RHSA-2024:1946
Vulnerability from csaf_redhat - Published: 2024-04-22 12:47 - Updated: 2026-05-30 03:09Summary
Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.5.1 security update
Severity
Moderate
Notes
Topic: Red Hat OpenShift Service Mesh Containers for 2.5.1
This update has a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation.
Security Fixes:
* follow-redirects: Improper Input Validation due to the improper handling of URLs by the url.parse() (CVE-2023-26159)
* golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON (CVE-2024-24786)
* jose-go: improper handling of highly compressed data (CVE-2024-28180)
* follow-redirects: Possible credential leak (CVE-2024-28849)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
An Improper Input Validation flaw was found in follow-redirects due to the improper handling of URLs by the url.parse() function. When a new URL() throws an error, it can be manipulated to misinterpret the hostname. This issue could allow an attacker to redirect traffic to a malicious site, potentially leading to information disclosure, phishing attacks, or other security breaches.
6.1 (Medium)
Affected products
Fixed
40 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:0e198b83b0fe4e2e907f0ce44223807e717369fff4a3bd09fa323afbb5200d27_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:58b025688bca67cb9de2e97a34813d59c398b8c5aa06cb11cd63c79b322f07a7_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:69cbbf2406a18f9277244cc1cc38d50dc34faaebd5d6a74cc728c6a949ef2cf5_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:ad8da9f3b2ca43d37c25e6ac37670cfaa2e98a8d6088fccadd37e836660020e2_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:234ca069ffe78398715d16191814440da39ef08311b5e3d90c33fd604ec9c07a_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:b6a0c40c39eea955482de2cec38f6e9f2fb95ec886fc406effafb5cec581280f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:caac8c5c9753bdbd97a52295a6a836f463c21cd1bf438173575dc4db006dab55_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:d0122af40529339e7f1b2184a94c288ed3c8b731a84f7f3cc4e8ac0dcf8d8106_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0efd74c9c1d43ef220fa808ae34139bcb73b39181afc53a556285e627dbb7d93_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:8825ebc0110560418afeb12708c4068e9d1751be5ba858db94b5ad12846b50d6_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:c3fb0c75bc4c1915e570dc6e68e6a0dd38b05157e905e3a0bbe0fb83abd2b6fd_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:ddf99768023aaa4f60e43a16f9d9aa44adb91d68307f020b1dfdd92a5c11fc91_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-rhel8-operator@sha256:06890ec20acad8a9911af77b0886d61a02a96f8dcc90ecc2992c96a3a5244602_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-rhel8-operator@sha256:1690eafb1f67ea903775f66cba1c9de4275a1e70f5a985940ddcb1577348045e_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-rhel8-operator@sha256:2cb94a0220ff8d69c17f2eee8db3c6f045776d63de4dc80e1a4ab31190d5c04f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-rhel8-operator@sha256:444bf4a8adc914b762758e5f4c4b06387faf288a0f75d8c8f8413919d31c855d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:632422660922698f9662c067e4662175a0207c1a38e7ee83ac4e6186de68890b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:91837663c930e797947ccd9ac7b9939a212dda33918d53b857c5ac48de90f175_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:bc2d5e67dcd8fcda716f7b964dbaca1eccc4f6833199b60eadbad87219fdacbd_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:efeed94b8d1b84224310469a6e4be5d8db055e3f8c4e06529ba20f3e7697c955_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8-operator@sha256:07d52f116218cbfaead1559ad84e63450cedbc79823e15e3e37650090dded17e_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8-operator@sha256:326b45f0d46bd99aa22404ff9634dabefb559c68271808a2607581e6c2d73f42_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8-operator@sha256:454f36d91693411ec03f6682de6f9d47acbb172919d1b97d7ecf74795a3af827_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8-operator@sha256:4919abb410f858d91bb76654aa682a18ab9b87a6c410c5c437d2678afbbf14ee_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:44e4d5dfd252a87ca2b1ee79cf74c00e8fc7f1476f6425b3766d5858a402a8b2_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4b0a937e5860713fcc3489d8d3f01eafa4d100d561793ced0d61549e872ad9c7_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:cc42799b6ffa1c143314397a40b77cc5b266445c597a273847e9a8bb5c686297_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d885ebb70409569cf8dd77fe482e7cb46d7ca8e901e54b59bce4699216dcbd94_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:424d46b0189803fac9b7897b27fb0f0dec6f2265f6442962e4186c68c5295e04_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:b112030a03913f52d0daead03020c597bb33287fb62f781ff00077d6664f9b33_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:b451f504cb2078f363a4b184e4223289908ddf499f68bdee99f65350035276a6_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c3ba2b9acfe888f8546ea31a1d6b33759be7305c6be40a0471da03a811a733aa_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:14c27420cdb4670d8736a2baa078cc3bac8c42db54b7638d26af8822c960f074_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:a5473c6d230b69f67060283a1edfcbdf92fbcbcf0326dcef81f3e89575365806_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:cfff7a32024d0c66f1e47d6282e251c3750b8b15dfa74d098936da02a6306145_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:d4c6785e87b9565cfe2ee1e8ff5dcec76fdf70f080baa4c23fbd9d53aa01308a_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:6fb3b48cc8b524c6bd4d46aa8009f4f58682e4e414978c85e0ec0e15414bf90a_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:e52cba0676757314ad1424ffda339f793c8e4ef1f91dcabaa0118e8e282a767b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:e8334544cb16db92bc8affad46e0abc11e1803d998b19991e885220584f2b9fe_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:e961ad03bab63e966c3d4470fd5e84af8cc511134abb1774675a587b5c5404fc_ppc64le | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in Golang's protobuf module, where the unmarshal function can enter an infinite loop when processing certain invalid inputs. This issue occurs during unmarshaling into a message that includes a google.protobuf.Any or when the UnmarshalOptions.DiscardUnknown option is enabled. This flaw allows an attacker to craft malicious input tailored to trigger the identified flaw in the unmarshal function. By providing carefully constructed invalid inputs, they could potentially cause the function to enter an infinite loop, resulting in a denial of service condition or other unintended behaviors in the affected system.
5.9 (Medium)
Affected products
Fixed
40 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:0e198b83b0fe4e2e907f0ce44223807e717369fff4a3bd09fa323afbb5200d27_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:58b025688bca67cb9de2e97a34813d59c398b8c5aa06cb11cd63c79b322f07a7_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:69cbbf2406a18f9277244cc1cc38d50dc34faaebd5d6a74cc728c6a949ef2cf5_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:ad8da9f3b2ca43d37c25e6ac37670cfaa2e98a8d6088fccadd37e836660020e2_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:234ca069ffe78398715d16191814440da39ef08311b5e3d90c33fd604ec9c07a_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:b6a0c40c39eea955482de2cec38f6e9f2fb95ec886fc406effafb5cec581280f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:caac8c5c9753bdbd97a52295a6a836f463c21cd1bf438173575dc4db006dab55_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:d0122af40529339e7f1b2184a94c288ed3c8b731a84f7f3cc4e8ac0dcf8d8106_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0efd74c9c1d43ef220fa808ae34139bcb73b39181afc53a556285e627dbb7d93_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:8825ebc0110560418afeb12708c4068e9d1751be5ba858db94b5ad12846b50d6_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:c3fb0c75bc4c1915e570dc6e68e6a0dd38b05157e905e3a0bbe0fb83abd2b6fd_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:ddf99768023aaa4f60e43a16f9d9aa44adb91d68307f020b1dfdd92a5c11fc91_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-rhel8-operator@sha256:06890ec20acad8a9911af77b0886d61a02a96f8dcc90ecc2992c96a3a5244602_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-rhel8-operator@sha256:1690eafb1f67ea903775f66cba1c9de4275a1e70f5a985940ddcb1577348045e_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-rhel8-operator@sha256:2cb94a0220ff8d69c17f2eee8db3c6f045776d63de4dc80e1a4ab31190d5c04f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-rhel8-operator@sha256:444bf4a8adc914b762758e5f4c4b06387faf288a0f75d8c8f8413919d31c855d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:632422660922698f9662c067e4662175a0207c1a38e7ee83ac4e6186de68890b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:91837663c930e797947ccd9ac7b9939a212dda33918d53b857c5ac48de90f175_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:bc2d5e67dcd8fcda716f7b964dbaca1eccc4f6833199b60eadbad87219fdacbd_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:efeed94b8d1b84224310469a6e4be5d8db055e3f8c4e06529ba20f3e7697c955_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8-operator@sha256:07d52f116218cbfaead1559ad84e63450cedbc79823e15e3e37650090dded17e_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8-operator@sha256:326b45f0d46bd99aa22404ff9634dabefb559c68271808a2607581e6c2d73f42_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8-operator@sha256:454f36d91693411ec03f6682de6f9d47acbb172919d1b97d7ecf74795a3af827_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8-operator@sha256:4919abb410f858d91bb76654aa682a18ab9b87a6c410c5c437d2678afbbf14ee_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:44e4d5dfd252a87ca2b1ee79cf74c00e8fc7f1476f6425b3766d5858a402a8b2_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4b0a937e5860713fcc3489d8d3f01eafa4d100d561793ced0d61549e872ad9c7_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:cc42799b6ffa1c143314397a40b77cc5b266445c597a273847e9a8bb5c686297_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d885ebb70409569cf8dd77fe482e7cb46d7ca8e901e54b59bce4699216dcbd94_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:424d46b0189803fac9b7897b27fb0f0dec6f2265f6442962e4186c68c5295e04_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:b112030a03913f52d0daead03020c597bb33287fb62f781ff00077d6664f9b33_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:b451f504cb2078f363a4b184e4223289908ddf499f68bdee99f65350035276a6_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c3ba2b9acfe888f8546ea31a1d6b33759be7305c6be40a0471da03a811a733aa_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:14c27420cdb4670d8736a2baa078cc3bac8c42db54b7638d26af8822c960f074_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:a5473c6d230b69f67060283a1edfcbdf92fbcbcf0326dcef81f3e89575365806_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:cfff7a32024d0c66f1e47d6282e251c3750b8b15dfa74d098936da02a6306145_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:d4c6785e87b9565cfe2ee1e8ff5dcec76fdf70f080baa4c23fbd9d53aa01308a_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:6fb3b48cc8b524c6bd4d46aa8009f4f58682e4e414978c85e0ec0e15414bf90a_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:e52cba0676757314ad1424ffda339f793c8e4ef1f91dcabaa0118e8e282a767b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:e8334544cb16db92bc8affad46e0abc11e1803d998b19991e885220584f2b9fe_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:e961ad03bab63e966c3d4470fd5e84af8cc511134abb1774675a587b5c5404fc_ppc64le | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A vulnerability was found in Jose due to improper handling of highly compressed data. This issue could allow an attacker to send a JWE containing compressed data that uses large amounts of memory and CPU when decompressed by Decrypt or DecryptMulti.
4.3 (Medium)
Affected products
Fixed
40 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:0e198b83b0fe4e2e907f0ce44223807e717369fff4a3bd09fa323afbb5200d27_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:58b025688bca67cb9de2e97a34813d59c398b8c5aa06cb11cd63c79b322f07a7_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:69cbbf2406a18f9277244cc1cc38d50dc34faaebd5d6a74cc728c6a949ef2cf5_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:ad8da9f3b2ca43d37c25e6ac37670cfaa2e98a8d6088fccadd37e836660020e2_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:234ca069ffe78398715d16191814440da39ef08311b5e3d90c33fd604ec9c07a_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:b6a0c40c39eea955482de2cec38f6e9f2fb95ec886fc406effafb5cec581280f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:caac8c5c9753bdbd97a52295a6a836f463c21cd1bf438173575dc4db006dab55_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:d0122af40529339e7f1b2184a94c288ed3c8b731a84f7f3cc4e8ac0dcf8d8106_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0efd74c9c1d43ef220fa808ae34139bcb73b39181afc53a556285e627dbb7d93_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:8825ebc0110560418afeb12708c4068e9d1751be5ba858db94b5ad12846b50d6_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:c3fb0c75bc4c1915e570dc6e68e6a0dd38b05157e905e3a0bbe0fb83abd2b6fd_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:ddf99768023aaa4f60e43a16f9d9aa44adb91d68307f020b1dfdd92a5c11fc91_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-rhel8-operator@sha256:06890ec20acad8a9911af77b0886d61a02a96f8dcc90ecc2992c96a3a5244602_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-rhel8-operator@sha256:1690eafb1f67ea903775f66cba1c9de4275a1e70f5a985940ddcb1577348045e_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-rhel8-operator@sha256:2cb94a0220ff8d69c17f2eee8db3c6f045776d63de4dc80e1a4ab31190d5c04f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-rhel8-operator@sha256:444bf4a8adc914b762758e5f4c4b06387faf288a0f75d8c8f8413919d31c855d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:632422660922698f9662c067e4662175a0207c1a38e7ee83ac4e6186de68890b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:91837663c930e797947ccd9ac7b9939a212dda33918d53b857c5ac48de90f175_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:bc2d5e67dcd8fcda716f7b964dbaca1eccc4f6833199b60eadbad87219fdacbd_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:efeed94b8d1b84224310469a6e4be5d8db055e3f8c4e06529ba20f3e7697c955_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8-operator@sha256:07d52f116218cbfaead1559ad84e63450cedbc79823e15e3e37650090dded17e_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8-operator@sha256:326b45f0d46bd99aa22404ff9634dabefb559c68271808a2607581e6c2d73f42_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8-operator@sha256:454f36d91693411ec03f6682de6f9d47acbb172919d1b97d7ecf74795a3af827_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8-operator@sha256:4919abb410f858d91bb76654aa682a18ab9b87a6c410c5c437d2678afbbf14ee_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:44e4d5dfd252a87ca2b1ee79cf74c00e8fc7f1476f6425b3766d5858a402a8b2_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4b0a937e5860713fcc3489d8d3f01eafa4d100d561793ced0d61549e872ad9c7_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:cc42799b6ffa1c143314397a40b77cc5b266445c597a273847e9a8bb5c686297_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d885ebb70409569cf8dd77fe482e7cb46d7ca8e901e54b59bce4699216dcbd94_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:424d46b0189803fac9b7897b27fb0f0dec6f2265f6442962e4186c68c5295e04_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:b112030a03913f52d0daead03020c597bb33287fb62f781ff00077d6664f9b33_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:b451f504cb2078f363a4b184e4223289908ddf499f68bdee99f65350035276a6_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c3ba2b9acfe888f8546ea31a1d6b33759be7305c6be40a0471da03a811a733aa_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:14c27420cdb4670d8736a2baa078cc3bac8c42db54b7638d26af8822c960f074_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:a5473c6d230b69f67060283a1edfcbdf92fbcbcf0326dcef81f3e89575365806_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:cfff7a32024d0c66f1e47d6282e251c3750b8b15dfa74d098936da02a6306145_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:d4c6785e87b9565cfe2ee1e8ff5dcec76fdf70f080baa4c23fbd9d53aa01308a_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:6fb3b48cc8b524c6bd4d46aa8009f4f58682e4e414978c85e0ec0e15414bf90a_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:e52cba0676757314ad1424ffda339f793c8e4ef1f91dcabaa0118e8e282a767b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:e8334544cb16db92bc8affad46e0abc11e1803d998b19991e885220584f2b9fe_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:e961ad03bab63e966c3d4470fd5e84af8cc511134abb1774675a587b5c5404fc_ppc64le | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A vulnerability was found in the follow-redirects package. While processing the cross-domain redirection, `follow-redirects` clears authorization headers, however, it misses clearing proxy-authentication headers, which contain credentials as well. This issue may lead to credential leaking, having a high impact on data confidentiality.
