Action not permitted
Modal body text goes here.
Modal Title
Modal Body
cve-2023-46234
Vulnerability from cvelistv5
Published
2023-10-26 14:31
Modified
2025-02-13 17:14
Severity ?
EPSS score ?
0.50%
(0.63073)
Summary
browserify-sign is a package to duplicate the functionality of node's crypto public key functions, much of this is based on Fedor Indutny's work on indutny/tls.js. An upper bound check issue in `dsaVerify` function allows an attacker to construct signatures that can be successfully verified by any public key, thus leading to a signature forgery attack. All places in this project that involve DSA verification of user-input signatures will be affected by this vulnerability. This issue has been patched in version 4.2.2.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| browserify | browserify-sign |
Version: >= 2.6.0, <= 4.2.1 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T20:37:40.270Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "https://github.com/browserify/browserify-sign/security/advisories/GHSA-x9w5-v3q2-3rhw", tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/browserify/browserify-sign/security/advisories/GHSA-x9w5-v3q2-3rhw", }, { name: "https://github.com/browserify/browserify-sign/commit/85994cd6348b50f2fd1b73c54e20881416f44a30", tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/browserify/browserify-sign/commit/85994cd6348b50f2fd1b73c54e20881416f44a30", }, { tags: [ "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2023/10/msg00040.html", }, { tags: [ "x_transferred", ], url: "https://www.debian.org/security/2023/dsa-5539", }, { tags: [ "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6PVVPNSAGSDS63HQ74PJ7MZ3MU5IYNVZ/", }, { tags: [ "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3HUE6ZR5SL73KHL7XUPAOEL6SB7HUDT2/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "browserify-sign", vendor: "browserify", versions: [ { status: "affected", version: ">= 2.6.0, <= 4.2.1", }, ], }, ], descriptions: [ { lang: "en", value: "browserify-sign is a package to duplicate the functionality of node's crypto public key functions, much of this is based on Fedor Indutny's work on indutny/tls.js. An upper bound check issue in `dsaVerify` function allows an attacker to construct signatures that can be successfully verified by any public key, thus leading to a signature forgery attack. All places in this project that involve DSA verification of user-input signatures will be affected by this vulnerability. This issue has been patched in version 4.2.2.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-347", description: "CWE-347: Improper Verification of Cryptographic Signature", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-02-28T02:06:00.712Z", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { name: "https://github.com/browserify/browserify-sign/security/advisories/GHSA-x9w5-v3q2-3rhw", tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/browserify/browserify-sign/security/advisories/GHSA-x9w5-v3q2-3rhw", }, { name: "https://github.com/browserify/browserify-sign/commit/85994cd6348b50f2fd1b73c54e20881416f44a30", tags: [ "x_refsource_MISC", ], url: "https://github.com/browserify/browserify-sign/commit/85994cd6348b50f2fd1b73c54e20881416f44a30", }, { url: "https://lists.debian.org/debian-lts-announce/2023/10/msg00040.html", }, { url: "https://www.debian.org/security/2023/dsa-5539", }, { url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6PVVPNSAGSDS63HQ74PJ7MZ3MU5IYNVZ/", }, { url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3HUE6ZR5SL73KHL7XUPAOEL6SB7HUDT2/", }, ], source: { advisory: "GHSA-x9w5-v3q2-3rhw", discovery: "UNKNOWN", }, title: "browserify-sign vulnerable via an upper bound check issue in `dsaVerify` that leads to a signature forgery attack", }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2023-46234", datePublished: "2023-10-26T14:31:35.895Z", dateReserved: "2023-10-19T20:34:00.946Z", dateUpdated: "2025-02-13T17:14:23.092Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", "vulnerability-lookup:meta": { nvd: "{\"cve\":{\"id\":\"CVE-2023-46234\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2023-10-26T15:15:09.087\",\"lastModified\":\"2025-02-13T18:15:34.370\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"browserify-sign is a package to duplicate the functionality of node's crypto public key functions, much of this is based on Fedor Indutny's work on indutny/tls.js. An upper bound check issue in `dsaVerify` function allows an attacker to construct signatures that can be successfully verified by any public key, thus leading to a signature forgery attack. All places in this project that involve DSA verification of user-input signatures will be affected by this vulnerability. This issue has been patched in version 4.2.2.\"},{\"lang\":\"es\",\"value\":\"browserify-sign es un paquete para duplicar la funcionalidad de las funciones de clave pública criptográfica del nodo, gran parte de esto se basa en el trabajo de Fedor Indutny en indutny/tls.js. Un problema de verificación de límite superior en la función `dsaVerify` permite a un atacante construir firmas que pueden verificarse con éxito mediante cualquier clave pública, lo que lleva a un ataque de falsificación de firmas. Todos los lugares de este proyecto que implican la verificación DSA de las firmas ingresadas por los usuarios se verán afectados por esta vulnerabilidad. Este problema se solucionó en la versión 4.2.2.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":2.5},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-347\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:browserify:browserify-sign:*:*:*:*:*:node.js:*:*\",\"versionEndExcluding\":\"4.2.2\",\"matchCriteriaId\":\"DE51BF6D-53CC-41A1-9530-BD9B1DCFBE6D\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA6FEEC2-9F11-4643-8827-749718254FED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"46D69DCC-AE4D-4EA5-861C-D60951444C6C\"}]}]}],\"references\":[{\"url\":\"https://github.com/browserify/browserify-sign/commit/85994cd6348b50f2fd1b73c54e20881416f44a30\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/browserify/browserify-sign/security/advisories/GHSA-x9w5-v3q2-3rhw\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/10/msg00040.html\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3HUE6ZR5SL73KHL7XUPAOEL6SB7HUDT2/\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6PVVPNSAGSDS63HQ74PJ7MZ3MU5IYNVZ/\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://www.debian.org/security/2023/dsa-5539\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/browserify/browserify-sign/commit/85994cd6348b50f2fd1b73c54e20881416f44a30\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/browserify/browserify-sign/security/advisories/GHSA-x9w5-v3q2-3rhw\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/10/msg00040.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3HUE6ZR5SL73KHL7XUPAOEL6SB7HUDT2/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6PVVPNSAGSDS63HQ74PJ7MZ3MU5IYNVZ/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.debian.org/security/2023/dsa-5539\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}", }, }
ghsa-x9w5-v3q2-3rhw
Vulnerability from github
Published
2023-10-26 20:53
Modified
2025-02-13 19:19
Severity ?
Summary
browserify-sign upper bound check issue in `dsaVerify` leads to a signature forgery attack
Details
Summary
An upper bound check issue in dsaVerify function allows an attacker to construct signatures that can be successfully verified by any public key, thus leading to a signature forgery attack.
Details
In dsaVerify function, it checks whether the value of the signature is legal by calling function checkValue, namely, whether r and s are both in the interval [1, q - 1]. However, the second line of the checkValue function wrongly checks the upper bound of the passed parameters, since the value of b.cmp(q) can only be 0, 1 and -1, and it can never be greater than q.
In this way, although the values of s cannot be 0, an attacker can achieve the same effect as zero by setting its value to q, and then send (r, s) = (1, q) to pass the verification of any public key.
Impact
All places in this project that involve DSA verification of user-input signatures will be affected by this vulnerability.
Fix PR:
Since the temporary private fork was deleted, here's a webarchive of the PR discussion and diff pages: PR webarchive.zip
{ affected: [ { database_specific: { last_known_affected_version_range: "<= 4.2.1", }, package: { ecosystem: "npm", name: "browserify-sign", }, ranges: [ { events: [ { introduced: "2.6.0", }, { fixed: "4.2.2", }, ], type: "ECOSYSTEM", }, ], }, ], aliases: [ "CVE-2023-46234", ], database_specific: { cwe_ids: [ "CWE-347", ], github_reviewed: true, github_reviewed_at: "2023-10-26T20:53:21Z", nvd_published_at: "2023-10-26T15:15:09Z", severity: "HIGH", }, details: "### Summary\nAn upper bound check issue in `dsaVerify` function allows an attacker to construct signatures that can be successfully verified by any public key, thus leading to a signature forgery attack.\n\n### Details\nIn `dsaVerify` function, it checks whether the value of the signature is legal by calling function `checkValue`, namely, whether `r` and `s` are both in the interval `[1, q - 1]`. However, the second line of the `checkValue` function wrongly checks the upper bound of the passed parameters, since the value of `b.cmp(q)` can only be `0`, `1` and `-1`, and it can never be greater than `q`. \n\nIn this way, although the values of `s` cannot be `0`, an attacker can achieve the same effect as zero by setting its value to `q`, and then send `(r, s) = (1, q)` to pass the verification of any public key.\n\n### Impact\nAll places in this project that involve DSA verification of user-input signatures will be affected by this vulnerability.\n\n\n### Fix PR:\nSince the temporary private fork was deleted, here's a webarchive of the PR discussion and diff pages: [PR webarchive.zip](https://github.com/browserify/browserify-sign/files/13172957/PR.webarchive.zip)", id: "GHSA-x9w5-v3q2-3rhw", modified: "2025-02-13T19:19:37Z", published: "2023-10-26T20:53:21Z", references: [ { type: "WEB", url: "https://github.com/browserify/browserify-sign/security/advisories/GHSA-x9w5-v3q2-3rhw", }, { type: "ADVISORY", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-46234", }, { type: "WEB", url: "https://github.com/browserify/browserify-sign/commit/85994cd6348b50f2fd1b73c54e20881416f44a30", }, { type: "PACKAGE", url: "https://github.com/browserify/browserify-sign", }, { type: "WEB", url: "https://lists.debian.org/debian-lts-announce/2023/10/msg00040.html", }, { type: "WEB", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3HUE6ZR5SL73KHL7XUPAOEL6SB7HUDT2", }, { type: "WEB", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6PVVPNSAGSDS63HQ74PJ7MZ3MU5IYNVZ", }, { type: "WEB", url: "https://www.debian.org/security/2023/dsa-5539", }, ], schema_version: "1.4.0", severity: [ { score: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", type: "CVSS_V3", }, ], summary: "browserify-sign upper bound check issue in `dsaVerify` leads to a signature forgery attack", }
NCSC-2024-0466
Vulnerability from csaf_ncscnl
Published
2024-12-06 13:05
Modified
2024-12-06 13:05
Summary
Kwetsbaarheden verholpen in Atlassian producten
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten
Atlassian heeft kwetsbaarheden verholpen in diverse producten als Jira, Bamboo en Confluence.
