/0ef5e537a514f904b6aa1d7ad9e749e365d7185f\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/cure53/DOMPurify/commit/6ea80cd8b47640c20f2f230c7920b1f4ce4fdf7a\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/cure53/DOMPurify/security/advisories/GHSA-gx9m-whjm-85jf\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"http://seclists.org/fulldisclosure/2025/Apr/14\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.debian.org/debian-lts-announce/2025/02/msg00010.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
"vulnrichment": {
"containers": "{\"cna\": {\"title\": \"DOMPurify nesting-based mXSS\", \"problemTypes\": [{\"descriptions\": [{\"cweId\": \"CWE-79\", \"lang\": \"en\", \"description\": \"CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)\", \"type\": \"CWE\"}]}], \"metrics\": [{\"cvssV3_1\": {\"attackComplexity\": \"LOW\", \"attackVector\": \"NETWORK\", \"availabilityImpact\": \"HIGH\", \"baseScore\": 10, \"baseSeverity\": \"CRITICAL\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"scope\": \"CHANGED\", \"userInteraction\": \"NONE\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H\", \"version\": \"3.1\"}}], \"references\": [{\"name\": \"https://github.com/cure53/DOMPurify/security/advisories/GHSA-gx9m-whjm-85jf\", \"tags\": [\"x_refsource_CONFIRM\"], \"url\": \"https://github.com/cure53/DOMPurify/security/advisories/GHSA-gx9m-whjm-85jf\"}, {\"name\": \"https://github.com/cure53/DOMPurify/commit/0ef5e537a514f904b6aa1d7ad9e749e365d7185f\", \"tags\": [\"x_refsource_MISC\"], \"url\": \"https://github.com/cure53/DOMPurify/commit/0ef5e537a514f904b6aa1d7ad9e749e365d7185f\"}, {\"name\": \"https://github.com/cure53/DOMPurify/commit/6ea80cd8b47640c20f2f230c7920b1f4ce4fdf7a\", \"tags\": [\"x_refsource_MISC\"], \"url\": \"https://github.com/cure53/DOMPurify/commit/6ea80cd8b47640c20f2f230c7920b1f4ce4fdf7a\"}, {\"name\": \"https://github.com/cure53/DOMPurify/blob/0ef5e537a514f904b6aa1d7ad9e749e365d7185f/test/test-suite.js#L2098\", \"tags\": [\"x_refsource_MISC\"], \"url\": \"https://github.com/cure53/DOMPurify/blob/0ef5e537a514f904b6aa1d7ad9e749e365d7185f/test/test-suite.js#L2098\"}], \"affected\": [{\"vendor\": \"cure53\", \"product\": \"DOMPurify\", \"versions\": [{\"version\": \"\u003c 2.5.0\", \"status\": \"affected\"}, {\"version\": \"\u003c 3.1.3\", \"status\": \"affected\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2024-10-11T14:59:27.641Z\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"DOMPurify is a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMpurify was vulnerable to nesting-based mXSS. This vulnerability is fixed in 2.5.0 and 3.1.3.\"}], \"source\": {\"advisory\": \"GHSA-gx9m-whjm-85jf\", \"discovery\": \"UNKNOWN\"}}, \"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-47875\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-10-11T19:27:35.590076Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-10-11T19:27:51.954Z\"}}]}",
"cveMetadata": "{\"cveId\": \"CVE-2024-47875\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"state\": \"PUBLISHED\", \"assignerShortName\": \"GitHub_M\", \"dateReserved\": \"2024-10-04T16:00:09.630Z\", \"datePublished\": \"2024-10-11T14:59:27.641Z\", \"dateUpdated\": \"2024-10-11T19:27:57.706Z\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
RHSA-2024:9629
Vulnerability from csaf_redhat - Published: 2024-11-14 08:36 - Updated: 2026-06-05 07:48Summary
Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.5.6
Severity
Important
Notes
Topic: Red Hat OpenShift Service Mesh Containers for 2.5.6
This update has a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation.
Security Fix(es):
* kiali-ossmc-container: nesting-based mutation XSS vulnerability (CVE-2024-47875) (OSSM-8247)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in DOMPurify that could allow for a nesting-based mXSS to not be properly sanitized.
8.0 (High)
Affected products
Fixed
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:20c5729df345672654e0451e0cbcfbe863805fb5bb28b18cfaf3535c58e30089_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:4005e591746c5febf32c236731bb0c26f70d019327bbdef42ca7cc963834b9ef_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:a540e7caea480f08a45b568d77143632f9037748d41f2e404acadb3e1c69993a_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fddfbc8eb02901993de6b1e2e3ff300f2ed655e880913198db9625dd2bb2d901_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2349b52f0eb89c430acac4652e16f6f87ccfdf729a2842c78e1d341289967cbd_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:5b10adf74b4e38e9e7768d0e4178b6069e287a514118d2c01a547a82bf63bfc0_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:bcfe1c7fedf3ad05becc6feb4cc039e79ac8d96ba544e7d83a258208dea2a1c0_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:d1aaffdf2037c27e617ecbc5b7d332f064d0835798eddf00a61e09506cc163f4_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:4dbc9af138b09394f5b0e980f5844dd852dfa269f56061adbd6c071badbb3e7f_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:65468fe040df7e988286c888a9cb584a38fd52e0315e3d3baf880b0ff466e861_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:bd74dd0c04d4d5787e2c3aafbca3d5712c2b100d1a320d544f924138c59740a0_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:e6fae53dd0b5126479293736486d73a7831150eb3ccef1e59fbd276340024c55_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:119f5eadf591993b1fb4989f15b46e356f60a019256598e84523bd2bc08b6e3a_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2abdbf22f8f99eb18dd3cb3393fd70e364a9e6a8348bb4028a2146a05b330a3a_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:afda09c612d9eef60439a2ce29d5c0262abd63e33fc32aacf62e8aeaa88d42c4_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ba29942848135ede7214bd53ada5f4f27c2245c3832b26916f55f623ef5e0281_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:44ecbaac3a9f293c395a8bcf61bc09491934d425d0bc999afaca8f0a7f0225e7_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9ace9ceea8337bbfab384d1f2080974eef24b3b88a58f104f2f4ab001cb8f16c_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:a60f2267cd8adc02d3d726f009832f1348683b5d286eb895711f8cb6ab40d242_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:b9bc720b798b29639cc6563d64219ee19ff0b5f0ede40fe85df42db3333d2f8a_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:23caccd0e422ac4b59397aa6d7a028f4df8a61488b7ea339d81cb8ac432c3716_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:9b975fe879ed990ff410a2cc72a6f1d7e49d63a86d5b4e90bf48eb6f6172d32d_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:fa1eb737072defb020f05061805a5c962b869bc34db82971a387958f1fb125af_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:ffe5602bd1e2c9c2ad354f262cb130a89c11a0b48390155b7a7a670b16dbd9c3_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:2233881311d88bd98a40a95af3131daa18fc5ac60290bf1c70f3b99488489118_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:8581ad76cd8e4d17f36094bb65afffac23d47ecb5ade9590022466d44518bb59_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:9d111abdce8928192a104a0fa4818f060aca5012c8c5107ff0fc489a594a16be_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:fcc3521fbb4be11baef5008353301dcec580045f003b12b7af3beb0107807fba_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:403318fb7177877f1a7075a76803b56d159cb6866a71c486c3d60de0eac73ea6_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:4ca99e4ff0e5af748b818c93716e7172926d2552f80694aa0f1a9e0384f355d2_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:bb8ff50a406cf719abb7d954a3ffcb7d3d7c73d21a5ed8bec9b994fcf93779cc_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:d7ba12eafd54c65fdd14a448d5fb5081a40c264911b39de3efc7b66ef0226ab3_ppc64le | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
References
12 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Service Mesh Containers for 2.5.6\n\nThis update has a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Service Mesh is Red Hat\u0027s distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation.\n\nSecurity Fix(es):\n\n* kiali-ossmc-container: nesting-based mutation XSS vulnerability (CVE-2024-47875) (OSSM-8247)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:9629",
"url": "https://access.redhat.com/errata/RHSA-2024:9629"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2318052",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2318052"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_9629.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.5.6",
"tracking": {
"current_release_date": "2026-06-05T07:48:15+00:00",
"generator": {
"date": "2026-06-05T07:48:15+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.2"
}
},
"id": "RHSA-2024:9629",
"initial_release_date": "2024-11-14T08:36:54+00:00",
"revision_history": [
{
"date": "2024-11-14T08:36:54+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-11-14T08:36:54+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-05T07:48:15+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHOSSM 2.5 for RHEL 8",
"product": {
"name": "RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:service_mesh:2.5::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Service Mesh"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:afda09c612d9eef60439a2ce29d5c0262abd63e33fc32aacf62e8aeaa88d42c4_amd64",
"product": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:afda09c612d9eef60439a2ce29d5c0262abd63e33fc32aacf62e8aeaa88d42c4_amd64",
"product_id": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:afda09c612d9eef60439a2ce29d5c0262abd63e33fc32aacf62e8aeaa88d42c4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel8@sha256:afda09c612d9eef60439a2ce29d5c0262abd63e33fc32aacf62e8aeaa88d42c4?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8\u0026tag=1.73.15-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:bcfe1c7fedf3ad05becc6feb4cc039e79ac8d96ba544e7d83a258208dea2a1c0_amd64",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:bcfe1c7fedf3ad05becc6feb4cc039e79ac8d96ba544e7d83a258208dea2a1c0_amd64",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:bcfe1c7fedf3ad05becc6feb4cc039e79ac8d96ba544e7d83a258208dea2a1c0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:bcfe1c7fedf3ad05becc6feb4cc039e79ac8d96ba544e7d83a258208dea2a1c0?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.5.6-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:fddfbc8eb02901993de6b1e2e3ff300f2ed655e880913198db9625dd2bb2d901_amd64",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:fddfbc8eb02901993de6b1e2e3ff300f2ed655e880913198db9625dd2bb2d901_amd64",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:fddfbc8eb02901993de6b1e2e3ff300f2ed655e880913198db9625dd2bb2d901_amd64",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:fddfbc8eb02901993de6b1e2e3ff300f2ed655e880913198db9625dd2bb2d901?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.5.6-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:b9bc720b798b29639cc6563d64219ee19ff0b5f0ede40fe85df42db3333d2f8a_amd64",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:b9bc720b798b29639cc6563d64219ee19ff0b5f0ede40fe85df42db3333d2f8a_amd64",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:b9bc720b798b29639cc6563d64219ee19ff0b5f0ede40fe85df42db3333d2f8a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:b9bc720b798b29639cc6563d64219ee19ff0b5f0ede40fe85df42db3333d2f8a?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.73.16-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:e6fae53dd0b5126479293736486d73a7831150eb3ccef1e59fbd276340024c55_amd64",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:e6fae53dd0b5126479293736486d73a7831150eb3ccef1e59fbd276340024c55_amd64",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:e6fae53dd0b5126479293736486d73a7831150eb3ccef1e59fbd276340024c55_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:e6fae53dd0b5126479293736486d73a7831150eb3ccef1e59fbd276340024c55?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.5.6-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:23caccd0e422ac4b59397aa6d7a028f4df8a61488b7ea339d81cb8ac432c3716_amd64",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:23caccd0e422ac4b59397aa6d7a028f4df8a61488b7ea339d81cb8ac432c3716_amd64",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:23caccd0e422ac4b59397aa6d7a028f4df8a61488b7ea339d81cb8ac432c3716_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:23caccd0e422ac4b59397aa6d7a028f4df8a61488b7ea339d81cb8ac432c3716?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.5.6-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:9d111abdce8928192a104a0fa4818f060aca5012c8c5107ff0fc489a594a16be_amd64",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:9d111abdce8928192a104a0fa4818f060aca5012c8c5107ff0fc489a594a16be_amd64",
"product_id": "openshift-service-mesh/proxyv2-rhel8@sha256:9d111abdce8928192a104a0fa4818f060aca5012c8c5107ff0fc489a594a16be_amd64",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel8@sha256:9d111abdce8928192a104a0fa4818f060aca5012c8c5107ff0fc489a594a16be?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8\u0026tag=2.5.6-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:bb8ff50a406cf719abb7d954a3ffcb7d3d7c73d21a5ed8bec9b994fcf93779cc_amd64",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:bb8ff50a406cf719abb7d954a3ffcb7d3d7c73d21a5ed8bec9b994fcf93779cc_amd64",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:bb8ff50a406cf719abb7d954a3ffcb7d3d7c73d21a5ed8bec9b994fcf93779cc_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:bb8ff50a406cf719abb7d954a3ffcb7d3d7c73d21a5ed8bec9b994fcf93779cc?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.5.6-2"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:2abdbf22f8f99eb18dd3cb3393fd70e364a9e6a8348bb4028a2146a05b330a3a_arm64",
"product": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:2abdbf22f8f99eb18dd3cb3393fd70e364a9e6a8348bb4028a2146a05b330a3a_arm64",
"product_id": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:2abdbf22f8f99eb18dd3cb3393fd70e364a9e6a8348bb4028a2146a05b330a3a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel8@sha256:2abdbf22f8f99eb18dd3cb3393fd70e364a9e6a8348bb4028a2146a05b330a3a?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8\u0026tag=1.73.15-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:5b10adf74b4e38e9e7768d0e4178b6069e287a514118d2c01a547a82bf63bfc0_arm64",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:5b10adf74b4e38e9e7768d0e4178b6069e287a514118d2c01a547a82bf63bfc0_arm64",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:5b10adf74b4e38e9e7768d0e4178b6069e287a514118d2c01a547a82bf63bfc0_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:5b10adf74b4e38e9e7768d0e4178b6069e287a514118d2c01a547a82bf63bfc0?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.5.6-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:20c5729df345672654e0451e0cbcfbe863805fb5bb28b18cfaf3535c58e30089_arm64",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:20c5729df345672654e0451e0cbcfbe863805fb5bb28b18cfaf3535c58e30089_arm64",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:20c5729df345672654e0451e0cbcfbe863805fb5bb28b18cfaf3535c58e30089_arm64",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:20c5729df345672654e0451e0cbcfbe863805fb5bb28b18cfaf3535c58e30089?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.5.6-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:44ecbaac3a9f293c395a8bcf61bc09491934d425d0bc999afaca8f0a7f0225e7_arm64",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:44ecbaac3a9f293c395a8bcf61bc09491934d425d0bc999afaca8f0a7f0225e7_arm64",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:44ecbaac3a9f293c395a8bcf61bc09491934d425d0bc999afaca8f0a7f0225e7_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:44ecbaac3a9f293c395a8bcf61bc09491934d425d0bc999afaca8f0a7f0225e7?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.73.16-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:4dbc9af138b09394f5b0e980f5844dd852dfa269f56061adbd6c071badbb3e7f_arm64",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:4dbc9af138b09394f5b0e980f5844dd852dfa269f56061adbd6c071badbb3e7f_arm64",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:4dbc9af138b09394f5b0e980f5844dd852dfa269f56061adbd6c071badbb3e7f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:4dbc9af138b09394f5b0e980f5844dd852dfa269f56061adbd6c071badbb3e7f?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.5.6-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:ffe5602bd1e2c9c2ad354f262cb130a89c11a0b48390155b7a7a670b16dbd9c3_arm64",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:ffe5602bd1e2c9c2ad354f262cb130a89c11a0b48390155b7a7a670b16dbd9c3_arm64",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:ffe5602bd1e2c9c2ad354f262cb130a89c11a0b48390155b7a7a670b16dbd9c3_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:ffe5602bd1e2c9c2ad354f262cb130a89c11a0b48390155b7a7a670b16dbd9c3?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.5.6-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:fcc3521fbb4be11baef5008353301dcec580045f003b12b7af3beb0107807fba_arm64",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:fcc3521fbb4be11baef5008353301dcec580045f003b12b7af3beb0107807fba_arm64",
"product_id": "openshift-service-mesh/proxyv2-rhel8@sha256:fcc3521fbb4be11baef5008353301dcec580045f003b12b7af3beb0107807fba_arm64",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel8@sha256:fcc3521fbb4be11baef5008353301dcec580045f003b12b7af3beb0107807fba?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8\u0026tag=2.5.6-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:4ca99e4ff0e5af748b818c93716e7172926d2552f80694aa0f1a9e0384f355d2_arm64",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:4ca99e4ff0e5af748b818c93716e7172926d2552f80694aa0f1a9e0384f355d2_arm64",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:4ca99e4ff0e5af748b818c93716e7172926d2552f80694aa0f1a9e0384f355d2_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:4ca99e4ff0e5af748b818c93716e7172926d2552f80694aa0f1a9e0384f355d2?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.5.6-2"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:119f5eadf591993b1fb4989f15b46e356f60a019256598e84523bd2bc08b6e3a_ppc64le",
"product": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:119f5eadf591993b1fb4989f15b46e356f60a019256598e84523bd2bc08b6e3a_ppc64le",
"product_id": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:119f5eadf591993b1fb4989f15b46e356f60a019256598e84523bd2bc08b6e3a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel8@sha256:119f5eadf591993b1fb4989f15b46e356f60a019256598e84523bd2bc08b6e3a?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8\u0026tag=1.73.15-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:d1aaffdf2037c27e617ecbc5b7d332f064d0835798eddf00a61e09506cc163f4_ppc64le",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:d1aaffdf2037c27e617ecbc5b7d332f064d0835798eddf00a61e09506cc163f4_ppc64le",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:d1aaffdf2037c27e617ecbc5b7d332f064d0835798eddf00a61e09506cc163f4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:d1aaffdf2037c27e617ecbc5b7d332f064d0835798eddf00a61e09506cc163f4?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.5.6-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:4005e591746c5febf32c236731bb0c26f70d019327bbdef42ca7cc963834b9ef_ppc64le",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:4005e591746c5febf32c236731bb0c26f70d019327bbdef42ca7cc963834b9ef_ppc64le",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:4005e591746c5febf32c236731bb0c26f70d019327bbdef42ca7cc963834b9ef_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:4005e591746c5febf32c236731bb0c26f70d019327bbdef42ca7cc963834b9ef?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.5.6-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:a60f2267cd8adc02d3d726f009832f1348683b5d286eb895711f8cb6ab40d242_ppc64le",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:a60f2267cd8adc02d3d726f009832f1348683b5d286eb895711f8cb6ab40d242_ppc64le",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:a60f2267cd8adc02d3d726f009832f1348683b5d286eb895711f8cb6ab40d242_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:a60f2267cd8adc02d3d726f009832f1348683b5d286eb895711f8cb6ab40d242?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.73.16-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:bd74dd0c04d4d5787e2c3aafbca3d5712c2b100d1a320d544f924138c59740a0_ppc64le",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:bd74dd0c04d4d5787e2c3aafbca3d5712c2b100d1a320d544f924138c59740a0_ppc64le",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:bd74dd0c04d4d5787e2c3aafbca3d5712c2b100d1a320d544f924138c59740a0_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:bd74dd0c04d4d5787e2c3aafbca3d5712c2b100d1a320d544f924138c59740a0?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.5.6-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:fa1eb737072defb020f05061805a5c962b869bc34db82971a387958f1fb125af_ppc64le",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:fa1eb737072defb020f05061805a5c962b869bc34db82971a387958f1fb125af_ppc64le",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:fa1eb737072defb020f05061805a5c962b869bc34db82971a387958f1fb125af_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:fa1eb737072defb020f05061805a5c962b869bc34db82971a387958f1fb125af?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.5.6-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:2233881311d88bd98a40a95af3131daa18fc5ac60290bf1c70f3b99488489118_ppc64le",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:2233881311d88bd98a40a95af3131daa18fc5ac60290bf1c70f3b99488489118_ppc64le",
"product_id": "openshift-service-mesh/proxyv2-rhel8@sha256:2233881311d88bd98a40a95af3131daa18fc5ac60290bf1c70f3b99488489118_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel8@sha256:2233881311d88bd98a40a95af3131daa18fc5ac60290bf1c70f3b99488489118?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8\u0026tag=2.5.6-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:d7ba12eafd54c65fdd14a448d5fb5081a40c264911b39de3efc7b66ef0226ab3_ppc64le",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:d7ba12eafd54c65fdd14a448d5fb5081a40c264911b39de3efc7b66ef0226ab3_ppc64le",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:d7ba12eafd54c65fdd14a448d5fb5081a40c264911b39de3efc7b66ef0226ab3_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:d7ba12eafd54c65fdd14a448d5fb5081a40c264911b39de3efc7b66ef0226ab3?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.5.6-2"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:ba29942848135ede7214bd53ada5f4f27c2245c3832b26916f55f623ef5e0281_s390x",
"product": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:ba29942848135ede7214bd53ada5f4f27c2245c3832b26916f55f623ef5e0281_s390x",
"product_id": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:ba29942848135ede7214bd53ada5f4f27c2245c3832b26916f55f623ef5e0281_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel8@sha256:ba29942848135ede7214bd53ada5f4f27c2245c3832b26916f55f623ef5e0281?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8\u0026tag=1.73.15-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:2349b52f0eb89c430acac4652e16f6f87ccfdf729a2842c78e1d341289967cbd_s390x",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:2349b52f0eb89c430acac4652e16f6f87ccfdf729a2842c78e1d341289967cbd_s390x",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:2349b52f0eb89c430acac4652e16f6f87ccfdf729a2842c78e1d341289967cbd_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:2349b52f0eb89c430acac4652e16f6f87ccfdf729a2842c78e1d341289967cbd?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.5.6-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:a540e7caea480f08a45b568d77143632f9037748d41f2e404acadb3e1c69993a_s390x",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:a540e7caea480f08a45b568d77143632f9037748d41f2e404acadb3e1c69993a_s390x",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:a540e7caea480f08a45b568d77143632f9037748d41f2e404acadb3e1c69993a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:a540e7caea480f08a45b568d77143632f9037748d41f2e404acadb3e1c69993a?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.5.6-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:9ace9ceea8337bbfab384d1f2080974eef24b3b88a58f104f2f4ab001cb8f16c_s390x",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:9ace9ceea8337bbfab384d1f2080974eef24b3b88a58f104f2f4ab001cb8f16c_s390x",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:9ace9ceea8337bbfab384d1f2080974eef24b3b88a58f104f2f4ab001cb8f16c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:9ace9ceea8337bbfab384d1f2080974eef24b3b88a58f104f2f4ab001cb8f16c?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.73.16-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:65468fe040df7e988286c888a9cb584a38fd52e0315e3d3baf880b0ff466e861_s390x",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:65468fe040df7e988286c888a9cb584a38fd52e0315e3d3baf880b0ff466e861_s390x",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:65468fe040df7e988286c888a9cb584a38fd52e0315e3d3baf880b0ff466e861_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:65468fe040df7e988286c888a9cb584a38fd52e0315e3d3baf880b0ff466e861?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.5.6-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:9b975fe879ed990ff410a2cc72a6f1d7e49d63a86d5b4e90bf48eb6f6172d32d_s390x",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:9b975fe879ed990ff410a2cc72a6f1d7e49d63a86d5b4e90bf48eb6f6172d32d_s390x",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:9b975fe879ed990ff410a2cc72a6f1d7e49d63a86d5b4e90bf48eb6f6172d32d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:9b975fe879ed990ff410a2cc72a6f1d7e49d63a86d5b4e90bf48eb6f6172d32d?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.5.6-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:8581ad76cd8e4d17f36094bb65afffac23d47ecb5ade9590022466d44518bb59_s390x",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:8581ad76cd8e4d17f36094bb65afffac23d47ecb5ade9590022466d44518bb59_s390x",
"product_id": "openshift-service-mesh/proxyv2-rhel8@sha256:8581ad76cd8e4d17f36094bb65afffac23d47ecb5ade9590022466d44518bb59_s390x",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel8@sha256:8581ad76cd8e4d17f36094bb65afffac23d47ecb5ade9590022466d44518bb59?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8\u0026tag=2.5.6-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:403318fb7177877f1a7075a76803b56d159cb6866a71c486c3d60de0eac73ea6_s390x",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:403318fb7177877f1a7075a76803b56d159cb6866a71c486c3d60de0eac73ea6_s390x",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:403318fb7177877f1a7075a76803b56d159cb6866a71c486c3d60de0eac73ea6_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:403318fb7177877f1a7075a76803b56d159cb6866a71c486c3d60de0eac73ea6?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.5.6-2"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:20c5729df345672654e0451e0cbcfbe863805fb5bb28b18cfaf3535c58e30089_arm64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:20c5729df345672654e0451e0cbcfbe863805fb5bb28b18cfaf3535c58e30089_arm64"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:20c5729df345672654e0451e0cbcfbe863805fb5bb28b18cfaf3535c58e30089_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:4005e591746c5febf32c236731bb0c26f70d019327bbdef42ca7cc963834b9ef_ppc64le as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:4005e591746c5febf32c236731bb0c26f70d019327bbdef42ca7cc963834b9ef_ppc64le"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:4005e591746c5febf32c236731bb0c26f70d019327bbdef42ca7cc963834b9ef_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:a540e7caea480f08a45b568d77143632f9037748d41f2e404acadb3e1c69993a_s390x as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:a540e7caea480f08a45b568d77143632f9037748d41f2e404acadb3e1c69993a_s390x"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:a540e7caea480f08a45b568d77143632f9037748d41f2e404acadb3e1c69993a_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:fddfbc8eb02901993de6b1e2e3ff300f2ed655e880913198db9625dd2bb2d901_amd64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fddfbc8eb02901993de6b1e2e3ff300f2ed655e880913198db9625dd2bb2d901_amd64"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:fddfbc8eb02901993de6b1e2e3ff300f2ed655e880913198db9625dd2bb2d901_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:2349b52f0eb89c430acac4652e16f6f87ccfdf729a2842c78e1d341289967cbd_s390x as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2349b52f0eb89c430acac4652e16f6f87ccfdf729a2842c78e1d341289967cbd_s390x"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:2349b52f0eb89c430acac4652e16f6f87ccfdf729a2842c78e1d341289967cbd_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:5b10adf74b4e38e9e7768d0e4178b6069e287a514118d2c01a547a82bf63bfc0_arm64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:5b10adf74b4e38e9e7768d0e4178b6069e287a514118d2c01a547a82bf63bfc0_arm64"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:5b10adf74b4e38e9e7768d0e4178b6069e287a514118d2c01a547a82bf63bfc0_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:bcfe1c7fedf3ad05becc6feb4cc039e79ac8d96ba544e7d83a258208dea2a1c0_amd64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:bcfe1c7fedf3ad05becc6feb4cc039e79ac8d96ba544e7d83a258208dea2a1c0_amd64"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:bcfe1c7fedf3ad05becc6feb4cc039e79ac8d96ba544e7d83a258208dea2a1c0_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:d1aaffdf2037c27e617ecbc5b7d332f064d0835798eddf00a61e09506cc163f4_ppc64le as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:d1aaffdf2037c27e617ecbc5b7d332f064d0835798eddf00a61e09506cc163f4_ppc64le"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:d1aaffdf2037c27e617ecbc5b7d332f064d0835798eddf00a61e09506cc163f4_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:4dbc9af138b09394f5b0e980f5844dd852dfa269f56061adbd6c071badbb3e7f_arm64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:4dbc9af138b09394f5b0e980f5844dd852dfa269f56061adbd6c071badbb3e7f_arm64"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:4dbc9af138b09394f5b0e980f5844dd852dfa269f56061adbd6c071badbb3e7f_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:65468fe040df7e988286c888a9cb584a38fd52e0315e3d3baf880b0ff466e861_s390x as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:65468fe040df7e988286c888a9cb584a38fd52e0315e3d3baf880b0ff466e861_s390x"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:65468fe040df7e988286c888a9cb584a38fd52e0315e3d3baf880b0ff466e861_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:bd74dd0c04d4d5787e2c3aafbca3d5712c2b100d1a320d544f924138c59740a0_ppc64le as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:bd74dd0c04d4d5787e2c3aafbca3d5712c2b100d1a320d544f924138c59740a0_ppc64le"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:bd74dd0c04d4d5787e2c3aafbca3d5712c2b100d1a320d544f924138c59740a0_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:e6fae53dd0b5126479293736486d73a7831150eb3ccef1e59fbd276340024c55_amd64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:e6fae53dd0b5126479293736486d73a7831150eb3ccef1e59fbd276340024c55_amd64"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:e6fae53dd0b5126479293736486d73a7831150eb3ccef1e59fbd276340024c55_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:119f5eadf591993b1fb4989f15b46e356f60a019256598e84523bd2bc08b6e3a_ppc64le as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:119f5eadf591993b1fb4989f15b46e356f60a019256598e84523bd2bc08b6e3a_ppc64le"
},
"product_reference": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:119f5eadf591993b1fb4989f15b46e356f60a019256598e84523bd2bc08b6e3a_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:2abdbf22f8f99eb18dd3cb3393fd70e364a9e6a8348bb4028a2146a05b330a3a_arm64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2abdbf22f8f99eb18dd3cb3393fd70e364a9e6a8348bb4028a2146a05b330a3a_arm64"
},
"product_reference": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:2abdbf22f8f99eb18dd3cb3393fd70e364a9e6a8348bb4028a2146a05b330a3a_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:afda09c612d9eef60439a2ce29d5c0262abd63e33fc32aacf62e8aeaa88d42c4_amd64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:afda09c612d9eef60439a2ce29d5c0262abd63e33fc32aacf62e8aeaa88d42c4_amd64"
},
"product_reference": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:afda09c612d9eef60439a2ce29d5c0262abd63e33fc32aacf62e8aeaa88d42c4_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:ba29942848135ede7214bd53ada5f4f27c2245c3832b26916f55f623ef5e0281_s390x as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ba29942848135ede7214bd53ada5f4f27c2245c3832b26916f55f623ef5e0281_s390x"
},
