RHSA-2024:6210
Vulnerability from csaf_redhat - Published: 2024-09-03 10:05 - Updated: 2026-04-30 16:24Summary
Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.5.4 security update
Severity
Low
Notes
Topic: Red Hat OpenShift Service Mesh Containers for 2.5.4
Red Hat Product Security has rated this update as having a security impact of
Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a
detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
Details: Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation.
Security Fix(es):
* axios: Server-Side Request Forgery (CVE-2024-39338)
* elliptic: nodejs/elliptic: From NVD collector (CVE-2024-42459)
* ECDSA signature malleability due to missing checks (CVE-2024-42460)
* elliptic: nodejs/elliptic: From NVD collector (CVE-2024-42461)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A vulnerability was found in the Axios HTTP Client. It is vulnerable to a server-side request forgery attack (SSRF) caused by unexpected behavior where requests for path-relative URLs get processed as protocol-relative URLs. This flaw allows an attacker to perform arbitrary requests from the server, potentially accessing internal systems or exfiltrating sensitive data.
7.5 (High)
Affected products
Fixed
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:0e5a5f9e98b1181a4624abaeae779a52a9f23b885bf5c49b501cb89b47ea57e8_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:650a7a328845a5614844e5121d3fb643860f851985c263759d8b3fc4d3837fed_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:880dc5db1971ed397af223519a8a43b513dbba90eae5fd09f173b0051f159c22_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:a64c67b2bb9cddc99836dd93c169043b3ee048cfca7d7ad4ec28fada75c3240a_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:30451a29ff2f14bf8c4f210ebf000679ce0ffa4af5fb6d7e931402ca4c0698f6_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:3c32da67d342a74b171f28049ff997014ed7ba4a9a63bcddf1bcd4761df91d6d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:4de88f118f7f0f9c82dedb534d2201a969a6eb7129862fbe99d977619346a91e_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:7e8ec2e701f32afd8502a40809cf7d707679cfc7bced4b7545d4c828617809ba_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:10a472f7556e95753ed1ed78e68107539a4fa21edd99c5c971442ad9f8ea6160_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:2fa038769856650e23d56871f3b9746f82f7b1d0ae20287779e4d8c895642212_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:95a0d1e8765e6e983635c0ed5e7ba7c5ce8deaa3f702d41557b7cce20755f997_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:fcceb12b4878f180a9e4263c22e04a3b048a88951b9b4dbf735dc59bbe92cedc_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:55220093363a18cdb2da2183df4c645831c20a070fae3ffa8ddb163cd1a0dd1c_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9e39df1296cd22c9ee4c9fe291bd8d2555466d212a32047b3f6c64ca993563f0_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce777a4c38bef7988300446caaea03e9eef9ea6e5260a9558e09af81a9b866b2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:e12ca81c2bf4f7d29444833e92a06eec5da433e931803e89c5315fa61afa0f04_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:68588cd4073be83b9e42fbde29656bbb9e007b53c47d1b943d19aebe624e61c1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:8a1dbff7cea816ea96546e6d1647b5ab439c85ec2a76c3d74dadb462da71000f_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:c07e3a2ac395e06468105553dce097334f262c3f94d96cafc500660ed29eb91d_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:e2be27500e84f830a79c1a8f141d9efb33bd02464239e5611b6e1aafa82af302_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:0ffb28605471f52ffb11c090e3ac49c58ee96a6dc4fe13d851ee8a647e413f15_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:28dd159630562c2cf106fd9c90ee2f0eb6c27eb20f44a0ad89aa62df28ba5686_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:4346d91114d23b5e794c67fff10560730b51a38376cdbae0787c4d9cde7a419a_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:977f445a5a4e5cab65df2ea078ff36b58c25198ee914e5aa7e91533e1d9b7cb5_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:30735e400419bb8c08bfcdc302d3ab97786e7825e89f604e3f6a1f42d727e3ca_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:99cdf691126ba1bd8c3f0279a95dda1c8c76fe257a72f59a479a926a0ac7eba5_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:cbf2da4bfb39ff37c0028bbcae621b5e8e37e32f8b7c622139fbce3f1cc0f8de_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:f4ae7819aab6a853500b54577955ec9433280b1d839b145971a3a1764a59b52c_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:1b33e9cab1b582ad850c95a008c23065a917a53b82d540680884da19e12b99b2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:5960f10bd4d8367edaa123af5adc2186408c21cdf547ce623796a41647269590_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:9df5c5f0b8760d015216140a11ca25cb36dd77a51d8a1804670f942cf5372803_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:fcaf1df1c9c3b91a3a8342fb1ee44f1928f4d5adc168435dafb72c0ab0a7e124_arm64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A flaw was found in the NodeJS Elliptic package. When creating EDDSA signatures, the Elliptic package doesn't properly check the signature length, allowing zeros to be added or removed from the signature without invalidating it, which may result in confidentiality issues.
5.3 (Medium)
Affected products
Fixed
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:0e5a5f9e98b1181a4624abaeae779a52a9f23b885bf5c49b501cb89b47ea57e8_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:650a7a328845a5614844e5121d3fb643860f851985c263759d8b3fc4d3837fed_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:880dc5db1971ed397af223519a8a43b513dbba90eae5fd09f173b0051f159c22_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:a64c67b2bb9cddc99836dd93c169043b3ee048cfca7d7ad4ec28fada75c3240a_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:30451a29ff2f14bf8c4f210ebf000679ce0ffa4af5fb6d7e931402ca4c0698f6_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:3c32da67d342a74b171f28049ff997014ed7ba4a9a63bcddf1bcd4761df91d6d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:4de88f118f7f0f9c82dedb534d2201a969a6eb7129862fbe99d977619346a91e_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:7e8ec2e701f32afd8502a40809cf7d707679cfc7bced4b7545d4c828617809ba_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:10a472f7556e95753ed1ed78e68107539a4fa21edd99c5c971442ad9f8ea6160_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:2fa038769856650e23d56871f3b9746f82f7b1d0ae20287779e4d8c895642212_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:95a0d1e8765e6e983635c0ed5e7ba7c5ce8deaa3f702d41557b7cce20755f997_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:fcceb12b4878f180a9e4263c22e04a3b048a88951b9b4dbf735dc59bbe92cedc_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:55220093363a18cdb2da2183df4c645831c20a070fae3ffa8ddb163cd1a0dd1c_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9e39df1296cd22c9ee4c9fe291bd8d2555466d212a32047b3f6c64ca993563f0_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce777a4c38bef7988300446caaea03e9eef9ea6e5260a9558e09af81a9b866b2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:e12ca81c2bf4f7d29444833e92a06eec5da433e931803e89c5315fa61afa0f04_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:68588cd4073be83b9e42fbde29656bbb9e007b53c47d1b943d19aebe624e61c1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:8a1dbff7cea816ea96546e6d1647b5ab439c85ec2a76c3d74dadb462da71000f_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:c07e3a2ac395e06468105553dce097334f262c3f94d96cafc500660ed29eb91d_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:e2be27500e84f830a79c1a8f141d9efb33bd02464239e5611b6e1aafa82af302_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:0ffb28605471f52ffb11c090e3ac49c58ee96a6dc4fe13d851ee8a647e413f15_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:28dd159630562c2cf106fd9c90ee2f0eb6c27eb20f44a0ad89aa62df28ba5686_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:4346d91114d23b5e794c67fff10560730b51a38376cdbae0787c4d9cde7a419a_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:977f445a5a4e5cab65df2ea078ff36b58c25198ee914e5aa7e91533e1d9b7cb5_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:30735e400419bb8c08bfcdc302d3ab97786e7825e89f604e3f6a1f42d727e3ca_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:99cdf691126ba1bd8c3f0279a95dda1c8c76fe257a72f59a479a926a0ac7eba5_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:cbf2da4bfb39ff37c0028bbcae621b5e8e37e32f8b7c622139fbce3f1cc0f8de_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:f4ae7819aab6a853500b54577955ec9433280b1d839b145971a3a1764a59b52c_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:1b33e9cab1b582ad850c95a008c23065a917a53b82d540680884da19e12b99b2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:5960f10bd4d8367edaa123af5adc2186408c21cdf547ce623796a41647269590_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:9df5c5f0b8760d015216140a11ca25cb36dd77a51d8a1804670f942cf5372803_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:fcaf1df1c9c3b91a3a8342fb1ee44f1928f4d5adc168435dafb72c0ab0a7e124_arm64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in the Elliptic NodeJS package where it fails to properly verify the leading bit for the R and S values used in the ECDSA signature. This issue may lead to a scenario where an attacker can modify the signature without the Elliptic library being able to properly reject it, causing data confidentiality issues.
5.3 (Medium)
Affected products
Fixed
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:0e5a5f9e98b1181a4624abaeae779a52a9f23b885bf5c49b501cb89b47ea57e8_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:650a7a328845a5614844e5121d3fb643860f851985c263759d8b3fc4d3837fed_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:880dc5db1971ed397af223519a8a43b513dbba90eae5fd09f173b0051f159c22_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:a64c67b2bb9cddc99836dd93c169043b3ee048cfca7d7ad4ec28fada75c3240a_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:30451a29ff2f14bf8c4f210ebf000679ce0ffa4af5fb6d7e931402ca4c0698f6_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:3c32da67d342a74b171f28049ff997014ed7ba4a9a63bcddf1bcd4761df91d6d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:4de88f118f7f0f9c82dedb534d2201a969a6eb7129862fbe99d977619346a91e_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:7e8ec2e701f32afd8502a40809cf7d707679cfc7bced4b7545d4c828617809ba_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:10a472f7556e95753ed1ed78e68107539a4fa21edd99c5c971442ad9f8ea6160_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:2fa038769856650e23d56871f3b9746f82f7b1d0ae20287779e4d8c895642212_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:95a0d1e8765e6e983635c0ed5e7ba7c5ce8deaa3f702d41557b7cce20755f997_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:fcceb12b4878f180a9e4263c22e04a3b048a88951b9b4dbf735dc59bbe92cedc_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:55220093363a18cdb2da2183df4c645831c20a070fae3ffa8ddb163cd1a0dd1c_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9e39df1296cd22c9ee4c9fe291bd8d2555466d212a32047b3f6c64ca993563f0_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce777a4c38bef7988300446caaea03e9eef9ea6e5260a9558e09af81a9b866b2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:e12ca81c2bf4f7d29444833e92a06eec5da433e931803e89c5315fa61afa0f04_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:68588cd4073be83b9e42fbde29656bbb9e007b53c47d1b943d19aebe624e61c1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:8a1dbff7cea816ea96546e6d1647b5ab439c85ec2a76c3d74dadb462da71000f_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:c07e3a2ac395e06468105553dce097334f262c3f94d96cafc500660ed29eb91d_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:e2be27500e84f830a79c1a8f141d9efb33bd02464239e5611b6e1aafa82af302_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:0ffb28605471f52ffb11c090e3ac49c58ee96a6dc4fe13d851ee8a647e413f15_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:28dd159630562c2cf106fd9c90ee2f0eb6c27eb20f44a0ad89aa62df28ba5686_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:4346d91114d23b5e794c67fff10560730b51a38376cdbae0787c4d9cde7a419a_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:977f445a5a4e5cab65df2ea078ff36b58c25198ee914e5aa7e91533e1d9b7cb5_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:30735e400419bb8c08bfcdc302d3ab97786e7825e89f604e3f6a1f42d727e3ca_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:99cdf691126ba1bd8c3f0279a95dda1c8c76fe257a72f59a479a926a0ac7eba5_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:cbf2da4bfb39ff37c0028bbcae621b5e8e37e32f8b7c622139fbce3f1cc0f8de_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:f4ae7819aab6a853500b54577955ec9433280b1d839b145971a3a1764a59b52c_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:1b33e9cab1b582ad850c95a008c23065a917a53b82d540680884da19e12b99b2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:5960f10bd4d8367edaa123af5adc2186408c21cdf547ce623796a41647269590_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:9df5c5f0b8760d015216140a11ca25cb36dd77a51d8a1804670f942cf5372803_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:fcaf1df1c9c3b91a3a8342fb1ee44f1928f4d5adc168435dafb72c0ab0a7e124_arm64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in the Elliptic package for Node.js. ECDSA signatures encoded in BER format are improperly validated, allowing leading zeros to be added to the signature without invalidating it, resulting in confidentiality issues.