Interpretaties
De kwetsbaarheden bevinden zich in verschillende third party componenten van ontwikkelaars zoals Oracle, RedHat en het Apache consortium. Deze kwetsbaarheden kunnen leiden tot geheugenuitputting en Denial-of-Service (DoS) door onjuiste invoerbeperkingen. Aanvallers kunnen deze kwetsbaarheden misbruiken door speciaal vervaardigde verzoeken te sturen, wat kan resulteren in systeeminstabiliteit en crashes.
Voor de kwetsbaarheden zijn door de diverse ontwikkelaars updates uitgebracht om ze te verhelpen. Atlassian heeft de updates verwerkt in de eigen producten.
Oplossingen
Atlassian heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.
Kans
medium
Schade
high
CWE-755
Improper Handling of Exceptional Conditions
CWE-347
Improper Verification of Cryptographic Signature
CWE-1050
Excessive Platform Resource Consumption within a Loop
CWE-23
Relative Path Traversal
CWE-1333
Inefficient Regular Expression Complexity
CWE-1321
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
CWE-400
Uncontrolled Resource Consumption
CWE-770
Allocation of Resources Without Limits or Throttling
CWE-502
Deserialization of Untrusted Data
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
CWE-20
Improper Input Validation
{ document: { category: "csaf_security_advisory", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", }, }, lang: "nl", notes: [ { category: "legal_disclaimer", text: "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.", }, { category: "description", text: "Atlassian heeft kwetsbaarheden verholpen in diverse producten als Jira, Bamboo en Confluence.", title: "Feiten", }, { category: "description", text: "De kwetsbaarheden bevinden zich in verschillende third party componenten van ontwikkelaars zoals Oracle, RedHat en het Apache consortium. Deze kwetsbaarheden kunnen leiden tot geheugenuitputting en Denial-of-Service (DoS) door onjuiste invoerbeperkingen. Aanvallers kunnen deze kwetsbaarheden misbruiken door speciaal vervaardigde verzoeken te sturen, wat kan resulteren in systeeminstabiliteit en crashes.\nVoor de kwetsbaarheden zijn door de diverse ontwikkelaars updates uitgebracht om ze te verhelpen. Atlassian heeft de updates verwerkt in de eigen producten.", title: "Interpretaties", }, { category: "description", text: "Atlassian heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.", title: "Oplossingen", }, { category: "general", text: "medium", title: "Kans", }, { category: "general", text: "high", title: "Schade", }, { category: "general", text: "Improper Handling of Exceptional Conditions", title: "CWE-755", }, { category: "general", text: "Improper Verification of Cryptographic Signature", title: "CWE-347", }, { category: "general", text: "Excessive Platform Resource Consumption within a Loop", title: "CWE-1050", }, { category: "general", text: "Relative Path Traversal", title: "CWE-23", }, { category: "general", text: "Inefficient Regular Expression Complexity", title: "CWE-1333", }, { category: "general", text: "Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')", title: "CWE-1321", }, { category: "general", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, { category: "general", text: "Allocation of Resources Without Limits or Throttling", title: "CWE-770", }, { category: "general", text: "Deserialization of Untrusted Data", title: "CWE-502", }, { category: "general", text: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", title: "CWE-22", }, { category: "general", text: "Loop with Unreachable Exit Condition ('Infinite Loop')", title: "CWE-835", }, { category: "general", text: "Improper Input Validation", title: "CWE-20", }, ], publisher: { category: "coordinator", contact_details: "cert@ncsc.nl", name: "Nationaal Cyber Security Centrum", namespace: "https://www.ncsc.nl/", }, references: [ { category: "external", summary: "Reference - certbundde", url: "https://confluence.atlassian.com/security/security-bulletin-november-19-2024-1456179091.html", }, ], title: "Kwetsbaarheden verholpen in Atlassian producten", tracking: { current_release_date: "2024-12-06T13:05:55.904619Z", id: "NCSC-2024-0466", initial_release_date: "2024-12-06T13:05:55.904619Z", revision_history: [ { date: "2024-12-06T13:05:55.904619Z", number: "0", summary: "Initiele versie", }, ], status: "final", version: "1.0.0", }, }, product_tree: { branches: [ { branches: [ { category: "product_name", name: "atlassian_bamboo__10.0.0", product: { name: "atlassian_bamboo__10.0.0", product_id: "CSAFPID-1645374", product_identification_helper: { cpe: "cpe:2.3:a:atlassian:atlassian_bamboo__10.0.0:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "atlassian_bamboo__9.2.17", product: { name: "atlassian_bamboo__9.2.17", product_id: "CSAFPID-1621163", product_identification_helper: { cpe: "cpe:2.3:a:atlassian:atlassian_bamboo__9.2.17:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "atlassian_bamboo__9.6.4", product: { name: "atlassian_bamboo__9.6.4", product_id: "CSAFPID-1645371", product_identification_helper: { cpe: "cpe:2.3:a:atlassian:atlassian_bamboo__9.6.4:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "atlassian_bitbucket__8.19.9", product: { name: "atlassian_bitbucket__8.19.9", product_id: "CSAFPID-1645370", product_identification_helper: { cpe: "cpe:2.3:a:atlassian:atlassian_bitbucket__8.19.9:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "atlassian_bitbucket__8.9.19", product: { name: "atlassian_bitbucket__8.9.19", product_id: "CSAFPID-1645373", product_identification_helper: { cpe: "cpe:2.3:a:atlassian:atlassian_bitbucket__8.9.19:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "atlassian_bitbucket__9.0.0", product: { name: "atlassian_bitbucket__9.0.0", product_id: "CSAFPID-1645372", product_identification_helper: { cpe: "cpe:2.3:a:atlassian:atlassian_bitbucket__9.0.0:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "atlassian_confluence__7.19.26", product: { name: "atlassian_confluence__7.19.26", product_id: "CSAFPID-1621160", product_identification_helper: { cpe: "cpe:2.3:a:atlassian:atlassian_confluence__7.19.26:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "atlassian_confluence__7.19.26__lts_", product: { name: "atlassian_confluence__7.19.26__lts_", product_id: "CSAFPID-1621135", product_identification_helper: { cpe: "cpe:2.3:a:atlassian:atlassian_confluence__7.19.26__lts_:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "atlassian_confluence__8.5.12", product: { name: "atlassian_confluence__8.5.12", product_id: "CSAFPID-1645510", product_identification_helper: { cpe: "cpe:2.3:a:atlassian:atlassian_confluence__8.5.12:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "atlassian_confluence__8.5.14__lts_", product: { name: "atlassian_confluence__8.5.14__lts_", product_id: "CSAFPID-1621133", product_identification_helper: { cpe: "cpe:2.3:a:atlassian:atlassian_confluence__8.5.14__lts_:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "atlassian_confluence__8.9.4", product: { name: "atlassian_confluence__8.9.4", product_id: "CSAFPID-1645509", product_identification_helper: { cpe: "cpe:2.3:a:atlassian:atlassian_confluence__8.9.4:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "atlassian_confluence__9.0.1", product: { name: "atlassian_confluence__9.0.1", product_id: "CSAFPID-1621161", product_identification_helper: { cpe: "cpe:2.3:a:atlassian:atlassian_confluence__9.0.1:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "atlassian_confluence_data_center__9.0.1", product: { name: "atlassian_confluence_data_center__9.0.1", product_id: "CSAFPID-1621140", product_identification_helper: { cpe: "cpe:2.3:a:atlassian:atlassian_confluence_data_center__9.0.1:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "atlassian_jira_software__9.12.12__lts_", product: { name: "atlassian_jira_software__9.12.12__lts_", product_id: "CSAFPID-1621142", product_identification_helper: { cpe: "cpe:2.3:a:atlassian:atlassian_jira_software__9.12.12__lts_:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "atlassian_jira_software__9.4.25__lts_", product: { name: "atlassian_jira_software__9.4.25__lts_", product_id: "CSAFPID-1621143", product_identification_helper: { cpe: "cpe:2.3:a:atlassian:atlassian_jira_software__9.4.25__lts_:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "atlassian_jira_software_data_center__9.17.1", product: { name: "atlassian_jira_software_data_center__9.17.1", product_id: "CSAFPID-1621141", product_identification_helper: { cpe: "cpe:2.3:a:atlassian:atlassian_jira_software_data_center__9.17.1:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "atlassian_jira_software_service_management__5.12.12__lts_", product: { name: "atlassian_jira_software_service_management__5.12.12__lts_", product_id: "CSAFPID-1621138", product_identification_helper: { cpe: "cpe:2.3:a:atlassian:atlassian_jira_software_service_management__5.12.12__lts_:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "atlassian_jira_software_service_management__5.4.25__lts_", product: { name: "atlassian_jira_software_service_management__5.4.25__lts_", product_id: "CSAFPID-1621139", product_identification_helper: { cpe: "cpe:2.3:a:atlassian:atlassian_jira_software_service_management__5.4.25__lts_:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "atlassian_jira_software_service_management_data_center__5.17.1", product: { name: "atlassian_jira_software_service_management_data_center__5.17.1", product_id: "CSAFPID-1621137", product_identification_helper: { cpe: "cpe:2.3:a:atlassian:atlassian_jira_software_service_management_data_center__5.17.1:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "bamboo", product: { name: "bamboo", product_id: "CSAFPID-716889", product_identification_helper: { cpe: "cpe:2.3:a:atlassian:bamboo:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "bitbucket", product: { name: "bitbucket", product_id: "CSAFPID-1725084", product_identification_helper: { cpe: "cpe:2.3:a:atlassian:bitbucket:-:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "confluence", product: { name: "confluence", product_id: "CSAFPID-551338", product_identification_helper: { cpe: "cpe:2.3:a:atlassian:confluence:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "jira_software", product: { name: "jira_software", product_id: "CSAFPID-1725085", product_identification_helper: { cpe: "cpe:2.3:a:atlassian:jira_software:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "sourcetree", product: { name: "sourcetree", product_id: "CSAFPID-1724900", product_identification_helper: { cpe: "cpe:2.3:a:atlassian:sourcetree:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "sourcetree", product: { name: "sourcetree", product_id: "CSAFPID-1725556", product_identification_helper: { cpe: "cpe:2.3:a:atlassian:sourcetree:*:*:*:*:*:macos:*:*", }, }, }, { category: "product_name", name: "sourcetree", product: { name: "sourcetree", product_id: "CSAFPID-1725557", product_identification_helper: { cpe: "cpe:2.3:a:atlassian:sourcetree:*:*:*:*:*:windows:*:*", }, }, }, { category: "product_name", name: "sourcetree_for_mac", product: { name: "sourcetree_for_mac", product_id: "CSAFPID-1724286", product_identification_helper: { cpe: "cpe:2.3:a:atlassian:sourcetree_for_mac:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "sourcetree_for_windows", product: { name: "sourcetree_for_windows", product_id: "CSAFPID-1724287", product_identification_helper: { cpe: "cpe:2.3:a:atlassian:sourcetree_for_windows:*:*:*:*:*:*:*:*", }, }, }, ], category: "vendor", name: "atlassian", }, ], }, vulnerabilities: [ { cve: "CVE-2022-38900", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "other", text: "Improper Input Validation", title: "CWE-20", }, ], product_status: { known_affected: [ "CSAFPID-551338", ], }, references: [ { category: "self", summary: "CVE-2022-38900", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-38900.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-551338", ], }, ], title: "CVE-2022-38900", }, { cve: "CVE-2023-46234", cwe: { id: "CWE-347", name: "Improper Verification of Cryptographic Signature", }, notes: [ { category: "other", text: "Improper Verification of Cryptographic Signature", title: "CWE-347", }, ], product_status: { known_affected: [ "CSAFPID-551338", ], }, references: [ { category: "self", summary: "CVE-2023-46234", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-46234.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "CSAFPID-551338", ], }, ], title: "CVE-2023-46234", }, { cve: "CVE-2023-52428", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, { category: "other", text: "Allocation of Resources Without Limits or Throttling", title: "CWE-770", }, ], product_status: { known_affected: [ "CSAFPID-551338", "CSAFPID-1725085", "CSAFPID-716889", ], }, references: [ { category: "self", summary: "CVE-2023-52428", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-52428.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-551338", "CSAFPID-1725085", "CSAFPID-716889", ], }, ], title: "CVE-2023-52428", }, { cve: "CVE-2024-4068", cwe: { id: "CWE-1050", name: "Excessive Platform Resource Consumption within a Loop", }, notes: [ { category: "other", text: "Excessive Platform Resource Consumption within a Loop", title: "CWE-1050", }, { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], product_status: { known_affected: [ "CSAFPID-551338", ], }, references: [ { category: "self", summary: "CVE-2024-4068", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4068.json", }, ], title: "CVE-2024-4068", }, { cve: "CVE-2024-21697", product_status: { known_affected: [ "CSAFPID-1724286", "CSAFPID-1724287", "CSAFPID-1725556", "CSAFPID-1725557", ], }, references: [ { category: "self", summary: "CVE-2024-21697", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21697.json", }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "CSAFPID-1724286", "CSAFPID-1724287", "CSAFPID-1725556", "CSAFPID-1725557", ], }, ], title: "CVE-2024-21697", }, { cve: "CVE-2024-24549", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "other", text: "Improper Input Validation", title: "CWE-20", }, ], product_status: { known_affected: [ "CSAFPID-1725084", "CSAFPID-551338", ], }, references: [ { category: "self", summary: "CVE-2024-24549", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-24549.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1725084", "CSAFPID-551338", ], }, ], title: "CVE-2024-24549", }, { cve: "CVE-2024-30172", cwe: { id: "CWE-835", name: "Loop with Unreachable Exit Condition ('Infinite Loop')", }, notes: [ { category: "other", text: "Loop with Unreachable Exit Condition ('Infinite Loop')", title: "CWE-835", }, ], product_status: { known_affected: [ "CSAFPID-1621160", "CSAFPID-1621161", "CSAFPID-1645509", "CSAFPID-1645510", "CSAFPID-551338", "CSAFPID-1725084", ], }, references: [ { category: "self", summary: "CVE-2024-30172", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-30172.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1621160", "CSAFPID-1621161", "CSAFPID-1645509", "CSAFPID-1645510", "CSAFPID-551338", "CSAFPID-1725084", ], }, ], title: "CVE-2024-30172", }, { cve: "CVE-2024-34750", cwe: { id: "CWE-755", name: "Improper Handling of Exceptional Conditions", }, notes: [ { category: "other", text: "Improper Handling of Exceptional Conditions", title: "CWE-755", }, { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], product_status: { known_affected: [ "CSAFPID-1621133", "CSAFPID-1621135", "CSAFPID-1621137", "CSAFPID-1621138", "CSAFPID-1621139", "CSAFPID-1621140", "CSAFPID-1621141", "CSAFPID-1621142", "CSAFPID-1621143", "CSAFPID-1621163", "CSAFPID-1645370", "CSAFPID-1645371", "CSAFPID-1645372", "CSAFPID-1645373", "CSAFPID-1645374", ], }, references: [ { category: "self", summary: "CVE-2024-34750", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-34750.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1621133", "CSAFPID-1621135", "CSAFPID-1621137", "CSAFPID-1621138", "CSAFPID-1621139", "CSAFPID-1621140", "CSAFPID-1621141", "CSAFPID-1621142", "CSAFPID-1621143", "CSAFPID-1621163", "CSAFPID-1645370", "CSAFPID-1645371", "CSAFPID-1645372", "CSAFPID-1645373", "CSAFPID-1645374", ], }, ], title: "CVE-2024-34750", }, { cve: "CVE-2024-38286", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, { category: "other", text: "Allocation of Resources Without Limits or Throttling", title: "CWE-770", }, ], references: [ { category: "self", summary: "CVE-2024-38286", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38286.json", }, ], title: "CVE-2024-38286", }, { cve: "CVE-2024-38816", cwe: { id: "CWE-22", name: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", }, notes: [ { category: "other", text: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", title: "CWE-22", }, { category: "other", text: "Relative Path Traversal", title: "CWE-23", }, ], product_status: { known_affected: [ "CSAFPID-551338", "CSAFPID-716889", ], }, references: [ { category: "self", summary: "CVE-2024-38816", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38816.json", }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "CSAFPID-551338", "CSAFPID-716889", ], }, ], title: "CVE-2024-38816", }, { cve: "CVE-2024-45801", cwe: { id: "CWE-1333", name: "Inefficient Regular Expression Complexity", }, notes: [ { category: "other", text: "Inefficient Regular Expression Complexity", title: "CWE-1333", }, { category: "other", text: "Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')", title: "CWE-1321", }, ], product_status: { known_affected: [ "CSAFPID-1725085", ], }, references: [ { category: "self", summary: "CVE-2024-45801", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45801.json", }, ], scores: [ { cvss_v3: { baseScore: 7.3, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "CSAFPID-1725085", ], }, ], title: "CVE-2024-45801", }, { cve: "CVE-2024-47561", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, notes: [ { category: "other", text: "Deserialization of Untrusted Data", title: "CWE-502", }, ], product_status: { known_affected: [ "CSAFPID-716889", ], }, references: [ { category: "self", summary: "CVE-2024-47561", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-47561.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-716889", ], }, ], title: "CVE-2024-47561", }, ], }
ncsc-2024-0466
Vulnerability from csaf_ncscnl
Published
2024-12-06 13:05
Modified
2024-12-06 13:05
Summary
Kwetsbaarheden verholpen in Atlassian producten
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten
Atlassian heeft kwetsbaarheden verholpen in diverse producten als Jira, Bamboo en Confluence.
Interpretaties
De kwetsbaarheden bevinden zich in verschillende third party componenten van ontwikkelaars zoals Oracle, RedHat en het Apache consortium. Deze kwetsbaarheden kunnen leiden tot geheugenuitputting en Denial-of-Service (DoS) door onjuiste invoerbeperkingen. Aanvallers kunnen deze kwetsbaarheden misbruiken door speciaal vervaardigde verzoeken te sturen, wat kan resulteren in systeeminstabiliteit en crashes.
Voor de kwetsbaarheden zijn door de diverse ontwikkelaars updates uitgebracht om ze te verhelpen. Atlassian heeft de updates verwerkt in de eigen producten.
Oplossingen
Atlassian heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.