"product_reference": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:ba29942848135ede7214bd53ada5f4f27c2245c3832b26916f55f623ef5e0281_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:44ecbaac3a9f293c395a8bcf61bc09491934d425d0bc999afaca8f0a7f0225e7_arm64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:44ecbaac3a9f293c395a8bcf61bc09491934d425d0bc999afaca8f0a7f0225e7_arm64"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:44ecbaac3a9f293c395a8bcf61bc09491934d425d0bc999afaca8f0a7f0225e7_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:9ace9ceea8337bbfab384d1f2080974eef24b3b88a58f104f2f4ab001cb8f16c_s390x as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9ace9ceea8337bbfab384d1f2080974eef24b3b88a58f104f2f4ab001cb8f16c_s390x"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:9ace9ceea8337bbfab384d1f2080974eef24b3b88a58f104f2f4ab001cb8f16c_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:a60f2267cd8adc02d3d726f009832f1348683b5d286eb895711f8cb6ab40d242_ppc64le as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:a60f2267cd8adc02d3d726f009832f1348683b5d286eb895711f8cb6ab40d242_ppc64le"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:a60f2267cd8adc02d3d726f009832f1348683b5d286eb895711f8cb6ab40d242_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:b9bc720b798b29639cc6563d64219ee19ff0b5f0ede40fe85df42db3333d2f8a_amd64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:b9bc720b798b29639cc6563d64219ee19ff0b5f0ede40fe85df42db3333d2f8a_amd64"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:b9bc720b798b29639cc6563d64219ee19ff0b5f0ede40fe85df42db3333d2f8a_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:23caccd0e422ac4b59397aa6d7a028f4df8a61488b7ea339d81cb8ac432c3716_amd64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:23caccd0e422ac4b59397aa6d7a028f4df8a61488b7ea339d81cb8ac432c3716_amd64"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:23caccd0e422ac4b59397aa6d7a028f4df8a61488b7ea339d81cb8ac432c3716_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:9b975fe879ed990ff410a2cc72a6f1d7e49d63a86d5b4e90bf48eb6f6172d32d_s390x as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:9b975fe879ed990ff410a2cc72a6f1d7e49d63a86d5b4e90bf48eb6f6172d32d_s390x"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:9b975fe879ed990ff410a2cc72a6f1d7e49d63a86d5b4e90bf48eb6f6172d32d_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:fa1eb737072defb020f05061805a5c962b869bc34db82971a387958f1fb125af_ppc64le as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:fa1eb737072defb020f05061805a5c962b869bc34db82971a387958f1fb125af_ppc64le"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:fa1eb737072defb020f05061805a5c962b869bc34db82971a387958f1fb125af_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:ffe5602bd1e2c9c2ad354f262cb130a89c11a0b48390155b7a7a670b16dbd9c3_arm64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:ffe5602bd1e2c9c2ad354f262cb130a89c11a0b48390155b7a7a670b16dbd9c3_arm64"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:ffe5602bd1e2c9c2ad354f262cb130a89c11a0b48390155b7a7a670b16dbd9c3_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:2233881311d88bd98a40a95af3131daa18fc5ac60290bf1c70f3b99488489118_ppc64le as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:2233881311d88bd98a40a95af3131daa18fc5ac60290bf1c70f3b99488489118_ppc64le"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel8@sha256:2233881311d88bd98a40a95af3131daa18fc5ac60290bf1c70f3b99488489118_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:8581ad76cd8e4d17f36094bb65afffac23d47ecb5ade9590022466d44518bb59_s390x as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:8581ad76cd8e4d17f36094bb65afffac23d47ecb5ade9590022466d44518bb59_s390x"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel8@sha256:8581ad76cd8e4d17f36094bb65afffac23d47ecb5ade9590022466d44518bb59_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:9d111abdce8928192a104a0fa4818f060aca5012c8c5107ff0fc489a594a16be_amd64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:9d111abdce8928192a104a0fa4818f060aca5012c8c5107ff0fc489a594a16be_amd64"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel8@sha256:9d111abdce8928192a104a0fa4818f060aca5012c8c5107ff0fc489a594a16be_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:fcc3521fbb4be11baef5008353301dcec580045f003b12b7af3beb0107807fba_arm64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:fcc3521fbb4be11baef5008353301dcec580045f003b12b7af3beb0107807fba_arm64"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel8@sha256:fcc3521fbb4be11baef5008353301dcec580045f003b12b7af3beb0107807fba_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:403318fb7177877f1a7075a76803b56d159cb6866a71c486c3d60de0eac73ea6_s390x as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:403318fb7177877f1a7075a76803b56d159cb6866a71c486c3d60de0eac73ea6_s390x"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:403318fb7177877f1a7075a76803b56d159cb6866a71c486c3d60de0eac73ea6_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:4ca99e4ff0e5af748b818c93716e7172926d2552f80694aa0f1a9e0384f355d2_arm64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:4ca99e4ff0e5af748b818c93716e7172926d2552f80694aa0f1a9e0384f355d2_arm64"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:4ca99e4ff0e5af748b818c93716e7172926d2552f80694aa0f1a9e0384f355d2_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:bb8ff50a406cf719abb7d954a3ffcb7d3d7c73d21a5ed8bec9b994fcf93779cc_amd64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:bb8ff50a406cf719abb7d954a3ffcb7d3d7c73d21a5ed8bec9b994fcf93779cc_amd64"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:bb8ff50a406cf719abb7d954a3ffcb7d3d7c73d21a5ed8bec9b994fcf93779cc_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:d7ba12eafd54c65fdd14a448d5fb5081a40c264911b39de3efc7b66ef0226ab3_ppc64le as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:d7ba12eafd54c65fdd14a448d5fb5081a40c264911b39de3efc7b66ef0226ab3_ppc64le"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:d7ba12eafd54c65fdd14a448d5fb5081a40c264911b39de3efc7b66ef0226ab3_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-47875",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-10-11T15:20:07.304345+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2318052"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in DOMPurify that could allow for a nesting-based mXSS to not be properly sanitized.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "dompurify: nesting-based mutation XSS vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:20c5729df345672654e0451e0cbcfbe863805fb5bb28b18cfaf3535c58e30089_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:4005e591746c5febf32c236731bb0c26f70d019327bbdef42ca7cc963834b9ef_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:a540e7caea480f08a45b568d77143632f9037748d41f2e404acadb3e1c69993a_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fddfbc8eb02901993de6b1e2e3ff300f2ed655e880913198db9625dd2bb2d901_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2349b52f0eb89c430acac4652e16f6f87ccfdf729a2842c78e1d341289967cbd_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:5b10adf74b4e38e9e7768d0e4178b6069e287a514118d2c01a547a82bf63bfc0_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:bcfe1c7fedf3ad05becc6feb4cc039e79ac8d96ba544e7d83a258208dea2a1c0_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:d1aaffdf2037c27e617ecbc5b7d332f064d0835798eddf00a61e09506cc163f4_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:4dbc9af138b09394f5b0e980f5844dd852dfa269f56061adbd6c071badbb3e7f_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:65468fe040df7e988286c888a9cb584a38fd52e0315e3d3baf880b0ff466e861_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:bd74dd0c04d4d5787e2c3aafbca3d5712c2b100d1a320d544f924138c59740a0_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:e6fae53dd0b5126479293736486d73a7831150eb3ccef1e59fbd276340024c55_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:119f5eadf591993b1fb4989f15b46e356f60a019256598e84523bd2bc08b6e3a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2abdbf22f8f99eb18dd3cb3393fd70e364a9e6a8348bb4028a2146a05b330a3a_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:afda09c612d9eef60439a2ce29d5c0262abd63e33fc32aacf62e8aeaa88d42c4_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ba29942848135ede7214bd53ada5f4f27c2245c3832b26916f55f623ef5e0281_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:44ecbaac3a9f293c395a8bcf61bc09491934d425d0bc999afaca8f0a7f0225e7_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9ace9ceea8337bbfab384d1f2080974eef24b3b88a58f104f2f4ab001cb8f16c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:a60f2267cd8adc02d3d726f009832f1348683b5d286eb895711f8cb6ab40d242_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:b9bc720b798b29639cc6563d64219ee19ff0b5f0ede40fe85df42db3333d2f8a_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:23caccd0e422ac4b59397aa6d7a028f4df8a61488b7ea339d81cb8ac432c3716_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:9b975fe879ed990ff410a2cc72a6f1d7e49d63a86d5b4e90bf48eb6f6172d32d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:fa1eb737072defb020f05061805a5c962b869bc34db82971a387958f1fb125af_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:ffe5602bd1e2c9c2ad354f262cb130a89c11a0b48390155b7a7a670b16dbd9c3_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:2233881311d88bd98a40a95af3131daa18fc5ac60290bf1c70f3b99488489118_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:8581ad76cd8e4d17f36094bb65afffac23d47ecb5ade9590022466d44518bb59_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:9d111abdce8928192a104a0fa4818f060aca5012c8c5107ff0fc489a594a16be_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:fcc3521fbb4be11baef5008353301dcec580045f003b12b7af3beb0107807fba_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:403318fb7177877f1a7075a76803b56d159cb6866a71c486c3d60de0eac73ea6_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:4ca99e4ff0e5af748b818c93716e7172926d2552f80694aa0f1a9e0384f355d2_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:bb8ff50a406cf719abb7d954a3ffcb7d3d7c73d21a5ed8bec9b994fcf93779cc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:d7ba12eafd54c65fdd14a448d5fb5081a40c264911b39de3efc7b66ef0226ab3_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-47875"
},
{
"category": "external",
"summary": "RHBZ#2318052",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2318052"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-47875",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47875"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-47875",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-47875"
},
{
"category": "external",
"summary": "https://github.com/cure53/DOMPurify/blob/0ef5e537a514f904b6aa1d7ad9e749e365d7185f/test/test-suite.js#L2098",
"url": "https://github.com/cure53/DOMPurify/blob/0ef5e537a514f904b6aa1d7ad9e749e365d7185f/test/test-suite.js#L2098"
},
{
"category": "external",
"summary": "https://github.com/cure53/DOMPurify/commit/0ef5e537a514f904b6aa1d7ad9e749e365d7185f",
"url": "https://github.com/cure53/DOMPurify/commit/0ef5e537a514f904b6aa1d7ad9e749e365d7185f"
},
{
"category": "external",
"summary": "https://github.com/cure53/DOMPurify/commit/6ea80cd8b47640c20f2f230c7920b1f4ce4fdf7a",
"url": "https://github.com/cure53/DOMPurify/commit/6ea80cd8b47640c20f2f230c7920b1f4ce4fdf7a"
},
{
"category": "external",
"summary": "https://github.com/cure53/DOMPurify/security/advisories/GHSA-gx9m-whjm-85jf",
"url": "https://github.com/cure53/DOMPurify/security/advisories/GHSA-gx9m-whjm-85jf"
}
],
"release_date": "2024-10-11T15:15:05.860000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-14T08:36:54+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:20c5729df345672654e0451e0cbcfbe863805fb5bb28b18cfaf3535c58e30089_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:4005e591746c5febf32c236731bb0c26f70d019327bbdef42ca7cc963834b9ef_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:a540e7caea480f08a45b568d77143632f9037748d41f2e404acadb3e1c69993a_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fddfbc8eb02901993de6b1e2e3ff300f2ed655e880913198db9625dd2bb2d901_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2349b52f0eb89c430acac4652e16f6f87ccfdf729a2842c78e1d341289967cbd_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:5b10adf74b4e38e9e7768d0e4178b6069e287a514118d2c01a547a82bf63bfc0_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:bcfe1c7fedf3ad05becc6feb4cc039e79ac8d96ba544e7d83a258208dea2a1c0_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:d1aaffdf2037c27e617ecbc5b7d332f064d0835798eddf00a61e09506cc163f4_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:4dbc9af138b09394f5b0e980f5844dd852dfa269f56061adbd6c071badbb3e7f_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:65468fe040df7e988286c888a9cb584a38fd52e0315e3d3baf880b0ff466e861_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:bd74dd0c04d4d5787e2c3aafbca3d5712c2b100d1a320d544f924138c59740a0_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:e6fae53dd0b5126479293736486d73a7831150eb3ccef1e59fbd276340024c55_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:119f5eadf591993b1fb4989f15b46e356f60a019256598e84523bd2bc08b6e3a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2abdbf22f8f99eb18dd3cb3393fd70e364a9e6a8348bb4028a2146a05b330a3a_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:afda09c612d9eef60439a2ce29d5c0262abd63e33fc32aacf62e8aeaa88d42c4_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ba29942848135ede7214bd53ada5f4f27c2245c3832b26916f55f623ef5e0281_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:44ecbaac3a9f293c395a8bcf61bc09491934d425d0bc999afaca8f0a7f0225e7_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9ace9ceea8337bbfab384d1f2080974eef24b3b88a58f104f2f4ab001cb8f16c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:a60f2267cd8adc02d3d726f009832f1348683b5d286eb895711f8cb6ab40d242_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:b9bc720b798b29639cc6563d64219ee19ff0b5f0ede40fe85df42db3333d2f8a_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:23caccd0e422ac4b59397aa6d7a028f4df8a61488b7ea339d81cb8ac432c3716_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:9b975fe879ed990ff410a2cc72a6f1d7e49d63a86d5b4e90bf48eb6f6172d32d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:fa1eb737072defb020f05061805a5c962b869bc34db82971a387958f1fb125af_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:ffe5602bd1e2c9c2ad354f262cb130a89c11a0b48390155b7a7a670b16dbd9c3_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:2233881311d88bd98a40a95af3131daa18fc5ac60290bf1c70f3b99488489118_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:8581ad76cd8e4d17f36094bb65afffac23d47ecb5ade9590022466d44518bb59_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:9d111abdce8928192a104a0fa4818f060aca5012c8c5107ff0fc489a594a16be_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:fcc3521fbb4be11baef5008353301dcec580045f003b12b7af3beb0107807fba_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:403318fb7177877f1a7075a76803b56d159cb6866a71c486c3d60de0eac73ea6_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:4ca99e4ff0e5af748b818c93716e7172926d2552f80694aa0f1a9e0384f355d2_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:bb8ff50a406cf719abb7d954a3ffcb7d3d7c73d21a5ed8bec9b994fcf93779cc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:d7ba12eafd54c65fdd14a448d5fb5081a40c264911b39de3efc7b66ef0226ab3_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:9629"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:20c5729df345672654e0451e0cbcfbe863805fb5bb28b18cfaf3535c58e30089_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:4005e591746c5febf32c236731bb0c26f70d019327bbdef42ca7cc963834b9ef_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:a540e7caea480f08a45b568d77143632f9037748d41f2e404acadb3e1c69993a_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fddfbc8eb02901993de6b1e2e3ff300f2ed655e880913198db9625dd2bb2d901_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2349b52f0eb89c430acac4652e16f6f87ccfdf729a2842c78e1d341289967cbd_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:5b10adf74b4e38e9e7768d0e4178b6069e287a514118d2c01a547a82bf63bfc0_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:bcfe1c7fedf3ad05becc6feb4cc039e79ac8d96ba544e7d83a258208dea2a1c0_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:d1aaffdf2037c27e617ecbc5b7d332f064d0835798eddf00a61e09506cc163f4_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:4dbc9af138b09394f5b0e980f5844dd852dfa269f56061adbd6c071badbb3e7f_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:65468fe040df7e988286c888a9cb584a38fd52e0315e3d3baf880b0ff466e861_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:bd74dd0c04d4d5787e2c3aafbca3d5712c2b100d1a320d544f924138c59740a0_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:e6fae53dd0b5126479293736486d73a7831150eb3ccef1e59fbd276340024c55_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:119f5eadf591993b1fb4989f15b46e356f60a019256598e84523bd2bc08b6e3a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2abdbf22f8f99eb18dd3cb3393fd70e364a9e6a8348bb4028a2146a05b330a3a_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:afda09c612d9eef60439a2ce29d5c0262abd63e33fc32aacf62e8aeaa88d42c4_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ba29942848135ede7214bd53ada5f4f27c2245c3832b26916f55f623ef5e0281_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:44ecbaac3a9f293c395a8bcf61bc09491934d425d0bc999afaca8f0a7f0225e7_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9ace9ceea8337bbfab384d1f2080974eef24b3b88a58f104f2f4ab001cb8f16c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:a60f2267cd8adc02d3d726f009832f1348683b5d286eb895711f8cb6ab40d242_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:b9bc720b798b29639cc6563d64219ee19ff0b5f0ede40fe85df42db3333d2f8a_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:23caccd0e422ac4b59397aa6d7a028f4df8a61488b7ea339d81cb8ac432c3716_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:9b975fe879ed990ff410a2cc72a6f1d7e49d63a86d5b4e90bf48eb6f6172d32d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:fa1eb737072defb020f05061805a5c962b869bc34db82971a387958f1fb125af_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:ffe5602bd1e2c9c2ad354f262cb130a89c11a0b48390155b7a7a670b16dbd9c3_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:2233881311d88bd98a40a95af3131daa18fc5ac60290bf1c70f3b99488489118_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:8581ad76cd8e4d17f36094bb65afffac23d47ecb5ade9590022466d44518bb59_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:9d111abdce8928192a104a0fa4818f060aca5012c8c5107ff0fc489a594a16be_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:fcc3521fbb4be11baef5008353301dcec580045f003b12b7af3beb0107807fba_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:403318fb7177877f1a7075a76803b56d159cb6866a71c486c3d60de0eac73ea6_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:4ca99e4ff0e5af748b818c93716e7172926d2552f80694aa0f1a9e0384f355d2_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:bb8ff50a406cf719abb7d954a3ffcb7d3d7c73d21a5ed8bec9b994fcf93779cc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:d7ba12eafd54c65fdd14a448d5fb5081a40c264911b39de3efc7b66ef0226ab3_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:20c5729df345672654e0451e0cbcfbe863805fb5bb28b18cfaf3535c58e30089_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:4005e591746c5febf32c236731bb0c26f70d019327bbdef42ca7cc963834b9ef_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:a540e7caea480f08a45b568d77143632f9037748d41f2e404acadb3e1c69993a_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fddfbc8eb02901993de6b1e2e3ff300f2ed655e880913198db9625dd2bb2d901_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2349b52f0eb89c430acac4652e16f6f87ccfdf729a2842c78e1d341289967cbd_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:5b10adf74b4e38e9e7768d0e4178b6069e287a514118d2c01a547a82bf63bfc0_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:bcfe1c7fedf3ad05becc6feb4cc039e79ac8d96ba544e7d83a258208dea2a1c0_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:d1aaffdf2037c27e617ecbc5b7d332f064d0835798eddf00a61e09506cc163f4_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:4dbc9af138b09394f5b0e980f5844dd852dfa269f56061adbd6c071badbb3e7f_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:65468fe040df7e988286c888a9cb584a38fd52e0315e3d3baf880b0ff466e861_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:bd74dd0c04d4d5787e2c3aafbca3d5712c2b100d1a320d544f924138c59740a0_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:e6fae53dd0b5126479293736486d73a7831150eb3ccef1e59fbd276340024c55_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:119f5eadf591993b1fb4989f15b46e356f60a019256598e84523bd2bc08b6e3a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2abdbf22f8f99eb18dd3cb3393fd70e364a9e6a8348bb4028a2146a05b330a3a_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:afda09c612d9eef60439a2ce29d5c0262abd63e33fc32aacf62e8aeaa88d42c4_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ba29942848135ede7214bd53ada5f4f27c2245c3832b26916f55f623ef5e0281_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:44ecbaac3a9f293c395a8bcf61bc09491934d425d0bc999afaca8f0a7f0225e7_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9ace9ceea8337bbfab384d1f2080974eef24b3b88a58f104f2f4ab001cb8f16c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:a60f2267cd8adc02d3d726f009832f1348683b5d286eb895711f8cb6ab40d242_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:b9bc720b798b29639cc6563d64219ee19ff0b5f0ede40fe85df42db3333d2f8a_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:23caccd0e422ac4b59397aa6d7a028f4df8a61488b7ea339d81cb8ac432c3716_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:9b975fe879ed990ff410a2cc72a6f1d7e49d63a86d5b4e90bf48eb6f6172d32d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:fa1eb737072defb020f05061805a5c962b869bc34db82971a387958f1fb125af_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:ffe5602bd1e2c9c2ad354f262cb130a89c11a0b48390155b7a7a670b16dbd9c3_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:2233881311d88bd98a40a95af3131daa18fc5ac60290bf1c70f3b99488489118_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:8581ad76cd8e4d17f36094bb65afffac23d47ecb5ade9590022466d44518bb59_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:9d111abdce8928192a104a0fa4818f060aca5012c8c5107ff0fc489a594a16be_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:fcc3521fbb4be11baef5008353301dcec580045f003b12b7af3beb0107807fba_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:403318fb7177877f1a7075a76803b56d159cb6866a71c486c3d60de0eac73ea6_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:4ca99e4ff0e5af748b818c93716e7172926d2552f80694aa0f1a9e0384f355d2_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:bb8ff50a406cf719abb7d954a3ffcb7d3d7c73d21a5ed8bec9b994fcf93779cc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:d7ba12eafd54c65fdd14a448d5fb5081a40c264911b39de3efc7b66ef0226ab3_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "dompurify: nesting-based mutation XSS vulnerability"
}
]
}
RHSA-2025:0329
Vulnerability from csaf_redhat - Published: 2025-01-15 09:55 - Updated: 2026-06-05 07:48Summary
Red Hat Security Advisory: Logging for Red Hat OpenShift - 5.8.16
Severity
Important
Notes
Topic: Logging for Red Hat OpenShift - 5.8.16
Details: Logging for Red Hat OpenShift - 5.8.16
dompurify: nesting-based mutation XSS vulnerability (CVE-2024-47875)
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in DOMPurify that could allow for a nesting-based mXSS to not be properly sanitized.
8.0 (High)
Affected products
Fixed
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/cluster-logging-operator-bundle@sha256:58473a2057e6afafb0c10e6e90eb844a489c439511963fbce58c6e1a5e48eb1c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/cluster-logging-rhel9-operator@sha256:005aae06f00c89a9163b25c7cc026bf1c4e0e2f1dca426c93e63c0e7beb6e6ce_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/cluster-logging-rhel9-operator@sha256:280fe34ae4c00292eeaa75b3fe72c2e0a4530fee948ea26c4eaff6591a221816_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/cluster-logging-rhel9-operator@sha256:37dc87c3288fd38a4464df259ea975fdd425cd9b2a812a30344b19d25c509cac_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/cluster-logging-rhel9-operator@sha256:8b7a19e15635345ec50dfa06216ca3752db5e45a2c9a64279b0007d59d9d5e7c_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/elasticsearch-operator-bundle@sha256:4ce6826507ee4da12599291f9db04c78b44acafca848ca2eff48abc569665094_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/elasticsearch-proxy-rhel9@sha256:a86638b1509fd21548bd9dcdfd5a81c0e664b5a69cfd6622c298d4623dd91e8a_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/elasticsearch-proxy-rhel9@sha256:e39dc186e409102ecff98ddcf8eab735245cd8dac2aac8873046196a13feac09_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/elasticsearch-proxy-rhel9@sha256:e716f674bfcc67c99db13462f1cd653333960ab0d2ac25e7801917621d516614_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/elasticsearch-proxy-rhel9@sha256:f54e50816a3c53e0881233c2aa1f587a5960363bf0a655547d9fc1b18b49f624_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/elasticsearch-rhel9-operator@sha256:4513b1f084dc5bc4aaa1157874a853347a9013c96c348218b22ff85ac907a49a_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/elasticsearch-rhel9-operator@sha256:a2356af786aaab3c413888a022df006442e09415433568124bf2ccb5e36875df_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/elasticsearch-rhel9-operator@sha256:dd0a1e56c1885fb82590bc63f756555fdae19279079bd9b4563007e5ddc03212_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/elasticsearch-rhel9-operator@sha256:fdf7864142ecbcc748a55d6fdc0b65be6cbdce23db39271c3e46ac5d2a96a61f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/elasticsearch6-rhel9@sha256:1d36c49320ab8db78732e14454c6dd0c20bdbcaa568cbc5286e069a390d6cb81_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/elasticsearch6-rhel9@sha256:3c59da5292ec82aab4f3d122f48353c1a2d8d1bd157a8b5978bda666a17a7bfc_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/elasticsearch6-rhel9@sha256:adc09db92b227aa21063b96d5213ecd4e828c509710a75f60625dc65689194fc_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/elasticsearch6-rhel9@sha256:f804ddc928697dcfa43eadf4426efab90cad3bc53b043ffa570a6b2ec6adb78d_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/eventrouter-rhel9@sha256:06c8663410726f87fc54d1e05d19f1dda7d5f6e8caabe60395540f304bbf0022_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/eventrouter-rhel9@sha256:27cf8a3d2649f9c52bcc1bd02d213bd68e8262395a6b8206bcb0c00a2e93d6aa_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/eventrouter-rhel9@sha256:516fd338924ee556027872dce795d3e609a890f49c36fb30e0fd4c88ebf49d61_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/eventrouter-rhel9@sha256:f3485f32c96c779641c808402504646b14e0f82115e5b81b8dea0598ade18761_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/fluentd-rhel9@sha256:1d03453be061070bcb914e799ed03e536a96a2b30580f704120377dce94a8fd7_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/fluentd-rhel9@sha256:4d8f2292c0fbbe9a5f991227a28648c55b8a5b9d8aa58e235ac92a9a6d2929b0_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/fluentd-rhel9@sha256:9528ac4929198de9b377af2c9247373ff7768270d9a872d8dece61db2b54506f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/fluentd-rhel9@sha256:c622dfc323c52bb80f9b57aebd5ee8127be94a6a2b9194794ebdb147f2eb826e_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/log-file-metric-exporter-rhel9@sha256:4444a1fee0da12fb24ac6ee10b5213d20a48bce1d73ac70fadb2a8b7a9d344ac_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/log-file-metric-exporter-rhel9@sha256:5ecc9e43ccead565e8119f1fcb123cf2d41c70988d87188d2d20a1c9dc4fb138_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/log-file-metric-exporter-rhel9@sha256:a5327009e3d86feeb3b23b1deb289ccee21458fdadadf416e79b5f21f8ac4a6d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/log-file-metric-exporter-rhel9@sha256:e47231c177a1ca022d4e7f79e837e99f315cd42d01f3f0de75551471f2ba7f9a_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/logging-curator5-rhel9@sha256:05e5c1a7e37c1a7cf45e52783d9f585a07ceffd7fa8b3e201299a83112ea1d9f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/logging-curator5-rhel9@sha256:44a41db6b1f1fe7ff4eed4eb9a477a11e16ee20633a47a202043646deb80cf73_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/logging-curator5-rhel9@sha256:85fef320804af3187050e159fc47d8cd805a93deb3e85cf02d682297ff030df6_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/logging-curator5-rhel9@sha256:a9ac334299331d20fb766d3bf2a238fd350e528b8f0f91e7fbbd977957e93a02_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/logging-loki-rhel9@sha256:644da04b0ca9e645a45e07dd4d9c422ef0443be5e1383a426f0e81fc2bdaa46c_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/logging-loki-rhel9@sha256:bae08d83fcd69393d36e94e8495640200ab274018417ab013b4ea792e71a5f9b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/logging-loki-rhel9@sha256:c26dbee6764e5466707b2ed2b89abaef5b22775f887d519c24190af2d93bc795_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/logging-loki-rhel9@sha256:f3eb4fd2cca5ba941e6a1873b35ffb125a123fdb44719893ef4349ffa32c108d_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/logging-view-plugin-rhel9@sha256:39843776aa55f88ceef1628b974235d90312368b064acfeaba78da7502f5e385_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/logging-view-plugin-rhel9@sha256:4064100dfe726ed15ad686a7e172c6f8bb1b676c8b619bcac04ffae22351dab7_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/logging-view-plugin-rhel9@sha256:9240d5405d00377788a20ac952fd7356ee39398ec818627d8a1030e224c81bf0_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/logging-view-plugin-rhel9@sha256:d9afad1be8c0e83664d376ba2e5f3de3d1597e6641799188fb91caf63444f9a9_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/loki-operator-bundle@sha256:2e8db8133adbc1fe1943c3fac40d90f3f3c4666820b3f4a07c977b9909eb0745_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/loki-rhel9-operator@sha256:436ac0c2d8570e3d070ad988dd9975df6e22d436641721227ba7716f9b34c6ca_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/loki-rhel9-operator@sha256:a80fccad715ad74bfedaa29339e701c1ec514666a9fda125b7ec984fbfdeac68_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/loki-rhel9-operator@sha256:b3b04b4b8434fbdf85f189e12f5fa02d5ada5e8b443f2e7f27fb47d9ff3d5c77_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/loki-rhel9-operator@sha256:be7ef11c660cdca24ae5ca72b6d952703632decdae1c3215ea12933024821024_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/lokistack-gateway-rhel9@sha256:1bd8c25b7c401341b38f7e29884340d8a9cf84a581546b8cc50ddbfe279a3e40_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/lokistack-gateway-rhel9@sha256:2d0fbb9d3494cad96319e2b4e7921b746eac8970999499b5e4f2155318c8fdfc_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/lokistack-gateway-rhel9@sha256:3196ffea1ee3e0533d956262276ab53a07583af237f4755332e018d2c59b7fd3_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/lokistack-gateway-rhel9@sha256:e5d95fd73e0791e24d9d7fc7effbf72814a04dd215e89855168785fa9828ff9d_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/opa-openshift-rhel9@sha256:37dd52b741aa3c78bb03ce7ebb4ff3599f9aa7cea0b17217a0d77dfb31e7315e_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/opa-openshift-rhel9@sha256:5c454bf68557e0f761a4a07cc548147485080ac9f9aeaab672be5f15dbe835e2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/opa-openshift-rhel9@sha256:818935f46bf047aad7a85f7da66fca51fd27cf5e6c7c78045362df7e61a65f3d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/opa-openshift-rhel9@sha256:9d78894c3dde67fde95c3798a6be44250546f3615bd7c2c85c3b78c5b948e969_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/vector-rhel9@sha256:2b5a275b0f1b5c3f6b0d575b98f4c3850b53316882910ee74b16b68c38901308_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/vector-rhel9@sha256:83e1e21fc093a8edcbbf659c6233f279f2736505fb015a2bd0203c2a77ae2132_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/vector-rhel9@sha256:b35f4a364b555214424fa0df5d607c234ec5712c480082f454c010cafe0677b4_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/vector-rhel9@sha256:d6c21081f7adfd4b9eda7af9b5a2692087e985a503b99f6093eaeb45b593ec99_ppc64le | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
References
12 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Logging for Red Hat OpenShift - 5.8.16",
"title": "Topic"
},
{
"category": "general",
"text": "Logging for Red Hat OpenShift - 5.8.16\ndompurify: nesting-based mutation XSS vulnerability (CVE-2024-47875)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:0329",
"url": "https://access.redhat.com/errata/RHSA-2025:0329"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "LOG-6322",
"url": "https://issues.redhat.com/browse/LOG-6322"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_0329.json"
}
],
"title": "Red Hat Security Advisory: Logging for Red Hat OpenShift - 5.8.16",
"tracking": {
"current_release_date": "2026-06-05T07:48:16+00:00",
"generator": {
"date": "2026-06-05T07:48:16+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.2"
}
},
"id": "RHSA-2025:0329",
"initial_release_date": "2025-01-15T09:55:01+00:00",
"revision_history": [
{
"date": "2025-01-15T09:55:01+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-01-15T09:55:01+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-05T07:48:16+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHOL 5.8 for RHEL 9",
"product": {
"name": "RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:logging:5.8::el9"
}
}
}
],
"category": "product_family",
"name": "logging for Red Hat OpenShift"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel9-operator@sha256:37dc87c3288fd38a4464df259ea975fdd425cd9b2a812a30344b19d25c509cac_amd64",
"product": {
"name": "openshift-logging/cluster-logging-rhel9-operator@sha256:37dc87c3288fd38a4464df259ea975fdd425cd9b2a812a30344b19d25c509cac_amd64",
"product_id": "openshift-logging/cluster-logging-rhel9-operator@sha256:37dc87c3288fd38a4464df259ea975fdd425cd9b2a812a30344b19d25c509cac_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel9-operator@sha256:37dc87c3288fd38a4464df259ea975fdd425cd9b2a812a30344b19d25c509cac?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator\u0026tag=v5.8.16-4"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:58473a2057e6afafb0c10e6e90eb844a489c439511963fbce58c6e1a5e48eb1c_amd64",
"product": {
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:58473a2057e6afafb0c10e6e90eb844a489c439511963fbce58c6e1a5e48eb1c_amd64",
"product_id": "openshift-logging/cluster-logging-operator-bundle@sha256:58473a2057e6afafb0c10e6e90eb844a489c439511963fbce58c6e1a5e48eb1c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-operator-bundle@sha256:58473a2057e6afafb0c10e6e90eb844a489c439511963fbce58c6e1a5e48eb1c?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-operator-bundle\u0026tag=v5.8.16-9"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel9-operator@sha256:fdf7864142ecbcc748a55d6fdc0b65be6cbdce23db39271c3e46ac5d2a96a61f_amd64",
"product": {
"name": "openshift-logging/elasticsearch-rhel9-operator@sha256:fdf7864142ecbcc748a55d6fdc0b65be6cbdce23db39271c3e46ac5d2a96a61f_amd64",
"product_id": "openshift-logging/elasticsearch-rhel9-operator@sha256:fdf7864142ecbcc748a55d6fdc0b65be6cbdce23db39271c3e46ac5d2a96a61f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel9-operator@sha256:fdf7864142ecbcc748a55d6fdc0b65be6cbdce23db39271c3e46ac5d2a96a61f?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel9-operator\u0026tag=v5.8.16-4"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:4ce6826507ee4da12599291f9db04c78b44acafca848ca2eff48abc569665094_amd64",
"product": {
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:4ce6826507ee4da12599291f9db04c78b44acafca848ca2eff48abc569665094_amd64",
"product_id": "openshift-logging/elasticsearch-operator-bundle@sha256:4ce6826507ee4da12599291f9db04c78b44acafca848ca2eff48abc569665094_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-operator-bundle@sha256:4ce6826507ee4da12599291f9db04c78b44acafca848ca2eff48abc569665094?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-operator-bundle\u0026tag=v5.8.16-14"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel9@sha256:e39dc186e409102ecff98ddcf8eab735245cd8dac2aac8873046196a13feac09_amd64",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel9@sha256:e39dc186e409102ecff98ddcf8eab735245cd8dac2aac8873046196a13feac09_amd64",