6.5 (Medium)
Affected products
Fixed
40 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:0e198b83b0fe4e2e907f0ce44223807e717369fff4a3bd09fa323afbb5200d27_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:58b025688bca67cb9de2e97a34813d59c398b8c5aa06cb11cd63c79b322f07a7_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:69cbbf2406a18f9277244cc1cc38d50dc34faaebd5d6a74cc728c6a949ef2cf5_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:ad8da9f3b2ca43d37c25e6ac37670cfaa2e98a8d6088fccadd37e836660020e2_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:234ca069ffe78398715d16191814440da39ef08311b5e3d90c33fd604ec9c07a_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:b6a0c40c39eea955482de2cec38f6e9f2fb95ec886fc406effafb5cec581280f_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:caac8c5c9753bdbd97a52295a6a836f463c21cd1bf438173575dc4db006dab55_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:d0122af40529339e7f1b2184a94c288ed3c8b731a84f7f3cc4e8ac0dcf8d8106_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0efd74c9c1d43ef220fa808ae34139bcb73b39181afc53a556285e627dbb7d93_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:8825ebc0110560418afeb12708c4068e9d1751be5ba858db94b5ad12846b50d6_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:c3fb0c75bc4c1915e570dc6e68e6a0dd38b05157e905e3a0bbe0fb83abd2b6fd_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:ddf99768023aaa4f60e43a16f9d9aa44adb91d68307f020b1dfdd92a5c11fc91_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-rhel8-operator@sha256:06890ec20acad8a9911af77b0886d61a02a96f8dcc90ecc2992c96a3a5244602_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-rhel8-operator@sha256:1690eafb1f67ea903775f66cba1c9de4275a1e70f5a985940ddcb1577348045e_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-rhel8-operator@sha256:2cb94a0220ff8d69c17f2eee8db3c6f045776d63de4dc80e1a4ab31190d5c04f_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-rhel8-operator@sha256:444bf4a8adc914b762758e5f4c4b06387faf288a0f75d8c8f8413919d31c855d_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:632422660922698f9662c067e4662175a0207c1a38e7ee83ac4e6186de68890b_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:91837663c930e797947ccd9ac7b9939a212dda33918d53b857c5ac48de90f175_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:bc2d5e67dcd8fcda716f7b964dbaca1eccc4f6833199b60eadbad87219fdacbd_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:efeed94b8d1b84224310469a6e4be5d8db055e3f8c4e06529ba20f3e7697c955_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8-operator@sha256:07d52f116218cbfaead1559ad84e63450cedbc79823e15e3e37650090dded17e_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8-operator@sha256:326b45f0d46bd99aa22404ff9634dabefb559c68271808a2607581e6c2d73f42_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8-operator@sha256:454f36d91693411ec03f6682de6f9d47acbb172919d1b97d7ecf74795a3af827_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8-operator@sha256:4919abb410f858d91bb76654aa682a18ab9b87a6c410c5c437d2678afbbf14ee_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:44e4d5dfd252a87ca2b1ee79cf74c00e8fc7f1476f6425b3766d5858a402a8b2_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4b0a937e5860713fcc3489d8d3f01eafa4d100d561793ced0d61549e872ad9c7_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:cc42799b6ffa1c143314397a40b77cc5b266445c597a273847e9a8bb5c686297_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d885ebb70409569cf8dd77fe482e7cb46d7ca8e901e54b59bce4699216dcbd94_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:424d46b0189803fac9b7897b27fb0f0dec6f2265f6442962e4186c68c5295e04_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:b112030a03913f52d0daead03020c597bb33287fb62f781ff00077d6664f9b33_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:b451f504cb2078f363a4b184e4223289908ddf499f68bdee99f65350035276a6_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c3ba2b9acfe888f8546ea31a1d6b33759be7305c6be40a0471da03a811a733aa_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:14c27420cdb4670d8736a2baa078cc3bac8c42db54b7638d26af8822c960f074_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:a5473c6d230b69f67060283a1edfcbdf92fbcbcf0326dcef81f3e89575365806_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:cfff7a32024d0c66f1e47d6282e251c3750b8b15dfa74d098936da02a6306145_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:d4c6785e87b9565cfe2ee1e8ff5dcec76fdf70f080baa4c23fbd9d53aa01308a_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:6fb3b48cc8b524c6bd4d46aa8009f4f58682e4e414978c85e0ec0e15414bf90a_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:e52cba0676757314ad1424ffda339f793c8e4ef1f91dcabaa0118e8e282a767b_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:e8334544cb16db92bc8affad46e0abc11e1803d998b19991e885220584f2b9fe_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:e961ad03bab63e966c3d4470fd5e84af8cc511134abb1774675a587b5c5404fc_ppc64le | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
References
39 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Service Mesh Containers for 2.5.1\n\nThis update has a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Service Mesh is Red Hat\u0027s distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation.\n\nSecurity Fixes:\n\n* follow-redirects: Improper Input Validation due to the improper handling of URLs by the url.parse() (CVE-2023-26159)\n* golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON (CVE-2024-24786)\n* jose-go: improper handling of highly compressed data (CVE-2024-28180)\n* follow-redirects: Possible credential leak (CVE-2024-28849)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:1946",
"url": "https://access.redhat.com/errata/RHSA-2024:1946"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "OSSM-5541",
"url": "https://issues.redhat.com/browse/OSSM-5541"
},
{
"category": "external",
"summary": "OSSM-5902",
"url": "https://issues.redhat.com/browse/OSSM-5902"
},
{
"category": "external",
"summary": "OSSM-5959",
"url": "https://issues.redhat.com/browse/OSSM-5959"
},
{
"category": "external",
"summary": "OSSM-5960",
"url": "https://issues.redhat.com/browse/OSSM-5960"
},
{
"category": "external",
"summary": "OSSM-5961",
"url": "https://issues.redhat.com/browse/OSSM-5961"
},
{
"category": "external",
"summary": "OSSM-5997",
"url": "https://issues.redhat.com/browse/OSSM-5997"
},
{
"category": "external",
"summary": "OSSM-6080",
"url": "https://issues.redhat.com/browse/OSSM-6080"
},
{
"category": "external",
"summary": "OSSM-6099",
"url": "https://issues.redhat.com/browse/OSSM-6099"
},
{
"category": "external",
"summary": "OSSM-6101",
"url": "https://issues.redhat.com/browse/OSSM-6101"
},
{
"category": "external",
"summary": "OSSM-6148",
"url": "https://issues.redhat.com/browse/OSSM-6148"
},
{
"category": "external",
"summary": "OSSM-6163",
"url": "https://issues.redhat.com/browse/OSSM-6163"
},
{
"category": "external",
"summary": "OSSM-6177",
"url": "https://issues.redhat.com/browse/OSSM-6177"
},
{
"category": "external",
"summary": "OSSM-6261",
"url": "https://issues.redhat.com/browse/OSSM-6261"
},
{
"category": "external",
"summary": "OSSM-6264",
"url": "https://issues.redhat.com/browse/OSSM-6264"
},
{
"category": "external",
"summary": "OSSM-6289",
"url": "https://issues.redhat.com/browse/OSSM-6289"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_1946.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.5.1 security update",
"tracking": {
"current_release_date": "2026-05-30T03:09:56+00:00",
"generator": {
"date": "2026-05-30T03:09:56+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHSA-2024:1946",
"initial_release_date": "2024-04-22T12:47:08+00:00",
"revision_history": [
{
"date": "2024-04-22T12:47:08+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-04-22T12:47:08+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-30T03:09:56+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHOSSM 2.5 for RHEL 8",
"product": {
"name": "RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:service_mesh:2.5::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Service Mesh"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:632422660922698f9662c067e4662175a0207c1a38e7ee83ac4e6186de68890b_s390x",
"product": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:632422660922698f9662c067e4662175a0207c1a38e7ee83ac4e6186de68890b_s390x",
"product_id": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:632422660922698f9662c067e4662175a0207c1a38e7ee83ac4e6186de68890b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel8@sha256:632422660922698f9662c067e4662175a0207c1a38e7ee83ac4e6186de68890b?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8\u0026tag=1.73.7-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:234ca069ffe78398715d16191814440da39ef08311b5e3d90c33fd604ec9c07a_s390x",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:234ca069ffe78398715d16191814440da39ef08311b5e3d90c33fd604ec9c07a_s390x",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:234ca069ffe78398715d16191814440da39ef08311b5e3d90c33fd604ec9c07a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:234ca069ffe78398715d16191814440da39ef08311b5e3d90c33fd604ec9c07a?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.5.1-8"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:58b025688bca67cb9de2e97a34813d59c398b8c5aa06cb11cd63c79b322f07a7_s390x",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:58b025688bca67cb9de2e97a34813d59c398b8c5aa06cb11cd63c79b322f07a7_s390x",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:58b025688bca67cb9de2e97a34813d59c398b8c5aa06cb11cd63c79b322f07a7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:58b025688bca67cb9de2e97a34813d59c398b8c5aa06cb11cd63c79b322f07a7?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.5.1-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:cc42799b6ffa1c143314397a40b77cc5b266445c597a273847e9a8bb5c686297_s390x",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:cc42799b6ffa1c143314397a40b77cc5b266445c597a273847e9a8bb5c686297_s390x",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:cc42799b6ffa1c143314397a40b77cc5b266445c597a273847e9a8bb5c686297_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:cc42799b6ffa1c143314397a40b77cc5b266445c597a273847e9a8bb5c686297?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.73.7-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:07d52f116218cbfaead1559ad84e63450cedbc79823e15e3e37650090dded17e_s390x",
"product": {
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:07d52f116218cbfaead1559ad84e63450cedbc79823e15e3e37650090dded17e_s390x",
"product_id": "openshift-service-mesh/kiali-rhel8-operator@sha256:07d52f116218cbfaead1559ad84e63450cedbc79823e15e3e37650090dded17e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8-operator@sha256:07d52f116218cbfaead1559ad84e63450cedbc79823e15e3e37650090dded17e?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8-operator\u0026tag=1.73.7-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:c3fb0c75bc4c1915e570dc6e68e6a0dd38b05157e905e3a0bbe0fb83abd2b6fd_s390x",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:c3fb0c75bc4c1915e570dc6e68e6a0dd38b05157e905e3a0bbe0fb83abd2b6fd_s390x",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:c3fb0c75bc4c1915e570dc6e68e6a0dd38b05157e905e3a0bbe0fb83abd2b6fd_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:c3fb0c75bc4c1915e570dc6e68e6a0dd38b05157e905e3a0bbe0fb83abd2b6fd?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.5.1-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:1690eafb1f67ea903775f66cba1c9de4275a1e70f5a985940ddcb1577348045e_s390x",
"product": {
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:1690eafb1f67ea903775f66cba1c9de4275a1e70f5a985940ddcb1577348045e_s390x",
"product_id": "openshift-service-mesh/istio-rhel8-operator@sha256:1690eafb1f67ea903775f66cba1c9de4275a1e70f5a985940ddcb1577348045e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-rhel8-operator@sha256:1690eafb1f67ea903775f66cba1c9de4275a1e70f5a985940ddcb1577348045e?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-rhel8-operator\u0026tag=2.5.1-7"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:424d46b0189803fac9b7897b27fb0f0dec6f2265f6442962e4186c68c5295e04_s390x",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:424d46b0189803fac9b7897b27fb0f0dec6f2265f6442962e4186c68c5295e04_s390x",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:424d46b0189803fac9b7897b27fb0f0dec6f2265f6442962e4186c68c5295e04_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:424d46b0189803fac9b7897b27fb0f0dec6f2265f6442962e4186c68c5295e04?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.5.1-8"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:d4c6785e87b9565cfe2ee1e8ff5dcec76fdf70f080baa4c23fbd9d53aa01308a_s390x",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:d4c6785e87b9565cfe2ee1e8ff5dcec76fdf70f080baa4c23fbd9d53aa01308a_s390x",
"product_id": "openshift-service-mesh/proxyv2-rhel8@sha256:d4c6785e87b9565cfe2ee1e8ff5dcec76fdf70f080baa4c23fbd9d53aa01308a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel8@sha256:d4c6785e87b9565cfe2ee1e8ff5dcec76fdf70f080baa4c23fbd9d53aa01308a?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8\u0026tag=2.5.1-8"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:6fb3b48cc8b524c6bd4d46aa8009f4f58682e4e414978c85e0ec0e15414bf90a_s390x",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:6fb3b48cc8b524c6bd4d46aa8009f4f58682e4e414978c85e0ec0e15414bf90a_s390x",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:6fb3b48cc8b524c6bd4d46aa8009f4f58682e4e414978c85e0ec0e15414bf90a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:6fb3b48cc8b524c6bd4d46aa8009f4f58682e4e414978c85e0ec0e15414bf90a?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.5.1-2"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:efeed94b8d1b84224310469a6e4be5d8db055e3f8c4e06529ba20f3e7697c955_amd64",
"product": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:efeed94b8d1b84224310469a6e4be5d8db055e3f8c4e06529ba20f3e7697c955_amd64",
"product_id": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:efeed94b8d1b84224310469a6e4be5d8db055e3f8c4e06529ba20f3e7697c955_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel8@sha256:efeed94b8d1b84224310469a6e4be5d8db055e3f8c4e06529ba20f3e7697c955?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8\u0026tag=1.73.7-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:caac8c5c9753bdbd97a52295a6a836f463c21cd1bf438173575dc4db006dab55_amd64",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:caac8c5c9753bdbd97a52295a6a836f463c21cd1bf438173575dc4db006dab55_amd64",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:caac8c5c9753bdbd97a52295a6a836f463c21cd1bf438173575dc4db006dab55_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:caac8c5c9753bdbd97a52295a6a836f463c21cd1bf438173575dc4db006dab55?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.5.1-8"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:0e198b83b0fe4e2e907f0ce44223807e717369fff4a3bd09fa323afbb5200d27_amd64",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:0e198b83b0fe4e2e907f0ce44223807e717369fff4a3bd09fa323afbb5200d27_amd64",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:0e198b83b0fe4e2e907f0ce44223807e717369fff4a3bd09fa323afbb5200d27_amd64",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:0e198b83b0fe4e2e907f0ce44223807e717369fff4a3bd09fa323afbb5200d27?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.5.1-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:d885ebb70409569cf8dd77fe482e7cb46d7ca8e901e54b59bce4699216dcbd94_amd64",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:d885ebb70409569cf8dd77fe482e7cb46d7ca8e901e54b59bce4699216dcbd94_amd64",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:d885ebb70409569cf8dd77fe482e7cb46d7ca8e901e54b59bce4699216dcbd94_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:d885ebb70409569cf8dd77fe482e7cb46d7ca8e901e54b59bce4699216dcbd94?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.73.7-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:4919abb410f858d91bb76654aa682a18ab9b87a6c410c5c437d2678afbbf14ee_amd64",
"product": {
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:4919abb410f858d91bb76654aa682a18ab9b87a6c410c5c437d2678afbbf14ee_amd64",
"product_id": "openshift-service-mesh/kiali-rhel8-operator@sha256:4919abb410f858d91bb76654aa682a18ab9b87a6c410c5c437d2678afbbf14ee_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8-operator@sha256:4919abb410f858d91bb76654aa682a18ab9b87a6c410c5c437d2678afbbf14ee?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8-operator\u0026tag=1.73.7-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:8825ebc0110560418afeb12708c4068e9d1751be5ba858db94b5ad12846b50d6_amd64",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:8825ebc0110560418afeb12708c4068e9d1751be5ba858db94b5ad12846b50d6_amd64",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:8825ebc0110560418afeb12708c4068e9d1751be5ba858db94b5ad12846b50d6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:8825ebc0110560418afeb12708c4068e9d1751be5ba858db94b5ad12846b50d6?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.5.1-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:2cb94a0220ff8d69c17f2eee8db3c6f045776d63de4dc80e1a4ab31190d5c04f_amd64",
"product": {
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:2cb94a0220ff8d69c17f2eee8db3c6f045776d63de4dc80e1a4ab31190d5c04f_amd64",