Kans
medium
Schade
high
CWE-755
Improper Handling of Exceptional Conditions
CWE-347
Improper Verification of Cryptographic Signature
CWE-1050
Excessive Platform Resource Consumption within a Loop
CWE-23
Relative Path Traversal
CWE-1333
Inefficient Regular Expression Complexity
CWE-1321
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
CWE-400
Uncontrolled Resource Consumption
CWE-770
Allocation of Resources Without Limits or Throttling
CWE-502
Deserialization of Untrusted Data
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
CWE-20
Improper Input Validation
{ document: { category: "csaf_security_advisory", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", }, }, lang: "nl", notes: [ { category: "legal_disclaimer", text: "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.", }, { category: "description", text: "Atlassian heeft kwetsbaarheden verholpen in diverse producten als Jira, Bamboo en Confluence.", title: "Feiten", }, { category: "description", text: "De kwetsbaarheden bevinden zich in verschillende third party componenten van ontwikkelaars zoals Oracle, RedHat en het Apache consortium. Deze kwetsbaarheden kunnen leiden tot geheugenuitputting en Denial-of-Service (DoS) door onjuiste invoerbeperkingen. Aanvallers kunnen deze kwetsbaarheden misbruiken door speciaal vervaardigde verzoeken te sturen, wat kan resulteren in systeeminstabiliteit en crashes.\nVoor de kwetsbaarheden zijn door de diverse ontwikkelaars updates uitgebracht om ze te verhelpen. Atlassian heeft de updates verwerkt in de eigen producten.", title: "Interpretaties", }, { category: "description", text: "Atlassian heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.", title: "Oplossingen", }, { category: "general", text: "medium", title: "Kans", }, { category: "general", text: "high", title: "Schade", }, { category: "general", text: "Improper Handling of Exceptional Conditions", title: "CWE-755", }, { category: "general", text: "Improper Verification of Cryptographic Signature", title: "CWE-347", }, { category: "general", text: "Excessive Platform Resource Consumption within a Loop", title: "CWE-1050", }, { category: "general", text: "Relative Path Traversal", title: "CWE-23", }, { category: "general", text: "Inefficient Regular Expression Complexity", title: "CWE-1333", }, { category: "general", text: "Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')", title: "CWE-1321", }, { category: "general", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, { category: "general", text: "Allocation of Resources Without Limits or Throttling", title: "CWE-770", }, { category: "general", text: "Deserialization of Untrusted Data", title: "CWE-502", }, { category: "general", text: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", title: "CWE-22", }, { category: "general", text: "Loop with Unreachable Exit Condition ('Infinite Loop')", title: "CWE-835", }, { category: "general", text: "Improper Input Validation", title: "CWE-20", }, ], publisher: { category: "coordinator", contact_details: "cert@ncsc.nl", name: "Nationaal Cyber Security Centrum", namespace: "https://www.ncsc.nl/", }, references: [ { category: "external", summary: "Reference - certbundde", url: "https://confluence.atlassian.com/security/security-bulletin-november-19-2024-1456179091.html", }, ], title: "Kwetsbaarheden verholpen in Atlassian producten", tracking: { current_release_date: "2024-12-06T13:05:55.904619Z", id: "NCSC-2024-0466", initial_release_date: "2024-12-06T13:05:55.904619Z", revision_history: [ { date: "2024-12-06T13:05:55.904619Z", number: "0", summary: "Initiele versie", }, ], status: "final", version: "1.0.0", }, }, product_tree: { branches: [ { branches: [ { category: "product_name", name: "atlassian_bamboo__10.0.0", product: { name: "atlassian_bamboo__10.0.0", product_id: "CSAFPID-1645374", product_identification_helper: { cpe: "cpe:2.3:a:atlassian:atlassian_bamboo__10.0.0:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "atlassian_bamboo__9.2.17", product: { name: "atlassian_bamboo__9.2.17", product_id: "CSAFPID-1621163", product_identification_helper: { cpe: "cpe:2.3:a:atlassian:atlassian_bamboo__9.2.17:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "atlassian_bamboo__9.6.4", product: { name: "atlassian_bamboo__9.6.4", product_id: "CSAFPID-1645371", product_identification_helper: { cpe: "cpe:2.3:a:atlassian:atlassian_bamboo__9.6.4:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "atlassian_bitbucket__8.19.9", product: { name: "atlassian_bitbucket__8.19.9", product_id: "CSAFPID-1645370", product_identification_helper: { cpe: "cpe:2.3:a:atlassian:atlassian_bitbucket__8.19.9:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "atlassian_bitbucket__8.9.19", product: { name: "atlassian_bitbucket__8.9.19", product_id: "CSAFPID-1645373", product_identification_helper: { cpe: "cpe:2.3:a:atlassian:atlassian_bitbucket__8.9.19:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "atlassian_bitbucket__9.0.0", product: { name: "atlassian_bitbucket__9.0.0", product_id: "CSAFPID-1645372", product_identification_helper: { cpe: "cpe:2.3:a:atlassian:atlassian_bitbucket__9.0.0:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "atlassian_confluence__7.19.26", product: { name: "atlassian_confluence__7.19.26", product_id: "CSAFPID-1621160", product_identification_helper: { cpe: "cpe:2.3:a:atlassian:atlassian_confluence__7.19.26:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "atlassian_confluence__7.19.26__lts_", product: { name: "atlassian_confluence__7.19.26__lts_", product_id: "CSAFPID-1621135", product_identification_helper: { cpe: "cpe:2.3:a:atlassian:atlassian_confluence__7.19.26__lts_:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "atlassian_confluence__8.5.12", product: { name: "atlassian_confluence__8.5.12", product_id: "CSAFPID-1645510", product_identification_helper: { cpe: "cpe:2.3:a:atlassian:atlassian_confluence__8.5.12:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "atlassian_confluence__8.5.14__lts_", product: { name: "atlassian_confluence__8.5.14__lts_", product_id: "CSAFPID-1621133", product_identification_helper: { cpe: "cpe:2.3:a:atlassian:atlassian_confluence__8.5.14__lts_:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "atlassian_confluence__8.9.4", product: { name: "atlassian_confluence__8.9.4", product_id: "CSAFPID-1645509", product_identification_helper: { cpe: "cpe:2.3:a:atlassian:atlassian_confluence__8.9.4:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "atlassian_confluence__9.0.1", product: { name: "atlassian_confluence__9.0.1", product_id: "CSAFPID-1621161", product_identification_helper: { cpe: "cpe:2.3:a:atlassian:atlassian_confluence__9.0.1:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "atlassian_confluence_data_center__9.0.1", product: { name: "atlassian_confluence_data_center__9.0.1", product_id: "CSAFPID-1621140", product_identification_helper: { cpe: "cpe:2.3:a:atlassian:atlassian_confluence_data_center__9.0.1:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "atlassian_jira_software__9.12.12__lts_", product: { name: "atlassian_jira_software__9.12.12__lts_", product_id: "CSAFPID-1621142", product_identification_helper: { cpe: "cpe:2.3:a:atlassian:atlassian_jira_software__9.12.12__lts_:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "atlassian_jira_software__9.4.25__lts_", product: { name: "atlassian_jira_software__9.4.25__lts_", product_id: "CSAFPID-1621143", product_identification_helper: { cpe: "cpe:2.3:a:atlassian:atlassian_jira_software__9.4.25__lts_:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "atlassian_jira_software_data_center__9.17.1", product: { name: "atlassian_jira_software_data_center__9.17.1", product_id: "CSAFPID-1621141", product_identification_helper: { cpe: "cpe:2.3:a:atlassian:atlassian_jira_software_data_center__9.17.1:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "atlassian_jira_software_service_management__5.12.12__lts_", product: { name: "atlassian_jira_software_service_management__5.12.12__lts_", product_id: "CSAFPID-1621138", product_identification_helper: { cpe: "cpe:2.3:a:atlassian:atlassian_jira_software_service_management__5.12.12__lts_:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "atlassian_jira_software_service_management__5.4.25__lts_", product: { name: "atlassian_jira_software_service_management__5.4.25__lts_", product_id: "CSAFPID-1621139", product_identification_helper: { cpe: "cpe:2.3:a:atlassian:atlassian_jira_software_service_management__5.4.25__lts_:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "atlassian_jira_software_service_management_data_center__5.17.1", product: { name: "atlassian_jira_software_service_management_data_center__5.17.1", product_id: "CSAFPID-1621137", product_identification_helper: { cpe: "cpe:2.3:a:atlassian:atlassian_jira_software_service_management_data_center__5.17.1:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "bamboo", product: { name: "bamboo", product_id: "CSAFPID-716889", product_identification_helper: { cpe: "cpe:2.3:a:atlassian:bamboo:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "bitbucket", product: { name: "bitbucket", product_id: "CSAFPID-1725084", product_identification_helper: { cpe: "cpe:2.3:a:atlassian:bitbucket:-:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "confluence", product: { name: "confluence", product_id: "CSAFPID-551338", product_identification_helper: { cpe: "cpe:2.3:a:atlassian:confluence:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "jira_software", product: { name: "jira_software", product_id: "CSAFPID-1725085", product_identification_helper: { cpe: "cpe:2.3:a:atlassian:jira_software:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "sourcetree", product: { name: "sourcetree", product_id: "CSAFPID-1724900", product_identification_helper: { cpe: "cpe:2.3:a:atlassian:sourcetree:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "sourcetree", product: { name: "sourcetree", product_id: "CSAFPID-1725556", product_identification_helper: { cpe: "cpe:2.3:a:atlassian:sourcetree:*:*:*:*:*:macos:*:*", }, }, }, { category: "product_name", name: "sourcetree", product: { name: "sourcetree", product_id: "CSAFPID-1725557", product_identification_helper: { cpe: "cpe:2.3:a:atlassian:sourcetree:*:*:*:*:*:windows:*:*", }, }, }, { category: "product_name", name: "sourcetree_for_mac", product: { name: "sourcetree_for_mac", product_id: "CSAFPID-1724286", product_identification_helper: { cpe: "cpe:2.3:a:atlassian:sourcetree_for_mac:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "sourcetree_for_windows", product: { name: "sourcetree_for_windows", product_id: "CSAFPID-1724287", product_identification_helper: { cpe: "cpe:2.3:a:atlassian:sourcetree_for_windows:*:*:*:*:*:*:*:*", }, }, }, ], category: "vendor", name: "atlassian", }, ], }, vulnerabilities: [ { cve: "CVE-2022-38900", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "other", text: "Improper Input Validation", title: "CWE-20", }, ], product_status: { known_affected: [ "CSAFPID-551338", ], }, references: [ { category: "self", summary: "CVE-2022-38900", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-38900.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-551338", ], }, ], title: "CVE-2022-38900", }, { cve: "CVE-2023-46234", cwe: { id: "CWE-347", name: "Improper Verification of Cryptographic Signature", }, notes: [ { category: "other", text: "Improper Verification of Cryptographic Signature", title: "CWE-347", }, ], product_status: { known_affected: [ "CSAFPID-551338", ], }, references: [ { category: "self", summary: "CVE-2023-46234", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-46234.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "CSAFPID-551338", ], }, ], title: "CVE-2023-46234", }, { cve: "CVE-2023-52428", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, { category: "other", text: "Allocation of Resources Without Limits or Throttling", title: "CWE-770", }, ], product_status: { known_affected: [ "CSAFPID-551338", "CSAFPID-1725085", "CSAFPID-716889", ], }, references: [ { category: "self", summary: "CVE-2023-52428", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-52428.