"product_id": "openshift-logging/elasticsearch-proxy-rhel9@sha256:e39dc186e409102ecff98ddcf8eab735245cd8dac2aac8873046196a13feac09_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel9@sha256:e39dc186e409102ecff98ddcf8eab735245cd8dac2aac8873046196a13feac09?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel9\u0026tag=v1.0.0-528"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel9@sha256:5ecc9e43ccead565e8119f1fcb123cf2d41c70988d87188d2d20a1c9dc4fb138_amd64",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel9@sha256:5ecc9e43ccead565e8119f1fcb123cf2d41c70988d87188d2d20a1c9dc4fb138_amd64",
"product_id": "openshift-logging/log-file-metric-exporter-rhel9@sha256:5ecc9e43ccead565e8119f1fcb123cf2d41c70988d87188d2d20a1c9dc4fb138_amd64",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel9@sha256:5ecc9e43ccead565e8119f1fcb123cf2d41c70988d87188d2d20a1c9dc4fb138?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9\u0026tag=v1.1.0-309"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel9@sha256:05e5c1a7e37c1a7cf45e52783d9f585a07ceffd7fa8b3e201299a83112ea1d9f_amd64",
"product": {
"name": "openshift-logging/logging-curator5-rhel9@sha256:05e5c1a7e37c1a7cf45e52783d9f585a07ceffd7fa8b3e201299a83112ea1d9f_amd64",
"product_id": "openshift-logging/logging-curator5-rhel9@sha256:05e5c1a7e37c1a7cf45e52783d9f585a07ceffd7fa8b3e201299a83112ea1d9f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel9@sha256:05e5c1a7e37c1a7cf45e52783d9f585a07ceffd7fa8b3e201299a83112ea1d9f?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel9\u0026tag=v5.8.1-536"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel9@sha256:3c59da5292ec82aab4f3d122f48353c1a2d8d1bd157a8b5978bda666a17a7bfc_amd64",
"product": {
"name": "openshift-logging/elasticsearch6-rhel9@sha256:3c59da5292ec82aab4f3d122f48353c1a2d8d1bd157a8b5978bda666a17a7bfc_amd64",
"product_id": "openshift-logging/elasticsearch6-rhel9@sha256:3c59da5292ec82aab4f3d122f48353c1a2d8d1bd157a8b5978bda666a17a7bfc_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel9@sha256:3c59da5292ec82aab4f3d122f48353c1a2d8d1bd157a8b5978bda666a17a7bfc?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel9\u0026tag=v6.8.1-445"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel9@sha256:516fd338924ee556027872dce795d3e609a890f49c36fb30e0fd4c88ebf49d61_amd64",
"product": {
"name": "openshift-logging/eventrouter-rhel9@sha256:516fd338924ee556027872dce795d3e609a890f49c36fb30e0fd4c88ebf49d61_amd64",
"product_id": "openshift-logging/eventrouter-rhel9@sha256:516fd338924ee556027872dce795d3e609a890f49c36fb30e0fd4c88ebf49d61_amd64",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel9@sha256:516fd338924ee556027872dce795d3e609a890f49c36fb30e0fd4c88ebf49d61?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel9\u0026tag=v0.4.0-328"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel9@sha256:9528ac4929198de9b377af2c9247373ff7768270d9a872d8dece61db2b54506f_amd64",
"product": {
"name": "openshift-logging/fluentd-rhel9@sha256:9528ac4929198de9b377af2c9247373ff7768270d9a872d8dece61db2b54506f_amd64",
"product_id": "openshift-logging/fluentd-rhel9@sha256:9528ac4929198de9b377af2c9247373ff7768270d9a872d8dece61db2b54506f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel9@sha256:9528ac4929198de9b377af2c9247373ff7768270d9a872d8dece61db2b54506f?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel9\u0026tag=v5.8.16-2"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-loki-rhel9@sha256:bae08d83fcd69393d36e94e8495640200ab274018417ab013b4ea792e71a5f9b_amd64",
"product": {
"name": "openshift-logging/logging-loki-rhel9@sha256:bae08d83fcd69393d36e94e8495640200ab274018417ab013b4ea792e71a5f9b_amd64",
"product_id": "openshift-logging/logging-loki-rhel9@sha256:bae08d83fcd69393d36e94e8495640200ab274018417ab013b4ea792e71a5f9b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel9@sha256:bae08d83fcd69393d36e94e8495640200ab274018417ab013b4ea792e71a5f9b?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel9\u0026tag=v3.2.1-22"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/vector-rhel9@sha256:b35f4a364b555214424fa0df5d607c234ec5712c480082f454c010cafe0677b4_amd64",
"product": {
"name": "openshift-logging/vector-rhel9@sha256:b35f4a364b555214424fa0df5d607c234ec5712c480082f454c010cafe0677b4_amd64",
"product_id": "openshift-logging/vector-rhel9@sha256:b35f4a364b555214424fa0df5d607c234ec5712c480082f454c010cafe0677b4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel9@sha256:b35f4a364b555214424fa0df5d607c234ec5712c480082f454c010cafe0677b4?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel9\u0026tag=v0.28.1-83"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-view-plugin-rhel9@sha256:39843776aa55f88ceef1628b974235d90312368b064acfeaba78da7502f5e385_amd64",
"product": {
"name": "openshift-logging/logging-view-plugin-rhel9@sha256:39843776aa55f88ceef1628b974235d90312368b064acfeaba78da7502f5e385_amd64",
"product_id": "openshift-logging/logging-view-plugin-rhel9@sha256:39843776aa55f88ceef1628b974235d90312368b064acfeaba78da7502f5e385_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logging-view-plugin-rhel9@sha256:39843776aa55f88ceef1628b974235d90312368b064acfeaba78da7502f5e385?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/logging-view-plugin-rhel9\u0026tag=v5.8.16-3"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/loki-operator-bundle@sha256:2e8db8133adbc1fe1943c3fac40d90f3f3c4666820b3f4a07c977b9909eb0745_amd64",
"product": {
"name": "openshift-logging/loki-operator-bundle@sha256:2e8db8133adbc1fe1943c3fac40d90f3f3c4666820b3f4a07c977b9909eb0745_amd64",
"product_id": "openshift-logging/loki-operator-bundle@sha256:2e8db8133adbc1fe1943c3fac40d90f3f3c4666820b3f4a07c977b9909eb0745_amd64",
"product_identification_helper": {
"purl": "pkg:oci/loki-operator-bundle@sha256:2e8db8133adbc1fe1943c3fac40d90f3f3c4666820b3f4a07c977b9909eb0745?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/loki-operator-bundle\u0026tag=v5.8.16-13"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/loki-rhel9-operator@sha256:be7ef11c660cdca24ae5ca72b6d952703632decdae1c3215ea12933024821024_amd64",
"product": {
"name": "openshift-logging/loki-rhel9-operator@sha256:be7ef11c660cdca24ae5ca72b6d952703632decdae1c3215ea12933024821024_amd64",
"product_id": "openshift-logging/loki-rhel9-operator@sha256:be7ef11c660cdca24ae5ca72b6d952703632decdae1c3215ea12933024821024_amd64",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel9-operator@sha256:be7ef11c660cdca24ae5ca72b6d952703632decdae1c3215ea12933024821024?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel9-operator\u0026tag=v5.8.16-4"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/lokistack-gateway-rhel9@sha256:2d0fbb9d3494cad96319e2b4e7921b746eac8970999499b5e4f2155318c8fdfc_amd64",
"product": {
"name": "openshift-logging/lokistack-gateway-rhel9@sha256:2d0fbb9d3494cad96319e2b4e7921b746eac8970999499b5e4f2155318c8fdfc_amd64",
"product_id": "openshift-logging/lokistack-gateway-rhel9@sha256:2d0fbb9d3494cad96319e2b4e7921b746eac8970999499b5e4f2155318c8fdfc_amd64",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel9@sha256:2d0fbb9d3494cad96319e2b4e7921b746eac8970999499b5e4f2155318c8fdfc?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel9\u0026tag=v0.1.0-709"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/opa-openshift-rhel9@sha256:5c454bf68557e0f761a4a07cc548147485080ac9f9aeaab672be5f15dbe835e2_amd64",
"product": {
"name": "openshift-logging/opa-openshift-rhel9@sha256:5c454bf68557e0f761a4a07cc548147485080ac9f9aeaab672be5f15dbe835e2_amd64",
"product_id": "openshift-logging/opa-openshift-rhel9@sha256:5c454bf68557e0f761a4a07cc548147485080ac9f9aeaab672be5f15dbe835e2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel9@sha256:5c454bf68557e0f761a4a07cc548147485080ac9f9aeaab672be5f15dbe835e2?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel9\u0026tag=v0.1.0-326"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel9-operator@sha256:005aae06f00c89a9163b25c7cc026bf1c4e0e2f1dca426c93e63c0e7beb6e6ce_arm64",
"product": {
"name": "openshift-logging/cluster-logging-rhel9-operator@sha256:005aae06f00c89a9163b25c7cc026bf1c4e0e2f1dca426c93e63c0e7beb6e6ce_arm64",
"product_id": "openshift-logging/cluster-logging-rhel9-operator@sha256:005aae06f00c89a9163b25c7cc026bf1c4e0e2f1dca426c93e63c0e7beb6e6ce_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel9-operator@sha256:005aae06f00c89a9163b25c7cc026bf1c4e0e2f1dca426c93e63c0e7beb6e6ce?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator\u0026tag=v5.8.16-4"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel9-operator@sha256:4513b1f084dc5bc4aaa1157874a853347a9013c96c348218b22ff85ac907a49a_arm64",
"product": {
"name": "openshift-logging/elasticsearch-rhel9-operator@sha256:4513b1f084dc5bc4aaa1157874a853347a9013c96c348218b22ff85ac907a49a_arm64",
"product_id": "openshift-logging/elasticsearch-rhel9-operator@sha256:4513b1f084dc5bc4aaa1157874a853347a9013c96c348218b22ff85ac907a49a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel9-operator@sha256:4513b1f084dc5bc4aaa1157874a853347a9013c96c348218b22ff85ac907a49a?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel9-operator\u0026tag=v5.8.16-4"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel9@sha256:e716f674bfcc67c99db13462f1cd653333960ab0d2ac25e7801917621d516614_arm64",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel9@sha256:e716f674bfcc67c99db13462f1cd653333960ab0d2ac25e7801917621d516614_arm64",
"product_id": "openshift-logging/elasticsearch-proxy-rhel9@sha256:e716f674bfcc67c99db13462f1cd653333960ab0d2ac25e7801917621d516614_arm64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel9@sha256:e716f674bfcc67c99db13462f1cd653333960ab0d2ac25e7801917621d516614?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel9\u0026tag=v1.0.0-528"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel9@sha256:e47231c177a1ca022d4e7f79e837e99f315cd42d01f3f0de75551471f2ba7f9a_arm64",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel9@sha256:e47231c177a1ca022d4e7f79e837e99f315cd42d01f3f0de75551471f2ba7f9a_arm64",
"product_id": "openshift-logging/log-file-metric-exporter-rhel9@sha256:e47231c177a1ca022d4e7f79e837e99f315cd42d01f3f0de75551471f2ba7f9a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel9@sha256:e47231c177a1ca022d4e7f79e837e99f315cd42d01f3f0de75551471f2ba7f9a?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9\u0026tag=v1.1.0-309"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel9@sha256:44a41db6b1f1fe7ff4eed4eb9a477a11e16ee20633a47a202043646deb80cf73_arm64",
"product": {
"name": "openshift-logging/logging-curator5-rhel9@sha256:44a41db6b1f1fe7ff4eed4eb9a477a11e16ee20633a47a202043646deb80cf73_arm64",
"product_id": "openshift-logging/logging-curator5-rhel9@sha256:44a41db6b1f1fe7ff4eed4eb9a477a11e16ee20633a47a202043646deb80cf73_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel9@sha256:44a41db6b1f1fe7ff4eed4eb9a477a11e16ee20633a47a202043646deb80cf73?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel9\u0026tag=v5.8.1-536"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel9@sha256:1d36c49320ab8db78732e14454c6dd0c20bdbcaa568cbc5286e069a390d6cb81_arm64",
"product": {
"name": "openshift-logging/elasticsearch6-rhel9@sha256:1d36c49320ab8db78732e14454c6dd0c20bdbcaa568cbc5286e069a390d6cb81_arm64",
"product_id": "openshift-logging/elasticsearch6-rhel9@sha256:1d36c49320ab8db78732e14454c6dd0c20bdbcaa568cbc5286e069a390d6cb81_arm64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel9@sha256:1d36c49320ab8db78732e14454c6dd0c20bdbcaa568cbc5286e069a390d6cb81?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel9\u0026tag=v6.8.1-445"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel9@sha256:06c8663410726f87fc54d1e05d19f1dda7d5f6e8caabe60395540f304bbf0022_arm64",
"product": {
"name": "openshift-logging/eventrouter-rhel9@sha256:06c8663410726f87fc54d1e05d19f1dda7d5f6e8caabe60395540f304bbf0022_arm64",
"product_id": "openshift-logging/eventrouter-rhel9@sha256:06c8663410726f87fc54d1e05d19f1dda7d5f6e8caabe60395540f304bbf0022_arm64",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel9@sha256:06c8663410726f87fc54d1e05d19f1dda7d5f6e8caabe60395540f304bbf0022?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel9\u0026tag=v0.4.0-328"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel9@sha256:1d03453be061070bcb914e799ed03e536a96a2b30580f704120377dce94a8fd7_arm64",
"product": {
"name": "openshift-logging/fluentd-rhel9@sha256:1d03453be061070bcb914e799ed03e536a96a2b30580f704120377dce94a8fd7_arm64",
"product_id": "openshift-logging/fluentd-rhel9@sha256:1d03453be061070bcb914e799ed03e536a96a2b30580f704120377dce94a8fd7_arm64",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel9@sha256:1d03453be061070bcb914e799ed03e536a96a2b30580f704120377dce94a8fd7?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel9\u0026tag=v5.8.16-2"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-loki-rhel9@sha256:644da04b0ca9e645a45e07dd4d9c422ef0443be5e1383a426f0e81fc2bdaa46c_arm64",
"product": {
"name": "openshift-logging/logging-loki-rhel9@sha256:644da04b0ca9e645a45e07dd4d9c422ef0443be5e1383a426f0e81fc2bdaa46c_arm64",
"product_id": "openshift-logging/logging-loki-rhel9@sha256:644da04b0ca9e645a45e07dd4d9c422ef0443be5e1383a426f0e81fc2bdaa46c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel9@sha256:644da04b0ca9e645a45e07dd4d9c422ef0443be5e1383a426f0e81fc2bdaa46c?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel9\u0026tag=v3.2.1-22"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/vector-rhel9@sha256:2b5a275b0f1b5c3f6b0d575b98f4c3850b53316882910ee74b16b68c38901308_arm64",
"product": {
"name": "openshift-logging/vector-rhel9@sha256:2b5a275b0f1b5c3f6b0d575b98f4c3850b53316882910ee74b16b68c38901308_arm64",
"product_id": "openshift-logging/vector-rhel9@sha256:2b5a275b0f1b5c3f6b0d575b98f4c3850b53316882910ee74b16b68c38901308_arm64",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel9@sha256:2b5a275b0f1b5c3f6b0d575b98f4c3850b53316882910ee74b16b68c38901308?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel9\u0026tag=v0.28.1-83"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-view-plugin-rhel9@sha256:4064100dfe726ed15ad686a7e172c6f8bb1b676c8b619bcac04ffae22351dab7_arm64",
"product": {
"name": "openshift-logging/logging-view-plugin-rhel9@sha256:4064100dfe726ed15ad686a7e172c6f8bb1b676c8b619bcac04ffae22351dab7_arm64",
"product_id": "openshift-logging/logging-view-plugin-rhel9@sha256:4064100dfe726ed15ad686a7e172c6f8bb1b676c8b619bcac04ffae22351dab7_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logging-view-plugin-rhel9@sha256:4064100dfe726ed15ad686a7e172c6f8bb1b676c8b619bcac04ffae22351dab7?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/logging-view-plugin-rhel9\u0026tag=v5.8.16-3"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/loki-rhel9-operator@sha256:a80fccad715ad74bfedaa29339e701c1ec514666a9fda125b7ec984fbfdeac68_arm64",
"product": {
"name": "openshift-logging/loki-rhel9-operator@sha256:a80fccad715ad74bfedaa29339e701c1ec514666a9fda125b7ec984fbfdeac68_arm64",
"product_id": "openshift-logging/loki-rhel9-operator@sha256:a80fccad715ad74bfedaa29339e701c1ec514666a9fda125b7ec984fbfdeac68_arm64",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel9-operator@sha256:a80fccad715ad74bfedaa29339e701c1ec514666a9fda125b7ec984fbfdeac68?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel9-operator\u0026tag=v5.8.16-4"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/lokistack-gateway-rhel9@sha256:1bd8c25b7c401341b38f7e29884340d8a9cf84a581546b8cc50ddbfe279a3e40_arm64",
"product": {
"name": "openshift-logging/lokistack-gateway-rhel9@sha256:1bd8c25b7c401341b38f7e29884340d8a9cf84a581546b8cc50ddbfe279a3e40_arm64",
"product_id": "openshift-logging/lokistack-gateway-rhel9@sha256:1bd8c25b7c401341b38f7e29884340d8a9cf84a581546b8cc50ddbfe279a3e40_arm64",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel9@sha256:1bd8c25b7c401341b38f7e29884340d8a9cf84a581546b8cc50ddbfe279a3e40?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel9\u0026tag=v0.1.0-709"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/opa-openshift-rhel9@sha256:9d78894c3dde67fde95c3798a6be44250546f3615bd7c2c85c3b78c5b948e969_arm64",
"product": {
"name": "openshift-logging/opa-openshift-rhel9@sha256:9d78894c3dde67fde95c3798a6be44250546f3615bd7c2c85c3b78c5b948e969_arm64",
"product_id": "openshift-logging/opa-openshift-rhel9@sha256:9d78894c3dde67fde95c3798a6be44250546f3615bd7c2c85c3b78c5b948e969_arm64",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel9@sha256:9d78894c3dde67fde95c3798a6be44250546f3615bd7c2c85c3b78c5b948e969?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel9\u0026tag=v0.1.0-326"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel9-operator@sha256:8b7a19e15635345ec50dfa06216ca3752db5e45a2c9a64279b0007d59d9d5e7c_s390x",
"product": {
"name": "openshift-logging/cluster-logging-rhel9-operator@sha256:8b7a19e15635345ec50dfa06216ca3752db5e45a2c9a64279b0007d59d9d5e7c_s390x",
"product_id": "openshift-logging/cluster-logging-rhel9-operator@sha256:8b7a19e15635345ec50dfa06216ca3752db5e45a2c9a64279b0007d59d9d5e7c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel9-operator@sha256:8b7a19e15635345ec50dfa06216ca3752db5e45a2c9a64279b0007d59d9d5e7c?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator\u0026tag=v5.8.16-4"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel9-operator@sha256:dd0a1e56c1885fb82590bc63f756555fdae19279079bd9b4563007e5ddc03212_s390x",
"product": {
"name": "openshift-logging/elasticsearch-rhel9-operator@sha256:dd0a1e56c1885fb82590bc63f756555fdae19279079bd9b4563007e5ddc03212_s390x",
"product_id": "openshift-logging/elasticsearch-rhel9-operator@sha256:dd0a1e56c1885fb82590bc63f756555fdae19279079bd9b4563007e5ddc03212_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel9-operator@sha256:dd0a1e56c1885fb82590bc63f756555fdae19279079bd9b4563007e5ddc03212?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel9-operator\u0026tag=v5.8.16-4"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel9@sha256:a86638b1509fd21548bd9dcdfd5a81c0e664b5a69cfd6622c298d4623dd91e8a_s390x",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel9@sha256:a86638b1509fd21548bd9dcdfd5a81c0e664b5a69cfd6622c298d4623dd91e8a_s390x",
"product_id": "openshift-logging/elasticsearch-proxy-rhel9@sha256:a86638b1509fd21548bd9dcdfd5a81c0e664b5a69cfd6622c298d4623dd91e8a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel9@sha256:a86638b1509fd21548bd9dcdfd5a81c0e664b5a69cfd6622c298d4623dd91e8a?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel9\u0026tag=v1.0.0-528"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel9@sha256:4444a1fee0da12fb24ac6ee10b5213d20a48bce1d73ac70fadb2a8b7a9d344ac_s390x",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel9@sha256:4444a1fee0da12fb24ac6ee10b5213d20a48bce1d73ac70fadb2a8b7a9d344ac_s390x",
"product_id": "openshift-logging/log-file-metric-exporter-rhel9@sha256:4444a1fee0da12fb24ac6ee10b5213d20a48bce1d73ac70fadb2a8b7a9d344ac_s390x",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel9@sha256:4444a1fee0da12fb24ac6ee10b5213d20a48bce1d73ac70fadb2a8b7a9d344ac?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9\u0026tag=v1.1.0-309"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel9@sha256:85fef320804af3187050e159fc47d8cd805a93deb3e85cf02d682297ff030df6_s390x",
"product": {
"name": "openshift-logging/logging-curator5-rhel9@sha256:85fef320804af3187050e159fc47d8cd805a93deb3e85cf02d682297ff030df6_s390x",
"product_id": "openshift-logging/logging-curator5-rhel9@sha256:85fef320804af3187050e159fc47d8cd805a93deb3e85cf02d682297ff030df6_s390x",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel9@sha256:85fef320804af3187050e159fc47d8cd805a93deb3e85cf02d682297ff030df6?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel9\u0026tag=v5.8.1-536"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel9@sha256:f804ddc928697dcfa43eadf4426efab90cad3bc53b043ffa570a6b2ec6adb78d_s390x",
"product": {
"name": "openshift-logging/elasticsearch6-rhel9@sha256:f804ddc928697dcfa43eadf4426efab90cad3bc53b043ffa570a6b2ec6adb78d_s390x",
"product_id": "openshift-logging/elasticsearch6-rhel9@sha256:f804ddc928697dcfa43eadf4426efab90cad3bc53b043ffa570a6b2ec6adb78d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel9@sha256:f804ddc928697dcfa43eadf4426efab90cad3bc53b043ffa570a6b2ec6adb78d?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel9\u0026tag=v6.8.1-445"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel9@sha256:27cf8a3d2649f9c52bcc1bd02d213bd68e8262395a6b8206bcb0c00a2e93d6aa_s390x",
"product": {
"name": "openshift-logging/eventrouter-rhel9@sha256:27cf8a3d2649f9c52bcc1bd02d213bd68e8262395a6b8206bcb0c00a2e93d6aa_s390x",
"product_id": "openshift-logging/eventrouter-rhel9@sha256:27cf8a3d2649f9c52bcc1bd02d213bd68e8262395a6b8206bcb0c00a2e93d6aa_s390x",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel9@sha256:27cf8a3d2649f9c52bcc1bd02d213bd68e8262395a6b8206bcb0c00a2e93d6aa?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel9\u0026tag=v0.4.0-328"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel9@sha256:4d8f2292c0fbbe9a5f991227a28648c55b8a5b9d8aa58e235ac92a9a6d2929b0_s390x",
"product": {
"name": "openshift-logging/fluentd-rhel9@sha256:4d8f2292c0fbbe9a5f991227a28648c55b8a5b9d8aa58e235ac92a9a6d2929b0_s390x",
"product_id": "openshift-logging/fluentd-rhel9@sha256:4d8f2292c0fbbe9a5f991227a28648c55b8a5b9d8aa58e235ac92a9a6d2929b0_s390x",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel9@sha256:4d8f2292c0fbbe9a5f991227a28648c55b8a5b9d8aa58e235ac92a9a6d2929b0?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel9\u0026tag=v5.8.16-2"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-loki-rhel9@sha256:f3eb4fd2cca5ba941e6a1873b35ffb125a123fdb44719893ef4349ffa32c108d_s390x",
"product": {
"name": "openshift-logging/logging-loki-rhel9@sha256:f3eb4fd2cca5ba941e6a1873b35ffb125a123fdb44719893ef4349ffa32c108d_s390x",
"product_id": "openshift-logging/logging-loki-rhel9@sha256:f3eb4fd2cca5ba941e6a1873b35ffb125a123fdb44719893ef4349ffa32c108d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel9@sha256:f3eb4fd2cca5ba941e6a1873b35ffb125a123fdb44719893ef4349ffa32c108d?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel9\u0026tag=v3.2.1-22"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/vector-rhel9@sha256:83e1e21fc093a8edcbbf659c6233f279f2736505fb015a2bd0203c2a77ae2132_s390x",
"product": {
"name": "openshift-logging/vector-rhel9@sha256:83e1e21fc093a8edcbbf659c6233f279f2736505fb015a2bd0203c2a77ae2132_s390x",
"product_id": "openshift-logging/vector-rhel9@sha256:83e1e21fc093a8edcbbf659c6233f279f2736505fb015a2bd0203c2a77ae2132_s390x",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel9@sha256:83e1e21fc093a8edcbbf659c6233f279f2736505fb015a2bd0203c2a77ae2132?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel9\u0026tag=v0.28.1-83"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-view-plugin-rhel9@sha256:d9afad1be8c0e83664d376ba2e5f3de3d1597e6641799188fb91caf63444f9a9_s390x",
"product": {
"name": "openshift-logging/logging-view-plugin-rhel9@sha256:d9afad1be8c0e83664d376ba2e5f3de3d1597e6641799188fb91caf63444f9a9_s390x",
"product_id": "openshift-logging/logging-view-plugin-rhel9@sha256:d9afad1be8c0e83664d376ba2e5f3de3d1597e6641799188fb91caf63444f9a9_s390x",
"product_identification_helper": {
"purl": "pkg:oci/logging-view-plugin-rhel9@sha256:d9afad1be8c0e83664d376ba2e5f3de3d1597e6641799188fb91caf63444f9a9?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/logging-view-plugin-rhel9\u0026tag=v5.8.16-3"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/loki-rhel9-operator@sha256:436ac0c2d8570e3d070ad988dd9975df6e22d436641721227ba7716f9b34c6ca_s390x",
"product": {
"name": "openshift-logging/loki-rhel9-operator@sha256:436ac0c2d8570e3d070ad988dd9975df6e22d436641721227ba7716f9b34c6ca_s390x",
"product_id": "openshift-logging/loki-rhel9-operator@sha256:436ac0c2d8570e3d070ad988dd9975df6e22d436641721227ba7716f9b34c6ca_s390x",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel9-operator@sha256:436ac0c2d8570e3d070ad988dd9975df6e22d436641721227ba7716f9b34c6ca?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel9-operator\u0026tag=v5.8.16-4"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/lokistack-gateway-rhel9@sha256:e5d95fd73e0791e24d9d7fc7effbf72814a04dd215e89855168785fa9828ff9d_s390x",
"product": {
"name": "openshift-logging/lokistack-gateway-rhel9@sha256:e5d95fd73e0791e24d9d7fc7effbf72814a04dd215e89855168785fa9828ff9d_s390x",
"product_id": "openshift-logging/lokistack-gateway-rhel9@sha256:e5d95fd73e0791e24d9d7fc7effbf72814a04dd215e89855168785fa9828ff9d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel9@sha256:e5d95fd73e0791e24d9d7fc7effbf72814a04dd215e89855168785fa9828ff9d?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel9\u0026tag=v0.1.0-709"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/opa-openshift-rhel9@sha256:37dd52b741aa3c78bb03ce7ebb4ff3599f9aa7cea0b17217a0d77dfb31e7315e_s390x",
"product": {
"name": "openshift-logging/opa-openshift-rhel9@sha256:37dd52b741aa3c78bb03ce7ebb4ff3599f9aa7cea0b17217a0d77dfb31e7315e_s390x",
"product_id": "openshift-logging/opa-openshift-rhel9@sha256:37dd52b741aa3c78bb03ce7ebb4ff3599f9aa7cea0b17217a0d77dfb31e7315e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel9@sha256:37dd52b741aa3c78bb03ce7ebb4ff3599f9aa7cea0b17217a0d77dfb31e7315e?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel9\u0026tag=v0.1.0-326"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel9-operator@sha256:280fe34ae4c00292eeaa75b3fe72c2e0a4530fee948ea26c4eaff6591a221816_ppc64le",
"product": {
"name": "openshift-logging/cluster-logging-rhel9-operator@sha256:280fe34ae4c00292eeaa75b3fe72c2e0a4530fee948ea26c4eaff6591a221816_ppc64le",
"product_id": "openshift-logging/cluster-logging-rhel9-operator@sha256:280fe34ae4c00292eeaa75b3fe72c2e0a4530fee948ea26c4eaff6591a221816_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel9-operator@sha256:280fe34ae4c00292eeaa75b3fe72c2e0a4530fee948ea26c4eaff6591a221816?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator\u0026tag=v5.8.16-4"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel9-operator@sha256:a2356af786aaab3c413888a022df006442e09415433568124bf2ccb5e36875df_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch-rhel9-operator@sha256:a2356af786aaab3c413888a022df006442e09415433568124bf2ccb5e36875df_ppc64le",
"product_id": "openshift-logging/elasticsearch-rhel9-operator@sha256:a2356af786aaab3c413888a022df006442e09415433568124bf2ccb5e36875df_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel9-operator@sha256:a2356af786aaab3c413888a022df006442e09415433568124bf2ccb5e36875df?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel9-operator\u0026tag=v5.8.16-4"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel9@sha256:f54e50816a3c53e0881233c2aa1f587a5960363bf0a655547d9fc1b18b49f624_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel9@sha256:f54e50816a3c53e0881233c2aa1f587a5960363bf0a655547d9fc1b18b49f624_ppc64le",
"product_id": "openshift-logging/elasticsearch-proxy-rhel9@sha256:f54e50816a3c53e0881233c2aa1f587a5960363bf0a655547d9fc1b18b49f624_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel9@sha256:f54e50816a3c53e0881233c2aa1f587a5960363bf0a655547d9fc1b18b49f624?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel9\u0026tag=v1.0.0-528"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel9@sha256:a5327009e3d86feeb3b23b1deb289ccee21458fdadadf416e79b5f21f8ac4a6d_ppc64le",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel9@sha256:a5327009e3d86feeb3b23b1deb289ccee21458fdadadf416e79b5f21f8ac4a6d_ppc64le",
"product_id": "openshift-logging/log-file-metric-exporter-rhel9@sha256:a5327009e3d86feeb3b23b1deb289ccee21458fdadadf416e79b5f21f8ac4a6d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel9@sha256:a5327009e3d86feeb3b23b1deb289ccee21458fdadadf416e79b5f21f8ac4a6d?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9\u0026tag=v1.1.0-309"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel9@sha256:a9ac334299331d20fb766d3bf2a238fd350e528b8f0f91e7fbbd977957e93a02_ppc64le",
"product": {
"name": "openshift-logging/logging-curator5-rhel9@sha256:a9ac334299331d20fb766d3bf2a238fd350e528b8f0f91e7fbbd977957e93a02_ppc64le",
"product_id": "openshift-logging/logging-curator5-rhel9@sha256:a9ac334299331d20fb766d3bf2a238fd350e528b8f0f91e7fbbd977957e93a02_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel9@sha256:a9ac334299331d20fb766d3bf2a238fd350e528b8f0f91e7fbbd977957e93a02?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel9\u0026tag=v5.8.1-536"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel9@sha256:adc09db92b227aa21063b96d5213ecd4e828c509710a75f60625dc65689194fc_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch6-rhel9@sha256:adc09db92b227aa21063b96d5213ecd4e828c509710a75f60625dc65689194fc_ppc64le",
"product_id": "openshift-logging/elasticsearch6-rhel9@sha256:adc09db92b227aa21063b96d5213ecd4e828c509710a75f60625dc65689194fc_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel9@sha256:adc09db92b227aa21063b96d5213ecd4e828c509710a75f60625dc65689194fc?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel9\u0026tag=v6.8.1-445"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel9@sha256:f3485f32c96c779641c808402504646b14e0f82115e5b81b8dea0598ade18761_ppc64le",
"product": {
"name": "openshift-logging/eventrouter-rhel9@sha256:f3485f32c96c779641c808402504646b14e0f82115e5b81b8dea0598ade18761_ppc64le",
"product_id": "openshift-logging/eventrouter-rhel9@sha256:f3485f32c96c779641c808402504646b14e0f82115e5b81b8dea0598ade18761_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel9@sha256:f3485f32c96c779641c808402504646b14e0f82115e5b81b8dea0598ade18761?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel9\u0026tag=v0.4.0-328"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel9@sha256:c622dfc323c52bb80f9b57aebd5ee8127be94a6a2b9194794ebdb147f2eb826e_ppc64le",
"product": {
"name": "openshift-logging/fluentd-rhel9@sha256:c622dfc323c52bb80f9b57aebd5ee8127be94a6a2b9194794ebdb147f2eb826e_ppc64le",
"product_id": "openshift-logging/fluentd-rhel9@sha256:c622dfc323c52bb80f9b57aebd5ee8127be94a6a2b9194794ebdb147f2eb826e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel9@sha256:c622dfc323c52bb80f9b57aebd5ee8127be94a6a2b9194794ebdb147f2eb826e?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel9\u0026tag=v5.8.16-2"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-loki-rhel9@sha256:c26dbee6764e5466707b2ed2b89abaef5b22775f887d519c24190af2d93bc795_ppc64le",
"product": {
"name": "openshift-logging/logging-loki-rhel9@sha256:c26dbee6764e5466707b2ed2b89abaef5b22775f887d519c24190af2d93bc795_ppc64le",
"product_id": "openshift-logging/logging-loki-rhel9@sha256:c26dbee6764e5466707b2ed2b89abaef5b22775f887d519c24190af2d93bc795_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel9@sha256:c26dbee6764e5466707b2ed2b89abaef5b22775f887d519c24190af2d93bc795?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel9\u0026tag=v3.2.1-22"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/vector-rhel9@sha256:d6c21081f7adfd4b9eda7af9b5a2692087e985a503b99f6093eaeb45b593ec99_ppc64le",
"product": {
"name": "openshift-logging/vector-rhel9@sha256:d6c21081f7adfd4b9eda7af9b5a2692087e985a503b99f6093eaeb45b593ec99_ppc64le",
"product_id": "openshift-logging/vector-rhel9@sha256:d6c21081f7adfd4b9eda7af9b5a2692087e985a503b99f6093eaeb45b593ec99_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel9@sha256:d6c21081f7adfd4b9eda7af9b5a2692087e985a503b99f6093eaeb45b593ec99?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel9\u0026tag=v0.28.1-83"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-view-plugin-rhel9@sha256:9240d5405d00377788a20ac952fd7356ee39398ec818627d8a1030e224c81bf0_ppc64le",
"product": {
"name": "openshift-logging/logging-view-plugin-rhel9@sha256:9240d5405d00377788a20ac952fd7356ee39398ec818627d8a1030e224c81bf0_ppc64le",
"product_id": "openshift-logging/logging-view-plugin-rhel9@sha256:9240d5405d00377788a20ac952fd7356ee39398ec818627d8a1030e224c81bf0_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logging-view-plugin-rhel9@sha256:9240d5405d00377788a20ac952fd7356ee39398ec818627d8a1030e224c81bf0?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/logging-view-plugin-rhel9\u0026tag=v5.8.16-3"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/loki-rhel9-operator@sha256:b3b04b4b8434fbdf85f189e12f5fa02d5ada5e8b443f2e7f27fb47d9ff3d5c77_ppc64le",
"product": {
"name": "openshift-logging/loki-rhel9-operator@sha256:b3b04b4b8434fbdf85f189e12f5fa02d5ada5e8b443f2e7f27fb47d9ff3d5c77_ppc64le",
"product_id": "openshift-logging/loki-rhel9-operator@sha256:b3b04b4b8434fbdf85f189e12f5fa02d5ada5e8b443f2e7f27fb47d9ff3d5c77_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel9-operator@sha256:b3b04b4b8434fbdf85f189e12f5fa02d5ada5e8b443f2e7f27fb47d9ff3d5c77?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel9-operator\u0026tag=v5.8.16-4"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/lokistack-gateway-rhel9@sha256:3196ffea1ee3e0533d956262276ab53a07583af237f4755332e018d2c59b7fd3_ppc64le",
"product": {
"name": "openshift-logging/lokistack-gateway-rhel9@sha256:3196ffea1ee3e0533d956262276ab53a07583af237f4755332e018d2c59b7fd3_ppc64le",
"product_id": "openshift-logging/lokistack-gateway-rhel9@sha256:3196ffea1ee3e0533d956262276ab53a07583af237f4755332e018d2c59b7fd3_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel9@sha256:3196ffea1ee3e0533d956262276ab53a07583af237f4755332e018d2c59b7fd3?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel9\u0026tag=v0.1.0-709"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/opa-openshift-rhel9@sha256:818935f46bf047aad7a85f7da66fca51fd27cf5e6c7c78045362df7e61a65f3d_ppc64le",
"product": {
"name": "openshift-logging/opa-openshift-rhel9@sha256:818935f46bf047aad7a85f7da66fca51fd27cf5e6c7c78045362df7e61a65f3d_ppc64le",
"product_id": "openshift-logging/opa-openshift-rhel9@sha256:818935f46bf047aad7a85f7da66fca51fd27cf5e6c7c78045362df7e61a65f3d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel9@sha256:818935f46bf047aad7a85f7da66fca51fd27cf5e6c7c78045362df7e61a65f3d?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel9\u0026tag=v0.1.0-326"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:58473a2057e6afafb0c10e6e90eb844a489c439511963fbce58c6e1a5e48eb1c_amd64 as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/cluster-logging-operator-bundle@sha256:58473a2057e6afafb0c10e6e90eb844a489c439511963fbce58c6e1a5e48eb1c_amd64"
},
"product_reference": "openshift-logging/cluster-logging-operator-bundle@sha256:58473a2057e6afafb0c10e6e90eb844a489c439511963fbce58c6e1a5e48eb1c_amd64",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel9-operator@sha256:005aae06f00c89a9163b25c7cc026bf1c4e0e2f1dca426c93e63c0e7beb6e6ce_arm64 as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/cluster-logging-rhel9-operator@sha256:005aae06f00c89a9163b25c7cc026bf1c4e0e2f1dca426c93e63c0e7beb6e6ce_arm64"
},