5.3 (Medium)
Affected products
Fixed
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:0e5a5f9e98b1181a4624abaeae779a52a9f23b885bf5c49b501cb89b47ea57e8_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:650a7a328845a5614844e5121d3fb643860f851985c263759d8b3fc4d3837fed_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:880dc5db1971ed397af223519a8a43b513dbba90eae5fd09f173b0051f159c22_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:a64c67b2bb9cddc99836dd93c169043b3ee048cfca7d7ad4ec28fada75c3240a_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:30451a29ff2f14bf8c4f210ebf000679ce0ffa4af5fb6d7e931402ca4c0698f6_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:3c32da67d342a74b171f28049ff997014ed7ba4a9a63bcddf1bcd4761df91d6d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:4de88f118f7f0f9c82dedb534d2201a969a6eb7129862fbe99d977619346a91e_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:7e8ec2e701f32afd8502a40809cf7d707679cfc7bced4b7545d4c828617809ba_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:10a472f7556e95753ed1ed78e68107539a4fa21edd99c5c971442ad9f8ea6160_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:2fa038769856650e23d56871f3b9746f82f7b1d0ae20287779e4d8c895642212_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:95a0d1e8765e6e983635c0ed5e7ba7c5ce8deaa3f702d41557b7cce20755f997_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:fcceb12b4878f180a9e4263c22e04a3b048a88951b9b4dbf735dc59bbe92cedc_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:55220093363a18cdb2da2183df4c645831c20a070fae3ffa8ddb163cd1a0dd1c_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9e39df1296cd22c9ee4c9fe291bd8d2555466d212a32047b3f6c64ca993563f0_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce777a4c38bef7988300446caaea03e9eef9ea6e5260a9558e09af81a9b866b2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:e12ca81c2bf4f7d29444833e92a06eec5da433e931803e89c5315fa61afa0f04_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:68588cd4073be83b9e42fbde29656bbb9e007b53c47d1b943d19aebe624e61c1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:8a1dbff7cea816ea96546e6d1647b5ab439c85ec2a76c3d74dadb462da71000f_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:c07e3a2ac395e06468105553dce097334f262c3f94d96cafc500660ed29eb91d_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:e2be27500e84f830a79c1a8f141d9efb33bd02464239e5611b6e1aafa82af302_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:0ffb28605471f52ffb11c090e3ac49c58ee96a6dc4fe13d851ee8a647e413f15_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:28dd159630562c2cf106fd9c90ee2f0eb6c27eb20f44a0ad89aa62df28ba5686_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:4346d91114d23b5e794c67fff10560730b51a38376cdbae0787c4d9cde7a419a_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:977f445a5a4e5cab65df2ea078ff36b58c25198ee914e5aa7e91533e1d9b7cb5_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:30735e400419bb8c08bfcdc302d3ab97786e7825e89f604e3f6a1f42d727e3ca_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:99cdf691126ba1bd8c3f0279a95dda1c8c76fe257a72f59a479a926a0ac7eba5_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:cbf2da4bfb39ff37c0028bbcae621b5e8e37e32f8b7c622139fbce3f1cc0f8de_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:f4ae7819aab6a853500b54577955ec9433280b1d839b145971a3a1764a59b52c_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:1b33e9cab1b582ad850c95a008c23065a917a53b82d540680884da19e12b99b2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:5960f10bd4d8367edaa123af5adc2186408c21cdf547ce623796a41647269590_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:9df5c5f0b8760d015216140a11ca25cb36dd77a51d8a1804670f942cf5372803_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:fcaf1df1c9c3b91a3a8342fb1ee44f1928f4d5adc168435dafb72c0ab0a7e124_arm64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
References
24 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Low"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Service Mesh Containers for 2.5.4 \n\nRed Hat Product Security has rated this update as having a security impact of\nLow. A Common Vulnerability Scoring System (CVSS) base score, which gives a\ndetailed severity rating, is available for each vulnerability from the CVE\nlink(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Service Mesh is Red Hat\u0027s distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation.\n\nSecurity Fix(es):\n* axios: Server-Side Request Forgery (CVE-2024-39338)\n* elliptic: nodejs/elliptic: From NVD collector (CVE-2024-42459)\n* ECDSA signature malleability due to missing checks (CVE-2024-42460)\n* elliptic: nodejs/elliptic: From NVD collector (CVE-2024-42461)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:6210",
"url": "https://access.redhat.com/errata/RHSA-2024:6210"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#low",
"url": "https://access.redhat.com/security/updates/classification/#low"
},
{
"category": "external",
"summary": "OSSM-6766",
"url": "https://issues.redhat.com/browse/OSSM-6766"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_6210.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.5.4 security update",
"tracking": {
"current_release_date": "2026-04-30T16:24:03+00:00",
"generator": {
"date": "2026-04-30T16:24:03+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.7"
}
},
"id": "RHSA-2024:6210",
"initial_release_date": "2024-09-03T10:05:02+00:00",
"revision_history": [
{
"date": "2024-09-03T10:05:02+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-09-03T10:05:02+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-04-30T16:24:03+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHOSSM 2.5 for RHEL 8",
"product": {
"name": "RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:service_mesh:2.5::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Service Mesh"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:55220093363a18cdb2da2183df4c645831c20a070fae3ffa8ddb163cd1a0dd1c_arm64",
"product": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:55220093363a18cdb2da2183df4c645831c20a070fae3ffa8ddb163cd1a0dd1c_arm64",
"product_id": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:55220093363a18cdb2da2183df4c645831c20a070fae3ffa8ddb163cd1a0dd1c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel8@sha256:55220093363a18cdb2da2183df4c645831c20a070fae3ffa8ddb163cd1a0dd1c?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8\u0026tag=1.73.13-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:7e8ec2e701f32afd8502a40809cf7d707679cfc7bced4b7545d4c828617809ba_arm64",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:7e8ec2e701f32afd8502a40809cf7d707679cfc7bced4b7545d4c828617809ba_arm64",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:7e8ec2e701f32afd8502a40809cf7d707679cfc7bced4b7545d4c828617809ba_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:7e8ec2e701f32afd8502a40809cf7d707679cfc7bced4b7545d4c828617809ba?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.5.4-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:a64c67b2bb9cddc99836dd93c169043b3ee048cfca7d7ad4ec28fada75c3240a_arm64",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:a64c67b2bb9cddc99836dd93c169043b3ee048cfca7d7ad4ec28fada75c3240a_arm64",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:a64c67b2bb9cddc99836dd93c169043b3ee048cfca7d7ad4ec28fada75c3240a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:a64c67b2bb9cddc99836dd93c169043b3ee048cfca7d7ad4ec28fada75c3240a?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.5.4-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:8a1dbff7cea816ea96546e6d1647b5ab439c85ec2a76c3d74dadb462da71000f_arm64",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:8a1dbff7cea816ea96546e6d1647b5ab439c85ec2a76c3d74dadb462da71000f_arm64",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:8a1dbff7cea816ea96546e6d1647b5ab439c85ec2a76c3d74dadb462da71000f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:8a1dbff7cea816ea96546e6d1647b5ab439c85ec2a76c3d74dadb462da71000f?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.73.14-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:2fa038769856650e23d56871f3b9746f82f7b1d0ae20287779e4d8c895642212_arm64",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:2fa038769856650e23d56871f3b9746f82f7b1d0ae20287779e4d8c895642212_arm64",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:2fa038769856650e23d56871f3b9746f82f7b1d0ae20287779e4d8c895642212_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:2fa038769856650e23d56871f3b9746f82f7b1d0ae20287779e4d8c895642212?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.5.4-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:28dd159630562c2cf106fd9c90ee2f0eb6c27eb20f44a0ad89aa62df28ba5686_arm64",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:28dd159630562c2cf106fd9c90ee2f0eb6c27eb20f44a0ad89aa62df28ba5686_arm64",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:28dd159630562c2cf106fd9c90ee2f0eb6c27eb20f44a0ad89aa62df28ba5686_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:28dd159630562c2cf106fd9c90ee2f0eb6c27eb20f44a0ad89aa62df28ba5686?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.5.4-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:cbf2da4bfb39ff37c0028bbcae621b5e8e37e32f8b7c622139fbce3f1cc0f8de_arm64",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:cbf2da4bfb39ff37c0028bbcae621b5e8e37e32f8b7c622139fbce3f1cc0f8de_arm64",
"product_id": "openshift-service-mesh/proxyv2-rhel8@sha256:cbf2da4bfb39ff37c0028bbcae621b5e8e37e32f8b7c622139fbce3f1cc0f8de_arm64",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel8@sha256:cbf2da4bfb39ff37c0028bbcae621b5e8e37e32f8b7c622139fbce3f1cc0f8de?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8\u0026tag=2.5.4-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:fcaf1df1c9c3b91a3a8342fb1ee44f1928f4d5adc168435dafb72c0ab0a7e124_arm64",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:fcaf1df1c9c3b91a3a8342fb1ee44f1928f4d5adc168435dafb72c0ab0a7e124_arm64",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:fcaf1df1c9c3b91a3a8342fb1ee44f1928f4d5adc168435dafb72c0ab0a7e124_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:fcaf1df1c9c3b91a3a8342fb1ee44f1928f4d5adc168435dafb72c0ab0a7e124?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.5.4-3"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce777a4c38bef7988300446caaea03e9eef9ea6e5260a9558e09af81a9b866b2_amd64",
"product": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce777a4c38bef7988300446caaea03e9eef9ea6e5260a9558e09af81a9b866b2_amd64",
"product_id": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce777a4c38bef7988300446caaea03e9eef9ea6e5260a9558e09af81a9b866b2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel8@sha256:ce777a4c38bef7988300446caaea03e9eef9ea6e5260a9558e09af81a9b866b2?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8\u0026tag=1.73.13-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:4de88f118f7f0f9c82dedb534d2201a969a6eb7129862fbe99d977619346a91e_amd64",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:4de88f118f7f0f9c82dedb534d2201a969a6eb7129862fbe99d977619346a91e_amd64",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:4de88f118f7f0f9c82dedb534d2201a969a6eb7129862fbe99d977619346a91e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:4de88f118f7f0f9c82dedb534d2201a969a6eb7129862fbe99d977619346a91e?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.5.4-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:0e5a5f9e98b1181a4624abaeae779a52a9f23b885bf5c49b501cb89b47ea57e8_amd64",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:0e5a5f9e98b1181a4624abaeae779a52a9f23b885bf5c49b501cb89b47ea57e8_amd64",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:0e5a5f9e98b1181a4624abaeae779a52a9f23b885bf5c49b501cb89b47ea57e8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:0e5a5f9e98b1181a4624abaeae779a52a9f23b885bf5c49b501cb89b47ea57e8?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.5.4-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:68588cd4073be83b9e42fbde29656bbb9e007b53c47d1b943d19aebe624e61c1_amd64",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:68588cd4073be83b9e42fbde29656bbb9e007b53c47d1b943d19aebe624e61c1_amd64",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:68588cd4073be83b9e42fbde29656bbb9e007b53c47d1b943d19aebe624e61c1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:68588cd4073be83b9e42fbde29656bbb9e007b53c47d1b943d19aebe624e61c1?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.73.14-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:fcceb12b4878f180a9e4263c22e04a3b048a88951b9b4dbf735dc59bbe92cedc_amd64",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:fcceb12b4878f180a9e4263c22e04a3b048a88951b9b4dbf735dc59bbe92cedc_amd64",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:fcceb12b4878f180a9e4263c22e04a3b048a88951b9b4dbf735dc59bbe92cedc_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:fcceb12b4878f180a9e4263c22e04a3b048a88951b9b4dbf735dc59bbe92cedc?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.5.4-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:0ffb28605471f52ffb11c090e3ac49c58ee96a6dc4fe13d851ee8a647e413f15_amd64",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:0ffb28605471f52ffb11c090e3ac49c58ee96a6dc4fe13d851ee8a647e413f15_amd64",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:0ffb28605471f52ffb11c090e3ac49c58ee96a6dc4fe13d851ee8a647e413f15_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:0ffb28605471f52ffb11c090e3ac49c58ee96a6dc4fe13d851ee8a647e413f15?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.5.4-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:30735e400419bb8c08bfcdc302d3ab97786e7825e89f604e3f6a1f42d727e3ca_amd64",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:30735e400419bb8c08bfcdc302d3ab97786e7825e89f604e3f6a1f42d727e3ca_amd64",
"product_id": "openshift-service-mesh/proxyv2-rhel8@sha256:30735e400419bb8c08bfcdc302d3ab97786e7825e89f604e3f6a1f42d727e3ca_amd64",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel8@sha256:30735e400419bb8c08bfcdc302d3ab97786e7825e89f604e3f6a1f42d727e3ca?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8\u0026tag=2.5.4-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:1b33e9cab1b582ad850c95a008c23065a917a53b82d540680884da19e12b99b2_amd64",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:1b33e9cab1b582ad850c95a008c23065a917a53b82d540680884da19e12b99b2_amd64",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:1b33e9cab1b582ad850c95a008c23065a917a53b82d540680884da19e12b99b2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:1b33e9cab1b582ad850c95a008c23065a917a53b82d540680884da19e12b99b2?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.5.4-3"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:9e39df1296cd22c9ee4c9fe291bd8d2555466d212a32047b3f6c64ca993563f0_s390x",