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-551338", "CSAFPID-1725085", "CSAFPID-716889", ], }, ], title: "CVE-2023-52428", }, { cve: "CVE-2024-4068", cwe: { id: "CWE-1050", name: "Excessive Platform Resource Consumption within a Loop", }, notes: [ { category: "other", text: "Excessive Platform Resource Consumption within a Loop", title: "CWE-1050", }, { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], product_status: { known_affected: [ "CSAFPID-551338", ], }, references: [ { category: "self", summary: "CVE-2024-4068", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4068.json", }, ], title: "CVE-2024-4068", }, { cve: "CVE-2024-21697", product_status: { known_affected: [ "CSAFPID-1724286", "CSAFPID-1724287", "CSAFPID-1725556", "CSAFPID-1725557", ], }, references: [ { category: "self", summary: "CVE-2024-21697", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21697.json", }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "CSAFPID-1724286", "CSAFPID-1724287", "CSAFPID-1725556", "CSAFPID-1725557", ], }, ], title: "CVE-2024-21697", }, { cve: "CVE-2024-24549", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "other", text: "Improper Input Validation", title: "CWE-20", }, ], product_status: { known_affected: [ "CSAFPID-1725084", "CSAFPID-551338", ], }, references: [ { category: "self", summary: "CVE-2024-24549", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-24549.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1725084", "CSAFPID-551338", ], }, ], title: "CVE-2024-24549", }, { cve: "CVE-2024-30172", cwe: { id: "CWE-835", name: "Loop with Unreachable Exit Condition ('Infinite Loop')", }, notes: [ { category: "other", text: "Loop with Unreachable Exit Condition ('Infinite Loop')", title: "CWE-835", }, ], product_status: { known_affected: [ "CSAFPID-1621160", "CSAFPID-1621161", "CSAFPID-1645509", "CSAFPID-1645510", "CSAFPID-551338", "CSAFPID-1725084", ], }, references: [ { category: "self", summary: "CVE-2024-30172", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-30172.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1621160", "CSAFPID-1621161", "CSAFPID-1645509", "CSAFPID-1645510", "CSAFPID-551338", "CSAFPID-1725084", ], }, ], title: "CVE-2024-30172", }, { cve: "CVE-2024-34750", cwe: { id: "CWE-755", name: "Improper Handling of Exceptional Conditions", }, notes: [ { category: "other", text: "Improper Handling of Exceptional Conditions", title: "CWE-755", }, { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], product_status: { known_affected: [ "CSAFPID-1621133", "CSAFPID-1621135", "CSAFPID-1621137", "CSAFPID-1621138", "CSAFPID-1621139", "CSAFPID-1621140", "CSAFPID-1621141", "CSAFPID-1621142", "CSAFPID-1621143", "CSAFPID-1621163", "CSAFPID-1645370", "CSAFPID-1645371", "CSAFPID-1645372", "CSAFPID-1645373", "CSAFPID-1645374", ], }, references: [ { category: "self", summary: "CVE-2024-34750", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-34750.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1621133", "CSAFPID-1621135", "CSAFPID-1621137", "CSAFPID-1621138", "CSAFPID-1621139", "CSAFPID-1621140", "CSAFPID-1621141", "CSAFPID-1621142", "CSAFPID-1621143", "CSAFPID-1621163", "CSAFPID-1645370", "CSAFPID-1645371", "CSAFPID-1645372", "CSAFPID-1645373", "CSAFPID-1645374", ], }, ], title: "CVE-2024-34750", }, { cve: "CVE-2024-38286", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, { category: "other", text: "Allocation of Resources Without Limits or Throttling", title: "CWE-770", }, ], references: [ { category: "self", summary: "CVE-2024-38286", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38286.json", }, ], title: "CVE-2024-38286", }, { cve: "CVE-2024-38816", cwe: { id: "CWE-22", name: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", }, notes: [ { category: "other", text: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", title: "CWE-22", }, { category: "other", text: "Relative Path Traversal", title: "CWE-23", }, ], product_status: { known_affected: [ "CSAFPID-551338", "CSAFPID-716889", ], }, references: [ { category: "self", summary: "CVE-2024-38816", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38816.json", }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "CSAFPID-551338", "CSAFPID-716889", ], }, ], title: "CVE-2024-38816", }, { cve: "CVE-2024-45801", cwe: { id: "CWE-1333", name: "Inefficient Regular Expression Complexity", }, notes: [ { category: "other", text: "Inefficient Regular Expression Complexity", title: "CWE-1333", }, { category: "other", text: "Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')", title: "CWE-1321", }, ], product_status: { known_affected: [ "CSAFPID-1725085", ], }, references: [ { category: "self", summary: "CVE-2024-45801", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45801.json", }, ], scores: [ { cvss_v3: { baseScore: 7.3, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "CSAFPID-1725085", ], }, ], title: "CVE-2024-45801", }, { cve: "CVE-2024-47561", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, notes: [ { category: "other", text: "Deserialization of Untrusted Data", title: "CWE-502", }, ], product_status: { known_affected: [ "CSAFPID-716889", ], }, references: [ { category: "self", summary: "CVE-2024-47561", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-47561.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-716889", ], }, ], title: "CVE-2024-47561", }, ], }
WID-SEC-W-2024-3508
Vulnerability from csaf_certbund
Published
2024-11-19 23:00
Modified
2024-11-19 23:00
Summary
Atlassian Confluence: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Confluence ist eine kommerzielle Wiki-Software.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Atlassian Confluence ausnutzen, um einen Denial of Service Angriff durchzuführen, vertrauliche Informationen preiszugeben und Sicherheitsmaßnahmen zu umgehen.
Betroffene Betriebssysteme
- Sonstiges
- UNIX
- Windows
{ document: { aggregate_severity: { text: "mittel", }, category: "csaf_base", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "de-DE", notes: [ { category: "legal_disclaimer", text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.", }, { category: "description", text: "Confluence ist eine kommerzielle Wiki-Software.", title: "Produktbeschreibung", }, { category: "summary", text: "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Atlassian Confluence ausnutzen, um einen Denial of Service Angriff durchzuführen, vertrauliche Informationen preiszugeben und Sicherheitsmaßnahmen zu umgehen.", title: "Angriff", }, { category: "general", text: "- Sonstiges\n- UNIX\n- Windows", title: "Betroffene Betriebssysteme", }, ], publisher: { category: "other", contact_details: "csaf-provider@cert-bund.de", name: "Bundesamt für Sicherheit in der Informationstechnik", namespace: "https://www.bsi.bund.de", }, references: [ { category: "self", summary: "WID-SEC-W-2024-3508 - CSAF Version", url: "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-3508.json", }, { category: "self", summary: "WID-SEC-2024-3508 - Portal Version", url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3508", }, { category: "external", summary: "Atlassian November 2024 Security Bulletin vom 2024-11-19", url: "https://confluence.atlassian.com/security/security-bulletin-november-19-2024-1456179091.html", }, ], source_lang: "en-US", title: "Atlassian Confluence: Mehrere Schwachstellen", tracking: { current_release_date: "2024-11-19T23:00:00.000+00:00", generator: { date: "2024-11-20T10:42:48.003+00:00", engine: { name: "BSI-WID", version: "1.3.8", }, }, id: "WID-SEC-W-2024-3508", initial_release_date: "2024-11-19T23:00:00.000+00:00", revision_history: [ { date: "2024-11-19T23:00:00.000+00:00", number: "1", summary: "Initiale Fassung", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version_range", name: "<9.1.1", product: { name: "Atlassian Confluence <9.1.1", product_id: "T039313", }, }, { category: "product_version", name: "9.1.1", product: { name: "Atlassian Confluence 9.1.1", product_id: "T039313-fixed", product_identification_helper: { cpe: "cpe:/a:atlassian:confluence:9.1.1", }, }, }, { category: "product_version_range", name: "<8.9.8", product: { name: "Atlassian Confluence <8.9.8", product_id: "T039314", }, }, { category: "product_version", name: "8.9.8", product: { name: "Atlassian Confluence 8.9.8", product_id: "T039314-fixed", product_identification_helper: { cpe: "cpe:/a:atlassian:confluence:8.9.8", }, }, }, { category: "product_version_range", name: "LTS <8.5.17", product: { name: "Atlassian Confluence LTS <8.5.17", product_id: "T039315", }, }, { category: "product_version", name: "LTS 8.5.17", product: { name: "Atlassian Confluence LTS 8.5.17", product_id: "T039315-fixed", product_identification_helper: { cpe: "cpe:/a:atlassian:confluence:lts__8.5.17", }, }, }, { category: "product_version_range", name: "LTS <7.19.29", product: { name: "Atlassian Confluence LTS <7.19.29", product_id: "T039316", }, }, { category: "product_version", name: "LTS 7.19.29", product: { name: "Atlassian Confluence LTS 7.19.29", product_id: "T039316-fixed", product_identification_helper: { cpe: "cpe:/a:atlassian:confluence:lts__7.19.29", }, }, }, ], category: "product_name", name: "Confluence", }, ], category: "vendor", name: "Atlassian", }, ], }, vulnerabilities: [ { cve: "CVE-2022-38900", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Atlassian Confluence. Diese Fehler betreffen mehrere Komponenten, darunter com.nimbusds, org.bouncycastle und tomcat-coyote. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen..", }, ], product_status: { known_affected: [ "T039315", "T039314", "T039316", "T039313", ], }, release_date: "2024-11-19T23:00:00.000+00:00", title: "CVE-2022-38900", }, { cve: "CVE-2023-52428", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Atlassian Confluence. Diese Fehler betreffen mehrere Komponenten, darunter com.nimbusds, org.bouncycastle und tomcat-coyote. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen..", }, ], product_status: { known_affected: [ "T039315", "T039314", "T039316", "T039313", ], }, release_date: "2024-11-19T23:00:00.000+00:00", title: "CVE-2023-52428", }, { cve: "CVE-2024-24549", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Atlassian Confluence. Diese Fehler betreffen mehrere Komponenten, darunter com.nimbusds, org.bouncycastle und tomcat-coyote. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen..", }, ], product_status: { known_affected: [ "T039315", "T039314", "T039316", "T039313", ], }, release_date: "2024-11-19T23:00:00.000+00:00", title: "CVE-2024-24549", }, { cve: "CVE-2024-30172", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Atlassian Confluence. Diese Fehler betreffen mehrere Komponenten, darunter com.nimbusds, org.bouncycastle und tomcat-coyote. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen..", }, ], product_status: { known_affected: [ "T039315", "T039314", "T039316", "T039313", ], }, release_date: "2024-11-19T23:00:00.000+00:00", title: "CVE-2024-30172", }, { cve: "CVE-2024-4068", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Atlassian Confluence. Diese Fehler betreffen mehrere Komponenten, darunter com.nimbusds, org.bouncycastle und tomcat-coyote. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen..", }, ], product_status: { known_affected: [ "T039315", "T039314", "T039316", "T039313", ], }, release_date: "2024-11-19T23:00:00.000+00:00", title: "CVE-2024-4068", }, { cve: "CVE-2023-46234", notes: [ { category: "description", text: "Es besteht eine Schwachstelle in Atlassian Confluence. Dieser Fehler besteht aufgrund einer unsachgemäßen Handhabung der kryptographischen Signaturüberprüfung. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um die Authentifizierung und Sitzungsverwaltung zu umgehen.", }, ], product_status: { known_affected: [ "T039315", "T039314", "T039316", "T039313", ], }, release_date: "2024-11-19T23:00:00.000+00:00", title: "CVE-2023-46234", }, { cve: "CVE-2024-38816", notes: [ { category: "description", text: "Es besteht eine Schwachstelle in Atlassian Confluence. Dieser Fehler betrifft spring-webmvc aufgrund eines Path Traversal Problems bei der Verwendung bestimmter Konfigurationen (RouterFunctions mit FileSystemResource). Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um vertrauliche Informationen offenzulegen.", }, ], product_status: { known_affected: [ "T039315", "T039314", "T039316", "T039313", ], }, release_date: "2024-11-19T23:00:00.000+00:00", title: "CVE-2024-38816", }, ], }
wid-sec-w-2024-3508
Vulnerability from csaf_certbund
Published
2024-11-19 23:00
Modified
2024-11-19 23:00
Summary
Atlassian Confluence: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Confluence ist eine kommerzielle Wiki-Software.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Atlassian Confluence ausnutzen, um einen Denial of Service Angriff durchzuführen, vertrauliche Informationen preiszugeben und Sicherheitsmaßnahmen zu umgehen.