"product_reference": "openshift-logging/cluster-logging-rhel9-operator@sha256:005aae06f00c89a9163b25c7cc026bf1c4e0e2f1dca426c93e63c0e7beb6e6ce_arm64",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel9-operator@sha256:280fe34ae4c00292eeaa75b3fe72c2e0a4530fee948ea26c4eaff6591a221816_ppc64le as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/cluster-logging-rhel9-operator@sha256:280fe34ae4c00292eeaa75b3fe72c2e0a4530fee948ea26c4eaff6591a221816_ppc64le"
},
"product_reference": "openshift-logging/cluster-logging-rhel9-operator@sha256:280fe34ae4c00292eeaa75b3fe72c2e0a4530fee948ea26c4eaff6591a221816_ppc64le",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel9-operator@sha256:37dc87c3288fd38a4464df259ea975fdd425cd9b2a812a30344b19d25c509cac_amd64 as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/cluster-logging-rhel9-operator@sha256:37dc87c3288fd38a4464df259ea975fdd425cd9b2a812a30344b19d25c509cac_amd64"
},
"product_reference": "openshift-logging/cluster-logging-rhel9-operator@sha256:37dc87c3288fd38a4464df259ea975fdd425cd9b2a812a30344b19d25c509cac_amd64",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel9-operator@sha256:8b7a19e15635345ec50dfa06216ca3752db5e45a2c9a64279b0007d59d9d5e7c_s390x as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/cluster-logging-rhel9-operator@sha256:8b7a19e15635345ec50dfa06216ca3752db5e45a2c9a64279b0007d59d9d5e7c_s390x"
},
"product_reference": "openshift-logging/cluster-logging-rhel9-operator@sha256:8b7a19e15635345ec50dfa06216ca3752db5e45a2c9a64279b0007d59d9d5e7c_s390x",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:4ce6826507ee4da12599291f9db04c78b44acafca848ca2eff48abc569665094_amd64 as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/elasticsearch-operator-bundle@sha256:4ce6826507ee4da12599291f9db04c78b44acafca848ca2eff48abc569665094_amd64"
},
"product_reference": "openshift-logging/elasticsearch-operator-bundle@sha256:4ce6826507ee4da12599291f9db04c78b44acafca848ca2eff48abc569665094_amd64",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel9@sha256:a86638b1509fd21548bd9dcdfd5a81c0e664b5a69cfd6622c298d4623dd91e8a_s390x as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/elasticsearch-proxy-rhel9@sha256:a86638b1509fd21548bd9dcdfd5a81c0e664b5a69cfd6622c298d4623dd91e8a_s390x"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel9@sha256:a86638b1509fd21548bd9dcdfd5a81c0e664b5a69cfd6622c298d4623dd91e8a_s390x",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel9@sha256:e39dc186e409102ecff98ddcf8eab735245cd8dac2aac8873046196a13feac09_amd64 as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/elasticsearch-proxy-rhel9@sha256:e39dc186e409102ecff98ddcf8eab735245cd8dac2aac8873046196a13feac09_amd64"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel9@sha256:e39dc186e409102ecff98ddcf8eab735245cd8dac2aac8873046196a13feac09_amd64",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel9@sha256:e716f674bfcc67c99db13462f1cd653333960ab0d2ac25e7801917621d516614_arm64 as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/elasticsearch-proxy-rhel9@sha256:e716f674bfcc67c99db13462f1cd653333960ab0d2ac25e7801917621d516614_arm64"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel9@sha256:e716f674bfcc67c99db13462f1cd653333960ab0d2ac25e7801917621d516614_arm64",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel9@sha256:f54e50816a3c53e0881233c2aa1f587a5960363bf0a655547d9fc1b18b49f624_ppc64le as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/elasticsearch-proxy-rhel9@sha256:f54e50816a3c53e0881233c2aa1f587a5960363bf0a655547d9fc1b18b49f624_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel9@sha256:f54e50816a3c53e0881233c2aa1f587a5960363bf0a655547d9fc1b18b49f624_ppc64le",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel9-operator@sha256:4513b1f084dc5bc4aaa1157874a853347a9013c96c348218b22ff85ac907a49a_arm64 as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/elasticsearch-rhel9-operator@sha256:4513b1f084dc5bc4aaa1157874a853347a9013c96c348218b22ff85ac907a49a_arm64"
},
"product_reference": "openshift-logging/elasticsearch-rhel9-operator@sha256:4513b1f084dc5bc4aaa1157874a853347a9013c96c348218b22ff85ac907a49a_arm64",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel9-operator@sha256:a2356af786aaab3c413888a022df006442e09415433568124bf2ccb5e36875df_ppc64le as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/elasticsearch-rhel9-operator@sha256:a2356af786aaab3c413888a022df006442e09415433568124bf2ccb5e36875df_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch-rhel9-operator@sha256:a2356af786aaab3c413888a022df006442e09415433568124bf2ccb5e36875df_ppc64le",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel9-operator@sha256:dd0a1e56c1885fb82590bc63f756555fdae19279079bd9b4563007e5ddc03212_s390x as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/elasticsearch-rhel9-operator@sha256:dd0a1e56c1885fb82590bc63f756555fdae19279079bd9b4563007e5ddc03212_s390x"
},
"product_reference": "openshift-logging/elasticsearch-rhel9-operator@sha256:dd0a1e56c1885fb82590bc63f756555fdae19279079bd9b4563007e5ddc03212_s390x",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel9-operator@sha256:fdf7864142ecbcc748a55d6fdc0b65be6cbdce23db39271c3e46ac5d2a96a61f_amd64 as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/elasticsearch-rhel9-operator@sha256:fdf7864142ecbcc748a55d6fdc0b65be6cbdce23db39271c3e46ac5d2a96a61f_amd64"
},
"product_reference": "openshift-logging/elasticsearch-rhel9-operator@sha256:fdf7864142ecbcc748a55d6fdc0b65be6cbdce23db39271c3e46ac5d2a96a61f_amd64",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel9@sha256:1d36c49320ab8db78732e14454c6dd0c20bdbcaa568cbc5286e069a390d6cb81_arm64 as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/elasticsearch6-rhel9@sha256:1d36c49320ab8db78732e14454c6dd0c20bdbcaa568cbc5286e069a390d6cb81_arm64"
},
"product_reference": "openshift-logging/elasticsearch6-rhel9@sha256:1d36c49320ab8db78732e14454c6dd0c20bdbcaa568cbc5286e069a390d6cb81_arm64",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel9@sha256:3c59da5292ec82aab4f3d122f48353c1a2d8d1bd157a8b5978bda666a17a7bfc_amd64 as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/elasticsearch6-rhel9@sha256:3c59da5292ec82aab4f3d122f48353c1a2d8d1bd157a8b5978bda666a17a7bfc_amd64"
},
"product_reference": "openshift-logging/elasticsearch6-rhel9@sha256:3c59da5292ec82aab4f3d122f48353c1a2d8d1bd157a8b5978bda666a17a7bfc_amd64",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel9@sha256:adc09db92b227aa21063b96d5213ecd4e828c509710a75f60625dc65689194fc_ppc64le as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/elasticsearch6-rhel9@sha256:adc09db92b227aa21063b96d5213ecd4e828c509710a75f60625dc65689194fc_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch6-rhel9@sha256:adc09db92b227aa21063b96d5213ecd4e828c509710a75f60625dc65689194fc_ppc64le",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel9@sha256:f804ddc928697dcfa43eadf4426efab90cad3bc53b043ffa570a6b2ec6adb78d_s390x as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/elasticsearch6-rhel9@sha256:f804ddc928697dcfa43eadf4426efab90cad3bc53b043ffa570a6b2ec6adb78d_s390x"
},
"product_reference": "openshift-logging/elasticsearch6-rhel9@sha256:f804ddc928697dcfa43eadf4426efab90cad3bc53b043ffa570a6b2ec6adb78d_s390x",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel9@sha256:06c8663410726f87fc54d1e05d19f1dda7d5f6e8caabe60395540f304bbf0022_arm64 as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/eventrouter-rhel9@sha256:06c8663410726f87fc54d1e05d19f1dda7d5f6e8caabe60395540f304bbf0022_arm64"
},
"product_reference": "openshift-logging/eventrouter-rhel9@sha256:06c8663410726f87fc54d1e05d19f1dda7d5f6e8caabe60395540f304bbf0022_arm64",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel9@sha256:27cf8a3d2649f9c52bcc1bd02d213bd68e8262395a6b8206bcb0c00a2e93d6aa_s390x as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/eventrouter-rhel9@sha256:27cf8a3d2649f9c52bcc1bd02d213bd68e8262395a6b8206bcb0c00a2e93d6aa_s390x"
},
"product_reference": "openshift-logging/eventrouter-rhel9@sha256:27cf8a3d2649f9c52bcc1bd02d213bd68e8262395a6b8206bcb0c00a2e93d6aa_s390x",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel9@sha256:516fd338924ee556027872dce795d3e609a890f49c36fb30e0fd4c88ebf49d61_amd64 as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/eventrouter-rhel9@sha256:516fd338924ee556027872dce795d3e609a890f49c36fb30e0fd4c88ebf49d61_amd64"
},
"product_reference": "openshift-logging/eventrouter-rhel9@sha256:516fd338924ee556027872dce795d3e609a890f49c36fb30e0fd4c88ebf49d61_amd64",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel9@sha256:f3485f32c96c779641c808402504646b14e0f82115e5b81b8dea0598ade18761_ppc64le as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/eventrouter-rhel9@sha256:f3485f32c96c779641c808402504646b14e0f82115e5b81b8dea0598ade18761_ppc64le"
},
"product_reference": "openshift-logging/eventrouter-rhel9@sha256:f3485f32c96c779641c808402504646b14e0f82115e5b81b8dea0598ade18761_ppc64le",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel9@sha256:1d03453be061070bcb914e799ed03e536a96a2b30580f704120377dce94a8fd7_arm64 as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/fluentd-rhel9@sha256:1d03453be061070bcb914e799ed03e536a96a2b30580f704120377dce94a8fd7_arm64"
},
"product_reference": "openshift-logging/fluentd-rhel9@sha256:1d03453be061070bcb914e799ed03e536a96a2b30580f704120377dce94a8fd7_arm64",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel9@sha256:4d8f2292c0fbbe9a5f991227a28648c55b8a5b9d8aa58e235ac92a9a6d2929b0_s390x as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/fluentd-rhel9@sha256:4d8f2292c0fbbe9a5f991227a28648c55b8a5b9d8aa58e235ac92a9a6d2929b0_s390x"
},
"product_reference": "openshift-logging/fluentd-rhel9@sha256:4d8f2292c0fbbe9a5f991227a28648c55b8a5b9d8aa58e235ac92a9a6d2929b0_s390x",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel9@sha256:9528ac4929198de9b377af2c9247373ff7768270d9a872d8dece61db2b54506f_amd64 as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/fluentd-rhel9@sha256:9528ac4929198de9b377af2c9247373ff7768270d9a872d8dece61db2b54506f_amd64"
},
"product_reference": "openshift-logging/fluentd-rhel9@sha256:9528ac4929198de9b377af2c9247373ff7768270d9a872d8dece61db2b54506f_amd64",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel9@sha256:c622dfc323c52bb80f9b57aebd5ee8127be94a6a2b9194794ebdb147f2eb826e_ppc64le as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/fluentd-rhel9@sha256:c622dfc323c52bb80f9b57aebd5ee8127be94a6a2b9194794ebdb147f2eb826e_ppc64le"
},
"product_reference": "openshift-logging/fluentd-rhel9@sha256:c622dfc323c52bb80f9b57aebd5ee8127be94a6a2b9194794ebdb147f2eb826e_ppc64le",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel9@sha256:4444a1fee0da12fb24ac6ee10b5213d20a48bce1d73ac70fadb2a8b7a9d344ac_s390x as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/log-file-metric-exporter-rhel9@sha256:4444a1fee0da12fb24ac6ee10b5213d20a48bce1d73ac70fadb2a8b7a9d344ac_s390x"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel9@sha256:4444a1fee0da12fb24ac6ee10b5213d20a48bce1d73ac70fadb2a8b7a9d344ac_s390x",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel9@sha256:5ecc9e43ccead565e8119f1fcb123cf2d41c70988d87188d2d20a1c9dc4fb138_amd64 as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/log-file-metric-exporter-rhel9@sha256:5ecc9e43ccead565e8119f1fcb123cf2d41c70988d87188d2d20a1c9dc4fb138_amd64"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel9@sha256:5ecc9e43ccead565e8119f1fcb123cf2d41c70988d87188d2d20a1c9dc4fb138_amd64",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel9@sha256:a5327009e3d86feeb3b23b1deb289ccee21458fdadadf416e79b5f21f8ac4a6d_ppc64le as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/log-file-metric-exporter-rhel9@sha256:a5327009e3d86feeb3b23b1deb289ccee21458fdadadf416e79b5f21f8ac4a6d_ppc64le"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel9@sha256:a5327009e3d86feeb3b23b1deb289ccee21458fdadadf416e79b5f21f8ac4a6d_ppc64le",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel9@sha256:e47231c177a1ca022d4e7f79e837e99f315cd42d01f3f0de75551471f2ba7f9a_arm64 as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/log-file-metric-exporter-rhel9@sha256:e47231c177a1ca022d4e7f79e837e99f315cd42d01f3f0de75551471f2ba7f9a_arm64"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel9@sha256:e47231c177a1ca022d4e7f79e837e99f315cd42d01f3f0de75551471f2ba7f9a_arm64",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel9@sha256:05e5c1a7e37c1a7cf45e52783d9f585a07ceffd7fa8b3e201299a83112ea1d9f_amd64 as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/logging-curator5-rhel9@sha256:05e5c1a7e37c1a7cf45e52783d9f585a07ceffd7fa8b3e201299a83112ea1d9f_amd64"
},
"product_reference": "openshift-logging/logging-curator5-rhel9@sha256:05e5c1a7e37c1a7cf45e52783d9f585a07ceffd7fa8b3e201299a83112ea1d9f_amd64",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel9@sha256:44a41db6b1f1fe7ff4eed4eb9a477a11e16ee20633a47a202043646deb80cf73_arm64 as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/logging-curator5-rhel9@sha256:44a41db6b1f1fe7ff4eed4eb9a477a11e16ee20633a47a202043646deb80cf73_arm64"
},
"product_reference": "openshift-logging/logging-curator5-rhel9@sha256:44a41db6b1f1fe7ff4eed4eb9a477a11e16ee20633a47a202043646deb80cf73_arm64",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel9@sha256:85fef320804af3187050e159fc47d8cd805a93deb3e85cf02d682297ff030df6_s390x as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/logging-curator5-rhel9@sha256:85fef320804af3187050e159fc47d8cd805a93deb3e85cf02d682297ff030df6_s390x"
},
"product_reference": "openshift-logging/logging-curator5-rhel9@sha256:85fef320804af3187050e159fc47d8cd805a93deb3e85cf02d682297ff030df6_s390x",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel9@sha256:a9ac334299331d20fb766d3bf2a238fd350e528b8f0f91e7fbbd977957e93a02_ppc64le as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/logging-curator5-rhel9@sha256:a9ac334299331d20fb766d3bf2a238fd350e528b8f0f91e7fbbd977957e93a02_ppc64le"
},
"product_reference": "openshift-logging/logging-curator5-rhel9@sha256:a9ac334299331d20fb766d3bf2a238fd350e528b8f0f91e7fbbd977957e93a02_ppc64le",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-loki-rhel9@sha256:644da04b0ca9e645a45e07dd4d9c422ef0443be5e1383a426f0e81fc2bdaa46c_arm64 as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/logging-loki-rhel9@sha256:644da04b0ca9e645a45e07dd4d9c422ef0443be5e1383a426f0e81fc2bdaa46c_arm64"
},
"product_reference": "openshift-logging/logging-loki-rhel9@sha256:644da04b0ca9e645a45e07dd4d9c422ef0443be5e1383a426f0e81fc2bdaa46c_arm64",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-loki-rhel9@sha256:bae08d83fcd69393d36e94e8495640200ab274018417ab013b4ea792e71a5f9b_amd64 as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/logging-loki-rhel9@sha256:bae08d83fcd69393d36e94e8495640200ab274018417ab013b4ea792e71a5f9b_amd64"
},
"product_reference": "openshift-logging/logging-loki-rhel9@sha256:bae08d83fcd69393d36e94e8495640200ab274018417ab013b4ea792e71a5f9b_amd64",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-loki-rhel9@sha256:c26dbee6764e5466707b2ed2b89abaef5b22775f887d519c24190af2d93bc795_ppc64le as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/logging-loki-rhel9@sha256:c26dbee6764e5466707b2ed2b89abaef5b22775f887d519c24190af2d93bc795_ppc64le"
},
"product_reference": "openshift-logging/logging-loki-rhel9@sha256:c26dbee6764e5466707b2ed2b89abaef5b22775f887d519c24190af2d93bc795_ppc64le",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-loki-rhel9@sha256:f3eb4fd2cca5ba941e6a1873b35ffb125a123fdb44719893ef4349ffa32c108d_s390x as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/logging-loki-rhel9@sha256:f3eb4fd2cca5ba941e6a1873b35ffb125a123fdb44719893ef4349ffa32c108d_s390x"
},
"product_reference": "openshift-logging/logging-loki-rhel9@sha256:f3eb4fd2cca5ba941e6a1873b35ffb125a123fdb44719893ef4349ffa32c108d_s390x",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-view-plugin-rhel9@sha256:39843776aa55f88ceef1628b974235d90312368b064acfeaba78da7502f5e385_amd64 as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/logging-view-plugin-rhel9@sha256:39843776aa55f88ceef1628b974235d90312368b064acfeaba78da7502f5e385_amd64"
},
"product_reference": "openshift-logging/logging-view-plugin-rhel9@sha256:39843776aa55f88ceef1628b974235d90312368b064acfeaba78da7502f5e385_amd64",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-view-plugin-rhel9@sha256:4064100dfe726ed15ad686a7e172c6f8bb1b676c8b619bcac04ffae22351dab7_arm64 as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/logging-view-plugin-rhel9@sha256:4064100dfe726ed15ad686a7e172c6f8bb1b676c8b619bcac04ffae22351dab7_arm64"
},
"product_reference": "openshift-logging/logging-view-plugin-rhel9@sha256:4064100dfe726ed15ad686a7e172c6f8bb1b676c8b619bcac04ffae22351dab7_arm64",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-view-plugin-rhel9@sha256:9240d5405d00377788a20ac952fd7356ee39398ec818627d8a1030e224c81bf0_ppc64le as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/logging-view-plugin-rhel9@sha256:9240d5405d00377788a20ac952fd7356ee39398ec818627d8a1030e224c81bf0_ppc64le"
},
"product_reference": "openshift-logging/logging-view-plugin-rhel9@sha256:9240d5405d00377788a20ac952fd7356ee39398ec818627d8a1030e224c81bf0_ppc64le",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-view-plugin-rhel9@sha256:d9afad1be8c0e83664d376ba2e5f3de3d1597e6641799188fb91caf63444f9a9_s390x as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/logging-view-plugin-rhel9@sha256:d9afad1be8c0e83664d376ba2e5f3de3d1597e6641799188fb91caf63444f9a9_s390x"
},
"product_reference": "openshift-logging/logging-view-plugin-rhel9@sha256:d9afad1be8c0e83664d376ba2e5f3de3d1597e6641799188fb91caf63444f9a9_s390x",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/loki-operator-bundle@sha256:2e8db8133adbc1fe1943c3fac40d90f3f3c4666820b3f4a07c977b9909eb0745_amd64 as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/loki-operator-bundle@sha256:2e8db8133adbc1fe1943c3fac40d90f3f3c4666820b3f4a07c977b9909eb0745_amd64"
},
"product_reference": "openshift-logging/loki-operator-bundle@sha256:2e8db8133adbc1fe1943c3fac40d90f3f3c4666820b3f4a07c977b9909eb0745_amd64",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/loki-rhel9-operator@sha256:436ac0c2d8570e3d070ad988dd9975df6e22d436641721227ba7716f9b34c6ca_s390x as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/loki-rhel9-operator@sha256:436ac0c2d8570e3d070ad988dd9975df6e22d436641721227ba7716f9b34c6ca_s390x"
},
"product_reference": "openshift-logging/loki-rhel9-operator@sha256:436ac0c2d8570e3d070ad988dd9975df6e22d436641721227ba7716f9b34c6ca_s390x",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/loki-rhel9-operator@sha256:a80fccad715ad74bfedaa29339e701c1ec514666a9fda125b7ec984fbfdeac68_arm64 as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/loki-rhel9-operator@sha256:a80fccad715ad74bfedaa29339e701c1ec514666a9fda125b7ec984fbfdeac68_arm64"
},
"product_reference": "openshift-logging/loki-rhel9-operator@sha256:a80fccad715ad74bfedaa29339e701c1ec514666a9fda125b7ec984fbfdeac68_arm64",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/loki-rhel9-operator@sha256:b3b04b4b8434fbdf85f189e12f5fa02d5ada5e8b443f2e7f27fb47d9ff3d5c77_ppc64le as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/loki-rhel9-operator@sha256:b3b04b4b8434fbdf85f189e12f5fa02d5ada5e8b443f2e7f27fb47d9ff3d5c77_ppc64le"
},
"product_reference": "openshift-logging/loki-rhel9-operator@sha256:b3b04b4b8434fbdf85f189e12f5fa02d5ada5e8b443f2e7f27fb47d9ff3d5c77_ppc64le",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/loki-rhel9-operator@sha256:be7ef11c660cdca24ae5ca72b6d952703632decdae1c3215ea12933024821024_amd64 as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/loki-rhel9-operator@sha256:be7ef11c660cdca24ae5ca72b6d952703632decdae1c3215ea12933024821024_amd64"
},
"product_reference": "openshift-logging/loki-rhel9-operator@sha256:be7ef11c660cdca24ae5ca72b6d952703632decdae1c3215ea12933024821024_amd64",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/lokistack-gateway-rhel9@sha256:1bd8c25b7c401341b38f7e29884340d8a9cf84a581546b8cc50ddbfe279a3e40_arm64 as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/lokistack-gateway-rhel9@sha256:1bd8c25b7c401341b38f7e29884340d8a9cf84a581546b8cc50ddbfe279a3e40_arm64"
},
"product_reference": "openshift-logging/lokistack-gateway-rhel9@sha256:1bd8c25b7c401341b38f7e29884340d8a9cf84a581546b8cc50ddbfe279a3e40_arm64",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/lokistack-gateway-rhel9@sha256:2d0fbb9d3494cad96319e2b4e7921b746eac8970999499b5e4f2155318c8fdfc_amd64 as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/lokistack-gateway-rhel9@sha256:2d0fbb9d3494cad96319e2b4e7921b746eac8970999499b5e4f2155318c8fdfc_amd64"
},
"product_reference": "openshift-logging/lokistack-gateway-rhel9@sha256:2d0fbb9d3494cad96319e2b4e7921b746eac8970999499b5e4f2155318c8fdfc_amd64",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/lokistack-gateway-rhel9@sha256:3196ffea1ee3e0533d956262276ab53a07583af237f4755332e018d2c59b7fd3_ppc64le as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/lokistack-gateway-rhel9@sha256:3196ffea1ee3e0533d956262276ab53a07583af237f4755332e018d2c59b7fd3_ppc64le"
},
"product_reference": "openshift-logging/lokistack-gateway-rhel9@sha256:3196ffea1ee3e0533d956262276ab53a07583af237f4755332e018d2c59b7fd3_ppc64le",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/lokistack-gateway-rhel9@sha256:e5d95fd73e0791e24d9d7fc7effbf72814a04dd215e89855168785fa9828ff9d_s390x as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/lokistack-gateway-rhel9@sha256:e5d95fd73e0791e24d9d7fc7effbf72814a04dd215e89855168785fa9828ff9d_s390x"
},
"product_reference": "openshift-logging/lokistack-gateway-rhel9@sha256:e5d95fd73e0791e24d9d7fc7effbf72814a04dd215e89855168785fa9828ff9d_s390x",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/opa-openshift-rhel9@sha256:37dd52b741aa3c78bb03ce7ebb4ff3599f9aa7cea0b17217a0d77dfb31e7315e_s390x as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/opa-openshift-rhel9@sha256:37dd52b741aa3c78bb03ce7ebb4ff3599f9aa7cea0b17217a0d77dfb31e7315e_s390x"
},
"product_reference": "openshift-logging/opa-openshift-rhel9@sha256:37dd52b741aa3c78bb03ce7ebb4ff3599f9aa7cea0b17217a0d77dfb31e7315e_s390x",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/opa-openshift-rhel9@sha256:5c454bf68557e0f761a4a07cc548147485080ac9f9aeaab672be5f15dbe835e2_amd64 as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/opa-openshift-rhel9@sha256:5c454bf68557e0f761a4a07cc548147485080ac9f9aeaab672be5f15dbe835e2_amd64"
},
"product_reference": "openshift-logging/opa-openshift-rhel9@sha256:5c454bf68557e0f761a4a07cc548147485080ac9f9aeaab672be5f15dbe835e2_amd64",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/opa-openshift-rhel9@sha256:818935f46bf047aad7a85f7da66fca51fd27cf5e6c7c78045362df7e61a65f3d_ppc64le as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/opa-openshift-rhel9@sha256:818935f46bf047aad7a85f7da66fca51fd27cf5e6c7c78045362df7e61a65f3d_ppc64le"
},
"product_reference": "openshift-logging/opa-openshift-rhel9@sha256:818935f46bf047aad7a85f7da66fca51fd27cf5e6c7c78045362df7e61a65f3d_ppc64le",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/opa-openshift-rhel9@sha256:9d78894c3dde67fde95c3798a6be44250546f3615bd7c2c85c3b78c5b948e969_arm64 as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/opa-openshift-rhel9@sha256:9d78894c3dde67fde95c3798a6be44250546f3615bd7c2c85c3b78c5b948e969_arm64"
},
"product_reference": "openshift-logging/opa-openshift-rhel9@sha256:9d78894c3dde67fde95c3798a6be44250546f3615bd7c2c85c3b78c5b948e969_arm64",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/vector-rhel9@sha256:2b5a275b0f1b5c3f6b0d575b98f4c3850b53316882910ee74b16b68c38901308_arm64 as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/vector-rhel9@sha256:2b5a275b0f1b5c3f6b0d575b98f4c3850b53316882910ee74b16b68c38901308_arm64"
},
"product_reference": "openshift-logging/vector-rhel9@sha256:2b5a275b0f1b5c3f6b0d575b98f4c3850b53316882910ee74b16b68c38901308_arm64",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/vector-rhel9@sha256:83e1e21fc093a8edcbbf659c6233f279f2736505fb015a2bd0203c2a77ae2132_s390x as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/vector-rhel9@sha256:83e1e21fc093a8edcbbf659c6233f279f2736505fb015a2bd0203c2a77ae2132_s390x"
},
"product_reference": "openshift-logging/vector-rhel9@sha256:83e1e21fc093a8edcbbf659c6233f279f2736505fb015a2bd0203c2a77ae2132_s390x",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/vector-rhel9@sha256:b35f4a364b555214424fa0df5d607c234ec5712c480082f454c010cafe0677b4_amd64 as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/vector-rhel9@sha256:b35f4a364b555214424fa0df5d607c234ec5712c480082f454c010cafe0677b4_amd64"
},
"product_reference": "openshift-logging/vector-rhel9@sha256:b35f4a364b555214424fa0df5d607c234ec5712c480082f454c010cafe0677b4_amd64",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/vector-rhel9@sha256:d6c21081f7adfd4b9eda7af9b5a2692087e985a503b99f6093eaeb45b593ec99_ppc64le as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/vector-rhel9@sha256:d6c21081f7adfd4b9eda7af9b5a2692087e985a503b99f6093eaeb45b593ec99_ppc64le"
},
"product_reference": "openshift-logging/vector-rhel9@sha256:d6c21081f7adfd4b9eda7af9b5a2692087e985a503b99f6093eaeb45b593ec99_ppc64le",
"relates_to_product_reference": "9Base-RHOL-5.8"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-47875",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-10-11T15:20:07.304345+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2318052"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in DOMPurify that could allow for a nesting-based mXSS to not be properly sanitized.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "dompurify: nesting-based mutation XSS vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOL-5.8:openshift-logging/cluster-logging-operator-bundle@sha256:58473a2057e6afafb0c10e6e90eb844a489c439511963fbce58c6e1a5e48eb1c_amd64",
"9Base-RHOL-5.8:openshift-logging/cluster-logging-rhel9-operator@sha256:005aae06f00c89a9163b25c7cc026bf1c4e0e2f1dca426c93e63c0e7beb6e6ce_arm64",
"9Base-RHOL-5.8:openshift-logging/cluster-logging-rhel9-operator@sha256:280fe34ae4c00292eeaa75b3fe72c2e0a4530fee948ea26c4eaff6591a221816_ppc64le",
"9Base-RHOL-5.8:openshift-logging/cluster-logging-rhel9-operator@sha256:37dc87c3288fd38a4464df259ea975fdd425cd9b2a812a30344b19d25c509cac_amd64",
"9Base-RHOL-5.8:openshift-logging/cluster-logging-rhel9-operator@sha256:8b7a19e15635345ec50dfa06216ca3752db5e45a2c9a64279b0007d59d9d5e7c_s390x",
"9Base-RHOL-5.8:openshift-logging/elasticsearch-operator-bundle@sha256:4ce6826507ee4da12599291f9db04c78b44acafca848ca2eff48abc569665094_amd64",
"9Base-RHOL-5.8:openshift-logging/elasticsearch-proxy-rhel9@sha256:a86638b1509fd21548bd9dcdfd5a81c0e664b5a69cfd6622c298d4623dd91e8a_s390x",
"9Base-RHOL-5.8:openshift-logging/elasticsearch-proxy-rhel9@sha256:e39dc186e409102ecff98ddcf8eab735245cd8dac2aac8873046196a13feac09_amd64",
"9Base-RHOL-5.8:openshift-logging/elasticsearch-proxy-rhel9@sha256:e716f674bfcc67c99db13462f1cd653333960ab0d2ac25e7801917621d516614_arm64",
"9Base-RHOL-5.8:openshift-logging/elasticsearch-proxy-rhel9@sha256:f54e50816a3c53e0881233c2aa1f587a5960363bf0a655547d9fc1b18b49f624_ppc64le",
"9Base-RHOL-5.8:openshift-logging/elasticsearch-rhel9-operator@sha256:4513b1f084dc5bc4aaa1157874a853347a9013c96c348218b22ff85ac907a49a_arm64",
"9Base-RHOL-5.8:openshift-logging/elasticsearch-rhel9-operator@sha256:a2356af786aaab3c413888a022df006442e09415433568124bf2ccb5e36875df_ppc64le",
"9Base-RHOL-5.8:openshift-logging/elasticsearch-rhel9-operator@sha256:dd0a1e56c1885fb82590bc63f756555fdae19279079bd9b4563007e5ddc03212_s390x",
"9Base-RHOL-5.8:openshift-logging/elasticsearch-rhel9-operator@sha256:fdf7864142ecbcc748a55d6fdc0b65be6cbdce23db39271c3e46ac5d2a96a61f_amd64",
"9Base-RHOL-5.8:openshift-logging/elasticsearch6-rhel9@sha256:1d36c49320ab8db78732e14454c6dd0c20bdbcaa568cbc5286e069a390d6cb81_arm64",
"9Base-RHOL-5.8:openshift-logging/elasticsearch6-rhel9@sha256:3c59da5292ec82aab4f3d122f48353c1a2d8d1bd157a8b5978bda666a17a7bfc_amd64",
"9Base-RHOL-5.8:openshift-logging/elasticsearch6-rhel9@sha256:adc09db92b227aa21063b96d5213ecd4e828c509710a75f60625dc65689194fc_ppc64le",
"9Base-RHOL-5.8:openshift-logging/elasticsearch6-rhel9@sha256:f804ddc928697dcfa43eadf4426efab90cad3bc53b043ffa570a6b2ec6adb78d_s390x",
"9Base-RHOL-5.8:openshift-logging/eventrouter-rhel9@sha256:06c8663410726f87fc54d1e05d19f1dda7d5f6e8caabe60395540f304bbf0022_arm64",
"9Base-RHOL-5.8:openshift-logging/eventrouter-rhel9@sha256:27cf8a3d2649f9c52bcc1bd02d213bd68e8262395a6b8206bcb0c00a2e93d6aa_s390x",
"9Base-RHOL-5.8:openshift-logging/eventrouter-rhel9@sha256:516fd338924ee556027872dce795d3e609a890f49c36fb30e0fd4c88ebf49d61_amd64",
"9Base-RHOL-5.8:openshift-logging/eventrouter-rhel9@sha256:f3485f32c96c779641c808402504646b14e0f82115e5b81b8dea0598ade18761_ppc64le",
"9Base-RHOL-5.8:openshift-logging/fluentd-rhel9@sha256:1d03453be061070bcb914e799ed03e536a96a2b30580f704120377dce94a8fd7_arm64",
"9Base-RHOL-5.8:openshift-logging/fluentd-rhel9@sha256:4d8f2292c0fbbe9a5f991227a28648c55b8a5b9d8aa58e235ac92a9a6d2929b0_s390x",
"9Base-RHOL-5.8:openshift-logging/fluentd-rhel9@sha256:9528ac4929198de9b377af2c9247373ff7768270d9a872d8dece61db2b54506f_amd64",
"9Base-RHOL-5.8:openshift-logging/fluentd-rhel9@sha256:c622dfc323c52bb80f9b57aebd5ee8127be94a6a2b9194794ebdb147f2eb826e_ppc64le",
"9Base-RHOL-5.8:openshift-logging/log-file-metric-exporter-rhel9@sha256:4444a1fee0da12fb24ac6ee10b5213d20a48bce1d73ac70fadb2a8b7a9d344ac_s390x",
"9Base-RHOL-5.8:openshift-logging/log-file-metric-exporter-rhel9@sha256:5ecc9e43ccead565e8119f1fcb123cf2d41c70988d87188d2d20a1c9dc4fb138_amd64",
"9Base-RHOL-5.8:openshift-logging/log-file-metric-exporter-rhel9@sha256:a5327009e3d86feeb3b23b1deb289ccee21458fdadadf416e79b5f21f8ac4a6d_ppc64le",
"9Base-RHOL-5.8:openshift-logging/log-file-metric-exporter-rhel9@sha256:e47231c177a1ca022d4e7f79e837e99f315cd42d01f3f0de75551471f2ba7f9a_arm64",
"9Base-RHOL-5.8:openshift-logging/logging-curator5-rhel9@sha256:05e5c1a7e37c1a7cf45e52783d9f585a07ceffd7fa8b3e201299a83112ea1d9f_amd64",
"9Base-RHOL-5.8:openshift-logging/logging-curator5-rhel9@sha256:44a41db6b1f1fe7ff4eed4eb9a477a11e16ee20633a47a202043646deb80cf73_arm64",
"9Base-RHOL-5.8:openshift-logging/logging-curator5-rhel9@sha256:85fef320804af3187050e159fc47d8cd805a93deb3e85cf02d682297ff030df6_s390x",
"9Base-RHOL-5.8:openshift-logging/logging-curator5-rhel9@sha256:a9ac334299331d20fb766d3bf2a238fd350e528b8f0f91e7fbbd977957e93a02_ppc64le",
"9Base-RHOL-5.8:openshift-logging/logging-loki-rhel9@sha256:644da04b0ca9e645a45e07dd4d9c422ef0443be5e1383a426f0e81fc2bdaa46c_arm64",
"9Base-RHOL-5.8:openshift-logging/logging-loki-rhel9@sha256:bae08d83fcd69393d36e94e8495640200ab274018417ab013b4ea792e71a5f9b_amd64",
"9Base-RHOL-5.8:openshift-logging/logging-loki-rhel9@sha256:c26dbee6764e5466707b2ed2b89abaef5b22775f887d519c24190af2d93bc795_ppc64le",
"9Base-RHOL-5.8:openshift-logging/logging-loki-rhel9@sha256:f3eb4fd2cca5ba941e6a1873b35ffb125a123fdb44719893ef4349ffa32c108d_s390x",
"9Base-RHOL-5.8:openshift-logging/logging-view-plugin-rhel9@sha256:39843776aa55f88ceef1628b974235d90312368b064acfeaba78da7502f5e385_amd64",
"9Base-RHOL-5.8:openshift-logging/logging-view-plugin-rhel9@sha256:4064100dfe726ed15ad686a7e172c6f8bb1b676c8b619bcac04ffae22351dab7_arm64",
"9Base-RHOL-5.8:openshift-logging/logging-view-plugin-rhel9@sha256:9240d5405d00377788a20ac952fd7356ee39398ec818627d8a1030e224c81bf0_ppc64le",
"9Base-RHOL-5.8:openshift-logging/logging-view-plugin-rhel9@sha256:d9afad1be8c0e83664d376ba2e5f3de3d1597e6641799188fb91caf63444f9a9_s390x",
"9Base-RHOL-5.8:openshift-logging/loki-operator-bundle@sha256:2e8db8133adbc1fe1943c3fac40d90f3f3c4666820b3f4a07c977b9909eb0745_amd64",
"9Base-RHOL-5.8:openshift-logging/loki-rhel9-operator@sha256:436ac0c2d8570e3d070ad988dd9975df6e22d436641721227ba7716f9b34c6ca_s390x",
"9Base-RHOL-5.8:openshift-logging/loki-rhel9-operator@sha256:a80fccad715ad74bfedaa29339e701c1ec514666a9fda125b7ec984fbfdeac68_arm64",
"9Base-RHOL-5.8:openshift-logging/loki-rhel9-operator@sha256:b3b04b4b8434fbdf85f189e12f5fa02d5ada5e8b443f2e7f27fb47d9ff3d5c77_ppc64le",
"9Base-RHOL-5.8:openshift-logging/loki-rhel9-operator@sha256:be7ef11c660cdca24ae5ca72b6d952703632decdae1c3215ea12933024821024_amd64",
"9Base-RHOL-5.8:openshift-logging/lokistack-gateway-rhel9@sha256:1bd8c25b7c401341b38f7e29884340d8a9cf84a581546b8cc50ddbfe279a3e40_arm64",
"9Base-RHOL-5.8:openshift-logging/lokistack-gateway-rhel9@sha256:2d0fbb9d3494cad96319e2b4e7921b746eac8970999499b5e4f2155318c8fdfc_amd64",
"9Base-RHOL-5.8:openshift-logging/lokistack-gateway-rhel9@sha256:3196ffea1ee3e0533d956262276ab53a07583af237f4755332e018d2c59b7fd3_ppc64le",
"9Base-RHOL-5.8:openshift-logging/lokistack-gateway-rhel9@sha256:e5d95fd73e0791e24d9d7fc7effbf72814a04dd215e89855168785fa9828ff9d_s390x",
"9Base-RHOL-5.8:openshift-logging/opa-openshift-rhel9@sha256:37dd52b741aa3c78bb03ce7ebb4ff3599f9aa7cea0b17217a0d77dfb31e7315e_s390x",
"9Base-RHOL-5.8:openshift-logging/opa-openshift-rhel9@sha256:5c454bf68557e0f761a4a07cc548147485080ac9f9aeaab672be5f15dbe835e2_amd64",
"9Base-RHOL-5.8:openshift-logging/opa-openshift-rhel9@sha256:818935f46bf047aad7a85f7da66fca51fd27cf5e6c7c78045362df7e61a65f3d_ppc64le",
"9Base-RHOL-5.8:openshift-logging/opa-openshift-rhel9@sha256:9d78894c3dde67fde95c3798a6be44250546f3615bd7c2c85c3b78c5b948e969_arm64",
"9Base-RHOL-5.8:openshift-logging/vector-rhel9@sha256:2b5a275b0f1b5c3f6b0d575b98f4c3850b53316882910ee74b16b68c38901308_arm64",
"9Base-RHOL-5.8:openshift-logging/vector-rhel9@sha256:83e1e21fc093a8edcbbf659c6233f279f2736505fb015a2bd0203c2a77ae2132_s390x",
"9Base-RHOL-5.8:openshift-logging/vector-rhel9@sha256:b35f4a364b555214424fa0df5d607c234ec5712c480082f454c010cafe0677b4_amd64",
"9Base-RHOL-5.8:openshift-logging/vector-rhel9@sha256:d6c21081f7adfd4b9eda7af9b5a2692087e985a503b99f6093eaeb45b593ec99_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-47875"
},
{
"category": "external",
"summary": "RHBZ#2318052",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2318052"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-47875",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47875"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-47875",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-47875"
},
{
"category": "external",
"summary": "https://github.com/cure53/DOMPurify/blob/0ef5e537a514f904b6aa1d7ad9e749e365d7185f/test/test-suite.js#L2098",
"url": "https://github.com/cure53/DOMPurify/blob/0ef5e537a514f904b6aa1d7ad9e749e365d7185f/test/test-suite.js#L2098"
},
{
"category": "external",
"summary": "https://github.com/cure53/DOMPurify/commit/0ef5e537a514f904b6aa1d7ad9e749e365d7185f",
"url": "https://github.com/cure53/DOMPurify/commit/0ef5e537a514f904b6aa1d7ad9e749e365d7185f"
},
{
"category": "external",