"product": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:9e39df1296cd22c9ee4c9fe291bd8d2555466d212a32047b3f6c64ca993563f0_s390x",
"product_id": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:9e39df1296cd22c9ee4c9fe291bd8d2555466d212a32047b3f6c64ca993563f0_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel8@sha256:9e39df1296cd22c9ee4c9fe291bd8d2555466d212a32047b3f6c64ca993563f0?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8\u0026tag=1.73.13-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:30451a29ff2f14bf8c4f210ebf000679ce0ffa4af5fb6d7e931402ca4c0698f6_s390x",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:30451a29ff2f14bf8c4f210ebf000679ce0ffa4af5fb6d7e931402ca4c0698f6_s390x",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:30451a29ff2f14bf8c4f210ebf000679ce0ffa4af5fb6d7e931402ca4c0698f6_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:30451a29ff2f14bf8c4f210ebf000679ce0ffa4af5fb6d7e931402ca4c0698f6?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.5.4-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:880dc5db1971ed397af223519a8a43b513dbba90eae5fd09f173b0051f159c22_s390x",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:880dc5db1971ed397af223519a8a43b513dbba90eae5fd09f173b0051f159c22_s390x",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:880dc5db1971ed397af223519a8a43b513dbba90eae5fd09f173b0051f159c22_s390x",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:880dc5db1971ed397af223519a8a43b513dbba90eae5fd09f173b0051f159c22?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.5.4-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:c07e3a2ac395e06468105553dce097334f262c3f94d96cafc500660ed29eb91d_s390x",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:c07e3a2ac395e06468105553dce097334f262c3f94d96cafc500660ed29eb91d_s390x",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:c07e3a2ac395e06468105553dce097334f262c3f94d96cafc500660ed29eb91d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:c07e3a2ac395e06468105553dce097334f262c3f94d96cafc500660ed29eb91d?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.73.14-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:10a472f7556e95753ed1ed78e68107539a4fa21edd99c5c971442ad9f8ea6160_s390x",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:10a472f7556e95753ed1ed78e68107539a4fa21edd99c5c971442ad9f8ea6160_s390x",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:10a472f7556e95753ed1ed78e68107539a4fa21edd99c5c971442ad9f8ea6160_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:10a472f7556e95753ed1ed78e68107539a4fa21edd99c5c971442ad9f8ea6160?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.5.4-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:4346d91114d23b5e794c67fff10560730b51a38376cdbae0787c4d9cde7a419a_s390x",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:4346d91114d23b5e794c67fff10560730b51a38376cdbae0787c4d9cde7a419a_s390x",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:4346d91114d23b5e794c67fff10560730b51a38376cdbae0787c4d9cde7a419a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:4346d91114d23b5e794c67fff10560730b51a38376cdbae0787c4d9cde7a419a?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.5.4-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:f4ae7819aab6a853500b54577955ec9433280b1d839b145971a3a1764a59b52c_s390x",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:f4ae7819aab6a853500b54577955ec9433280b1d839b145971a3a1764a59b52c_s390x",
"product_id": "openshift-service-mesh/proxyv2-rhel8@sha256:f4ae7819aab6a853500b54577955ec9433280b1d839b145971a3a1764a59b52c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel8@sha256:f4ae7819aab6a853500b54577955ec9433280b1d839b145971a3a1764a59b52c?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8\u0026tag=2.5.4-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:5960f10bd4d8367edaa123af5adc2186408c21cdf547ce623796a41647269590_s390x",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:5960f10bd4d8367edaa123af5adc2186408c21cdf547ce623796a41647269590_s390x",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:5960f10bd4d8367edaa123af5adc2186408c21cdf547ce623796a41647269590_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:5960f10bd4d8367edaa123af5adc2186408c21cdf547ce623796a41647269590?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.5.4-3"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:e12ca81c2bf4f7d29444833e92a06eec5da433e931803e89c5315fa61afa0f04_ppc64le",
"product": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:e12ca81c2bf4f7d29444833e92a06eec5da433e931803e89c5315fa61afa0f04_ppc64le",
"product_id": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:e12ca81c2bf4f7d29444833e92a06eec5da433e931803e89c5315fa61afa0f04_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel8@sha256:e12ca81c2bf4f7d29444833e92a06eec5da433e931803e89c5315fa61afa0f04?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8\u0026tag=1.73.13-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:3c32da67d342a74b171f28049ff997014ed7ba4a9a63bcddf1bcd4761df91d6d_ppc64le",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:3c32da67d342a74b171f28049ff997014ed7ba4a9a63bcddf1bcd4761df91d6d_ppc64le",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:3c32da67d342a74b171f28049ff997014ed7ba4a9a63bcddf1bcd4761df91d6d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:3c32da67d342a74b171f28049ff997014ed7ba4a9a63bcddf1bcd4761df91d6d?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.5.4-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:650a7a328845a5614844e5121d3fb643860f851985c263759d8b3fc4d3837fed_ppc64le",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:650a7a328845a5614844e5121d3fb643860f851985c263759d8b3fc4d3837fed_ppc64le",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:650a7a328845a5614844e5121d3fb643860f851985c263759d8b3fc4d3837fed_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:650a7a328845a5614844e5121d3fb643860f851985c263759d8b3fc4d3837fed?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.5.4-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:e2be27500e84f830a79c1a8f141d9efb33bd02464239e5611b6e1aafa82af302_ppc64le",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:e2be27500e84f830a79c1a8f141d9efb33bd02464239e5611b6e1aafa82af302_ppc64le",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:e2be27500e84f830a79c1a8f141d9efb33bd02464239e5611b6e1aafa82af302_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:e2be27500e84f830a79c1a8f141d9efb33bd02464239e5611b6e1aafa82af302?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.73.14-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:95a0d1e8765e6e983635c0ed5e7ba7c5ce8deaa3f702d41557b7cce20755f997_ppc64le",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:95a0d1e8765e6e983635c0ed5e7ba7c5ce8deaa3f702d41557b7cce20755f997_ppc64le",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:95a0d1e8765e6e983635c0ed5e7ba7c5ce8deaa3f702d41557b7cce20755f997_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:95a0d1e8765e6e983635c0ed5e7ba7c5ce8deaa3f702d41557b7cce20755f997?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.5.4-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:977f445a5a4e5cab65df2ea078ff36b58c25198ee914e5aa7e91533e1d9b7cb5_ppc64le",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:977f445a5a4e5cab65df2ea078ff36b58c25198ee914e5aa7e91533e1d9b7cb5_ppc64le",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:977f445a5a4e5cab65df2ea078ff36b58c25198ee914e5aa7e91533e1d9b7cb5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:977f445a5a4e5cab65df2ea078ff36b58c25198ee914e5aa7e91533e1d9b7cb5?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.5.4-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:99cdf691126ba1bd8c3f0279a95dda1c8c76fe257a72f59a479a926a0ac7eba5_ppc64le",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:99cdf691126ba1bd8c3f0279a95dda1c8c76fe257a72f59a479a926a0ac7eba5_ppc64le",
"product_id": "openshift-service-mesh/proxyv2-rhel8@sha256:99cdf691126ba1bd8c3f0279a95dda1c8c76fe257a72f59a479a926a0ac7eba5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel8@sha256:99cdf691126ba1bd8c3f0279a95dda1c8c76fe257a72f59a479a926a0ac7eba5?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8\u0026tag=2.5.4-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:9df5c5f0b8760d015216140a11ca25cb36dd77a51d8a1804670f942cf5372803_ppc64le",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:9df5c5f0b8760d015216140a11ca25cb36dd77a51d8a1804670f942cf5372803_ppc64le",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:9df5c5f0b8760d015216140a11ca25cb36dd77a51d8a1804670f942cf5372803_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:9df5c5f0b8760d015216140a11ca25cb36dd77a51d8a1804670f942cf5372803?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.5.4-3"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:0e5a5f9e98b1181a4624abaeae779a52a9f23b885bf5c49b501cb89b47ea57e8_amd64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:0e5a5f9e98b1181a4624abaeae779a52a9f23b885bf5c49b501cb89b47ea57e8_amd64"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:0e5a5f9e98b1181a4624abaeae779a52a9f23b885bf5c49b501cb89b47ea57e8_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:650a7a328845a5614844e5121d3fb643860f851985c263759d8b3fc4d3837fed_ppc64le as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:650a7a328845a5614844e5121d3fb643860f851985c263759d8b3fc4d3837fed_ppc64le"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:650a7a328845a5614844e5121d3fb643860f851985c263759d8b3fc4d3837fed_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:880dc5db1971ed397af223519a8a43b513dbba90eae5fd09f173b0051f159c22_s390x as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:880dc5db1971ed397af223519a8a43b513dbba90eae5fd09f173b0051f159c22_s390x"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:880dc5db1971ed397af223519a8a43b513dbba90eae5fd09f173b0051f159c22_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:a64c67b2bb9cddc99836dd93c169043b3ee048cfca7d7ad4ec28fada75c3240a_arm64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:a64c67b2bb9cddc99836dd93c169043b3ee048cfca7d7ad4ec28fada75c3240a_arm64"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:a64c67b2bb9cddc99836dd93c169043b3ee048cfca7d7ad4ec28fada75c3240a_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:30451a29ff2f14bf8c4f210ebf000679ce0ffa4af5fb6d7e931402ca4c0698f6_s390x as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:30451a29ff2f14bf8c4f210ebf000679ce0ffa4af5fb6d7e931402ca4c0698f6_s390x"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:30451a29ff2f14bf8c4f210ebf000679ce0ffa4af5fb6d7e931402ca4c0698f6_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:3c32da67d342a74b171f28049ff997014ed7ba4a9a63bcddf1bcd4761df91d6d_ppc64le as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:3c32da67d342a74b171f28049ff997014ed7ba4a9a63bcddf1bcd4761df91d6d_ppc64le"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:3c32da67d342a74b171f28049ff997014ed7ba4a9a63bcddf1bcd4761df91d6d_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:4de88f118f7f0f9c82dedb534d2201a969a6eb7129862fbe99d977619346a91e_amd64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:4de88f118f7f0f9c82dedb534d2201a969a6eb7129862fbe99d977619346a91e_amd64"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:4de88f118f7f0f9c82dedb534d2201a969a6eb7129862fbe99d977619346a91e_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:7e8ec2e701f32afd8502a40809cf7d707679cfc7bced4b7545d4c828617809ba_arm64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:7e8ec2e701f32afd8502a40809cf7d707679cfc7bced4b7545d4c828617809ba_arm64"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:7e8ec2e701f32afd8502a40809cf7d707679cfc7bced4b7545d4c828617809ba_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:10a472f7556e95753ed1ed78e68107539a4fa21edd99c5c971442ad9f8ea6160_s390x as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:10a472f7556e95753ed1ed78e68107539a4fa21edd99c5c971442ad9f8ea6160_s390x"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:10a472f7556e95753ed1ed78e68107539a4fa21edd99c5c971442ad9f8ea6160_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:2fa038769856650e23d56871f3b9746f82f7b1d0ae20287779e4d8c895642212_arm64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:2fa038769856650e23d56871f3b9746f82f7b1d0ae20287779e4d8c895642212_arm64"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:2fa038769856650e23d56871f3b9746f82f7b1d0ae20287779e4d8c895642212_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:95a0d1e8765e6e983635c0ed5e7ba7c5ce8deaa3f702d41557b7cce20755f997_ppc64le as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:95a0d1e8765e6e983635c0ed5e7ba7c5ce8deaa3f702d41557b7cce20755f997_ppc64le"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:95a0d1e8765e6e983635c0ed5e7ba7c5ce8deaa3f702d41557b7cce20755f997_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:fcceb12b4878f180a9e4263c22e04a3b048a88951b9b4dbf735dc59bbe92cedc_amd64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:fcceb12b4878f180a9e4263c22e04a3b048a88951b9b4dbf735dc59bbe92cedc_amd64"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:fcceb12b4878f180a9e4263c22e04a3b048a88951b9b4dbf735dc59bbe92cedc_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:55220093363a18cdb2da2183df4c645831c20a070fae3ffa8ddb163cd1a0dd1c_arm64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:55220093363a18cdb2da2183df4c645831c20a070fae3ffa8ddb163cd1a0dd1c_arm64"
},
"product_reference": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:55220093363a18cdb2da2183df4c645831c20a070fae3ffa8ddb163cd1a0dd1c_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:9e39df1296cd22c9ee4c9fe291bd8d2555466d212a32047b3f6c64ca993563f0_s390x as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9e39df1296cd22c9ee4c9fe291bd8d2555466d212a32047b3f6c64ca993563f0_s390x"
},
"product_reference": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:9e39df1296cd22c9ee4c9fe291bd8d2555466d212a32047b3f6c64ca993563f0_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce777a4c38bef7988300446caaea03e9eef9ea6e5260a9558e09af81a9b866b2_amd64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce777a4c38bef7988300446caaea03e9eef9ea6e5260a9558e09af81a9b866b2_amd64"
},
"product_reference": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce777a4c38bef7988300446caaea03e9eef9ea6e5260a9558e09af81a9b866b2_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:e12ca81c2bf4f7d29444833e92a06eec5da433e931803e89c5315fa61afa0f04_ppc64le as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:e12ca81c2bf4f7d29444833e92a06eec5da433e931803e89c5315fa61afa0f04_ppc64le"