"product_id": "openshift-service-mesh/istio-rhel8-operator@sha256:2cb94a0220ff8d69c17f2eee8db3c6f045776d63de4dc80e1a4ab31190d5c04f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-rhel8-operator@sha256:2cb94a0220ff8d69c17f2eee8db3c6f045776d63de4dc80e1a4ab31190d5c04f?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-rhel8-operator\u0026tag=2.5.1-7"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:b451f504cb2078f363a4b184e4223289908ddf499f68bdee99f65350035276a6_amd64",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:b451f504cb2078f363a4b184e4223289908ddf499f68bdee99f65350035276a6_amd64",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:b451f504cb2078f363a4b184e4223289908ddf499f68bdee99f65350035276a6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:b451f504cb2078f363a4b184e4223289908ddf499f68bdee99f65350035276a6?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.5.1-8"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:a5473c6d230b69f67060283a1edfcbdf92fbcbcf0326dcef81f3e89575365806_amd64",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:a5473c6d230b69f67060283a1edfcbdf92fbcbcf0326dcef81f3e89575365806_amd64",
"product_id": "openshift-service-mesh/proxyv2-rhel8@sha256:a5473c6d230b69f67060283a1edfcbdf92fbcbcf0326dcef81f3e89575365806_amd64",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel8@sha256:a5473c6d230b69f67060283a1edfcbdf92fbcbcf0326dcef81f3e89575365806?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8\u0026tag=2.5.1-8"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:e8334544cb16db92bc8affad46e0abc11e1803d998b19991e885220584f2b9fe_amd64",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:e8334544cb16db92bc8affad46e0abc11e1803d998b19991e885220584f2b9fe_amd64",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:e8334544cb16db92bc8affad46e0abc11e1803d998b19991e885220584f2b9fe_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:e8334544cb16db92bc8affad46e0abc11e1803d998b19991e885220584f2b9fe?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.5.1-2"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:bc2d5e67dcd8fcda716f7b964dbaca1eccc4f6833199b60eadbad87219fdacbd_ppc64le",
"product": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:bc2d5e67dcd8fcda716f7b964dbaca1eccc4f6833199b60eadbad87219fdacbd_ppc64le",
"product_id": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:bc2d5e67dcd8fcda716f7b964dbaca1eccc4f6833199b60eadbad87219fdacbd_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel8@sha256:bc2d5e67dcd8fcda716f7b964dbaca1eccc4f6833199b60eadbad87219fdacbd?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8\u0026tag=1.73.7-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:b6a0c40c39eea955482de2cec38f6e9f2fb95ec886fc406effafb5cec581280f_ppc64le",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:b6a0c40c39eea955482de2cec38f6e9f2fb95ec886fc406effafb5cec581280f_ppc64le",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:b6a0c40c39eea955482de2cec38f6e9f2fb95ec886fc406effafb5cec581280f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:b6a0c40c39eea955482de2cec38f6e9f2fb95ec886fc406effafb5cec581280f?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.5.1-8"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:ad8da9f3b2ca43d37c25e6ac37670cfaa2e98a8d6088fccadd37e836660020e2_ppc64le",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:ad8da9f3b2ca43d37c25e6ac37670cfaa2e98a8d6088fccadd37e836660020e2_ppc64le",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:ad8da9f3b2ca43d37c25e6ac37670cfaa2e98a8d6088fccadd37e836660020e2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:ad8da9f3b2ca43d37c25e6ac37670cfaa2e98a8d6088fccadd37e836660020e2?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.5.1-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:44e4d5dfd252a87ca2b1ee79cf74c00e8fc7f1476f6425b3766d5858a402a8b2_ppc64le",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:44e4d5dfd252a87ca2b1ee79cf74c00e8fc7f1476f6425b3766d5858a402a8b2_ppc64le",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:44e4d5dfd252a87ca2b1ee79cf74c00e8fc7f1476f6425b3766d5858a402a8b2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:44e4d5dfd252a87ca2b1ee79cf74c00e8fc7f1476f6425b3766d5858a402a8b2?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.73.7-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:326b45f0d46bd99aa22404ff9634dabefb559c68271808a2607581e6c2d73f42_ppc64le",
"product": {
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:326b45f0d46bd99aa22404ff9634dabefb559c68271808a2607581e6c2d73f42_ppc64le",
"product_id": "openshift-service-mesh/kiali-rhel8-operator@sha256:326b45f0d46bd99aa22404ff9634dabefb559c68271808a2607581e6c2d73f42_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8-operator@sha256:326b45f0d46bd99aa22404ff9634dabefb559c68271808a2607581e6c2d73f42?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8-operator\u0026tag=1.73.7-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:0efd74c9c1d43ef220fa808ae34139bcb73b39181afc53a556285e627dbb7d93_ppc64le",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:0efd74c9c1d43ef220fa808ae34139bcb73b39181afc53a556285e627dbb7d93_ppc64le",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:0efd74c9c1d43ef220fa808ae34139bcb73b39181afc53a556285e627dbb7d93_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:0efd74c9c1d43ef220fa808ae34139bcb73b39181afc53a556285e627dbb7d93?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.5.1-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:06890ec20acad8a9911af77b0886d61a02a96f8dcc90ecc2992c96a3a5244602_ppc64le",
"product": {
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:06890ec20acad8a9911af77b0886d61a02a96f8dcc90ecc2992c96a3a5244602_ppc64le",
"product_id": "openshift-service-mesh/istio-rhel8-operator@sha256:06890ec20acad8a9911af77b0886d61a02a96f8dcc90ecc2992c96a3a5244602_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-rhel8-operator@sha256:06890ec20acad8a9911af77b0886d61a02a96f8dcc90ecc2992c96a3a5244602?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-rhel8-operator\u0026tag=2.5.1-7"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:c3ba2b9acfe888f8546ea31a1d6b33759be7305c6be40a0471da03a811a733aa_ppc64le",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:c3ba2b9acfe888f8546ea31a1d6b33759be7305c6be40a0471da03a811a733aa_ppc64le",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:c3ba2b9acfe888f8546ea31a1d6b33759be7305c6be40a0471da03a811a733aa_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:c3ba2b9acfe888f8546ea31a1d6b33759be7305c6be40a0471da03a811a733aa?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.5.1-8"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:14c27420cdb4670d8736a2baa078cc3bac8c42db54b7638d26af8822c960f074_ppc64le",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:14c27420cdb4670d8736a2baa078cc3bac8c42db54b7638d26af8822c960f074_ppc64le",
"product_id": "openshift-service-mesh/proxyv2-rhel8@sha256:14c27420cdb4670d8736a2baa078cc3bac8c42db54b7638d26af8822c960f074_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel8@sha256:14c27420cdb4670d8736a2baa078cc3bac8c42db54b7638d26af8822c960f074?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8\u0026tag=2.5.1-8"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:e961ad03bab63e966c3d4470fd5e84af8cc511134abb1774675a587b5c5404fc_ppc64le",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:e961ad03bab63e966c3d4470fd5e84af8cc511134abb1774675a587b5c5404fc_ppc64le",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:e961ad03bab63e966c3d4470fd5e84af8cc511134abb1774675a587b5c5404fc_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:e961ad03bab63e966c3d4470fd5e84af8cc511134abb1774675a587b5c5404fc?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.5.1-2"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:91837663c930e797947ccd9ac7b9939a212dda33918d53b857c5ac48de90f175_arm64",
"product": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:91837663c930e797947ccd9ac7b9939a212dda33918d53b857c5ac48de90f175_arm64",
"product_id": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:91837663c930e797947ccd9ac7b9939a212dda33918d53b857c5ac48de90f175_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel8@sha256:91837663c930e797947ccd9ac7b9939a212dda33918d53b857c5ac48de90f175?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8\u0026tag=1.73.7-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:d0122af40529339e7f1b2184a94c288ed3c8b731a84f7f3cc4e8ac0dcf8d8106_arm64",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:d0122af40529339e7f1b2184a94c288ed3c8b731a84f7f3cc4e8ac0dcf8d8106_arm64",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:d0122af40529339e7f1b2184a94c288ed3c8b731a84f7f3cc4e8ac0dcf8d8106_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:d0122af40529339e7f1b2184a94c288ed3c8b731a84f7f3cc4e8ac0dcf8d8106?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.5.1-8"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:69cbbf2406a18f9277244cc1cc38d50dc34faaebd5d6a74cc728c6a949ef2cf5_arm64",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:69cbbf2406a18f9277244cc1cc38d50dc34faaebd5d6a74cc728c6a949ef2cf5_arm64",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:69cbbf2406a18f9277244cc1cc38d50dc34faaebd5d6a74cc728c6a949ef2cf5_arm64",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:69cbbf2406a18f9277244cc1cc38d50dc34faaebd5d6a74cc728c6a949ef2cf5?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.5.1-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:4b0a937e5860713fcc3489d8d3f01eafa4d100d561793ced0d61549e872ad9c7_arm64",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:4b0a937e5860713fcc3489d8d3f01eafa4d100d561793ced0d61549e872ad9c7_arm64",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:4b0a937e5860713fcc3489d8d3f01eafa4d100d561793ced0d61549e872ad9c7_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:4b0a937e5860713fcc3489d8d3f01eafa4d100d561793ced0d61549e872ad9c7?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.73.7-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:454f36d91693411ec03f6682de6f9d47acbb172919d1b97d7ecf74795a3af827_arm64",
"product": {
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:454f36d91693411ec03f6682de6f9d47acbb172919d1b97d7ecf74795a3af827_arm64",
"product_id": "openshift-service-mesh/kiali-rhel8-operator@sha256:454f36d91693411ec03f6682de6f9d47acbb172919d1b97d7ecf74795a3af827_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8-operator@sha256:454f36d91693411ec03f6682de6f9d47acbb172919d1b97d7ecf74795a3af827?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8-operator\u0026tag=1.73.7-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:ddf99768023aaa4f60e43a16f9d9aa44adb91d68307f020b1dfdd92a5c11fc91_arm64",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:ddf99768023aaa4f60e43a16f9d9aa44adb91d68307f020b1dfdd92a5c11fc91_arm64",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:ddf99768023aaa4f60e43a16f9d9aa44adb91d68307f020b1dfdd92a5c11fc91_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:ddf99768023aaa4f60e43a16f9d9aa44adb91d68307f020b1dfdd92a5c11fc91?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.5.1-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:444bf4a8adc914b762758e5f4c4b06387faf288a0f75d8c8f8413919d31c855d_arm64",
"product": {
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:444bf4a8adc914b762758e5f4c4b06387faf288a0f75d8c8f8413919d31c855d_arm64",
"product_id": "openshift-service-mesh/istio-rhel8-operator@sha256:444bf4a8adc914b762758e5f4c4b06387faf288a0f75d8c8f8413919d31c855d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-rhel8-operator@sha256:444bf4a8adc914b762758e5f4c4b06387faf288a0f75d8c8f8413919d31c855d?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-rhel8-operator\u0026tag=2.5.1-7"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:b112030a03913f52d0daead03020c597bb33287fb62f781ff00077d6664f9b33_arm64",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:b112030a03913f52d0daead03020c597bb33287fb62f781ff00077d6664f9b33_arm64",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:b112030a03913f52d0daead03020c597bb33287fb62f781ff00077d6664f9b33_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:b112030a03913f52d0daead03020c597bb33287fb62f781ff00077d6664f9b33?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.5.1-8"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:cfff7a32024d0c66f1e47d6282e251c3750b8b15dfa74d098936da02a6306145_arm64",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:cfff7a32024d0c66f1e47d6282e251c3750b8b15dfa74d098936da02a6306145_arm64",
"product_id": "openshift-service-mesh/proxyv2-rhel8@sha256:cfff7a32024d0c66f1e47d6282e251c3750b8b15dfa74d098936da02a6306145_arm64",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel8@sha256:cfff7a32024d0c66f1e47d6282e251c3750b8b15dfa74d098936da02a6306145?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8\u0026tag=2.5.1-8"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:e52cba0676757314ad1424ffda339f793c8e4ef1f91dcabaa0118e8e282a767b_arm64",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:e52cba0676757314ad1424ffda339f793c8e4ef1f91dcabaa0118e8e282a767b_arm64",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:e52cba0676757314ad1424ffda339f793c8e4ef1f91dcabaa0118e8e282a767b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:e52cba0676757314ad1424ffda339f793c8e4ef1f91dcabaa0118e8e282a767b?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.5.1-2"
}
}
}
],
"category": "architecture",
"name": "arm64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:0e198b83b0fe4e2e907f0ce44223807e717369fff4a3bd09fa323afbb5200d27_amd64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:0e198b83b0fe4e2e907f0ce44223807e717369fff4a3bd09fa323afbb5200d27_amd64"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:0e198b83b0fe4e2e907f0ce44223807e717369fff4a3bd09fa323afbb5200d27_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:58b025688bca67cb9de2e97a34813d59c398b8c5aa06cb11cd63c79b322f07a7_s390x as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:58b025688bca67cb9de2e97a34813d59c398b8c5aa06cb11cd63c79b322f07a7_s390x"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:58b025688bca67cb9de2e97a34813d59c398b8c5aa06cb11cd63c79b322f07a7_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:69cbbf2406a18f9277244cc1cc38d50dc34faaebd5d6a74cc728c6a949ef2cf5_arm64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:69cbbf2406a18f9277244cc1cc38d50dc34faaebd5d6a74cc728c6a949ef2cf5_arm64"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:69cbbf2406a18f9277244cc1cc38d50dc34faaebd5d6a74cc728c6a949ef2cf5_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:ad8da9f3b2ca43d37c25e6ac37670cfaa2e98a8d6088fccadd37e836660020e2_ppc64le as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:ad8da9f3b2ca43d37c25e6ac37670cfaa2e98a8d6088fccadd37e836660020e2_ppc64le"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:ad8da9f3b2ca43d37c25e6ac37670cfaa2e98a8d6088fccadd37e836660020e2_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:234ca069ffe78398715d16191814440da39ef08311b5e3d90c33fd604ec9c07a_s390x as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:234ca069ffe78398715d16191814440da39ef08311b5e3d90c33fd604ec9c07a_s390x"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:234ca069ffe78398715d16191814440da39ef08311b5e3d90c33fd604ec9c07a_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:b6a0c40c39eea955482de2cec38f6e9f2fb95ec886fc406effafb5cec581280f_ppc64le as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:b6a0c40c39eea955482de2cec38f6e9f2fb95ec886fc406effafb5cec581280f_ppc64le"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:b6a0c40c39eea955482de2cec38f6e9f2fb95ec886fc406effafb5cec581280f_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:caac8c5c9753bdbd97a52295a6a836f463c21cd1bf438173575dc4db006dab55_amd64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:caac8c5c9753bdbd97a52295a6a836f463c21cd1bf438173575dc4db006dab55_amd64"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:caac8c5c9753bdbd97a52295a6a836f463c21cd1bf438173575dc4db006dab55_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:d0122af40529339e7f1b2184a94c288ed3c8b731a84f7f3cc4e8ac0dcf8d8106_arm64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:d0122af40529339e7f1b2184a94c288ed3c8b731a84f7f3cc4e8ac0dcf8d8106_arm64"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:d0122af40529339e7f1b2184a94c288ed3c8b731a84f7f3cc4e8ac0dcf8d8106_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:0efd74c9c1d43ef220fa808ae34139bcb73b39181afc53a556285e627dbb7d93_ppc64le as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0efd74c9c1d43ef220fa808ae34139bcb73b39181afc53a556285e627dbb7d93_ppc64le"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:0efd74c9c1d43ef220fa808ae34139bcb73b39181afc53a556285e627dbb7d93_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:8825ebc0110560418afeb12708c4068e9d1751be5ba858db94b5ad12846b50d6_amd64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:8825ebc0110560418afeb12708c4068e9d1751be5ba858db94b5ad12846b50d6_amd64"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:8825ebc0110560418afeb12708c4068e9d1751be5ba858db94b5ad12846b50d6_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:c3fb0c75bc4c1915e570dc6e68e6a0dd38b05157e905e3a0bbe0fb83abd2b6fd_s390x as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:c3fb0c75bc4c1915e570dc6e68e6a0dd38b05157e905e3a0bbe0fb83abd2b6fd_s390x"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:c3fb0c75bc4c1915e570dc6e68e6a0dd38b05157e905e3a0bbe0fb83abd2b6fd_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:ddf99768023aaa4f60e43a16f9d9aa44adb91d68307f020b1dfdd92a5c11fc91_arm64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:ddf99768023aaa4f60e43a16f9d9aa44adb91d68307f020b1dfdd92a5c11fc91_arm64"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:ddf99768023aaa4f60e43a16f9d9aa44adb91d68307f020b1dfdd92a5c11fc91_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:06890ec20acad8a9911af77b0886d61a02a96f8dcc90ecc2992c96a3a5244602_ppc64le as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/istio-rhel8-operator@sha256:06890ec20acad8a9911af77b0886d61a02a96f8dcc90ecc2992c96a3a5244602_ppc64le"
},
"product_reference": "openshift-service-mesh/istio-rhel8-operator@sha256:06890ec20acad8a9911af77b0886d61a02a96f8dcc90ecc2992c96a3a5244602_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:1690eafb1f67ea903775f66cba1c9de4275a1e70f5a985940ddcb1577348045e_s390x as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/istio-rhel8-operator@sha256:1690eafb1f67ea903775f66cba1c9de4275a1e70f5a985940ddcb1577348045e_s390x"