"summary": "https://github.com/cure53/DOMPurify/commit/6ea80cd8b47640c20f2f230c7920b1f4ce4fdf7a",
"url": "https://github.com/cure53/DOMPurify/commit/6ea80cd8b47640c20f2f230c7920b1f4ce4fdf7a"
},
{
"category": "external",
"summary": "https://github.com/cure53/DOMPurify/security/advisories/GHSA-gx9m-whjm-85jf",
"url": "https://github.com/cure53/DOMPurify/security/advisories/GHSA-gx9m-whjm-85jf"
}
],
"release_date": "2024-10-11T15:15:05.860000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-01-15T09:55:01+00:00",
"details": "For OpenShift Container Platform 4.13 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.13/release_notes/ocp-4-13-release-notes.html\n\nFor Red Hat OpenShift Logging 5.8, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.13/logging/cluster-logging-upgrading.html",
"product_ids": [
"9Base-RHOL-5.8:openshift-logging/cluster-logging-operator-bundle@sha256:58473a2057e6afafb0c10e6e90eb844a489c439511963fbce58c6e1a5e48eb1c_amd64",
"9Base-RHOL-5.8:openshift-logging/cluster-logging-rhel9-operator@sha256:005aae06f00c89a9163b25c7cc026bf1c4e0e2f1dca426c93e63c0e7beb6e6ce_arm64",
"9Base-RHOL-5.8:openshift-logging/cluster-logging-rhel9-operator@sha256:280fe34ae4c00292eeaa75b3fe72c2e0a4530fee948ea26c4eaff6591a221816_ppc64le",
"9Base-RHOL-5.8:openshift-logging/cluster-logging-rhel9-operator@sha256:37dc87c3288fd38a4464df259ea975fdd425cd9b2a812a30344b19d25c509cac_amd64",
"9Base-RHOL-5.8:openshift-logging/cluster-logging-rhel9-operator@sha256:8b7a19e15635345ec50dfa06216ca3752db5e45a2c9a64279b0007d59d9d5e7c_s390x",
"9Base-RHOL-5.8:openshift-logging/elasticsearch-operator-bundle@sha256:4ce6826507ee4da12599291f9db04c78b44acafca848ca2eff48abc569665094_amd64",
"9Base-RHOL-5.8:openshift-logging/elasticsearch-proxy-rhel9@sha256:a86638b1509fd21548bd9dcdfd5a81c0e664b5a69cfd6622c298d4623dd91e8a_s390x",
"9Base-RHOL-5.8:openshift-logging/elasticsearch-proxy-rhel9@sha256:e39dc186e409102ecff98ddcf8eab735245cd8dac2aac8873046196a13feac09_amd64",
"9Base-RHOL-5.8:openshift-logging/elasticsearch-proxy-rhel9@sha256:e716f674bfcc67c99db13462f1cd653333960ab0d2ac25e7801917621d516614_arm64",
"9Base-RHOL-5.8:openshift-logging/elasticsearch-proxy-rhel9@sha256:f54e50816a3c53e0881233c2aa1f587a5960363bf0a655547d9fc1b18b49f624_ppc64le",
"9Base-RHOL-5.8:openshift-logging/elasticsearch-rhel9-operator@sha256:4513b1f084dc5bc4aaa1157874a853347a9013c96c348218b22ff85ac907a49a_arm64",
"9Base-RHOL-5.8:openshift-logging/elasticsearch-rhel9-operator@sha256:a2356af786aaab3c413888a022df006442e09415433568124bf2ccb5e36875df_ppc64le",
"9Base-RHOL-5.8:openshift-logging/elasticsearch-rhel9-operator@sha256:dd0a1e56c1885fb82590bc63f756555fdae19279079bd9b4563007e5ddc03212_s390x",
"9Base-RHOL-5.8:openshift-logging/elasticsearch-rhel9-operator@sha256:fdf7864142ecbcc748a55d6fdc0b65be6cbdce23db39271c3e46ac5d2a96a61f_amd64",
"9Base-RHOL-5.8:openshift-logging/elasticsearch6-rhel9@sha256:1d36c49320ab8db78732e14454c6dd0c20bdbcaa568cbc5286e069a390d6cb81_arm64",
"9Base-RHOL-5.8:openshift-logging/elasticsearch6-rhel9@sha256:3c59da5292ec82aab4f3d122f48353c1a2d8d1bd157a8b5978bda666a17a7bfc_amd64",
"9Base-RHOL-5.8:openshift-logging/elasticsearch6-rhel9@sha256:adc09db92b227aa21063b96d5213ecd4e828c509710a75f60625dc65689194fc_ppc64le",
"9Base-RHOL-5.8:openshift-logging/elasticsearch6-rhel9@sha256:f804ddc928697dcfa43eadf4426efab90cad3bc53b043ffa570a6b2ec6adb78d_s390x",
"9Base-RHOL-5.8:openshift-logging/eventrouter-rhel9@sha256:06c8663410726f87fc54d1e05d19f1dda7d5f6e8caabe60395540f304bbf0022_arm64",
"9Base-RHOL-5.8:openshift-logging/eventrouter-rhel9@sha256:27cf8a3d2649f9c52bcc1bd02d213bd68e8262395a6b8206bcb0c00a2e93d6aa_s390x",
"9Base-RHOL-5.8:openshift-logging/eventrouter-rhel9@sha256:516fd338924ee556027872dce795d3e609a890f49c36fb30e0fd4c88ebf49d61_amd64",
"9Base-RHOL-5.8:openshift-logging/eventrouter-rhel9@sha256:f3485f32c96c779641c808402504646b14e0f82115e5b81b8dea0598ade18761_ppc64le",
"9Base-RHOL-5.8:openshift-logging/fluentd-rhel9@sha256:1d03453be061070bcb914e799ed03e536a96a2b30580f704120377dce94a8fd7_arm64",
"9Base-RHOL-5.8:openshift-logging/fluentd-rhel9@sha256:4d8f2292c0fbbe9a5f991227a28648c55b8a5b9d8aa58e235ac92a9a6d2929b0_s390x",
"9Base-RHOL-5.8:openshift-logging/fluentd-rhel9@sha256:9528ac4929198de9b377af2c9247373ff7768270d9a872d8dece61db2b54506f_amd64",
"9Base-RHOL-5.8:openshift-logging/fluentd-rhel9@sha256:c622dfc323c52bb80f9b57aebd5ee8127be94a6a2b9194794ebdb147f2eb826e_ppc64le",
"9Base-RHOL-5.8:openshift-logging/log-file-metric-exporter-rhel9@sha256:4444a1fee0da12fb24ac6ee10b5213d20a48bce1d73ac70fadb2a8b7a9d344ac_s390x",
"9Base-RHOL-5.8:openshift-logging/log-file-metric-exporter-rhel9@sha256:5ecc9e43ccead565e8119f1fcb123cf2d41c70988d87188d2d20a1c9dc4fb138_amd64",
"9Base-RHOL-5.8:openshift-logging/log-file-metric-exporter-rhel9@sha256:a5327009e3d86feeb3b23b1deb289ccee21458fdadadf416e79b5f21f8ac4a6d_ppc64le",
"9Base-RHOL-5.8:openshift-logging/log-file-metric-exporter-rhel9@sha256:e47231c177a1ca022d4e7f79e837e99f315cd42d01f3f0de75551471f2ba7f9a_arm64",
"9Base-RHOL-5.8:openshift-logging/logging-curator5-rhel9@sha256:05e5c1a7e37c1a7cf45e52783d9f585a07ceffd7fa8b3e201299a83112ea1d9f_amd64",
"9Base-RHOL-5.8:openshift-logging/logging-curator5-rhel9@sha256:44a41db6b1f1fe7ff4eed4eb9a477a11e16ee20633a47a202043646deb80cf73_arm64",
"9Base-RHOL-5.8:openshift-logging/logging-curator5-rhel9@sha256:85fef320804af3187050e159fc47d8cd805a93deb3e85cf02d682297ff030df6_s390x",
"9Base-RHOL-5.8:openshift-logging/logging-curator5-rhel9@sha256:a9ac334299331d20fb766d3bf2a238fd350e528b8f0f91e7fbbd977957e93a02_ppc64le",
"9Base-RHOL-5.8:openshift-logging/logging-loki-rhel9@sha256:644da04b0ca9e645a45e07dd4d9c422ef0443be5e1383a426f0e81fc2bdaa46c_arm64",
"9Base-RHOL-5.8:openshift-logging/logging-loki-rhel9@sha256:bae08d83fcd69393d36e94e8495640200ab274018417ab013b4ea792e71a5f9b_amd64",
"9Base-RHOL-5.8:openshift-logging/logging-loki-rhel9@sha256:c26dbee6764e5466707b2ed2b89abaef5b22775f887d519c24190af2d93bc795_ppc64le",
"9Base-RHOL-5.8:openshift-logging/logging-loki-rhel9@sha256:f3eb4fd2cca5ba941e6a1873b35ffb125a123fdb44719893ef4349ffa32c108d_s390x",
"9Base-RHOL-5.8:openshift-logging/logging-view-plugin-rhel9@sha256:39843776aa55f88ceef1628b974235d90312368b064acfeaba78da7502f5e385_amd64",
"9Base-RHOL-5.8:openshift-logging/logging-view-plugin-rhel9@sha256:4064100dfe726ed15ad686a7e172c6f8bb1b676c8b619bcac04ffae22351dab7_arm64",
"9Base-RHOL-5.8:openshift-logging/logging-view-plugin-rhel9@sha256:9240d5405d00377788a20ac952fd7356ee39398ec818627d8a1030e224c81bf0_ppc64le",
"9Base-RHOL-5.8:openshift-logging/logging-view-plugin-rhel9@sha256:d9afad1be8c0e83664d376ba2e5f3de3d1597e6641799188fb91caf63444f9a9_s390x",
"9Base-RHOL-5.8:openshift-logging/loki-operator-bundle@sha256:2e8db8133adbc1fe1943c3fac40d90f3f3c4666820b3f4a07c977b9909eb0745_amd64",
"9Base-RHOL-5.8:openshift-logging/loki-rhel9-operator@sha256:436ac0c2d8570e3d070ad988dd9975df6e22d436641721227ba7716f9b34c6ca_s390x",
"9Base-RHOL-5.8:openshift-logging/loki-rhel9-operator@sha256:a80fccad715ad74bfedaa29339e701c1ec514666a9fda125b7ec984fbfdeac68_arm64",
"9Base-RHOL-5.8:openshift-logging/loki-rhel9-operator@sha256:b3b04b4b8434fbdf85f189e12f5fa02d5ada5e8b443f2e7f27fb47d9ff3d5c77_ppc64le",
"9Base-RHOL-5.8:openshift-logging/loki-rhel9-operator@sha256:be7ef11c660cdca24ae5ca72b6d952703632decdae1c3215ea12933024821024_amd64",
"9Base-RHOL-5.8:openshift-logging/lokistack-gateway-rhel9@sha256:1bd8c25b7c401341b38f7e29884340d8a9cf84a581546b8cc50ddbfe279a3e40_arm64",
"9Base-RHOL-5.8:openshift-logging/lokistack-gateway-rhel9@sha256:2d0fbb9d3494cad96319e2b4e7921b746eac8970999499b5e4f2155318c8fdfc_amd64",
"9Base-RHOL-5.8:openshift-logging/lokistack-gateway-rhel9@sha256:3196ffea1ee3e0533d956262276ab53a07583af237f4755332e018d2c59b7fd3_ppc64le",
"9Base-RHOL-5.8:openshift-logging/lokistack-gateway-rhel9@sha256:e5d95fd73e0791e24d9d7fc7effbf72814a04dd215e89855168785fa9828ff9d_s390x",
"9Base-RHOL-5.8:openshift-logging/opa-openshift-rhel9@sha256:37dd52b741aa3c78bb03ce7ebb4ff3599f9aa7cea0b17217a0d77dfb31e7315e_s390x",
"9Base-RHOL-5.8:openshift-logging/opa-openshift-rhel9@sha256:5c454bf68557e0f761a4a07cc548147485080ac9f9aeaab672be5f15dbe835e2_amd64",
"9Base-RHOL-5.8:openshift-logging/opa-openshift-rhel9@sha256:818935f46bf047aad7a85f7da66fca51fd27cf5e6c7c78045362df7e61a65f3d_ppc64le",
"9Base-RHOL-5.8:openshift-logging/opa-openshift-rhel9@sha256:9d78894c3dde67fde95c3798a6be44250546f3615bd7c2c85c3b78c5b948e969_arm64",
"9Base-RHOL-5.8:openshift-logging/vector-rhel9@sha256:2b5a275b0f1b5c3f6b0d575b98f4c3850b53316882910ee74b16b68c38901308_arm64",
"9Base-RHOL-5.8:openshift-logging/vector-rhel9@sha256:83e1e21fc093a8edcbbf659c6233f279f2736505fb015a2bd0203c2a77ae2132_s390x",
"9Base-RHOL-5.8:openshift-logging/vector-rhel9@sha256:b35f4a364b555214424fa0df5d607c234ec5712c480082f454c010cafe0677b4_amd64",
"9Base-RHOL-5.8:openshift-logging/vector-rhel9@sha256:d6c21081f7adfd4b9eda7af9b5a2692087e985a503b99f6093eaeb45b593ec99_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:0329"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHOL-5.8:openshift-logging/cluster-logging-operator-bundle@sha256:58473a2057e6afafb0c10e6e90eb844a489c439511963fbce58c6e1a5e48eb1c_amd64",
"9Base-RHOL-5.8:openshift-logging/cluster-logging-rhel9-operator@sha256:005aae06f00c89a9163b25c7cc026bf1c4e0e2f1dca426c93e63c0e7beb6e6ce_arm64",
"9Base-RHOL-5.8:openshift-logging/cluster-logging-rhel9-operator@sha256:280fe34ae4c00292eeaa75b3fe72c2e0a4530fee948ea26c4eaff6591a221816_ppc64le",
"9Base-RHOL-5.8:openshift-logging/cluster-logging-rhel9-operator@sha256:37dc87c3288fd38a4464df259ea975fdd425cd9b2a812a30344b19d25c509cac_amd64",
"9Base-RHOL-5.8:openshift-logging/cluster-logging-rhel9-operator@sha256:8b7a19e15635345ec50dfa06216ca3752db5e45a2c9a64279b0007d59d9d5e7c_s390x",
"9Base-RHOL-5.8:openshift-logging/elasticsearch-operator-bundle@sha256:4ce6826507ee4da12599291f9db04c78b44acafca848ca2eff48abc569665094_amd64",
"9Base-RHOL-5.8:openshift-logging/elasticsearch-proxy-rhel9@sha256:a86638b1509fd21548bd9dcdfd5a81c0e664b5a69cfd6622c298d4623dd91e8a_s390x",
"9Base-RHOL-5.8:openshift-logging/elasticsearch-proxy-rhel9@sha256:e39dc186e409102ecff98ddcf8eab735245cd8dac2aac8873046196a13feac09_amd64",
"9Base-RHOL-5.8:openshift-logging/elasticsearch-proxy-rhel9@sha256:e716f674bfcc67c99db13462f1cd653333960ab0d2ac25e7801917621d516614_arm64",
"9Base-RHOL-5.8:openshift-logging/elasticsearch-proxy-rhel9@sha256:f54e50816a3c53e0881233c2aa1f587a5960363bf0a655547d9fc1b18b49f624_ppc64le",
"9Base-RHOL-5.8:openshift-logging/elasticsearch-rhel9-operator@sha256:4513b1f084dc5bc4aaa1157874a853347a9013c96c348218b22ff85ac907a49a_arm64",
"9Base-RHOL-5.8:openshift-logging/elasticsearch-rhel9-operator@sha256:a2356af786aaab3c413888a022df006442e09415433568124bf2ccb5e36875df_ppc64le",
"9Base-RHOL-5.8:openshift-logging/elasticsearch-rhel9-operator@sha256:dd0a1e56c1885fb82590bc63f756555fdae19279079bd9b4563007e5ddc03212_s390x",
"9Base-RHOL-5.8:openshift-logging/elasticsearch-rhel9-operator@sha256:fdf7864142ecbcc748a55d6fdc0b65be6cbdce23db39271c3e46ac5d2a96a61f_amd64",
"9Base-RHOL-5.8:openshift-logging/elasticsearch6-rhel9@sha256:1d36c49320ab8db78732e14454c6dd0c20bdbcaa568cbc5286e069a390d6cb81_arm64",
"9Base-RHOL-5.8:openshift-logging/elasticsearch6-rhel9@sha256:3c59da5292ec82aab4f3d122f48353c1a2d8d1bd157a8b5978bda666a17a7bfc_amd64",
"9Base-RHOL-5.8:openshift-logging/elasticsearch6-rhel9@sha256:adc09db92b227aa21063b96d5213ecd4e828c509710a75f60625dc65689194fc_ppc64le",
"9Base-RHOL-5.8:openshift-logging/elasticsearch6-rhel9@sha256:f804ddc928697dcfa43eadf4426efab90cad3bc53b043ffa570a6b2ec6adb78d_s390x",
"9Base-RHOL-5.8:openshift-logging/eventrouter-rhel9@sha256:06c8663410726f87fc54d1e05d19f1dda7d5f6e8caabe60395540f304bbf0022_arm64",
"9Base-RHOL-5.8:openshift-logging/eventrouter-rhel9@sha256:27cf8a3d2649f9c52bcc1bd02d213bd68e8262395a6b8206bcb0c00a2e93d6aa_s390x",
"9Base-RHOL-5.8:openshift-logging/eventrouter-rhel9@sha256:516fd338924ee556027872dce795d3e609a890f49c36fb30e0fd4c88ebf49d61_amd64",
"9Base-RHOL-5.8:openshift-logging/eventrouter-rhel9@sha256:f3485f32c96c779641c808402504646b14e0f82115e5b81b8dea0598ade18761_ppc64le",
"9Base-RHOL-5.8:openshift-logging/fluentd-rhel9@sha256:1d03453be061070bcb914e799ed03e536a96a2b30580f704120377dce94a8fd7_arm64",
"9Base-RHOL-5.8:openshift-logging/fluentd-rhel9@sha256:4d8f2292c0fbbe9a5f991227a28648c55b8a5b9d8aa58e235ac92a9a6d2929b0_s390x",
"9Base-RHOL-5.8:openshift-logging/fluentd-rhel9@sha256:9528ac4929198de9b377af2c9247373ff7768270d9a872d8dece61db2b54506f_amd64",
"9Base-RHOL-5.8:openshift-logging/fluentd-rhel9@sha256:c622dfc323c52bb80f9b57aebd5ee8127be94a6a2b9194794ebdb147f2eb826e_ppc64le",
"9Base-RHOL-5.8:openshift-logging/log-file-metric-exporter-rhel9@sha256:4444a1fee0da12fb24ac6ee10b5213d20a48bce1d73ac70fadb2a8b7a9d344ac_s390x",
"9Base-RHOL-5.8:openshift-logging/log-file-metric-exporter-rhel9@sha256:5ecc9e43ccead565e8119f1fcb123cf2d41c70988d87188d2d20a1c9dc4fb138_amd64",
"9Base-RHOL-5.8:openshift-logging/log-file-metric-exporter-rhel9@sha256:a5327009e3d86feeb3b23b1deb289ccee21458fdadadf416e79b5f21f8ac4a6d_ppc64le",
"9Base-RHOL-5.8:openshift-logging/log-file-metric-exporter-rhel9@sha256:e47231c177a1ca022d4e7f79e837e99f315cd42d01f3f0de75551471f2ba7f9a_arm64",
"9Base-RHOL-5.8:openshift-logging/logging-curator5-rhel9@sha256:05e5c1a7e37c1a7cf45e52783d9f585a07ceffd7fa8b3e201299a83112ea1d9f_amd64",
"9Base-RHOL-5.8:openshift-logging/logging-curator5-rhel9@sha256:44a41db6b1f1fe7ff4eed4eb9a477a11e16ee20633a47a202043646deb80cf73_arm64",
"9Base-RHOL-5.8:openshift-logging/logging-curator5-rhel9@sha256:85fef320804af3187050e159fc47d8cd805a93deb3e85cf02d682297ff030df6_s390x",
"9Base-RHOL-5.8:openshift-logging/logging-curator5-rhel9@sha256:a9ac334299331d20fb766d3bf2a238fd350e528b8f0f91e7fbbd977957e93a02_ppc64le",
"9Base-RHOL-5.8:openshift-logging/logging-loki-rhel9@sha256:644da04b0ca9e645a45e07dd4d9c422ef0443be5e1383a426f0e81fc2bdaa46c_arm64",
"9Base-RHOL-5.8:openshift-logging/logging-loki-rhel9@sha256:bae08d83fcd69393d36e94e8495640200ab274018417ab013b4ea792e71a5f9b_amd64",
"9Base-RHOL-5.8:openshift-logging/logging-loki-rhel9@sha256:c26dbee6764e5466707b2ed2b89abaef5b22775f887d519c24190af2d93bc795_ppc64le",
"9Base-RHOL-5.8:openshift-logging/logging-loki-rhel9@sha256:f3eb4fd2cca5ba941e6a1873b35ffb125a123fdb44719893ef4349ffa32c108d_s390x",
"9Base-RHOL-5.8:openshift-logging/logging-view-plugin-rhel9@sha256:39843776aa55f88ceef1628b974235d90312368b064acfeaba78da7502f5e385_amd64",
"9Base-RHOL-5.8:openshift-logging/logging-view-plugin-rhel9@sha256:4064100dfe726ed15ad686a7e172c6f8bb1b676c8b619bcac04ffae22351dab7_arm64",
"9Base-RHOL-5.8:openshift-logging/logging-view-plugin-rhel9@sha256:9240d5405d00377788a20ac952fd7356ee39398ec818627d8a1030e224c81bf0_ppc64le",
"9Base-RHOL-5.8:openshift-logging/logging-view-plugin-rhel9@sha256:d9afad1be8c0e83664d376ba2e5f3de3d1597e6641799188fb91caf63444f9a9_s390x",
"9Base-RHOL-5.8:openshift-logging/loki-operator-bundle@sha256:2e8db8133adbc1fe1943c3fac40d90f3f3c4666820b3f4a07c977b9909eb0745_amd64",
"9Base-RHOL-5.8:openshift-logging/loki-rhel9-operator@sha256:436ac0c2d8570e3d070ad988dd9975df6e22d436641721227ba7716f9b34c6ca_s390x",
"9Base-RHOL-5.8:openshift-logging/loki-rhel9-operator@sha256:a80fccad715ad74bfedaa29339e701c1ec514666a9fda125b7ec984fbfdeac68_arm64",
"9Base-RHOL-5.8:openshift-logging/loki-rhel9-operator@sha256:b3b04b4b8434fbdf85f189e12f5fa02d5ada5e8b443f2e7f27fb47d9ff3d5c77_ppc64le",
"9Base-RHOL-5.8:openshift-logging/loki-rhel9-operator@sha256:be7ef11c660cdca24ae5ca72b6d952703632decdae1c3215ea12933024821024_amd64",
"9Base-RHOL-5.8:openshift-logging/lokistack-gateway-rhel9@sha256:1bd8c25b7c401341b38f7e29884340d8a9cf84a581546b8cc50ddbfe279a3e40_arm64",
"9Base-RHOL-5.8:openshift-logging/lokistack-gateway-rhel9@sha256:2d0fbb9d3494cad96319e2b4e7921b746eac8970999499b5e4f2155318c8fdfc_amd64",
"9Base-RHOL-5.8:openshift-logging/lokistack-gateway-rhel9@sha256:3196ffea1ee3e0533d956262276ab53a07583af237f4755332e018d2c59b7fd3_ppc64le",
"9Base-RHOL-5.8:openshift-logging/lokistack-gateway-rhel9@sha256:e5d95fd73e0791e24d9d7fc7effbf72814a04dd215e89855168785fa9828ff9d_s390x",
"9Base-RHOL-5.8:openshift-logging/opa-openshift-rhel9@sha256:37dd52b741aa3c78bb03ce7ebb4ff3599f9aa7cea0b17217a0d77dfb31e7315e_s390x",
"9Base-RHOL-5.8:openshift-logging/opa-openshift-rhel9@sha256:5c454bf68557e0f761a4a07cc548147485080ac9f9aeaab672be5f15dbe835e2_amd64",
"9Base-RHOL-5.8:openshift-logging/opa-openshift-rhel9@sha256:818935f46bf047aad7a85f7da66fca51fd27cf5e6c7c78045362df7e61a65f3d_ppc64le",
"9Base-RHOL-5.8:openshift-logging/opa-openshift-rhel9@sha256:9d78894c3dde67fde95c3798a6be44250546f3615bd7c2c85c3b78c5b948e969_arm64",
"9Base-RHOL-5.8:openshift-logging/vector-rhel9@sha256:2b5a275b0f1b5c3f6b0d575b98f4c3850b53316882910ee74b16b68c38901308_arm64",
"9Base-RHOL-5.8:openshift-logging/vector-rhel9@sha256:83e1e21fc093a8edcbbf659c6233f279f2736505fb015a2bd0203c2a77ae2132_s390x",
"9Base-RHOL-5.8:openshift-logging/vector-rhel9@sha256:b35f4a364b555214424fa0df5d607c234ec5712c480082f454c010cafe0677b4_amd64",
"9Base-RHOL-5.8:openshift-logging/vector-rhel9@sha256:d6c21081f7adfd4b9eda7af9b5a2692087e985a503b99f6093eaeb45b593ec99_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-RHOL-5.8:openshift-logging/cluster-logging-operator-bundle@sha256:58473a2057e6afafb0c10e6e90eb844a489c439511963fbce58c6e1a5e48eb1c_amd64",
"9Base-RHOL-5.8:openshift-logging/cluster-logging-rhel9-operator@sha256:005aae06f00c89a9163b25c7cc026bf1c4e0e2f1dca426c93e63c0e7beb6e6ce_arm64",
"9Base-RHOL-5.8:openshift-logging/cluster-logging-rhel9-operator@sha256:280fe34ae4c00292eeaa75b3fe72c2e0a4530fee948ea26c4eaff6591a221816_ppc64le",
"9Base-RHOL-5.8:openshift-logging/cluster-logging-rhel9-operator@sha256:37dc87c3288fd38a4464df259ea975fdd425cd9b2a812a30344b19d25c509cac_amd64",
"9Base-RHOL-5.8:openshift-logging/cluster-logging-rhel9-operator@sha256:8b7a19e15635345ec50dfa06216ca3752db5e45a2c9a64279b0007d59d9d5e7c_s390x",
"9Base-RHOL-5.8:openshift-logging/elasticsearch-operator-bundle@sha256:4ce6826507ee4da12599291f9db04c78b44acafca848ca2eff48abc569665094_amd64",
"9Base-RHOL-5.8:openshift-logging/elasticsearch-proxy-rhel9@sha256:a86638b1509fd21548bd9dcdfd5a81c0e664b5a69cfd6622c298d4623dd91e8a_s390x",
"9Base-RHOL-5.8:openshift-logging/elasticsearch-proxy-rhel9@sha256:e39dc186e409102ecff98ddcf8eab735245cd8dac2aac8873046196a13feac09_amd64",
"9Base-RHOL-5.8:openshift-logging/elasticsearch-proxy-rhel9@sha256:e716f674bfcc67c99db13462f1cd653333960ab0d2ac25e7801917621d516614_arm64",
"9Base-RHOL-5.8:openshift-logging/elasticsearch-proxy-rhel9@sha256:f54e50816a3c53e0881233c2aa1f587a5960363bf0a655547d9fc1b18b49f624_ppc64le",
"9Base-RHOL-5.8:openshift-logging/elasticsearch-rhel9-operator@sha256:4513b1f084dc5bc4aaa1157874a853347a9013c96c348218b22ff85ac907a49a_arm64",
"9Base-RHOL-5.8:openshift-logging/elasticsearch-rhel9-operator@sha256:a2356af786aaab3c413888a022df006442e09415433568124bf2ccb5e36875df_ppc64le",
"9Base-RHOL-5.8:openshift-logging/elasticsearch-rhel9-operator@sha256:dd0a1e56c1885fb82590bc63f756555fdae19279079bd9b4563007e5ddc03212_s390x",
"9Base-RHOL-5.8:openshift-logging/elasticsearch-rhel9-operator@sha256:fdf7864142ecbcc748a55d6fdc0b65be6cbdce23db39271c3e46ac5d2a96a61f_amd64",
"9Base-RHOL-5.8:openshift-logging/elasticsearch6-rhel9@sha256:1d36c49320ab8db78732e14454c6dd0c20bdbcaa568cbc5286e069a390d6cb81_arm64",
"9Base-RHOL-5.8:openshift-logging/elasticsearch6-rhel9@sha256:3c59da5292ec82aab4f3d122f48353c1a2d8d1bd157a8b5978bda666a17a7bfc_amd64",
"9Base-RHOL-5.8:openshift-logging/elasticsearch6-rhel9@sha256:adc09db92b227aa21063b96d5213ecd4e828c509710a75f60625dc65689194fc_ppc64le",
"9Base-RHOL-5.8:openshift-logging/elasticsearch6-rhel9@sha256:f804ddc928697dcfa43eadf4426efab90cad3bc53b043ffa570a6b2ec6adb78d_s390x",
"9Base-RHOL-5.8:openshift-logging/eventrouter-rhel9@sha256:06c8663410726f87fc54d1e05d19f1dda7d5f6e8caabe60395540f304bbf0022_arm64",
"9Base-RHOL-5.8:openshift-logging/eventrouter-rhel9@sha256:27cf8a3d2649f9c52bcc1bd02d213bd68e8262395a6b8206bcb0c00a2e93d6aa_s390x",
"9Base-RHOL-5.8:openshift-logging/eventrouter-rhel9@sha256:516fd338924ee556027872dce795d3e609a890f49c36fb30e0fd4c88ebf49d61_amd64",
"9Base-RHOL-5.8:openshift-logging/eventrouter-rhel9@sha256:f3485f32c96c779641c808402504646b14e0f82115e5b81b8dea0598ade18761_ppc64le",
"9Base-RHOL-5.8:openshift-logging/fluentd-rhel9@sha256:1d03453be061070bcb914e799ed03e536a96a2b30580f704120377dce94a8fd7_arm64",
"9Base-RHOL-5.8:openshift-logging/fluentd-rhel9@sha256:4d8f2292c0fbbe9a5f991227a28648c55b8a5b9d8aa58e235ac92a9a6d2929b0_s390x",
"9Base-RHOL-5.8:openshift-logging/fluentd-rhel9@sha256:9528ac4929198de9b377af2c9247373ff7768270d9a872d8dece61db2b54506f_amd64",
"9Base-RHOL-5.8:openshift-logging/fluentd-rhel9@sha256:c622dfc323c52bb80f9b57aebd5ee8127be94a6a2b9194794ebdb147f2eb826e_ppc64le",
"9Base-RHOL-5.8:openshift-logging/log-file-metric-exporter-rhel9@sha256:4444a1fee0da12fb24ac6ee10b5213d20a48bce1d73ac70fadb2a8b7a9d344ac_s390x",
"9Base-RHOL-5.8:openshift-logging/log-file-metric-exporter-rhel9@sha256:5ecc9e43ccead565e8119f1fcb123cf2d41c70988d87188d2d20a1c9dc4fb138_amd64",
"9Base-RHOL-5.8:openshift-logging/log-file-metric-exporter-rhel9@sha256:a5327009e3d86feeb3b23b1deb289ccee21458fdadadf416e79b5f21f8ac4a6d_ppc64le",
"9Base-RHOL-5.8:openshift-logging/log-file-metric-exporter-rhel9@sha256:e47231c177a1ca022d4e7f79e837e99f315cd42d01f3f0de75551471f2ba7f9a_arm64",
"9Base-RHOL-5.8:openshift-logging/logging-curator5-rhel9@sha256:05e5c1a7e37c1a7cf45e52783d9f585a07ceffd7fa8b3e201299a83112ea1d9f_amd64",
"9Base-RHOL-5.8:openshift-logging/logging-curator5-rhel9@sha256:44a41db6b1f1fe7ff4eed4eb9a477a11e16ee20633a47a202043646deb80cf73_arm64",
"9Base-RHOL-5.8:openshift-logging/logging-curator5-rhel9@sha256:85fef320804af3187050e159fc47d8cd805a93deb3e85cf02d682297ff030df6_s390x",
"9Base-RHOL-5.8:openshift-logging/logging-curator5-rhel9@sha256:a9ac334299331d20fb766d3bf2a238fd350e528b8f0f91e7fbbd977957e93a02_ppc64le",
"9Base-RHOL-5.8:openshift-logging/logging-loki-rhel9@sha256:644da04b0ca9e645a45e07dd4d9c422ef0443be5e1383a426f0e81fc2bdaa46c_arm64",
"9Base-RHOL-5.8:openshift-logging/logging-loki-rhel9@sha256:bae08d83fcd69393d36e94e8495640200ab274018417ab013b4ea792e71a5f9b_amd64",
"9Base-RHOL-5.8:openshift-logging/logging-loki-rhel9@sha256:c26dbee6764e5466707b2ed2b89abaef5b22775f887d519c24190af2d93bc795_ppc64le",
"9Base-RHOL-5.8:openshift-logging/logging-loki-rhel9@sha256:f3eb4fd2cca5ba941e6a1873b35ffb125a123fdb44719893ef4349ffa32c108d_s390x",
"9Base-RHOL-5.8:openshift-logging/logging-view-plugin-rhel9@sha256:39843776aa55f88ceef1628b974235d90312368b064acfeaba78da7502f5e385_amd64",
"9Base-RHOL-5.8:openshift-logging/logging-view-plugin-rhel9@sha256:4064100dfe726ed15ad686a7e172c6f8bb1b676c8b619bcac04ffae22351dab7_arm64",
"9Base-RHOL-5.8:openshift-logging/logging-view-plugin-rhel9@sha256:9240d5405d00377788a20ac952fd7356ee39398ec818627d8a1030e224c81bf0_ppc64le",
"9Base-RHOL-5.8:openshift-logging/logging-view-plugin-rhel9@sha256:d9afad1be8c0e83664d376ba2e5f3de3d1597e6641799188fb91caf63444f9a9_s390x",
"9Base-RHOL-5.8:openshift-logging/loki-operator-bundle@sha256:2e8db8133adbc1fe1943c3fac40d90f3f3c4666820b3f4a07c977b9909eb0745_amd64",
"9Base-RHOL-5.8:openshift-logging/loki-rhel9-operator@sha256:436ac0c2d8570e3d070ad988dd9975df6e22d436641721227ba7716f9b34c6ca_s390x",
"9Base-RHOL-5.8:openshift-logging/loki-rhel9-operator@sha256:a80fccad715ad74bfedaa29339e701c1ec514666a9fda125b7ec984fbfdeac68_arm64",
"9Base-RHOL-5.8:openshift-logging/loki-rhel9-operator@sha256:b3b04b4b8434fbdf85f189e12f5fa02d5ada5e8b443f2e7f27fb47d9ff3d5c77_ppc64le",
"9Base-RHOL-5.8:openshift-logging/loki-rhel9-operator@sha256:be7ef11c660cdca24ae5ca72b6d952703632decdae1c3215ea12933024821024_amd64",
"9Base-RHOL-5.8:openshift-logging/lokistack-gateway-rhel9@sha256:1bd8c25b7c401341b38f7e29884340d8a9cf84a581546b8cc50ddbfe279a3e40_arm64",
"9Base-RHOL-5.8:openshift-logging/lokistack-gateway-rhel9@sha256:2d0fbb9d3494cad96319e2b4e7921b746eac8970999499b5e4f2155318c8fdfc_amd64",
"9Base-RHOL-5.8:openshift-logging/lokistack-gateway-rhel9@sha256:3196ffea1ee3e0533d956262276ab53a07583af237f4755332e018d2c59b7fd3_ppc64le",
"9Base-RHOL-5.8:openshift-logging/lokistack-gateway-rhel9@sha256:e5d95fd73e0791e24d9d7fc7effbf72814a04dd215e89855168785fa9828ff9d_s390x",
"9Base-RHOL-5.8:openshift-logging/opa-openshift-rhel9@sha256:37dd52b741aa3c78bb03ce7ebb4ff3599f9aa7cea0b17217a0d77dfb31e7315e_s390x",
"9Base-RHOL-5.8:openshift-logging/opa-openshift-rhel9@sha256:5c454bf68557e0f761a4a07cc548147485080ac9f9aeaab672be5f15dbe835e2_amd64",
"9Base-RHOL-5.8:openshift-logging/opa-openshift-rhel9@sha256:818935f46bf047aad7a85f7da66fca51fd27cf5e6c7c78045362df7e61a65f3d_ppc64le",
"9Base-RHOL-5.8:openshift-logging/opa-openshift-rhel9@sha256:9d78894c3dde67fde95c3798a6be44250546f3615bd7c2c85c3b78c5b948e969_arm64",
"9Base-RHOL-5.8:openshift-logging/vector-rhel9@sha256:2b5a275b0f1b5c3f6b0d575b98f4c3850b53316882910ee74b16b68c38901308_arm64",
"9Base-RHOL-5.8:openshift-logging/vector-rhel9@sha256:83e1e21fc093a8edcbbf659c6233f279f2736505fb015a2bd0203c2a77ae2132_s390x",
"9Base-RHOL-5.8:openshift-logging/vector-rhel9@sha256:b35f4a364b555214424fa0df5d607c234ec5712c480082f454c010cafe0677b4_amd64",
"9Base-RHOL-5.8:openshift-logging/vector-rhel9@sha256:d6c21081f7adfd4b9eda7af9b5a2692087e985a503b99f6093eaeb45b593ec99_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "dompurify: nesting-based mutation XSS vulnerability"
}
]
}
SSA-212953
Vulnerability from csaf_siemens - Published: 2025-12-09 00:00 - Updated: 2026-03-10 00:00Summary
SSA-212953: Multiple Vulnerabilities in COMOS
Notes
Summary: COMOS is affected by multiple vulnerabilities that could allow an attacker to execute arbitrary code or cause denial of service condition, data infiltration or perform access control violations.
Siemens has released new versions for the affected products and recommends to update to the latest versions.
General Recommendations: As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.
Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity
Additional Resources: For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Terms of Use: The use of Siemens Security Advisories is subject to the terms and conditions listed on: https://www.siemens.com/productcert/terms-of-use.
10.0 (Critical)
8.3 (High)
References
2 references
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited. (TLPv2: TLP:CLEAR)",
"tlp": {
"label": "WHITE"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "COMOS is affected by multiple vulnerabilities that could allow an attacker to execute arbitrary code or cause denial of service condition, data infiltration or perform access control violations. \n\nSiemens has released new versions for the affected products and recommends to update to the latest versions.",
"title": "Summary"
},
{
"category": "general",
"text": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"title": "General Recommendations"
},
{
"category": "general",
"text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The use of Siemens Security Advisories is subject to the terms and conditions listed on: https://www.siemens.com/productcert/terms-of-use.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "productcert@siemens.com",
"name": "Siemens ProductCERT",
"namespace": "https://www.siemens.com"
},
"references": [
{
"category": "self",
"summary": "SSA-212953: Multiple Vulnerabilities in COMOS - HTML Version",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-212953.html"
},
{
"category": "self",
"summary": "SSA-212953: Multiple Vulnerabilities in COMOS - CSAF Version",
"url": "https://cert-portal.siemens.com/productcert/csaf/ssa-212953.json"
}
],
"title": "SSA-212953: Multiple Vulnerabilities in COMOS",
"tracking": {
"current_release_date": "2026-03-10T00:00:00.000Z",
"generator": {
"engine": {
"name": "Siemens ProductCERT CSAF Generator",
"version": "1"
}
},
"id": "SSA-212953",
"initial_release_date": "2025-12-09T00:00:00.000Z",
"revision_history": [
{
"date": "2025-12-09T00:00:00.000Z",
"legacy_version": "1.0",
"number": "1",
"summary": "Publication Date"
},
{
"date": "2026-01-13T00:00:00.000Z",
"legacy_version": "1.1",
"number": "2",
"summary": "Removed CVE-2024-11053 and CVE-2025-10148 from COMOS V10.5.2 as this version line is not affected"
},
{
"date": "2026-02-10T00:00:00.000Z",
"legacy_version": "1.2",
"number": "3",
"summary": "Added fix for COMOS V10.4.5"
},
{
"date": "2026-03-10T00:00:00.000Z",
"legacy_version": "1.3",
"number": "4",
"summary": "Added fix for COMOS V10.6"
}
],
"status": "interim",
"version": "4"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c10.4.5",
"product": {
"name": "COMOS V10.4",
"product_id": "1"
}
},
{
"category": "product_version_range",
"name": "vers:intdot/\u003c10.4.5",
"product": {
"name": "COMOS V10.4",
"product_id": "2"
}
}
],
"category": "product_name",
"name": "COMOS V10.4"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c10.4.5.0.2",
"product": {
"name": "COMOS V10.4.5",
"product_id": "3"
}
}
],
"category": "product_name",
"name": "COMOS V10.4.5"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c10.5.2",
"product": {
"name": "COMOS V10.5",
"product_id": "4"
}
},
{
"category": "product_version_range",
"name": "vers:intdot/\u003c10.5.2",
"product": {
"name": "COMOS V10.5",
"product_id": "5"
}
}
],
"category": "product_name",
"name": "COMOS V10.5"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c10.6.1",
"product": {
"name": "COMOS V10.6",
"product_id": "6"
}
}
],
"category": "product_name",
"name": "COMOS V10.6"
}
],
"category": "vendor",
"name": "Siemens"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-11053",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "summary",
"text": "When asked to both use a `.netrc` file for credentials and to follow HTTP redirects, curl could leak the password used for the first host to the followed-to host under certain circumstances. This flaw only manifests itself if the netrc file has an entry that matches the redirect target hostname but the entry either omits just the password or omits both login and password.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"3",
"6"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V10.6.1 or later version",
"product_ids": [
"6"
],
"url": "https://support.sw.siemens.com/product/222981661/"
},
{
"category": "vendor_fix",
"details": "Contact customer support to receive patch and update information",
"product_ids": [
"3"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"3",
"6"
]
}
],
"title": "CVE-2024-11053"
},
{
"cve": "CVE-2024-47875",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"notes": [
{
"category": "summary",
"text": "DOMPurify is a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMpurify was vulnerable to nesting-based mXSS. This vulnerability is fixed in 2.5.0 and 3.1.3.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"5"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V10.4.5 or later version",
"product_ids": [
"1"
],
"url": "https://support.sw.siemens.com/product/222981661/"
},
{
"category": "vendor_fix",
"details": "Update to V10.5.2 or later version",
"product_ids": [
"5"
],
"url": "https://support.sw.siemens.com/product/222981661/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 10.0,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"5"
]
}
],
"title": "CVE-2024-47875"
},
{
"cve": "CVE-2025-2783",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "Incorrect handle provided in unspecified circumstances in Mojo in Google Chrome on Windows prior to 134.0.6998.177 allowed a remote attacker to perform a sandbox escape via a malicious file.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"2",
"4"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V10.4.5 or later version",
"product_ids": [
"2"
],
"url": "https://support.sw.siemens.com/product/222981661/"
},
{
"category": "vendor_fix",
"details": "Update to V10.5.2 or later version",
"product_ids": [
"4"
],
"url": "https://support.sw.siemens.com/product/222981661/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"2",
"4"
]
}
],
"title": "CVE-2025-2783"
},
{
"cve": "CVE-2025-10148",
"cwe": {
"id": "CWE-340",
"name": "Generation of Predictable Numbers or Identifiers"
},
"notes": [
{
"category": "summary",
"text": "curl\u0027s websocket code did not update the 32 bit mask pattern for each new\n outgoing frame as the specification says. Instead it used a fixed mask that\npersisted and was used throughout the entire connection.\n\nA predictable mask pattern allows for a malicious server to induce traffic\nbetween the two communicating parties that could be interpreted by an involved\nproxy (configured or transparent) as genuine, real, HTTP traffic with content\nand thereby poison its cache. That cached poisoned content could then be\nserved to all users of that proxy.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"3",
"6"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V10.6.1 or later version",
"product_ids": [
"6"
],
"url": "https://support.sw.siemens.com/product/222981661/"
},
{
"category": "vendor_fix",
"details": "Contact customer support to receive patch and update information",
"product_ids": [
"3"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"3",
"6"
]
}
],
"title": "CVE-2025-10148"
},
{
"cve": "CVE-2025-40800",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"notes": [
{
"category": "summary",
"text": "The IAM client in affected products is missing server certificate validation while establishing TLS connections to the authorization server. This could allow an attacker to perform a man-in-the-middle attack.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"6"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V10.6.1 or later version",
"product_ids": [
"6"
],
"url": "https://support.sw.siemens.com/product/222981661/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"6"
]
}
],
"title": "CVE-2025-40800"
},
{
"cve": "CVE-2025-40801",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"notes": [
{
"category": "summary",
"text": "The SALT SDK is missing server certificate validation while establishing TLS connections to the authorization server. This could allow an attacker to perform a man-in-the-middle attack.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"6"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V10.6.1 or later version",
"product_ids": [
"6"
],
"url": "https://support.sw.siemens.com/product/222981661/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"6"
]
}
],
"title": "CVE-2025-40801"
}
]
}
WID-SEC-W-2024-3338
Vulnerability from csaf_certbund - Published: 2024-11-05 23:00 - Updated: 2025-12-04 23:00Summary
Red Hat OpenShift: Mehrere Schwachstelle
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Red Hat OpenShift ist eine "Platform as a Service" (PaaS) Lösung zur Bereitstellung von Applikationen in der Cloud.
Angriff: Ein entfernter, anonymer Angreifer kann mehrere Schwachstelle in Red Hat OpenShift ausnutzen, um einen Cross-Site Scripting Angriff durchzuführen und beliebigen Code auszuführen.