Betroffene Betriebssysteme
- Sonstiges
- UNIX
- Windows
{ document: { aggregate_severity: { text: "mittel", }, category: "csaf_base", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "de-DE", notes: [ { category: "legal_disclaimer", text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.", }, { category: "description", text: "Confluence ist eine kommerzielle Wiki-Software.", title: "Produktbeschreibung", }, { category: "summary", text: "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Atlassian Confluence ausnutzen, um einen Denial of Service Angriff durchzuführen, vertrauliche Informationen preiszugeben und Sicherheitsmaßnahmen zu umgehen.", title: "Angriff", }, { category: "general", text: "- Sonstiges\n- UNIX\n- Windows", title: "Betroffene Betriebssysteme", }, ], publisher: { category: "other", contact_details: "csaf-provider@cert-bund.de", name: "Bundesamt für Sicherheit in der Informationstechnik", namespace: "https://www.bsi.bund.de", }, references: [ { category: "self", summary: "WID-SEC-W-2024-3508 - CSAF Version", url: "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-3508.json", }, { category: "self", summary: "WID-SEC-2024-3508 - Portal Version", url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3508", }, { category: "external", summary: "Atlassian November 2024 Security Bulletin vom 2024-11-19", url: "https://confluence.atlassian.com/security/security-bulletin-november-19-2024-1456179091.html", }, ], source_lang: "en-US", title: "Atlassian Confluence: Mehrere Schwachstellen", tracking: { current_release_date: "2024-11-19T23:00:00.000+00:00", generator: { date: "2024-11-20T10:42:48.003+00:00", engine: { name: "BSI-WID", version: "1.3.8", }, }, id: "WID-SEC-W-2024-3508", initial_release_date: "2024-11-19T23:00:00.000+00:00", revision_history: [ { date: "2024-11-19T23:00:00.000+00:00", number: "1", summary: "Initiale Fassung", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version_range", name: "<9.1.1", product: { name: "Atlassian Confluence <9.1.1", product_id: "T039313", }, }, { category: "product_version", name: "9.1.1", product: { name: "Atlassian Confluence 9.1.1", product_id: "T039313-fixed", product_identification_helper: { cpe: "cpe:/a:atlassian:confluence:9.1.1", }, }, }, { category: "product_version_range", name: "<8.9.8", product: { name: "Atlassian Confluence <8.9.8", product_id: "T039314", }, }, { category: "product_version", name: "8.9.8", product: { name: "Atlassian Confluence 8.9.8", product_id: "T039314-fixed", product_identification_helper: { cpe: "cpe:/a:atlassian:confluence:8.9.8", }, }, }, { category: "product_version_range", name: "LTS <8.5.17", product: { name: "Atlassian Confluence LTS <8.5.17", product_id: "T039315", }, }, { category: "product_version", name: "LTS 8.5.17", product: { name: "Atlassian Confluence LTS 8.5.17", product_id: "T039315-fixed", product_identification_helper: { cpe: "cpe:/a:atlassian:confluence:lts__8.5.17", }, }, }, { category: "product_version_range", name: "LTS <7.19.29", product: { name: "Atlassian Confluence LTS <7.19.29", product_id: "T039316", }, }, { category: "product_version", name: "LTS 7.19.29", product: { name: "Atlassian Confluence LTS 7.19.29", product_id: "T039316-fixed", product_identification_helper: { cpe: "cpe:/a:atlassian:confluence:lts__7.19.29", }, }, }, ], category: "product_name", name: "Confluence", }, ], category: "vendor", name: "Atlassian", }, ], }, vulnerabilities: [ { cve: "CVE-2022-38900", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Atlassian Confluence. Diese Fehler betreffen mehrere Komponenten, darunter com.nimbusds, org.bouncycastle und tomcat-coyote. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen..", }, ], product_status: { known_affected: [ "T039315", "T039314", "T039316", "T039313", ], }, release_date: "2024-11-19T23:00:00.000+00:00", title: "CVE-2022-38900", }, { cve: "CVE-2023-52428", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Atlassian Confluence. Diese Fehler betreffen mehrere Komponenten, darunter com.nimbusds, org.bouncycastle und tomcat-coyote. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen..", }, ], product_status: { known_affected: [ "T039315", "T039314", "T039316", "T039313", ], }, release_date: "2024-11-19T23:00:00.000+00:00", title: "CVE-2023-52428", }, { cve: "CVE-2024-24549", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Atlassian Confluence. Diese Fehler betreffen mehrere Komponenten, darunter com.nimbusds, org.bouncycastle und tomcat-coyote. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen..", }, ], product_status: { known_affected: [ "T039315", "T039314", "T039316", "T039313", ], }, release_date: "2024-11-19T23:00:00.000+00:00", title: "CVE-2024-24549", }, { cve: "CVE-2024-30172", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Atlassian Confluence. Diese Fehler betreffen mehrere Komponenten, darunter com.nimbusds, org.bouncycastle und tomcat-coyote. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen..", }, ], product_status: { known_affected: [ "T039315", "T039314", "T039316", "T039313", ], }, release_date: "2024-11-19T23:00:00.000+00:00", title: "CVE-2024-30172", }, { cve: "CVE-2024-4068", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Atlassian Confluence. Diese Fehler betreffen mehrere Komponenten, darunter com.nimbusds, org.bouncycastle und tomcat-coyote. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen..", }, ], product_status: { known_affected: [ "T039315", "T039314", "T039316", "T039313", ], }, release_date: "2024-11-19T23:00:00.000+00:00", title: "CVE-2024-4068", }, { cve: "CVE-2023-46234", notes: [ { category: "description", text: "Es besteht eine Schwachstelle in Atlassian Confluence. Dieser Fehler besteht aufgrund einer unsachgemäßen Handhabung der kryptographischen Signaturüberprüfung. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um die Authentifizierung und Sitzungsverwaltung zu umgehen.", }, ], product_status: { known_affected: [ "T039315", "T039314", "T039316", "T039313", ], }, release_date: "2024-11-19T23:00:00.000+00:00", title: "CVE-2023-46234", }, { cve: "CVE-2024-38816", notes: [ { category: "description", text: "Es besteht eine Schwachstelle in Atlassian Confluence. Dieser Fehler betrifft spring-webmvc aufgrund eines Path Traversal Problems bei der Verwendung bestimmter Konfigurationen (RouterFunctions mit FileSystemResource). Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um vertrauliche Informationen offenzulegen.", }, ], product_status: { known_affected: [ "T039315", "T039314", "T039316", "T039313", ], }, release_date: "2024-11-19T23:00:00.000+00:00", title: "CVE-2024-38816", }, ], }
WID-SEC-W-2023-2782
Vulnerability from csaf_certbund
Published
2023-10-30 23:00
Modified
2024-10-15 22:00
Summary
Red Hat OpenShift distributed tracing: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Red Hat OpenShift ist eine "Platform as a Service" (PaaS) Lösung zur Bereitstellung von Applikationen in der Cloud.
Angriff
Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Red Hat OpenShift distributed tracing ausnutzen, um Sicherheitsvorkehrungen zu umgehen.