},
"product_reference": "openshift-service-mesh/istio-rhel8-operator@sha256:1690eafb1f67ea903775f66cba1c9de4275a1e70f5a985940ddcb1577348045e_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:2cb94a0220ff8d69c17f2eee8db3c6f045776d63de4dc80e1a4ab31190d5c04f_amd64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/istio-rhel8-operator@sha256:2cb94a0220ff8d69c17f2eee8db3c6f045776d63de4dc80e1a4ab31190d5c04f_amd64"
},
"product_reference": "openshift-service-mesh/istio-rhel8-operator@sha256:2cb94a0220ff8d69c17f2eee8db3c6f045776d63de4dc80e1a4ab31190d5c04f_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:444bf4a8adc914b762758e5f4c4b06387faf288a0f75d8c8f8413919d31c855d_arm64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/istio-rhel8-operator@sha256:444bf4a8adc914b762758e5f4c4b06387faf288a0f75d8c8f8413919d31c855d_arm64"
},
"product_reference": "openshift-service-mesh/istio-rhel8-operator@sha256:444bf4a8adc914b762758e5f4c4b06387faf288a0f75d8c8f8413919d31c855d_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:632422660922698f9662c067e4662175a0207c1a38e7ee83ac4e6186de68890b_s390x as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:632422660922698f9662c067e4662175a0207c1a38e7ee83ac4e6186de68890b_s390x"
},
"product_reference": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:632422660922698f9662c067e4662175a0207c1a38e7ee83ac4e6186de68890b_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:91837663c930e797947ccd9ac7b9939a212dda33918d53b857c5ac48de90f175_arm64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:91837663c930e797947ccd9ac7b9939a212dda33918d53b857c5ac48de90f175_arm64"
},
"product_reference": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:91837663c930e797947ccd9ac7b9939a212dda33918d53b857c5ac48de90f175_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:bc2d5e67dcd8fcda716f7b964dbaca1eccc4f6833199b60eadbad87219fdacbd_ppc64le as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:bc2d5e67dcd8fcda716f7b964dbaca1eccc4f6833199b60eadbad87219fdacbd_ppc64le"
},
"product_reference": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:bc2d5e67dcd8fcda716f7b964dbaca1eccc4f6833199b60eadbad87219fdacbd_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:efeed94b8d1b84224310469a6e4be5d8db055e3f8c4e06529ba20f3e7697c955_amd64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:efeed94b8d1b84224310469a6e4be5d8db055e3f8c4e06529ba20f3e7697c955_amd64"
},
"product_reference": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:efeed94b8d1b84224310469a6e4be5d8db055e3f8c4e06529ba20f3e7697c955_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:07d52f116218cbfaead1559ad84e63450cedbc79823e15e3e37650090dded17e_s390x as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8-operator@sha256:07d52f116218cbfaead1559ad84e63450cedbc79823e15e3e37650090dded17e_s390x"
},
"product_reference": "openshift-service-mesh/kiali-rhel8-operator@sha256:07d52f116218cbfaead1559ad84e63450cedbc79823e15e3e37650090dded17e_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:326b45f0d46bd99aa22404ff9634dabefb559c68271808a2607581e6c2d73f42_ppc64le as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8-operator@sha256:326b45f0d46bd99aa22404ff9634dabefb559c68271808a2607581e6c2d73f42_ppc64le"
},
"product_reference": "openshift-service-mesh/kiali-rhel8-operator@sha256:326b45f0d46bd99aa22404ff9634dabefb559c68271808a2607581e6c2d73f42_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:454f36d91693411ec03f6682de6f9d47acbb172919d1b97d7ecf74795a3af827_arm64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8-operator@sha256:454f36d91693411ec03f6682de6f9d47acbb172919d1b97d7ecf74795a3af827_arm64"
},
"product_reference": "openshift-service-mesh/kiali-rhel8-operator@sha256:454f36d91693411ec03f6682de6f9d47acbb172919d1b97d7ecf74795a3af827_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:4919abb410f858d91bb76654aa682a18ab9b87a6c410c5c437d2678afbbf14ee_amd64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8-operator@sha256:4919abb410f858d91bb76654aa682a18ab9b87a6c410c5c437d2678afbbf14ee_amd64"
},
"product_reference": "openshift-service-mesh/kiali-rhel8-operator@sha256:4919abb410f858d91bb76654aa682a18ab9b87a6c410c5c437d2678afbbf14ee_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:44e4d5dfd252a87ca2b1ee79cf74c00e8fc7f1476f6425b3766d5858a402a8b2_ppc64le as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:44e4d5dfd252a87ca2b1ee79cf74c00e8fc7f1476f6425b3766d5858a402a8b2_ppc64le"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:44e4d5dfd252a87ca2b1ee79cf74c00e8fc7f1476f6425b3766d5858a402a8b2_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:4b0a937e5860713fcc3489d8d3f01eafa4d100d561793ced0d61549e872ad9c7_arm64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4b0a937e5860713fcc3489d8d3f01eafa4d100d561793ced0d61549e872ad9c7_arm64"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:4b0a937e5860713fcc3489d8d3f01eafa4d100d561793ced0d61549e872ad9c7_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:cc42799b6ffa1c143314397a40b77cc5b266445c597a273847e9a8bb5c686297_s390x as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:cc42799b6ffa1c143314397a40b77cc5b266445c597a273847e9a8bb5c686297_s390x"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:cc42799b6ffa1c143314397a40b77cc5b266445c597a273847e9a8bb5c686297_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:d885ebb70409569cf8dd77fe482e7cb46d7ca8e901e54b59bce4699216dcbd94_amd64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d885ebb70409569cf8dd77fe482e7cb46d7ca8e901e54b59bce4699216dcbd94_amd64"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:d885ebb70409569cf8dd77fe482e7cb46d7ca8e901e54b59bce4699216dcbd94_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:424d46b0189803fac9b7897b27fb0f0dec6f2265f6442962e4186c68c5295e04_s390x as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:424d46b0189803fac9b7897b27fb0f0dec6f2265f6442962e4186c68c5295e04_s390x"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:424d46b0189803fac9b7897b27fb0f0dec6f2265f6442962e4186c68c5295e04_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:b112030a03913f52d0daead03020c597bb33287fb62f781ff00077d6664f9b33_arm64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:b112030a03913f52d0daead03020c597bb33287fb62f781ff00077d6664f9b33_arm64"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:b112030a03913f52d0daead03020c597bb33287fb62f781ff00077d6664f9b33_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:b451f504cb2078f363a4b184e4223289908ddf499f68bdee99f65350035276a6_amd64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:b451f504cb2078f363a4b184e4223289908ddf499f68bdee99f65350035276a6_amd64"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:b451f504cb2078f363a4b184e4223289908ddf499f68bdee99f65350035276a6_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:c3ba2b9acfe888f8546ea31a1d6b33759be7305c6be40a0471da03a811a733aa_ppc64le as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c3ba2b9acfe888f8546ea31a1d6b33759be7305c6be40a0471da03a811a733aa_ppc64le"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:c3ba2b9acfe888f8546ea31a1d6b33759be7305c6be40a0471da03a811a733aa_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:14c27420cdb4670d8736a2baa078cc3bac8c42db54b7638d26af8822c960f074_ppc64le as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:14c27420cdb4670d8736a2baa078cc3bac8c42db54b7638d26af8822c960f074_ppc64le"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel8@sha256:14c27420cdb4670d8736a2baa078cc3bac8c42db54b7638d26af8822c960f074_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:a5473c6d230b69f67060283a1edfcbdf92fbcbcf0326dcef81f3e89575365806_amd64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:a5473c6d230b69f67060283a1edfcbdf92fbcbcf0326dcef81f3e89575365806_amd64"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel8@sha256:a5473c6d230b69f67060283a1edfcbdf92fbcbcf0326dcef81f3e89575365806_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:cfff7a32024d0c66f1e47d6282e251c3750b8b15dfa74d098936da02a6306145_arm64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:cfff7a32024d0c66f1e47d6282e251c3750b8b15dfa74d098936da02a6306145_arm64"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel8@sha256:cfff7a32024d0c66f1e47d6282e251c3750b8b15dfa74d098936da02a6306145_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:d4c6785e87b9565cfe2ee1e8ff5dcec76fdf70f080baa4c23fbd9d53aa01308a_s390x as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:d4c6785e87b9565cfe2ee1e8ff5dcec76fdf70f080baa4c23fbd9d53aa01308a_s390x"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel8@sha256:d4c6785e87b9565cfe2ee1e8ff5dcec76fdf70f080baa4c23fbd9d53aa01308a_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:6fb3b48cc8b524c6bd4d46aa8009f4f58682e4e414978c85e0ec0e15414bf90a_s390x as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:6fb3b48cc8b524c6bd4d46aa8009f4f58682e4e414978c85e0ec0e15414bf90a_s390x"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:6fb3b48cc8b524c6bd4d46aa8009f4f58682e4e414978c85e0ec0e15414bf90a_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:e52cba0676757314ad1424ffda339f793c8e4ef1f91dcabaa0118e8e282a767b_arm64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:e52cba0676757314ad1424ffda339f793c8e4ef1f91dcabaa0118e8e282a767b_arm64"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:e52cba0676757314ad1424ffda339f793c8e4ef1f91dcabaa0118e8e282a767b_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:e8334544cb16db92bc8affad46e0abc11e1803d998b19991e885220584f2b9fe_amd64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:e8334544cb16db92bc8affad46e0abc11e1803d998b19991e885220584f2b9fe_amd64"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:e8334544cb16db92bc8affad46e0abc11e1803d998b19991e885220584f2b9fe_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:e961ad03bab63e966c3d4470fd5e84af8cc511134abb1774675a587b5c5404fc_ppc64le as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:e961ad03bab63e966c3d4470fd5e84af8cc511134abb1774675a587b5c5404fc_ppc64le"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:e961ad03bab63e966c3d4470fd5e84af8cc511134abb1774675a587b5c5404fc_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-26159",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2024-01-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2256413"
}
],
"notes": [
{
"category": "description",
"text": "An Improper Input Validation flaw was found in follow-redirects due to the improper handling of URLs by the url.parse() function. When a new URL() throws an error, it can be manipulated to misinterpret the hostname. This issue could allow an attacker to redirect traffic to a malicious site, potentially leading to information disclosure, phishing attacks, or other security breaches.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "follow-redirects: Improper Input Validation due to the improper handling of URLs by the url.parse()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "follow-redirects is a transitive dependency of Grafana, and does not affect Red Hat Enterprise Linux 8.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:0e198b83b0fe4e2e907f0ce44223807e717369fff4a3bd09fa323afbb5200d27_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:58b025688bca67cb9de2e97a34813d59c398b8c5aa06cb11cd63c79b322f07a7_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:69cbbf2406a18f9277244cc1cc38d50dc34faaebd5d6a74cc728c6a949ef2cf5_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:ad8da9f3b2ca43d37c25e6ac37670cfaa2e98a8d6088fccadd37e836660020e2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:234ca069ffe78398715d16191814440da39ef08311b5e3d90c33fd604ec9c07a_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:b6a0c40c39eea955482de2cec38f6e9f2fb95ec886fc406effafb5cec581280f_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:caac8c5c9753bdbd97a52295a6a836f463c21cd1bf438173575dc4db006dab55_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:d0122af40529339e7f1b2184a94c288ed3c8b731a84f7f3cc4e8ac0dcf8d8106_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0efd74c9c1d43ef220fa808ae34139bcb73b39181afc53a556285e627dbb7d93_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:8825ebc0110560418afeb12708c4068e9d1751be5ba858db94b5ad12846b50d6_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:c3fb0c75bc4c1915e570dc6e68e6a0dd38b05157e905e3a0bbe0fb83abd2b6fd_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:ddf99768023aaa4f60e43a16f9d9aa44adb91d68307f020b1dfdd92a5c11fc91_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-rhel8-operator@sha256:06890ec20acad8a9911af77b0886d61a02a96f8dcc90ecc2992c96a3a5244602_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-rhel8-operator@sha256:1690eafb1f67ea903775f66cba1c9de4275a1e70f5a985940ddcb1577348045e_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-rhel8-operator@sha256:2cb94a0220ff8d69c17f2eee8db3c6f045776d63de4dc80e1a4ab31190d5c04f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-rhel8-operator@sha256:444bf4a8adc914b762758e5f4c4b06387faf288a0f75d8c8f8413919d31c855d_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:632422660922698f9662c067e4662175a0207c1a38e7ee83ac4e6186de68890b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:91837663c930e797947ccd9ac7b9939a212dda33918d53b857c5ac48de90f175_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:bc2d5e67dcd8fcda716f7b964dbaca1eccc4f6833199b60eadbad87219fdacbd_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:efeed94b8d1b84224310469a6e4be5d8db055e3f8c4e06529ba20f3e7697c955_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8-operator@sha256:07d52f116218cbfaead1559ad84e63450cedbc79823e15e3e37650090dded17e_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8-operator@sha256:326b45f0d46bd99aa22404ff9634dabefb559c68271808a2607581e6c2d73f42_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8-operator@sha256:454f36d91693411ec03f6682de6f9d47acbb172919d1b97d7ecf74795a3af827_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8-operator@sha256:4919abb410f858d91bb76654aa682a18ab9b87a6c410c5c437d2678afbbf14ee_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:44e4d5dfd252a87ca2b1ee79cf74c00e8fc7f1476f6425b3766d5858a402a8b2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4b0a937e5860713fcc3489d8d3f01eafa4d100d561793ced0d61549e872ad9c7_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:cc42799b6ffa1c143314397a40b77cc5b266445c597a273847e9a8bb5c686297_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d885ebb70409569cf8dd77fe482e7cb46d7ca8e901e54b59bce4699216dcbd94_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:424d46b0189803fac9b7897b27fb0f0dec6f2265f6442962e4186c68c5295e04_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:b112030a03913f52d0daead03020c597bb33287fb62f781ff00077d6664f9b33_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:b451f504cb2078f363a4b184e4223289908ddf499f68bdee99f65350035276a6_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c3ba2b9acfe888f8546ea31a1d6b33759be7305c6be40a0471da03a811a733aa_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:14c27420cdb4670d8736a2baa078cc3bac8c42db54b7638d26af8822c960f074_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:a5473c6d230b69f67060283a1edfcbdf92fbcbcf0326dcef81f3e89575365806_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:cfff7a32024d0c66f1e47d6282e251c3750b8b15dfa74d098936da02a6306145_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:d4c6785e87b9565cfe2ee1e8ff5dcec76fdf70f080baa4c23fbd9d53aa01308a_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:6fb3b48cc8b524c6bd4d46aa8009f4f58682e4e414978c85e0ec0e15414bf90a_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:e52cba0676757314ad1424ffda339f793c8e4ef1f91dcabaa0118e8e282a767b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:e8334544cb16db92bc8affad46e0abc11e1803d998b19991e885220584f2b9fe_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:e961ad03bab63e966c3d4470fd5e84af8cc511134abb1774675a587b5c5404fc_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-26159"
},
{
"category": "external",
"summary": "RHBZ#2256413",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256413"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-26159",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26159"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-26159",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-26159"
}
],