Betroffene Betriebssysteme: - Linux
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat OpenShift Container Platform <4.17.4
Red Hat / OpenShift
|
Container Platform <4.17.4 | ||
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Red Hat OpenShift
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:-
|
— | |
|
Red Hat OpenShift DOMpurify <3.1.3
Red Hat / OpenShift
|
DOMpurify <3.1.3 | ||
|
Red Hat OpenShift DOMpurify <2.5.0
Red Hat / OpenShift
|
DOMpurify <2.5.0 | ||
|
Red Hat OpenShift Container Platform <4.17.15
Red Hat / OpenShift
|
Container Platform <4.17.15 | ||
|
Red Hat OpenShift Container Platform <4.14.41
Red Hat / OpenShift
|
Container Platform <4.14.41 | ||
|
IBM Business Automation Workflow
IBM
|
cpe:/a:ibm:business_automation_workflow:-
|
— | |
|
Red Hat OpenShift Container Platform <4.16.20
Red Hat / OpenShift
|
Container Platform <4.16.20 | ||
|
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4
|
Advanced Cluster Security for Kubernetes 4 | |
|
Red Hat OpenShift Mesh Containers 2.5.6
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:mesh_containers_2.5.6
|
Mesh Containers 2.5.6 | |
|
Red Hat OpenShift Data Foundation <4.14.18
Red Hat / OpenShift
|
Data Foundation <4.14.18 | ||
|
Red Hat OpenShift Container Platform
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform
|
Container Platform |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Business Automation Workflow
IBM
|
cpe:/a:ibm:business_automation_workflow:-
|
— | |
|
Red Hat OpenShift Container Platform <4.14.41
Red Hat / OpenShift
|
Container Platform <4.14.41 | ||
|
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4
|
Advanced Cluster Security for Kubernetes 4 | |
|
Red Hat OpenShift Data Foundation <4.14.18
Red Hat / OpenShift
|
Data Foundation <4.14.18 | ||
|
Red Hat OpenShift Container Platform
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform
|
Container Platform | |
|
Red Hat OpenShift
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:-
|
— | |
|
Red Hat OpenShift Container Platform <4.17.15
Red Hat / OpenShift
|
Container Platform <4.17.15 |
References
27 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Red Hat OpenShift ist eine \"Platform as a Service\" (PaaS) L\u00f6sung zur Bereitstellung von Applikationen in der Cloud.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstelle in Red Hat OpenShift ausnutzen, um einen Cross-Site Scripting Angriff durchzuf\u00fchren und beliebigen Code auszuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-3338 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-3338.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-3338 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3338"
},
{
"category": "external",
"summary": "Red Hat Security Advisory vom 2024-11-05",
"url": "https://access.redhat.com/errata/RHSA-2024:8683"
},
{
"category": "external",
"summary": "GitHub Advisory",
"url": "https://github.com/advisories/GHSA-gx9m-whjm-85jf"
},
{
"category": "external",
"summary": "Proof of Concept (PoC)",
"url": "https://github.com/cure53/DOMPurify/blob/0ef5e537a514f904b6aa1d7ad9e749e365d7185f/test/test-suite.js#L2098"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:9473 vom 2024-11-12",
"url": "https://access.redhat.com/errata/RHSA-2024:9473"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:8981 vom 2024-11-13",
"url": "https://access.redhat.com/errata/RHSA-2024:8981"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:8991 vom 2024-11-13",
"url": "https://access.redhat.com/errata/RHSA-2024:8991"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:9629 vom 2024-11-14",
"url": "https://access.redhat.com/errata/RHSA-2024:9629"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:9620 vom 2024-11-20",
"url": "https://access.redhat.com/errata/RHSA-2024:9620"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:10186 vom 2024-11-22",
"url": "https://access.redhat.com/errata/RHSA-2024:10186"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:0079 vom 2025-01-08",
"url": "https://access.redhat.com/errata/RHSA-2025:0079"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:0329 vom 2025-01-15",
"url": "https://access.redhat.com/errata/RHSA-2025:0329"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:10988 vom 2025-01-15",
"url": "https://access.redhat.com/errata/RHSA-2024:10988"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:0654 vom 2025-01-28",
"url": "https://access.redhat.com/errata/RHSA-2025:0654"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:0875 vom 2025-02-05",
"url": "https://access.redhat.com/errata/RHSA-2025:0875"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:8551 vom 2025-06-05",
"url": "https://access.redhat.com/errata/RHSA-2025:8551"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7241571 vom 2025-08-06",
"url": "https://www.ibm.com/support/pages/node/7241571"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:18233 vom 2025-10-21",
"url": "https://access.redhat.com/errata/RHSA-2025:18233"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:19047 vom 2025-10-29",
"url": "https://access.redhat.com/errata/RHSA-2025:19047"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:19017 vom 2025-10-29",
"url": "https://access.redhat.com/errata/RHSA-2025:19017"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:19003 vom 2025-11-03",
"url": "https://access.redhat.com/errata/RHSA-2025:19003"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:19058 vom 2025-11-03",
"url": "https://access.redhat.com/errata/RHSA-2025:19058"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:19306 vom 2025-11-06",
"url": "https://access.redhat.com/errata/RHSA-2025:19306"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:19314 vom 2025-11-05",
"url": "https://access.redhat.com/errata/RHSA-2025:19314"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:19895 vom 2025-11-13",
"url": "https://access.redhat.com/errata/RHSA-2025:19895"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:22284 vom 2025-12-05",
"url": "https://access.redhat.com/errata/RHSA-2025:22284"
}
],
"source_lang": "en-US",
"title": "Red Hat OpenShift: Mehrere Schwachstelle",
"tracking": {
"current_release_date": "2025-12-04T23:00:00.000+00:00",
"generator": {
"date": "2025-12-05T08:58:03.861+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.5.0"
}
},
"id": "WID-SEC-W-2024-3338",
"initial_release_date": "2024-11-05T23:00:00.000+00:00",
"revision_history": [
{
"date": "2024-11-05T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2024-11-11T23:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-11-12T23:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-11-13T23:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-11-19T23:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-11-20T23:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Red Hat"
},
{
"date": "2024-11-21T23:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-01-07T23:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-01-14T23:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-01-15T23:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-01-27T23:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-02-04T23:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-06-04T22:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-08-06T22:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-10-21T22:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-10-29T23:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-11-03T23:00:00.000+00:00",
"number": "17",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-11-06T23:00:00.000+00:00",
"number": "18",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-11-09T23:00:00.000+00:00",
"number": "19",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-11-12T23:00:00.000+00:00",
"number": "20",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-12-04T23:00:00.000+00:00",
"number": "21",
"summary": "Neue Updates von Red Hat aufgenommen"
}
],
"status": "final",
"version": "21"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "IBM Business Automation Workflow",
"product": {
"name": "IBM Business Automation Workflow",
"product_id": "T043411",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:business_automation_workflow:-"
}
}
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
},
{
"category": "product_version",
"name": "Advanced Cluster Security for Kubernetes 4",
"product": {
"name": "Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4",
"product_id": "T027916",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4"
}
}
}
],
"category": "product_name",
"name": "Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "Container Platform",
"product": {
"name": "Red Hat OpenShift Container Platform",
"product_id": "T025202",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:container_platform"
}
}
},
{
"category": "product_name",
"name": "Red Hat OpenShift",
"product": {
"name": "Red Hat OpenShift",
"product_id": "T034477",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:-"
}
}
},
{
"category": "product_version_range",
"name": "Container Platform \u003c4.16.20",
"product": {
"name": "Red Hat OpenShift Container Platform \u003c4.16.20",
"product_id": "T038770"
}
},
{
"category": "product_version",
"name": "Container Platform 4.16.20",
"product": {
"name": "Red Hat OpenShift Container Platform 4.16.20",
"product_id": "T038770-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:container_platform__4.16.20"
}
}
},
{
"category": "product_version_range",
"name": "DOMpurify \u003c2.5.0",
"product": {
"name": "Red Hat OpenShift DOMpurify \u003c2.5.0",
"product_id": "T038771"
}
},
{
"category": "product_version",
"name": "DOMpurify 2.5.0",
"product": {
"name": "Red Hat OpenShift DOMpurify 2.5.0",
"product_id": "T038771-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:dompurify__2.5.0"
}
}
},
{
"category": "product_version_range",
"name": "DOMpurify \u003c3.1.3",
"product": {
"name": "Red Hat OpenShift DOMpurify \u003c3.1.3",
"product_id": "T038772"
}
},
{
"category": "product_version",
"name": "DOMpurify 3.1.3",
"product": {
"name": "Red Hat OpenShift DOMpurify 3.1.3",
"product_id": "T038772-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:dompurify__3.1.3"
}
}
},
{
"category": "product_version_range",
"name": "Container Platform \u003c4.17.4",
"product": {
"name": "Red Hat OpenShift Container Platform \u003c4.17.4",
"product_id": "T038989"
}
},
{
"category": "product_version",
"name": "Container Platform 4.17.4",
"product": {
"name": "Red Hat OpenShift Container Platform 4.17.4",
"product_id": "T038989-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:container_platform__4.17.4"
}
}
},
{
"category": "product_version",
"name": "Mesh Containers 2.5.6",
"product": {
"name": "Red Hat OpenShift Mesh Containers 2.5.6",
"product_id": "T039182",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:mesh_containers_2.5.6"
}
}
},
{
"category": "product_version_range",
"name": "Container Platform \u003c4.14.41",
"product": {
"name": "Red Hat OpenShift Container Platform \u003c4.14.41",
"product_id": "T039273"
}
},
{
"category": "product_version",
"name": "Container Platform 4.14.41",
"product": {
"name": "Red Hat OpenShift Container Platform 4.14.41",
"product_id": "T039273-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:container_platform__4.14.41"
}
}
},
{
"category": "product_version_range",
"name": "Container Platform \u003c4.17.15",
"product": {
"name": "Red Hat OpenShift Container Platform \u003c4.17.15",
"product_id": "T040819"
}
},
{
"category": "product_version",
"name": "Container Platform 4.17.15",
"product": {
"name": "Red Hat OpenShift Container Platform 4.17.15",
"product_id": "T040819-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:container_platform__4.17.15"
}
}
},
{
"category": "product_version_range",
"name": "Data Foundation \u003c4.14.18",
"product": {
"name": "Red Hat OpenShift Data Foundation \u003c4.14.18",
"product_id": "T044338"
}
},
{
"category": "product_version",
"name": "Data Foundation 4.14.18",
"product": {
"name": "Red Hat OpenShift Data Foundation 4.14.18",
"product_id": "T044338-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:data_foundation__4.14.18"
}
}
}
],
"category": "product_name",
"name": "OpenShift"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-47875",
"product_status": {
"known_affected": [
"T038989",
"67646",
"T034477",
"T038772",
"T038771",
"T040819",
"T039273",
"T043411",
"T038770",
"T027916",
"T039182",
"T044338",
"T025202"
]
},
"release_date": "2024-11-05T23:00:00.000+00:00",
"title": "CVE-2024-47875"
},
{
"cve": "CVE-2024-48910",
"product_status": {
"known_affected": [
"T043411",
"T039273",
"T027916",
"T044338",
"T025202",
"T034477",
"T040819"
]
},
"release_date": "2024-11-19T23:00:00.000+00:00",
"title": "CVE-2024-48910"
}
]
}
WID-SEC-W-2024-3542
Vulnerability from csaf_certbund - Published: 2024-11-25 23:00 - Updated: 2026-02-04 23:00Summary
Red Hat OpenShift: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Red Hat OpenShift ist eine "Platform as a Service" (PaaS) Lösung zur Bereitstellung von Applikationen in der Cloud.
Angriff: Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Red Hat OpenShift ausnutzen, um Dateien zu manipulieren, um Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand zu erzeugen, beliebigen Code auszuführen und einen Cross-Site-Scripting-Angriff durchzuführen.
Betroffene Betriebssysteme: - Sonstiges
- UNIX
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Red Hat OpenShift Serverless Logic <1.35.0
Red Hat / OpenShift
|
Serverless Logic <1.35.0 | ||
|
Red Hat OpenShift Dev Spaces <3.17
Red Hat / OpenShift
|
Dev Spaces <3.17 | ||
|
Atlassian Bitbucket <9.4.13 (LTS)
Atlassian / Bitbucket
|
<9.4.13 (LTS) | ||
|
Atlassian Bitbucket <8.19.25 (LTS)
Atlassian / Bitbucket
|
<8.19.25 (LTS) | ||
|
Atlassian Bitbucket <10.0.2
Atlassian / Bitbucket
|
<10.0.2 |
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Red Hat OpenShift Serverless Logic <1.35.0
Red Hat / OpenShift
|
Serverless Logic <1.35.0 | ||
|
Red Hat OpenShift Dev Spaces <3.17
Red Hat / OpenShift
|
Dev Spaces <3.17 | ||
|
Atlassian Bitbucket <9.4.13 (LTS)
Atlassian / Bitbucket
|
<9.4.13 (LTS) | ||
|
Atlassian Bitbucket <8.19.25 (LTS)
Atlassian / Bitbucket
|
<8.19.25 (LTS) | ||
|
Atlassian Bitbucket <10.0.2
Atlassian / Bitbucket
|
<10.0.2 |
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Red Hat OpenShift Serverless Logic <1.35.0
Red Hat / OpenShift
|
Serverless Logic <1.35.0 | ||
|
Red Hat OpenShift Dev Spaces <3.17
Red Hat / OpenShift
|
Dev Spaces <3.17 | ||
|
Atlassian Bitbucket <9.4.13 (LTS)
Atlassian / Bitbucket
|
<9.4.13 (LTS) | ||
|
Atlassian Bitbucket <8.19.25 (LTS)
Atlassian / Bitbucket
|
<8.19.25 (LTS) | ||
|
Atlassian Bitbucket <10.0.2
Atlassian / Bitbucket
|
<10.0.2 |
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Red Hat OpenShift Serverless Logic <1.35.0
Red Hat / OpenShift
|
Serverless Logic <1.35.0 | ||
|
Red Hat OpenShift Dev Spaces <3.17
Red Hat / OpenShift
|
Dev Spaces <3.17 | ||
|
Atlassian Bitbucket <9.4.13 (LTS)
Atlassian / Bitbucket
|
<9.4.13 (LTS) | ||
|
Atlassian Bitbucket <8.19.25 (LTS)
Atlassian / Bitbucket
|
<8.19.25 (LTS) | ||
|
Atlassian Bitbucket <10.0.2
Atlassian / Bitbucket
|
<10.0.2 |
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Red Hat OpenShift Serverless Logic <1.35.0
Red Hat / OpenShift
|
Serverless Logic <1.35.0 | ||
|
Red Hat OpenShift Dev Spaces <3.17
Red Hat / OpenShift
|
Dev Spaces <3.17 | ||
|
Atlassian Bitbucket <9.4.13 (LTS)
Atlassian / Bitbucket
|
<9.4.13 (LTS) | ||
|
Atlassian Bitbucket <8.19.25 (LTS)
Atlassian / Bitbucket
|
<8.19.25 (LTS) | ||
|
Atlassian Bitbucket <10.0.2
Atlassian / Bitbucket
|
<10.0.2 |
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Red Hat OpenShift Serverless Logic <1.35.0
Red Hat / OpenShift
|
Serverless Logic <1.35.0 | ||
|
Red Hat OpenShift Dev Spaces <3.17
Red Hat / OpenShift
|
Dev Spaces <3.17 | ||
|
Atlassian Bitbucket <9.4.13 (LTS)
Atlassian / Bitbucket
|
<9.4.13 (LTS) | ||
|
Atlassian Bitbucket <8.19.25 (LTS)
Atlassian / Bitbucket
|
<8.19.25 (LTS) | ||
|
Atlassian Bitbucket <10.0.2
Atlassian / Bitbucket
|
<10.0.2 |
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Red Hat OpenShift Serverless Logic <1.35.0
Red Hat / OpenShift
|
Serverless Logic <1.35.0 | ||
|
Red Hat OpenShift Dev Spaces <3.17
Red Hat / OpenShift
|
Dev Spaces <3.17 | ||
|
Atlassian Bitbucket <9.4.13 (LTS)
Atlassian / Bitbucket
|
<9.4.13 (LTS) | ||
|
Atlassian Bitbucket <8.19.25 (LTS)
Atlassian / Bitbucket
|
<8.19.25 (LTS) | ||
|
Atlassian Bitbucket <10.0.2
Atlassian / Bitbucket
|
<10.0.2 |
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Red Hat OpenShift Serverless Logic <1.35.0
Red Hat / OpenShift
|
Serverless Logic <1.35.0 | ||
|
Red Hat OpenShift Dev Spaces <3.17
Red Hat / OpenShift
|
Dev Spaces <3.17 | ||
|
Atlassian Bitbucket <9.4.13 (LTS)
Atlassian / Bitbucket
|
<9.4.13 (LTS) | ||
|
Atlassian Bitbucket <8.19.25 (LTS)
Atlassian / Bitbucket
|
<8.19.25 (LTS) | ||
|
Atlassian Bitbucket <10.0.2
Atlassian / Bitbucket
|
<10.0.2 |
References
9 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Red Hat OpenShift ist eine \"Platform as a Service\" (PaaS) L\u00f6sung zur Bereitstellung von Applikationen in der Cloud.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Red Hat OpenShift ausnutzen, um Dateien zu manipulieren, um Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand zu erzeugen, beliebigen Code auszuf\u00fchren und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges\n- UNIX",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-3542 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-3542.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-3542 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3542"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:10236 vom 2024-11-25",
"url": "https://access.redhat.com/errata/RHSA-2024:10236"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:10857 vom 2024-12-05",
"url": "https://access.redhat.com/errata/RHSA-2024:10857"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:10865 vom 2024-12-05",
"url": "https://access.redhat.com/errata/RHSA-2024:10865"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:11293 vom 2024-12-17",
"url": "https://access.redhat.com/errata/RHSA-2024:11293"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:0664 vom 2025-01-23",
"url": "https://access.redhat.com/errata/RHSA-2025:0664"
},
{
"category": "external",
"summary": "Atlassian Security Bulletin - November 18 2025",
"url": "https://confluence.atlassian.com/security/security-bulletin-november-18-2025-1671463469.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:1942 vom 2026-02-04",
"url": "https://access.redhat.com/errata/RHSA-2026:1942"
}
],
"source_lang": "en-US",
"title": "Red Hat OpenShift: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2026-02-04T23:00:00.000+00:00",
"generator": {
"date": "2026-02-05T09:59:24.675+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.5.0"
}
},
"id": "WID-SEC-W-2024-3542",
"initial_release_date": "2024-11-25T23:00:00.000+00:00",
"revision_history": [
{
"date": "2024-11-25T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2024-12-05T23:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-12-17T23:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-01-23T23:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-09-16T22:00:00.000+00:00",
"number": "5",
"summary": "Referenz(en) aufgenommen: EUVD-2025-29356, EUVD-2025-29357"
},
{
"date": "2025-11-18T23:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2026-02-04T23:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von Red Hat aufgenommen"
}
],
"status": "final",
"version": "7"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.2",
"product": {
"name": "Atlassian Bitbucket \u003c10.0.2",
"product_id": "T048675"
}
},
{
"category": "product_version",
"name": "10.0.2",
"product": {
"name": "Atlassian Bitbucket 10.0.2",
"product_id": "T048675-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bitbucket:10.0.2"
}
}
},
{
"category": "product_version_range",
"name": "\u003c8.19.25 (LTS)",
"product": {
"name": "Atlassian Bitbucket \u003c8.19.25 (LTS)",
"product_id": "T048676"
}
},
{
"category": "product_version",
"name": "8.19.25 (LTS)",
"product": {
"name": "Atlassian Bitbucket 8.19.25 (LTS)",
"product_id": "T048676-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bitbucket:8.19.25_%28lts%29"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.4.13 (LTS)",
"product": {
"name": "Atlassian Bitbucket \u003c9.4.13 (LTS)",
"product_id": "T048677"
}
},
{
"category": "product_version",
"name": "9.4.13 (LTS)",
"product": {
"name": "Atlassian Bitbucket 9.4.13 (LTS)",
"product_id": "T048677-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bitbucket:9.4.13_%28lts%29"
}
}
}
],
"category": "product_name",
"name": "Bitbucket"
}
],
"category": "vendor",
"name": "Atlassian"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
},
{
"branches": [
{
"category": "product_version_range",
"name": "Dev Spaces \u003c3.17",
"product": {
"name": "Red Hat OpenShift Dev Spaces \u003c3.17",
"product_id": "T039431"
}
},
{
"category": "product_version",
"name": "Dev Spaces 3.17",
"product": {
"name": "Red Hat OpenShift Dev Spaces 3.17",
"product_id": "T039431-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:dev_spaces__3.17"
}
}
},
{
"category": "product_version_range",
"name": "Serverless Logic \u003c1.35.0",
"product": {
"name": "Red Hat OpenShift Serverless Logic \u003c1.35.0",
"product_id": "T040597"
}
},
{
"category": "product_version",
"name": "Serverless Logic 1.35.0",
"product": {
"name": "Red Hat OpenShift Serverless Logic 1.35.0",
"product_id": "T040597-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:serverless_logic__1.35.0"
}
}
}
],
"category": "product_name",
"name": "OpenShift"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-42282",
"product_status": {
"known_affected": [
"67646",
"T040597",
"T039431",
"T048677",
"T048676",
"T048675"
]
},
"release_date": "2024-11-25T23:00:00.000+00:00",
"title": "CVE-2023-42282"
},
{
"cve": "CVE-2024-29415",
"product_status": {
"known_affected": [
"67646",
"T040597",
"T039431",
"T048677",
"T048676",
"T048675"
]
},
"release_date": "2024-11-25T23:00:00.000+00:00",
"title": "CVE-2024-29415"
},
{
"cve": "CVE-2024-21534",
"product_status": {
"known_affected": [
"67646",
"T040597",
"T039431",
"T048677",
"T048676",
"T048675"
]
},
"release_date": "2024-11-25T23:00:00.000+00:00",
"title": "CVE-2024-21534"
},
{
"cve": "CVE-2024-34156",
"product_status": {
"known_affected": [
"67646",
"T040597",
"T039431",
"T048677",
"T048676",
"T048675"
]
},
"release_date": "2024-11-25T23:00:00.000+00:00",
"title": "CVE-2024-34156"
},
{
"cve": "CVE-2024-45296",
"product_status": {
"known_affected": [
"67646",
"T040597",
"T039431",
"T048677",
"T048676",
"T048675"
]
},
"release_date": "2024-11-25T23:00:00.000+00:00",
"title": "CVE-2024-45296"
},
{
"cve": "CVE-2024-45813",
"product_status": {
"known_affected": [
"67646",
"T040597",
"T039431",
"T048677",
"T048676",
"T048675"
]
},
"release_date": "2024-11-25T23:00:00.000+00:00",
"title": "CVE-2024-45813"
},
{
"cve": "CVE-2024-47875",
"product_status": {
"known_affected": [
"67646",
"T040597",
"T039431",
"T048677",
"T048676",
"T048675"
]
},
"release_date": "2024-11-25T23:00:00.000+00:00",
"title": "CVE-2024-47875"
},
{
"cve": "CVE-2024-48949",
"product_status": {
"known_affected": [
"67646",
"T040597",
"T039431",
"T048677",
"T048676",
"T048675"
]
},
"release_date": "2024-11-25T23:00:00.000+00:00",
"title": "CVE-2024-48949"
}
]
}
WID-SEC-W-2025-0043
Vulnerability from csaf_certbund - Published: 2025-01-12 23:00 - Updated: 2025-03-17 23:00Summary
IBM QRadar SIEM (Log Source Management App): Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: IBM QRadar Security Information and Event Management (SIEM) bietet Unterstützung bei der Erkennung und Priorisierung von Sicherheitsbedrohungen im Unternehmen.
Angriff: Ein entfernter anonymer Angreifer kann mehrere Schwachstellen in IBM QRadar SIEM ausnutzen, um einen Cross-Site-Scripting-Angriff zu starten, beliebigen Code auszuführen, einen Denial-of-Service-Zustand zu erzeugen, Daten zu manipulieren, vertrauliche Informationen offenzulegen und Sicherheitsmaßnahmen zu umgehen.
Betroffene Betriebssysteme: - Sonstiges
- UNIX
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM App Connect Enterprise <12.0.12.10
IBM / App Connect Enterprise
|
<12.0.12.10 | ||
|
IBM App Connect Enterprise <13.0.2.1
IBM / App Connect Enterprise
|
<13.0.2.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM Log Source Management App <7.0.11
IBM / QRadar SIEM
|
Log Source Management App <7.0.11 | ||
|
IBM QRadar SIEM Data Synchronization App <3.2.1
IBM / QRadar SIEM
|
Data Synchronization App <3.2.1 | ||
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM App Connect Enterprise <12.0.12.10
IBM / App Connect Enterprise
|
<12.0.12.10 | ||
|
IBM App Connect Enterprise <13.0.2.1
IBM / App Connect Enterprise
|
<13.0.2.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM Log Source Management App <7.0.11
IBM / QRadar SIEM
|
Log Source Management App <7.0.11 | ||
|
IBM QRadar SIEM Data Synchronization App <3.2.1
IBM / QRadar SIEM
|
Data Synchronization App <3.2.1 | ||
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM App Connect Enterprise <12.0.12.10
IBM / App Connect Enterprise
|
<12.0.12.10 | ||
|
IBM App Connect Enterprise <13.0.2.1
IBM / App Connect Enterprise
|
<13.0.2.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM Log Source Management App <7.0.11
IBM / QRadar SIEM
|
Log Source Management App <7.0.11 | ||
|
IBM QRadar SIEM Data Synchronization App <3.2.1
IBM / QRadar SIEM
|
Data Synchronization App <3.2.1 | ||
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM App Connect Enterprise <12.0.12.10
IBM / App Connect Enterprise
|
<12.0.12.10 | ||
|
IBM App Connect Enterprise <13.0.2.1
IBM / App Connect Enterprise
|
<13.0.2.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM Log Source Management App <7.0.11
IBM / QRadar SIEM
|
Log Source Management App <7.0.11 | ||
|
IBM QRadar SIEM Data Synchronization App <3.2.1
IBM / QRadar SIEM
|
Data Synchronization App <3.2.1 | ||
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM App Connect Enterprise <12.0.12.10
IBM / App Connect Enterprise
|
<12.0.12.10 | ||
|
IBM App Connect Enterprise <13.0.2.1
IBM / App Connect Enterprise
|
<13.0.2.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM Log Source Management App <7.0.11
IBM / QRadar SIEM
|
Log Source Management App <7.0.11 | ||
|
IBM QRadar SIEM Data Synchronization App <3.2.1
IBM / QRadar SIEM
|
Data Synchronization App <3.2.1 | ||
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM App Connect Enterprise <12.0.12.10
IBM / App Connect Enterprise
|
<12.0.12.10 | ||
|
IBM App Connect Enterprise <13.0.2.1
IBM / App Connect Enterprise
|
<13.0.2.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM Log Source Management App <7.0.11
IBM / QRadar SIEM
|
Log Source Management App <7.0.11 | ||
|
IBM QRadar SIEM Data Synchronization App <3.2.1
IBM / QRadar SIEM
|
Data Synchronization App <3.2.1 | ||
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM App Connect Enterprise <12.0.12.10
IBM / App Connect Enterprise
|
<12.0.12.10 | ||
|
IBM App Connect Enterprise <13.0.2.1
IBM / App Connect Enterprise
|
<13.0.2.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM Log Source Management App <7.0.11
IBM / QRadar SIEM
|
Log Source Management App <7.0.11 | ||
|
IBM QRadar SIEM Data Synchronization App <3.2.1
IBM / QRadar SIEM
|
Data Synchronization App <3.2.1 | ||
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM App Connect Enterprise <12.0.12.10
IBM / App Connect Enterprise
|
<12.0.12.10 | ||
|
IBM App Connect Enterprise <13.0.2.1
IBM / App Connect Enterprise
|
<13.0.2.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM Log Source Management App <7.0.11
IBM / QRadar SIEM
|
Log Source Management App <7.0.11 | ||
|
IBM QRadar SIEM Data Synchronization App <3.2.1
IBM / QRadar SIEM
|
Data Synchronization App <3.2.1 | ||
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM App Connect Enterprise <12.0.12.10
IBM / App Connect Enterprise
|
<12.0.12.10 | ||
|
IBM App Connect Enterprise <13.0.2.1
IBM / App Connect Enterprise
|
<13.0.2.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM Log Source Management App <7.0.11
IBM / QRadar SIEM
|
Log Source Management App <7.0.11 | ||
|
IBM QRadar SIEM Data Synchronization App <3.2.1
IBM / QRadar SIEM
|
Data Synchronization App <3.2.1 | ||
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM App Connect Enterprise <12.0.12.10
IBM / App Connect Enterprise
|
<12.0.12.10 | ||
|
IBM App Connect Enterprise <13.0.2.1
IBM / App Connect Enterprise
|
<13.0.2.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM Log Source Management App <7.0.11
IBM / QRadar SIEM
|
Log Source Management App <7.0.11 | ||
|
IBM QRadar SIEM Data Synchronization App <3.2.1
IBM / QRadar SIEM
|
Data Synchronization App <3.2.1 | ||
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM App Connect Enterprise <12.0.12.10
IBM / App Connect Enterprise
|
<12.0.12.10 | ||
|
IBM App Connect Enterprise <13.0.2.1
IBM / App Connect Enterprise
|
<13.0.2.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM Log Source Management App <7.0.11
IBM / QRadar SIEM
|
Log Source Management App <7.0.11 | ||
|
IBM QRadar SIEM Data Synchronization App <3.2.1
IBM / QRadar SIEM
|
Data Synchronization App <3.2.1 | ||
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM App Connect Enterprise <12.0.12.10
IBM / App Connect Enterprise
|
<12.0.12.10 | ||
|
IBM App Connect Enterprise <13.0.2.1
IBM / App Connect Enterprise
|
<13.0.2.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM Log Source Management App <7.0.11
IBM / QRadar SIEM
|
Log Source Management App <7.0.11 | ||
|
IBM QRadar SIEM Data Synchronization App <3.2.1
IBM / QRadar SIEM
|
Data Synchronization App <3.2.1 | ||
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM App Connect Enterprise <12.0.12.10
IBM / App Connect Enterprise
|
<12.0.12.10 | ||
|
IBM App Connect Enterprise <13.0.2.1
IBM / App Connect Enterprise
|
<13.0.2.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM Log Source Management App <7.0.11
IBM / QRadar SIEM
|
Log Source Management App <7.0.11 | ||
|
IBM QRadar SIEM Data Synchronization App <3.2.1
IBM / QRadar SIEM
|
Data Synchronization App <3.2.1 | ||
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM App Connect Enterprise <12.0.12.10
IBM / App Connect Enterprise
|
<12.0.12.10 | ||
|
IBM App Connect Enterprise <13.0.2.1
IBM / App Connect Enterprise
|
<13.0.2.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM Log Source Management App <7.0.11
IBM / QRadar SIEM
|
Log Source Management App <7.0.11 | ||
|
IBM QRadar SIEM Data Synchronization App <3.2.1
IBM / QRadar SIEM
|
Data Synchronization App <3.2.1 | ||
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM App Connect Enterprise <12.0.12.10
IBM / App Connect Enterprise
|
<12.0.12.10 | ||
|
IBM App Connect Enterprise <13.0.2.1
IBM / App Connect Enterprise
|
<13.0.2.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM Log Source Management App <7.0.11
IBM / QRadar SIEM
|
Log Source Management App <7.0.11 | ||
|
IBM QRadar SIEM Data Synchronization App <3.2.1
IBM / QRadar SIEM
|
Data Synchronization App <3.2.1 | ||
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM App Connect Enterprise <12.0.12.10
IBM / App Connect Enterprise
|
<12.0.12.10 | ||
|
IBM App Connect Enterprise <13.0.2.1
IBM / App Connect Enterprise
|
<13.0.2.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM Log Source Management App <7.0.11
IBM / QRadar SIEM
|
Log Source Management App <7.0.11 | ||
|
IBM QRadar SIEM Data Synchronization App <3.2.1
IBM / QRadar SIEM
|
Data Synchronization App <3.2.1 | ||
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM App Connect Enterprise <12.0.12.10
IBM / App Connect Enterprise
|
<12.0.12.10 | ||
|
IBM App Connect Enterprise <13.0.2.1
IBM / App Connect Enterprise
|
<13.0.2.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM Log Source Management App <7.0.11
IBM / QRadar SIEM
|
Log Source Management App <7.0.11 | ||
|
IBM QRadar SIEM Data Synchronization App <3.2.1
IBM / QRadar SIEM
|
Data Synchronization App <3.2.1 | ||
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM App Connect Enterprise <12.0.12.10
IBM / App Connect Enterprise
|
<12.0.12.10 | ||
|
IBM App Connect Enterprise <13.0.2.1
IBM / App Connect Enterprise
|
<13.0.2.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM Log Source Management App <7.0.11
IBM / QRadar SIEM
|
Log Source Management App <7.0.11 | ||
|
IBM QRadar SIEM Data Synchronization App <3.2.1
IBM / QRadar SIEM
|
Data Synchronization App <3.2.1 | ||
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM App Connect Enterprise <12.0.12.10
IBM / App Connect Enterprise
|
<12.0.12.10 | ||
|
IBM App Connect Enterprise <13.0.2.1
IBM / App Connect Enterprise
|
<13.0.2.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM Log Source Management App <7.0.11
IBM / QRadar SIEM
|
Log Source Management App <7.0.11 | ||
|
IBM QRadar SIEM Data Synchronization App <3.2.1
IBM / QRadar SIEM
|
Data Synchronization App <3.2.1 | ||
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM App Connect Enterprise <12.0.12.10
IBM / App Connect Enterprise
|
<12.0.12.10 | ||
|
IBM App Connect Enterprise <13.0.2.1
IBM / App Connect Enterprise
|
<13.0.2.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM Log Source Management App <7.0.11
IBM / QRadar SIEM
|
Log Source Management App <7.0.11 | ||
|
IBM QRadar SIEM Data Synchronization App <3.2.1
IBM / QRadar SIEM
|
Data Synchronization App <3.2.1 | ||
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM App Connect Enterprise <12.0.12.10
IBM / App Connect Enterprise
|
<12.0.12.10 | ||
|
IBM App Connect Enterprise <13.0.2.1
IBM / App Connect Enterprise
|
<13.0.2.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM Log Source Management App <7.0.11
IBM / QRadar SIEM
|
Log Source Management App <7.0.11 | ||
|
IBM QRadar SIEM Data Synchronization App <3.2.1
IBM / QRadar SIEM
|
Data Synchronization App <3.2.1 | ||
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM App Connect Enterprise <12.0.12.10
IBM / App Connect Enterprise
|
<12.0.12.10 | ||
|
IBM App Connect Enterprise <13.0.2.1
IBM / App Connect Enterprise
|
<13.0.2.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM Log Source Management App <7.0.11
IBM / QRadar SIEM
|
Log Source Management App <7.0.11 | ||
|
IBM QRadar SIEM Data Synchronization App <3.2.1
IBM / QRadar SIEM
|
Data Synchronization App <3.2.1 | ||
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM App Connect Enterprise <12.0.12.10
IBM / App Connect Enterprise
|
<12.0.12.10 | ||
|
IBM App Connect Enterprise <13.0.2.1
IBM / App Connect Enterprise
|
<13.0.2.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM 7.5.0
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5.0
|
7.5.0 | |
|
IBM QRadar SIEM Log Source Management App <7.0.11
IBM / QRadar SIEM
|
Log Source Management App <7.0.11 | ||
|
IBM QRadar SIEM Data Synchronization App <3.2.1
IBM / QRadar SIEM
|
Data Synchronization App <3.2.1 | ||
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— |
References
10 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "IBM QRadar Security Information and Event Management (SIEM) bietet Unterst\u00fctzung bei der Erkennung und Priorisierung von Sicherheitsbedrohungen im Unternehmen.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter anonymer Angreifer kann mehrere Schwachstellen in IBM QRadar SIEM ausnutzen, um einen Cross-Site-Scripting-Angriff zu starten, beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand zu erzeugen, Daten zu manipulieren, vertrauliche Informationen offenzulegen und Sicherheitsma\u00dfnahmen zu umgehen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges\n- UNIX",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-0043 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0043.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-0043 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0043"
},
{
"category": "external",
"summary": "IBM Security Bulletin vom 2025-01-12",
"url": "https://www.ibm.com/support/pages/node/7180725"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7181570 vom 2025-01-24",
"url": "https://www.ibm.com/support/pages/node/7181570"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7181915 vom 2025-01-29",
"url": "https://www.ibm.com/support/pages/node/7181915"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:0892 vom 2025-02-03",
"url": "https://access.redhat.com/errata/RHSA-2025:0892"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:1051 vom 2025-02-05",
"url": "https://access.redhat.com/errata/RHSA-2025:1051"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7184092 vom 2025-02-25",
"url": "https://www.ibm.com/support/pages/node/7184092"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7184955 vom 2025-03-06",
"url": "https://www.ibm.com/support/pages/node/7184955"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7186423 vom 2025-03-17",
"url": "https://www.ibm.com/support/pages/node/7186423"
}
],
"source_lang": "en-US",
"title": "IBM QRadar SIEM (Log Source Management App): Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-03-17T23:00:00.000+00:00",
"generator": {
"date": "2025-03-18T09:12:53.448+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.12"
}
},
"id": "WID-SEC-W-2025-0043",
"initial_release_date": "2025-01-12T23:00:00.000+00:00",
"revision_history": [
{
"date": "2025-01-12T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2025-01-23T23:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-01-29T23:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-02-02T23:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-02-04T23:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-02-25T23:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-02-27T23:00:00.000+00:00",
"number": "7",
"summary": "Produktzuordnung korrigiert"
},
{
"date": "2025-03-06T23:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-03-17T23:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von IBM aufgenommen"
}
],
"status": "final",
"version": "9"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "IBM App Connect Enterprise",
"product": {
"name": "IBM App Connect Enterprise",
"product_id": "T032495",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:app_connect_enterprise:-"
}
}
},
{
"category": "product_version_range",
"name": "\u003c13.0.2.1",
"product": {
"name": "IBM App Connect Enterprise \u003c13.0.2.1",
"product_id": "T040605"
}
},
{
"category": "product_version",
"name": "13.0.2.1",
"product": {
"name": "IBM App Connect Enterprise 13.0.2.1",
"product_id": "T040605-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:app_connect_enterprise:13.0.2.1"
}
}
},
{
"category": "product_version_range",
"name": "\u003c12.0.12.10",
"product": {
"name": "IBM App Connect Enterprise \u003c12.0.12.10",
"product_id": "T040606"
}
},
{
"category": "product_version",
"name": "12.0.12.10",
"product": {
"name": "IBM App Connect Enterprise 12.0.12.10",
"product_id": "T040606-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:app_connect_enterprise:12.0.12.10"
}
}
}
],
"category": "product_name",
"name": "App Connect Enterprise"
},
{
"branches": [
{
"category": "product_version_range",
"name": "Log Source Management App \u003c7.0.11",
"product": {
"name": "IBM QRadar SIEM Log Source Management App \u003c7.0.11",
"product_id": "T040117"
}
},
{
"category": "product_version",
"name": "Log Source Management App 7.0.11",
"product": {
"name": "IBM QRadar SIEM Log Source Management App 7.0.11",
"product_id": "T040117-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:qradar_siem:log_source_management_app__7.0.11"
}
}
},
{
"category": "product_version",
"name": "7.5.0",
"product": {
"name": "IBM QRadar SIEM 7.5.0",
"product_id": "T041207",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:qradar_siem:7.5.0"
}
}
},
{
"category": "product_version_range",
"name": "Data Synchronization App \u003c3.2.1",
"product": {
"name": "IBM QRadar SIEM Data Synchronization App \u003c3.2.1",
"product_id": "T041488"
}
},
{
"category": "product_version",
"name": "Data Synchronization App 3.2.1",
"product": {
"name": "IBM QRadar SIEM Data Synchronization App 3.2.1",
"product_id": "T041488-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:qradar_siem:data_synchronization_app__3.2.1"
}
}
}
],
"category": "product_name",
"name": "QRadar SIEM"
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-43788",
"product_status": {
"known_affected": [
"T040606",
"T040605",
"67646",
"T041207",
"T040117",
"T041488",
"T032495"
]
},
"release_date": "2025-01-12T23:00:00.000+00:00",
"title": "CVE-2024-43788"
},
{
"cve": "CVE-2024-43796",
"product_status": {
"known_affected": [
"T040606",
"T040605",
"67646",
"T041207",
"T040117",
"T041488",
"T032495"
]
},
"release_date": "2025-01-12T23:00:00.000+00:00",
"title": "CVE-2024-43796"
},
{
"cve": "CVE-2024-43799",
"product_status": {
"known_affected": [
"T040606",
"T040605",
"67646",
"T041207",
"T040117",
"T041488",
"T032495"
]
},
"release_date": "2025-01-12T23:00:00.000+00:00",
"title": "CVE-2024-43799"
},
{
"cve": "CVE-2024-43800",
"product_status": {
"known_affected": [
"T040606",
"T040605",
"67646",
"T041207",
"T040117",
"T041488",
"T032495"
]
},
"release_date": "2025-01-12T23:00:00.000+00:00",
"title": "CVE-2024-43800"
},
{
"cve": "CVE-2024-47068",
"product_status": {
"known_affected": [
"T040606",
"T040605",
"67646",
"T041207",
"T040117",
"T041488",
"T032495"
]
},
"release_date": "2025-01-12T23:00:00.000+00:00",
"title": "CVE-2024-47068"
},
{
"cve": "CVE-2024-47875",
"product_status": {
"known_affected": [
"T040606",
"T040605",
"67646",
"T041207",
"T040117",
"T041488",
"T032495"
]
},
"release_date": "2025-01-12T23:00:00.000+00:00",
"title": "CVE-2024-47875"
},
{
"cve": "CVE-2024-21536",
"product_status": {
"known_affected": [
"T040606",
"T040605",
"67646",
"T041207",
"T040117",
"T041488",
"T032495"
]
},
"release_date": "2025-01-12T23:00:00.000+00:00",
"title": "CVE-2024-21536"
},
{
"cve": "CVE-2024-21538",
"product_status": {
"known_affected": [
"T040606",
"T040605",
"67646",
"T041207",
"T040117",
"T041488",
"T032495"
]
},
"release_date": "2025-01-12T23:00:00.000+00:00",
"title": "CVE-2024-21538"
},
{
"cve": "CVE-2024-33883",
"product_status": {
"known_affected": [
"T040606",
"T040605",
"67646",
"T041207",
"T040117",
"T041488",
"T032495"
]
},
"release_date": "2025-01-12T23:00:00.000+00:00",
"title": "CVE-2024-33883"
},
{
"cve": "CVE-2024-37890",
"product_status": {
"known_affected": [
"T040606",
"T040605",
"67646",
"T041207",
"T040117",
"T041488",
"T032495"
]
},
"release_date": "2025-01-12T23:00:00.000+00:00",
"title": "CVE-2024-37890"
},
{
"cve": "CVE-2024-4067",
"product_status": {
"known_affected": [
"T040606",
"T040605",
"67646",
"T041207",
"T040117",
"T041488",
"T032495"
]
},
"release_date": "2025-01-12T23:00:00.000+00:00",
"title": "CVE-2024-4067"
},
{
"cve": "CVE-2024-4068",
"product_status": {
"known_affected": [
"T040606",
"T040605",
"67646",
"T041207",
"T040117",
"T041488",
"T032495"
]
},
"release_date": "2025-01-12T23:00:00.000+00:00",
"title": "CVE-2024-4068"
},
{
"cve": "CVE-2024-45296",
"product_status": {
"known_affected": [
"T040606",
"T040605",
"67646",
"T041207",
"T040117",
"T041488",
"T032495"
]
},
"release_date": "2025-01-12T23:00:00.000+00:00",
"title": "CVE-2024-45296"
},
{
"cve": "CVE-2024-45590",
"product_status": {
"known_affected": [
"T040606",
"T040605",
"67646",
"T041207",
"T040117",
"T041488",
"T032495"
]
},
"release_date": "2025-01-12T23:00:00.000+00:00",
"title": "CVE-2024-45590"
},
{
"cve": "CVE-2024-48948",
"product_status": {
"known_affected": [
"T040606",
"T040605",
"67646",
"T041207",
"T040117",
"T041488",
"T032495"
]
},
"release_date": "2025-01-12T23:00:00.000+00:00",
"title": "CVE-2024-48948"
},
{
"cve": "CVE-2024-48949",
"product_status": {
"known_affected": [
"T040606",
"T040605",
"67646",
"T041207",
"T040117",
"T041488",
"T032495"
]
},
"release_date": "2025-01-12T23:00:00.000+00:00",
"title": "CVE-2024-48949"
},
{
"cve": "CVE-2024-52798",
"product_status": {
"known_affected": [
"T040606",
"T040605",
"67646",
"T041207",
"T040117",
"T041488",
"T032495"
]
},
"release_date": "2025-01-12T23:00:00.000+00:00",
"title": "CVE-2024-52798"
},
{
"cve": "CVE-2024-55565",
"product_status": {
"known_affected": [
"T040606",
"T040605",
"67646",
"T041207",
"T040117",
"T041488",
"T032495"
]
},
"release_date": "2025-01-12T23:00:00.000+00:00",
"title": "CVE-2024-55565"
},
{
"cve": "CVE-2024-45801",
"product_status": {
"known_affected": [
"T040606",
"T040605",
"67646",
"T041207",
"T040117",
"T041488",
"T032495"
]
},
"release_date": "2025-01-12T23:00:00.000+00:00",
"title": "CVE-2024-45801"
},
{
"cve": "CVE-2024-42459",
"product_status": {
"known_affected": [
"T040606",
"T040605",
"67646",
"T041207",
"T040117",
"T041488",
"T032495"
]
},
"release_date": "2025-01-12T23:00:00.000+00:00",
"title": "CVE-2024-42459"
},
{
"cve": "CVE-2024-42460",
"product_status": {
"known_affected": [
"T040606",
"T040605",
"67646",
"T041207",
"T040117",
"T041488",
"T032495"
]
},
"release_date": "2025-01-12T23:00:00.000+00:00",
"title": "CVE-2024-42460"
},
{
"cve": "CVE-2024-42461",
"product_status": {
"known_affected": [
"T040606",
"T040605",
"67646",
"T041207",
"T040117",
"T041488",
"T032495"
]
},
"release_date": "2025-01-12T23:00:00.000+00:00",
"title": "CVE-2024-42461"
},
{
"cve": "CVE-2024-47764",
"product_status": {
"known_affected": [
"T040606",
"T040605",
"67646",
"T041207",
"T040117",
"T041488",
"T032495"
]
},
"release_date": "2025-01-12T23:00:00.000+00:00",
"title": "CVE-2024-47764"
}
]
}
WID-SEC-W-2025-0516
Vulnerability from csaf_certbund - Published: 2025-03-10 23:00 - Updated: 2025-03-10 23:00Summary
Camunda: Mehrere Schwachstellen ermöglichen Cross-Site Scripting
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Camunda ist ein in Java geschriebenes freies Workflow-Management-System, mit dem Geschäftsprozesse in BPMN 2.0 definiert und ausgeführt werden können.