},
"product_reference": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:e12ca81c2bf4f7d29444833e92a06eec5da433e931803e89c5315fa61afa0f04_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:68588cd4073be83b9e42fbde29656bbb9e007b53c47d1b943d19aebe624e61c1_amd64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:68588cd4073be83b9e42fbde29656bbb9e007b53c47d1b943d19aebe624e61c1_amd64"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:68588cd4073be83b9e42fbde29656bbb9e007b53c47d1b943d19aebe624e61c1_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:8a1dbff7cea816ea96546e6d1647b5ab439c85ec2a76c3d74dadb462da71000f_arm64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:8a1dbff7cea816ea96546e6d1647b5ab439c85ec2a76c3d74dadb462da71000f_arm64"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:8a1dbff7cea816ea96546e6d1647b5ab439c85ec2a76c3d74dadb462da71000f_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:c07e3a2ac395e06468105553dce097334f262c3f94d96cafc500660ed29eb91d_s390x as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:c07e3a2ac395e06468105553dce097334f262c3f94d96cafc500660ed29eb91d_s390x"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:c07e3a2ac395e06468105553dce097334f262c3f94d96cafc500660ed29eb91d_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:e2be27500e84f830a79c1a8f141d9efb33bd02464239e5611b6e1aafa82af302_ppc64le as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:e2be27500e84f830a79c1a8f141d9efb33bd02464239e5611b6e1aafa82af302_ppc64le"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:e2be27500e84f830a79c1a8f141d9efb33bd02464239e5611b6e1aafa82af302_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:0ffb28605471f52ffb11c090e3ac49c58ee96a6dc4fe13d851ee8a647e413f15_amd64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:0ffb28605471f52ffb11c090e3ac49c58ee96a6dc4fe13d851ee8a647e413f15_amd64"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:0ffb28605471f52ffb11c090e3ac49c58ee96a6dc4fe13d851ee8a647e413f15_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:28dd159630562c2cf106fd9c90ee2f0eb6c27eb20f44a0ad89aa62df28ba5686_arm64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:28dd159630562c2cf106fd9c90ee2f0eb6c27eb20f44a0ad89aa62df28ba5686_arm64"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:28dd159630562c2cf106fd9c90ee2f0eb6c27eb20f44a0ad89aa62df28ba5686_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:4346d91114d23b5e794c67fff10560730b51a38376cdbae0787c4d9cde7a419a_s390x as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:4346d91114d23b5e794c67fff10560730b51a38376cdbae0787c4d9cde7a419a_s390x"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:4346d91114d23b5e794c67fff10560730b51a38376cdbae0787c4d9cde7a419a_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:977f445a5a4e5cab65df2ea078ff36b58c25198ee914e5aa7e91533e1d9b7cb5_ppc64le as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:977f445a5a4e5cab65df2ea078ff36b58c25198ee914e5aa7e91533e1d9b7cb5_ppc64le"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:977f445a5a4e5cab65df2ea078ff36b58c25198ee914e5aa7e91533e1d9b7cb5_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:30735e400419bb8c08bfcdc302d3ab97786e7825e89f604e3f6a1f42d727e3ca_amd64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:30735e400419bb8c08bfcdc302d3ab97786e7825e89f604e3f6a1f42d727e3ca_amd64"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel8@sha256:30735e400419bb8c08bfcdc302d3ab97786e7825e89f604e3f6a1f42d727e3ca_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:99cdf691126ba1bd8c3f0279a95dda1c8c76fe257a72f59a479a926a0ac7eba5_ppc64le as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:99cdf691126ba1bd8c3f0279a95dda1c8c76fe257a72f59a479a926a0ac7eba5_ppc64le"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel8@sha256:99cdf691126ba1bd8c3f0279a95dda1c8c76fe257a72f59a479a926a0ac7eba5_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:cbf2da4bfb39ff37c0028bbcae621b5e8e37e32f8b7c622139fbce3f1cc0f8de_arm64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:cbf2da4bfb39ff37c0028bbcae621b5e8e37e32f8b7c622139fbce3f1cc0f8de_arm64"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel8@sha256:cbf2da4bfb39ff37c0028bbcae621b5e8e37e32f8b7c622139fbce3f1cc0f8de_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:f4ae7819aab6a853500b54577955ec9433280b1d839b145971a3a1764a59b52c_s390x as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:f4ae7819aab6a853500b54577955ec9433280b1d839b145971a3a1764a59b52c_s390x"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel8@sha256:f4ae7819aab6a853500b54577955ec9433280b1d839b145971a3a1764a59b52c_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:1b33e9cab1b582ad850c95a008c23065a917a53b82d540680884da19e12b99b2_amd64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:1b33e9cab1b582ad850c95a008c23065a917a53b82d540680884da19e12b99b2_amd64"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:1b33e9cab1b582ad850c95a008c23065a917a53b82d540680884da19e12b99b2_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:5960f10bd4d8367edaa123af5adc2186408c21cdf547ce623796a41647269590_s390x as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:5960f10bd4d8367edaa123af5adc2186408c21cdf547ce623796a41647269590_s390x"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:5960f10bd4d8367edaa123af5adc2186408c21cdf547ce623796a41647269590_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:9df5c5f0b8760d015216140a11ca25cb36dd77a51d8a1804670f942cf5372803_ppc64le as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:9df5c5f0b8760d015216140a11ca25cb36dd77a51d8a1804670f942cf5372803_ppc64le"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:9df5c5f0b8760d015216140a11ca25cb36dd77a51d8a1804670f942cf5372803_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:fcaf1df1c9c3b91a3a8342fb1ee44f1928f4d5adc168435dafb72c0ab0a7e124_arm64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:fcaf1df1c9c3b91a3a8342fb1ee44f1928f4d5adc168435dafb72c0ab0a7e124_arm64"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:fcaf1df1c9c3b91a3a8342fb1ee44f1928f4d5adc168435dafb72c0ab0a7e124_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-39338",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2024-08-13T17:21:32.774718+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2304369"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the Axios HTTP Client. It is vulnerable to a server-side request forgery attack (SSRF) caused by unexpected behavior where requests for path-relative URLs get processed as protocol-relative URLs. This flaw allows an attacker to perform arbitrary requests from the server, potentially accessing internal systems or exfiltrating sensitive data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: axios: Server-Side Request Forgery",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as IMPORTANT because it can be exploited remotely with low complexity and without user interaction, it poses a significant risk to confidentiality.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:0e5a5f9e98b1181a4624abaeae779a52a9f23b885bf5c49b501cb89b47ea57e8_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:650a7a328845a5614844e5121d3fb643860f851985c263759d8b3fc4d3837fed_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:880dc5db1971ed397af223519a8a43b513dbba90eae5fd09f173b0051f159c22_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:a64c67b2bb9cddc99836dd93c169043b3ee048cfca7d7ad4ec28fada75c3240a_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:30451a29ff2f14bf8c4f210ebf000679ce0ffa4af5fb6d7e931402ca4c0698f6_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:3c32da67d342a74b171f28049ff997014ed7ba4a9a63bcddf1bcd4761df91d6d_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:4de88f118f7f0f9c82dedb534d2201a969a6eb7129862fbe99d977619346a91e_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:7e8ec2e701f32afd8502a40809cf7d707679cfc7bced4b7545d4c828617809ba_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:10a472f7556e95753ed1ed78e68107539a4fa21edd99c5c971442ad9f8ea6160_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:2fa038769856650e23d56871f3b9746f82f7b1d0ae20287779e4d8c895642212_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:95a0d1e8765e6e983635c0ed5e7ba7c5ce8deaa3f702d41557b7cce20755f997_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:fcceb12b4878f180a9e4263c22e04a3b048a88951b9b4dbf735dc59bbe92cedc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:55220093363a18cdb2da2183df4c645831c20a070fae3ffa8ddb163cd1a0dd1c_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9e39df1296cd22c9ee4c9fe291bd8d2555466d212a32047b3f6c64ca993563f0_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce777a4c38bef7988300446caaea03e9eef9ea6e5260a9558e09af81a9b866b2_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:e12ca81c2bf4f7d29444833e92a06eec5da433e931803e89c5315fa61afa0f04_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:68588cd4073be83b9e42fbde29656bbb9e007b53c47d1b943d19aebe624e61c1_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:8a1dbff7cea816ea96546e6d1647b5ab439c85ec2a76c3d74dadb462da71000f_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:c07e3a2ac395e06468105553dce097334f262c3f94d96cafc500660ed29eb91d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:e2be27500e84f830a79c1a8f141d9efb33bd02464239e5611b6e1aafa82af302_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:0ffb28605471f52ffb11c090e3ac49c58ee96a6dc4fe13d851ee8a647e413f15_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:28dd159630562c2cf106fd9c90ee2f0eb6c27eb20f44a0ad89aa62df28ba5686_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:4346d91114d23b5e794c67fff10560730b51a38376cdbae0787c4d9cde7a419a_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:977f445a5a4e5cab65df2ea078ff36b58c25198ee914e5aa7e91533e1d9b7cb5_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:30735e400419bb8c08bfcdc302d3ab97786e7825e89f604e3f6a1f42d727e3ca_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:99cdf691126ba1bd8c3f0279a95dda1c8c76fe257a72f59a479a926a0ac7eba5_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:cbf2da4bfb39ff37c0028bbcae621b5e8e37e32f8b7c622139fbce3f1cc0f8de_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:f4ae7819aab6a853500b54577955ec9433280b1d839b145971a3a1764a59b52c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:1b33e9cab1b582ad850c95a008c23065a917a53b82d540680884da19e12b99b2_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:5960f10bd4d8367edaa123af5adc2186408c21cdf547ce623796a41647269590_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:9df5c5f0b8760d015216140a11ca25cb36dd77a51d8a1804670f942cf5372803_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:fcaf1df1c9c3b91a3a8342fb1ee44f1928f4d5adc168435dafb72c0ab0a7e124_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-39338"
},
{
"category": "external",
"summary": "RHBZ#2304369",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304369"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-39338",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39338"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-39338",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39338"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/releases",
"url": "https://github.com/axios/axios/releases"
},
{
"category": "external",
"summary": "https://jeffhacks.com/advisories/2024/06/24/CVE-2024-39338.html",
"url": "https://jeffhacks.com/advisories/2024/06/24/CVE-2024-39338.html"
}
],
"release_date": "2024-08-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-03T10:05:02+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:0e5a5f9e98b1181a4624abaeae779a52a9f23b885bf5c49b501cb89b47ea57e8_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:650a7a328845a5614844e5121d3fb643860f851985c263759d8b3fc4d3837fed_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:880dc5db1971ed397af223519a8a43b513dbba90eae5fd09f173b0051f159c22_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:a64c67b2bb9cddc99836dd93c169043b3ee048cfca7d7ad4ec28fada75c3240a_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:30451a29ff2f14bf8c4f210ebf000679ce0ffa4af5fb6d7e931402ca4c0698f6_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:3c32da67d342a74b171f28049ff997014ed7ba4a9a63bcddf1bcd4761df91d6d_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:4de88f118f7f0f9c82dedb534d2201a969a6eb7129862fbe99d977619346a91e_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:7e8ec2e701f32afd8502a40809cf7d707679cfc7bced4b7545d4c828617809ba_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:10a472f7556e95753ed1ed78e68107539a4fa21edd99c5c971442ad9f8ea6160_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:2fa038769856650e23d56871f3b9746f82f7b1d0ae20287779e4d8c895642212_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:95a0d1e8765e6e983635c0ed5e7ba7c5ce8deaa3f702d41557b7cce20755f997_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:fcceb12b4878f180a9e4263c22e04a3b048a88951b9b4dbf735dc59bbe92cedc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:55220093363a18cdb2da2183df4c645831c20a070fae3ffa8ddb163cd1a0dd1c_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9e39df1296cd22c9ee4c9fe291bd8d2555466d212a32047b3f6c64ca993563f0_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce777a4c38bef7988300446caaea03e9eef9ea6e5260a9558e09af81a9b866b2_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:e12ca81c2bf4f7d29444833e92a06eec5da433e931803e89c5315fa61afa0f04_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:68588cd4073be83b9e42fbde29656bbb9e007b53c47d1b943d19aebe624e61c1_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:8a1dbff7cea816ea96546e6d1647b5ab439c85ec2a76c3d74dadb462da71000f_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:c07e3a2ac395e06468105553dce097334f262c3f94d96cafc500660ed29eb91d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:e2be27500e84f830a79c1a8f141d9efb33bd02464239e5611b6e1aafa82af302_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:0ffb28605471f52ffb11c090e3ac49c58ee96a6dc4fe13d851ee8a647e413f15_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:28dd159630562c2cf106fd9c90ee2f0eb6c27eb20f44a0ad89aa62df28ba5686_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:4346d91114d23b5e794c67fff10560730b51a38376cdbae0787c4d9cde7a419a_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:977f445a5a4e5cab65df2ea078ff36b58c25198ee914e5aa7e91533e1d9b7cb5_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:30735e400419bb8c08bfcdc302d3ab97786e7825e89f604e3f6a1f42d727e3ca_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:99cdf691126ba1bd8c3f0279a95dda1c8c76fe257a72f59a479a926a0ac7eba5_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:cbf2da4bfb39ff37