"release_date": "2024-01-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-04-22T12:47:08+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:0e198b83b0fe4e2e907f0ce44223807e717369fff4a3bd09fa323afbb5200d27_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:58b025688bca67cb9de2e97a34813d59c398b8c5aa06cb11cd63c79b322f07a7_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:69cbbf2406a18f9277244cc1cc38d50dc34faaebd5d6a74cc728c6a949ef2cf5_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:ad8da9f3b2ca43d37c25e6ac37670cfaa2e98a8d6088fccadd37e836660020e2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:234ca069ffe78398715d16191814440da39ef08311b5e3d90c33fd604ec9c07a_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:b6a0c40c39eea955482de2cec38f6e9f2fb95ec886fc406effafb5cec581280f_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:caac8c5c9753bdbd97a52295a6a836f463c21cd1bf438173575dc4db006dab55_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:d0122af40529339e7f1b2184a94c288ed3c8b731a84f7f3cc4e8ac0dcf8d8106_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0efd74c9c1d43ef220fa808ae34139bcb73b39181afc53a556285e627dbb7d93_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:8825ebc0110560418afeb12708c4068e9d1751be5ba858db94b5ad12846b50d6_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:c3fb0c75bc4c1915e570dc6e68e6a0dd38b05157e905e3a0bbe0fb83abd2b6fd_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:ddf99768023aaa4f60e43a16f9d9aa44adb91d68307f020b1dfdd92a5c11fc91_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-rhel8-operator@sha256:06890ec20acad8a9911af77b0886d61a02a96f8dcc90ecc2992c96a3a5244602_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-rhel8-operator@sha256:1690eafb1f67ea903775f66cba1c9de4275a1e70f5a985940ddcb1577348045e_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-rhel8-operator@sha256:2cb94a0220ff8d69c17f2eee8db3c6f045776d63de4dc80e1a4ab31190d5c04f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-rhel8-operator@sha256:444bf4a8adc914b762758e5f4c4b06387faf288a0f75d8c8f8413919d31c855d_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:632422660922698f9662c067e4662175a0207c1a38e7ee83ac4e6186de68890b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:91837663c930e797947ccd9ac7b9939a212dda33918d53b857c5ac48de90f175_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:bc2d5e67dcd8fcda716f7b964dbaca1eccc4f6833199b60eadbad87219fdacbd_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:efeed94b8d1b84224310469a6e4be5d8db055e3f8c4e06529ba20f3e7697c955_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8-operator@sha256:07d52f116218cbfaead1559ad84e63450cedbc79823e15e3e37650090dded17e_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8-operator@sha256:326b45f0d46bd99aa22404ff9634dabefb559c68271808a2607581e6c2d73f42_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8-operator@sha256:454f36d91693411ec03f6682de6f9d47acbb172919d1b97d7ecf74795a3af827_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8-operator@sha256:4919abb410f858d91bb76654aa682a18ab9b87a6c410c5c437d2678afbbf14ee_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:44e4d5dfd252a87ca2b1ee79cf74c00e8fc7f1476f6425b3766d5858a402a8b2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4b0a937e5860713fcc3489d8d3f01eafa4d100d561793ced0d61549e872ad9c7_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:cc42799b6ffa1c143314397a40b77cc5b266445c597a273847e9a8bb5c686297_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d885ebb70409569cf8dd77fe482e7cb46d7ca8e901e54b59bce4699216dcbd94_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:424d46b0189803fac9b7897b27fb0f0dec6f2265f6442962e4186c68c5295e04_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:b112030a03913f52d0daead03020c597bb33287fb62f781ff00077d6664f9b33_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:b451f504cb2078f363a4b184e4223289908ddf499f68bdee99f65350035276a6_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c3ba2b9acfe888f8546ea31a1d6b33759be7305c6be40a0471da03a811a733aa_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:14c27420cdb4670d8736a2baa078cc3bac8c42db54b7638d26af8822c960f074_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:a5473c6d230b69f67060283a1edfcbdf92fbcbcf0326dcef81f3e89575365806_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:cfff7a32024d0c66f1e47d6282e251c3750b8b15dfa74d098936da02a6306145_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:d4c6785e87b9565cfe2ee1e8ff5dcec76fdf70f080baa4c23fbd9d53aa01308a_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:6fb3b48cc8b524c6bd4d46aa8009f4f58682e4e414978c85e0ec0e15414bf90a_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:e52cba0676757314ad1424ffda339f793c8e4ef1f91dcabaa0118e8e282a767b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:e8334544cb16db92bc8affad46e0abc11e1803d998b19991e885220584f2b9fe_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:e961ad03bab63e966c3d4470fd5e84af8cc511134abb1774675a587b5c5404fc_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1946"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:0e198b83b0fe4e2e907f0ce44223807e717369fff4a3bd09fa323afbb5200d27_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:58b025688bca67cb9de2e97a34813d59c398b8c5aa06cb11cd63c79b322f07a7_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:69cbbf2406a18f9277244cc1cc38d50dc34faaebd5d6a74cc728c6a949ef2cf5_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:ad8da9f3b2ca43d37c25e6ac37670cfaa2e98a8d6088fccadd37e836660020e2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:234ca069ffe78398715d16191814440da39ef08311b5e3d90c33fd604ec9c07a_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:b6a0c40c39eea955482de2cec38f6e9f2fb95ec886fc406effafb5cec581280f_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:caac8c5c9753bdbd97a52295a6a836f463c21cd1bf438173575dc4db006dab55_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:d0122af40529339e7f1b2184a94c288ed3c8b731a84f7f3cc4e8ac0dcf8d8106_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0efd74c9c1d43ef220fa808ae34139bcb73b39181afc53a556285e627dbb7d93_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:8825ebc0110560418afeb12708c4068e9d1751be5ba858db94b5ad12846b50d6_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:c3fb0c75bc4c1915e570dc6e68e6a0dd38b05157e905e3a0bbe0fb83abd2b6fd_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:ddf99768023aaa4f60e43a16f9d9aa44adb91d68307f020b1dfdd92a5c11fc91_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-rhel8-operator@sha256:06890ec20acad8a9911af77b0886d61a02a96f8dcc90ecc2992c96a3a5244602_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-rhel8-operator@sha256:1690eafb1f67ea903775f66cba1c9de4275a1e70f5a985940ddcb1577348045e_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-rhel8-operator@sha256:2cb94a0220ff8d69c17f2eee8db3c6f045776d63de4dc80e1a4ab31190d5c04f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-rhel8-operator@sha256:444bf4a8adc914b762758e5f4c4b06387faf288a0f75d8c8f8413919d31c855d_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:632422660922698f9662c067e4662175a0207c1a38e7ee83ac4e6186de68890b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:91837663c930e797947ccd9ac7b9939a212dda33918d53b857c5ac48de90f175_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:bc2d5e67dcd8fcda716f7b964dbaca1eccc4f6833199b60eadbad87219fdacbd_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:efeed94b8d1b84224310469a6e4be5d8db055e3f8c4e06529ba20f3e7697c955_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8-operator@sha256:07d52f116218cbfaead1559ad84e63450cedbc79823e15e3e37650090dded17e_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8-operator@sha256:326b45f0d46bd99aa22404ff9634dabefb559c68271808a2607581e6c2d73f42_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8-operator@sha256:454f36d91693411ec03f6682de6f9d47acbb172919d1b97d7ecf74795a3af827_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8-operator@sha256:4919abb410f858d91bb76654aa682a18ab9b87a6c410c5c437d2678afbbf14ee_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:44e4d5dfd252a87ca2b1ee79cf74c00e8fc7f1476f6425b3766d5858a402a8b2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4b0a937e5860713fcc3489d8d3f01eafa4d100d561793ced0d61549e872ad9c7_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:cc42799b6ffa1c143314397a40b77cc5b266445c597a273847e9a8bb5c686297_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d885ebb70409569cf8dd77fe482e7cb46d7ca8e901e54b59bce4699216dcbd94_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:424d46b0189803fac9b7897b27fb0f0dec6f2265f6442962e4186c68c5295e04_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:b112030a03913f52d0daead03020c597bb33287fb62f781ff00077d6664f9b33_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:b451f504cb2078f363a4b184e4223289908ddf499f68bdee99f65350035276a6_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c3ba2b9acfe888f8546ea31a1d6b33759be7305c6be40a0471da03a811a733aa_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:14c27420cdb4670d8736a2baa078cc3bac8c42db54b7638d26af8822c960f074_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:a5473c6d230b69f67060283a1edfcbdf92fbcbcf0326dcef81f3e89575365806_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:cfff7a32024d0c66f1e47d6282e251c3750b8b15dfa74d098936da02a6306145_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:d4c6785e87b9565cfe2ee1e8ff5dcec76fdf70f080baa4c23fbd9d53aa01308a_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:6fb3b48cc8b524c6bd4d46aa8009f4f58682e4e414978c85e0ec0e15414bf90a_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:e52cba0676757314ad1424ffda339f793c8e4ef1f91dcabaa0118e8e282a767b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:e8334544cb16db92bc8affad46e0abc11e1803d998b19991e885220584f2b9fe_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:e961ad03bab63e966c3d4470fd5e84af8cc511134abb1774675a587b5c5404fc_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:0e198b83b0fe4e2e907f0ce44223807e717369fff4a3bd09fa323afbb5200d27_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:58b025688bca67cb9de2e97a34813d59c398b8c5aa06cb11cd63c79b322f07a7_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:69cbbf2406a18f9277244cc1cc38d50dc34faaebd5d6a74cc728c6a949ef2cf5_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:ad8da9f3b2ca43d37c25e6ac37670cfaa2e98a8d6088fccadd37e836660020e2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:234ca069ffe78398715d16191814440da39ef08311b5e3d90c33fd604ec9c07a_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:b6a0c40c39eea955482de2cec38f6e9f2fb95ec886fc406effafb5cec581280f_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:caac8c5c9753bdbd97a52295a6a836f463c21cd1bf438173575dc4db006dab55_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:d0122af40529339e7f1b2184a94c288ed3c8b731a84f7f3cc4e8ac0dcf8d8106_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0efd74c9c1d43ef220fa808ae34139bcb73b39181afc53a556285e627dbb7d93_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:8825ebc0110560418afeb12708c4068e9d1751be5ba858db94b5ad12846b50d6_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:c3fb0c75bc4c1915e570dc6e68e6a0dd38b05157e905e3a0bbe0fb83abd2b6fd_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:ddf99768023aaa4f60e43a16f9d9aa44adb91d68307f020b1dfdd92a5c11fc91_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-rhel8-operator@sha256:06890ec20acad8a9911af77b0886d61a02a96f8dcc90ecc2992c96a3a5244602_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-rhel8-operator@sha256:1690eafb1f67ea903775f66cba1c9de4275a1e70f5a985940ddcb1577348045e_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-rhel8-operator@sha256:2cb94a0220ff8d69c17f2eee8db3c6f045776d63de4dc80e1a4ab31190d5c04f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-rhel8-operator@sha256:444bf4a8adc914b762758e5f4c4b06387faf288a0f75d8c8f8413919d31c855d_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:632422660922698f9662c067e4662175a0207c1a38e7ee83ac4e6186de68890b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:91837663c930e797947ccd9ac7b9939a212dda33918d53b857c5ac48de90f175_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:bc2d5e67dcd8fcda716f7b964dbaca1eccc4f6833199b60eadbad87219fdacbd_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:efeed94b8d1b84224310469a6e4be5d8db055e3f8c4e06529ba20f3e7697c955_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8-operator@sha256:07d52f116218cbfaead1559ad84e63450cedbc79823e15e3e37650090dded17e_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8-operator@sha256:326b45f0d46bd99aa22404ff9634dabefb559c68271808a2607581e6c2d73f42_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8-operator@sha256:454f36d91693411ec03f6682de6f9d47acbb172919d1b97d7ecf74795a3af827_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8-operator@sha256:4919abb410f858d91bb76654aa682a18ab9b87a6c410c5c437d2678afbbf14ee_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:44e4d5dfd252a87ca2b1ee79cf74c00e8fc7f1476f6425b3766d5858a402a8b2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4b0a937e5860713fcc3489d8d3f01eafa4d100d561793ced0d61549e872ad9c7_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:cc42799b6ffa1c143314397a40b77cc5b266445c597a273847e9a8bb5c686297_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d885ebb70409569cf8dd77fe482e7cb46d7ca8e901e54b59bce4699216dcbd94_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:424d46b0189803fac9b7897b27fb0f0dec6f2265f6442962e4186c68c5295e04_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:b112030a03913f52d0daead03020c597bb33287fb62f781ff00077d6664f9b33_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:b451f504cb2078f363a4b184e4223289908ddf499f68bdee99f65350035276a6_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c3ba2b9acfe888f8546ea31a1d6b33759be7305c6be40a0471da03a811a733aa_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:14c27420cdb4670d8736a2baa078cc3bac8c42db54b7638d26af8822c960f074_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:a5473c6d230b69f67060283a1edfcbdf92fbcbcf0326dcef81f3e89575365806_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:cfff7a32024d0c66f1e47d6282e251c3750b8b15dfa74d098936da02a6306145_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:d4c6785e87b9565cfe2ee1e8ff5dcec76fdf70f080baa4c23fbd9d53aa01308a_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:6fb3b48cc8b524c6bd4d46aa8009f4f58682e4e414978c85e0ec0e15414bf90a_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:e52cba0676757314ad1424ffda339f793c8e4ef1f91dcabaa0118e8e282a767b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:e8334544cb16db92bc8affad46e0abc11e1803d998b19991e885220584f2b9fe_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:e961ad03bab63e966c3d4470fd5e84af8cc511134abb1774675a587b5c5404fc_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "follow-redirects: Improper Input Validation due to the improper handling of URLs by the url.parse()"
},
{
"cve": "CVE-2024-24786",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2024-03-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2268046"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Golang\u0027s protobuf module, where the unmarshal function can enter an infinite loop when processing certain invalid inputs. This issue occurs during unmarshaling into a message that includes a google.protobuf.Any or when the UnmarshalOptions.DiscardUnknown option is enabled. This flaw allows an attacker to craft malicious input tailored to trigger the identified flaw in the unmarshal function. By providing carefully constructed invalid inputs, they could potentially cause the function to enter an infinite loop, resulting in a denial of service condition or other unintended behaviors in the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:0e198b83b0fe4e2e907f0ce44223807e717369fff4a3bd09fa323afbb5200d27_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:58b025688bca67cb9de2e97a34813d59c398b8c5aa06cb11cd63c79b322f07a7_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:69cbbf2406a18f9277244cc1cc38d50dc34faaebd5d6a74cc728c6a949ef2cf5_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:ad8da9f3b2ca43d37c25e6ac37670cfaa2e98a8d6088fccadd37e836660020e2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:234ca069ffe78398715d16191814440da39ef08311b5e3d90c33fd604ec9c07a_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:b6a0c40c39eea955482de2cec38f6e9f2fb95ec886fc406effafb5cec581280f_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:caac8c5c9753bdbd97a52295a6a836f463c21cd1bf438173575dc4db006dab55_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:d0122af40529339e7f1b2184a94c288ed3c8b731a84f7f3cc4e8ac0dcf8d8106_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0efd74c9c1d43ef220fa808ae34139bcb73b39181afc53a556285e627dbb7d93_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:8825ebc0110560418afeb12708c4068e9d1751be5ba858db94b5ad12846b50d6_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:c3fb0c75bc4c1915e570dc6e68e6a0dd38b05157e905e3a0bbe0fb83abd2b6fd_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:ddf99768023aaa4f60e43a16f9d9aa44adb91d68307f020b1dfdd92a5c11fc91_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-rhel8-operator@sha256:06890ec20acad8a9911af77b0886d61a02a96f8dcc90ecc2992c96a3a5244602_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-rhel8-operator@sha256:1690eafb1f67ea903775f66cba1c9de4275a1e70f5a985940ddcb1577348045e_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-rhel8-operator@sha256:2cb94a0220ff8d69c17f2eee8db3c6f045776d63de4dc80e1a4ab31190d5c04f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-rhel8-operator@sha256:444bf4a8adc914b762758e5f4c4b06387faf288a0f75d8c8f8413919d31c855d_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:632422660922698f9662c067e4662175a0207c1a38e7ee83ac4e6186de68890b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:91837663c930e797947ccd9ac7b9939a212dda33918d53b857c5ac48de90f175_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:bc2d5e67dcd8fcda716f7b964dbaca1eccc4f6833199b60eadbad87219fdacbd_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:efeed94b8d1b84224310469a6e4be5d8db055e3f8c4e06529ba20f3e7697c955_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8-operator@sha256:07d52f116218cbfaead1559ad84e63450cedbc79823e15e3e37650090dded17e_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8-operator@sha256:326b45f0d46bd99aa22404ff9634dabefb559c68271808a2607581e6c2d73f42_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8-operator@sha256:454f36d91693411ec03f6682de6f9d47acbb172919d1b97d7ecf74795a3af827_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8-operator@sha256:4919abb410f858d91bb76654aa682a18ab9b87a6c410c5c437d2678afbbf14ee_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:44e4d5dfd252a87ca2b1ee79cf74c00e8fc7f1476f6425b3766d5858a402a8b2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4b0a937e5860713fcc3489d8d3f01eafa4d100d561793ced0d61549e872ad9c7_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:cc42799b6ffa1c143314397a40b77cc5b266445c597a273847e9a8bb5c686297_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d885ebb70409569cf8dd77fe482e7cb46d7ca8e901e54b59bce4699216dcbd94_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:424d46b0189803fac9b7897b27fb0f0dec6f2265f6442962e4186c68c5295e04_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:b112030a03913f52d0daead03020c597bb33287fb62f781ff00077d6664f9b33_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:b451f504cb2078f363a4b184e4223289908ddf499f68bdee99f65350035276a6_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c3ba2b9acfe888f8546ea31a1d6b33759be7305c6be40a0471da03a811a733aa_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:14c27420cdb4670d8736a2baa078cc3bac8c42db54b7638d26af8822c960f074_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:a5473c6d230b69f67060283a1edfcbdf92fbcbcf0326dcef81f3e89575365806_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:cfff7a32024d0c66f1e47d6282e251c3750b8b15dfa74d098936da02a6306145_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:d4c6785e87b9565cfe2ee1e8ff5dcec76fdf70f080baa4c23fbd9d53aa01308a_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:6fb3b48cc8b524c6bd4d46aa8009f4f58682e4e414978c85e0ec0e15414bf90a_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:e52cba0676757314ad1424ffda339f793c8e4ef1f91dcabaa0118e8e282a767b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:e8334544cb16db92bc8affad46e0abc11e1803d998b19991e885220584f2b9fe_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:e961ad03bab63e966c3d4470fd5e84af8cc511134abb1774675a587b5c5404fc_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-24786"
