RHSA-2025:1468
Vulnerability from csaf_redhat - Published: 2025-02-13 18:14 - Updated: 2026-05-29 18:40Summary
Red Hat Security Advisory: ACS 4.4 enhancement and security update
Severity
Important
Notes
Topic: Updated images are now available for Red Hat Advanced Cluster Security for Kubernetes (RHACS). The updated image includes security fixes.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: This release of RHACS 4.4.8 includes security fixes. If you are
using an earlier version of RHACS 4.4, you are advised to upgrade to this
patch release 4.4.8.
Security issues fixed:
* npm-serialize-javascript: Cross-site Scripting (XSS) in serialize-javascript (CVE-2024-11831)
* go-git: Argument injection via the URL field (CVE-2025-21613)
* go-git: Go-git clients vulnerable to DoS via maliciously crafted Git server replies (CVE-2025-21614)
* golang.org/x/crypto/ssh: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto (CVE-2024-45337)
* golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html (CVE-2024-45338)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in npm-serialize-javascript. The vulnerability occurs because the serialize-javascript module does not properly sanitize certain inputs, such as regex or other JavaScript object types, allowing an attacker to inject malicious code. This code could be executed when deserialized by a web browser, causing Cross-site scripting (XSS) attacks. This issue is critical in environments where serialized data is sent to web clients, potentially compromising the security of the website or web application using this package.
5.4 (Medium)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:0e867de15e3038db7274dc1d84cd8ca5b1860b661c8b16ecd8f7aeefa76077a8_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:1aedb2f4b2aefa9586c8aecfff4647497f7a36fc6a547d6688645d87e90413f4_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:92f98ca560ce539495108e6212737ea6cf83215fe0a5aa7a12636ee9d5fca88f_ppc64le | — |
Vendor Fix
fix
Workaround
|
Known not affected
36 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:394f4fd42c292ef68abf4a9104fe668026e394c3243ebf9b184d40a4b4b0132e_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:6478816c1b2bdeb40c77c267fff033dca5523375c64623bf56d493c4417a3c3f_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:8b92405457c5240a4d672409a7519d28463f2f0e104f441e3d0d0839549c6215_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:39367ad4f4807b804eb6a95d241d99c528995f75d3264b58820cf50fa6abceef_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:a5a1e18726ce755a8f2a36a58928714d61f4426643b7f08da086004982e993ef_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cd132ae4b02647d5b0f0a910539c75efb3e0795590df00056542e969605ae296_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:357fa537a29f82ca117b8ed4695456707bd9599c5057ed938a91114e94badf62_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:62ddbd8b9e0b27be7a0541c7fe085b621834facff7d83d4a2e57b56ef6c713a2_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:94b445cbaef0111d98a0ee595988ef420423aa381b36e7127e76e385be12996a_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:123c0108bd7a190dd2accfd21786600f787147f040e57fb5f840861e2caa441d_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:6f81e9b903594b0a8bd5517900f7677e09c942953d257c87da11fb779e0f9dab_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:8c199930239623166973ea9cdb40ce2e2537d63e8c731afca3892caa84d2f16a_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:2f74522967f06958e385468a31e14bb9ede90569dec8292d61e67c6640c1ebde_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:38b340062dea9adc1159a326d39a214541e259e9e16582ef98efcd8e6deb3dd6_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:609205741b369f72807fcec1fd3351d56e4605fdbbee37975fad8c01a5ea0339_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1ab2b5e9423a2edd5f663cdbf4c15dd6a5c13db13125161f4b4a9916d3c523e2_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1e37a386006e4a7b4414dcdbe6a42191b8f41e706e1df6dfe401cbdbe342f06a_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b0f32d062678d69350a3a1a18b643c8b97ebfdbd0bea1c0ee67312312d02fcba_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:439fc3b91a4841c81355ecbb5c610c66139525df82bdb96a4ece4ffd20aca0a5_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7108fcc2c26b8e735231d9bad43febbc2ccc15723b15d3bf9ba643f950f75857_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7c4fa13ab624b17711df308a9434e529b49b259fe9c6bde4b4e9037ae45996d6_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62df44281133dd4191848bfb861ba70eeb113b2bc0ce28c71b82524860421bed_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:844cef84fb29ee2996c284c6d517a645d4b14862c17021bd1b0052515cd364df_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:fc974b15c869a26e0ae259a39ce0ed1f1954630557c31465561eeee67bfc2797_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:08c488f99ef1c837418842db1c8e52391a55f5f61a1de98edbbe3a201070168a_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:20a368484142ce585e3a49a402bab10b2045ba2d89711154ae80457c01881a4c_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f252a2c2eaa0a4807e39df8e5fe89a8b66e8ef62a9303a144b765c4857b17e51_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:17a5ed5cea7a0b355ea13e6a95218143c351e34cee1ba0188a14c28f9605e504_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1d00cc8be3101e0a0a901249545566689d1de5554f5101b8fcbb6fa1827d508b_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d001fb8afaf083ac3b02ab7571a709183931ef37baa75908556081480ee395dc_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1ad40dd05581bffe04db700b8b4fbfbe8112399f2bef70b69dd690458b6512ed_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:224bfa6af3a2a9b15657ee0adc0233608bb7a2218f9a488b537e3af4c53acacf_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f2cf132ddd130c3de1e3732f35fdade709c17e8a2775df5ab47cf7583db82fd6_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9ae99a357ee1f9e42942edc998b378960d1a4a6bd9630b802f86743965f36898_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bcc9fd4d95422283c8d6016e1f85cd4522f43c0504cadf6aec40b9c30f2d945d_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c9713eae9be9f99e9e7382ace5f520f96f641c50d8aed1c64a0f6a0ba9ed5395_ppc64le | — |
Workaround
|
Threats
Impact
Moderate
A flaw was found in the x/crypto/ssh go library. Applications and libraries that misuse the ServerConfig.PublicKeyCallback callback may be susceptible to an authorization bypass. For example, an attacker may send public keys A and B and authenticate with A. PublicKeyCallback would be called only twice, first with A and then with B. A vulnerable application may then make authorization decisions based on key B, for which the attacker does not control the private key. The misuse of ServerConfig.PublicKeyCallback may cause an authorization bypass.
8.2 (High)
Affected products
Fixed
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:394f4fd42c292ef68abf4a9104fe668026e394c3243ebf9b184d40a4b4b0132e_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:6478816c1b2bdeb40c77c267fff033dca5523375c64623bf56d493c4417a3c3f_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:8b92405457c5240a4d672409a7519d28463f2f0e104f441e3d0d0839549c6215_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:0e867de15e3038db7274dc1d84cd8ca5b1860b661c8b16ecd8f7aeefa76077a8_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:1aedb2f4b2aefa9586c8aecfff4647497f7a36fc6a547d6688645d87e90413f4_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:92f98ca560ce539495108e6212737ea6cf83215fe0a5aa7a12636ee9d5fca88f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:2f74522967f06958e385468a31e14bb9ede90569dec8292d61e67c6640c1ebde_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:38b340062dea9adc1159a326d39a214541e259e9e16582ef98efcd8e6deb3dd6_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:609205741b369f72807fcec1fd3351d56e4605fdbbee37975fad8c01a5ea0339_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1ab2b5e9423a2edd5f663cdbf4c15dd6a5c13db13125161f4b4a9916d3c523e2_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1e37a386006e4a7b4414dcdbe6a42191b8f41e706e1df6dfe401cbdbe342f06a_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b0f32d062678d69350a3a1a18b643c8b97ebfdbd0bea1c0ee67312312d02fcba_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:39367ad4f4807b804eb6a95d241d99c528995f75d3264b58820cf50fa6abceef_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:a5a1e18726ce755a8f2a36a58928714d61f4426643b7f08da086004982e993ef_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cd132ae4b02647d5b0f0a910539c75efb3e0795590df00056542e969605ae296_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:357fa537a29f82ca117b8ed4695456707bd9599c5057ed938a91114e94badf62_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:62ddbd8b9e0b27be7a0541c7fe085b621834facff7d83d4a2e57b56ef6c713a2_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:94b445cbaef0111d98a0ee595988ef420423aa381b36e7127e76e385be12996a_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:123c0108bd7a190dd2accfd21786600f787147f040e57fb5f840861e2caa441d_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:6f81e9b903594b0a8bd5517900f7677e09c942953d257c87da11fb779e0f9dab_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:8c199930239623166973ea9cdb40ce2e2537d63e8c731afca3892caa84d2f16a_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:439fc3b91a4841c81355ecbb5c610c66139525df82bdb96a4ece4ffd20aca0a5_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7108fcc2c26b8e735231d9bad43febbc2ccc15723b15d3bf9ba643f950f75857_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7c4fa13ab624b17711df308a9434e529b49b259fe9c6bde4b4e9037ae45996d6_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62df44281133dd4191848bfb861ba70eeb113b2bc0ce28c71b82524860421bed_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:844cef84fb29ee2996c284c6d517a645d4b14862c17021bd1b0052515cd364df_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:fc974b15c869a26e0ae259a39ce0ed1f1954630557c31465561eeee67bfc2797_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:08c488f99ef1c837418842db1c8e52391a55f5f61a1de98edbbe3a201070168a_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:20a368484142ce585e3a49a402bab10b2045ba2d89711154ae80457c01881a4c_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f252a2c2eaa0a4807e39df8e5fe89a8b66e8ef62a9303a144b765c4857b17e51_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:17a5ed5cea7a0b355ea13e6a95218143c351e34cee1ba0188a14c28f9605e504_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1d00cc8be3101e0a0a901249545566689d1de5554f5101b8fcbb6fa1827d508b_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d001fb8afaf083ac3b02ab7571a709183931ef37baa75908556081480ee395dc_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1ad40dd05581bffe04db700b8b4fbfbe8112399f2bef70b69dd690458b6512ed_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:224bfa6af3a2a9b15657ee0adc0233608bb7a2218f9a488b537e3af4c53acacf_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f2cf132ddd130c3de1e3732f35fdade709c17e8a2775df5ab47cf7583db82fd6_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9ae99a357ee1f9e42942edc998b378960d1a4a6bd9630b802f86743965f36898_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bcc9fd4d95422283c8d6016e1f85cd4522f43c0504cadf6aec40b9c30f2d945d_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c9713eae9be9f99e9e7382ace5f520f96f641c50d8aed1c64a0f6a0ba9ed5395_ppc64le | — |
Workaround
|
Threats
Impact
Important
A flaw was found in golang.org/x/net/html. This flaw allows an attacker to craft input to the parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This issue can cause a denial of service.
7.5 (High)
Affected products
Fixed
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:394f4fd42c292ef68abf4a9104fe668026e394c3243ebf9b184d40a4b4b0132e_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:6478816c1b2bdeb40c77c267fff033dca5523375c64623bf56d493c4417a3c3f_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:8b92405457c5240a4d672409a7519d28463f2f0e104f441e3d0d0839549c6215_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:0e867de15e3038db7274dc1d84cd8ca5b1860b661c8b16ecd8f7aeefa76077a8_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:1aedb2f4b2aefa9586c8aecfff4647497f7a36fc6a547d6688645d87e90413f4_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:92f98ca560ce539495108e6212737ea6cf83215fe0a5aa7a12636ee9d5fca88f_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:2f74522967f06958e385468a31e14bb9ede90569dec8292d61e67c6640c1ebde_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:38b340062dea9adc1159a326d39a214541e259e9e16582ef98efcd8e6deb3dd6_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:609205741b369f72807fcec1fd3351d56e4605fdbbee37975fad8c01a5ea0339_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1ab2b5e9423a2edd5f663cdbf4c15dd6a5c13db13125161f4b4a9916d3c523e2_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1e37a386006e4a7b4414dcdbe6a42191b8f41e706e1df6dfe401cbdbe342f06a_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b0f32d062678d69350a3a1a18b643c8b97ebfdbd0bea1c0ee67312312d02fcba_amd64 | — |
Vendor Fix
fix
|
Known not affected
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:39367ad4f4807b804eb6a95d241d99c528995f75d3264b58820cf50fa6abceef_amd64 | — | ||
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:a5a1e18726ce755a8f2a36a58928714d61f4426643b7f08da086004982e993ef_ppc64le | — | ||
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cd132ae4b02647d5b0f0a910539c75efb3e0795590df00056542e969605ae296_s390x | — | ||
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:357fa537a29f82ca117b8ed4695456707bd9599c5057ed938a91114e94badf62_s390x | — | ||
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:62ddbd8b9e0b27be7a0541c7fe085b621834facff7d83d4a2e57b56ef6c713a2_amd64 | — | ||
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:94b445cbaef0111d98a0ee595988ef420423aa381b36e7127e76e385be12996a_ppc64le | — | ||
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:123c0108bd7a190dd2accfd21786600f787147f040e57fb5f840861e2caa441d_amd64 | — | ||
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:6f81e9b903594b0a8bd5517900f7677e09c942953d257c87da11fb779e0f9dab_ppc64le | — | ||
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:8c199930239623166973ea9cdb40ce2e2537d63e8c731afca3892caa84d2f16a_s390x | — | ||
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:439fc3b91a4841c81355ecbb5c610c66139525df82bdb96a4ece4ffd20aca0a5_ppc64le | — | ||
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7108fcc2c26b8e735231d9bad43febbc2ccc15723b15d3bf9ba643f950f75857_amd64 | — | ||
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7c4fa13ab624b17711df308a9434e529b49b259fe9c6bde4b4e9037ae45996d6_s390x | — | ||
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62df44281133dd4191848bfb861ba70eeb113b2bc0ce28c71b82524860421bed_s390x | — | ||
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:844cef84fb29ee2996c284c6d517a645d4b14862c17021bd1b0052515cd364df_amd64 | — | ||
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:fc974b15c869a26e0ae259a39ce0ed1f1954630557c31465561eeee67bfc2797_ppc64le | — | ||
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:08c488f99ef1c837418842db1c8e52391a55f5f61a1de98edbbe3a201070168a_ppc64le | — | ||
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:20a368484142ce585e3a49a402bab10b2045ba2d89711154ae80457c01881a4c_amd64 | — | ||
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f252a2c2eaa0a4807e39df8e5fe89a8b66e8ef62a9303a144b765c4857b17e51_s390x | — | ||
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:17a5ed5cea7a0b355ea13e6a95218143c351e34cee1ba0188a14c28f9605e504_ppc64le | — | ||
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1d00cc8be3101e0a0a901249545566689d1de5554f5101b8fcbb6fa1827d508b_amd64 | — | ||
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d001fb8afaf083ac3b02ab7571a709183931ef37baa75908556081480ee395dc_s390x | — | ||
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1ad40dd05581bffe04db700b8b4fbfbe8112399f2bef70b69dd690458b6512ed_ppc64le | — | ||
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:224bfa6af3a2a9b15657ee0adc0233608bb7a2218f9a488b537e3af4c53acacf_amd64 | — | ||
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f2cf132ddd130c3de1e3732f35fdade709c17e8a2775df5ab47cf7583db82fd6_s390x | — | ||
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9ae99a357ee1f9e42942edc998b378960d1a4a6bd9630b802f86743965f36898_s390x | — | ||
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bcc9fd4d95422283c8d6016e1f85cd4522f43c0504cadf6aec40b9c30f2d945d_amd64 | — | ||
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c9713eae9be9f99e9e7382ace5f520f96f641c50d8aed1c64a0f6a0ba9ed5395_ppc64le | — |
Threats
Impact
Important
An argument injection vulnerability was found in go-git. This flaw allows an attacker to set arbitrary values to git-upload-pack flags, leading to command or code execution, exposure of sensitive data, or other unintended behavior. This is only possible in configurations where the file transport protocol is being used.