c0028bbcae621b5e8e37e32f8b7c622139fbce3f1cc0f8de_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:f4ae7819aab6a853500b54577955ec9433280b1d839b145971a3a1764a59b52c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:1b33e9cab1b582ad850c95a008c23065a917a53b82d540680884da19e12b99b2_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:5960f10bd4d8367edaa123af5adc2186408c21cdf547ce623796a41647269590_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:9df5c5f0b8760d015216140a11ca25cb36dd77a51d8a1804670f942cf5372803_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:fcaf1df1c9c3b91a3a8342fb1ee44f1928f4d5adc168435dafb72c0ab0a7e124_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6210"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:0e5a5f9e98b1181a4624abaeae779a52a9f23b885bf5c49b501cb89b47ea57e8_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:650a7a328845a5614844e5121d3fb643860f851985c263759d8b3fc4d3837fed_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:880dc5db1971ed397af223519a8a43b513dbba90eae5fd09f173b0051f159c22_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:a64c67b2bb9cddc99836dd93c169043b3ee048cfca7d7ad4ec28fada75c3240a_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:30451a29ff2f14bf8c4f210ebf000679ce0ffa4af5fb6d7e931402ca4c0698f6_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:3c32da67d342a74b171f28049ff997014ed7ba4a9a63bcddf1bcd4761df91d6d_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:4de88f118f7f0f9c82dedb534d2201a969a6eb7129862fbe99d977619346a91e_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:7e8ec2e701f32afd8502a40809cf7d707679cfc7bced4b7545d4c828617809ba_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:10a472f7556e95753ed1ed78e68107539a4fa21edd99c5c971442ad9f8ea6160_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:2fa038769856650e23d56871f3b9746f82f7b1d0ae20287779e4d8c895642212_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:95a0d1e8765e6e983635c0ed5e7ba7c5ce8deaa3f702d41557b7cce20755f997_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:fcceb12b4878f180a9e4263c22e04a3b048a88951b9b4dbf735dc59bbe92cedc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:55220093363a18cdb2da2183df4c645831c20a070fae3ffa8ddb163cd1a0dd1c_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9e39df1296cd22c9ee4c9fe291bd8d2555466d212a32047b3f6c64ca993563f0_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce777a4c38bef7988300446caaea03e9eef9ea6e5260a9558e09af81a9b866b2_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:e12ca81c2bf4f7d29444833e92a06eec5da433e931803e89c5315fa61afa0f04_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:68588cd4073be83b9e42fbde29656bbb9e007b53c47d1b943d19aebe624e61c1_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:8a1dbff7cea816ea96546e6d1647b5ab439c85ec2a76c3d74dadb462da71000f_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:c07e3a2ac395e06468105553dce097334f262c3f94d96cafc500660ed29eb91d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:e2be27500e84f830a79c1a8f141d9efb33bd02464239e5611b6e1aafa82af302_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:0ffb28605471f52ffb11c090e3ac49c58ee96a6dc4fe13d851ee8a647e413f15_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:28dd159630562c2cf106fd9c90ee2f0eb6c27eb20f44a0ad89aa62df28ba5686_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:4346d91114d23b5e794c67fff10560730b51a38376cdbae0787c4d9cde7a419a_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:977f445a5a4e5cab65df2ea078ff36b58c25198ee914e5aa7e91533e1d9b7cb5_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:30735e400419bb8c08bfcdc302d3ab97786e7825e89f604e3f6a1f42d727e3ca_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:99cdf691126ba1bd8c3f0279a95dda1c8c76fe257a72f59a479a926a0ac7eba5_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:cbf2da4bfb39ff37c0028bbcae621b5e8e37e32f8b7c622139fbce3f1cc0f8de_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:f4ae7819aab6a853500b54577955ec9433280b1d839b145971a3a1764a59b52c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:1b33e9cab1b582ad850c95a008c23065a917a53b82d540680884da19e12b99b2_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:5960f10bd4d8367edaa123af5adc2186408c21cdf547ce623796a41647269590_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:9df5c5f0b8760d015216140a11ca25cb36dd77a51d8a1804670f942cf5372803_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:fcaf1df1c9c3b91a3a8342fb1ee44f1928f4d5adc168435dafb72c0ab0a7e124_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:0e5a5f9e98b1181a4624abaeae779a52a9f23b885bf5c49b501cb89b47ea57e8_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:650a7a328845a5614844e5121d3fb643860f851985c263759d8b3fc4d3837fed_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:880dc5db1971ed397af223519a8a43b513dbba90eae5fd09f173b0051f159c22_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:a64c67b2bb9cddc99836dd93c169043b3ee048cfca7d7ad4ec28fada75c3240a_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:30451a29ff2f14bf8c4f210ebf000679ce0ffa4af5fb6d7e931402ca4c0698f6_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:3c32da67d342a74b171f28049ff997014ed7ba4a9a63bcddf1bcd4761df91d6d_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:4de88f118f7f0f9c82dedb534d2201a969a6eb7129862fbe99d977619346a91e_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:7e8ec2e701f32afd8502a40809cf7d707679cfc7bced4b7545d4c828617809ba_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:10a472f7556e95753ed1ed78e68107539a4fa21edd99c5c971442ad9f8ea6160_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:2fa038769856650e23d56871f3b9746f82f7b1d0ae20287779e4d8c895642212_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:95a0d1e8765e6e983635c0ed5e7ba7c5ce8deaa3f702d41557b7cce20755f997_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:fcceb12b4878f180a9e4263c22e04a3b048a88951b9b4dbf735dc59bbe92cedc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:55220093363a18cdb2da2183df4c645831c20a070fae3ffa8ddb163cd1a0dd1c_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9e39df1296cd22c9ee4c9fe291bd8d2555466d212a32047b3f6c64ca993563f0_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce777a4c38bef7988300446caaea03e9eef9ea6e5260a9558e09af81a9b866b2_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:e12ca81c2bf4f7d29444833e92a06eec5da433e931803e89c5315fa61afa0f04_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:68588cd4073be83b9e42fbde29656bbb9e007b53c47d1b943d19aebe624e61c1_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:8a1dbff7cea816ea96546e6d1647b5ab439c85ec2a76c3d74dadb462da71000f_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:c07e3a2ac395e06468105553dce097334f262c3f94d96cafc500660ed29eb91d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:e2be27500e84f830a79c1a8f141d9efb33bd02464239e5611b6e1aafa82af302_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:0ffb28605471f52ffb11c090e3ac49c58ee96a6dc4fe13d851ee8a647e413f15_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:28dd159630562c2cf106fd9c90ee2f0eb6c27eb20f44a0ad89aa62df28ba5686_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:4346d91114d23b5e794c67fff10560730b51a38376cdbae0787c4d9cde7a419a_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:977f445a5a4e5cab65df2ea078ff36b58c25198ee914e5aa7e91533e1d9b7cb5_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:30735e400419bb8c08bfcdc302d3ab97786e7825e89f604e3f6a1f42d727e3ca_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:99cdf691126ba1bd8c3f0279a95dda1c8c76fe257a72f59a479a926a0ac7eba5_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:cbf2da4bfb39ff37c0028bbcae621b5e8e37e32f8b7c622139fbce3f1cc0f8de_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:f4ae7819aab6a853500b54577955ec9433280b1d839b145971a3a1764a59b52c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:1b33e9cab1b582ad850c95a008c23065a917a53b82d540680884da19e12b99b2_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:5960f10bd4d8367edaa123af5adc2186408c21cdf547ce623796a41647269590_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:9df5c5f0b8760d015216140a11ca25cb36dd77a51d8a1804670f942cf5372803_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:fcaf1df1c9c3b91a3a8342fb1ee44f1928f4d5adc168435dafb72c0ab0a7e124_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: axios: Server-Side Request Forgery"
},
{
"cve": "CVE-2024-42459",
"cwe": {
"id": "CWE-325",
"name": "Missing Cryptographic Step"
},
"discovery_date": "2024-08-02T07:20:12+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2302458"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the NodeJS Elliptic package. When creating EDDSA signatures, the Elliptic package doesn\u0027t properly check the signature length, allowing zeros to be added or removed from the signature without invalidating it, which may result in confidentiality issues.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "elliptic: nodejs/elliptic: EDDSA signature malleability due to missing signature length check",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:0e5a5f9e98b1181a4624abaeae779a52a9f23b885bf5c49b501cb89b47ea57e8_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:650a7a328845a5614844e5121d3fb643860f851985c263759d8b3fc4d3837fed_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:880dc5db1971ed397af223519a8a43b513dbba90eae5fd09f173b0051f159c22_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:a64c67b2bb9cddc99836dd93c169043b3ee048cfca7d7ad4ec28fada75c3240a_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:30451a29ff2f14bf8c4f210ebf000679ce0ffa4af5fb6d7e931402ca4c0698f6_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:3c32da67d342a74b171f28049ff997014ed7ba4a9a63bcddf1bcd4761df91d6d_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:4de88f118f7f0f9c82dedb534d2201a969a6eb7129862fbe99d977619346a91e_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:7e8ec2e701f32afd8502a40809cf7d707679cfc7bced4b7545d4c828617809ba_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:10a472f7556e95753ed1ed78e68107539a4fa21edd99c5c971442ad9f8ea6160_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:2fa038769856650e23d56871f3b9746f82f7b1d0ae20287779e4d8c895642212_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:95a0d1e8765e6e983635c0ed5e7ba7c5ce8deaa3f702d41557b7cce20755f997_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:fcceb12b4878f180a9e4263c22e04a3b048a88951b9b4dbf735dc59bbe92cedc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:55220093363a18cdb2da2183df4c645831c20a070fae3ffa8ddb163cd1a0dd1c_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9e39df1296cd22c9ee4c9fe291bd8d2555466d212a32047b3f6c64ca993563f0_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce777a4c38bef7988300446caaea03e9eef9ea6e5260a9558e09af81a9b866b2_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:e12ca81c2bf4f7d29444833e92a06eec5da433e931803e89c5315fa61afa0f04_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:68588cd4073be83b9e42fbde29656bbb9e007b53c47d1b943d19aebe624e61c1_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:8a1dbff7cea816ea96546e6d1647b5ab439c85ec2a76c3d74dadb462da71000f_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:c07e3a2ac395e06468105553dce097334f262c3f94d96cafc500660ed29eb91d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:e2be27500e84f830a79c1a8f141d9efb33bd02464239e5611b6e1aafa82af302_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:0ffb28605471f52ffb11c090e3ac49c58ee96a6dc4fe13d851ee8a647e413f15_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:28dd159630562c2cf106fd9c90ee2f0eb6c27eb20f44a0ad89aa62df28ba5686_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:4346d91114d23b5e794c67fff10560730b51a38376cdbae0787c4d9cde7a419a_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:977f445a5a4e5cab65df2ea078ff36b58c25198ee914e5aa7e91533e1d9b7cb5_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:30735e400419bb8c08bfcdc302d3ab97786e7825e89f604e3f6a1f42d727e3ca_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:99cdf691126ba1bd8c3f0279a95dda1c8c76fe257a72f59a479a926a0ac7eba5_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:cbf2da4bfb39ff37c0028bbcae621b5e8e37e32f8b7c622139fbce3f1cc0f8de_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:f4ae7819aab6a853500b54577955ec9433280b1d839b145971a3a1764a59b52c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:1b33e9cab1b582ad850c95a008c23065a917a53b82d540680884da19e12b99b2_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:5960f10bd4d8367edaa123af5adc2186408c21cdf547ce623796a41647269590_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:9df5c5f0b8760d015216140a11ca25cb36dd77a51d8a1804670f942cf5372803_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:fcaf1df1c9c3b91a3a8342fb1ee44f1928f4d5adc168435dafb72c0ab0a7e124_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-42459"
},
{
"category": "external",
"summary": "RHBZ#2302458",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302458"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-42459",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42459"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-42459",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-42459"
},
{
"category": "external",
"summary": "https://github.com/indutny/elliptic/pull/317",
"url": "https://github.com/indutny/elliptic/pull/317"
}
],