Angriff: Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Camunda ausnutzen, um einen Cross-Site Scripting Angriff durchzuführen.
Betroffene Betriebssysteme: - Linux
- Sonstiges
- UNIX
- Windows
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Camunda <7.22.3
Open Source / Camunda
|
<7.22.3 | ||
|
Open Source Camunda <7.23.0-alpha4
Open Source / Camunda
|
<7.23.0-alpha4 | ||
|
Open Source Camunda <7.21.8
Open Source / Camunda
|
<7.21.8 | ||
|
Open Source Camunda <7.20.11
Open Source / Camunda
|
<7.20.11 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Camunda <7.22.3
Open Source / Camunda
|
<7.22.3 | ||
|
Open Source Camunda <7.23.0-alpha4
Open Source / Camunda
|
<7.23.0-alpha4 | ||
|
Open Source Camunda <7.21.8
Open Source / Camunda
|
<7.21.8 | ||
|
Open Source Camunda <7.20.11
Open Source / Camunda
|
<7.20.11 |
References
3 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Camunda ist ein in Java geschriebenes freies Workflow-Management-System, mit dem Gesch\u00e4ftsprozesse in BPMN 2.0 definiert und ausgef\u00fchrt werden k\u00f6nnen.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Camunda ausnutzen, um einen Cross-Site Scripting Angriff durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- Sonstiges\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-0516 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0516.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-0516 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0516"
},
{
"category": "external",
"summary": "Camunda Security Notice vom 2025-03-10",
"url": "https://docs.camunda.org/security/notices/#notice-129"
}
],
"source_lang": "en-US",
"title": "Camunda: Mehrere Schwachstellen erm\u00f6glichen Cross-Site Scripting",
"tracking": {
"current_release_date": "2025-03-10T23:00:00.000+00:00",
"generator": {
"date": "2025-03-11T10:40:18.791+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.12"
}
},
"id": "WID-SEC-W-2025-0516",
"initial_release_date": "2025-03-10T23:00:00.000+00:00",
"revision_history": [
{
"date": "2025-03-10T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c7.20.11",
"product": {
"name": "Open Source Camunda \u003c7.20.11",
"product_id": "T041688"
}
},
{
"category": "product_version",
"name": "7.20.11",
"product": {
"name": "Open Source Camunda 7.20.11",
"product_id": "T041688-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:camunda:camunda:7.20.11"
}
}
},
{
"category": "product_version_range",
"name": "\u003c7.22.3",
"product": {
"name": "Open Source Camunda \u003c7.22.3",
"product_id": "T041690"
}
},
{
"category": "product_version",
"name": "7.22.3",
"product": {
"name": "Open Source Camunda 7.22.3",
"product_id": "T041690-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:camunda:camunda:7.22.3"
}
}
},
{
"category": "product_version_range",
"name": "\u003c7.21.8",
"product": {
"name": "Open Source Camunda \u003c7.21.8",
"product_id": "T041701"
}
},
{
"category": "product_version",
"name": "7.21.8",
"product": {
"name": "Open Source Camunda 7.21.8",
"product_id": "T041701-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:camunda:camunda:7.21.8"
}
}
},
{
"category": "product_version_range",
"name": "\u003c7.23.0-alpha4",
"product": {
"name": "Open Source Camunda \u003c7.23.0-alpha4",
"product_id": "T041702"
}
},
{
"category": "product_version",
"name": "7.23.0-alpha4",
"product": {
"name": "Open Source Camunda 7.23.0-alpha4",
"product_id": "T041702-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:camunda:camunda:7.23.0-alpha4"
}
}
}
],
"category": "product_name",
"name": "Camunda"
}
],
"category": "vendor",
"name": "Open Source"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-45801",
"product_status": {
"known_affected": [
"T041690",
"T041702",
"T041701",
"T041688"
]
},
"release_date": "2025-03-10T23:00:00.000+00:00",
"title": "CVE-2024-45801"
},
{
"cve": "CVE-2024-47875",
"product_status": {
"known_affected": [
"T041690",
"T041702",
"T041701",
"T041688"
]
},
"release_date": "2025-03-10T23:00:00.000+00:00",
"title": "CVE-2024-47875"
}
]
}
WID-SEC-W-2025-0647
Vulnerability from csaf_certbund - Published: 2025-03-26 23:00 - Updated: 2025-11-18 23:00Summary
Splunk Splunk Enterprise: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Splunk Enterprise ermöglicht Monitoring und Analyse von Clickstream-Daten und Kundentransaktionen.
Angriff: Ein Angreifer kann mehrere Schwachstellen in Splunk Splunk Enterprise ausnutzen, um Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen preiszugeben, Daten zu manipulieren, Code auszuführen, einen Denial-of-Service-Zustand zu verursachen und weitere, nicht spezifizierte Auswirkungen zu verursachen.
Betroffene Betriebssysteme: - Sonstiges
- UNIX
- Windows
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.3.4
Splunk / Splunk Enterprise
|
<9.3.4 | ||
|
Splunk Splunk Enterprise <9.4.2
Splunk / Splunk Enterprise
|
<9.4.2 | ||
|
Splunk Splunk Enterprise <9.2.6
Splunk / Splunk Enterprise
|
<9.2.6 | ||
|
Splunk Splunk Enterprise <9.1.9
Splunk / Splunk Enterprise
|
<9.1.9 | ||
|
Splunk Splunk Enterprise <9.4.0
Splunk / Splunk Enterprise
|
<9.4.0 | ||
|
Splunk Splunk Enterprise <9.3.3
Splunk / Splunk Enterprise
|
<9.3.3 | ||
|
Atlassian Jira <10.7.2
Atlassian / Jira
|
<10.7.2 | ||
|
Splunk Splunk Enterprise <9.2.5
Splunk / Splunk Enterprise
|
<9.2.5 | ||
|
Atlassian Bitbucket <9.4.13 (LTS)
Atlassian / Bitbucket
|
<9.4.13 (LTS) | ||
|
Splunk Splunk Enterprise <9.1.8
Splunk / Splunk Enterprise
|
<9.1.8 | ||
|
Atlassian Jira <9.12.25 (LTS)
Atlassian / Jira
|
<9.12.25 (LTS) | ||
|
Atlassian Bitbucket <8.19.25 (LTS)
Atlassian / Bitbucket
|
<8.19.25 (LTS) | ||
|
Splunk Splunk Enterprise <9.4.1
Splunk / Splunk Enterprise
|
<9.4.1 | ||
|
Atlassian Jira <10.3.8 (LTS)
Atlassian / Jira
|
<10.3.8 (LTS) | ||
|
Atlassian Bitbucket <10.0.2
Atlassian / Bitbucket
|
<10.0.2 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.3.4
Splunk / Splunk Enterprise
|
<9.3.4 | ||
|
Splunk Splunk Enterprise <9.4.2
Splunk / Splunk Enterprise
|
<9.4.2 | ||
|
Splunk Splunk Enterprise <9.2.6
Splunk / Splunk Enterprise
|
<9.2.6 | ||
|
Splunk Splunk Enterprise <9.1.9
Splunk / Splunk Enterprise
|
<9.1.9 | ||
|
Splunk Splunk Enterprise <9.4.0
Splunk / Splunk Enterprise
|
<9.4.0 | ||
|
Splunk Splunk Enterprise <9.3.3
Splunk / Splunk Enterprise
|
<9.3.3 | ||
|
Atlassian Jira <10.7.2
Atlassian / Jira
|
<10.7.2 | ||
|
Splunk Splunk Enterprise <9.2.5
Splunk / Splunk Enterprise
|
<9.2.5 | ||
|
Atlassian Bitbucket <9.4.13 (LTS)
Atlassian / Bitbucket
|
<9.4.13 (LTS) | ||
|
Splunk Splunk Enterprise <9.1.8
Splunk / Splunk Enterprise
|
<9.1.8 | ||
|
Atlassian Jira <9.12.25 (LTS)
Atlassian / Jira
|
<9.12.25 (LTS) | ||
|
Atlassian Bitbucket <8.19.25 (LTS)
Atlassian / Bitbucket
|
<8.19.25 (LTS) | ||
|
Splunk Splunk Enterprise <9.4.1
Splunk / Splunk Enterprise
|
<9.4.1 | ||
|
Atlassian Jira <10.3.8 (LTS)
Atlassian / Jira
|
<10.3.8 (LTS) | ||
|
Atlassian Bitbucket <10.0.2
Atlassian / Bitbucket
|
<10.0.2 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.3.4
Splunk / Splunk Enterprise
|
<9.3.4 | ||
|
Splunk Splunk Enterprise <9.4.2
Splunk / Splunk Enterprise
|
<9.4.2 | ||
|
Splunk Splunk Enterprise <9.2.6
Splunk / Splunk Enterprise
|
<9.2.6 | ||
|
Splunk Splunk Enterprise <9.1.9
Splunk / Splunk Enterprise
|
<9.1.9 | ||
|
Splunk Splunk Enterprise <9.3.3
Splunk / Splunk Enterprise
|
<9.3.3 | ||
|
Atlassian Jira <10.7.2
Atlassian / Jira
|
<10.7.2 | ||
|
Splunk Splunk Enterprise <9.2.5
Splunk / Splunk Enterprise
|
<9.2.5 | ||
|
Atlassian Bitbucket <9.4.13 (LTS)
Atlassian / Bitbucket
|
<9.4.13 (LTS) | ||
|
Splunk Splunk Enterprise <9.1.8
Splunk / Splunk Enterprise
|
<9.1.8 | ||
|
Atlassian Jira <9.12.25 (LTS)
Atlassian / Jira
|
<9.12.25 (LTS) | ||
|
Atlassian Bitbucket <8.19.25 (LTS)
Atlassian / Bitbucket
|
<8.19.25 (LTS) | ||
|
Atlassian Jira <10.3.8 (LTS)
Atlassian / Jira
|
<10.3.8 (LTS) | ||
|
Atlassian Bitbucket <10.0.2
Atlassian / Bitbucket
|
<10.0.2 |
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.3.4
Splunk / Splunk Enterprise
|
<9.3.4 | ||
|
Splunk Splunk Enterprise <9.4.2
Splunk / Splunk Enterprise
|
<9.4.2 | ||
|
Splunk Splunk Enterprise <9.2.6
Splunk / Splunk Enterprise
|
<9.2.6 | ||
|
Splunk Splunk Enterprise <9.1.9
Splunk / Splunk Enterprise
|
<9.1.9 | ||
|
Splunk Splunk Enterprise <9.4.0
Splunk / Splunk Enterprise
|
<9.4.0 | ||
|
Splunk Splunk Enterprise <9.3.3
Splunk / Splunk Enterprise
|
<9.3.3 | ||
|
Atlassian Jira <10.7.2
Atlassian / Jira
|
<10.7.2 | ||
|
Splunk Splunk Enterprise <9.2.5
Splunk / Splunk Enterprise
|
<9.2.5 | ||
|
Atlassian Bitbucket <9.4.13 (LTS)
Atlassian / Bitbucket
|
<9.4.13 (LTS) | ||
|
Splunk Splunk Enterprise <9.1.8
Splunk / Splunk Enterprise
|
<9.1.8 | ||
|
Atlassian Jira <9.12.25 (LTS)
Atlassian / Jira
|
<9.12.25 (LTS) | ||
|
Atlassian Bitbucket <8.19.25 (LTS)
Atlassian / Bitbucket
|
<8.19.25 (LTS) | ||
|
Atlassian Jira <10.3.8 (LTS)
Atlassian / Jira
|
<10.3.8 (LTS) | ||
|
Atlassian Bitbucket <10.0.2
Atlassian / Bitbucket
|
<10.0.2 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.3.4
Splunk / Splunk Enterprise
|
<9.3.4 | ||
|
Splunk Splunk Enterprise <9.4.2
Splunk / Splunk Enterprise
|
<9.4.2 | ||
|
Splunk Splunk Enterprise <9.2.6
Splunk / Splunk Enterprise
|
<9.2.6 | ||
|
Splunk Splunk Enterprise <9.1.9
Splunk / Splunk Enterprise
|
<9.1.9 | ||
|
Splunk Splunk Enterprise <9.4.0
Splunk / Splunk Enterprise
|
<9.4.0 | ||
|
Splunk Splunk Enterprise <9.3.3
Splunk / Splunk Enterprise
|
<9.3.3 | ||
|
Atlassian Jira <10.7.2
Atlassian / Jira
|
<10.7.2 | ||
|
Splunk Splunk Enterprise <9.2.5
Splunk / Splunk Enterprise
|
<9.2.5 | ||
|
Atlassian Bitbucket <9.4.13 (LTS)
Atlassian / Bitbucket
|
<9.4.13 (LTS) | ||
|
Splunk Splunk Enterprise <9.1.8
Splunk / Splunk Enterprise
|
<9.1.8 | ||
|
Atlassian Jira <9.12.25 (LTS)
Atlassian / Jira
|
<9.12.25 (LTS) | ||
|
Atlassian Bitbucket <8.19.25 (LTS)
Atlassian / Bitbucket
|
<8.19.25 (LTS) | ||
|
Splunk Splunk Enterprise <9.4.1
Splunk / Splunk Enterprise
|
<9.4.1 | ||
|
Atlassian Jira <10.3.8 (LTS)
Atlassian / Jira
|
<10.3.8 (LTS) | ||
|
Atlassian Bitbucket <10.0.2
Atlassian / Bitbucket
|
<10.0.2 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.3.4
Splunk / Splunk Enterprise
|
<9.3.4 | ||
|
Splunk Splunk Enterprise <9.4.2
Splunk / Splunk Enterprise
|
<9.4.2 | ||
|
Splunk Splunk Enterprise <9.2.6
Splunk / Splunk Enterprise
|
<9.2.6 | ||
|
Splunk Splunk Enterprise <9.1.9
Splunk / Splunk Enterprise
|
<9.1.9 | ||
|
Splunk Splunk Enterprise <9.3.3
Splunk / Splunk Enterprise
|
<9.3.3 | ||
|
Atlassian Jira <10.7.2
Atlassian / Jira
|
<10.7.2 | ||
|
Splunk Splunk Enterprise <9.2.5
Splunk / Splunk Enterprise
|
<9.2.5 | ||
|
Atlassian Bitbucket <9.4.13 (LTS)
Atlassian / Bitbucket
|
<9.4.13 (LTS) | ||
|
Splunk Splunk Enterprise <9.1.8
Splunk / Splunk Enterprise
|
<9.1.8 | ||
|
Atlassian Jira <9.12.25 (LTS)
Atlassian / Jira
|
<9.12.25 (LTS) | ||
|
Atlassian Bitbucket <8.19.25 (LTS)
Atlassian / Bitbucket
|
<8.19.25 (LTS) | ||
|
Atlassian Jira <10.3.8 (LTS)
Atlassian / Jira
|
<10.3.8 (LTS) | ||
|
Atlassian Bitbucket <10.0.2
Atlassian / Bitbucket
|
<10.0.2 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.3.4
Splunk / Splunk Enterprise
|
<9.3.4 | ||
|
Splunk Splunk Enterprise <9.4.2
Splunk / Splunk Enterprise
|
<9.4.2 | ||
|
Splunk Splunk Enterprise <9.2.6
Splunk / Splunk Enterprise
|
<9.2.6 | ||
|
Splunk Splunk Enterprise <9.1.9
Splunk / Splunk Enterprise
|
<9.1.9 | ||
|
Splunk Splunk Enterprise <9.3.3
Splunk / Splunk Enterprise
|
<9.3.3 | ||
|
Atlassian Jira <10.7.2
Atlassian / Jira
|
<10.7.2 | ||
|
Splunk Splunk Enterprise <9.2.5
Splunk / Splunk Enterprise
|
<9.2.5 | ||
|
Atlassian Bitbucket <9.4.13 (LTS)
Atlassian / Bitbucket
|
<9.4.13 (LTS) | ||
|
Splunk Splunk Enterprise <9.1.8
Splunk / Splunk Enterprise
|
<9.1.8 | ||
|
Atlassian Jira <9.12.25 (LTS)
Atlassian / Jira
|
<9.12.25 (LTS) | ||
|
Atlassian Bitbucket <8.19.25 (LTS)
Atlassian / Bitbucket
|
<8.19.25 (LTS) | ||
|
Atlassian Jira <10.3.8 (LTS)
Atlassian / Jira
|
<10.3.8 (LTS) | ||
|
Atlassian Bitbucket <10.0.2
Atlassian / Bitbucket
|
<10.0.2 |
Affected products
Known affected
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise SplunkApp Lookup File Editing <4.0.5
Splunk / Splunk Enterprise
|
SplunkApp Lookup File Editing <4.0.5 | ||
|
Splunk Splunk Enterprise <9.3.4
Splunk / Splunk Enterprise
|
<9.3.4 | ||
|
Splunk Splunk Enterprise <9.4.2
Splunk / Splunk Enterprise
|
<9.4.2 | ||
|
Splunk Splunk Enterprise <9.2.6
Splunk / Splunk Enterprise
|
<9.2.6 | ||
|
Splunk Splunk Enterprise <9.1.9
Splunk / Splunk Enterprise
|
<9.1.9 | ||
|
Atlassian Jira <10.7.2
Atlassian / Jira
|
<10.7.2 | ||
|
Atlassian Bitbucket <9.4.13 (LTS)
Atlassian / Bitbucket
|
<9.4.13 (LTS) | ||
|
Atlassian Jira <9.12.25 (LTS)
Atlassian / Jira
|
<9.12.25 (LTS) | ||
|
Atlassian Bitbucket <8.19.25 (LTS)
Atlassian / Bitbucket
|
<8.19.25 (LTS) | ||
|
Atlassian Jira <10.3.8 (LTS)
Atlassian / Jira
|
<10.3.8 (LTS) | ||
|
Atlassian Bitbucket <10.0.2
Atlassian / Bitbucket
|
<10.0.2 |
Affected products
Known affected
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise SplunkApp Data Science and Deep Learning <5.2.0
Splunk / Splunk Enterprise
|
SplunkApp Data Science and Deep Learning <5.2.0 | ||
|
Splunk Splunk Enterprise Spunk DB Connect <4.0.0
Splunk / Splunk Enterprise
|
Spunk DB Connect <4.0.0 | ||
|
Splunk Splunk Enterprise SplunkApp Lookup File Editing <4.0.5
Splunk / Splunk Enterprise
|
SplunkApp Lookup File Editing <4.0.5 | ||
|
Splunk Splunk Enterprise <9.3.4
Splunk / Splunk Enterprise
|
<9.3.4 | ||
|
Splunk Splunk Enterprise <9.4.2
Splunk / Splunk Enterprise
|
<9.4.2 | ||
|
Splunk Splunk Enterprise <9.2.6
Splunk / Splunk Enterprise
|
<9.2.6 | ||
|
Splunk Splunk Enterprise Splunk Add-on Microsoft Cloud <5.4.3
Splunk / Splunk Enterprise
|
Splunk Add-on Microsoft Cloud <5.4.3 | ||
|
Splunk Splunk Enterprise <9.1.9
Splunk / Splunk Enterprise
|
<9.1.9 | ||
|
Splunk Splunk Enterprise Splunk Infrastructure Monitoring Add-on <1.2.7
Splunk / Splunk Enterprise
|
Splunk Infrastructure Monitoring Add-on <1.2.7 | ||
|
Splunk Splunk Enterprise <9.4.0
Splunk / Splunk Enterprise
|
<9.4.0 | ||
|
Splunk Splunk Enterprise <9.3.3
Splunk / Splunk Enterprise
|
<9.3.3 | ||
|
Atlassian Jira <10.7.2
Atlassian / Jira
|
<10.7.2 | ||
|
Splunk Splunk Enterprise <9.2.5
Splunk / Splunk Enterprise
|
<9.2.5 | ||
|
Atlassian Bitbucket <9.4.13 (LTS)
Atlassian / Bitbucket
|
<9.4.13 (LTS) | ||
|
Splunk Splunk Enterprise <9.1.8
Splunk / Splunk Enterprise
|
<9.1.8 | ||
|
Atlassian Jira <9.12.25 (LTS)
Atlassian / Jira
|
<9.12.25 (LTS) | ||
|
Atlassian Bitbucket <8.19.25 (LTS)
Atlassian / Bitbucket
|
<8.19.25 (LTS) | ||
|
Splunk Splunk Enterprise <9.4.1
Splunk / Splunk Enterprise
|
<9.4.1 | ||
|
Atlassian Jira <10.3.8 (LTS)
Atlassian / Jira
|
<10.3.8 (LTS) | ||
|
Atlassian Bitbucket <10.0.2
Atlassian / Bitbucket
|
<10.0.2 |
Affected products
Known affected
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise SplunkApp Data Science and Deep Learning <5.2.0
Splunk / Splunk Enterprise
|
SplunkApp Data Science and Deep Learning <5.2.0 | ||
|
Splunk Splunk Enterprise Spunk DB Connect <4.0.0
Splunk / Splunk Enterprise
|
Spunk DB Connect <4.0.0 | ||
|
Splunk Splunk Enterprise SplunkApp Lookup File Editing <4.0.5
Splunk / Splunk Enterprise
|
SplunkApp Lookup File Editing <4.0.5 | ||
|
Splunk Splunk Enterprise <9.3.4
Splunk / Splunk Enterprise
|
<9.3.4 | ||
|
Splunk Splunk Enterprise <9.4.2
Splunk / Splunk Enterprise
|
<9.4.2 | ||
|
Splunk Splunk Enterprise <9.2.6
Splunk / Splunk Enterprise
|
<9.2.6 | ||
|
Splunk Splunk Enterprise Splunk Add-on Microsoft Cloud <5.4.3
Splunk / Splunk Enterprise
|
Splunk Add-on Microsoft Cloud <5.4.3 | ||
|
Splunk Splunk Enterprise <9.1.9
Splunk / Splunk Enterprise
|
<9.1.9 | ||
|
Splunk Splunk Enterprise Splunk Infrastructure Monitoring Add-on <1.2.7
Splunk / Splunk Enterprise
|
Splunk Infrastructure Monitoring Add-on <1.2.7 | ||
|
Splunk Splunk Enterprise <9.4.0
Splunk / Splunk Enterprise
|
<9.4.0 | ||
|
Splunk Splunk Enterprise <9.3.3
Splunk / Splunk Enterprise
|
<9.3.3 | ||
|
Atlassian Jira <10.7.2
Atlassian / Jira
|
<10.7.2 | ||
|
Splunk Splunk Enterprise <9.2.5
Splunk / Splunk Enterprise
|
<9.2.5 | ||
|
Atlassian Bitbucket <9.4.13 (LTS)
Atlassian / Bitbucket
|
<9.4.13 (LTS) | ||
|
Splunk Splunk Enterprise <9.1.8
Splunk / Splunk Enterprise
|
<9.1.8 | ||
|
Atlassian Jira <9.12.25 (LTS)
Atlassian / Jira
|
<9.12.25 (LTS) | ||
|
Atlassian Bitbucket <8.19.25 (LTS)
Atlassian / Bitbucket
|
<8.19.25 (LTS) | ||
|
Splunk Splunk Enterprise <9.4.1
Splunk / Splunk Enterprise
|
<9.4.1 | ||
|
Atlassian Jira <10.3.8 (LTS)
Atlassian / Jira
|
<10.3.8 (LTS) | ||
|
Atlassian Bitbucket <10.0.2
Atlassian / Bitbucket
|
<10.0.2 |
Affected products
Known affected
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise SplunkApp Data Science and Deep Learning <5.2.0
Splunk / Splunk Enterprise
|
SplunkApp Data Science and Deep Learning <5.2.0 | ||
|
Splunk Splunk Enterprise Spunk DB Connect <4.0.0
Splunk / Splunk Enterprise
|
Spunk DB Connect <4.0.0 | ||
|
Splunk Splunk Enterprise SplunkApp Lookup File Editing <4.0.5
Splunk / Splunk Enterprise
|
SplunkApp Lookup File Editing <4.0.5 | ||
|
Splunk Splunk Enterprise <9.3.4
Splunk / Splunk Enterprise
|
<9.3.4 | ||
|
Splunk Splunk Enterprise <9.4.2
Splunk / Splunk Enterprise
|
<9.4.2 | ||
|
Splunk Splunk Enterprise <9.2.6
Splunk / Splunk Enterprise
|
<9.2.6 | ||
|
Splunk Splunk Enterprise Splunk Add-on Microsoft Cloud <5.4.3
Splunk / Splunk Enterprise
|
Splunk Add-on Microsoft Cloud <5.4.3 | ||
|
Splunk Splunk Enterprise <9.1.9
Splunk / Splunk Enterprise
|
<9.1.9 | ||
|
Splunk Splunk Enterprise Splunk Infrastructure Monitoring Add-on <1.2.7
Splunk / Splunk Enterprise
|
Splunk Infrastructure Monitoring Add-on <1.2.7 | ||
|
Splunk Splunk Enterprise <9.4.0
Splunk / Splunk Enterprise
|
<9.4.0 | ||
|
Splunk Splunk Enterprise <9.3.3
Splunk / Splunk Enterprise
|
<9.3.3 | ||
|
Atlassian Jira <10.7.2
Atlassian / Jira
|
<10.7.2 | ||
|
Splunk Splunk Enterprise <9.2.5
Splunk / Splunk Enterprise
|
<9.2.5 | ||
|
Atlassian Bitbucket <9.4.13 (LTS)
Atlassian / Bitbucket
|
<9.4.13 (LTS) | ||
|
Splunk Splunk Enterprise <9.1.8
Splunk / Splunk Enterprise
|
<9.1.8 | ||
|
Atlassian Jira <9.12.25 (LTS)
Atlassian / Jira
|
<9.12.25 (LTS) | ||
|
Atlassian Bitbucket <8.19.25 (LTS)
Atlassian / Bitbucket
|
<8.19.25 (LTS) | ||
|
Splunk Splunk Enterprise <9.4.1
Splunk / Splunk Enterprise
|
<9.4.1 | ||
|
Atlassian Jira <10.3.8 (LTS)
Atlassian / Jira
|
<10.3.8 (LTS) | ||
|
Atlassian Bitbucket <10.0.2
Atlassian / Bitbucket
|
<10.0.2 |
Affected products
Known affected
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise SplunkApp Data Science and Deep Learning <5.2.0
Splunk / Splunk Enterprise
|
SplunkApp Data Science and Deep Learning <5.2.0 | ||
|
Splunk Splunk Enterprise Spunk DB Connect <4.0.0
Splunk / Splunk Enterprise
|
Spunk DB Connect <4.0.0 | ||
|
Splunk Splunk Enterprise SplunkApp Lookup File Editing <4.0.5
Splunk / Splunk Enterprise
|
SplunkApp Lookup File Editing <4.0.5 | ||
|
Splunk Splunk Enterprise <9.3.4
Splunk / Splunk Enterprise
|
<9.3.4 | ||
|
Splunk Splunk Enterprise <9.4.2
Splunk / Splunk Enterprise
|
<9.4.2 | ||
|
Splunk Splunk Enterprise <9.2.6
Splunk / Splunk Enterprise
|
<9.2.6 | ||
|
Splunk Splunk Enterprise Splunk Add-on Microsoft Cloud <5.4.3
Splunk / Splunk Enterprise
|
Splunk Add-on Microsoft Cloud <5.4.3 | ||
|
Splunk Splunk Enterprise <9.1.9
Splunk / Splunk Enterprise
|
<9.1.9 | ||
|
Splunk Splunk Enterprise Splunk Infrastructure Monitoring Add-on <1.2.7
Splunk / Splunk Enterprise
|
Splunk Infrastructure Monitoring Add-on <1.2.7 | ||
|
Splunk Splunk Enterprise <9.4.0
Splunk / Splunk Enterprise
|
<9.4.0 | ||
|
Splunk Splunk Enterprise <9.3.3
Splunk / Splunk Enterprise
|
<9.3.3 | ||
|
Atlassian Jira <10.7.2
Atlassian / Jira
|
<10.7.2 | ||
|
Splunk Splunk Enterprise <9.2.5
Splunk / Splunk Enterprise
|
<9.2.5 | ||
|
Atlassian Bitbucket <9.4.13 (LTS)
Atlassian / Bitbucket
|
<9.4.13 (LTS) | ||
|
Splunk Splunk Enterprise <9.1.8
Splunk / Splunk Enterprise
|
<9.1.8 | ||
|
Atlassian Jira <9.12.25 (LTS)
Atlassian / Jira
|
<9.12.25 (LTS) | ||
|
Atlassian Bitbucket <8.19.25 (LTS)
Atlassian / Bitbucket
|
<8.19.25 (LTS) | ||
|
Splunk Splunk Enterprise <9.4.1
Splunk / Splunk Enterprise
|
<9.4.1 | ||
|
Atlassian Jira <10.3.8 (LTS)
Atlassian / Jira
|
<10.3.8 (LTS) | ||
|
Atlassian Bitbucket <10.0.2
Atlassian / Bitbucket
|
<10.0.2 |
Affected products
Known affected
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise SplunkApp Data Science and Deep Learning <5.2.0
Splunk / Splunk Enterprise
|
SplunkApp Data Science and Deep Learning <5.2.0 | ||
|
Splunk Splunk Enterprise Spunk DB Connect <4.0.0
Splunk / Splunk Enterprise
|
Spunk DB Connect <4.0.0 | ||
|
Splunk Splunk Enterprise SplunkApp Lookup File Editing <4.0.5
Splunk / Splunk Enterprise
|
SplunkApp Lookup File Editing <4.0.5 | ||
|
Splunk Splunk Enterprise <9.3.4
Splunk / Splunk Enterprise
|
<9.3.4 | ||
|
Splunk Splunk Enterprise <9.4.2
Splunk / Splunk Enterprise
|
<9.4.2 | ||
|
Splunk Splunk Enterprise <9.2.6
Splunk / Splunk Enterprise
|
<9.2.6 | ||
|
Splunk Splunk Enterprise Splunk Add-on Microsoft Cloud <5.4.3
Splunk / Splunk Enterprise
|
Splunk Add-on Microsoft Cloud <5.4.3 | ||
|
Splunk Splunk Enterprise <9.1.9
Splunk / Splunk Enterprise
|
<9.1.9 | ||
|
Splunk Splunk Enterprise Splunk Infrastructure Monitoring Add-on <1.2.7
Splunk / Splunk Enterprise
|
Splunk Infrastructure Monitoring Add-on <1.2.7 | ||
|
Splunk Splunk Enterprise <9.4.0
Splunk / Splunk Enterprise
|
<9.4.0 | ||
|
Splunk Splunk Enterprise <9.3.3
Splunk / Splunk Enterprise
|
<9.3.3 | ||
|
Atlassian Jira <10.7.2
Atlassian / Jira
|
<10.7.2 | ||
|
Splunk Splunk Enterprise <9.2.5
Splunk / Splunk Enterprise
|
<9.2.5 | ||
|
Atlassian Bitbucket <9.4.13 (LTS)
Atlassian / Bitbucket
|
<9.4.13 (LTS) | ||
|
Splunk Splunk Enterprise <9.1.8
Splunk / Splunk Enterprise
|
<9.1.8 | ||
|
Atlassian Jira <9.12.25 (LTS)
Atlassian / Jira
|
<9.12.25 (LTS) | ||
|
Atlassian Bitbucket <8.19.25 (LTS)
Atlassian / Bitbucket
|
<8.19.25 (LTS) | ||
|
Splunk Splunk Enterprise <9.4.1
Splunk / Splunk Enterprise
|
<9.4.1 | ||
|
Atlassian Jira <10.3.8 (LTS)
Atlassian / Jira
|
<10.3.8 (LTS) | ||
|
Atlassian Bitbucket <10.0.2
Atlassian / Bitbucket
|
<10.0.2 |
Affected products
Known affected
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise SplunkApp Data Science and Deep Learning <5.2.0
Splunk / Splunk Enterprise
|
SplunkApp Data Science and Deep Learning <5.2.0 | ||
|
Splunk Splunk Enterprise Spunk DB Connect <4.0.0
Splunk / Splunk Enterprise
|
Spunk DB Connect <4.0.0 | ||
|
Splunk Splunk Enterprise SplunkApp Lookup File Editing <4.0.5
Splunk / Splunk Enterprise
|
SplunkApp Lookup File Editing <4.0.5 | ||
|
Splunk Splunk Enterprise <9.3.4
Splunk / Splunk Enterprise
|
<9.3.4 | ||
|
Splunk Splunk Enterprise <9.4.2
Splunk / Splunk Enterprise
|
<9.4.2 | ||
|
Splunk Splunk Enterprise <9.2.6
Splunk / Splunk Enterprise
|
<9.2.6 | ||
|
Splunk Splunk Enterprise Splunk Add-on Microsoft Cloud <5.4.3
Splunk / Splunk Enterprise
|
Splunk Add-on Microsoft Cloud <5.4.3 | ||
|
Splunk Splunk Enterprise <9.1.9
Splunk / Splunk Enterprise
|
<9.1.9 | ||
|
Splunk Splunk Enterprise Splunk Infrastructure Monitoring Add-on <1.2.7
Splunk / Splunk Enterprise
|
Splunk Infrastructure Monitoring Add-on <1.2.7 | ||
|
Splunk Splunk Enterprise <9.4.0
Splunk / Splunk Enterprise
|
<9.4.0 | ||
|
Splunk Splunk Enterprise <9.3.3
Splunk / Splunk Enterprise
|
<9.3.3 | ||
|
Atlassian Jira <10.7.2
Atlassian / Jira
|
<10.7.2 | ||
|
Splunk Splunk Enterprise <9.2.5
Splunk / Splunk Enterprise
|
<9.2.5 | ||
|
Atlassian Bitbucket <9.4.13 (LTS)
Atlassian / Bitbucket
|
<9.4.13 (LTS) | ||
|
Splunk Splunk Enterprise <9.1.8
Splunk / Splunk Enterprise
|
<9.1.8 | ||
|
Atlassian Jira <9.12.25 (LTS)
Atlassian / Jira
|
<9.12.25 (LTS) | ||
|
Atlassian Bitbucket <8.19.25 (LTS)
Atlassian / Bitbucket
|
<8.19.25 (LTS) | ||
|
Splunk Splunk Enterprise <9.4.1
Splunk / Splunk Enterprise
|
<9.4.1 | ||
|
Atlassian Jira <10.3.8 (LTS)
Atlassian / Jira
|
<10.3.8 (LTS) | ||
|
Atlassian Bitbucket <10.0.2
Atlassian / Bitbucket
|
<10.0.2 |
Affected products
Known affected
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise SplunkApp Data Science and Deep Learning <5.2.0
Splunk / Splunk Enterprise
|
SplunkApp Data Science and Deep Learning <5.2.0 | ||
|
Splunk Splunk Enterprise Spunk DB Connect <4.0.0
Splunk / Splunk Enterprise
|
Spunk DB Connect <4.0.0 | ||
|
Splunk Splunk Enterprise SplunkApp Lookup File Editing <4.0.5
Splunk / Splunk Enterprise
|
SplunkApp Lookup File Editing <4.0.5 | ||
|
Splunk Splunk Enterprise <9.3.4
Splunk / Splunk Enterprise
|
<9.3.4 | ||
|
Splunk Splunk Enterprise <9.4.2
Splunk / Splunk Enterprise
|
<9.4.2 | ||
|
Splunk Splunk Enterprise <9.2.6
Splunk / Splunk Enterprise
|
<9.2.6 | ||
|
Splunk Splunk Enterprise Splunk Add-on Microsoft Cloud <5.4.3
Splunk / Splunk Enterprise
|
Splunk Add-on Microsoft Cloud <5.4.3 | ||
|
Splunk Splunk Enterprise <9.1.9
Splunk / Splunk Enterprise
|
<9.1.9 | ||
|
Splunk Splunk Enterprise Splunk Infrastructure Monitoring Add-on <1.2.7
Splunk / Splunk Enterprise
|
Splunk Infrastructure Monitoring Add-on <1.2.7 | ||
|
Splunk Splunk Enterprise <9.4.0
Splunk / Splunk Enterprise
|
<9.4.0 | ||
|
Splunk Splunk Enterprise <9.3.3
Splunk / Splunk Enterprise
|
<9.3.3 | ||
|
Atlassian Jira <10.7.2
Atlassian / Jira
|
<10.7.2 | ||
|
Splunk Splunk Enterprise <9.2.5
Splunk / Splunk Enterprise
|
<9.2.5 | ||
|
Atlassian Bitbucket <9.4.13 (LTS)
Atlassian / Bitbucket
|
<9.4.13 (LTS) | ||
|
Splunk Splunk Enterprise <9.1.8
Splunk / Splunk Enterprise
|
<9.1.8 | ||
|
Atlassian Jira <9.12.25 (LTS)
Atlassian / Jira
|
<9.12.25 (LTS) | ||
|
Atlassian Bitbucket <8.19.25 (LTS)
Atlassian / Bitbucket
|
<8.19.25 (LTS) | ||
|
Splunk Splunk Enterprise <9.4.1
Splunk / Splunk Enterprise
|
<9.4.1 | ||
|
Atlassian Jira <10.3.8 (LTS)
Atlassian / Jira
|
<10.3.8 (LTS) | ||
|
Atlassian Bitbucket <10.0.2
Atlassian / Bitbucket
|
<10.0.2 |
Affected products
Known affected
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise SplunkApp Data Science and Deep Learning <5.2.0
Splunk / Splunk Enterprise
|
SplunkApp Data Science and Deep Learning <5.2.0 | ||
|
Splunk Splunk Enterprise Spunk DB Connect <4.0.0
Splunk / Splunk Enterprise
|
Spunk DB Connect <4.0.0 | ||
|
Splunk Splunk Enterprise SplunkApp Lookup File Editing <4.0.5
Splunk / Splunk Enterprise
|
SplunkApp Lookup File Editing <4.0.5 | ||
|
Splunk Splunk Enterprise <9.3.4
Splunk / Splunk Enterprise
|
<9.3.4 | ||
|
Splunk Splunk Enterprise <9.4.2
Splunk / Splunk Enterprise
|
<9.4.2 | ||
|
Splunk Splunk Enterprise <9.2.6
Splunk / Splunk Enterprise
|
<9.2.6 | ||
|
Splunk Splunk Enterprise Splunk Add-on Microsoft Cloud <5.4.3
Splunk / Splunk Enterprise
|
Splunk Add-on Microsoft Cloud <5.4.3 | ||
|
Splunk Splunk Enterprise <9.1.9
Splunk / Splunk Enterprise
|
<9.1.9 | ||
|
Splunk Splunk Enterprise Splunk Infrastructure Monitoring Add-on <1.2.7
Splunk / Splunk Enterprise
|
Splunk Infrastructure Monitoring Add-on <1.2.7 | ||
|
Splunk Splunk Enterprise <9.4.0
Splunk / Splunk Enterprise
|
<9.4.0 | ||
|
Splunk Splunk Enterprise <9.3.3
Splunk / Splunk Enterprise
|
<9.3.3 | ||
|
Atlassian Jira <10.7.2
Atlassian / Jira
|
<10.7.2 | ||
|
Splunk Splunk Enterprise <9.2.5