8.1 (High)
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:0e867de15e3038db7274dc1d84cd8ca5b1860b661c8b16ecd8f7aeefa76077a8_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:1aedb2f4b2aefa9586c8aecfff4647497f7a36fc6a547d6688645d87e90413f4_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:92f98ca560ce539495108e6212737ea6cf83215fe0a5aa7a12636ee9d5fca88f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:2f74522967f06958e385468a31e14bb9ede90569dec8292d61e67c6640c1ebde_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:38b340062dea9adc1159a326d39a214541e259e9e16582ef98efcd8e6deb3dd6_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:609205741b369f72807fcec1fd3351d56e4605fdbbee37975fad8c01a5ea0339_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1ab2b5e9423a2edd5f663cdbf4c15dd6a5c13db13125161f4b4a9916d3c523e2_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1e37a386006e4a7b4414dcdbe6a42191b8f41e706e1df6dfe401cbdbe342f06a_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b0f32d062678d69350a3a1a18b643c8b97ebfdbd0bea1c0ee67312312d02fcba_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
30 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:394f4fd42c292ef68abf4a9104fe668026e394c3243ebf9b184d40a4b4b0132e_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:6478816c1b2bdeb40c77c267fff033dca5523375c64623bf56d493c4417a3c3f_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:8b92405457c5240a4d672409a7519d28463f2f0e104f441e3d0d0839549c6215_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:39367ad4f4807b804eb6a95d241d99c528995f75d3264b58820cf50fa6abceef_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:a5a1e18726ce755a8f2a36a58928714d61f4426643b7f08da086004982e993ef_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cd132ae4b02647d5b0f0a910539c75efb3e0795590df00056542e969605ae296_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:357fa537a29f82ca117b8ed4695456707bd9599c5057ed938a91114e94badf62_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:62ddbd8b9e0b27be7a0541c7fe085b621834facff7d83d4a2e57b56ef6c713a2_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:94b445cbaef0111d98a0ee595988ef420423aa381b36e7127e76e385be12996a_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:123c0108bd7a190dd2accfd21786600f787147f040e57fb5f840861e2caa441d_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:6f81e9b903594b0a8bd5517900f7677e09c942953d257c87da11fb779e0f9dab_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:8c199930239623166973ea9cdb40ce2e2537d63e8c731afca3892caa84d2f16a_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:439fc3b91a4841c81355ecbb5c610c66139525df82bdb96a4ece4ffd20aca0a5_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7108fcc2c26b8e735231d9bad43febbc2ccc15723b15d3bf9ba643f950f75857_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7c4fa13ab624b17711df308a9434e529b49b259fe9c6bde4b4e9037ae45996d6_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62df44281133dd4191848bfb861ba70eeb113b2bc0ce28c71b82524860421bed_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:844cef84fb29ee2996c284c6d517a645d4b14862c17021bd1b0052515cd364df_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:fc974b15c869a26e0ae259a39ce0ed1f1954630557c31465561eeee67bfc2797_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:08c488f99ef1c837418842db1c8e52391a55f5f61a1de98edbbe3a201070168a_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:20a368484142ce585e3a49a402bab10b2045ba2d89711154ae80457c01881a4c_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f252a2c2eaa0a4807e39df8e5fe89a8b66e8ef62a9303a144b765c4857b17e51_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:17a5ed5cea7a0b355ea13e6a95218143c351e34cee1ba0188a14c28f9605e504_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1d00cc8be3101e0a0a901249545566689d1de5554f5101b8fcbb6fa1827d508b_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d001fb8afaf083ac3b02ab7571a709183931ef37baa75908556081480ee395dc_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1ad40dd05581bffe04db700b8b4fbfbe8112399f2bef70b69dd690458b6512ed_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:224bfa6af3a2a9b15657ee0adc0233608bb7a2218f9a488b537e3af4c53acacf_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f2cf132ddd130c3de1e3732f35fdade709c17e8a2775df5ab47cf7583db82fd6_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9ae99a357ee1f9e42942edc998b378960d1a4a6bd9630b802f86743965f36898_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bcc9fd4d95422283c8d6016e1f85cd4522f43c0504cadf6aec40b9c30f2d945d_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c9713eae9be9f99e9e7382ace5f520f96f641c50d8aed1c64a0f6a0ba9ed5395_ppc64le | — |
Workaround
|
Threats
Impact
Important
A denial of service (DoS) vulnerability was found in go-git. This vulnerability allows an attacker to perform denial of service attacks by providing specially crafted responses from a Git server, which triggers resource exhaustion in go-git clients.
7.5 (High)
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:0e867de15e3038db7274dc1d84cd8ca5b1860b661c8b16ecd8f7aeefa76077a8_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:1aedb2f4b2aefa9586c8aecfff4647497f7a36fc6a547d6688645d87e90413f4_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:92f98ca560ce539495108e6212737ea6cf83215fe0a5aa7a12636ee9d5fca88f_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:2f74522967f06958e385468a31e14bb9ede90569dec8292d61e67c6640c1ebde_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:38b340062dea9adc1159a326d39a214541e259e9e16582ef98efcd8e6deb3dd6_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:609205741b369f72807fcec1fd3351d56e4605fdbbee37975fad8c01a5ea0339_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1ab2b5e9423a2edd5f663cdbf4c15dd6a5c13db13125161f4b4a9916d3c523e2_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1e37a386006e4a7b4414dcdbe6a42191b8f41e706e1df6dfe401cbdbe342f06a_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b0f32d062678d69350a3a1a18b643c8b97ebfdbd0bea1c0ee67312312d02fcba_amd64 | — |
Vendor Fix
fix
|
Known not affected
30 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:394f4fd42c292ef68abf4a9104fe668026e394c3243ebf9b184d40a4b4b0132e_amd64 | — | ||
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:6478816c1b2bdeb40c77c267fff033dca5523375c64623bf56d493c4417a3c3f_s390x | — | ||
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:8b92405457c5240a4d672409a7519d28463f2f0e104f441e3d0d0839549c6215_ppc64le | — | ||
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:39367ad4f4807b804eb6a95d241d99c528995f75d3264b58820cf50fa6abceef_amd64 | — | ||
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:a5a1e18726ce755a8f2a36a58928714d61f4426643b7f08da086004982e993ef_ppc64le | — | ||
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cd132ae4b02647d5b0f0a910539c75efb3e0795590df00056542e969605ae296_s390x | — | ||
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:357fa537a29f82ca117b8ed4695456707bd9599c5057ed938a91114e94badf62_s390x | — | ||
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:62ddbd8b9e0b27be7a0541c7fe085b621834facff7d83d4a2e57b56ef6c713a2_amd64 | — | ||
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:94b445cbaef0111d98a0ee595988ef420423aa381b36e7127e76e385be12996a_ppc64le | — | ||
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:123c0108bd7a190dd2accfd21786600f787147f040e57fb5f840861e2caa441d_amd64 | — | ||
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:6f81e9b903594b0a8bd5517900f7677e09c942953d257c87da11fb779e0f9dab_ppc64le | — | ||
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:8c199930239623166973ea9cdb40ce2e2537d63e8c731afca3892caa84d2f16a_s390x | — | ||
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:439fc3b91a4841c81355ecbb5c610c66139525df82bdb96a4ece4ffd20aca0a5_ppc64le | — | ||
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7108fcc2c26b8e735231d9bad43febbc2ccc15723b15d3bf9ba643f950f75857_amd64 | — | ||
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7c4fa13ab624b17711df308a9434e529b49b259fe9c6bde4b4e9037ae45996d6_s390x | — | ||
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62df44281133dd4191848bfb861ba70eeb113b2bc0ce28c71b82524860421bed_s390x | — | ||
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:844cef84fb29ee2996c284c6d517a645d4b14862c17021bd1b0052515cd364df_amd64 | — | ||
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:fc974b15c869a26e0ae259a39ce0ed1f1954630557c31465561eeee67bfc2797_ppc64le | — | ||
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:08c488f99ef1c837418842db1c8e52391a55f5f61a1de98edbbe3a201070168a_ppc64le | — | ||
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:20a368484142ce585e3a49a402bab10b2045ba2d89711154ae80457c01881a4c_amd64 | — | ||
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f252a2c2eaa0a4807e39df8e5fe89a8b66e8ef62a9303a144b765c4857b17e51_s390x | — | ||
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:17a5ed5cea7a0b355ea13e6a95218143c351e34cee1ba0188a14c28f9605e504_ppc64le | — | ||
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1d00cc8be3101e0a0a901249545566689d1de5554f5101b8fcbb6fa1827d508b_amd64 | — | ||
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d001fb8afaf083ac3b02ab7571a709183931ef37baa75908556081480ee395dc_s390x | — | ||
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1ad40dd05581bffe04db700b8b4fbfbe8112399f2bef70b69dd690458b6512ed_ppc64le | — | ||
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:224bfa6af3a2a9b15657ee0adc0233608bb7a2218f9a488b537e3af4c53acacf_amd64 | — | ||
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f2cf132ddd130c3de1e3732f35fdade709c17e8a2775df5ab47cf7583db82fd6_s390x | — | ||
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9ae99a357ee1f9e42942edc998b378960d1a4a6bd9630b802f86743965f36898_s390x | — | ||
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bcc9fd4d95422283c8d6016e1f85cd4522f43c0504cadf6aec40b9c30f2d945d_amd64 | — | ||
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c9713eae9be9f99e9e7382ace5f520f96f641c50d8aed1c64a0f6a0ba9ed5395_ppc64le | — |
Threats
Impact
Important
References
45 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated images are now available for Red Hat Advanced Cluster Security for Kubernetes (RHACS). The updated image includes security fixes.\n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "This release of RHACS 4.4.8 includes security fixes. If you are\nusing an earlier version of RHACS 4.4, you are advised to upgrade to this\npatch release 4.4.8.\n\nSecurity issues fixed:\n\n* npm-serialize-javascript: Cross-site Scripting (XSS) in serialize-javascript (CVE-2024-11831)\n\n* go-git: Argument injection via the URL field (CVE-2025-21613)\n\n* go-git: Go-git clients vulnerable to DoS via maliciously crafted Git server replies (CVE-2025-21614)\n\n* golang.org/x/crypto/ssh: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto (CVE-2024-45337)\n\n* golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html (CVE-2024-45338)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:1468",
"url": "https://access.redhat.com/errata/RHSA-2025:1468"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://docs.openshift.com/acs/4.4/release_notes/44-release-notes.html",
"url": "https://docs.openshift.com/acs/4.4/release_notes/44-release-notes.html"
},
{
"category": "external",
"summary": "2312579",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312579"
},
{
"category": "external",
"summary": "2331720",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331720"
},
{
"category": "external",
"summary": "2333122",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2333122"
},
{
"category": "external",
"summary": "2335888",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2335888"
},
{
"category": "external",
"summary": "2335901",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2335901"
},
{
"category": "external",
"summary": "ROX-27933",
"url": "https://issues.redhat.com/browse/ROX-27933"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_1468.json"
}
],
"title": "Red Hat Security Advisory: ACS 4.4 enhancement and security update",
"tracking": {
"current_release_date": "2026-05-29T18:40:29+00:00",
"generator": {
"date": "2026-05-29T18:40:29+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHSA-2025:1468",
"initial_release_date": "2025-02-13T18:14:31+00:00",
"revision_history": [
{
"date": "2025-02-13T18:14:31+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-02-13T18:14:31+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-29T18:40:29+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHACS 4.4 for RHEL 8",
"product": {
"name": "RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:advanced_cluster_security:4.4::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Advanced Cluster Security for Kubernetes"
},
{
"branches": [
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:394f4fd42c292ef68abf4a9104fe668026e394c3243ebf9b184d40a4b4b0132e_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:394f4fd42c292ef68abf4a9104fe668026e394c3243ebf9b184d40a4b4b0132e_amd64",
"product_id": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:394f4fd42c292ef68abf4a9104fe668026e394c3243ebf9b184d40a4b4b0132e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256:394f4fd42c292ef68abf4a9104fe668026e394c3243ebf9b184d40a4b4b0132e?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=4.4.8-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:39367ad4f4807b804eb6a95d241d99c528995f75d3264b58820cf50fa6abceef_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:39367ad4f4807b804eb6a95d241d99c528995f75d3264b58820cf50fa6abceef_amd64",
"product_id": "advanced-cluster-security/rhacs-collector-rhel8@sha256:39367ad4f4807b804eb6a95d241d99c528995f75d3264b58820cf50fa6abceef_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256:39367ad4f4807b804eb6a95d241d99c528995f75d3264b58820cf50fa6abceef?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=4.4.8-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:62ddbd8b9e0b27be7a0541c7fe085b621834facff7d83d4a2e57b56ef6c713a2_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:62ddbd8b9e0b27be7a0541c7fe085b621834facff7d83d4a2e57b56ef6c713a2_amd64",
"product_id": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:62ddbd8b9e0b27be7a0541c7fe085b621834facff7d83d4a2e57b56ef6c713a2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-slim-rhel8@sha256:62ddbd8b9e0b27be7a0541c7fe085b621834facff7d83d4a2e57b56ef6c713a2?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-slim-rhel8\u0026tag=4.4.8-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:0e867de15e3038db7274dc1d84cd8ca5b1860b661c8b16ecd8f7aeefa76077a8_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:0e867de15e3038db7274dc1d84cd8ca5b1860b661c8b16ecd8f7aeefa76077a8_amd64",
"product_id": "advanced-cluster-security/rhacs-main-rhel8@sha256:0e867de15e3038db7274dc1d84cd8ca5b1860b661c8b16ecd8f7aeefa76077a8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256:0e867de15e3038db7274dc1d84cd8ca5b1860b661c8b16ecd8f7aeefa76077a8?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=4.4.8-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:123c0108bd7a190dd2accfd21786600f787147f040e57fb5f840861e2caa441d_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:123c0108bd7a190dd2accfd21786600f787147f040e57fb5f840861e2caa441d_amd64",
"product_id": "advanced-cluster-security/rhacs-operator-bundle@sha256:123c0108bd7a190dd2accfd21786600f787147f040e57fb5f840861e2caa441d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-operator-bundle@sha256:123c0108bd7a190dd2accfd21786600f787147f040e57fb5f840861e2caa441d?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle\u0026tag=4.4.8-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:609205741b369f72807fcec1fd3351d56e4605fdbbee37975fad8c01a5ea0339_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:609205741b369f72807fcec1fd3351d56e4605fdbbee37975fad8c01a5ea0339_amd64",
"product_id": "advanced-cluster-security/rhacs-rhel8-operator@sha256:609205741b369f72807fcec1fd3351d56e4605fdbbee37975fad8c01a5ea0339_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256:609205741b369f72807fcec1fd3351d56e4605fdbbee37975fad8c01a5ea0339?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=4.4.8-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b0f32d062678d69350a3a1a18b643c8b97ebfdbd0bea1c0ee67312312d02fcba_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b0f32d062678d69350a3a1a18b643c8b97ebfdbd0bea1c0ee67312312d02fcba_amd64",
"product_id": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b0f32d062678d69350a3a1a18b643c8b97ebfdbd0bea1c0ee67312312d02fcba_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256:b0f32d062678d69350a3a1a18b643c8b97ebfdbd0bea1c0ee67312312d02fcba?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=4.4.8-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:20a368484142ce585e3a49a402bab10b2045ba2d89711154ae80457c01881a4c_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:20a368484142ce585e3a49a402bab10b2045ba2d89711154ae80457c01881a4c_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:20a368484142ce585e3a49a402bab10b2045ba2d89711154ae80457c01881a4c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256:20a368484142ce585e3a49a402bab10b2045ba2d89711154ae80457c01881a4c?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=4.4.8-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7108fcc2c26b8e735231d9bad43febbc2ccc15723b15d3bf9ba643f950f75857_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7108fcc2c26b8e735231d9bad43febbc2ccc15723b15d3bf9ba643f950f75857_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7108fcc2c26b8e735231d9bad43febbc2ccc15723b15d3bf9ba643f950f75857_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256:7108fcc2c26b8e735231d9bad43febbc2ccc15723b15d3bf9ba643f950f75857?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=4.4.8-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:844cef84fb29ee2996c284c6d517a645d4b14862c17021bd1b0052515cd364df_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:844cef84fb29ee2996c284c6d517a645d4b14862c17021bd1b0052515cd364df_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:844cef84fb29ee2996c284c6d517a645d4b14862c17021bd1b0052515cd364df_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256:844cef84fb29ee2996c284c6d517a645d4b14862c17021bd1b0052515cd364df?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=4.4.8-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1d00cc8be3101e0a0a901249545566689d1de5554f5101b8fcbb6fa1827d508b_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1d00cc8be3101e0a0a901249545566689d1de5554f5101b8fcbb6fa1827d508b_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1d00cc8be3101e0a0a901249545566689d1de5554f5101b8fcbb6fa1827d508b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256:1d00cc8be3101e0a0a901249545566689d1de5554f5101b8fcbb6fa1827d508b?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=4.4.8-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bcc9fd4d95422283c8d6016e1f85cd4522f43c0504cadf6aec40b9c30f2d945d_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bcc9fd4d95422283c8d6016e1f85cd4522f43c0504cadf6aec40b9c30f2d945d_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bcc9fd4d95422283c8d6016e1f85cd4522f43c0504cadf6aec40b9c30f2d945d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256:bcc9fd4d95422283c8d6016e1f85cd4522f43c0504cadf6aec40b9c30f2d945d?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8\u0026tag=4.4.8-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:224bfa6af3a2a9b15657ee0adc0233608bb7a2218f9a488b537e3af4c53acacf_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:224bfa6af3a2a9b15657ee0adc0233608bb7a2218f9a488b537e3af4c53acacf_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:224bfa6af3a2a9b15657ee0adc0233608bb7a2218f9a488b537e3af4c53acacf_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256:224bfa6af3a2a9b15657ee0adc0233608bb7a2218f9a488b537e3af4c53acacf?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8\u0026tag=4.4.8-2"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:8b92405457c5240a4d672409a7519d28463f2f0e104f441e3d0d0839549c6215_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:8b92405457c5240a4d672409a7519d28463f2f0e104f441e3d0d0839549c6215_ppc64le",