},
{
"category": "external",
"summary": "RHBZ#2268046",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268046"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-24786",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24786"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-24786",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24786"
},
{
"category": "external",
"summary": "https://go.dev/cl/569356",
"url": "https://go.dev/cl/569356"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/ArQ6CDgtEjY/",
"url": "https://groups.google.com/g/golang-announce/c/ArQ6CDgtEjY/"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-2611",
"url": "https://pkg.go.dev/vuln/GO-2024-2611"
}
],
"release_date": "2024-03-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-04-22T12:47:08+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:0e198b83b0fe4e2e907f0ce44223807e717369fff4a3bd09fa323afbb5200d27_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:58b025688bca67cb9de2e97a34813d59c398b8c5aa06cb11cd63c79b322f07a7_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:69cbbf2406a18f9277244cc1cc38d50dc34faaebd5d6a74cc728c6a949ef2cf5_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:ad8da9f3b2ca43d37c25e6ac37670cfaa2e98a8d6088fccadd37e836660020e2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:234ca069ffe78398715d16191814440da39ef08311b5e3d90c33fd604ec9c07a_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:b6a0c40c39eea955482de2cec38f6e9f2fb95ec886fc406effafb5cec581280f_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:caac8c5c9753bdbd97a52295a6a836f463c21cd1bf438173575dc4db006dab55_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:d0122af40529339e7f1b2184a94c288ed3c8b731a84f7f3cc4e8ac0dcf8d8106_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0efd74c9c1d43ef220fa808ae34139bcb73b39181afc53a556285e627dbb7d93_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:8825ebc0110560418afeb12708c4068e9d1751be5ba858db94b5ad12846b50d6_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:c3fb0c75bc4c1915e570dc6e68e6a0dd38b05157e905e3a0bbe0fb83abd2b6fd_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:ddf99768023aaa4f60e43a16f9d9aa44adb91d68307f020b1dfdd92a5c11fc91_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-rhel8-operator@sha256:06890ec20acad8a9911af77b0886d61a02a96f8dcc90ecc2992c96a3a5244602_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-rhel8-operator@sha256:1690eafb1f67ea903775f66cba1c9de4275a1e70f5a985940ddcb1577348045e_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-rhel8-operator@sha256:2cb94a0220ff8d69c17f2eee8db3c6f045776d63de4dc80e1a4ab31190d5c04f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-rhel8-operator@sha256:444bf4a8adc914b762758e5f4c4b06387faf288a0f75d8c8f8413919d31c855d_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:632422660922698f9662c067e4662175a0207c1a38e7ee83ac4e6186de68890b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:91837663c930e797947ccd9ac7b9939a212dda33918d53b857c5ac48de90f175_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:bc2d5e67dcd8fcda716f7b964dbaca1eccc4f6833199b60eadbad87219fdacbd_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:efeed94b8d1b84224310469a6e4be5d8db055e3f8c4e06529ba20f3e7697c955_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8-operator@sha256:07d52f116218cbfaead1559ad84e63450cedbc79823e15e3e37650090dded17e_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8-operator@sha256:326b45f0d46bd99aa22404ff9634dabefb559c68271808a2607581e6c2d73f42_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8-operator@sha256:454f36d91693411ec03f6682de6f9d47acbb172919d1b97d7ecf74795a3af827_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8-operator@sha256:4919abb410f858d91bb76654aa682a18ab9b87a6c410c5c437d2678afbbf14ee_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:44e4d5dfd252a87ca2b1ee79cf74c00e8fc7f1476f6425b3766d5858a402a8b2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4b0a937e5860713fcc3489d8d3f01eafa4d100d561793ced0d61549e872ad9c7_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:cc42799b6ffa1c143314397a40b77cc5b266445c597a273847e9a8bb5c686297_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d885ebb70409569cf8dd77fe482e7cb46d7ca8e901e54b59bce4699216dcbd94_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:424d46b0189803fac9b7897b27fb0f0dec6f2265f6442962e4186c68c5295e04_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:b112030a03913f52d0daead03020c597bb33287fb62f781ff00077d6664f9b33_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:b451f504cb2078f363a4b184e4223289908ddf499f68bdee99f65350035276a6_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c3ba2b9acfe888f8546ea31a1d6b33759be7305c6be40a0471da03a811a733aa_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:14c27420cdb4670d8736a2baa078cc3bac8c42db54b7638d26af8822c960f074_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:a5473c6d230b69f67060283a1edfcbdf92fbcbcf0326dcef81f3e89575365806_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:cfff7a32024d0c66f1e47d6282e251c3750b8b15dfa74d098936da02a6306145_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:d4c6785e87b9565cfe2ee1e8ff5dcec76fdf70f080baa4c23fbd9d53aa01308a_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:6fb3b48cc8b524c6bd4d46aa8009f4f58682e4e414978c85e0ec0e15414bf90a_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:e52cba0676757314ad1424ffda339f793c8e4ef1f91dcabaa0118e8e282a767b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:e8334544cb16db92bc8affad46e0abc11e1803d998b19991e885220584f2b9fe_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:e961ad03bab63e966c3d4470fd5e84af8cc511134abb1774675a587b5c5404fc_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1946"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:0e198b83b0fe4e2e907f0ce44223807e717369fff4a3bd09fa323afbb5200d27_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:58b025688bca67cb9de2e97a34813d59c398b8c5aa06cb11cd63c79b322f07a7_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:69cbbf2406a18f9277244cc1cc38d50dc34faaebd5d6a74cc728c6a949ef2cf5_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:ad8da9f3b2ca43d37c25e6ac37670cfaa2e98a8d6088fccadd37e836660020e2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:234ca069ffe78398715d16191814440da39ef08311b5e3d90c33fd604ec9c07a_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:b6a0c40c39eea955482de2cec38f6e9f2fb95ec886fc406effafb5cec581280f_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:caac8c5c9753bdbd97a52295a6a836f463c21cd1bf438173575dc4db006dab55_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:d0122af40529339e7f1b2184a94c288ed3c8b731a84f7f3cc4e8ac0dcf8d8106_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0efd74c9c1d43ef220fa808ae34139bcb73b39181afc53a556285e627dbb7d93_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:8825ebc0110560418afeb12708c4068e9d1751be5ba858db94b5ad12846b50d6_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:c3fb0c75bc4c1915e570dc6e68e6a0dd38b05157e905e3a0bbe0fb83abd2b6fd_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:ddf99768023aaa4f60e43a16f9d9aa44adb91d68307f020b1dfdd92a5c11fc91_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-rhel8-operator@sha256:06890ec20acad8a9911af77b0886d61a02a96f8dcc90ecc2992c96a3a5244602_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-rhel8-operator@sha256:1690eafb1f67ea903775f66cba1c9de4275a1e70f5a985940ddcb1577348045e_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-rhel8-operator@sha256:2cb94a0220ff8d69c17f2eee8db3c6f045776d63de4dc80e1a4ab31190d5c04f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-rhel8-operator@sha256:444bf4a8adc914b762758e5f4c4b06387faf288a0f75d8c8f8413919d31c855d_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:632422660922698f9662c067e4662175a0207c1a38e7ee83ac4e6186de68890b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:91837663c930e797947ccd9ac7b9939a212dda33918d53b857c5ac48de90f175_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:bc2d5e67dcd8fcda716f7b964dbaca1eccc4f6833199b60eadbad87219fdacbd_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:efeed94b8d1b84224310469a6e4be5d8db055e3f8c4e06529ba20f3e7697c955_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8-operator@sha256:07d52f116218cbfaead1559ad84e63450cedbc79823e15e3e37650090dded17e_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8-operator@sha256:326b45f0d46bd99aa22404ff9634dabefb559c68271808a2607581e6c2d73f42_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8-operator@sha256:454f36d91693411ec03f6682de6f9d47acbb172919d1b97d7ecf74795a3af827_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8-operator@sha256:4919abb410f858d91bb76654aa682a18ab9b87a6c410c5c437d2678afbbf14ee_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:44e4d5dfd252a87ca2b1ee79cf74c00e8fc7f1476f6425b3766d5858a402a8b2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4b0a937e5860713fcc3489d8d3f01eafa4d100d561793ced0d61549e872ad9c7_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:cc42799b6ffa1c143314397a40b77cc5b266445c597a273847e9a8bb5c686297_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d885ebb70409569cf8dd77fe482e7cb46d7ca8e901e54b59bce4699216dcbd94_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:424d46b0189803fac9b7897b27fb0f0dec6f2265f6442962e4186c68c5295e04_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:b112030a03913f52d0daead03020c597bb33287fb62f781ff00077d6664f9b33_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:b451f504cb2078f363a4b184e4223289908ddf499f68bdee99f65350035276a6_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c3ba2b9acfe888f8546ea31a1d6b33759be7305c6be40a0471da03a811a733aa_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:14c27420cdb4670d8736a2baa078cc3bac8c42db54b7638d26af8822c960f074_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:a5473c6d230b69f67060283a1edfcbdf92fbcbcf0326dcef81f3e89575365806_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:cfff7a32024d0c66f1e47d6282e251c3750b8b15dfa74d098936da02a6306145_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:d4c6785e87b9565cfe2ee1e8ff5dcec76fdf70f080baa4c23fbd9d53aa01308a_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:6fb3b48cc8b524c6bd4d46aa8009f4f58682e4e414978c85e0ec0e15414bf90a_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:e52cba0676757314ad1424ffda339f793c8e4ef1f91dcabaa0118e8e282a767b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:e8334544cb16db92bc8affad46e0abc11e1803d998b19991e885220584f2b9fe_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:e961ad03bab63e966c3d4470fd5e84af8cc511134abb1774675a587b5c5404fc_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:0e198b83b0fe4e2e907f0ce44223807e717369fff4a3bd09fa323afbb5200d27_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:58b025688bca67cb9de2e97a34813d59c398b8c5aa06cb11cd63c79b322f07a7_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:69cbbf2406a18f9277244cc1cc38d50dc34faaebd5d6a74cc728c6a949ef2cf5_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:ad8da9f3b2ca43d37c25e6ac37670cfaa2e98a8d6088fccadd37e836660020e2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:234ca069ffe78398715d16191814440da39ef08311b5e3d90c33fd604ec9c07a_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:b6a0c40c39eea955482de2cec38f6e9f2fb95ec886fc406effafb5cec581280f_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:caac8c5c9753bdbd97a52295a6a836f463c21cd1bf438173575dc4db006dab55_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:d0122af40529339e7f1b2184a94c288ed3c8b731a84f7f3cc4e8ac0dcf8d8106_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0efd74c9c1d43ef220fa808ae34139bcb73b39181afc53a556285e627dbb7d93_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:8825ebc0110560418afeb12708c4068e9d1751be5ba858db94b5ad12846b50d6_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:c3fb0c75bc4c1915e570dc6e68e6a0dd38b05157e905e3a0bbe0fb83abd2b6fd_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:ddf99768023aaa4f60e43a16f9d9aa44adb91d68307f020b1dfdd92a5c11fc91_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-rhel8-operator@sha256:06890ec20acad8a9911af77b0886d61a02a96f8dcc90ecc2992c96a3a5244602_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-rhel8-operator@sha256:1690eafb1f67ea903775f66cba1c9de4275a1e70f5a985940ddcb1577348045e_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-rhel8-operator@sha256:2cb94a0220ff8d69c17f2eee8db3c6f045776d63de4dc80e1a4ab31190d5c04f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-rhel8-operator@sha256:444bf4a8adc914b762758e5f4c4b06387faf288a0f75d8c8f8413919d31c855d_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:632422660922698f9662c067e4662175a0207c1a38e7ee83ac4e6186de68890b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:91837663c930e797947ccd9ac7b9939a212dda33918d53b857c5ac48de90f175_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:bc2d5e67dcd8fcda716f7b964dbaca1eccc4f6833199b60eadbad87219fdacbd_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:efeed94b8d1b84224310469a6e4be5d8db055e3f8c4e06529ba20f3e7697c955_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8-operator@sha256:07d52f116218cbfaead1559ad84e63450cedbc79823e15e3e37650090dded17e_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8-operator@sha256:326b45f0d46bd99aa22404ff9634dabefb559c68271808a2607581e6c2d73f42_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8-operator@sha256:454f36d91693411ec03f6682de6f9d47acbb172919d1b97d7ecf74795a3af827_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8-operator@sha256:4919abb410f858d91bb76654aa682a18ab9b87a6c410c5c437d2678afbbf14ee_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:44e4d5dfd252a87ca2b1ee79cf74c00e8fc7f1476f6425b3766d5858a402a8b2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4b0a937e5860713fcc3489d8d3f01eafa4d100d561793ced0d61549e872ad9c7_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:cc42799b6ffa1c143314397a40b77cc5b266445c597a273847e9a8bb5c686297_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d885ebb70409569cf8dd77fe482e7cb46d7ca8e901e54b59bce4699216dcbd94_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:424d46b0189803fac9b7897b27fb0f0dec6f2265f6442962e4186c68c5295e04_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:b112030a03913f52d0daead03020c597bb33287fb62f781ff00077d6664f9b33_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:b451f504cb2078f363a4b184e4223289908ddf499f68bdee99f65350035276a6_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c3ba2b9acfe888f8546ea31a1d6b33759be7305c6be40a0471da03a811a733aa_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:14c27420cdb4670d8736a2baa078cc3bac8c42db54b7638d26af8822c960f074_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:a5473c6d230b69f67060283a1edfcbdf92fbcbcf0326dcef81f3e89575365806_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:cfff7a32024d0c66f1e47d6282e251c3750b8b15dfa74d098936da02a6306145_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:d4c6785e87b9565cfe2ee1e8ff5dcec76fdf70f080baa4c23fbd9d53aa01308a_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:6fb3b48cc8b524c6bd4d46aa8009f4f58682e4e414978c85e0ec0e15414bf90a_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:e52cba0676757314ad1424ffda339f793c8e4ef1f91dcabaa0118e8e282a767b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:e8334544cb16db92bc8affad46e0abc11e1803d998b19991e885220584f2b9fe_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:e961ad03bab63e966c3d4470fd5e84af8cc511134abb1774675a587b5c5404fc_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON"
},
{