Splunk / Splunk Enterprise
|
<9.2.5 | ||
|
Atlassian Bitbucket <9.4.13 (LTS)
Atlassian / Bitbucket
|
<9.4.13 (LTS) | ||
|
Splunk Splunk Enterprise <9.1.8
Splunk / Splunk Enterprise
|
<9.1.8 | ||
|
Atlassian Jira <9.12.25 (LTS)
Atlassian / Jira
|
<9.12.25 (LTS) | ||
|
Atlassian Bitbucket <8.19.25 (LTS)
Atlassian / Bitbucket
|
<8.19.25 (LTS) | ||
|
Splunk Splunk Enterprise <9.4.1
Splunk / Splunk Enterprise
|
<9.4.1 | ||
|
Atlassian Jira <10.3.8 (LTS)
Atlassian / Jira
|
<10.3.8 (LTS) | ||
|
Atlassian Bitbucket <10.0.2
Atlassian / Bitbucket
|
<10.0.2 |
Affected products
Known affected
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise SplunkApp Data Science and Deep Learning <5.2.0
Splunk / Splunk Enterprise
|
SplunkApp Data Science and Deep Learning <5.2.0 | ||
|
Splunk Splunk Enterprise Spunk DB Connect <4.0.0
Splunk / Splunk Enterprise
|
Spunk DB Connect <4.0.0 | ||
|
Splunk Splunk Enterprise SplunkApp Lookup File Editing <4.0.5
Splunk / Splunk Enterprise
|
SplunkApp Lookup File Editing <4.0.5 | ||
|
Splunk Splunk Enterprise <9.3.4
Splunk / Splunk Enterprise
|
<9.3.4 | ||
|
Splunk Splunk Enterprise <9.4.2
Splunk / Splunk Enterprise
|
<9.4.2 | ||
|
Splunk Splunk Enterprise <9.2.6
Splunk / Splunk Enterprise
|
<9.2.6 | ||
|
Splunk Splunk Enterprise Splunk Add-on Microsoft Cloud <5.4.3
Splunk / Splunk Enterprise
|
Splunk Add-on Microsoft Cloud <5.4.3 | ||
|
Splunk Splunk Enterprise <9.1.9
Splunk / Splunk Enterprise
|
<9.1.9 | ||
|
Splunk Splunk Enterprise Splunk Infrastructure Monitoring Add-on <1.2.7
Splunk / Splunk Enterprise
|
Splunk Infrastructure Monitoring Add-on <1.2.7 | ||
|
Splunk Splunk Enterprise <9.4.0
Splunk / Splunk Enterprise
|
<9.4.0 | ||
|
Splunk Splunk Enterprise <9.3.3
Splunk / Splunk Enterprise
|
<9.3.3 | ||
|
Atlassian Jira <10.7.2
Atlassian / Jira
|
<10.7.2 | ||
|
Splunk Splunk Enterprise <9.2.5
Splunk / Splunk Enterprise
|
<9.2.5 | ||
|
Atlassian Bitbucket <9.4.13 (LTS)
Atlassian / Bitbucket
|
<9.4.13 (LTS) | ||
|
Splunk Splunk Enterprise <9.1.8
Splunk / Splunk Enterprise
|
<9.1.8 | ||
|
Atlassian Jira <9.12.25 (LTS)
Atlassian / Jira
|
<9.12.25 (LTS) | ||
|
Atlassian Bitbucket <8.19.25 (LTS)
Atlassian / Bitbucket
|
<8.19.25 (LTS) | ||
|
Splunk Splunk Enterprise <9.4.1
Splunk / Splunk Enterprise
|
<9.4.1 | ||
|
Atlassian Jira <10.3.8 (LTS)
Atlassian / Jira
|
<10.3.8 (LTS) | ||
|
Atlassian Bitbucket <10.0.2
Atlassian / Bitbucket
|
<10.0.2 |
Affected products
Known affected
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise SplunkApp Data Science and Deep Learning <5.2.0
Splunk / Splunk Enterprise
|
SplunkApp Data Science and Deep Learning <5.2.0 | ||
|
Splunk Splunk Enterprise Spunk DB Connect <4.0.0
Splunk / Splunk Enterprise
|
Spunk DB Connect <4.0.0 | ||
|
Splunk Splunk Enterprise SplunkApp Lookup File Editing <4.0.5
Splunk / Splunk Enterprise
|
SplunkApp Lookup File Editing <4.0.5 | ||
|
Splunk Splunk Enterprise <9.3.4
Splunk / Splunk Enterprise
|
<9.3.4 | ||
|
Splunk Splunk Enterprise <9.4.2
Splunk / Splunk Enterprise
|
<9.4.2 | ||
|
Splunk Splunk Enterprise <9.2.6
Splunk / Splunk Enterprise
|
<9.2.6 | ||
|
Splunk Splunk Enterprise Splunk Add-on Microsoft Cloud <5.4.3
Splunk / Splunk Enterprise
|
Splunk Add-on Microsoft Cloud <5.4.3 | ||
|
Splunk Splunk Enterprise <9.1.9
Splunk / Splunk Enterprise
|
<9.1.9 | ||
|
Splunk Splunk Enterprise Splunk Infrastructure Monitoring Add-on <1.2.7
Splunk / Splunk Enterprise
|
Splunk Infrastructure Monitoring Add-on <1.2.7 | ||
|
Splunk Splunk Enterprise <9.4.0
Splunk / Splunk Enterprise
|
<9.4.0 | ||
|
Splunk Splunk Enterprise <9.3.3
Splunk / Splunk Enterprise
|
<9.3.3 | ||
|
Atlassian Jira <10.7.2
Atlassian / Jira
|
<10.7.2 | ||
|
Splunk Splunk Enterprise <9.2.5
Splunk / Splunk Enterprise
|
<9.2.5 | ||
|
Atlassian Bitbucket <9.4.13 (LTS)
Atlassian / Bitbucket
|
<9.4.13 (LTS) | ||
|
Splunk Splunk Enterprise <9.1.8
Splunk / Splunk Enterprise
|
<9.1.8 | ||
|
Atlassian Jira <9.12.25 (LTS)
Atlassian / Jira
|
<9.12.25 (LTS) | ||
|
Atlassian Bitbucket <8.19.25 (LTS)
Atlassian / Bitbucket
|
<8.19.25 (LTS) | ||
|
Splunk Splunk Enterprise <9.4.1
Splunk / Splunk Enterprise
|
<9.4.1 | ||
|
Atlassian Jira <10.3.8 (LTS)
Atlassian / Jira
|
<10.3.8 (LTS) | ||
|
Atlassian Bitbucket <10.0.2
Atlassian / Bitbucket
|
<10.0.2 |
Affected products
Known affected
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise SplunkApp Data Science and Deep Learning <5.2.0
Splunk / Splunk Enterprise
|
SplunkApp Data Science and Deep Learning <5.2.0 | ||
|
Splunk Splunk Enterprise Spunk DB Connect <4.0.0
Splunk / Splunk Enterprise
|
Spunk DB Connect <4.0.0 | ||
|
Splunk Splunk Enterprise SplunkApp Lookup File Editing <4.0.5
Splunk / Splunk Enterprise
|
SplunkApp Lookup File Editing <4.0.5 | ||
|
Splunk Splunk Enterprise <9.3.4
Splunk / Splunk Enterprise
|
<9.3.4 | ||
|
Splunk Splunk Enterprise <9.4.2
Splunk / Splunk Enterprise
|
<9.4.2 | ||
|
Splunk Splunk Enterprise <9.2.6
Splunk / Splunk Enterprise
|
<9.2.6 | ||
|
Splunk Splunk Enterprise Splunk Add-on Microsoft Cloud <5.4.3
Splunk / Splunk Enterprise
|
Splunk Add-on Microsoft Cloud <5.4.3 | ||
|
Splunk Splunk Enterprise <9.1.9
Splunk / Splunk Enterprise
|
<9.1.9 | ||
|
Splunk Splunk Enterprise Splunk Infrastructure Monitoring Add-on <1.2.7
Splunk / Splunk Enterprise
|
Splunk Infrastructure Monitoring Add-on <1.2.7 | ||
|
Splunk Splunk Enterprise <9.4.0
Splunk / Splunk Enterprise
|
<9.4.0 | ||
|
Splunk Splunk Enterprise <9.3.3
Splunk / Splunk Enterprise
|
<9.3.3 | ||
|
Atlassian Jira <10.7.2
Atlassian / Jira
|
<10.7.2 | ||
|
Splunk Splunk Enterprise <9.2.5
Splunk / Splunk Enterprise
|
<9.2.5 | ||
|
Atlassian Bitbucket <9.4.13 (LTS)
Atlassian / Bitbucket
|
<9.4.13 (LTS) | ||
|
Splunk Splunk Enterprise <9.1.8
Splunk / Splunk Enterprise
|
<9.1.8 | ||
|
Atlassian Jira <9.12.25 (LTS)
Atlassian / Jira
|
<9.12.25 (LTS) | ||
|
Atlassian Bitbucket <8.19.25 (LTS)
Atlassian / Bitbucket
|
<8.19.25 (LTS) | ||
|
Splunk Splunk Enterprise <9.4.1
Splunk / Splunk Enterprise
|
<9.4.1 | ||
|
Atlassian Jira <10.3.8 (LTS)
Atlassian / Jira
|
<10.3.8 (LTS) | ||
|
Atlassian Bitbucket <10.0.2
Atlassian / Bitbucket
|
<10.0.2 |
Affected products
Known affected
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise SplunkApp Data Science and Deep Learning <5.2.0
Splunk / Splunk Enterprise
|
SplunkApp Data Science and Deep Learning <5.2.0 | ||
|
Splunk Splunk Enterprise Spunk DB Connect <4.0.0
Splunk / Splunk Enterprise
|
Spunk DB Connect <4.0.0 | ||
|
Splunk Splunk Enterprise SplunkApp Lookup File Editing <4.0.5
Splunk / Splunk Enterprise
|
SplunkApp Lookup File Editing <4.0.5 | ||
|
Splunk Splunk Enterprise <9.3.4
Splunk / Splunk Enterprise
|
<9.3.4 | ||
|
Splunk Splunk Enterprise <9.4.2
Splunk / Splunk Enterprise
|
<9.4.2 | ||
|
Splunk Splunk Enterprise <9.2.6
Splunk / Splunk Enterprise
|
<9.2.6 | ||
|
Splunk Splunk Enterprise Splunk Add-on Microsoft Cloud <5.4.3
Splunk / Splunk Enterprise
|
Splunk Add-on Microsoft Cloud <5.4.3 | ||
|
Splunk Splunk Enterprise <9.1.9
Splunk / Splunk Enterprise
|
<9.1.9 | ||
|
Splunk Splunk Enterprise Splunk Infrastructure Monitoring Add-on <1.2.7
Splunk / Splunk Enterprise
|
Splunk Infrastructure Monitoring Add-on <1.2.7 | ||
|
Splunk Splunk Enterprise <9.4.0
Splunk / Splunk Enterprise
|
<9.4.0 | ||
|
Splunk Splunk Enterprise <9.3.3
Splunk / Splunk Enterprise
|
<9.3.3 | ||
|
Atlassian Jira <10.7.2
Atlassian / Jira
|
<10.7.2 | ||
|
Splunk Splunk Enterprise <9.2.5
Splunk / Splunk Enterprise
|
<9.2.5 | ||
|
Atlassian Bitbucket <9.4.13 (LTS)
Atlassian / Bitbucket
|
<9.4.13 (LTS) | ||
|
Splunk Splunk Enterprise <9.1.8
Splunk / Splunk Enterprise
|
<9.1.8 | ||
|
Atlassian Jira <9.12.25 (LTS)
Atlassian / Jira
|
<9.12.25 (LTS) | ||
|
Atlassian Bitbucket <8.19.25 (LTS)
Atlassian / Bitbucket
|
<8.19.25 (LTS) | ||
|
Splunk Splunk Enterprise <9.4.1
Splunk / Splunk Enterprise
|
<9.4.1 | ||
|
Atlassian Jira <10.3.8 (LTS)
Atlassian / Jira
|
<10.3.8 (LTS) | ||
|
Atlassian Bitbucket <10.0.2
Atlassian / Bitbucket
|
<10.0.2 |
References
18 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Splunk Enterprise erm\u00f6glicht Monitoring und Analyse von Clickstream-Daten und Kundentransaktionen.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in Splunk Splunk Enterprise ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen preiszugeben, Daten zu manipulieren, Code auszuf\u00fchren, einen Denial-of-Service-Zustand zu verursachen und weitere, nicht spezifizierte Auswirkungen zu verursachen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-0647 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0647.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-0647 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0647"
},
{
"category": "external",
"summary": "Splunk Vulnerability Disclosure SVD-2025-0301 vom 2025-03-26",
"url": "https://advisory.splunk.com/advisories/SVD-2025-0301"
},
{
"category": "external",
"summary": "Splunk Vulnerability Disclosure SVD-2025-0302 vom 2025-03-26",
"url": "https://advisory.splunk.com/advisories/SVD-2025-0302"
},
{
"category": "external",
"summary": "Splunk Vulnerability Disclosure SVD-2025-0303 vom 2025-03-26",
"url": "https://advisory.splunk.com/advisories/SVD-2025-0303"
},
{
"category": "external",
"summary": "Splunk Vulnerability Disclosure SVD-2025-0304 vom 2025-03-26",
"url": "https://advisory.splunk.com/advisories/SVD-2025-0304"
},
{
"category": "external",
"summary": "Splunk Vulnerability Disclosure SVD-2025-0305 vom 2025-03-26",
"url": "https://advisory.splunk.com/advisories/SVD-2025-0305"
},
{
"category": "external",
"summary": "Splunk Vulnerability Disclosure SVD-2025-0306 vom 2025-03-26",
"url": "https://advisory.splunk.com/advisories/SVD-2025-0306"
},
{
"category": "external",
"summary": "Splunk Vulnerability Disclosure SVD-2025-0307 vom 2025-03-26",
"url": "https://advisory.splunk.com/advisories/SVD-2025-0307"
},
{
"category": "external",
"summary": "Splunk Vulnerability Disclosure SVD-2025-0310 vom 2025-03-26",
"url": "https://advisory.splunk.com/advisories/SVD-2025-0310"
},
{
"category": "external",
"summary": "Splunk Vulnerability Disclosure SVD-2025-0308 vom 2025-03-26",
"url": "https://advisory.splunk.com/advisories/SVD-2025-0308"
},
{
"category": "external",
"summary": "Splunk Vulnerability Disclosure SVD-2025-0309 vom 2025-03-26",
"url": "https://advisory.splunk.com/advisories/SVD-2025-0309"
},
{
"category": "external",
"summary": "Splunk Vulnerability Disclosure SVD-2025-0311 vom 2025-03-26",
"url": "https://advisory.splunk.com/advisories/SVD-2025-0311"
},
{
"category": "external",
"summary": "Splunk Vulnerability Disclosure SVD-2025-0312 vom 2025-03-26",
"url": "https://advisory.splunk.com/advisories/SVD-2025-0312"
},
{
"category": "external",
"summary": "Splunk Vulnerability Disclosure SVD-2025-0313 vom 2025-03-26",
"url": "https://advisory.splunk.com/advisories/SVD-2025-0313"
},
{
"category": "external",
"summary": "Splunk Security Advisory SVD-2025-0603 vom 2025-06-02",
"url": "https://advisory.splunk.com//advisories/SVD-2025-0603"
},
{
"category": "external",
"summary": "Atlassian Security Bulletin - July 15 2025",
"url": "https://confluence.atlassian.com/security/security-bulletin-july-15-2025-1590658642.html"
},
{
"category": "external",
"summary": "Atlassian Security Bulletin - November 18 2025",
"url": "https://confluence.atlassian.com/security/security-bulletin-november-18-2025-1671463469.html"
}
],
"source_lang": "en-US",
"title": "Splunk Splunk Enterprise: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-11-18T23:00:00.000+00:00",
"generator": {
"date": "2025-11-19T09:37:12.481+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.5.0"
}
},
"id": "WID-SEC-W-2025-0647",
"initial_release_date": "2025-03-26T23:00:00.000+00:00",
"revision_history": [
{
"date": "2025-03-26T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2025-06-02T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Splunk-SVD aufgenommen"
},
{
"date": "2025-07-15T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2025-11-18T23:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates aufgenommen"
}
],
"status": "final",
"version": "4"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.2",
"product": {
"name": "Atlassian Bitbucket \u003c10.0.2",
"product_id": "T048675"
}
},
{
"category": "product_version",
"name": "10.0.2",
"product": {
"name": "Atlassian Bitbucket 10.0.2",
"product_id": "T048675-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bitbucket:10.0.2"
}
}
},
{
"category": "product_version_range",
"name": "\u003c8.19.25 (LTS)",
"product": {
"name": "Atlassian Bitbucket \u003c8.19.25 (LTS)",
"product_id": "T048676"
}
},
{
"category": "product_version",
"name": "8.19.25 (LTS)",
"product": {
"name": "Atlassian Bitbucket 8.19.25 (LTS)",
"product_id": "T048676-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bitbucket:8.19.25_%28lts%29"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.4.13 (LTS)",
"product": {
"name": "Atlassian Bitbucket \u003c9.4.13 (LTS)",
"product_id": "T048677"
}
},
{
"category": "product_version",
"name": "9.4.13 (LTS)",
"product": {
"name": "Atlassian Bitbucket 9.4.13 (LTS)",
"product_id": "T048677-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bitbucket:9.4.13_%28lts%29"
}
}
}
],
"category": "product_name",
"name": "Bitbucket"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.7.2",
"product": {
"name": "Atlassian Jira \u003c10.7.2",
"product_id": "T045453"
}
},
{
"category": "product_version",
"name": "10.7.2",
"product": {
"name": "Atlassian Jira 10.7.2",
"product_id": "T045453-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:jira:10.7.2"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.3.8 (LTS)",
"product": {
"name": "Atlassian Jira \u003c10.3.8 (LTS)",
"product_id": "T045454"
}
},
{
"category": "product_version",
"name": "10.3.8 (LTS)",
"product": {
"name": "Atlassian Jira 10.3.8 (LTS)",
"product_id": "T045454-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:jira:10.3.8_%28lts%29"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.12.25 (LTS)",
"product": {
"name": "Atlassian Jira \u003c9.12.25 (LTS)",
"product_id": "T045455"
}
},
{
"category": "product_version",
"name": "9.12.25 (LTS)",
"product": {
"name": "Atlassian Jira 9.12.25 (LTS)",
"product_id": "T045455-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:jira:9.12.25_%28lts%29"
}
}
}
],
"category": "product_name",
"name": "Jira"
}
],
"category": "vendor",
"name": "Atlassian"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c9.4.0",
"product": {
"name": "Splunk Splunk Enterprise \u003c9.4.0",
"product_id": "T042184"
}
},
{
"category": "product_version",
"name": "9.4.0",
"product": {
"name": "Splunk Splunk Enterprise 9.4.0",
"product_id": "T042184-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:splunk:splunk:9.4.0"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.3.3",
"product": {
"name": "Splunk Splunk Enterprise \u003c9.3.3",
"product_id": "T042185"
}
},
{
"category": "product_version",
"name": "9.3.3",
"product": {
"name": "Splunk Splunk Enterprise 9.3.3",
"product_id": "T042185-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:splunk:splunk:9.3.3"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.2.5",
"product": {
"name": "Splunk Splunk Enterprise \u003c9.2.5",
"product_id": "T042186"
}
},
{
"category": "product_version",
"name": "9.2.5",
"product": {
"name": "Splunk Splunk Enterprise 9.2.5",
"product_id": "T042186-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:splunk:splunk:9.2.5"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.1.8",
"product": {
"name": "Splunk Splunk Enterprise \u003c9.1.8",
"product_id": "T042187"
}
},
{
"category": "product_version",
"name": "9.1.8",
"product": {
"name": "Splunk Splunk Enterprise 9.1.8",
"product_id": "T042187-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:splunk:splunk:9.1.8"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.4.1",
"product": {
"name": "Splunk Splunk Enterprise \u003c9.4.1",
"product_id": "T042188"
}
},
{
"category": "product_version",
"name": "9.4.1",
"product": {
"name": "Splunk Splunk Enterprise 9.4.1",
"product_id": "T042188-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:splunk:splunk:9.4.1"
}
}
},
{
"category": "product_version_range",
"name": "SplunkApp Lookup File Editing \u003c4.0.5",
"product": {
"name": "Splunk Splunk Enterprise SplunkApp Lookup File Editing \u003c4.0.5",
"product_id": "T042189"
}
},
{
"category": "product_version",
"name": "SplunkApp Lookup File Editing 4.0.5",
"product": {
"name": "Splunk Splunk Enterprise SplunkApp Lookup File Editing 4.0.5",
"product_id": "T042189-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:splunk:splunk:splunkapp_lookup_file_editing__4.0.5"
}
}
},
{
"category": "product_version_range",
"name": "SplunkApp Data Science and Deep Learning \u003c5.2.0",
"product": {
"name": "Splunk Splunk Enterprise SplunkApp Data Science and Deep Learning \u003c5.2.0",
"product_id": "T042190"
}
},
{
"category": "product_version",
"name": "SplunkApp Data Science and Deep Learning 5.2.0",
"product": {
"name": "Splunk Splunk Enterprise SplunkApp Data Science and Deep Learning 5.2.0",
"product_id": "T042190-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:splunk:splunk:splunkapp_data_science_and_deep_learning__5.2.0"
}
}
},
{
"category": "product_version_range",
"name": "Spunk DB Connect \u003c4.0.0",
"product": {
"name": "Splunk Splunk Enterprise Spunk DB Connect \u003c4.0.0",
"product_id": "T042191"
}
},
{
"category": "product_version",
"name": "Spunk DB Connect 4.0.0",
"product": {
"name": "Splunk Splunk Enterprise Spunk DB Connect 4.0.0",
"product_id": "T042191-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:splunk:splunk:spunk_db_connect__4.0.0"
}
}
},
{
"category": "product_version_range",
"name": "Splunk Add-on Microsoft Cloud \u003c5.4.3",
"product": {
"name": "Splunk Splunk Enterprise Splunk Add-on Microsoft Cloud \u003c5.4.3",
"product_id": "T042192"
}
},
{
"category": "product_version",
"name": "Splunk Add-on Microsoft Cloud 5.4.3",
"product": {
"name": "Splunk Splunk Enterprise Splunk Add-on Microsoft Cloud 5.4.3",
"product_id": "T042192-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:splunk:splunk:splunk_add-on_microsoft_cloud__5.4.3"
}
}
},
{
"category": "product_version_range",
"name": "Splunk Infrastructure Monitoring Add-on \u003c1.2.7",
"product": {
"name": "Splunk Splunk Enterprise Splunk Infrastructure Monitoring Add-on \u003c1.2.7",
"product_id": "T042194"
}
},
{
"category": "product_version",
"name": "Splunk Infrastructure Monitoring Add-on 1.2.7",
"product": {
"name": "Splunk Splunk Enterprise Splunk Infrastructure Monitoring Add-on 1.2.7",
"product_id": "T042194-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:splunk:splunk:splunk_infrastructure_monitoring_add-on__1.2.7"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.4.2",
"product": {
"name": "Splunk Splunk Enterprise \u003c9.4.2",
"product_id": "T044257"
}
},
{
"category": "product_version",
"name": "9.4.2",
"product": {
"name": "Splunk Splunk Enterprise 9.4.2",
"product_id": "T044257-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:splunk:splunk:9.4.2"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.3.4",
"product": {
"name": "Splunk Splunk Enterprise \u003c9.3.4",
"product_id": "T044258"
}
},
{
"category": "product_version",
"name": "9.3.4",
"product": {
"name": "Splunk Splunk Enterprise 9.3.4",
"product_id": "T044258-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:splunk:splunk:9.3.4"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.2.6",
"product": {
"name": "Splunk Splunk Enterprise \u003c9.2.6",
"product_id": "T044259"
}
},
{
"category": "product_version",
"name": "9.2.6",
"product": {
"name": "Splunk Splunk Enterprise 9.2.6",
"product_id": "T044259-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:splunk:splunk:9.2.6"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.1.9",
"product": {
"name": "Splunk Splunk Enterprise \u003c9.1.9",
"product_id": "T044260"
}
},
{
"category": "product_version",
"name": "9.1.9",
"product": {
"name": "Splunk Splunk Enterprise 9.1.9",
"product_id": "T044260-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:splunk:splunk:9.1.9"
}
}
}
],
"category": "product_name",
"name": "Splunk Enterprise"
}
],
"category": "vendor",
"name": "Splunk"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-20230",
"product_status": {
"known_affected": [
"T044258",
"T044257",
"T044259",
"T044260",
"T042184",
"T042185",
"T045453",
"T042186",
"T048677",
"T042187",
"T045455",
"T048676",
"T042188",
"T045454",
"T048675"
]
},
"release_date": "2025-03-26T23:00:00.000+00:00",
"title": "CVE-2025-20230"
},
{
"cve": "CVE-2025-20227",
"product_status": {
"known_affected": [
"T044258",
"T044257",
"T044259",
"T044260",
"T042184",
"T042185",
"T045453",
"T042186",
"T048677",
"T042187",
"T045455",
"T048676",
"T042188",
"T045454",
"T048675"
]
},
"release_date": "2025-03-26T23:00:00.000+00:00",
"title": "CVE-2025-20227"
},
{
"cve": "CVE-2025-20228",
"product_status": {
"known_affected": [
"T044258",
"T044257",
"T044259",
"T044260",
"T042185",
"T045453",
"T042186",
"T048677",
"T042187",
"T045455",
"T048676",
"T045454",
"T048675"
]
},
"release_date": "2025-03-26T23:00:00.000+00:00",
"title": "CVE-2025-20228"
},
{
"cve": "CVE-2025-20229",
"product_status": {
"known_affected": [
"T044258",
"T044257",
"T044259",
"T044260",
"T042184",
"T042185",
"T045453",
"T042186",
"T048677",
"T042187",
"T045455",
"T048676",
"T045454",
"T048675"
]
},
"release_date": "2025-03-26T23:00:00.000+00:00",
"title": "CVE-2025-20229"
},
{
"cve": "CVE-2025-20231",
"product_status": {
"known_affected": [
"T044258",
"T044257",
"T044259",
"T044260",
"T042184",
"T042185",
"T045453",
"T042186",
"T048677",
"T042187",
"T045455",
"T048676",
"T042188",
"T045454",
"T048675"
]
},
"release_date": "2025-03-26T23:00:00.000+00:00",
"title": "CVE-2025-20231"
},
{
"cve": "CVE-2025-20226",
"product_status": {
"known_affected": [
"T044258",
"T044257",
"T044259",
"T044260",
"T042185",
"T045453",
"T042186",
"T048677",
"T042187",
"T045455",
"T048676",
"T045454",
"T048675"
]
},
"release_date": "2025-03-26T23:00:00.000+00:00",
"title": "CVE-2025-20226"
},
{
"cve": "CVE-2025-20232",
"product_status": {
"known_affected": [
"T044258",
"T044257",
"T044259",
"T044260",
"T042185",
"T045453",
"T042186",
"T048677",
"T042187",
"T045455",
"T048676",
"T045454",
"T048675"
]
},
"release_date": "2025-03-26T23:00:00.000+00:00",
"title": "CVE-2025-20232"
},
{
"cve": "CVE-2025-20233",
"product_status": {
"known_affected": [
"T042189",
"T044258",
"T044257",
"T044259",
"T044260",
"T045453",
"T048677",
"T045455",
"T048676",
"T045454",
"T048675"
]
},
"release_date": "2025-03-26T23:00:00.000+00:00",
"title": "CVE-2025-20233"
},
{
"cve": "CVE-2023-5363",
"product_status": {
"known_affected": [
"T042190",
"T042191",
"T042189",
"T044258",
"T044257",
"T044259",
"T042192",
"T044260",
"T042194",
"T042184",
"T042185",
"T045453",
"T042186",
"T048677",
"T042187",
"T045455",
"T048676",
"T042188",
"T045454",
"T048675"
]
},
"release_date": "2025-03-26T23:00:00.000+00:00",
"title": "CVE-2023-5363"
},
{
"cve": "CVE-2024-21090",
"product_status": {
"known_affected": [
"T042190",
"T042191",
"T042189",
"T044258",
"T044257",
"T044259",
"T042192",
"T044260",
"T042194",
"T042184",
"T042185",
"T045453",
"T042186",
"T048677",
"T042187",
"T045455",
"T048676",
"T042188",
"T045454",
"T048675"
]
},
"release_date": "2025-03-26T23:00:00.000+00:00",
"title": "CVE-2024-21090"
},
{
"cve": "CVE-2024-21272",
"product_status": {
"known_affected": [
"T042190",
"T042191",
"T042189",
"T044258",
"T044257",
"T044259",
"T042192",
"T044260",
"T042194",
"T042184",
"T042185",
"T045453",
"T042186",
"T048677",
"T042187",
"T045455",
"T048676",
"T042188",
"T045454",
"T048675"
]
},
"release_date": "2025-03-26T23:00:00.000+00:00",
"title": "CVE-2024-21272"
},
{
"cve": "CVE-2024-2511",
"product_status": {
"known_affected": [
"T042190",
"T042191",
"T042189",
"T044258",
"T044257",
"T044259",
"T042192",
"T044260",
"T042194",
"T042184",
"T042185",
"T045453",
"T042186",
"T048677",
"T042187",
"T045455",
"T048676",
"T042188",
"T045454",
"T048675"
]
},
"release_date": "2025-03-26T23:00:00.000+00:00",
"title": "CVE-2024-2511"
},
{
"cve": "CVE-2024-29857",
"product_status": {
"known_affected": [
"T042190",
"T042191",
"T042189",
"T044258",
"T044257",
"T044259",
"T042192",
"T044260",
"T042194",
"T042184",
"T042185",
"T045453",
"T042186",
"T048677",
"T042187",
"T045455",
"T048676",
"T042188",
"T045454",
"T048675"
]
},
"release_date": "2025-03-26T23:00:00.000+00:00",
"title": "CVE-2024-29857"
},
{
"cve": "CVE-2024-3651",
"product_status": {
"known_affected": [
"T042190",
"T042191",
"T042189",
"T044258",
"T044257",
"T044259",
"T042192",
"T044260",
"T042194",
"T042184",
"T042185",
"T045453",
"T042186",
"T048677",
"T042187",
"T045455",
"T048676",
"T042188",
"T045454",
"T048675"
]
},
"release_date": "2025-03-26T23:00:00.000+00:00",
"title": "CVE-2024-3651"
},
{
"cve": "CVE-2024-38999",
"product_status": {
"known_affected": [
"T042190",
"T042191",
"T042189",
"T044258",
"T044257",
"T044259",
"T042192",
"T044260",
"T042194",
"T042184",
"T042185",
"T045453",
"T042186",
"T048677",
"T042187",
"T045455",
"T048676",
"T042188",
"T045454",
"T048675"
]
},
"release_date": "2025-03-26T23:00:00.000+00:00",
"title": "CVE-2024-38999"
},
{
"cve": "CVE-2024-39338",
"product_status": {
"known_affected": [
"T042190",
"T042191",
"T042189",
"T044258",
"T044257",
"T044259",
"T042192",
"T044260",
"T042194",
"T042184",
"T042185",
"T045453",
"T042186",
"T048677",
"T042187",
"T045455",
"T048676",
"T042188",
"T045454",
"T048675"
]
},
"release_date": "2025-03-26T23:00:00.000+00:00",
"title": "CVE-2024-39338"
},
{
"cve": "CVE-2024-45801",
"product_status": {
"known_affected": [
"T042190",
"T042191",
"T042189",
"T044258",
"T044257",
"T044259",
"T042192",
"T044260",
"T042194",
"T042184",
"T042185",
"T045453",
"T042186",
"T048677",
"T042187",
"T045455",
"T048676",
"T042188",
"T045454",
"T048675"
]
},
"release_date": "2025-03-26T23:00:00.000+00:00",
"title": "CVE-2024-45801"
},
{
"cve": "CVE-2024-4603",
"product_status": {
"known_affected": [
"T042190",
"T042191",
"T042189",
"T044258",
"T044257",
"T044259",
"T042192",
"T044260",
"T042194",
"T042184",
"T042185",
"T045453",
"T042186",
"T048677",
"T042187",
"T045455",
"T048676",
"T042188",
"T045454",
"T048675"
]
},
"release_date": "2025-03-26T23:00:00.000+00:00",
"title": "CVE-2024-4603"
},
{
"cve": "CVE-2024-47875",
"product_status": {
"known_affected": [
"T042190",
"T042191",
"T042189",
"T044258",
"T044257",
"T044259",
"T042192",
"T044260",
"T042194",
"T042184",
"T042185",
"T045453",
"T042186",
"T048677",
"T042187",
"T045455",
"T048676",
"T042188",
"T045454",
"T048675"
]
},
"release_date": "2025-03-26T23:00:00.000+00:00",
"title": "CVE-2024-47875"
},
{
"cve": "CVE-2024-6923",
"product_status": {
"known_affected": [
"T042190",
"T042191",
"T042189",
"T044258",
"T044257",
"T044259",
"T042192",
"T044260",
"T042194",
"T042184",
"T042185",
"T045453",
"T042186",
"T048677",
"T042187",
"T045455",
"T048676",
"T042188",
"T045454",
"T048675"
]
},
"release_date": "2025-03-26T23:00:00.000+00:00",
"title": "CVE-2024-6923"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…