"product_id": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:8b92405457c5240a4d672409a7519d28463f2f0e104f441e3d0d0839549c6215_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256:8b92405457c5240a4d672409a7519d28463f2f0e104f441e3d0d0839549c6215?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=4.4.8-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:a5a1e18726ce755a8f2a36a58928714d61f4426643b7f08da086004982e993ef_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:a5a1e18726ce755a8f2a36a58928714d61f4426643b7f08da086004982e993ef_ppc64le",
"product_id": "advanced-cluster-security/rhacs-collector-rhel8@sha256:a5a1e18726ce755a8f2a36a58928714d61f4426643b7f08da086004982e993ef_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256:a5a1e18726ce755a8f2a36a58928714d61f4426643b7f08da086004982e993ef?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=4.4.8-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:94b445cbaef0111d98a0ee595988ef420423aa381b36e7127e76e385be12996a_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:94b445cbaef0111d98a0ee595988ef420423aa381b36e7127e76e385be12996a_ppc64le",
"product_id": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:94b445cbaef0111d98a0ee595988ef420423aa381b36e7127e76e385be12996a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-slim-rhel8@sha256:94b445cbaef0111d98a0ee595988ef420423aa381b36e7127e76e385be12996a?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-slim-rhel8\u0026tag=4.4.8-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:92f98ca560ce539495108e6212737ea6cf83215fe0a5aa7a12636ee9d5fca88f_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:92f98ca560ce539495108e6212737ea6cf83215fe0a5aa7a12636ee9d5fca88f_ppc64le",
"product_id": "advanced-cluster-security/rhacs-main-rhel8@sha256:92f98ca560ce539495108e6212737ea6cf83215fe0a5aa7a12636ee9d5fca88f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256:92f98ca560ce539495108e6212737ea6cf83215fe0a5aa7a12636ee9d5fca88f?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=4.4.8-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:6f81e9b903594b0a8bd5517900f7677e09c942953d257c87da11fb779e0f9dab_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:6f81e9b903594b0a8bd5517900f7677e09c942953d257c87da11fb779e0f9dab_ppc64le",
"product_id": "advanced-cluster-security/rhacs-operator-bundle@sha256:6f81e9b903594b0a8bd5517900f7677e09c942953d257c87da11fb779e0f9dab_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-operator-bundle@sha256:6f81e9b903594b0a8bd5517900f7677e09c942953d257c87da11fb779e0f9dab?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle\u0026tag=4.4.8-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:2f74522967f06958e385468a31e14bb9ede90569dec8292d61e67c6640c1ebde_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:2f74522967f06958e385468a31e14bb9ede90569dec8292d61e67c6640c1ebde_ppc64le",
"product_id": "advanced-cluster-security/rhacs-rhel8-operator@sha256:2f74522967f06958e385468a31e14bb9ede90569dec8292d61e67c6640c1ebde_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256:2f74522967f06958e385468a31e14bb9ede90569dec8292d61e67c6640c1ebde?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=4.4.8-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1e37a386006e4a7b4414dcdbe6a42191b8f41e706e1df6dfe401cbdbe342f06a_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1e37a386006e4a7b4414dcdbe6a42191b8f41e706e1df6dfe401cbdbe342f06a_ppc64le",
"product_id": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1e37a386006e4a7b4414dcdbe6a42191b8f41e706e1df6dfe401cbdbe342f06a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256:1e37a386006e4a7b4414dcdbe6a42191b8f41e706e1df6dfe401cbdbe342f06a?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=4.4.8-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:08c488f99ef1c837418842db1c8e52391a55f5f61a1de98edbbe3a201070168a_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:08c488f99ef1c837418842db1c8e52391a55f5f61a1de98edbbe3a201070168a_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:08c488f99ef1c837418842db1c8e52391a55f5f61a1de98edbbe3a201070168a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256:08c488f99ef1c837418842db1c8e52391a55f5f61a1de98edbbe3a201070168a?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=4.4.8-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:439fc3b91a4841c81355ecbb5c610c66139525df82bdb96a4ece4ffd20aca0a5_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:439fc3b91a4841c81355ecbb5c610c66139525df82bdb96a4ece4ffd20aca0a5_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:439fc3b91a4841c81355ecbb5c610c66139525df82bdb96a4ece4ffd20aca0a5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256:439fc3b91a4841c81355ecbb5c610c66139525df82bdb96a4ece4ffd20aca0a5?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=4.4.8-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:fc974b15c869a26e0ae259a39ce0ed1f1954630557c31465561eeee67bfc2797_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:fc974b15c869a26e0ae259a39ce0ed1f1954630557c31465561eeee67bfc2797_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:fc974b15c869a26e0ae259a39ce0ed1f1954630557c31465561eeee67bfc2797_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256:fc974b15c869a26e0ae259a39ce0ed1f1954630557c31465561eeee67bfc2797?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=4.4.8-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:17a5ed5cea7a0b355ea13e6a95218143c351e34cee1ba0188a14c28f9605e504_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:17a5ed5cea7a0b355ea13e6a95218143c351e34cee1ba0188a14c28f9605e504_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:17a5ed5cea7a0b355ea13e6a95218143c351e34cee1ba0188a14c28f9605e504_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256:17a5ed5cea7a0b355ea13e6a95218143c351e34cee1ba0188a14c28f9605e504?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=4.4.8-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c9713eae9be9f99e9e7382ace5f520f96f641c50d8aed1c64a0f6a0ba9ed5395_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c9713eae9be9f99e9e7382ace5f520f96f641c50d8aed1c64a0f6a0ba9ed5395_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c9713eae9be9f99e9e7382ace5f520f96f641c50d8aed1c64a0f6a0ba9ed5395_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256:c9713eae9be9f99e9e7382ace5f520f96f641c50d8aed1c64a0f6a0ba9ed5395?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8\u0026tag=4.4.8-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1ad40dd05581bffe04db700b8b4fbfbe8112399f2bef70b69dd690458b6512ed_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1ad40dd05581bffe04db700b8b4fbfbe8112399f2bef70b69dd690458b6512ed_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1ad40dd05581bffe04db700b8b4fbfbe8112399f2bef70b69dd690458b6512ed_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256:1ad40dd05581bffe04db700b8b4fbfbe8112399f2bef70b69dd690458b6512ed?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8\u0026tag=4.4.8-2"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:6478816c1b2bdeb40c77c267fff033dca5523375c64623bf56d493c4417a3c3f_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:6478816c1b2bdeb40c77c267fff033dca5523375c64623bf56d493c4417a3c3f_s390x",
"product_id": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:6478816c1b2bdeb40c77c267fff033dca5523375c64623bf56d493c4417a3c3f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256:6478816c1b2bdeb40c77c267fff033dca5523375c64623bf56d493c4417a3c3f?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=4.4.8-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:cd132ae4b02647d5b0f0a910539c75efb3e0795590df00056542e969605ae296_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:cd132ae4b02647d5b0f0a910539c75efb3e0795590df00056542e969605ae296_s390x",
"product_id": "advanced-cluster-security/rhacs-collector-rhel8@sha256:cd132ae4b02647d5b0f0a910539c75efb3e0795590df00056542e969605ae296_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256:cd132ae4b02647d5b0f0a910539c75efb3e0795590df00056542e969605ae296?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=4.4.8-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:357fa537a29f82ca117b8ed4695456707bd9599c5057ed938a91114e94badf62_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:357fa537a29f82ca117b8ed4695456707bd9599c5057ed938a91114e94badf62_s390x",
"product_id": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:357fa537a29f82ca117b8ed4695456707bd9599c5057ed938a91114e94badf62_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-slim-rhel8@sha256:357fa537a29f82ca117b8ed4695456707bd9599c5057ed938a91114e94badf62?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-slim-rhel8\u0026tag=4.4.8-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:1aedb2f4b2aefa9586c8aecfff4647497f7a36fc6a547d6688645d87e90413f4_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:1aedb2f4b2aefa9586c8aecfff4647497f7a36fc6a547d6688645d87e90413f4_s390x",
"product_id": "advanced-cluster-security/rhacs-main-rhel8@sha256:1aedb2f4b2aefa9586c8aecfff4647497f7a36fc6a547d6688645d87e90413f4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256:1aedb2f4b2aefa9586c8aecfff4647497f7a36fc6a547d6688645d87e90413f4?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=4.4.8-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:8c199930239623166973ea9cdb40ce2e2537d63e8c731afca3892caa84d2f16a_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:8c199930239623166973ea9cdb40ce2e2537d63e8c731afca3892caa84d2f16a_s390x",
"product_id": "advanced-cluster-security/rhacs-operator-bundle@sha256:8c199930239623166973ea9cdb40ce2e2537d63e8c731afca3892caa84d2f16a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-operator-bundle@sha256:8c199930239623166973ea9cdb40ce2e2537d63e8c731afca3892caa84d2f16a?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle\u0026tag=4.4.8-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:38b340062dea9adc1159a326d39a214541e259e9e16582ef98efcd8e6deb3dd6_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:38b340062dea9adc1159a326d39a214541e259e9e16582ef98efcd8e6deb3dd6_s390x",
"product_id": "advanced-cluster-security/rhacs-rhel8-operator@sha256:38b340062dea9adc1159a326d39a214541e259e9e16582ef98efcd8e6deb3dd6_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256:38b340062dea9adc1159a326d39a214541e259e9e16582ef98efcd8e6deb3dd6?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=4.4.8-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1ab2b5e9423a2edd5f663cdbf4c15dd6a5c13db13125161f4b4a9916d3c523e2_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1ab2b5e9423a2edd5f663cdbf4c15dd6a5c13db13125161f4b4a9916d3c523e2_s390x",
"product_id": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1ab2b5e9423a2edd5f663cdbf4c15dd6a5c13db13125161f4b4a9916d3c523e2_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256:1ab2b5e9423a2edd5f663cdbf4c15dd6a5c13db13125161f4b4a9916d3c523e2?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=4.4.8-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:f252a2c2eaa0a4807e39df8e5fe89a8b66e8ef62a9303a144b765c4857b17e51_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:f252a2c2eaa0a4807e39df8e5fe89a8b66e8ef62a9303a144b765c4857b17e51_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:f252a2c2eaa0a4807e39df8e5fe89a8b66e8ef62a9303a144b765c4857b17e51_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256:f252a2c2eaa0a4807e39df8e5fe89a8b66e8ef62a9303a144b765c4857b17e51?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=4.4.8-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7c4fa13ab624b17711df308a9434e529b49b259fe9c6bde4b4e9037ae45996d6_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7c4fa13ab624b17711df308a9434e529b49b259fe9c6bde4b4e9037ae45996d6_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7c4fa13ab624b17711df308a9434e529b49b259fe9c6bde4b4e9037ae45996d6_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256:7c4fa13ab624b17711df308a9434e529b49b259fe9c6bde4b4e9037ae45996d6?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=4.4.8-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62df44281133dd4191848bfb861ba70eeb113b2bc0ce28c71b82524860421bed_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62df44281133dd4191848bfb861ba70eeb113b2bc0ce28c71b82524860421bed_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62df44281133dd4191848bfb861ba70eeb113b2bc0ce28c71b82524860421bed_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256:62df44281133dd4191848bfb861ba70eeb113b2bc0ce28c71b82524860421bed?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=4.4.8-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d001fb8afaf083ac3b02ab7571a709183931ef37baa75908556081480ee395dc_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d001fb8afaf083ac3b02ab7571a709183931ef37baa75908556081480ee395dc_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d001fb8afaf083ac3b02ab7571a709183931ef37baa75908556081480ee395dc_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256:d001fb8afaf083ac3b02ab7571a709183931ef37baa75908556081480ee395dc?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=4.4.8-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9ae99a357ee1f9e42942edc998b378960d1a4a6bd9630b802f86743965f36898_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9ae99a357ee1f9e42942edc998b378960d1a4a6bd9630b802f86743965f36898_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9ae99a357ee1f9e42942edc998b378960d1a4a6bd9630b802f86743965f36898_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256:9ae99a357ee1f9e42942edc998b378960d1a4a6bd9630b802f86743965f36898?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8\u0026tag=4.4.8-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f2cf132ddd130c3de1e3732f35fdade709c17e8a2775df5ab47cf7583db82fd6_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f2cf132ddd130c3de1e3732f35fdade709c17e8a2775df5ab47cf7583db82fd6_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f2cf132ddd130c3de1e3732f35fdade709c17e8a2775df5ab47cf7583db82fd6_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256:f2cf132ddd130c3de1e3732f35fdade709c17e8a2775df5ab47cf7583db82fd6?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8\u0026tag=4.4.8-2"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:394f4fd42c292ef68abf4a9104fe668026e394c3243ebf9b184d40a4b4b0132e_amd64 as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:394f4fd42c292ef68abf4a9104fe668026e394c3243ebf9b184d40a4b4b0132e_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:394f4fd42c292ef68abf4a9104fe668026e394c3243ebf9b184d40a4b4b0132e_amd64",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:6478816c1b2bdeb40c77c267fff033dca5523375c64623bf56d493c4417a3c3f_s390x as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:6478816c1b2bdeb40c77c267fff033dca5523375c64623bf56d493c4417a3c3f_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:6478816c1b2bdeb40c77c267fff033dca5523375c64623bf56d493c4417a3c3f_s390x",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:8b92405457c5240a4d672409a7519d28463f2f0e104f441e3d0d0839549c6215_ppc64le as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:8b92405457c5240a4d672409a7519d28463f2f0e104f441e3d0d0839549c6215_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:8b92405457c5240a4d672409a7519d28463f2f0e104f441e3d0d0839549c6215_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:39367ad4f4807b804eb6a95d241d99c528995f75d3264b58820cf50fa6abceef_amd64 as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:39367ad4f4807b804eb6a95d241d99c528995f75d3264b58820cf50fa6abceef_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-collector-rhel8@sha256:39367ad4f4807b804eb6a95d241d99c528995f75d3264b58820cf50fa6abceef_amd64",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:a5a1e18726ce755a8f2a36a58928714d61f4426643b7f08da086004982e993ef_ppc64le as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:a5a1e18726ce755a8f2a36a58928714d61f4426643b7f08da086004982e993ef_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-collector-rhel8@sha256:a5a1e18726ce755a8f2a36a58928714d61f4426643b7f08da086004982e993ef_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:cd132ae4b02647d5b0f0a910539c75efb3e0795590df00056542e969605ae296_s390x as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cd132ae4b02647d5b0f0a910539c75efb3e0795590df00056542e969605ae296_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-collector-rhel8@sha256:cd132ae4b02647d5b0f0a910539c75efb3e0795590df00056542e969605ae296_s390x",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:357fa537a29f82ca117b8ed4695456707bd9599c5057ed938a91114e94badf62_s390x as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:357fa537a29f82ca117b8ed4695456707bd9599c5057ed938a91114e94badf62_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:357fa537a29f82ca117b8ed4695456707bd9599c5057ed938a91114e94badf62_s390x",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:62ddbd8b9e0b27be7a0541c7fe085b621834facff7d83d4a2e57b56ef6c713a2_amd64 as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:62ddbd8b9e0b27be7a0541c7fe085b621834facff7d83d4a2e57b56ef6c713a2_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:62ddbd8b9e0b27be7a0541c7fe085b621834facff7d83d4a2e57b56ef6c713a2_amd64",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:94b445cbaef0111d98a0ee595988ef420423aa381b36e7127e76e385be12996a_ppc64le as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:94b445cbaef0111d98a0ee595988ef420423aa381b36e7127e76e385be12996a_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:94b445cbaef0111d98a0ee595988ef420423aa381b36e7127e76e385be12996a_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:0e867de15e3038db7274dc1d84cd8ca5b1860b661c8b16ecd8f7aeefa76077a8_amd64 as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:0e867de15e3038db7274dc1d84cd8ca5b1860b661c8b16ecd8f7aeefa76077a8_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-main-rhel8@sha256:0e867de15e3038db7274dc1d84cd8ca5b1860b661c8b16ecd8f7aeefa76077a8_amd64",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:1aedb2f4b2aefa9586c8aecfff4647497f7a36fc6a547d6688645d87e90413f4_s390x as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:1aedb2f4b2aefa9586c8aecfff4647497f7a36fc6a547d6688645d87e90413f4_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-main-rhel8@sha256:1aedb2f4b2aefa9586c8aecfff4647497f7a36fc6a547d6688645d87e90413f4_s390x",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:92f98ca560ce539495108e6212737ea6cf83215fe0a5aa7a12636ee9d5fca88f_ppc64le as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:92f98ca560ce539495108e6212737ea6cf83215fe0a5aa7a12636ee9d5fca88f_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-main-rhel8@sha256:92f98ca560ce539495108e6212737ea6cf83215fe0a5aa7a12636ee9d5fca88f_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:123c0108bd7a190dd2accfd21786600f787147f040e57fb5f840861e2caa441d_amd64 as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:123c0108bd7a190dd2accfd21786600f787147f040e57fb5f840861e2caa441d_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-operator-bundle@sha256:123c0108bd7a190dd2accfd21786600f787147f040e57fb5f840861e2caa441d_amd64",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:6f81e9b903594b0a8bd5517900f7677e09c942953d257c87da11fb779e0f9dab_ppc64le as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:6f81e9b903594b0a8bd5517900f7677e09c942953d257c87da11fb779e0f9dab_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-operator-bundle@sha256:6f81e9b903594b0a8bd5517900f7677e09c942953d257c87da11fb779e0f9dab_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:8c199930239623166973ea9cdb40ce2e2537d63e8c731afca3892caa84d2f16a_s390x as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:8c199930239623166973ea9cdb40ce2e2537d63e8c731afca3892caa84d2f16a_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-operator-bundle@sha256:8c199930239623166973ea9cdb40ce2e2537d63e8c731afca3892caa84d2f16a_s390x",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:2f74522967f06958e385468a31e14bb9ede90569dec8292d61e67c6640c1ebde_ppc64le as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:2f74522967f06958e385468a31e14bb9ede90569dec8292d61e67c6640c1ebde_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-rhel8-operator@sha256:2f74522967f06958e385468a31e14bb9ede90569dec8292d61e67c6640c1ebde_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:38b340062dea9adc1159a326d39a214541e259e9e16582ef98efcd8e6deb3dd6_s390x as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:38b340062dea9adc1159a326d39a214541e259e9e16582ef98efcd8e6deb3dd6_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-rhel8-operator@sha256:38b340062dea9adc1159a326d39a214541e259e9e16582ef98efcd8e6deb3dd6_s390x",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:609205741b369f72807fcec1fd3351d56e4605fdbbee37975fad8c01a5ea0339_amd64 