"cve": "CVE-2024-28180",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"discovery_date": "2024-03-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2268854"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Jose due to improper handling of highly compressed data. This issue could allow an attacker to send a JWE containing compressed data that uses large amounts of memory and CPU when decompressed by Decrypt or DecryptMulti.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jose-go: improper handling of highly compressed data",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:0e198b83b0fe4e2e907f0ce44223807e717369fff4a3bd09fa323afbb5200d27_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:58b025688bca67cb9de2e97a34813d59c398b8c5aa06cb11cd63c79b322f07a7_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:69cbbf2406a18f9277244cc1cc38d50dc34faaebd5d6a74cc728c6a949ef2cf5_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:ad8da9f3b2ca43d37c25e6ac37670cfaa2e98a8d6088fccadd37e836660020e2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:234ca069ffe78398715d16191814440da39ef08311b5e3d90c33fd604ec9c07a_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:b6a0c40c39eea955482de2cec38f6e9f2fb95ec886fc406effafb5cec581280f_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:caac8c5c9753bdbd97a52295a6a836f463c21cd1bf438173575dc4db006dab55_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:d0122af40529339e7f1b2184a94c288ed3c8b731a84f7f3cc4e8ac0dcf8d8106_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0efd74c9c1d43ef220fa808ae34139bcb73b39181afc53a556285e627dbb7d93_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:8825ebc0110560418afeb12708c4068e9d1751be5ba858db94b5ad12846b50d6_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:c3fb0c75bc4c1915e570dc6e68e6a0dd38b05157e905e3a0bbe0fb83abd2b6fd_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:ddf99768023aaa4f60e43a16f9d9aa44adb91d68307f020b1dfdd92a5c11fc91_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-rhel8-operator@sha256:06890ec20acad8a9911af77b0886d61a02a96f8dcc90ecc2992c96a3a5244602_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-rhel8-operator@sha256:1690eafb1f67ea903775f66cba1c9de4275a1e70f5a985940ddcb1577348045e_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-rhel8-operator@sha256:2cb94a0220ff8d69c17f2eee8db3c6f045776d63de4dc80e1a4ab31190d5c04f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-rhel8-operator@sha256:444bf4a8adc914b762758e5f4c4b06387faf288a0f75d8c8f8413919d31c855d_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:632422660922698f9662c067e4662175a0207c1a38e7ee83ac4e6186de68890b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:91837663c930e797947ccd9ac7b9939a212dda33918d53b857c5ac48de90f175_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:bc2d5e67dcd8fcda716f7b964dbaca1eccc4f6833199b60eadbad87219fdacbd_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:efeed94b8d1b84224310469a6e4be5d8db055e3f8c4e06529ba20f3e7697c955_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8-operator@sha256:07d52f116218cbfaead1559ad84e63450cedbc79823e15e3e37650090dded17e_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8-operator@sha256:326b45f0d46bd99aa22404ff9634dabefb559c68271808a2607581e6c2d73f42_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8-operator@sha256:454f36d91693411ec03f6682de6f9d47acbb172919d1b97d7ecf74795a3af827_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8-operator@sha256:4919abb410f858d91bb76654aa682a18ab9b87a6c410c5c437d2678afbbf14ee_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:44e4d5dfd252a87ca2b1ee79cf74c00e8fc7f1476f6425b3766d5858a402a8b2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4b0a937e5860713fcc3489d8d3f01eafa4d100d561793ced0d61549e872ad9c7_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:cc42799b6ffa1c143314397a40b77cc5b266445c597a273847e9a8bb5c686297_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d885ebb70409569cf8dd77fe482e7cb46d7ca8e901e54b59bce4699216dcbd94_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:424d46b0189803fac9b7897b27fb0f0dec6f2265f6442962e4186c68c5295e04_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:b112030a03913f52d0daead03020c597bb33287fb62f781ff00077d6664f9b33_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:b451f504cb2078f363a4b184e4223289908ddf499f68bdee99f65350035276a6_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c3ba2b9acfe888f8546ea31a1d6b33759be7305c6be40a0471da03a811a733aa_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:14c27420cdb4670d8736a2baa078cc3bac8c42db54b7638d26af8822c960f074_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:a5473c6d230b69f67060283a1edfcbdf92fbcbcf0326dcef81f3e89575365806_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:cfff7a32024d0c66f1e47d6282e251c3750b8b15dfa74d098936da02a6306145_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:d4c6785e87b9565cfe2ee1e8ff5dcec76fdf70f080baa4c23fbd9d53aa01308a_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:6fb3b48cc8b524c6bd4d46aa8009f4f58682e4e414978c85e0ec0e15414bf90a_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:e52cba0676757314ad1424ffda339f793c8e4ef1f91dcabaa0118e8e282a767b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:e8334544cb16db92bc8affad46e0abc11e1803d998b19991e885220584f2b9fe_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:e961ad03bab63e966c3d4470fd5e84af8cc511134abb1774675a587b5c5404fc_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-28180"
},
{
"category": "external",
"summary": "RHBZ#2268854",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268854"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-28180",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28180"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-28180",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-28180"
},
{
"category": "external",
"summary": "https://github.com/go-jose/go-jose/security/advisories/GHSA-c5q2-7r4c-mv6g",
"url": "https://github.com/go-jose/go-jose/security/advisories/GHSA-c5q2-7r4c-mv6g"
}
],
"release_date": "2024-03-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-04-22T12:47:08+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:0e198b83b0fe4e2e907f0ce44223807e717369fff4a3bd09fa323afbb5200d27_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:58b025688bca67cb9de2e97a34813d59c398b8c5aa06cb11cd63c79b322f07a7_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:69cbbf2406a18f9277244cc1cc38d50dc34faaebd5d6a74cc728c6a949ef2cf5_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:ad8da9f3b2ca43d37c25e6ac37670cfaa2e98a8d6088fccadd37e836660020e2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:234ca069ffe78398715d16191814440da39ef08311b5e3d90c33fd604ec9c07a_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:b6a0c40c39eea955482de2cec38f6e9f2fb95ec886fc406effafb5cec581280f_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:caac8c5c9753bdbd97a52295a6a836f463c21cd1bf438173575dc4db006dab55_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:d0122af40529339e7f1b2184a94c288ed3c8b731a84f7f3cc4e8ac0dcf8d8106_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0efd74c9c1d43ef220fa808ae34139bcb73b39181afc53a556285e627dbb7d93_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:8825ebc0110560418afeb12708c4068e9d1751be5ba858db94b5ad12846b50d6_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:c3fb0c75bc4c1915e570dc6e68e6a0dd38b05157e905e3a0bbe0fb83abd2b6fd_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:ddf99768023aaa4f60e43a16f9d9aa44adb91d68307f020b1dfdd92a5c11fc91_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-rhel8-operator@sha256:06890ec20acad8a9911af77b0886d61a02a96f8dcc90ecc2992c96a3a5244602_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-rhel8-operator@sha256:1690eafb1f67ea903775f66cba1c9de4275a1e70f5a985940ddcb1577348045e_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-rhel8-operator@sha256:2cb94a0220ff8d69c17f2eee8db3c6f045776d63de4dc80e1a4ab31190d5c04f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-rhel8-operator@sha256:444bf4a8adc914b762758e5f4c4b06387faf288a0f75d8c8f8413919d31c855d_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:632422660922698f9662c067e4662175a0207c1a38e7ee83ac4e6186de68890b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:91837663c930e797947ccd9ac7b9939a212dda33918d53b857c5ac48de90f175_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:bc2d5e67dcd8fcda716f7b964dbaca1eccc4f6833199b60eadbad87219fdacbd_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:efeed94b8d1b84224310469a6e4be5d8db055e3f8c4e06529ba20f3e7697c955_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8-operator@sha256:07d52f116218cbfaead1559ad84e63450cedbc79823e15e3e37650090dded17e_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8-operator@sha256:326b45f0d46bd99aa22404ff9634dabefb559c68271808a2607581e6c2d73f42_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8-operator@sha256:454f36d91693411ec03f6682de6f9d47acbb172919d1b97d7ecf74795a3af827_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8-operator@sha256:4919abb410f858d91bb76654aa682a18ab9b87a6c410c5c437d2678afbbf14ee_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:44e4d5dfd252a87ca2b1ee79cf74c00e8fc7f1476f6425b3766d5858a402a8b2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4b0a937e5860713fcc3489d8d3f01eafa4d100d561793ced0d61549e872ad9c7_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:cc42799b6ffa1c143314397a40b77cc5b266445c597a273847e9a8bb5c686297_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d885ebb70409569cf8dd77fe482e7cb46d7ca8e901e54b59bce4699216dcbd94_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:424d46b0189803fac9b7897b27fb0f0dec6f2265f6442962e4186c68c5295e04_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:b112030a03913f52d0daead03020c597bb33287fb62f781ff00077d6664f9b33_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:b451f504cb2078f363a4b184e4223289908ddf499f68bdee99f65350035276a6_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c3ba2b9acfe888f8546ea31a1d6b33759be7305c6be40a0471da03a811a733aa_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:14c27420cdb4670d8736a2baa078cc3bac8c42db54b7638d26af8822c960f074_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:a5473c6d230b69f67060283a1edfcbdf92fbcbcf0326dcef81f3e89575365806_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:cfff7a32024d0c66f1e47d6282e251c3750b8b15dfa74d098936da02a6306145_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:d4c6785e87b9565cfe2ee1e8ff5dcec76fdf70f080baa4c23fbd9d53aa01308a_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:6fb3b48cc8b524c6bd4d46aa8009f4f58682e4e414978c85e0ec0e15414bf90a_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:e52cba0676757314ad1424ffda339f793c8e4ef1f91dcabaa0118e8e282a767b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:e8334544cb16db92bc8affad46e0abc11e1803d998b19991e885220584f2b9fe_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:e961ad03bab63e966c3d4470fd5e84af8cc511134abb1774675a587b5c5404fc_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1946"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:0e198b83b0fe4e2e907f0ce44223807e717369fff4a3bd09fa323afbb5200d27_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:58b025688bca67cb9de2e97a34813d59c398b8c5aa06cb11cd63c79b322f07a7_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:69cbbf2406a18f9277244cc1cc38d50dc34faaebd5d6a74cc728c6a949ef2cf5_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:ad8da9f3b2ca43d37c25e6ac37670cfaa2e98a8d6088fccadd37e836660020e2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:234ca069ffe78398715d16191814440da39ef08311b5e3d90c33fd604ec9c07a_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:b6a0c40c39eea955482de2cec38f6e9f2fb95ec886fc406effafb5cec581280f_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:caac8c5c9753bdbd97a52295a6a836f463c21cd1bf438173575dc4db006dab55_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:d0122af40529339e7f1b2184a94c288ed3c8b731a84f7f3cc4e8ac0dcf8d8106_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0efd74c9c1d43ef220fa808ae34139bcb73b39181afc53a556285e627dbb7d93_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:8825ebc0110560418afeb12708c4068e9d1751be5ba858db94b5ad12846b50d6_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:c3fb0c75bc4c1915e570dc6e68e6a0dd38b05157e905e3a0bbe0fb83abd2b6fd_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:ddf99768023aaa4f60e43a16f9d9aa44adb91d68307f020b1dfdd92a5c11fc91_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-rhel8-operator@sha256:06890ec20acad8a9911af77b0886d61a02a96f8dcc90ecc2992c96a3a5244602_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-rhel8-operator@sha256:1690eafb1f67ea903775f66cba1c9de4275a1e70f5a985940ddcb1577348045e_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-rhel8-operator@sha256:2cb94a0220ff8d69c17f2eee8db3c6f045776d63de4dc80e1a4ab31190d5c04f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-rhel8-operator@sha256:444bf4a8adc914b762758e5f4c4b06387faf288a0f75d8c8f8413919d31c855d_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:632422660922698f9662c067e4662175a0207c1a38e7ee83ac4e6186de68890b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:91837663c930e797947ccd9ac7b9939a212dda33918d53b857c5ac48de90f175_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:bc2d5e67dcd8fcda716f7b964dbaca1eccc4f6833199b60eadbad87219fdacbd_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:efeed94b8d1b84224310469a6e4be5d8db055e3f8c4e06529ba20f3e7697c955_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8-operator@sha256:07d52f116218cbfaead1559ad84e63450cedbc79823e15e3e37650090dded17e_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8-operator@sha256:326b45f0d46bd99aa22404ff9634dabefb559c68271808a2607581e6c2d73f42_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8-operator@sha256:454f36d91693411ec03f6682de6f9d47acbb172919d1b97d7ecf74795a3af827_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8-operator@sha256:4919abb410f858d91bb76654aa682a18ab9b87a6c410c5c437d2678afbbf14ee_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:44e4d5dfd252a87ca2b1ee79cf74c00e8fc7f1476f6425b3766d5858a402a8b2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4b0a937e5860713fcc3489d8d3f01eafa4d100d561793ced0d61549e872ad9c7_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:cc42799b6ffa1c143314397a40b77cc5b266445c597a273847e9a8bb5c686297_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d885ebb70409569cf8dd77fe482e7cb46d7ca8e901e54b59bce4699216dcbd94_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:424d46b0189803fac9b7897b27fb0f0dec6f2265f6442962e4186c68c5295e04_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:b112030a03913f52d0daead03020c597bb33287fb62f781ff00077d6664f9b33_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:b451f504cb2078f363a4b184e4223289908ddf499f68bdee99f65350035276a6_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c3ba2b9acfe888f8546ea31a1d6b33759be7305c6be40a0471da03a811a733aa_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:14c27420cdb4670d8736a2baa078cc3bac8c42db54b7638d26af8822c960f074_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:a5473c6d230b69f67060283a1edfcbdf92fbcbcf0326dcef81f3e89575365806_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:cfff7a32024d0c66f1e47d6282e251c3750b8b15dfa74d098936da02a6306145_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:d4c6785e87b9565cfe2ee1e8ff5dcec76fdf70f080baa4c23fbd9d53aa01308a_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:6fb3b48cc8b524c6bd4d46aa8009f4f58682e4e414978c85e0ec0e15414bf90a_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:e52cba0676757314ad1424ffda339f793c8e4ef1f91dcabaa0118e8e282a767b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:e8334544cb16db92bc8affad46e0abc11e1803d998b19991e885220584f2b9fe_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:e961ad03bab63e966c3d4470fd5e84af8cc511134abb1774675a587b5c5404fc_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:0e198b83b0fe4e2e907f0ce44223807e717369fff4a3bd09fa323afbb5200d27_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:58b025688bca67cb9de2e97a34813d59c398b8c5aa06cb11cd63c79b322f07a7_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:69cbbf2406a18f9277244cc1cc38d50dc34faaebd5d6a74cc728c6a949ef2cf5_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:ad8da9f3b2ca43d37c25e6ac37670cfaa2e98a8d6088fccadd37e836660020e2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:234ca069ffe78398715d16191814440da39ef08311b5e3d90c33fd604ec9c07a_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:b6a0c40c39eea955482de2cec38f6e9f2fb95ec886fc406effafb5cec581280f_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:caac8c5c9753bdbd97a52295a6a836f463c21cd1bf438173575dc4db006dab55_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:d0122af40529339e7f1b2184a94c288ed3c8b731a84f7f3cc4e8ac0dcf8d8106_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0efd74c9c1d43ef220fa808ae34139bcb73b39181afc53a556285e627dbb7d93_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:8825ebc0110560418afeb12708c4068e9d1751be5ba858db94b5ad12846b50d6_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:c3fb0c75bc4c1915e570dc6e68e6a0dd38b05157e905e3a0bbe0fb83abd2b6fd_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:ddf99768023aaa4f60e43a16f9d9aa44adb91d68307f020b1dfdd92a5c11fc91_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-rhel8-operator@sha256:06890ec20acad8a9911af77b0886d61a02a96f8dcc90ecc2992c96a3a5244602_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-rhel8-operator@sha256:1690eafb1f67ea903775f66cba1c9de4275a1e70f5a985940ddcb1577348045e_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-rhel8-operator@sha256:2cb94a0220ff8d69c17f2eee8db3c6f045776d63de4dc80e1a4ab31190d5c04f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-rhel8-operator@sha256:444bf4a8adc914b762758e5f4c4b06387faf288a0f75d8c8f8413919d31c855d_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:632422660922698f9662c067e4662175a0207c1a38e7ee83ac4e6186de68890b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:91837663c930e797947ccd9ac7b9939a212dda33918d53b857c5ac48de90f175_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:bc2d5e67dcd8fcda716f7b964dbaca1eccc4f6833199b60eadbad87219fdacbd_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:efeed94b8d1b84224310469a6e4be5d8db055e3f8c4e06529ba20f3e7697c955_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8-operator@sha256:07d52f116218cbfaead1559ad84e63450cedbc79823e15e3e37650090dded17e_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8-operator@sha256:326b45f0d46bd99aa22404ff9634dabefb559c68271808a2607581e6c2d73f42_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8-operator@sha256:454f36d91693411ec03f6682de6f9d47acbb172919d1b97d7ecf74795a3af827_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8-operator@sha256:4919abb410f858d91bb76654aa682a18ab9b87a6c410c5c437d2678afbbf14ee_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:44e4d5dfd252a87ca2b1ee79cf74c00e8fc7f1476f6425b3766d5858a402a8b2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4b0a937e5860713fcc3489d8d3f01eafa4d100d561793ced0d61549e872ad9c7_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:cc42799b6ffa1c143314397a40b77cc5b266445c597a273847e9a8bb5c686297_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d885ebb70409569cf8dd77fe482e7cb46d7ca8e901e54b59bce4699216dcbd94_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:424d46b0189803fac9b7897b27fb0f0dec6f2265f6442962e4186c68c5295e04_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:b112030a03913f52d0daead03020c597bb33287fb62f781ff00077d6664f9b33_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:b451f504cb2078f363a4b184e4223289908ddf499f68bdee99f65350035276a6_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c3ba2b9acfe888f8546ea31a1d6b33759be7305c6be40a0471da03a811a733aa_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:14c27420cdb4670d8736a2baa078cc3bac8c42db54b7638d26af8822c960f074_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:a5473c6d230b69f67060283a1edfcbdf92fbcbcf0326dcef81f3e89575365806_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:cfff7a32024d0c66f1e47d6282e251c3750b8b15dfa74d098936da02a6306145_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:d4c6785e87b9565cfe2ee1e8ff5dcec76fdf70f080baa4c23fbd9d53aa01308a_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:6fb3b48cc8b524c6bd4d46aa8009f4f58682e4e414978c85e0ec0e15414bf90a_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:e52cba0676757314ad1424ffda339f793c8e4ef1f91dcabaa0118e8e282a767b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:e8334544cb16db92bc8affad46e0abc11e1803d998b19991e885220584f2b9fe_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:e961ad03bab63e966c3d4470fd5e84af8cc511134abb1774675a587b5c5404fc_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jose-go: improper handling of highly compressed data"