"release_date": "2024-08-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-03T10:05:02+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:0e5a5f9e98b1181a4624abaeae779a52a9f23b885bf5c49b501cb89b47ea57e8_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:650a7a328845a5614844e5121d3fb643860f851985c263759d8b3fc4d3837fed_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:880dc5db1971ed397af223519a8a43b513dbba90eae5fd09f173b0051f159c22_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:a64c67b2bb9cddc99836dd93c169043b3ee048cfca7d7ad4ec28fada75c3240a_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:30451a29ff2f14bf8c4f210ebf000679ce0ffa4af5fb6d7e931402ca4c0698f6_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:3c32da67d342a74b171f28049ff997014ed7ba4a9a63bcddf1bcd4761df91d6d_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:4de88f118f7f0f9c82dedb534d2201a969a6eb7129862fbe99d977619346a91e_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:7e8ec2e701f32afd8502a40809cf7d707679cfc7bced4b7545d4c828617809ba_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:10a472f7556e95753ed1ed78e68107539a4fa21edd99c5c971442ad9f8ea6160_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:2fa038769856650e23d56871f3b9746f82f7b1d0ae20287779e4d8c895642212_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:95a0d1e8765e6e983635c0ed5e7ba7c5ce8deaa3f702d41557b7cce20755f997_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:fcceb12b4878f180a9e4263c22e04a3b048a88951b9b4dbf735dc59bbe92cedc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:55220093363a18cdb2da2183df4c645831c20a070fae3ffa8ddb163cd1a0dd1c_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9e39df1296cd22c9ee4c9fe291bd8d2555466d212a32047b3f6c64ca993563f0_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce777a4c38bef7988300446caaea03e9eef9ea6e5260a9558e09af81a9b866b2_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:e12ca81c2bf4f7d29444833e92a06eec5da433e931803e89c5315fa61afa0f04_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:68588cd4073be83b9e42fbde29656bbb9e007b53c47d1b943d19aebe624e61c1_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:8a1dbff7cea816ea96546e6d1647b5ab439c85ec2a76c3d74dadb462da71000f_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:c07e3a2ac395e06468105553dce097334f262c3f94d96cafc500660ed29eb91d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:e2be27500e84f830a79c1a8f141d9efb33bd02464239e5611b6e1aafa82af302_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:0ffb28605471f52ffb11c090e3ac49c58ee96a6dc4fe13d851ee8a647e413f15_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:28dd159630562c2cf106fd9c90ee2f0eb6c27eb20f44a0ad89aa62df28ba5686_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:4346d91114d23b5e794c67fff10560730b51a38376cdbae0787c4d9cde7a419a_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:977f445a5a4e5cab65df2ea078ff36b58c25198ee914e5aa7e91533e1d9b7cb5_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:30735e400419bb8c08bfcdc302d3ab97786e7825e89f604e3f6a1f42d727e3ca_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:99cdf691126ba1bd8c3f0279a95dda1c8c76fe257a72f59a479a926a0ac7eba5_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:cbf2da4bfb39ff37c0028bbcae621b5e8e37e32f8b7c622139fbce3f1cc0f8de_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:f4ae7819aab6a853500b54577955ec9433280b1d839b145971a3a1764a59b52c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:1b33e9cab1b582ad850c95a008c23065a917a53b82d540680884da19e12b99b2_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:5960f10bd4d8367edaa123af5adc2186408c21cdf547ce623796a41647269590_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:9df5c5f0b8760d015216140a11ca25cb36dd77a51d8a1804670f942cf5372803_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:fcaf1df1c9c3b91a3a8342fb1ee44f1928f4d5adc168435dafb72c0ab0a7e124_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6210"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:0e5a5f9e98b1181a4624abaeae779a52a9f23b885bf5c49b501cb89b47ea57e8_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:650a7a328845a5614844e5121d3fb643860f851985c263759d8b3fc4d3837fed_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:880dc5db1971ed397af223519a8a43b513dbba90eae5fd09f173b0051f159c22_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:a64c67b2bb9cddc99836dd93c169043b3ee048cfca7d7ad4ec28fada75c3240a_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:30451a29ff2f14bf8c4f210ebf000679ce0ffa4af5fb6d7e931402ca4c0698f6_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:3c32da67d342a74b171f28049ff997014ed7ba4a9a63bcddf1bcd4761df91d6d_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:4de88f118f7f0f9c82dedb534d2201a969a6eb7129862fbe99d977619346a91e_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:7e8ec2e701f32afd8502a40809cf7d707679cfc7bced4b7545d4c828617809ba_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:10a472f7556e95753ed1ed78e68107539a4fa21edd99c5c971442ad9f8ea6160_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:2fa038769856650e23d56871f3b9746f82f7b1d0ae20287779e4d8c895642212_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:95a0d1e8765e6e983635c0ed5e7ba7c5ce8deaa3f702d41557b7cce20755f997_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:fcceb12b4878f180a9e4263c22e04a3b048a88951b9b4dbf735dc59bbe92cedc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:55220093363a18cdb2da2183df4c645831c20a070fae3ffa8ddb163cd1a0dd1c_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9e39df1296cd22c9ee4c9fe291bd8d2555466d212a32047b3f6c64ca993563f0_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce777a4c38bef7988300446caaea03e9eef9ea6e5260a9558e09af81a9b866b2_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:e12ca81c2bf4f7d29444833e92a06eec5da433e931803e89c5315fa61afa0f04_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:68588cd4073be83b9e42fbde29656bbb9e007b53c47d1b943d19aebe624e61c1_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:8a1dbff7cea816ea96546e6d1647b5ab439c85ec2a76c3d74dadb462da71000f_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:c07e3a2ac395e06468105553dce097334f262c3f94d96cafc500660ed29eb91d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:e2be27500e84f830a79c1a8f141d9efb33bd02464239e5611b6e1aafa82af302_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:0ffb28605471f52ffb11c090e3ac49c58ee96a6dc4fe13d851ee8a647e413f15_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:28dd159630562c2cf106fd9c90ee2f0eb6c27eb20f44a0ad89aa62df28ba5686_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:4346d91114d23b5e794c67fff10560730b51a38376cdbae0787c4d9cde7a419a_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:977f445a5a4e5cab65df2ea078ff36b58c25198ee914e5aa7e91533e1d9b7cb5_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:30735e400419bb8c08bfcdc302d3ab97786e7825e89f604e3f6a1f42d727e3ca_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:99cdf691126ba1bd8c3f0279a95dda1c8c76fe257a72f59a479a926a0ac7eba5_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:cbf2da4bfb39ff37c0028bbcae621b5e8e37e32f8b7c622139fbce3f1cc0f8de_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:f4ae7819aab6a853500b54577955ec9433280b1d839b145971a3a1764a59b52c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:1b33e9cab1b582ad850c95a008c23065a917a53b82d540680884da19e12b99b2_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:5960f10bd4d8367edaa123af5adc2186408c21cdf547ce623796a41647269590_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:9df5c5f0b8760d015216140a11ca25cb36dd77a51d8a1804670f942cf5372803_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:fcaf1df1c9c3b91a3a8342fb1ee44f1928f4d5adc168435dafb72c0ab0a7e124_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:0e5a5f9e98b1181a4624abaeae779a52a9f23b885bf5c49b501cb89b47ea57e8_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:650a7a328845a5614844e5121d3fb643860f851985c263759d8b3fc4d3837fed_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:880dc5db1971ed397af223519a8a43b513dbba90eae5fd09f173b0051f159c22_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:a64c67b2bb9cddc99836dd93c169043b3ee048cfca7d7ad4ec28fada75c3240a_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:30451a29ff2f14bf8c4f210ebf000679ce0ffa4af5fb6d7e931402ca4c0698f6_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:3c32da67d342a74b171f28049ff997014ed7ba4a9a63bcddf1bcd4761df91d6d_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:4de88f118f7f0f9c82dedb534d2201a969a6eb7129862fbe99d977619346a91e_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:7e8ec2e701f32afd8502a40809cf7d707679cfc7bced4b7545d4c828617809ba_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:10a472f7556e95753ed1ed78e68107539a4fa21edd99c5c971442ad9f8ea6160_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:2fa038769856650e23d56871f3b9746f82f7b1d0ae20287779e4d8c895642212_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:95a0d1e8765e6e983635c0ed5e7ba7c5ce8deaa3f702d41557b7cce20755f997_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:fcceb12b4878f180a9e4263c22e04a3b048a88951b9b4dbf735dc59bbe92cedc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:55220093363a18cdb2da2183df4c645831c20a070fae3ffa8ddb163cd1a0dd1c_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9e39df1296cd22c9ee4c9fe291bd8d2555466d212a32047b3f6c64ca993563f0_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce777a4c38bef7988300446caaea03e9eef9ea6e5260a9558e09af81a9b866b2_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:e12ca81c2bf4f7d29444833e92a06eec5da433e931803e89c5315fa61afa0f04_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:68588cd4073be83b9e42fbde29656bbb9e007b53c47d1b943d19aebe624e61c1_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:8a1dbff7cea816ea96546e6d1647b5ab439c85ec2a76c3d74dadb462da71000f_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:c07e3a2ac395e06468105553dce097334f262c3f94d96cafc500660ed29eb91d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:e2be27500e84f830a79c1a8f141d9efb33bd02464239e5611b6e1aafa82af302_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:0ffb28605471f52ffb11c090e3ac49c58ee96a6dc4fe13d851ee8a647e413f15_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:28dd159630562c2cf106fd9c90ee2f0eb6c27eb20f44a0ad89aa62df28ba5686_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:4346d91114d23b5e794c67fff10560730b51a38376cdbae0787c4d9cde7a419a_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:977f445a5a4e5cab65df2ea078ff36b58c25198ee914e5aa7e91533e1d9b7cb5_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:30735e400419bb8c08bfcdc302d3ab97786e7825e89f604e3f6a1f42d727e3ca_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:99cdf691126ba1bd8c3f0279a95dda1c8c76fe257a72f59a479a926a0ac7eba5_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:cbf2da4bfb39ff37c0028bbcae621b5e8e37e32f8b7c622139fbce3f1cc0f8de_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:f4ae7819aab6a853500b54577955ec9433280b1d839b145971a3a1764a59b52c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:1b33e9cab1b582ad850c95a008c23065a917a53b82d540680884da19e12b99b2_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:5960f10bd4d8367edaa123af5adc2186408c21cdf547ce623796a41647269590_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:9df5c5f0b8760d015216140a11ca25cb36dd77a51d8a1804670f942cf5372803_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:fcaf1df1c9c3b91a3a8342fb1ee44f1928f4d5adc168435dafb72c0ab0a7e124_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "elliptic: nodejs/elliptic: EDDSA signature malleability due to missing signature length check"
},
{
"cve": "CVE-2024-42460",
"cwe": {
"id": "CWE-325",
"name": "Missing Cryptographic Step"
},
"discovery_date": "2024-08-02T07:20:14+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2302459"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Elliptic NodeJS package where it fails to properly verify the leading bit for the R and S values used in the ECDSA signature. This issue may lead to a scenario where an attacker can modify the signature without the Elliptic library being able to properly reject it, causing data confidentiality issues.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "elliptic: nodejs/elliptic: ECDSA signature malleability due to missing checks",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:0e5a5f9e98b1181a4624abaeae779a52a9f23b885bf5c49b501cb89b47ea57e8_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:650a7a328845a5614844e5121d3fb643860f851985c263759d8b3fc4d3837fed_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:880dc5db1971ed397af223519a8a43b513dbba90eae5fd09f173b0051f159c22_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:a64c67b2bb9cddc99836dd93c169043b3ee048cfca7d7ad4ec28fada75c3240a_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:30451a29ff2f14bf8c4f210ebf000679ce0ffa4af5fb6d7e931402ca4c0698f6_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:3c32da67d342a74b171f28049ff997014ed7ba4a9a63bcddf1bcd4761df91d6d_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:4de88f118f7f0f9c82dedb534d2201a969a6eb7129862fbe99d977619346a91e_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:7e8ec2e701f32afd8502a40809cf7d707679cfc7bced4b7545d4c828617809ba_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:10a472f7556e95753ed1ed78e68107539a4fa21edd99c5c971442ad9f8ea6160_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:2fa038769856650e23d56871f3b9746f82f7b1d0ae20287779e4d8c895642212_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:95a0d1e8765e6e983635c0ed5e7ba7c5ce8deaa3f702d41557b7cce20755f997_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:fcceb12b4878f180a9e4263c22e04a3b048a88951b9b4dbf735dc59bbe92cedc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:55220093363a18cdb2da2183df4c645831c20a070fae3ffa8ddb163cd1a0dd1c_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9e39df1296cd22c9ee4c9fe291bd8d2555466d212a32047b3f6c64ca993563f0_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce777a4c38bef7988300446caaea03e9eef9ea6e5260a9558e09af81a9b866b2_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:e12ca81c2bf4f7d29444833e92a06eec5da433e931803e89c5315fa61afa0f04_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:68588cd4073be83b9e42fbde29656bbb9e007b53c47d1b943d19aebe624e61c1_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:8a1dbff7cea816ea96546e6d1647b5ab439c85ec2a76c3d74dadb462da71000f_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:c07e3a2ac395e06468105553dce097334f262c3f94d96cafc500660ed29eb91d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:e2be27500e84f830a79c1a8f141d9efb33bd02464239e5611b6e1aafa82af302_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:0ffb28605471f52ffb11c090e3ac49c58ee96a6dc4fe13d851ee8a647e413f15_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:28dd159630562c2cf106fd9c90ee2f0eb6c27eb20f44a0ad89aa62df28ba5686_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:4346d91114d23b5e794c67fff10560730b51a38376cdbae0787c4d9cde7a419a_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:977f445a5a4e5cab65df2ea078ff36b58c25198ee914e5aa7e91533e1d9b7cb5_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:30735e400419bb8c08bfcdc302d3ab97786e7825e89f604e3f6a1f42d727e3ca_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:99cdf691126ba1bd8c3f0279a95dda1c8c76fe257a72f59a479a926a0ac7eba5_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:cbf2da4bfb39ff37c0028bbcae621b5e8e37e32f8b7c622139fbce3f1cc0f8de_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:f4ae7819aab6a853500b54577955ec9433280b1d839b145971a3a1764a59b52c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:1b33e9cab1b582ad850c95a008c23065a917a53b82d540680884da19e12b99b2_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:5960f10bd4d8367edaa123af5adc2186408c21cdf547ce623796a41647269590_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:9df5c5f0b8760d015216140a11ca25cb36dd77a51d8a1804670f942cf5372803_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:fcaf1df1c9c3b91a3a8342fb1ee44f1928f4d5adc168435dafb72c0ab0a7e124_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-42460"