as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:609205741b369f72807fcec1fd3351d56e4605fdbbee37975fad8c01a5ea0339_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-rhel8-operator@sha256:609205741b369f72807fcec1fd3351d56e4605fdbbee37975fad8c01a5ea0339_amd64",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1ab2b5e9423a2edd5f663cdbf4c15dd6a5c13db13125161f4b4a9916d3c523e2_s390x as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1ab2b5e9423a2edd5f663cdbf4c15dd6a5c13db13125161f4b4a9916d3c523e2_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1ab2b5e9423a2edd5f663cdbf4c15dd6a5c13db13125161f4b4a9916d3c523e2_s390x",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1e37a386006e4a7b4414dcdbe6a42191b8f41e706e1df6dfe401cbdbe342f06a_ppc64le as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1e37a386006e4a7b4414dcdbe6a42191b8f41e706e1df6dfe401cbdbe342f06a_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1e37a386006e4a7b4414dcdbe6a42191b8f41e706e1df6dfe401cbdbe342f06a_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b0f32d062678d69350a3a1a18b643c8b97ebfdbd0bea1c0ee67312312d02fcba_amd64 as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b0f32d062678d69350a3a1a18b643c8b97ebfdbd0bea1c0ee67312312d02fcba_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b0f32d062678d69350a3a1a18b643c8b97ebfdbd0bea1c0ee67312312d02fcba_amd64",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:439fc3b91a4841c81355ecbb5c610c66139525df82bdb96a4ece4ffd20aca0a5_ppc64le as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:439fc3b91a4841c81355ecbb5c610c66139525df82bdb96a4ece4ffd20aca0a5_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:439fc3b91a4841c81355ecbb5c610c66139525df82bdb96a4ece4ffd20aca0a5_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7108fcc2c26b8e735231d9bad43febbc2ccc15723b15d3bf9ba643f950f75857_amd64 as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7108fcc2c26b8e735231d9bad43febbc2ccc15723b15d3bf9ba643f950f75857_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7108fcc2c26b8e735231d9bad43febbc2ccc15723b15d3bf9ba643f950f75857_amd64",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7c4fa13ab624b17711df308a9434e529b49b259fe9c6bde4b4e9037ae45996d6_s390x as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7c4fa13ab624b17711df308a9434e529b49b259fe9c6bde4b4e9037ae45996d6_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7c4fa13ab624b17711df308a9434e529b49b259fe9c6bde4b4e9037ae45996d6_s390x",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62df44281133dd4191848bfb861ba70eeb113b2bc0ce28c71b82524860421bed_s390x as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62df44281133dd4191848bfb861ba70eeb113b2bc0ce28c71b82524860421bed_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62df44281133dd4191848bfb861ba70eeb113b2bc0ce28c71b82524860421bed_s390x",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:844cef84fb29ee2996c284c6d517a645d4b14862c17021bd1b0052515cd364df_amd64 as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:844cef84fb29ee2996c284c6d517a645d4b14862c17021bd1b0052515cd364df_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:844cef84fb29ee2996c284c6d517a645d4b14862c17021bd1b0052515cd364df_amd64",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:fc974b15c869a26e0ae259a39ce0ed1f1954630557c31465561eeee67bfc2797_ppc64le as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:fc974b15c869a26e0ae259a39ce0ed1f1954630557c31465561eeee67bfc2797_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:fc974b15c869a26e0ae259a39ce0ed1f1954630557c31465561eeee67bfc2797_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:08c488f99ef1c837418842db1c8e52391a55f5f61a1de98edbbe3a201070168a_ppc64le as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:08c488f99ef1c837418842db1c8e52391a55f5f61a1de98edbbe3a201070168a_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:08c488f99ef1c837418842db1c8e52391a55f5f61a1de98edbbe3a201070168a_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:20a368484142ce585e3a49a402bab10b2045ba2d89711154ae80457c01881a4c_amd64 as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:20a368484142ce585e3a49a402bab10b2045ba2d89711154ae80457c01881a4c_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:20a368484142ce585e3a49a402bab10b2045ba2d89711154ae80457c01881a4c_amd64",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:f252a2c2eaa0a4807e39df8e5fe89a8b66e8ef62a9303a144b765c4857b17e51_s390x as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f252a2c2eaa0a4807e39df8e5fe89a8b66e8ef62a9303a144b765c4857b17e51_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:f252a2c2eaa0a4807e39df8e5fe89a8b66e8ef62a9303a144b765c4857b17e51_s390x",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:17a5ed5cea7a0b355ea13e6a95218143c351e34cee1ba0188a14c28f9605e504_ppc64le as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:17a5ed5cea7a0b355ea13e6a95218143c351e34cee1ba0188a14c28f9605e504_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:17a5ed5cea7a0b355ea13e6a95218143c351e34cee1ba0188a14c28f9605e504_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1d00cc8be3101e0a0a901249545566689d1de5554f5101b8fcbb6fa1827d508b_amd64 as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1d00cc8be3101e0a0a901249545566689d1de5554f5101b8fcbb6fa1827d508b_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1d00cc8be3101e0a0a901249545566689d1de5554f5101b8fcbb6fa1827d508b_amd64",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d001fb8afaf083ac3b02ab7571a709183931ef37baa75908556081480ee395dc_s390x as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d001fb8afaf083ac3b02ab7571a709183931ef37baa75908556081480ee395dc_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d001fb8afaf083ac3b02ab7571a709183931ef37baa75908556081480ee395dc_s390x",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1ad40dd05581bffe04db700b8b4fbfbe8112399f2bef70b69dd690458b6512ed_ppc64le as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1ad40dd05581bffe04db700b8b4fbfbe8112399f2bef70b69dd690458b6512ed_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1ad40dd05581bffe04db700b8b4fbfbe8112399f2bef70b69dd690458b6512ed_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:224bfa6af3a2a9b15657ee0adc0233608bb7a2218f9a488b537e3af4c53acacf_amd64 as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:224bfa6af3a2a9b15657ee0adc0233608bb7a2218f9a488b537e3af4c53acacf_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:224bfa6af3a2a9b15657ee0adc0233608bb7a2218f9a488b537e3af4c53acacf_amd64",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f2cf132ddd130c3de1e3732f35fdade709c17e8a2775df5ab47cf7583db82fd6_s390x as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f2cf132ddd130c3de1e3732f35fdade709c17e8a2775df5ab47cf7583db82fd6_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f2cf132ddd130c3de1e3732f35fdade709c17e8a2775df5ab47cf7583db82fd6_s390x",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9ae99a357ee1f9e42942edc998b378960d1a4a6bd9630b802f86743965f36898_s390x as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9ae99a357ee1f9e42942edc998b378960d1a4a6bd9630b802f86743965f36898_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9ae99a357ee1f9e42942edc998b378960d1a4a6bd9630b802f86743965f36898_s390x",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bcc9fd4d95422283c8d6016e1f85cd4522f43c0504cadf6aec40b9c30f2d945d_amd64 as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bcc9fd4d95422283c8d6016e1f85cd4522f43c0504cadf6aec40b9c30f2d945d_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bcc9fd4d95422283c8d6016e1f85cd4522f43c0504cadf6aec40b9c30f2d945d_amd64",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c9713eae9be9f99e9e7382ace5f520f96f641c50d8aed1c64a0f6a0ba9ed5395_ppc64le as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c9713eae9be9f99e9e7382ace5f520f96f641c50d8aed1c64a0f6a0ba9ed5395_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c9713eae9be9f99e9e7382ace5f520f96f641c50d8aed1c64a0f6a0ba9ed5395_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-11831",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-09-16T16:43:32.021000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:394f4fd42c292ef68abf4a9104fe668026e394c3243ebf9b184d40a4b4b0132e_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:6478816c1b2bdeb40c77c267fff033dca5523375c64623bf56d493c4417a3c3f_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:8b92405457c5240a4d672409a7519d28463f2f0e104f441e3d0d0839549c6215_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:39367ad4f4807b804eb6a95d241d99c528995f75d3264b58820cf50fa6abceef_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:a5a1e18726ce755a8f2a36a58928714d61f4426643b7f08da086004982e993ef_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cd132ae4b02647d5b0f0a910539c75efb3e0795590df00056542e969605ae296_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:357fa537a29f82ca117b8ed4695456707bd9599c5057ed938a91114e94badf62_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:62ddbd8b9e0b27be7a0541c7fe085b621834facff7d83d4a2e57b56ef6c713a2_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:94b445cbaef0111d98a0ee595988ef420423aa381b36e7127e76e385be12996a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:123c0108bd7a190dd2accfd21786600f787147f040e57fb5f840861e2caa441d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:6f81e9b903594b0a8bd5517900f7677e09c942953d257c87da11fb779e0f9dab_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:8c199930239623166973ea9cdb40ce2e2537d63e8c731afca3892caa84d2f16a_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:2f74522967f06958e385468a31e14bb9ede90569dec8292d61e67c6640c1ebde_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:38b340062dea9adc1159a326d39a214541e259e9e16582ef98efcd8e6deb3dd6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:609205741b369f72807fcec1fd3351d56e4605fdbbee37975fad8c01a5ea0339_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1ab2b5e9423a2edd5f663cdbf4c15dd6a5c13db13125161f4b4a9916d3c523e2_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1e37a386006e4a7b4414dcdbe6a42191b8f41e706e1df6dfe401cbdbe342f06a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b0f32d062678d69350a3a1a18b643c8b97ebfdbd0bea1c0ee67312312d02fcba_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:439fc3b91a4841c81355ecbb5c610c66139525df82bdb96a4ece4ffd20aca0a5_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7108fcc2c26b8e735231d9bad43febbc2ccc15723b15d3bf9ba643f950f75857_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7c4fa13ab624b17711df308a9434e529b49b259fe9c6bde4b4e9037ae45996d6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62df44281133dd4191848bfb861ba70eeb113b2bc0ce28c71b82524860421bed_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:844cef84fb29ee2996c284c6d517a645d4b14862c17021bd1b0052515cd364df_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:fc974b15c869a26e0ae259a39ce0ed1f1954630557c31465561eeee67bfc2797_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:08c488f99ef1c837418842db1c8e52391a55f5f61a1de98edbbe3a201070168a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:20a368484142ce585e3a49a402bab10b2045ba2d89711154ae80457c01881a4c_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f252a2c2eaa0a4807e39df8e5fe89a8b66e8ef62a9303a144b765c4857b17e51_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:17a5ed5cea7a0b355ea13e6a95218143c351e34cee1ba0188a14c28f9605e504_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1d00cc8be3101e0a0a901249545566689d1de5554f5101b8fcbb6fa1827d508b_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d001fb8afaf083ac3b02ab7571a709183931ef37baa75908556081480ee395dc_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1ad40dd05581bffe04db700b8b4fbfbe8112399f2bef70b69dd690458b6512ed_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:224bfa6af3a2a9b15657ee0adc0233608bb7a2218f9a488b537e3af4c53acacf_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f2cf132ddd130c3de1e3732f35fdade709c17e8a2775df5ab47cf7583db82fd6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9ae99a357ee1f9e42942edc998b378960d1a4a6bd9630b802f86743965f36898_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bcc9fd4d95422283c8d6016e1f85cd4522f43c0504cadf6aec40b9c30f2d945d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c9713eae9be9f99e9e7382ace5f520f96f641c50d8aed1c64a0f6a0ba9ed5395_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2312579"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in npm-serialize-javascript. The vulnerability occurs because the serialize-javascript module does not properly sanitize certain inputs, such as regex or other JavaScript object types, allowing an attacker to inject malicious code. This code could be executed when deserialized by a web browser, causing Cross-site scripting (XSS) attacks. This issue is critical in environments where serialized data is sent to web clients, potentially compromising the security of the website or web application using this package.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "npm-serialize-javascript: Cross-site Scripting (XSS) in serialize-javascript",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:0e867de15e3038db7274dc1d84cd8ca5b1860b661c8b16ecd8f7aeefa76077a8_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:1aedb2f4b2aefa9586c8aecfff4647497f7a36fc6a547d6688645d87e90413f4_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:92f98ca560ce539495108e6212737ea6cf83215fe0a5aa7a12636ee9d5fca88f_ppc64le"
],
"known_not_affected": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:394f4fd42c292ef68abf4a9104fe668026e394c3243ebf9b184d40a4b4b0132e_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:6478816c1b2bdeb40c77c267fff033dca5523375c64623bf56d493c4417a3c3f_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:8b92405457c5240a4d672409a7519d28463f2f0e104f441e3d0d0839549c6215_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:39367ad4f4807b804eb6a95d241d99c528995f75d3264b58820cf50fa6abceef_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:a5a1e18726ce755a8f2a36a58928714d61f4426643b7f08da086004982e993ef_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cd132ae4b02647d5b0f0a910539c75efb3e0795590df00056542e969605ae296_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:357fa537a29f82ca117b8ed4695456707bd9599c5057ed938a91114e94badf62_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:62ddbd8b9e0b27be7a0541c7fe085b621834facff7d83d4a2e57b56ef6c713a2_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:94b445cbaef0111d98a0ee595988ef420423aa381b36e7127e76e385be12996a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:123c0108bd7a190dd2accfd21786600f787147f040e57fb5f840861e2caa441d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:6f81e9b903594b0a8bd5517900f7677e09c942953d257c87da11fb779e0f9dab_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:8c199930239623166973ea9cdb40ce2e2537d63e8c731afca3892caa84d2f16a_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:2f74522967f06958e385468a31e14bb9ede90569dec8292d61e67c6640c1ebde_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:38b340062dea9adc1159a326d39a214541e259e9e16582ef98efcd8e6deb3dd6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:609205741b369f72807fcec1fd3351d56e4605fdbbee37975fad8c01a5ea0339_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1ab2b5e9423a2edd5f663cdbf4c15dd6a5c13db13125161f4b4a9916d3c523e2_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1e37a386006e4a7b4414dcdbe6a42191b8f41e706e1df6dfe401cbdbe342f06a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b0f32d062678d69350a3a1a18b643c8b97ebfdbd0bea1c0ee67312312d02fcba_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:439fc3b91a4841c81355ecbb5c610c66139525df82bdb96a4ece4ffd20aca0a5_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7108fcc2c26b8e735231d9bad43febbc2ccc15723b15d3bf9ba643f950f75857_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7c4fa13ab624b17711df308a9434e529b49b259fe9c6bde4b4e9037ae45996d6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62df44281133dd4191848bfb861ba70eeb113b2bc0ce28c71b82524860421bed_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:844cef84fb29ee2996c284c6d517a645d4b14862c17021bd1b0052515cd364df_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:fc974b15c869a26e0ae259a39ce0ed1f1954630557c31465561eeee67bfc2797_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:08c488f99ef1c837418842db1c8e52391a55f5f61a1de98edbbe3a201070168a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:20a368484142ce585e3a49a402bab10b2045ba2d89711154ae80457c01881a4c_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f252a2c2eaa0a4807e39df8e5fe89a8b66e8ef62a9303a144b765c4857b17e51_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:17a5ed5cea7a0b355ea13e6a95218143c351e34cee1ba0188a14c28f9605e504_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1d00cc8be3101e0a0a901249545566689d1de5554f5101b8fcbb6fa1827d508b_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d001fb8afaf083ac3b02ab7571a709183931ef37baa75908556081480ee395dc_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1ad40dd05581bffe04db700b8b4fbfbe8112399f2bef70b69dd690458b6512ed_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:224bfa6af3a2a9b15657ee0adc0233608bb7a2218f9a488b537e3af4c53acacf_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f2cf132ddd130c3de1e3732f35fdade709c17e8a2775df5ab47cf7583db82fd6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9ae99a357ee1f9e42942edc998b378960d1a4a6bd9630b802f86743965f36898_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bcc9fd4d95422283c8d6016e1f85cd4522f43c0504cadf6aec40b9c30f2d945d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c9713eae9be9f99e9e7382ace5f520f96f641c50d8aed1c64a0f6a0ba9ed5395_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-11831"
},
{
"category": "external",
"summary": "RHBZ#2312579",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312579"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-11831",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11831"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-11831",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-11831"
},
{
"category": "external",
"summary": "https://github.com/yahoo/serialize-javascript/commit/f27d65d3de42affe2aac14607066c293891cec4e",
"url": "https://github.com/yahoo/serialize-javascript/commit/f27d65d3de42affe2aac14607066c293891cec4e"
},
{
"category": "external",
"summary": "https://github.com/yahoo/serialize-javascript/pull/173",
"url": "https://github.com/yahoo/serialize-javascript/pull/173"
}
],
"release_date": "2024-09-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-02-13T18:14:31+00:00",
"details": "If you are using an earlier version of RHACS 4.4, you are advised to upgrade to this patch release 4.4.8.",