Betroffene Betriebssysteme
- Linux
{ document: { aggregate_severity: { text: "mittel", }, category: "csaf_base", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "de-DE", notes: [ { category: "legal_disclaimer", text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.", }, { category: "description", text: "Red Hat OpenShift ist eine \"Platform as a Service\" (PaaS) Lösung zur Bereitstellung von Applikationen in der Cloud.", title: "Produktbeschreibung", }, { category: "summary", text: "Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Red Hat OpenShift distributed tracing ausnutzen, um Sicherheitsvorkehrungen zu umgehen.", title: "Angriff", }, { category: "general", text: "- Linux", title: "Betroffene Betriebssysteme", }, ], publisher: { category: "other", contact_details: "csaf-provider@cert-bund.de", name: "Bundesamt für Sicherheit in der Informationstechnik", namespace: "https://www.bsi.bund.de", }, references: [ { category: "self", summary: "WID-SEC-W-2023-2782 - CSAF Version", url: "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2782.json", }, { category: "self", summary: "WID-SEC-2023-2782 - Portal Version", url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2782", }, { category: "external", summary: "Fedora Security Advisory FEDORA-2024-5ECC250449 vom 2024-02-19", url: "https://bodhi.fedoraproject.org/updates/FEDORA-2024-5ecc250449", }, { category: "external", summary: "RedHat Security Advisory vom 2023-10-30", url: "https://access.redhat.com/errata/RHSA-2023:6180", }, { category: "external", summary: "RedHat Security Advisory vom 2023-10-30", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2246470", }, { category: "external", summary: "Ubuntu Security Notice USN-6800-1 vom 2024-05-30", url: "https://ubuntu.com/security/notices/USN-6800-1", }, { category: "external", summary: "Fedora Security Advisory FEDORA-EPEL-2024-78DF19AAF3 vom 2024-10-15", url: "https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-78df19aaf3", }, ], source_lang: "en-US", title: "Red Hat OpenShift distributed tracing: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen", tracking: { current_release_date: "2024-10-15T22:00:00.000+00:00", generator: { date: "2024-10-16T08:17:58.836+00:00", engine: { name: "BSI-WID", version: "1.3.8", }, }, id: "WID-SEC-W-2023-2782", initial_release_date: "2023-10-30T23:00:00.000+00:00", revision_history: [ { date: "2023-10-30T23:00:00.000+00:00", number: "1", summary: "Initiale Fassung", }, { date: "2023-11-08T23:00:00.000+00:00", number: "2", summary: "Anpassung im Text", }, { date: "2024-02-19T23:00:00.000+00:00", number: "3", summary: "Neue Updates von Fedora aufgenommen", }, { date: "2024-05-30T22:00:00.000+00:00", number: "4", summary: "Neue Updates von Ubuntu aufgenommen", }, { date: "2024-10-15T22:00:00.000+00:00", number: "5", summary: "Neue Updates von Fedora aufgenommen", }, ], status: "final", version: "5", }, }, product_tree: { branches: [ { branches: [ { category: "product_name", name: "Fedora Linux", product: { name: "Fedora Linux", product_id: "74185", product_identification_helper: { cpe: "cpe:/o:fedoraproject:fedora:-", }, }, }, ], category: "vendor", name: "Fedora", }, { branches: [ { branches: [ { category: "product_version_range", name: "<distributed tracing 2.9.0", product: { name: "Red Hat OpenShift <distributed tracing 2.9.0", product_id: "T031021", }, }, { category: "product_version", name: "distributed tracing 2.9.0", product: { name: "Red Hat OpenShift distributed tracing 2.9.0", product_id: "T031021-fixed", product_identification_helper: { cpe: "cpe:/a:redhat:openshift:distributed_tracing_2.9.0", }, }, }, ], category: "product_name", name: "OpenShift", }, ], category: "vendor", name: "Red Hat", }, { branches: [ { category: "product_name", name: "Ubuntu Linux", product: { name: "Ubuntu Linux", product_id: "T000126", product_identification_helper: { cpe: "cpe:/o:canonical:ubuntu_linux:-", }, }, }, ], category: "vendor", name: "Ubuntu", }, ], }, vulnerabilities: [ { cve: "CVE-2023-46234", notes: [ { category: "description", text: "Es besteht eine Schwachstelle in Red Hat OpenShift distributed tracing. Dieser Fehler besteht im browserify-sign Knotenpaket aufgrund einer unsachgemäßen Überprüfung der kryptografischen Signatur, die es ermöglicht, einen Signaturfälschungsangriff auszuführen, indem kryptografische Signaturen für DSA-Daten nicht korrekt überprüft werden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um Sicherheitsmaßnahmen zu umgehen und sich unbefugten Zugriff zu verschaffen.", }, ], product_status: { known_affected: [ "T000126", "T031021", "74185", ], }, release_date: "2023-10-30T23:00:00.000+00:00", title: "CVE-2023-46234", }, ], }
wid-sec-w-2023-2782
Vulnerability from csaf_certbund
Published
2023-10-30 23:00
Modified
2024-10-15 22:00
Summary
Red Hat OpenShift distributed tracing: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Red Hat OpenShift ist eine "Platform as a Service" (PaaS) Lösung zur Bereitstellung von Applikationen in der Cloud.
Angriff
Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Red Hat OpenShift distributed tracing ausnutzen, um Sicherheitsvorkehrungen zu umgehen.
Betroffene Betriebssysteme
- Linux
{ document: { aggregate_severity: { text: "mittel", }, category: "csaf_base", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "de-DE", notes: [ { category: "legal_disclaimer", text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.", }, { category: "description", text: "Red Hat OpenShift ist eine \"Platform as a Service\" (PaaS) Lösung zur Bereitstellung von Applikationen in der Cloud.", title: "Produktbeschreibung", }, { category: "summary", text: "Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Red Hat OpenShift distributed tracing ausnutzen, um Sicherheitsvorkehrungen zu umgehen.", title: "Angriff", }, { category: "general", text: "- Linux", title: "Betroffene Betriebssysteme", }, ], publisher: { category: "other", contact_details: "csaf-provider@cert-bund.de", name: "Bundesamt für Sicherheit in der Informationstechnik", namespace: "https://www.bsi.bund.de", }, references: [ { category: "self", summary: "WID-SEC-W-2023-2782 - CSAF Version", url: "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2782.json", }, { category: "self", summary: "WID-SEC-2023-2782 - Portal Version", url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2782", }, { category: "external", summary: "Fedora Security Advisory FEDORA-2024-5ECC250449 vom 2024-02-19", url: "https://bodhi.fedoraproject.org/updates/FEDORA-2024-5ecc250449", }, { category: "external", summary: "RedHat Security Advisory vom 2023-10-30", url: "https://access.redhat.com/errata/RHSA-2023:6180", }, { category: "external", summary: "RedHat Security Advisory vom 2023-10-30", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2246470", }, { category: "external", summary: "Ubuntu Security Notice USN-6800-1 vom 2024-05-30", url: "https://ubuntu.com/security/notices/USN-6800-1", }, { category: "external", summary: "Fedora Security Advisory FEDORA-EPEL-2024-78DF19AAF3 vom 2024-10-15", url: "https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-78df19aaf3", }, ], source_lang: "en-US", title: "Red Hat OpenShift distributed tracing: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen", tracking: { current_release_date: "2024-10-15T22:00:00.000+00:00", generator: { date: "2024-10-16T08:17:58.836+00:00", engine: { name: "BSI-WID", version: "1.3.8", }, }, id: "WID-SEC-W-2023-2782", initial_release_date: "2023-10-30T23:00:00.000+00:00", revision_history: [ { date: "2023-10-30T23:00:00.000+00:00", number: "1", summary: "Initiale Fassung", }, { date: "2023-11-08T23:00:00.000+00:00", number: "2", summary: "Anpassung im Text", }, { date: "2024-02-19T23:00:00.000+00:00", number: "3", summary: "Neue Updates von Fedora aufgenommen", }, { date: "2024-05-30T22:00:00.000+00:00", number: "4", summary: "Neue Updates von Ubuntu aufgenommen", }, { date: "2024-10-15T22:00:00.000+00:00", number: "5", summary: "Neue Updates von Fedora aufgenommen", }, ], status: "final", version: "5", }, }, product_tree: { branches: [ { branches: [ { category: "product_name", name: "Fedora Linux", product: { name: "Fedora Linux", product_id: "74185", product_identification_helper: { cpe: "cpe:/o:fedoraproject:fedora:-", }, }, }, ], category: "vendor", name: "Fedora", }, { branches: [ { branches: [ { category: "product_version_range", name: "<distributed tracing 2.9.0", product: { name: "Red Hat OpenShift <distributed tracing 2.9.0", product_id: "T031021", }, }, { category: "product_version", name: "distributed tracing 2.9.0", product: { name: "Red Hat OpenShift distributed tracing 2.9.0", product_id: "T031021-fixed", product_identification_helper: { cpe: "cpe:/a:redhat:openshift:distributed_tracing_2.9.0", }, }, }, ], category: "product_name", name: "OpenShift", }, ], category: "vendor", name: "Red Hat", }, { branches: [ { category: "product_name", name: "Ubuntu Linux", product: { name: "Ubuntu Linux", product_id: "T000126", product_identification_helper: { cpe: "cpe:/o:canonical:ubuntu_linux:-", }, }, }, ], category: "vendor", name: "Ubuntu", }, ], }, vulnerabilities: [ { cve: "CVE-2023-46234", notes: [ { category: "description", text: "Es besteht eine Schwachstelle in Red Hat OpenShift distributed tracing. Dieser Fehler besteht im browserify-sign Knotenpaket aufgrund einer unsachgemäßen Überprüfung der kryptografischen Signatur, die es ermöglicht, einen Signaturfälschungsangriff auszuführen, indem kryptografische Signaturen für DSA-Daten nicht korrekt überprüft werden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um Sicherheitsmaßnahmen zu umgehen und sich unbefugten Zugriff zu verschaffen.", }, ], product_status: { known_affected: [ "T000126", "T031021", "74185", ], }, release_date: "2023-10-30T23:00:00.000+00:00", title: "CVE-2023-46234", }, ], }
gsd-2023-46234
Vulnerability from gsd
Modified
2023-12-13 01:20
Details
browserify-sign is a package to duplicate the functionality of node's crypto public key functions, much of this is based on Fedor Indutny's work on indutny/tls.js. An upper bound check issue in `dsaVerify` function allows an attacker to construct signatures that can be successfully verified by any public key, thus leading to a signature forgery attack. All places in this project that involve DSA verification of user-input signatures will be affected by this vulnerability. This issue has been patched in version 4.2.2.