},
{
"category": "external",
"summary": "RHBZ#2302459",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302459"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-42460",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42460"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-42460",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-42460"
},
{
"category": "external",
"summary": "https://github.com/indutny/elliptic/pull/317",
"url": "https://github.com/indutny/elliptic/pull/317"
}
],
"release_date": "2024-08-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-03T10:05:02+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:0e5a5f9e98b1181a4624abaeae779a52a9f23b885bf5c49b501cb89b47ea57e8_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:650a7a328845a5614844e5121d3fb643860f851985c263759d8b3fc4d3837fed_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:880dc5db1971ed397af223519a8a43b513dbba90eae5fd09f173b0051f159c22_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:a64c67b2bb9cddc99836dd93c169043b3ee048cfca7d7ad4ec28fada75c3240a_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:30451a29ff2f14bf8c4f210ebf000679ce0ffa4af5fb6d7e931402ca4c0698f6_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:3c32da67d342a74b171f28049ff997014ed7ba4a9a63bcddf1bcd4761df91d6d_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:4de88f118f7f0f9c82dedb534d2201a969a6eb7129862fbe99d977619346a91e_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:7e8ec2e701f32afd8502a40809cf7d707679cfc7bced4b7545d4c828617809ba_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:10a472f7556e95753ed1ed78e68107539a4fa21edd99c5c971442ad9f8ea6160_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:2fa038769856650e23d56871f3b9746f82f7b1d0ae20287779e4d8c895642212_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:95a0d1e8765e6e983635c0ed5e7ba7c5ce8deaa3f702d41557b7cce20755f997_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:fcceb12b4878f180a9e4263c22e04a3b048a88951b9b4dbf735dc59bbe92cedc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:55220093363a18cdb2da2183df4c645831c20a070fae3ffa8ddb163cd1a0dd1c_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9e39df1296cd22c9ee4c9fe291bd8d2555466d212a32047b3f6c64ca993563f0_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce777a4c38bef7988300446caaea03e9eef9ea6e5260a9558e09af81a9b866b2_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:e12ca81c2bf4f7d29444833e92a06eec5da433e931803e89c5315fa61afa0f04_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:68588cd4073be83b9e42fbde29656bbb9e007b53c47d1b943d19aebe624e61c1_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:8a1dbff7cea816ea96546e6d1647b5ab439c85ec2a76c3d74dadb462da71000f_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:c07e3a2ac395e06468105553dce097334f262c3f94d96cafc500660ed29eb91d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:e2be27500e84f830a79c1a8f141d9efb33bd02464239e5611b6e1aafa82af302_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:0ffb28605471f52ffb11c090e3ac49c58ee96a6dc4fe13d851ee8a647e413f15_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:28dd159630562c2cf106fd9c90ee2f0eb6c27eb20f44a0ad89aa62df28ba5686_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:4346d91114d23b5e794c67fff10560730b51a38376cdbae0787c4d9cde7a419a_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:977f445a5a4e5cab65df2ea078ff36b58c25198ee914e5aa7e91533e1d9b7cb5_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:30735e400419bb8c08bfcdc302d3ab97786e7825e89f604e3f6a1f42d727e3ca_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:99cdf691126ba1bd8c3f0279a95dda1c8c76fe257a72f59a479a926a0ac7eba5_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:cbf2da4bfb39ff37c0028bbcae621b5e8e37e32f8b7c622139fbce3f1cc0f8de_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:f4ae7819aab6a853500b54577955ec9433280b1d839b145971a3a1764a59b52c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:1b33e9cab1b582ad850c95a008c23065a917a53b82d540680884da19e12b99b2_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:5960f10bd4d8367edaa123af5adc2186408c21cdf547ce623796a41647269590_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:9df5c5f0b8760d015216140a11ca25cb36dd77a51d8a1804670f942cf5372803_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:fcaf1df1c9c3b91a3a8342fb1ee44f1928f4d5adc168435dafb72c0ab0a7e124_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6210"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:0e5a5f9e98b1181a4624abaeae779a52a9f23b885bf5c49b501cb89b47ea57e8_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:650a7a328845a5614844e5121d3fb643860f851985c263759d8b3fc4d3837fed_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:880dc5db1971ed397af223519a8a43b513dbba90eae5fd09f173b0051f159c22_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:a64c67b2bb9cddc99836dd93c169043b3ee048cfca7d7ad4ec28fada75c3240a_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:30451a29ff2f14bf8c4f210ebf000679ce0ffa4af5fb6d7e931402ca4c0698f6_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:3c32da67d342a74b171f28049ff997014ed7ba4a9a63bcddf1bcd4761df91d6d_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:4de88f118f7f0f9c82dedb534d2201a969a6eb7129862fbe99d977619346a91e_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:7e8ec2e701f32afd8502a40809cf7d707679cfc7bced4b7545d4c828617809ba_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:10a472f7556e95753ed1ed78e68107539a4fa21edd99c5c971442ad9f8ea6160_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:2fa038769856650e23d56871f3b9746f82f7b1d0ae20287779e4d8c895642212_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:95a0d1e8765e6e983635c0ed5e7ba7c5ce8deaa3f702d41557b7cce20755f997_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:fcceb12b4878f180a9e4263c22e04a3b048a88951b9b4dbf735dc59bbe92cedc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:55220093363a18cdb2da2183df4c645831c20a070fae3ffa8ddb163cd1a0dd1c_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9e39df1296cd22c9ee4c9fe291bd8d2555466d212a32047b3f6c64ca993563f0_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce777a4c38bef7988300446caaea03e9eef9ea6e5260a9558e09af81a9b866b2_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:e12ca81c2bf4f7d29444833e92a06eec5da433e931803e89c5315fa61afa0f04_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:68588cd4073be83b9e42fbde29656bbb9e007b53c47d1b943d19aebe624e61c1_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:8a1dbff7cea816ea96546e6d1647b5ab439c85ec2a76c3d74dadb462da71000f_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:c07e3a2ac395e06468105553dce097334f262c3f94d96cafc500660ed29eb91d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:e2be27500e84f830a79c1a8f141d9efb33bd02464239e5611b6e1aafa82af302_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:0ffb28605471f52ffb11c090e3ac49c58ee96a6dc4fe13d851ee8a647e413f15_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:28dd159630562c2cf106fd9c90ee2f0eb6c27eb20f44a0ad89aa62df28ba5686_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:4346d91114d23b5e794c67fff10560730b51a38376cdbae0787c4d9cde7a419a_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:977f445a5a4e5cab65df2ea078ff36b58c25198ee914e5aa7e91533e1d9b7cb5_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:30735e400419bb8c08bfcdc302d3ab97786e7825e89f604e3f6a1f42d727e3ca_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:99cdf691126ba1bd8c3f0279a95dda1c8c76fe257a72f59a479a926a0ac7eba5_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:cbf2da4bfb39ff37c0028bbcae621b5e8e37e32f8b7c622139fbce3f1cc0f8de_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:f4ae7819aab6a853500b54577955ec9433280b1d839b145971a3a1764a59b52c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:1b33e9cab1b582ad850c95a008c23065a917a53b82d540680884da19e12b99b2_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:5960f10bd4d8367edaa123af5adc2186408c21cdf547ce623796a41647269590_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:9df5c5f0b8760d015216140a11ca25cb36dd77a51d8a1804670f942cf5372803_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:fcaf1df1c9c3b91a3a8342fb1ee44f1928f4d5adc168435dafb72c0ab0a7e124_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:0e5a5f9e98b1181a4624abaeae779a52a9f23b885bf5c49b501cb89b47ea57e8_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:650a7a328845a5614844e5121d3fb643860f851985c263759d8b3fc4d3837fed_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:880dc5db1971ed397af223519a8a43b513dbba90eae5fd09f173b0051f159c22_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:a64c67b2bb9cddc99836dd93c169043b3ee048cfca7d7ad4ec28fada75c3240a_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:30451a29ff2f14bf8c4f210ebf000679ce0ffa4af5fb6d7e931402ca4c0698f6_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:3c32da67d342a74b171f28049ff997014ed7ba4a9a63bcddf1bcd4761df91d6d_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:4de88f118f7f0f9c82dedb534d2201a969a6eb7129862fbe99d977619346a91e_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:7e8ec2e701f32afd8502a40809cf7d707679cfc7bced4b7545d4c828617809ba_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:10a472f7556e95753ed1ed78e68107539a4fa21edd99c5c971442ad9f8ea6160_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:2fa038769856650e23d56871f3b9746f82f7b1d0ae20287779e4d8c895642212_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:95a0d1e8765e6e983635c0ed5e7ba7c5ce8deaa3f702d41557b7cce20755f997_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:fcceb12b4878f180a9e4263c22e04a3b048a88951b9b4dbf735dc59bbe92cedc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:55220093363a18cdb2da2183df4c645831c20a070fae3ffa8ddb163cd1a0dd1c_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9e39df1296cd22c9ee4c9fe291bd8d2555466d212a32047b3f6c64ca993563f0_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce777a4c38bef7988300446caaea03e9eef9ea6e5260a9558e09af81a9b866b2_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:e12ca81c2bf4f7d29444833e92a06eec5da433e931803e89c5315fa61afa0f04_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:68588cd4073be83b9e42fbde29656bbb9e007b53c47d1b943d19aebe624e61c1_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:8a1dbff7cea816ea96546e6d1647b5ab439c85ec2a76c3d74dadb462da71000f_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:c07e3a2ac395e06468105553dce097334f262c3f94d96cafc500660ed29eb91d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:e2be27500e84f830a79c1a8f141d9efb33bd02464239e5611b6e1aafa82af302_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:0ffb28605471f52ffb11c090e3ac49c58ee96a6dc4fe13d851ee8a647e413f15_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:28dd159630562c2cf106fd9c90ee2f0eb6c27eb20f44a0ad89aa62df28ba5686_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:4346d91114d23b5e794c67fff10560730b51a38376cdbae0787c4d9cde7a419a_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:977f445a5a4e5cab65df2ea078ff36b58c25198ee914e5aa7e91533e1d9b7cb5_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:30735e400419bb8c08bfcdc302d3ab97786e7825e89f604e3f6a1f42d727e3ca_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:99cdf691126ba1bd8c3f0279a95dda1c8c76fe257a72f59a479a926a0ac7eba5_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:cbf2da4bfb39ff37c0028bbcae621b5e8e37e32f8b7c622139fbce3f1cc0f8de_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:f4ae7819aab6a853500b54577955ec9433280b1d839b145971a3a1764a59b52c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:1b33e9cab1b582ad850c95a008c23065a917a53b82d540680884da19e12b99b2_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:5960f10bd4d8367edaa123af5adc2186408c21cdf547ce623796a41647269590_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:9df5c5f0b8760d015216140a11ca25cb36dd77a51d8a1804670f942cf5372803_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:fcaf1df1c9c3b91a3a8342fb1ee44f1928f4d5adc168435dafb72c0ab0a7e124_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "elliptic: nodejs/elliptic: ECDSA signature malleability due to missing checks"
},
{
"cve": "CVE-2024-42461",
"cwe": {
"id": "CWE-347",
"name": "Improper Verification of Cryptographic Signature"
},
"discovery_date": "2024-08-02T07:20:17+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2302460"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Elliptic package for Node.js. ECDSA signatures encoded in BER format are improperly validated, allowing leading zeros to be added to the signature without invalidating it, resulting in confidentiality issues.