"product_ids": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:0e867de15e3038db7274dc1d84cd8ca5b1860b661c8b16ecd8f7aeefa76077a8_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:1aedb2f4b2aefa9586c8aecfff4647497f7a36fc6a547d6688645d87e90413f4_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:92f98ca560ce539495108e6212737ea6cf83215fe0a5aa7a12636ee9d5fca88f_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:1468"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:394f4fd42c292ef68abf4a9104fe668026e394c3243ebf9b184d40a4b4b0132e_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:6478816c1b2bdeb40c77c267fff033dca5523375c64623bf56d493c4417a3c3f_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:8b92405457c5240a4d672409a7519d28463f2f0e104f441e3d0d0839549c6215_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:39367ad4f4807b804eb6a95d241d99c528995f75d3264b58820cf50fa6abceef_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:a5a1e18726ce755a8f2a36a58928714d61f4426643b7f08da086004982e993ef_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cd132ae4b02647d5b0f0a910539c75efb3e0795590df00056542e969605ae296_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:357fa537a29f82ca117b8ed4695456707bd9599c5057ed938a91114e94badf62_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:62ddbd8b9e0b27be7a0541c7fe085b621834facff7d83d4a2e57b56ef6c713a2_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:94b445cbaef0111d98a0ee595988ef420423aa381b36e7127e76e385be12996a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:0e867de15e3038db7274dc1d84cd8ca5b1860b661c8b16ecd8f7aeefa76077a8_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:1aedb2f4b2aefa9586c8aecfff4647497f7a36fc6a547d6688645d87e90413f4_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:92f98ca560ce539495108e6212737ea6cf83215fe0a5aa7a12636ee9d5fca88f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:123c0108bd7a190dd2accfd21786600f787147f040e57fb5f840861e2caa441d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:6f81e9b903594b0a8bd5517900f7677e09c942953d257c87da11fb779e0f9dab_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:8c199930239623166973ea9cdb40ce2e2537d63e8c731afca3892caa84d2f16a_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:2f74522967f06958e385468a31e14bb9ede90569dec8292d61e67c6640c1ebde_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:38b340062dea9adc1159a326d39a214541e259e9e16582ef98efcd8e6deb3dd6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:609205741b369f72807fcec1fd3351d56e4605fdbbee37975fad8c01a5ea0339_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1ab2b5e9423a2edd5f663cdbf4c15dd6a5c13db13125161f4b4a9916d3c523e2_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1e37a386006e4a7b4414dcdbe6a42191b8f41e706e1df6dfe401cbdbe342f06a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b0f32d062678d69350a3a1a18b643c8b97ebfdbd0bea1c0ee67312312d02fcba_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:439fc3b91a4841c81355ecbb5c610c66139525df82bdb96a4ece4ffd20aca0a5_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7108fcc2c26b8e735231d9bad43febbc2ccc15723b15d3bf9ba643f950f75857_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7c4fa13ab624b17711df308a9434e529b49b259fe9c6bde4b4e9037ae45996d6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62df44281133dd4191848bfb861ba70eeb113b2bc0ce28c71b82524860421bed_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:844cef84fb29ee2996c284c6d517a645d4b14862c17021bd1b0052515cd364df_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:fc974b15c869a26e0ae259a39ce0ed1f1954630557c31465561eeee67bfc2797_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:08c488f99ef1c837418842db1c8e52391a55f5f61a1de98edbbe3a201070168a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:20a368484142ce585e3a49a402bab10b2045ba2d89711154ae80457c01881a4c_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f252a2c2eaa0a4807e39df8e5fe89a8b66e8ef62a9303a144b765c4857b17e51_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:17a5ed5cea7a0b355ea13e6a95218143c351e34cee1ba0188a14c28f9605e504_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1d00cc8be3101e0a0a901249545566689d1de5554f5101b8fcbb6fa1827d508b_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d001fb8afaf083ac3b02ab7571a709183931ef37baa75908556081480ee395dc_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1ad40dd05581bffe04db700b8b4fbfbe8112399f2bef70b69dd690458b6512ed_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:224bfa6af3a2a9b15657ee0adc0233608bb7a2218f9a488b537e3af4c53acacf_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f2cf132ddd130c3de1e3732f35fdade709c17e8a2775df5ab47cf7583db82fd6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9ae99a357ee1f9e42942edc998b378960d1a4a6bd9630b802f86743965f36898_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bcc9fd4d95422283c8d6016e1f85cd4522f43c0504cadf6aec40b9c30f2d945d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c9713eae9be9f99e9e7382ace5f520f96f641c50d8aed1c64a0f6a0ba9ed5395_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:394f4fd42c292ef68abf4a9104fe668026e394c3243ebf9b184d40a4b4b0132e_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:6478816c1b2bdeb40c77c267fff033dca5523375c64623bf56d493c4417a3c3f_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:8b92405457c5240a4d672409a7519d28463f2f0e104f441e3d0d0839549c6215_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:39367ad4f4807b804eb6a95d241d99c528995f75d3264b58820cf50fa6abceef_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:a5a1e18726ce755a8f2a36a58928714d61f4426643b7f08da086004982e993ef_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cd132ae4b02647d5b0f0a910539c75efb3e0795590df00056542e969605ae296_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:357fa537a29f82ca117b8ed4695456707bd9599c5057ed938a91114e94badf62_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:62ddbd8b9e0b27be7a0541c7fe085b621834facff7d83d4a2e57b56ef6c713a2_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:94b445cbaef0111d98a0ee595988ef420423aa381b36e7127e76e385be12996a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:0e867de15e3038db7274dc1d84cd8ca5b1860b661c8b16ecd8f7aeefa76077a8_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:1aedb2f4b2aefa9586c8aecfff4647497f7a36fc6a547d6688645d87e90413f4_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:92f98ca560ce539495108e6212737ea6cf83215fe0a5aa7a12636ee9d5fca88f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:123c0108bd7a190dd2accfd21786600f787147f040e57fb5f840861e2caa441d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:6f81e9b903594b0a8bd5517900f7677e09c942953d257c87da11fb779e0f9dab_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:8c199930239623166973ea9cdb40ce2e2537d63e8c731afca3892caa84d2f16a_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:2f74522967f06958e385468a31e14bb9ede90569dec8292d61e67c6640c1ebde_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:38b340062dea9adc1159a326d39a214541e259e9e16582ef98efcd8e6deb3dd6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:609205741b369f72807fcec1fd3351d56e4605fdbbee37975fad8c01a5ea0339_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1ab2b5e9423a2edd5f663cdbf4c15dd6a5c13db13125161f4b4a9916d3c523e2_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1e37a386006e4a7b4414dcdbe6a42191b8f41e706e1df6dfe401cbdbe342f06a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b0f32d062678d69350a3a1a18b643c8b97ebfdbd0bea1c0ee67312312d02fcba_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:439fc3b91a4841c81355ecbb5c610c66139525df82bdb96a4ece4ffd20aca0a5_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7108fcc2c26b8e735231d9bad43febbc2ccc15723b15d3bf9ba643f950f75857_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7c4fa13ab624b17711df308a9434e529b49b259fe9c6bde4b4e9037ae45996d6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62df44281133dd4191848bfb861ba70eeb113b2bc0ce28c71b82524860421bed_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:844cef84fb29ee2996c284c6d517a645d4b14862c17021bd1b0052515cd364df_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:fc974b15c869a26e0ae259a39ce0ed1f1954630557c31465561eeee67bfc2797_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:08c488f99ef1c837418842db1c8e52391a55f5f61a1de98edbbe3a201070168a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:20a368484142ce585e3a49a402bab10b2045ba2d89711154ae80457c01881a4c_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f252a2c2eaa0a4807e39df8e5fe89a8b66e8ef62a9303a144b765c4857b17e51_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:17a5ed5cea7a0b355ea13e6a95218143c351e34cee1ba0188a14c28f9605e504_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1d00cc8be3101e0a0a901249545566689d1de5554f5101b8fcbb6fa1827d508b_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d001fb8afaf083ac3b02ab7571a709183931ef37baa75908556081480ee395dc_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1ad40dd05581bffe04db700b8b4fbfbe8112399f2bef70b69dd690458b6512ed_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:224bfa6af3a2a9b15657ee0adc0233608bb7a2218f9a488b537e3af4c53acacf_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f2cf132ddd130c3de1e3732f35fdade709c17e8a2775df5ab47cf7583db82fd6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9ae99a357ee1f9e42942edc998b378960d1a4a6bd9630b802f86743965f36898_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bcc9fd4d95422283c8d6016e1f85cd4522f43c0504cadf6aec40b9c30f2d945d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c9713eae9be9f99e9e7382ace5f520f96f641c50d8aed1c64a0f6a0ba9ed5395_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "npm-serialize-javascript: Cross-site Scripting (XSS) in serialize-javascript"
},
{
"cve": "CVE-2024-45337",
"cwe": {
"id": "CWE-285",
"name": "Improper Authorization"
},
"discovery_date": "2024-12-11T19:00:54.247490+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:39367ad4f4807b804eb6a95d241d99c528995f75d3264b58820cf50fa6abceef_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:a5a1e18726ce755a8f2a36a58928714d61f4426643b7f08da086004982e993ef_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cd132ae4b02647d5b0f0a910539c75efb3e0795590df00056542e969605ae296_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:357fa537a29f82ca117b8ed4695456707bd9599c5057ed938a91114e94badf62_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:62ddbd8b9e0b27be7a0541c7fe085b621834facff7d83d4a2e57b56ef6c713a2_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:94b445cbaef0111d98a0ee595988ef420423aa381b36e7127e76e385be12996a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:123c0108bd7a190dd2accfd21786600f787147f040e57fb5f840861e2caa441d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:6f81e9b903594b0a8bd5517900f7677e09c942953d257c87da11fb779e0f9dab_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:8c199930239623166973ea9cdb40ce2e2537d63e8c731afca3892caa84d2f16a_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:439fc3b91a4841c81355ecbb5c610c66139525df82bdb96a4ece4ffd20aca0a5_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7108fcc2c26b8e735231d9bad43febbc2ccc15723b15d3bf9ba643f950f75857_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7c4fa13ab624b17711df308a9434e529b49b259fe9c6bde4b4e9037ae45996d6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62df44281133dd4191848bfb861ba70eeb113b2bc0ce28c71b82524860421bed_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:844cef84fb29ee2996c284c6d517a645d4b14862c17021bd1b0052515cd364df_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:fc974b15c869a26e0ae259a39ce0ed1f1954630557c31465561eeee67bfc2797_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:08c488f99ef1c837418842db1c8e52391a55f5f61a1de98edbbe3a201070168a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:20a368484142ce585e3a49a402bab10b2045ba2d89711154ae80457c01881a4c_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f252a2c2eaa0a4807e39df8e5fe89a8b66e8ef62a9303a144b765c4857b17e51_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:17a5ed5cea7a0b355ea13e6a95218143c351e34cee1ba0188a14c28f9605e504_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1d00cc8be3101e0a0a901249545566689d1de5554f5101b8fcbb6fa1827d508b_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d001fb8afaf083ac3b02ab7571a709183931ef37baa75908556081480ee395dc_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1ad40dd05581bffe04db700b8b4fbfbe8112399f2bef70b69dd690458b6512ed_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:224bfa6af3a2a9b15657ee0adc0233608bb7a2218f9a488b537e3af4c53acacf_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f2cf132ddd130c3de1e3732f35fdade709c17e8a2775df5ab47cf7583db82fd6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9ae99a357ee1f9e42942edc998b378960d1a4a6bd9630b802f86743965f36898_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bcc9fd4d95422283c8d6016e1f85cd4522f43c0504cadf6aec40b9c30f2d945d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c9713eae9be9f99e9e7382ace5f520f96f641c50d8aed1c64a0f6a0ba9ed5395_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2331720"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the x/crypto/ssh go library. Applications and libraries that misuse the ServerConfig.PublicKeyCallback callback may be susceptible to an authorization bypass. For example, an attacker may send public keys A and B and authenticate with A. PublicKeyCallback would be called only twice, first with A and then with B. A vulnerable application may then make authorization decisions based on key B, for which the attacker does not control the private key. The misuse of ServerConfig.PublicKeyCallback may cause an authorization bypass.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is classified as important rather than critical because it does not directly enable unauthorized access but rather introduces a risk of authorization bypass if the application or library misuses the PublicKeyCallback API. The vulnerability relies on incorrect assumptions made by the application when handling the sequence or state of keys provided during SSH authentication. Properly implemented systems that use the Permissions field or avoid relying on external state remain unaffected. Additionally, the vulnerability does not allow direct exploitation to gain control over a system without the presence of insecure logic in the application\u0027s handling of authentication attempts.\n\n\nRed Hat Enterprise Linux(RHEL) 8 \u0026 9 and Red Hat Openshift marked as not affected as it was determined that the problem function `ServerConfig.PublicKeyCallback`, as noted in the CVE-2024-45337 issue, is not called by Podman, Buildah, containers-common, or the gvisor-tap-vsock projects.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:394f4fd42c292ef68abf4a9104fe668026e394c3243ebf9b184d40a4b4b0132e_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:6478816c1b2bdeb40c77c267fff033dca5523375c64623bf56d493c4417a3c3f_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:8b92405457c5240a4d672409a7519d28463f2f0e104f441e3d0d0839549c6215_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:0e867de15e3038db7274dc1d84cd8ca5b1860b661c8b16ecd8f7aeefa76077a8_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:1aedb2f4b2aefa9586c8aecfff4647497f7a36fc6a547d6688645d87e90413f4_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:92f98ca560ce539495108e6212737ea6cf83215fe0a5aa7a12636ee9d5fca88f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:2f74522967f06958e385468a31e14bb9ede90569dec8292d61e67c6640c1ebde_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:38b340062dea9adc1159a326d39a214541e259e9e16582ef98efcd8e6deb3dd6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:609205741b369f72807fcec1fd3351d56e4605fdbbee37975fad8c01a5ea0339_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1ab2b5e9423a2edd5f663cdbf4c15dd6a5c13db13125161f4b4a9916d3c523e2_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1e37a386006e4a7b4414dcdbe6a42191b8f41e706e1df6dfe401cbdbe342f06a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b0f32d062678d69350a3a1a18b643c8b97ebfdbd0bea1c0ee67312312d02fcba_amd64"
],
"known_not_affected": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:39367ad4f4807b804eb6a95d241d99c528995f75d3264b58820cf50fa6abceef_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:a5a1e18726ce755a8f2a36a58928714d61f4426643b7f08da086004982e993ef_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cd132ae4b02647d5b0f0a910539c75efb3e0795590df00056542e969605ae296_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:357fa537a29f82ca117b8ed4695456707bd9599c5057ed938a91114e94badf62_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:62ddbd8b9e0b27be7a0541c7fe085b621834facff7d83d4a2e57b56ef6c713a2_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:94b445cbaef0111d98a0ee595988ef420423aa381b36e7127e76e385be12996a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:123c0108bd7a190dd2accfd21786600f787147f040e57fb5f840861e2caa441d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:6f81e9b903594b0a8bd5517900f7677e09c942953d257c87da11fb779e0f9dab_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:8c199930239623166973ea9cdb40ce2e2537d63e8c731afca3892caa84d2f16a_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:439fc3b91a4841c81355ecbb5c610c66139525df82bdb96a4ece4ffd20aca0a5_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7108fcc2c26b8e735231d9bad43febbc2ccc15723b15d3bf9ba643f950f75857_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7c4fa13ab624b17711df308a9434e529b49b259fe9c6bde4b4e9037ae45996d6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62df44281133dd4191848bfb861ba70eeb113b2bc0ce28c71b82524860421bed_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:844cef84fb29ee2996c284c6d517a645d4b14862c17021bd1b0052515cd364df_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:fc974b15c869a26e0ae259a39ce0ed1f1954630557c31465561eeee67bfc2797_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:08c488f99ef1c837418842db1c8e52391a55f5f61a1de98edbbe3a201070168a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:20a368484142ce585e3a49a402bab10b2045ba2d89711154ae80457c01881a4c_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f252a2c2eaa0a4807e39df8e5fe89a8b66e8ef62a9303a144b765c4857b17e51_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:17a5ed5cea7a0b355ea13e6a95218143c351e34cee1ba0188a14c28f9605e504_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1d00cc8be3101e0a0a901249545566689d1de5554f5101b8fcbb6fa1827d508b_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d001fb8afaf083ac3b02ab7571a709183931ef37baa75908556081480ee395dc_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1ad40dd05581bffe04db700b8b4fbfbe8112399f2bef70b69dd690458b6512ed_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:224bfa6af3a2a9b15657ee0adc0233608bb7a2218f9a488b537e3af4c53acacf_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f2cf132ddd130c3de1e3732f35fdade709c17e8a2775df5ab47cf7583db82fd6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9ae99a357ee1f9e42942edc998b378960d1a4a6bd9630b802f86743965f36898_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bcc9fd4d95422283c8d6016e1f85cd4522f43c0504cadf6aec40b9c30f2d945d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c9713eae9be9f99e9e7382ace5f520f96f641c50d8aed1c64a0f6a0ba9ed5395_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45337"
},
{
"category": "external",
"summary": "RHBZ#2331720",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331720"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45337"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45337",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45337"
},
{
"category": "external",
"summary": "https://github.com/golang/crypto/commit/b4f1988a35dee11ec3e05d6bf3e90b695fbd8909",
"url": "https://github.com/golang/crypto/commit/b4f1988a35dee11ec3e05d6bf3e90b695fbd8909"
},
{
"category": "external",
"summary": "https://go.dev/cl/635315",
"url": "https://go.dev/cl/635315"
},
{
"category": "external",
"summary": "https://go.dev/issue/70779",
"url": "https://go.dev/issue/70779"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/-nPEi39gI4Q/m/cGVPJCqdAQAJ",
"url": "https://groups.google.com/g/golang-announce/c/-nPEi39gI4Q/m/cGVPJCqdAQAJ"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3321",
"url": "https://pkg.go.dev/vuln/GO-2024-3321"
}
],
"release_date": "2024-12-11T18:55:58.506000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-02-13T18:14:31+00:00",
"details": "If you are using an earlier version of RHACS 4.4, you are advised to upgrade to this patch release 4.4.8.",