},
{
"cve": "CVE-2024-28849",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2024-03-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2269576"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the follow-redirects package. While processing the cross-domain redirection, `follow-redirects` clears authorization headers, however, it misses clearing proxy-authentication headers, which contain credentials as well. This issue may lead to credential leaking, having a high impact on data confidentiality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "follow-redirects: Possible credential leak",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:0e198b83b0fe4e2e907f0ce44223807e717369fff4a3bd09fa323afbb5200d27_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:58b025688bca67cb9de2e97a34813d59c398b8c5aa06cb11cd63c79b322f07a7_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:69cbbf2406a18f9277244cc1cc38d50dc34faaebd5d6a74cc728c6a949ef2cf5_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:ad8da9f3b2ca43d37c25e6ac37670cfaa2e98a8d6088fccadd37e836660020e2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:234ca069ffe78398715d16191814440da39ef08311b5e3d90c33fd604ec9c07a_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:b6a0c40c39eea955482de2cec38f6e9f2fb95ec886fc406effafb5cec581280f_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:caac8c5c9753bdbd97a52295a6a836f463c21cd1bf438173575dc4db006dab55_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:d0122af40529339e7f1b2184a94c288ed3c8b731a84f7f3cc4e8ac0dcf8d8106_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0efd74c9c1d43ef220fa808ae34139bcb73b39181afc53a556285e627dbb7d93_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:8825ebc0110560418afeb12708c4068e9d1751be5ba858db94b5ad12846b50d6_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:c3fb0c75bc4c1915e570dc6e68e6a0dd38b05157e905e3a0bbe0fb83abd2b6fd_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:ddf99768023aaa4f60e43a16f9d9aa44adb91d68307f020b1dfdd92a5c11fc91_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-rhel8-operator@sha256:06890ec20acad8a9911af77b0886d61a02a96f8dcc90ecc2992c96a3a5244602_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-rhel8-operator@sha256:1690eafb1f67ea903775f66cba1c9de4275a1e70f5a985940ddcb1577348045e_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-rhel8-operator@sha256:2cb94a0220ff8d69c17f2eee8db3c6f045776d63de4dc80e1a4ab31190d5c04f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-rhel8-operator@sha256:444bf4a8adc914b762758e5f4c4b06387faf288a0f75d8c8f8413919d31c855d_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:632422660922698f9662c067e4662175a0207c1a38e7ee83ac4e6186de68890b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:91837663c930e797947ccd9ac7b9939a212dda33918d53b857c5ac48de90f175_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:bc2d5e67dcd8fcda716f7b964dbaca1eccc4f6833199b60eadbad87219fdacbd_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:efeed94b8d1b84224310469a6e4be5d8db055e3f8c4e06529ba20f3e7697c955_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8-operator@sha256:07d52f116218cbfaead1559ad84e63450cedbc79823e15e3e37650090dded17e_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8-operator@sha256:326b45f0d46bd99aa22404ff9634dabefb559c68271808a2607581e6c2d73f42_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8-operator@sha256:454f36d91693411ec03f6682de6f9d47acbb172919d1b97d7ecf74795a3af827_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8-operator@sha256:4919abb410f858d91bb76654aa682a18ab9b87a6c410c5c437d2678afbbf14ee_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:44e4d5dfd252a87ca2b1ee79cf74c00e8fc7f1476f6425b3766d5858a402a8b2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4b0a937e5860713fcc3489d8d3f01eafa4d100d561793ced0d61549e872ad9c7_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:cc42799b6ffa1c143314397a40b77cc5b266445c597a273847e9a8bb5c686297_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d885ebb70409569cf8dd77fe482e7cb46d7ca8e901e54b59bce4699216dcbd94_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:424d46b0189803fac9b7897b27fb0f0dec6f2265f6442962e4186c68c5295e04_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:b112030a03913f52d0daead03020c597bb33287fb62f781ff00077d6664f9b33_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:b451f504cb2078f363a4b184e4223289908ddf499f68bdee99f65350035276a6_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c3ba2b9acfe888f8546ea31a1d6b33759be7305c6be40a0471da03a811a733aa_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:14c27420cdb4670d8736a2baa078cc3bac8c42db54b7638d26af8822c960f074_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:a5473c6d230b69f67060283a1edfcbdf92fbcbcf0326dcef81f3e89575365806_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:cfff7a32024d0c66f1e47d6282e251c3750b8b15dfa74d098936da02a6306145_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:d4c6785e87b9565cfe2ee1e8ff5dcec76fdf70f080baa4c23fbd9d53aa01308a_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:6fb3b48cc8b524c6bd4d46aa8009f4f58682e4e414978c85e0ec0e15414bf90a_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:e52cba0676757314ad1424ffda339f793c8e4ef1f91dcabaa0118e8e282a767b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:e8334544cb16db92bc8affad46e0abc11e1803d998b19991e885220584f2b9fe_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:e961ad03bab63e966c3d4470fd5e84af8cc511134abb1774675a587b5c5404fc_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-28849"
},
{
"category": "external",
"summary": "RHBZ#2269576",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2269576"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-28849",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28849"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-28849",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-28849"
},
{
"category": "external",
"summary": "https://github.com/follow-redirects/follow-redirects/security/advisories/GHSA-cxjh-pqwp-8mfp",
"url": "https://github.com/follow-redirects/follow-redirects/security/advisories/GHSA-cxjh-pqwp-8mfp"
}
],
"release_date": "2024-03-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-04-22T12:47:08+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:0e198b83b0fe4e2e907f0ce44223807e717369fff4a3bd09fa323afbb5200d27_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:58b025688bca67cb9de2e97a34813d59c398b8c5aa06cb11cd63c79b322f07a7_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:69cbbf2406a18f9277244cc1cc38d50dc34faaebd5d6a74cc728c6a949ef2cf5_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:ad8da9f3b2ca43d37c25e6ac37670cfaa2e98a8d6088fccadd37e836660020e2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:234ca069ffe78398715d16191814440da39ef08311b5e3d90c33fd604ec9c07a_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:b6a0c40c39eea955482de2cec38f6e9f2fb95ec886fc406effafb5cec581280f_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:caac8c5c9753bdbd97a52295a6a836f463c21cd1bf438173575dc4db006dab55_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:d0122af40529339e7f1b2184a94c288ed3c8b731a84f7f3cc4e8ac0dcf8d8106_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0efd74c9c1d43ef220fa808ae34139bcb73b39181afc53a556285e627dbb7d93_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:8825ebc0110560418afeb12708c4068e9d1751be5ba858db94b5ad12846b50d6_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:c3fb0c75bc4c1915e570dc6e68e6a0dd38b05157e905e3a0bbe0fb83abd2b6fd_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:ddf99768023aaa4f60e43a16f9d9aa44adb91d68307f020b1dfdd92a5c11fc91_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-rhel8-operator@sha256:06890ec20acad8a9911af77b0886d61a02a96f8dcc90ecc2992c96a3a5244602_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-rhel8-operator@sha256:1690eafb1f67ea903775f66cba1c9de4275a1e70f5a985940ddcb1577348045e_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-rhel8-operator@sha256:2cb94a0220ff8d69c17f2eee8db3c6f045776d63de4dc80e1a4ab31190d5c04f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-rhel8-operator@sha256:444bf4a8adc914b762758e5f4c4b06387faf288a0f75d8c8f8413919d31c855d_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:632422660922698f9662c067e4662175a0207c1a38e7ee83ac4e6186de68890b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:91837663c930e797947ccd9ac7b9939a212dda33918d53b857c5ac48de90f175_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:bc2d5e67dcd8fcda716f7b964dbaca1eccc4f6833199b60eadbad87219fdacbd_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:efeed94b8d1b84224310469a6e4be5d8db055e3f8c4e06529ba20f3e7697c955_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8-operator@sha256:07d52f116218cbfaead1559ad84e63450cedbc79823e15e3e37650090dded17e_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8-operator@sha256:326b45f0d46bd99aa22404ff9634dabefb559c68271808a2607581e6c2d73f42_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8-operator@sha256:454f36d91693411ec03f6682de6f9d47acbb172919d1b97d7ecf74795a3af827_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8-operator@sha256:4919abb410f858d91bb76654aa682a18ab9b87a6c410c5c437d2678afbbf14ee_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:44e4d5dfd252a87ca2b1ee79cf74c00e8fc7f1476f6425b3766d5858a402a8b2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4b0a937e5860713fcc3489d8d3f01eafa4d100d561793ced0d61549e872ad9c7_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:cc42799b6ffa1c143314397a40b77cc5b266445c597a273847e9a8bb5c686297_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d885ebb70409569cf8dd77fe482e7cb46d7ca8e901e54b59bce4699216dcbd94_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:424d46b0189803fac9b7897b27fb0f0dec6f2265f6442962e4186c68c5295e04_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:b112030a03913f52d0daead03020c597bb33287fb62f781ff00077d6664f9b33_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:b451f504cb2078f363a4b184e4223289908ddf499f68bdee99f65350035276a6_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c3ba2b9acfe888f8546ea31a1d6b33759be7305c6be40a0471da03a811a733aa_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:14c27420cdb4670d8736a2baa078cc3bac8c42db54b7638d26af8822c960f074_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:a5473c6d230b69f67060283a1edfcbdf92fbcbcf0326dcef81f3e89575365806_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:cfff7a32024d0c66f1e47d6282e251c3750b8b15dfa74d098936da02a6306145_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:d4c6785e87b9565cfe2ee1e8ff5dcec76fdf70f080baa4c23fbd9d53aa01308a_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:6fb3b48cc8b524c6bd4d46aa8009f4f58682e4e414978c85e0ec0e15414bf90a_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:e52cba0676757314ad1424ffda339f793c8e4ef1f91dcabaa0118e8e282a767b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:e8334544cb16db92bc8affad46e0abc11e1803d998b19991e885220584f2b9fe_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:e961ad03bab63e966c3d4470fd5e84af8cc511134abb1774675a587b5c5404fc_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1946"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:0e198b83b0fe4e2e907f0ce44223807e717369fff4a3bd09fa323afbb5200d27_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:58b025688bca67cb9de2e97a34813d59c398b8c5aa06cb11cd63c79b322f07a7_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:69cbbf2406a18f9277244cc1cc38d50dc34faaebd5d6a74cc728c6a949ef2cf5_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:ad8da9f3b2ca43d37c25e6ac37670cfaa2e98a8d6088fccadd37e836660020e2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:234ca069ffe78398715d16191814440da39ef08311b5e3d90c33fd604ec9c07a_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:b6a0c40c39eea955482de2cec38f6e9f2fb95ec886fc406effafb5cec581280f_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:caac8c5c9753bdbd97a52295a6a836f463c21cd1bf438173575dc4db006dab55_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:d0122af40529339e7f1b2184a94c288ed3c8b731a84f7f3cc4e8ac0dcf8d8106_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0efd74c9c1d43ef220fa808ae34139bcb73b39181afc53a556285e627dbb7d93_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:8825ebc0110560418afeb12708c4068e9d1751be5ba858db94b5ad12846b50d6_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:c3fb0c75bc4c1915e570dc6e68e6a0dd38b05157e905e3a0bbe0fb83abd2b6fd_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:ddf99768023aaa4f60e43a16f9d9aa44adb91d68307f020b1dfdd92a5c11fc91_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-rhel8-operator@sha256:06890ec20acad8a9911af77b0886d61a02a96f8dcc90ecc2992c96a3a5244602_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-rhel8-operator@sha256:1690eafb1f67ea903775f66cba1c9de4275a1e70f5a985940ddcb1577348045e_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-rhel8-operator@sha256:2cb94a0220ff8d69c17f2eee8db3c6f045776d63de4dc80e1a4ab31190d5c04f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-rhel8-operator@sha256:444bf4a8adc914b762758e5f4c4b06387faf288a0f75d8c8f8413919d31c855d_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:632422660922698f9662c067e4662175a0207c1a38e7ee83ac4e6186de68890b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:91837663c930e797947ccd9ac7b9939a212dda33918d53b857c5ac48de90f175_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:bc2d5e67dcd8fcda716f7b964dbaca1eccc4f6833199b60eadbad87219fdacbd_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:efeed94b8d1b84224310469a6e4be5d8db055e3f8c4e06529ba20f3e7697c955_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8-operator@sha256:07d52f116218cbfaead1559ad84e63450cedbc79823e15e3e37650090dded17e_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8-operator@sha256:326b45f0d46bd99aa22404ff9634dabefb559c68271808a2607581e6c2d73f42_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8-operator@sha256:454f36d91693411ec03f6682de6f9d47acbb172919d1b97d7ecf74795a3af827_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8-operator@sha256:4919abb410f858d91bb76654aa682a18ab9b87a6c410c5c437d2678afbbf14ee_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:44e4d5dfd252a87ca2b1ee79cf74c00e8fc7f1476f6425b3766d5858a402a8b2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4b0a937e5860713fcc3489d8d3f01eafa4d100d561793ced0d61549e872ad9c7_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:cc42799b6ffa1c143314397a40b77cc5b266445c597a273847e9a8bb5c686297_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d885ebb70409569cf8dd77fe482e7cb46d7ca8e901e54b59bce4699216dcbd94_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:424d46b0189803fac9b7897b27fb0f0dec6f2265f6442962e4186c68c5295e04_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:b112030a03913f52d0daead03020c597bb33287fb62f781ff00077d6664f9b33_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:b451f504cb2078f363a4b184e4223289908ddf499f68bdee99f65350035276a6_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c3ba2b9acfe888f8546ea31a1d6b33759be7305c6be40a0471da03a811a733aa_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:14c27420cdb4670d8736a2baa078cc3bac8c42db54b7638d26af8822c960f074_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:a5473c6d230b69f67060283a1edfcbdf92fbcbcf0326dcef81f3e89575365806_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:cfff7a32024d0c66f1e47d6282e251c3750b8b15dfa74d098936da02a6306145_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:d4c6785e87b9565cfe2ee1e8ff5dcec76fdf70f080baa4c23fbd9d53aa01308a_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:6fb3b48cc8b524c6bd4d46aa8009f4f58682e4e414978c85e0ec0e15414bf90a_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:e52cba0676757314ad1424ffda339f793c8e4ef1f91dcabaa0118e8e282a767b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:e8334544cb16db92bc8affad46e0abc11e1803d998b19991e885220584f2b9fe_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:e961ad03bab63e966c3d4470fd5e84af8cc511134abb1774675a587b5c5404fc_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "follow-redirects: Possible credential leak"
}
]
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…