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "elliptic: nodejs/elliptic: ECDSA implementation malleability due to BER-enconded signatures being allowed",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability was found in the elliptic npm package, it is an Improper Verification of Cryptographic Signature that occurs because the library accepts non-strictly BER-encoded signatures.This allows an attacker to create another valid signature for the same message, which may cause issues in systems that rely on unique signatures for identifying transactions.The overall impact on confidentiality is low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:0e5a5f9e98b1181a4624abaeae779a52a9f23b885bf5c49b501cb89b47ea57e8_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:650a7a328845a5614844e5121d3fb643860f851985c263759d8b3fc4d3837fed_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:880dc5db1971ed397af223519a8a43b513dbba90eae5fd09f173b0051f159c22_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:a64c67b2bb9cddc99836dd93c169043b3ee048cfca7d7ad4ec28fada75c3240a_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:30451a29ff2f14bf8c4f210ebf000679ce0ffa4af5fb6d7e931402ca4c0698f6_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:3c32da67d342a74b171f28049ff997014ed7ba4a9a63bcddf1bcd4761df91d6d_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:4de88f118f7f0f9c82dedb534d2201a969a6eb7129862fbe99d977619346a91e_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:7e8ec2e701f32afd8502a40809cf7d707679cfc7bced4b7545d4c828617809ba_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:10a472f7556e95753ed1ed78e68107539a4fa21edd99c5c971442ad9f8ea6160_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:2fa038769856650e23d56871f3b9746f82f7b1d0ae20287779e4d8c895642212_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:95a0d1e8765e6e983635c0ed5e7ba7c5ce8deaa3f702d41557b7cce20755f997_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:fcceb12b4878f180a9e4263c22e04a3b048a88951b9b4dbf735dc59bbe92cedc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:55220093363a18cdb2da2183df4c645831c20a070fae3ffa8ddb163cd1a0dd1c_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9e39df1296cd22c9ee4c9fe291bd8d2555466d212a32047b3f6c64ca993563f0_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce777a4c38bef7988300446caaea03e9eef9ea6e5260a9558e09af81a9b866b2_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:e12ca81c2bf4f7d29444833e92a06eec5da433e931803e89c5315fa61afa0f04_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:68588cd4073be83b9e42fbde29656bbb9e007b53c47d1b943d19aebe624e61c1_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:8a1dbff7cea816ea96546e6d1647b5ab439c85ec2a76c3d74dadb462da71000f_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:c07e3a2ac395e06468105553dce097334f262c3f94d96cafc500660ed29eb91d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:e2be27500e84f830a79c1a8f141d9efb33bd02464239e5611b6e1aafa82af302_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:0ffb28605471f52ffb11c090e3ac49c58ee96a6dc4fe13d851ee8a647e413f15_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:28dd159630562c2cf106fd9c90ee2f0eb6c27eb20f44a0ad89aa62df28ba5686_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:4346d91114d23b5e794c67fff10560730b51a38376cdbae0787c4d9cde7a419a_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:977f445a5a4e5cab65df2ea078ff36b58c25198ee914e5aa7e91533e1d9b7cb5_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:30735e400419bb8c08bfcdc302d3ab97786e7825e89f604e3f6a1f42d727e3ca_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:99cdf691126ba1bd8c3f0279a95dda1c8c76fe257a72f59a479a926a0ac7eba5_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:cbf2da4bfb39ff37c0028bbcae621b5e8e37e32f8b7c622139fbce3f1cc0f8de_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:f4ae7819aab6a853500b54577955ec9433280b1d839b145971a3a1764a59b52c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:1b33e9cab1b582ad850c95a008c23065a917a53b82d540680884da19e12b99b2_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:5960f10bd4d8367edaa123af5adc2186408c21cdf547ce623796a41647269590_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:9df5c5f0b8760d015216140a11ca25cb36dd77a51d8a1804670f942cf5372803_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:fcaf1df1c9c3b91a3a8342fb1ee44f1928f4d5adc168435dafb72c0ab0a7e124_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-42461"
},
{
"category": "external",
"summary": "RHBZ#2302460",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302460"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-42461",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42461"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-42461",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-42461"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-49q7-c7j4-3p7m",
"url": "https://github.com/advisories/GHSA-49q7-c7j4-3p7m"
},
{
"category": "external",
"summary": "https://github.com/indutny/elliptic/pull/317",
"url": "https://github.com/indutny/elliptic/pull/317"
}
],
"release_date": "2024-08-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-03T10:05:02+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:0e5a5f9e98b1181a4624abaeae779a52a9f23b885bf5c49b501cb89b47ea57e8_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:650a7a328845a5614844e5121d3fb643860f851985c263759d8b3fc4d3837fed_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:880dc5db1971ed397af223519a8a43b513dbba90eae5fd09f173b0051f159c22_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:a64c67b2bb9cddc99836dd93c169043b3ee048cfca7d7ad4ec28fada75c3240a_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:30451a29ff2f14bf8c4f210ebf000679ce0ffa4af5fb6d7e931402ca4c0698f6_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:3c32da67d342a74b171f28049ff997014ed7ba4a9a63bcddf1bcd4761df91d6d_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:4de88f118f7f0f9c82dedb534d2201a969a6eb7129862fbe99d977619346a91e_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:7e8ec2e701f32afd8502a40809cf7d707679cfc7bced4b7545d4c828617809ba_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:10a472f7556e95753ed1ed78e68107539a4fa21edd99c5c971442ad9f8ea6160_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:2fa038769856650e23d56871f3b9746f82f7b1d0ae20287779e4d8c895642212_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:95a0d1e8765e6e983635c0ed5e7ba7c5ce8deaa3f702d41557b7cce20755f997_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:fcceb12b4878f180a9e4263c22e04a3b048a88951b9b4dbf735dc59bbe92cedc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:55220093363a18cdb2da2183df4c645831c20a070fae3ffa8ddb163cd1a0dd1c_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9e39df1296cd22c9ee4c9fe291bd8d2555466d212a32047b3f6c64ca993563f0_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce777a4c38bef7988300446caaea03e9eef9ea6e5260a9558e09af81a9b866b2_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:e12ca81c2bf4f7d29444833e92a06eec5da433e931803e89c5315fa61afa0f04_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:68588cd4073be83b9e42fbde29656bbb9e007b53c47d1b943d19aebe624e61c1_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:8a1dbff7cea816ea96546e6d1647b5ab439c85ec2a76c3d74dadb462da71000f_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:c07e3a2ac395e06468105553dce097334f262c3f94d96cafc500660ed29eb91d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:e2be27500e84f830a79c1a8f141d9efb33bd02464239e5611b6e1aafa82af302_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:0ffb28605471f52ffb11c090e3ac49c58ee96a6dc4fe13d851ee8a647e413f15_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:28dd159630562c2cf106fd9c90ee2f0eb6c27eb20f44a0ad89aa62df28ba5686_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:4346d91114d23b5e794c67fff10560730b51a38376cdbae0787c4d9cde7a419a_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:977f445a5a4e5cab65df2ea078ff36b58c25198ee914e5aa7e91533e1d9b7cb5_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:30735e400419bb8c08bfcdc302d3ab97786e7825e89f604e3f6a1f42d727e3ca_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:99cdf691126ba1bd8c3f0279a95dda1c8c76fe257a72f59a479a926a0ac7eba5_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:cbf2da4bfb39ff37c0028bbcae621b5e8e37e32f8b7c622139fbce3f1cc0f8de_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:f4ae7819aab6a853500b54577955ec9433280b1d839b145971a3a1764a59b52c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:1b33e9cab1b582ad850c95a008c23065a917a53b82d540680884da19e12b99b2_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:5960f10bd4d8367edaa123af5adc2186408c21cdf547ce623796a41647269590_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:9df5c5f0b8760d015216140a11ca25cb36dd77a51d8a1804670f942cf5372803_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:fcaf1df1c9c3b91a3a8342fb1ee44f1928f4d5adc168435dafb72c0ab0a7e124_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6210"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:0e5a5f9e98b1181a4624abaeae779a52a9f23b885bf5c49b501cb89b47ea57e8_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:650a7a328845a5614844e5121d3fb643860f851985c263759d8b3fc4d3837fed_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:880dc5db1971ed397af223519a8a43b513dbba90eae5fd09f173b0051f159c22_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:a64c67b2bb9cddc99836dd93c169043b3ee048cfca7d7ad4ec28fada75c3240a_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:30451a29ff2f14bf8c4f210ebf000679ce0ffa4af5fb6d7e931402ca4c0698f6_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:3c32da67d342a74b171f28049ff997014ed7ba4a9a63bcddf1bcd4761df91d6d_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:4de88f118f7f0f9c82dedb534d2201a969a6eb7129862fbe99d977619346a91e_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:7e8ec2e701f32afd8502a40809cf7d707679cfc7bced4b7545d4c828617809ba_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:10a472f7556e95753ed1ed78e68107539a4fa21edd99c5c971442ad9f8ea6160_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:2fa038769856650e23d56871f3b9746f82f7b1d0ae20287779e4d8c895642212_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:95a0d1e8765e6e983635c0ed5e7ba7c5ce8deaa3f702d41557b7cce20755f997_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:fcceb12b4878f180a9e4263c22e04a3b048a88951b9b4dbf735dc59bbe92cedc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:55220093363a18cdb2da2183df4c645831c20a070fae3ffa8ddb163cd1a0dd1c_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9e39df1296cd22c9ee4c9fe291bd8d2555466d212a32047b3f6c64ca993563f0_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce777a4c38bef7988300446caaea03e9eef9ea6e5260a9558e09af81a9b866b2_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:e12ca81c2bf4f7d29444833e92a06eec5da433e931803e89c5315fa61afa0f04_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:68588cd4073be83b9e42fbde29656bbb9e007b53c47d1b943d19aebe624e61c1_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:8a1dbff7cea816ea96546e6d1647b5ab439c85ec2a76c3d74dadb462da71000f_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:c07e3a2ac395e06468105553dce097334f262c3f94d96cafc500660ed29eb91d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:e2be27500e84f830a79c1a8f141d9efb33bd02464239e5611b6e1aafa82af302_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:0ffb28605471f52ffb11c090e3ac49c58ee96a6dc4fe13d851ee8a647e413f15_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:28dd159630562c2cf106fd9c90ee2f0eb6c27eb20f44a0ad89aa62df28ba5686_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:4346d91114d23b5e794c67fff10560730b51a38376cdbae0787c4d9cde7a419a_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:977f445a5a4e5cab65df2ea078ff36b58c25198ee914e5aa7e91533e1d9b7cb5_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:30735e400419bb8c08bfcdc302d3ab97786e7825e89f604e3f6a1f42d727e3ca_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:99cdf691126ba1bd8c3f0279a95dda1c8c76fe257a72f59a479a926a0ac7eba5_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:cbf2da4bfb39ff37c0028bbcae621b5e8e37e32f8b7c622139fbce3f1cc0f8de_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:f4ae7819aab6a853500b54577955ec9433280b1d839b145971a3a1764a59b52c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:1b33e9cab1b582ad850c95a008c23065a917a53b82d540680884da19e12b99b2_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:5960f10bd4d8367edaa123af5adc2186408c21cdf547ce623796a41647269590_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:9df5c5f0b8760d015216140a11ca25cb36dd77a51d8a1804670f942cf5372803_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:fcaf1df1c9c3b91a3a8342fb1ee44f1928f4d5adc168435dafb72c0ab0a7e124_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:0e5a5f9e98b1181a4624abaeae779a52a9f23b885bf5c49b501cb89b47ea57e8_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:650a7a328845a5614844e5121d3fb643860f851985c263759d8b3fc4d3837fed_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:880dc5db1971ed397af223519a8a43b513dbba90eae5fd09f173b0051f159c22_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:a64c67b2bb9cddc99836dd93c169043b3ee048cfca7d7ad4ec28fada75c3240a_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:30451a29ff2f14bf8c4f210ebf000679ce0ffa4af5fb6d7e931402ca4c0698f6_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:3c32da67d342a74b171f28049ff997014ed7ba4a9a63bcddf1bcd4761df91d6d_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:4de88f118f7f0f9c82dedb534d2201a969a6eb7129862fbe99d977619346a91e_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:7e8ec2e701f32afd8502a40809cf7d707679cfc7bced4b7545d4c828617809ba_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:10a472f7556e95753ed1ed78e68107539a4fa21edd99c5c971442ad9f8ea6160_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:2fa038769856650e23d56871f3b9746f82f7b1d0ae20287779e4d8c895642212_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:95a0d1e8765e6e983635c0ed5e7ba7c5ce8deaa3f702d41557b7cce20755f997_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:fcceb12b4878f180a9e4263c22e04a3b048a88951b9b4dbf735dc59bbe92cedc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:55220093363a18cdb2da2183df4c645831c20a070fae3ffa8ddb163cd1a0dd1c_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9e39df1296cd22c9ee4c9fe291bd8d2555466d212a32047b3f6c64ca993563f0_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce777a4c38bef7988300446caaea03e9eef9ea6e5260a9558e09af81a9b866b2_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:e12ca81c2bf4f7d29444833e92a06eec5da433e931803e89c5315fa61afa0f04_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:68588cd4073be83b9e42fbde29656bbb9e007b53c47d1b943d19aebe624e61c1_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:8a1dbff7cea816ea96546e6d1647b5ab439c85ec2a76c3d74dadb462da71000f_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:c07e3a2ac395e06468105553dce097334f262c3f94d96cafc500660ed29eb91d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:e2be27500e84f830a79c1a8f141d9efb33bd02464239e5611b6e1aafa82af302_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:0ffb28605471f52ffb11c090e3ac49c58ee96a6dc4fe13d851ee8a647e413f15_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:28dd159630562c2cf106fd9c90ee2f0eb6c27eb20f44a0ad89aa62df28ba5686_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:4346d91114d23b5e794c67fff10560730b51a38376cdbae0787c4d9cde7a419a_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:977f445a5a4e5cab65df2ea078ff36b58c25198ee914e5aa7e91533e1d9b7cb5_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:30735e400419bb8c08bfcdc302d3ab97786e7825e89f604e3f6a1f42d727e3ca_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:99cdf691126ba1bd8c3f0279a95dda1c8c76fe257a72f59a479a926a0ac7eba5_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:cbf2da4bfb39ff37c0028bbcae621b5e8e37e32f8b7c622139fbce3f1cc0f8de_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:f4ae7819aab6a853500b54577955ec9433280b1d839b145971a3a1764a59b52c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:1b33e9cab1b582ad850c95a008c23065a917a53b82d540680884da19e12b99b2_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:5960f10bd4d8367edaa123af5adc2186408c21cdf547ce623796a41647269590_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:9df5c5f0b8760d015216140a11ca25cb36dd77a51d8a1804670f942cf5372803_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:fcaf1df1c9c3b91a3a8342fb1ee44f1928f4d5adc168435dafb72c0ab0a7e124_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "elliptic: nodejs/elliptic: ECDSA implementation malleability due to BER-enconded signatures being allowed"
}
]
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…