"product_ids": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:394f4fd42c292ef68abf4a9104fe668026e394c3243ebf9b184d40a4b4b0132e_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:6478816c1b2bdeb40c77c267fff033dca5523375c64623bf56d493c4417a3c3f_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:8b92405457c5240a4d672409a7519d28463f2f0e104f441e3d0d0839549c6215_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:0e867de15e3038db7274dc1d84cd8ca5b1860b661c8b16ecd8f7aeefa76077a8_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:1aedb2f4b2aefa9586c8aecfff4647497f7a36fc6a547d6688645d87e90413f4_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:92f98ca560ce539495108e6212737ea6cf83215fe0a5aa7a12636ee9d5fca88f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:2f74522967f06958e385468a31e14bb9ede90569dec8292d61e67c6640c1ebde_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:38b340062dea9adc1159a326d39a214541e259e9e16582ef98efcd8e6deb3dd6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:609205741b369f72807fcec1fd3351d56e4605fdbbee37975fad8c01a5ea0339_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1ab2b5e9423a2edd5f663cdbf4c15dd6a5c13db13125161f4b4a9916d3c523e2_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1e37a386006e4a7b4414dcdbe6a42191b8f41e706e1df6dfe401cbdbe342f06a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b0f32d062678d69350a3a1a18b643c8b97ebfdbd0bea1c0ee67312312d02fcba_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:1468"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:394f4fd42c292ef68abf4a9104fe668026e394c3243ebf9b184d40a4b4b0132e_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:6478816c1b2bdeb40c77c267fff033dca5523375c64623bf56d493c4417a3c3f_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:8b92405457c5240a4d672409a7519d28463f2f0e104f441e3d0d0839549c6215_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:39367ad4f4807b804eb6a95d241d99c528995f75d3264b58820cf50fa6abceef_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:a5a1e18726ce755a8f2a36a58928714d61f4426643b7f08da086004982e993ef_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cd132ae4b02647d5b0f0a910539c75efb3e0795590df00056542e969605ae296_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:357fa537a29f82ca117b8ed4695456707bd9599c5057ed938a91114e94badf62_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:62ddbd8b9e0b27be7a0541c7fe085b621834facff7d83d4a2e57b56ef6c713a2_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:94b445cbaef0111d98a0ee595988ef420423aa381b36e7127e76e385be12996a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:0e867de15e3038db7274dc1d84cd8ca5b1860b661c8b16ecd8f7aeefa76077a8_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:1aedb2f4b2aefa9586c8aecfff4647497f7a36fc6a547d6688645d87e90413f4_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:92f98ca560ce539495108e6212737ea6cf83215fe0a5aa7a12636ee9d5fca88f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:123c0108bd7a190dd2accfd21786600f787147f040e57fb5f840861e2caa441d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:6f81e9b903594b0a8bd5517900f7677e09c942953d257c87da11fb779e0f9dab_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:8c199930239623166973ea9cdb40ce2e2537d63e8c731afca3892caa84d2f16a_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:2f74522967f06958e385468a31e14bb9ede90569dec8292d61e67c6640c1ebde_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:38b340062dea9adc1159a326d39a214541e259e9e16582ef98efcd8e6deb3dd6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:609205741b369f72807fcec1fd3351d56e4605fdbbee37975fad8c01a5ea0339_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1ab2b5e9423a2edd5f663cdbf4c15dd6a5c13db13125161f4b4a9916d3c523e2_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1e37a386006e4a7b4414dcdbe6a42191b8f41e706e1df6dfe401cbdbe342f06a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b0f32d062678d69350a3a1a18b643c8b97ebfdbd0bea1c0ee67312312d02fcba_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:439fc3b91a4841c81355ecbb5c610c66139525df82bdb96a4ece4ffd20aca0a5_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7108fcc2c26b8e735231d9bad43febbc2ccc15723b15d3bf9ba643f950f75857_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7c4fa13ab624b17711df308a9434e529b49b259fe9c6bde4b4e9037ae45996d6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62df44281133dd4191848bfb861ba70eeb113b2bc0ce28c71b82524860421bed_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:844cef84fb29ee2996c284c6d517a645d4b14862c17021bd1b0052515cd364df_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:fc974b15c869a26e0ae259a39ce0ed1f1954630557c31465561eeee67bfc2797_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:08c488f99ef1c837418842db1c8e52391a55f5f61a1de98edbbe3a201070168a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:20a368484142ce585e3a49a402bab10b2045ba2d89711154ae80457c01881a4c_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f252a2c2eaa0a4807e39df8e5fe89a8b66e8ef62a9303a144b765c4857b17e51_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:17a5ed5cea7a0b355ea13e6a95218143c351e34cee1ba0188a14c28f9605e504_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1d00cc8be3101e0a0a901249545566689d1de5554f5101b8fcbb6fa1827d508b_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d001fb8afaf083ac3b02ab7571a709183931ef37baa75908556081480ee395dc_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1ad40dd05581bffe04db700b8b4fbfbe8112399f2bef70b69dd690458b6512ed_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:224bfa6af3a2a9b15657ee0adc0233608bb7a2218f9a488b537e3af4c53acacf_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f2cf132ddd130c3de1e3732f35fdade709c17e8a2775df5ab47cf7583db82fd6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9ae99a357ee1f9e42942edc998b378960d1a4a6bd9630b802f86743965f36898_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bcc9fd4d95422283c8d6016e1f85cd4522f43c0504cadf6aec40b9c30f2d945d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c9713eae9be9f99e9e7382ace5f520f96f641c50d8aed1c64a0f6a0ba9ed5395_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:394f4fd42c292ef68abf4a9104fe668026e394c3243ebf9b184d40a4b4b0132e_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:6478816c1b2bdeb40c77c267fff033dca5523375c64623bf56d493c4417a3c3f_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:8b92405457c5240a4d672409a7519d28463f2f0e104f441e3d0d0839549c6215_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:39367ad4f4807b804eb6a95d241d99c528995f75d3264b58820cf50fa6abceef_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:a5a1e18726ce755a8f2a36a58928714d61f4426643b7f08da086004982e993ef_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cd132ae4b02647d5b0f0a910539c75efb3e0795590df00056542e969605ae296_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:357fa537a29f82ca117b8ed4695456707bd9599c5057ed938a91114e94badf62_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:62ddbd8b9e0b27be7a0541c7fe085b621834facff7d83d4a2e57b56ef6c713a2_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:94b445cbaef0111d98a0ee595988ef420423aa381b36e7127e76e385be12996a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:0e867de15e3038db7274dc1d84cd8ca5b1860b661c8b16ecd8f7aeefa76077a8_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:1aedb2f4b2aefa9586c8aecfff4647497f7a36fc6a547d6688645d87e90413f4_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:92f98ca560ce539495108e6212737ea6cf83215fe0a5aa7a12636ee9d5fca88f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:123c0108bd7a190dd2accfd21786600f787147f040e57fb5f840861e2caa441d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:6f81e9b903594b0a8bd5517900f7677e09c942953d257c87da11fb779e0f9dab_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:8c199930239623166973ea9cdb40ce2e2537d63e8c731afca3892caa84d2f16a_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:2f74522967f06958e385468a31e14bb9ede90569dec8292d61e67c6640c1ebde_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:38b340062dea9adc1159a326d39a214541e259e9e16582ef98efcd8e6deb3dd6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:609205741b369f72807fcec1fd3351d56e4605fdbbee37975fad8c01a5ea0339_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1ab2b5e9423a2edd5f663cdbf4c15dd6a5c13db13125161f4b4a9916d3c523e2_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1e37a386006e4a7b4414dcdbe6a42191b8f41e706e1df6dfe401cbdbe342f06a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b0f32d062678d69350a3a1a18b643c8b97ebfdbd0bea1c0ee67312312d02fcba_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:439fc3b91a4841c81355ecbb5c610c66139525df82bdb96a4ece4ffd20aca0a5_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7108fcc2c26b8e735231d9bad43febbc2ccc15723b15d3bf9ba643f950f75857_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7c4fa13ab624b17711df308a9434e529b49b259fe9c6bde4b4e9037ae45996d6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62df44281133dd4191848bfb861ba70eeb113b2bc0ce28c71b82524860421bed_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:844cef84fb29ee2996c284c6d517a645d4b14862c17021bd1b0052515cd364df_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:fc974b15c869a26e0ae259a39ce0ed1f1954630557c31465561eeee67bfc2797_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:08c488f99ef1c837418842db1c8e52391a55f5f61a1de98edbbe3a201070168a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:20a368484142ce585e3a49a402bab10b2045ba2d89711154ae80457c01881a4c_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f252a2c2eaa0a4807e39df8e5fe89a8b66e8ef62a9303a144b765c4857b17e51_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:17a5ed5cea7a0b355ea13e6a95218143c351e34cee1ba0188a14c28f9605e504_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1d00cc8be3101e0a0a901249545566689d1de5554f5101b8fcbb6fa1827d508b_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d001fb8afaf083ac3b02ab7571a709183931ef37baa75908556081480ee395dc_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1ad40dd05581bffe04db700b8b4fbfbe8112399f2bef70b69dd690458b6512ed_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:224bfa6af3a2a9b15657ee0adc0233608bb7a2218f9a488b537e3af4c53acacf_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f2cf132ddd130c3de1e3732f35fdade709c17e8a2775df5ab47cf7583db82fd6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9ae99a357ee1f9e42942edc998b378960d1a4a6bd9630b802f86743965f36898_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bcc9fd4d95422283c8d6016e1f85cd4522f43c0504cadf6aec40b9c30f2d945d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c9713eae9be9f99e9e7382ace5f520f96f641c50d8aed1c64a0f6a0ba9ed5395_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto"
},
{
"cve": "CVE-2024-45338",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2024-12-18T21:00:59.938173+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:39367ad4f4807b804eb6a95d241d99c528995f75d3264b58820cf50fa6abceef_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:a5a1e18726ce755a8f2a36a58928714d61f4426643b7f08da086004982e993ef_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cd132ae4b02647d5b0f0a910539c75efb3e0795590df00056542e969605ae296_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:357fa537a29f82ca117b8ed4695456707bd9599c5057ed938a91114e94badf62_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:62ddbd8b9e0b27be7a0541c7fe085b621834facff7d83d4a2e57b56ef6c713a2_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:94b445cbaef0111d98a0ee595988ef420423aa381b36e7127e76e385be12996a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:123c0108bd7a190dd2accfd21786600f787147f040e57fb5f840861e2caa441d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:6f81e9b903594b0a8bd5517900f7677e09c942953d257c87da11fb779e0f9dab_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:8c199930239623166973ea9cdb40ce2e2537d63e8c731afca3892caa84d2f16a_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:439fc3b91a4841c81355ecbb5c610c66139525df82bdb96a4ece4ffd20aca0a5_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7108fcc2c26b8e735231d9bad43febbc2ccc15723b15d3bf9ba643f950f75857_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7c4fa13ab624b17711df308a9434e529b49b259fe9c6bde4b4e9037ae45996d6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62df44281133dd4191848bfb861ba70eeb113b2bc0ce28c71b82524860421bed_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:844cef84fb29ee2996c284c6d517a645d4b14862c17021bd1b0052515cd364df_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:fc974b15c869a26e0ae259a39ce0ed1f1954630557c31465561eeee67bfc2797_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:08c488f99ef1c837418842db1c8e52391a55f5f61a1de98edbbe3a201070168a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:20a368484142ce585e3a49a402bab10b2045ba2d89711154ae80457c01881a4c_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f252a2c2eaa0a4807e39df8e5fe89a8b66e8ef62a9303a144b765c4857b17e51_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:17a5ed5cea7a0b355ea13e6a95218143c351e34cee1ba0188a14c28f9605e504_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1d00cc8be3101e0a0a901249545566689d1de5554f5101b8fcbb6fa1827d508b_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d001fb8afaf083ac3b02ab7571a709183931ef37baa75908556081480ee395dc_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1ad40dd05581bffe04db700b8b4fbfbe8112399f2bef70b69dd690458b6512ed_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:224bfa6af3a2a9b15657ee0adc0233608bb7a2218f9a488b537e3af4c53acacf_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f2cf132ddd130c3de1e3732f35fdade709c17e8a2775df5ab47cf7583db82fd6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9ae99a357ee1f9e42942edc998b378960d1a4a6bd9630b802f86743965f36898_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bcc9fd4d95422283c8d6016e1f85cd4522f43c0504cadf6aec40b9c30f2d945d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c9713eae9be9f99e9e7382ace5f520f96f641c50d8aed1c64a0f6a0ba9ed5395_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2333122"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/net/html. This flaw allows an attacker to craft input to the parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This issue can cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as an Important severity because an attacker can craft malicious input that causes the parsing functions to process data non-linearly, resulting in significant delays which leads to a denial of service by exhausting system resources.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:394f4fd42c292ef68abf4a9104fe668026e394c3243ebf9b184d40a4b4b0132e_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:6478816c1b2bdeb40c77c267fff033dca5523375c64623bf56d493c4417a3c3f_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:8b92405457c5240a4d672409a7519d28463f2f0e104f441e3d0d0839549c6215_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:0e867de15e3038db7274dc1d84cd8ca5b1860b661c8b16ecd8f7aeefa76077a8_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:1aedb2f4b2aefa9586c8aecfff4647497f7a36fc6a547d6688645d87e90413f4_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:92f98ca560ce539495108e6212737ea6cf83215fe0a5aa7a12636ee9d5fca88f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:2f74522967f06958e385468a31e14bb9ede90569dec8292d61e67c6640c1ebde_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:38b340062dea9adc1159a326d39a214541e259e9e16582ef98efcd8e6deb3dd6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:609205741b369f72807fcec1fd3351d56e4605fdbbee37975fad8c01a5ea0339_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1ab2b5e9423a2edd5f663cdbf4c15dd6a5c13db13125161f4b4a9916d3c523e2_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1e37a386006e4a7b4414dcdbe6a42191b8f41e706e1df6dfe401cbdbe342f06a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b0f32d062678d69350a3a1a18b643c8b97ebfdbd0bea1c0ee67312312d02fcba_amd64"
],
"known_not_affected": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:39367ad4f4807b804eb6a95d241d99c528995f75d3264b58820cf50fa6abceef_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:a5a1e18726ce755a8f2a36a58928714d61f4426643b7f08da086004982e993ef_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cd132ae4b02647d5b0f0a910539c75efb3e0795590df00056542e969605ae296_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:357fa537a29f82ca117b8ed4695456707bd9599c5057ed938a91114e94badf62_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:62ddbd8b9e0b27be7a0541c7fe085b621834facff7d83d4a2e57b56ef6c713a2_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:94b445cbaef0111d98a0ee595988ef420423aa381b36e7127e76e385be12996a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:123c0108bd7a190dd2accfd21786600f787147f040e57fb5f840861e2caa441d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:6f81e9b903594b0a8bd5517900f7677e09c942953d257c87da11fb779e0f9dab_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:8c199930239623166973ea9cdb40ce2e2537d63e8c731afca3892caa84d2f16a_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:439fc3b91a4841c81355ecbb5c610c66139525df82bdb96a4ece4ffd20aca0a5_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7108fcc2c26b8e735231d9bad43febbc2ccc15723b15d3bf9ba643f950f75857_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7c4fa13ab624b17711df308a9434e529b49b259fe9c6bde4b4e9037ae45996d6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62df44281133dd4191848bfb861ba70eeb113b2bc0ce28c71b82524860421bed_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:844cef84fb29ee2996c284c6d517a645d4b14862c17021bd1b0052515cd364df_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:fc974b15c869a26e0ae259a39ce0ed1f1954630557c31465561eeee67bfc2797_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:08c488f99ef1c837418842db1c8e52391a55f5f61a1de98edbbe3a201070168a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:20a368484142ce585e3a49a402bab10b2045ba2d89711154ae80457c01881a4c_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f252a2c2eaa0a4807e39df8e5fe89a8b66e8ef62a9303a144b765c4857b17e51_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:17a5ed5cea7a0b355ea13e6a95218143c351e34cee1ba0188a14c28f9605e504_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1d00cc8be3101e0a0a901249545566689d1de5554f5101b8fcbb6fa1827d508b_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d001fb8afaf083ac3b02ab7571a709183931ef37baa75908556081480ee395dc_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1ad40dd05581bffe04db700b8b4fbfbe8112399f2bef70b69dd690458b6512ed_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:224bfa6af3a2a9b15657ee0adc0233608bb7a2218f9a488b537e3af4c53acacf_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f2cf132ddd130c3de1e3732f35fdade709c17e8a2775df5ab47cf7583db82fd6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9ae99a357ee1f9e42942edc998b378960d1a4a6bd9630b802f86743965f36898_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bcc9fd4d95422283c8d6016e1f85cd4522f43c0504cadf6aec40b9c30f2d945d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c9713eae9be9f99e9e7382ace5f520f96f641c50d8aed1c64a0f6a0ba9ed5395_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45338"
},
{
"category": "external",
"summary": "RHBZ#2333122",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2333122"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45338",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45338"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45338",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45338"
},
{
"category": "external",
"summary": "https://go.dev/cl/637536",
"url": "https://go.dev/cl/637536"
},
{
"category": "external",
"summary": "https://go.dev/issue/70906",
"url": "https://go.dev/issue/70906"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/wSCRmFnNmPA/m/Lvcd0mRMAwAJ",
"url": "https://groups.google.com/g/golang-announce/c/wSCRmFnNmPA/m/Lvcd0mRMAwAJ"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3333",
"url": "https://pkg.go.dev/vuln/GO-2024-3333"
}
],
"release_date": "2024-12-18T20:38:22.660000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-02-13T18:14:31+00:00",
"details": "If you are using an earlier version of RHACS 4.4, you are advised to upgrade to this patch release 4.4.8.",
"product_ids": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:394f4fd42c292ef68abf4a9104fe668026e394c3243ebf9b184d40a4b4b0132e_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:6478816c1b2bdeb40c77c267fff033dca5523375c64623bf56d493c4417a3c3f_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:8b92405457c5240a4d672409a7519d28463f2f0e104f441e3d0d0839549c6215_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:0e867de15e3038db7274dc1d84cd8ca5b1860b661c8b16ecd8f7aeefa76077a8_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:1aedb2f4b2aefa9586c8aecfff4647497f7a36fc6a547d6688645d87e90413f4_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:92f98ca560ce539495108e6212737ea6cf83215fe0a5aa7a12636ee9d5fca88f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:2f74522967f06958e385468a31e14bb9ede90569dec8292d61e67c6640c1ebde_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:38b340062dea9adc1159a326d39a214541e259e9e16582ef98efcd8e6deb3dd6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:609205741b369f72807fcec1fd3351d56e4605fdbbee37975fad8c01a5ea0339_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1ab2b5e9423a2edd5f663cdbf4c15dd6a5c13db13125161f4b4a9916d3c523e2_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1e37a386006e4a7b4414dcdbe6a42191b8f41e706e1df6dfe401cbdbe342f06a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b0f32d062678d69350a3a1a18b643c8b97ebfdbd0bea1c0ee67312312d02fcba_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:1468"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:394f4fd42c292ef68abf4a9104fe668026e394c3243ebf9b184d40a4b4b0132e_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:6478816c1b2bdeb40c77c267fff033dca5523375c64623bf56d493c4417a3c3f_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:8b92405457c5240a4d672409a7519d28463f2f0e104f441e3d0d0839549c6215_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:39367ad4f4807b804eb6a95d241d99c528995f75d3264b58820cf50fa6abceef_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:a5a1e18726ce755a8f2a36a58928714d61f4426643b7f08da086004982e993ef_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cd132ae4b02647d5b0f0a910539c75efb3e0795590df00056542e969605ae296_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:357fa537a29f82ca117b8ed4695456707bd9599c5057ed938a91114e94badf62_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:62ddbd8b9e0b27be7a0541c7fe085b621834facff7d83d4a2e57b56ef6c713a2_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:94b445cbaef0111d98a0ee595988ef420423aa381b36e7127e76e385be12996a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:0e867de15e3038db7274dc1d84cd8ca5b1860b661c8b16ecd8f7aeefa76077a8_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:1aedb2f4b2aefa9586c8aecfff4647497f7a36fc6a547d6688645d87e90413f4_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:92f98ca560ce539495108e6212737ea6cf83215fe0a5aa7a12636ee9d5fca88f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:123c0108bd7a190dd2accfd21786600f787147f040e57fb5f840861e2caa441d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:6f81e9b903594b0a8bd5517900f7677e09c942953d257c87da11fb779e0f9dab_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:8c199930239623166973ea9cdb40ce2e2537d63e8c731afca3892caa84d2f16a_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:2f74522967f06958e385468a31e14bb9ede90569dec8292d61e67c6640c1ebde_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:38b340062dea9adc1159a326d39a214541e259e9e16582ef98efcd8e6deb3dd6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:609205741b369f72807fcec1fd3351d56e4605fdbbee37975fad8c01a5ea0339_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1ab2b5e9423a2edd5f663cdbf4c15dd6a5c13db13125161f4b4a9916d3c523e2_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1e37a386006e4a7b4414dcdbe6a42191b8f41e706e1df6dfe401cbdbe342f06a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b0f32d062678d69350a3a1a18b643c8b97ebfdbd0bea1c0ee67312312d02fcba_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:439fc3b91a4841c81355ecbb5c610c66139525df82bdb96a4ece4ffd20aca0a5_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7108fcc2c26b8e735231d9bad43febbc2ccc15723b15d3bf9ba643f950f75857_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7c4fa13ab624b17711df308a9434e529b49b259fe9c6bde4b4e9037ae45996d6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62df44281133dd4191848bfb861ba70eeb113b2bc0ce28c71b82524860421bed_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:844cef84fb29ee2996c284c6d517a645d4b14862c17021bd1b0052515cd364df_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:fc974b15c869a26e0ae259a39ce0ed1f1954630557c31465561eeee67bfc2797_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:08c488f99ef1c837418842db1c8e52391a55f5f61a1de98edbbe3a201070168a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:20a368484142ce585e3a49a402bab10b2045ba2d89711154ae80457c01881a4c_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f252a2c2eaa0a4807e39df8e5fe89a8b66e8ef62a9303a144b765c4857b17e51_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:17a5ed5cea7a0b355ea13e6a95218143c351e34cee1ba0188a14c28f9605e504_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1d00cc8be3101e0a0a901249545566689d1de5554f5101b8fcbb6fa1827d508b_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d001fb8afaf083ac3b02ab7571a709183931ef37baa75908556081480ee395dc_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1ad40dd05581bffe04db700b8b4fbfbe8112399f2bef70b69dd690458b6512ed_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:224bfa6af3a2a9b15657ee0adc0233608bb7a2218f9a488b537e3af4c53acacf_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f2cf132ddd130c3de1e3732f35fdade709c17e8a2775df5ab47cf7583db82fd6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9ae99a357ee1f9e42942edc998b378960d1a4a6bd9630b802f86743965f36898_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bcc9fd4d95422283c8d6016e1f85cd4522f43c0504cadf6aec40b9c30f2d945d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c9713eae9be9f99e9e7382ace5f520f96f641c50d8aed1c64a0f6a0ba9ed5395_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html"
},
{
"cve": "CVE-2025-21613",
"cwe": {
"id": "CWE-88",
"name": "Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)"
},
"discovery_date": "2025-01-06T17:00:41.244449+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:394f4fd42c292ef68abf4a9104fe668026e394c3243ebf9b184d40a4b4b0132e_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:6478816c1b2bdeb40c77c267fff033dca5523375c64623bf56d493c4417a3c3f_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:8b92405457c5240a4d672409a7519d28463f2f0e104f441e3d0d0839549c6215_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:39367ad4f4807b804eb6a95d241d99c528995f75d3264b58820cf50fa6abceef_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:a5a1e18726ce755a8f2a36a58928714d61f4426643b7f08da086004982e993ef_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cd132ae4b02647d5b0f0a910539c75efb3e0795590df00056542e969605ae296_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:357fa537a29f82ca117b8ed4695456707bd9599c5057ed938a91114e94badf62_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:62ddbd8b9e0b27be7a0541c7fe085b621834facff7d83d4a2e57b56ef6c713a2_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:94b445cbaef0111d98a0ee595988ef420423aa381b36e7127e76e385be12996a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:123c0108bd7a190dd2accfd21786600f787147f040e57fb5f840861e2caa441d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:6f81e9b903594b0a8bd5517900f7677e09c942953d257c87da11fb779e0f9dab_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:8c199930239623166973ea9cdb40ce2e2537d63e8c731afca3892caa84d2f16a_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:439fc3b91a4841c81355ecbb5c610c66139525df82bdb96a4ece4ffd20aca0a5_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7108fcc2c26b8e735231d9bad43febbc2ccc15723b15d3bf9ba643f950f75857_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7c4fa13ab624b17711df308a9434e529b49b259fe9c6bde4b4e9037ae45996d6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62df44281133dd4191848bfb861ba70eeb113b2bc0ce28c71b82524860421bed_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:844cef84fb29ee2996c284c6d517a645d4b14862c17021bd1b0052515cd364df_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:fc974b15c869a26e0ae259a39ce0ed1f1954630557c31465561eeee67bfc2797_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:08c488f99ef1c837418842db1c8e52391a55f5f61a1de98edbbe3a201070168a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:20a368484142ce585e3a49a402bab10b2045ba2d89711154ae80457c01881a4c_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f252a2c2eaa0a4807e39df8e5fe89a8b66e8ef62a9303a144b765c4857b17e51_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:17a5ed5cea7a0b355ea13e6a95218143c351e34cee1ba0188a14c28f9605e504_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1d00cc8be3101e0a0a901249545566689d1de5554f5101b8fcbb6fa1827d508b_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d001fb8afaf083ac3b02ab7571a709183931ef37baa75908556081480ee395dc_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1ad40dd05581bffe04db700b8b4fbfbe8112399f2bef70b69dd690458b6512ed_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:224bfa6af3a2a9b15657ee0adc0233608bb7a2218f9a488b537e3af4c53acacf_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f2cf132ddd130c3de1e3732f35fdade709c17e8a2775df5ab47cf7583db82fd6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9ae99a357ee1f9e42942edc998b378960d1a4a6bd9630b802f86743965f36898_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bcc9fd4d95422283c8d6016e1f85cd4522f43c0504cadf6aec40b9c30f2d945d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c9713eae9be9f99e9e7382ace5f520f96f641c50d8aed1c64a0f6a0ba9ed5395_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2335888"
}
],
"notes": [
{
"category": "description",
"text": "An argument injection vulnerability was found in go-git. This flaw allows an attacker to set arbitrary values to git-upload-pack flags, leading to command or code execution, exposure of sensitive data, or other unintended behavior. This is only possible in configurations where the file transport protocol is being used.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "go-git: argument injection via the URL field",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as an Important severity because an argument injection has been discovered in go-git, where an attackers can manipulate git-upload-pack flags, potentially enabling command or code execution leads to an exposure of sensitive data or other unintended actions, this vulnerability occurs exclusively in configurations using the file transport protocol.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:0e867de15e3038db7274dc1d84cd8ca5b1860b661c8b16ecd8f7aeefa76077a8_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:1aedb2f4b2aefa9586c8aecfff4647497f7a36fc6a547d6688645d87e90413f4_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:92f98ca560ce539495108e6212737ea6cf83215fe0a5aa7a12636ee9d5fca88f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:2f74522967f06958e385468a31e14bb9ede90569dec8292d61e67c6640c1ebde_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:38b340062dea9adc1159a326d39a214541e259e9e16582ef98efcd8e6deb3dd6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:609205741b369f72807fcec1fd3351d56e4605fdbbee37975fad8c01a5ea0339_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1ab2b5e9423a2edd5f663cdbf4c15dd6a5c13db13125161f4b4a9916d3c523e2_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1e37a386006e4a7b4414dcdbe6a42191b8f41e706e1df6dfe401cbdbe342f06a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b0f32d062678d69350a3a1a18b643c8b97ebfdbd0bea1c0ee67312312d02fcba_amd64"
],
"known_not_affected": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:394f4fd42c292ef68abf4a9104fe668026e394c3243ebf9b184d40a4b4b0132e_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:6478816c1b2bdeb40c77c267fff033dca5523375c64623bf56d493c4417a3c3f_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:8b92405457c5240a4d672409a7519d28463f2f0e104f441e3d0d0839549c6215_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:39367ad4f4807b804eb6a95d241d99c528995f75d3264b58820cf50fa6abceef_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:a5a1e18726ce755a8f2a36a58928714d61f4426643b7f08da086004982e993ef_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cd132ae4b02647d5b0f0a910539c75efb3e0795590df00056542e969605ae296_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:357fa537a29f82ca117b8ed4695456707bd9599c5057ed938a91114e94badf62_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:62ddbd8b9e0b27be7a0541c7fe085b621834facff7d83d4a2e57b56ef6c713a2_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:94b445cbaef0111d98a0ee595988ef420423aa381b36e7127e76e385be12996a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:123c0108bd7a190dd2accfd21786600f787147f040e57fb5f840861e2caa441d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:6f81e9b903594b0a8bd5517900f7677e09c942953d257c87da11fb779e0f9dab_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:8c199930239623166973ea9cdb40ce2e2537d63e8c731afca3892caa84d2f16a_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:439fc3b91a4841c81355ecbb5c610c66139525df82bdb96a4ece4ffd20aca0a5_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7108fcc2c26b8e735231d9bad43febbc2ccc15723b15d3bf9ba643f950f75857_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7c4fa13ab624b17711df308a9434e529b49b259fe9c6bde4b4e9037ae45996d6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62df44281133dd4191848bfb861ba70eeb113b2bc0ce28c71b82524860421bed_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:844cef84fb29ee2996c284c6d517a645d4b14862c17021bd1b0052515cd364df_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:fc974b15c869a26e0ae259a39ce0ed1f1954630557c31465561eeee67bfc2797_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:08c488f99ef1c837418842db1c8e52391a55f5f61a1de98edbbe3a201070168a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:20a368484142ce585e3a49a402bab10b2045ba2d89711154ae80457c01881a4c_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f252a2c2eaa0a4807e39df8e5fe89a8b66e8ef62a9303a144b765c4857b17e51_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:17a5ed5cea7a0b355ea13e6a95218143c351e34cee1ba0188a14c28f9605e504_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1d00cc8be3101e0a0a901249545566689d1de5554f5101b8fcbb6fa1827d508b_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d001fb8afaf083ac3b02ab7571a709183931ef37baa75908556081480ee395dc_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1ad40dd05581bffe04db700b8b4fbfbe8112399f2bef70b69dd690458b6512ed_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:224bfa6af3a2a9b15657ee0adc0233608bb7a2218f9a488b537e3af4c53acacf_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f2cf132ddd130c3de1e3732f35fdade709c17e8a2775df5ab47cf7583db82fd6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9ae99a357ee1f9e42942edc998b378960d1a4a6bd9630b802f86743965f36898_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bcc9fd4d95422283c8d6016e1f85cd4522f43c0504cadf6aec40b9c30f2d945d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c9713eae9be9f99e9e7382ace5f520f96f641c50d8aed1c64a0f6a0ba9ed5395_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-21613"
},
{
"category": "external",
"summary": "RHBZ#2335888",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2335888"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-21613",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21613"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-21613",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-21613"
},
{
"category": "external",
"summary": "https://github.com/go-git/go-git/security/advisories/GHSA-v725-9546-7q7m",
"url": "https://github.com/go-git/go-git/security/advisories/GHSA-v725-9546-7q7m"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3368",
"url": "https://pkg.go.dev/vuln/GO-2025-3368"
}
],
"release_date": "2025-01-06T16:13:10.611000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-02-13T18:14:31+00:00",
"details": "If you are using an earlier version of RHACS 4.4, you are advised to upgrade to this patch release 4.4.8.",
"product_ids": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:0e867de15e3038db7274dc1d84cd8ca5b1860b661c8b16ecd8f7aeefa76077a8_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:1aedb2f4b2aefa9586c8aecfff4647497f7a36fc6a547d6688645d87e90413f4_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:92f98ca560ce539495108e6212737ea6cf83215fe0a5aa7a12636ee9d5fca88f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:2f74522967f06958e385468a31e14bb9ede90569dec8292d61e67c6640c1ebde_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:38b340062dea9adc1159a326d39a214541e259e9e16582ef98efcd8e6deb3dd6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:609205741b369f72807fcec1fd3351d56e4605fdbbee37975fad8c01a5ea0339_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1ab2b5e9423a2edd5f663cdbf4c15dd6a5c13db13125161f4b4a9916d3c523e2_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1e37a386006e4a7b4414dcdbe6a42191b8f41e706e1df6dfe401cbdbe342f06a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b0f32d062678d69350a3a1a18b643c8b97ebfdbd0bea1c0ee67312312d02fcba_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:1468"
},
{
"category": "workaround",
"details": "In cases where it is not possible to update to the latest version of go-git, it is recommended to enforce validation rules for values passed in the URL field.",
"product_ids": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:394f4fd42c292ef68abf4a9104fe668026e394c3243ebf9b184d40a4b4b0132e_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:6478816c1b2bdeb40c77c267fff033dca5523375c64623bf56d493c4417a3c3f_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:8b92405457c5240a4d672409a7519d28463f2f0e104f441e3d0d0839549c6215_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:39367ad4f4807b804eb6a95d241d99c528995f75d3264b58820cf50fa6abceef_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:a5a1e18726ce755a8f2a36a58928714d61f4426643b7f08da086004982e993ef_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cd132ae4b02647d5b0f0a910539c75efb3e0795590df00056542e969605ae296_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:357fa537a29f82ca117b8ed4695456707bd9599c5057ed938a91114e94badf62_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:62ddbd8b9e0b27be7a0541c7fe085b621834facff7d83d4a2e57b56ef6c713a2_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:94b445cbaef0111d98a0ee595988ef420423aa381b36e7127e76e385be12996a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:0e867de15e3038db7274dc1d84cd8ca5b1860b661c8b16ecd8f7aeefa76077a8_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:1aedb2f4b2aefa9586c8aecfff4647497f7a36fc6a547d6688645d87e90413f4_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:92f98ca560ce539495108e6212737ea6cf83215fe0a5aa7a12636ee9d5fca88f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:123c0108bd7a190dd2accfd21786600f787147f040e57fb5f840861e2caa441d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:6f81e9b903594b0a8bd5517900f7677e09c942953d257c87da11fb779e0f9dab_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:8c199930239623166973ea9cdb40ce2e2537d63e8c731afca3892caa84d2f16a_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:2f74522967f06958e385468a31e14bb9ede90569dec8292d61e67c6640c1ebde_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:38b340062dea9adc1159a326d39a214541e259e9e16582ef98efcd8e6deb3dd6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:609205741b369f72807fcec1fd3351d56e4605fdbbee37975fad8c01a5ea0339_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1ab2b5e9423a2edd5f663cdbf4c15dd6a5c13db13125161f4b4a9916d3c523e2_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1e37a386006e4a7b4414dcdbe6a42191b8f41e706e1df6dfe401cbdbe342f06a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b0f32d062678d69350a3a1a18b643c8b97ebfdbd0bea1c0ee67312312d02fcba_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:439fc3b91a4841c81355ecbb5c610c66139525df82bdb96a4ece4ffd20aca0a5_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7108fcc2c26b8e735231d9bad43febbc2ccc15723b15d3bf9ba643f950f75857_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7c4fa13ab624b17711df308a9434e529b49b259fe9c6bde4b4e9037ae45996d6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62df44281133dd4191848bfb861ba70eeb113b2bc0ce28c71b82524860421bed_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:844cef84fb29ee2996c284c6d517a645d4b14862c17021bd1b0052515cd364df_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:fc974b15c869a26e0ae259a39ce0ed1f1954630557c31465561eeee67bfc2797_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:08c488f99ef1c837418842db1c8e52391a55f5f61a1de98edbbe3a201070168a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:20a368484142ce585e3a49a402bab10b2045ba2d89711154ae80457c01881a4c_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f252a2c2eaa0a4807e39df8e5fe89a8b66e8ef62a9303a144b765c4857b17e51_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:17a5ed5cea7a0b355ea13e6a95218143c351e34cee1ba0188a14c28f9605e504_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1d00cc8be3101e0a0a901249545566689d1de5554f5101b8fcbb6fa1827d508b_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d001fb8afaf083ac3b02ab7571a709183931ef37baa75908556081480ee395dc_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1ad40dd05581bffe04db700b8b4fbfbe8112399f2bef70b69dd690458b6512ed_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:224bfa6af3a2a9b15657ee0adc0233608bb7a2218f9a488b537e3af4c53acacf_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f2cf132ddd130c3de1e3732f35fdade709c17e8a2775df5ab47cf7583db82fd6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9ae99a357ee1f9e42942edc998b378960d1a4a6bd9630b802f86743965f36898_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bcc9fd4d95422283c8d6016e1f85cd4522f43c0504cadf6aec40b9c30f2d945d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c9713eae9be9f99e9e7382ace5f520f96f641c50d8aed1c64a0f6a0ba9ed5395_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:394f4fd42c292ef68abf4a9104fe668026e394c3243ebf9b184d40a4b4b0132e_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:6478816c1b2bdeb40c77c267fff033dca5523375c64623bf56d493c4417a3c3f_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:8b92405457c5240a4d672409a7519d28463f2f0e104f441e3d0d0839549c6215_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:39367ad4f4807b804eb6a95d241d99c528995f75d3264b58820cf50fa6abceef_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:a5a1e18726ce755a8f2a36a58928714d61f4426643b7f08da086004982e993ef_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cd132ae4b02647d5b0f0a910539c75efb3e0795590df00056542e969605ae296_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:357fa537a29f82ca117b8ed4695456707bd9599c5057ed938a91114e94badf62_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:62ddbd8b9e0b27be7a0541c7fe085b621834facff7d83d4a2e57b56ef6c713a2_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:94b445cbaef0111d98a0ee595988ef420423aa381b36e7127e76e385be12996a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:0e867de15e3038db7274dc1d84cd8ca5b1860b661c8b16ecd8f7aeefa76077a8_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:1aedb2f4b2aefa9586c8aecfff4647497f7a36fc6a547d6688645d87e90413f4_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:92f98ca560ce539495108e6212737ea6cf83215fe0a5aa7a12636ee9d5fca88f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:123c0108bd7a190dd2accfd21786600f787147f040e57fb5f840861e2caa441d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:6f81e9b903594b0a8bd5517900f7677e09c942953d257c87da11fb779e0f9dab_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:8c199930239623166973ea9cdb40ce2e2537d63e8c731afca3892caa84d2f16a_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:2f74522967f06958e385468a31e14bb9ede90569dec8292d61e67c6640c1ebde_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:38b340062dea9adc1159a326d39a214541e259e9e16582ef98efcd8e6deb3dd6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:609205741b369f72807fcec1fd3351d56e4605fdbbee37975fad8c01a5ea0339_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1ab2b5e9423a2edd5f663cdbf4c15dd6a5c13db13125161f4b4a9916d3c523e2_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1e37a386006e4a7b4414dcdbe6a42191b8f41e706e1df6dfe401cbdbe342f06a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b0f32d062678d69350a3a1a18b643c8b97ebfdbd0bea1c0ee67312312d02fcba_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:439fc3b91a4841c81355ecbb5c610c66139525df82bdb96a4ece4ffd20aca0a5_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7108fcc2c26b8e735231d9bad43febbc2ccc15723b15d3bf9ba643f950f75857_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7c4fa13ab624b17711df308a9434e529b49b259fe9c6bde4b4e9037ae45996d6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62df44281133dd4191848bfb861ba70eeb113b2bc0ce28c71b82524860421bed_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:844cef84fb29ee2996c284c6d517a645d4b14862c17021bd1b0052515cd364df_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:fc974b15c869a26e0ae259a39ce0ed1f1954630557c31465561eeee67bfc2797_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:08c488f99ef1c837418842db1c8e52391a55f5f61a1de98edbbe3a201070168a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:20a368484142ce585e3a49a402bab10b2045ba2d89711154ae80457c01881a4c_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f252a2c2eaa0a4807e39df8e5fe89a8b66e8ef62a9303a144b765c4857b17e51_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:17a5ed5cea7a0b355ea13e6a95218143c351e34cee1ba0188a14c28f9605e504_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1d00cc8be3101e0a0a901249545566689d1de5554f5101b8fcbb6fa1827d508b_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d001fb8afaf083ac3b02ab7571a709183931ef37baa75908556081480ee395dc_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1ad40dd05581bffe04db700b8b4fbfbe8112399f2bef70b69dd690458b6512ed_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:224bfa6af3a2a9b15657ee0adc0233608bb7a2218f9a488b537e3af4c53acacf_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f2cf132ddd130c3de1e3732f35fdade709c17e8a2775df5ab47cf7583db82fd6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9ae99a357ee1f9e42942edc998b378960d1a4a6bd9630b802f86743965f36898_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bcc9fd4d95422283c8d6016e1f85cd4522f43c0504cadf6aec40b9c30f2d945d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c9713eae9be9f99e9e7382ace5f520f96f641c50d8aed1c64a0f6a0ba9ed5395_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "go-git: argument injection via the URL field"
},
{
"cve": "CVE-2025-21614",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-01-06T17:01:36.743039+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:394f4fd42c292ef68abf4a9104fe668026e394c3243ebf9b184d40a4b4b0132e_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:6478816c1b2bdeb40c77c267fff033dca5523375c64623bf56d493c4417a3c3f_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:8b92405457c5240a4d672409a7519d28463f2f0e104f441e3d0d0839549c6215_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:39367ad4f4807b804eb6a95d241d99c528995f75d3264b58820cf50fa6abceef_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:a5a1e18726ce755a8f2a36a58928714d61f4426643b7f08da086004982e993ef_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cd132ae4b02647d5b0f0a910539c75efb3e0795590df00056542e969605ae296_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:357fa537a29f82ca117b8ed4695456707bd9599c5057ed938a91114e94badf62_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:62ddbd8b9e0b27be7a0541c7fe085b621834facff7d83d4a2e57b56ef6c713a2_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:94b445cbaef0111d98a0ee595988ef420423aa381b36e7127e76e385be12996a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:123c0108bd7a190dd2accfd21786600f787147f040e57fb5f840861e2caa441d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:6f81e9b903594b0a8bd5517900f7677e09c942953d257c87da11fb779e0f9dab_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:8c199930239623166973ea9cdb40ce2e2537d63e8c731afca3892caa84d2f16a_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:439fc3b91a4841c81355ecbb5c610c66139525df82bdb96a4ece4ffd20aca0a5_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7108fcc2c26b8e735231d9bad43febbc2ccc15723b15d3bf9ba643f950f75857_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7c4fa13ab624b17711df308a9434e529b49b259fe9c6bde4b4e9037ae45996d6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62df44281133dd4191848bfb861ba70eeb113b2bc0ce28c71b82524860421bed_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:844cef84fb29ee2996c284c6d517a645d4b14862c17021bd1b0052515cd364df_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:fc974b15c869a26e0ae259a39ce0ed1f1954630557c31465561eeee67bfc2797_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:08c488f99ef1c837418842db1c8e52391a55f5f61a1de98edbbe3a201070168a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:20a368484142ce585e3a49a402bab10b2045ba2d89711154ae80457c01881a4c_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f252a2c2eaa0a4807e39df8e5fe89a8b66e8ef62a9303a144b765c4857b17e51_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:17a5ed5cea7a0b355ea13e6a95218143c351e34cee1ba0188a14c28f9605e504_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1d00cc8be3101e0a0a901249545566689d1de5554f5101b8fcbb6fa1827d508b_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d001fb8afaf083ac3b02ab7571a709183931ef37baa75908556081480ee395dc_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1ad40dd05581bffe04db700b8b4fbfbe8112399f2bef70b69dd690458b6512ed_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:224bfa6af3a2a9b15657ee0adc0233608bb7a2218f9a488b537e3af4c53acacf_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f2cf132ddd130c3de1e3732f35fdade709c17e8a2775df5ab47cf7583db82fd6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9ae99a357ee1f9e42942edc998b378960d1a4a6bd9630b802f86743965f36898_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bcc9fd4d95422283c8d6016e1f85cd4522f43c0504cadf6aec40b9c30f2d945d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c9713eae9be9f99e9e7382ace5f520f96f641c50d8aed1c64a0f6a0ba9ed5395_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2335901"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service (DoS) vulnerability was found in go-git. This vulnerability allows an attacker to perform denial of service attacks by providing specially crafted responses from a Git server, which triggers resource exhaustion in go-git clients.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "go-git: go-git clients vulnerable to DoS via maliciously crafted Git server replies",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:0e867de15e3038db7274dc1d84cd8ca5b1860b661c8b16ecd8f7aeefa76077a8_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:1aedb2f4b2aefa9586c8aecfff4647497f7a36fc6a547d6688645d87e90413f4_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:92f98ca560ce539495108e6212737ea6cf83215fe0a5aa7a12636ee9d5fca88f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:2f74522967f06958e385468a31e14bb9ede90569dec8292d61e67c6640c1ebde_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:38b340062dea9adc1159a326d39a214541e259e9e16582ef98efcd8e6deb3dd6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:609205741b369f72807fcec1fd3351d56e4605fdbbee37975fad8c01a5ea0339_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1ab2b5e9423a2edd5f663cdbf4c15dd6a5c13db13125161f4b4a9916d3c523e2_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1e37a386006e4a7b4414dcdbe6a42191b8f41e706e1df6dfe401cbdbe342f06a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b0f32d062678d69350a3a1a18b643c8b97ebfdbd0bea1c0ee67312312d02fcba_amd64"
],
"known_not_affected": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:394f4fd42c292ef68abf4a9104fe668026e394c3243ebf9b184d40a4b4b0132e_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:6478816c1b2bdeb40c77c267fff033dca5523375c64623bf56d493c4417a3c3f_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:8b92405457c5240a4d672409a7519d28463f2f0e104f441e3d0d0839549c6215_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:39367ad4f4807b804eb6a95d241d99c528995f75d3264b58820cf50fa6abceef_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:a5a1e18726ce755a8f2a36a58928714d61f4426643b7f08da086004982e993ef_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cd132ae4b02647d5b0f0a910539c75efb3e0795590df00056542e969605ae296_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:357fa537a29f82ca117b8ed4695456707bd9599c5057ed938a91114e94badf62_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:62ddbd8b9e0b27be7a0541c7fe085b621834facff7d83d4a2e57b56ef6c713a2_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:94b445cbaef0111d98a0ee595988ef420423aa381b36e7127e76e385be12996a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:123c0108bd7a190dd2accfd21786600f787147f040e57fb5f840861e2caa441d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:6f81e9b903594b0a8bd5517900f7677e09c942953d257c87da11fb779e0f9dab_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:8c199930239623166973ea9cdb40ce2e2537d63e8c731afca3892caa84d2f16a_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:439fc3b91a4841c81355ecbb5c610c66139525df82bdb96a4ece4ffd20aca0a5_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7108fcc2c26b8e735231d9bad43febbc2ccc15723b15d3bf9ba643f950f75857_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7c4fa13ab624b17711df308a9434e529b49b259fe9c6bde4b4e9037ae45996d6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62df44281133dd4191848bfb861ba70eeb113b2bc0ce28c71b82524860421bed_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:844cef84fb29ee2996c284c6d517a645d4b14862c17021bd1b0052515cd364df_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:fc974b15c869a26e0ae259a39ce0ed1f1954630557c31465561eeee67bfc2797_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:08c488f99ef1c837418842db1c8e52391a55f5f61a1de98edbbe3a201070168a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:20a368484142ce585e3a49a402bab10b2045ba2d89711154ae80457c01881a4c_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f252a2c2eaa0a4807e39df8e5fe89a8b66e8ef62a9303a144b765c4857b17e51_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:17a5ed5cea7a0b355ea13e6a95218143c351e34cee1ba0188a14c28f9605e504_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1d00cc8be3101e0a0a901249545566689d1de5554f5101b8fcbb6fa1827d508b_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d001fb8afaf083ac3b02ab7571a709183931ef37baa75908556081480ee395dc_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1ad40dd05581bffe04db700b8b4fbfbe8112399f2bef70b69dd690458b6512ed_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:224bfa6af3a2a9b15657ee0adc0233608bb7a2218f9a488b537e3af4c53acacf_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f2cf132ddd130c3de1e3732f35fdade709c17e8a2775df5ab47cf7583db82fd6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9ae99a357ee1f9e42942edc998b378960d1a4a6bd9630b802f86743965f36898_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bcc9fd4d95422283c8d6016e1f85cd4522f43c0504cadf6aec40b9c30f2d945d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c9713eae9be9f99e9e7382ace5f520f96f641c50d8aed1c64a0f6a0ba9ed5395_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-21614"
},
{
"category": "external",
"summary": "RHBZ#2335901",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2335901"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-21614",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21614"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-21614",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-21614"
},
{
"category": "external",
"summary": "https://github.com/go-git/go-git/security/advisories/GHSA-r9px-m959-cxf4",
"url": "https://github.com/go-git/go-git/security/advisories/GHSA-r9px-m959-cxf4"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3367",
"url": "https://pkg.go.dev/vuln/GO-2025-3367"
}
],
"release_date": "2025-01-06T16:20:16.140000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-02-13T18:14:31+00:00",
"details": "If you are using an earlier version of RHACS 4.4, you are advised to upgrade to this patch release 4.4.8.",
"product_ids": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:0e867de15e3038db7274dc1d84cd8ca5b1860b661c8b16ecd8f7aeefa76077a8_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:1aedb2f4b2aefa9586c8aecfff4647497f7a36fc6a547d6688645d87e90413f4_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:92f98ca560ce539495108e6212737ea6cf83215fe0a5aa7a12636ee9d5fca88f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:2f74522967f06958e385468a31e14bb9ede90569dec8292d61e67c6640c1ebde_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:38b340062dea9adc1159a326d39a214541e259e9e16582ef98efcd8e6deb3dd6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:609205741b369f72807fcec1fd3351d56e4605fdbbee37975fad8c01a5ea0339_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1ab2b5e9423a2edd5f663cdbf4c15dd6a5c13db13125161f4b4a9916d3c523e2_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1e37a386006e4a7b4414dcdbe6a42191b8f41e706e1df6dfe401cbdbe342f06a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b0f32d062678d69350a3a1a18b643c8b97ebfdbd0bea1c0ee67312312d02fcba_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:1468"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:394f4fd42c292ef68abf4a9104fe668026e394c3243ebf9b184d40a4b4b0132e_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:6478816c1b2bdeb40c77c267fff033dca5523375c64623bf56d493c4417a3c3f_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:8b92405457c5240a4d672409a7519d28463f2f0e104f441e3d0d0839549c6215_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:39367ad4f4807b804eb6a95d241d99c528995f75d3264b58820cf50fa6abceef_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:a5a1e18726ce755a8f2a36a58928714d61f4426643b7f08da086004982e993ef_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cd132ae4b02647d5b0f0a910539c75efb3e0795590df00056542e969605ae296_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:357fa537a29f82ca117b8ed4695456707bd9599c5057ed938a91114e94badf62_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:62ddbd8b9e0b27be7a0541c7fe085b621834facff7d83d4a2e57b56ef6c713a2_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:94b445cbaef0111d98a0ee595988ef420423aa381b36e7127e76e385be12996a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:0e867de15e3038db7274dc1d84cd8ca5b1860b661c8b16ecd8f7aeefa76077a8_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:1aedb2f4b2aefa9586c8aecfff4647497f7a36fc6a547d6688645d87e90413f4_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:92f98ca560ce539495108e6212737ea6cf83215fe0a5aa7a12636ee9d5fca88f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:123c0108bd7a190dd2accfd21786600f787147f040e57fb5f840861e2caa441d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:6f81e9b903594b0a8bd5517900f7677e09c942953d257c87da11fb779e0f9dab_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:8c199930239623166973ea9cdb40ce2e2537d63e8c731afca3892caa84d2f16a_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:2f74522967f06958e385468a31e14bb9ede90569dec8292d61e67c6640c1ebde_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:38b340062dea9adc1159a326d39a214541e259e9e16582ef98efcd8e6deb3dd6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:609205741b369f72807fcec1fd3351d56e4605fdbbee37975fad8c01a5ea0339_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1ab2b5e9423a2edd5f663cdbf4c15dd6a5c13db13125161f4b4a9916d3c523e2_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1e37a386006e4a7b4414dcdbe6a42191b8f41e706e1df6dfe401cbdbe342f06a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b0f32d062678d69350a3a1a18b643c8b97ebfdbd0bea1c0ee67312312d02fcba_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:439fc3b91a4841c81355ecbb5c610c66139525df82bdb96a4ece4ffd20aca0a5_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7108fcc2c26b8e735231d9bad43febbc2ccc15723b15d3bf9ba643f950f75857_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7c4fa13ab624b17711df308a9434e529b49b259fe9c6bde4b4e9037ae45996d6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62df44281133dd4191848bfb861ba70eeb113b2bc0ce28c71b82524860421bed_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:844cef84fb29ee2996c284c6d517a645d4b14862c17021bd1b0052515cd364df_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:fc974b15c869a26e0ae259a39ce0ed1f1954630557c31465561eeee67bfc2797_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:08c488f99ef1c837418842db1c8e52391a55f5f61a1de98edbbe3a201070168a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:20a368484142ce585e3a49a402bab10b2045ba2d89711154ae80457c01881a4c_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f252a2c2eaa0a4807e39df8e5fe89a8b66e8ef62a9303a144b765c4857b17e51_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:17a5ed5cea7a0b355ea13e6a95218143c351e34cee1ba0188a14c28f9605e504_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1d00cc8be3101e0a0a901249545566689d1de5554f5101b8fcbb6fa1827d508b_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d001fb8afaf083ac3b02ab7571a709183931ef37baa75908556081480ee395dc_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1ad40dd05581bffe04db700b8b4fbfbe8112399f2bef70b69dd690458b6512ed_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:224bfa6af3a2a9b15657ee0adc0233608bb7a2218f9a488b537e3af4c53acacf_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f2cf132ddd130c3de1e3732f35fdade709c17e8a2775df5ab47cf7583db82fd6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9ae99a357ee1f9e42942edc998b378960d1a4a6bd9630b802f86743965f36898_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bcc9fd4d95422283c8d6016e1f85cd4522f43c0504cadf6aec40b9c30f2d945d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c9713eae9be9f99e9e7382ace5f520f96f641c50d8aed1c64a0f6a0ba9ed5395_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "go-git: go-git clients vulnerable to DoS via maliciously crafted Git server replies"
}
]
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…