Aliases
Aliases
{ GSD: { alias: "CVE-2023-46234", id: "GSD-2023-46234", }, gsd: { metadata: { exploitCode: "unknown", remediation: "unknown", reportConfidence: "confirmed", type: "vulnerability", }, osvSchema: { aliases: [ "CVE-2023-46234", ], details: "browserify-sign is a package to duplicate the functionality of node's crypto public key functions, much of this is based on Fedor Indutny's work on indutny/tls.js. An upper bound check issue in `dsaVerify` function allows an attacker to construct signatures that can be successfully verified by any public key, thus leading to a signature forgery attack. All places in this project that involve DSA verification of user-input signatures will be affected by this vulnerability. This issue has been patched in version 4.2.2.\n", id: "GSD-2023-46234", modified: "2023-12-13T01:20:53.400557Z", schema_version: "1.4.0", }, }, namespaces: { "cve.org": { CVE_data_meta: { ASSIGNER: "security-advisories@github.com", ID: "CVE-2023-46234", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "browserify-sign", version: { version_data: [ { version_affected: "=", version_value: ">= 2.6.0, <= 4.2.1", }, ], }, }, ], }, vendor_name: "browserify", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "browserify-sign is a package to duplicate the functionality of node's crypto public key functions, much of this is based on Fedor Indutny's work on indutny/tls.js. An upper bound check issue in `dsaVerify` function allows an attacker to construct signatures that can be successfully verified by any public key, thus leading to a signature forgery attack. All places in this project that involve DSA verification of user-input signatures will be affected by this vulnerability. This issue has been patched in version 4.2.2.\n", }, ], }, impact: { cvss: [ { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, ], }, problemtype: { problemtype_data: [ { description: [ { cweId: "CWE-347", lang: "eng", value: "CWE-347: Improper Verification of Cryptographic Signature", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/browserify/browserify-sign/security/advisories/GHSA-x9w5-v3q2-3rhw", refsource: "MISC", url: "https://github.com/browserify/browserify-sign/security/advisories/GHSA-x9w5-v3q2-3rhw", }, { name: "https://github.com/browserify/browserify-sign/commit/85994cd6348b50f2fd1b73c54e20881416f44a30", refsource: "MISC", url: "https://github.com/browserify/browserify-sign/commit/85994cd6348b50f2fd1b73c54e20881416f44a30", }, { name: "https://lists.debian.org/debian-lts-announce/2023/10/msg00040.html", refsource: "MISC", url: "https://lists.debian.org/debian-lts-announce/2023/10/msg00040.html", }, { name: "https://www.debian.org/security/2023/dsa-5539", refsource: "MISC", url: "https://www.debian.org/security/2023/dsa-5539", }, { name: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6PVVPNSAGSDS63HQ74PJ7MZ3MU5IYNVZ/", refsource: "MISC", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6PVVPNSAGSDS63HQ74PJ7MZ3MU5IYNVZ/", }, { name: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3HUE6ZR5SL73KHL7XUPAOEL6SB7HUDT2/", refsource: "MISC", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3HUE6ZR5SL73KHL7XUPAOEL6SB7HUDT2/", }, ], }, source: { advisory: "GHSA-x9w5-v3q2-3rhw", discovery: "UNKNOWN", }, }, "nvd.nist.gov": { cve: { configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:browserify:browserify-sign:*:*:*:*:*:node.js:*:*", matchCriteriaId: "DE51BF6D-53CC-41A1-9530-BD9B1DCFBE6D", versionEndExcluding: "4.2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", matchCriteriaId: "FA6FEEC2-9F11-4643-8827-749718254FED", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*", matchCriteriaId: "46D69DCC-AE4D-4EA5-861C-D60951444C6C", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], descriptions: [ { lang: "en", value: "browserify-sign is a package to duplicate the functionality of node's crypto public key functions, much of this is based on Fedor Indutny's work on indutny/tls.js. An upper bound check issue in `dsaVerify` function allows an attacker to construct signatures that can be successfully verified by any public key, thus leading to a signature forgery attack. All places in this project that involve DSA verification of user-input signatures will be affected by this vulnerability. This issue has been patched in version 4.2.2.\n", }, { lang: "es", value: "browserify-sign es un paquete para duplicar la funcionalidad de las funciones de clave pública criptográfica del nodo, gran parte de esto se basa en el trabajo de Fedor Indutny en indutny/tls.js. Un problema de verificación de límite superior en la función `dsaVerify` permite a un atacante construir firmas que pueden verificarse con éxito mediante cualquier clave pública, lo que lleva a un ataque de falsificación de firmas. Todos los lugares de este proyecto que implican la verificación DSA de las firmas ingresadas por los usuarios se verán afectados por esta vulnerabilidad. Este problema se solucionó en la versión 4.2.2.", }, ], id: "CVE-2023-46234", lastModified: "2024-02-28T03:15:07.220", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 2.5, source: "security-advisories@github.com", type: "Secondary", }, ], }, published: "2023-10-26T15:15:09.087", references: [ { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://github.com/browserify/browserify-sign/commit/85994cd6348b50f2fd1b73c54e20881416f44a30", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://github.com/browserify/browserify-sign/security/advisories/GHSA-x9w5-v3q2-3rhw", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2023/10/msg00040.html", }, { source: "security-advisories@github.com", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3HUE6ZR5SL73KHL7XUPAOEL6SB7HUDT2/", }, { source: "security-advisories@github.com", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6PVVPNSAGSDS63HQ74PJ7MZ3MU5IYNVZ/", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2023/dsa-5539", }, ], sourceIdentifier: "security-advisories@github.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-347", }, ], source: "security-advisories@github.com", type: "Primary", }, ], }, }, }, }
opensuse-su-2025:14663-1
Vulnerability from csaf_opensuse
Published
2025-01-17 00:00
Modified
2025-01-17 00:00
Summary
velociraptor-0.7.0.4.git142.862ef23-1.1 on GA media
Notes
Title of the patch
velociraptor-0.7.0.4.git142.862ef23-1.1 on GA media
Description of the patch
These are all security issues fixed in the velociraptor-0.7.0.4.git142.862ef23-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2025-14663
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "velociraptor-0.7.0.4.git142.862ef23-1.1 on GA media", title: "Title of the patch", }, { category: "description", text: "These are all security issues fixed in the velociraptor-0.7.0.4.git142.862ef23-1.1 package on the GA media of openSUSE Tumbleweed.", title: "Description of the patch", }, { category: "details", text: "openSUSE-Tumbleweed-2025-14663", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_14663-1.json", }, { category: "self", summary: "URL for openSUSE-SU-2025:14663-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/IL7QOYRPFRGRS6UKU6ZYHI76FWFFUJNK/", }, { category: "self", summary: "E-Mail link for openSUSE-SU-2025:14663-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/IL7QOYRPFRGRS6UKU6ZYHI76FWFFUJNK/", }, { category: "self", summary: "SUSE CVE CVE-2023-1732 page", url: "https://www.suse.com/security/cve/CVE-2023-1732/", }, { category: "self", summary: "SUSE CVE CVE-2023-44270 page", url: "https://www.suse.com/security/cve/CVE-2023-44270/", }, { category: "self", summary: "SUSE CVE CVE-2023-45133 page", url: "https://www.suse.com/security/cve/CVE-2023-45133/", }, { category: "self", summary: "SUSE CVE CVE-2023-45683 page", url: "https://www.suse.com/security/cve/CVE-2023-45683/", }, { category: "self", summary: "SUSE CVE CVE-2023-46234 page", url: "https://www.suse.com/security/cve/CVE-2023-46234/", }, { category: "self", summary: "SUSE CVE CVE-2024-21538 page", url: "https://www.suse.com/security/cve/CVE-2024-21538/", }, { category: "self", summary: "SUSE CVE CVE-2024-23331 page", url: "https://www.suse.com/security/cve/CVE-2024-23331/", }, { category: "self", summary: "SUSE CVE CVE-2024-24786 page", url: "https://www.suse.com/security/cve/CVE-2024-24786/", }, { category: "self", summary: "SUSE CVE CVE-2024-28180 page", url: "https://www.suse.com/security/cve/CVE-2024-28180/", }, { category: "self", summary: "SUSE CVE CVE-2024-31207 page", url: "https://www.suse.com/security/cve/CVE-2024-31207/", }, { category: "self", summary: "SUSE CVE CVE-2024-37298 page", url: "https://www.suse.com/security/cve/CVE-2024-37298/", }, { category: "self", summary: "SUSE CVE CVE-2024-4067 page", url: "https://www.suse.com/security/cve/CVE-2024-4067/", }, { category: "self", summary: "SUSE CVE CVE-2024-4068 page", url: "https://www.suse.com/security/cve/CVE-2024-4068/", }, { category: "self", summary: "SUSE CVE CVE-2024-42459 page", url: "https://www.suse.com/security/cve/CVE-2024-42459/", }, { category: "self", summary: "SUSE CVE CVE-2024-42460 page", url: "https://www.suse.com/security/cve/CVE-2024-42460/", }, { category: "self", summary: "SUSE CVE CVE-2024-42461 page", url: "https://www.suse.com/security/cve/CVE-2024-42461/", }, { category: "self", summary: "SUSE CVE CVE-2024-45296 page", url: "https://www.suse.com/security/cve/CVE-2024-45296/", }, { category: "self", summary: "SUSE CVE CVE-2024-45338 page", url: "https://www.suse.com/security/cve/CVE-2024-45338/", }, { category: "self", summary: "SUSE CVE CVE-2024-45811 page", url: "https://www.suse.com/security/cve/CVE-2024-45811/", }, { category: "self", summary: "SUSE CVE CVE-2024-45812 page", url: "https://www.suse.com/security/cve/CVE-2024-45812/", }, { category: "self", summary: "SUSE CVE CVE-2024-47068 page", url: "https://www.suse.com/security/cve/CVE-2024-47068/", }, { category: "self", summary: "SUSE CVE CVE-2024-47875 page", url: "https://www.suse.com/security/cve/CVE-2024-47875/", }, { category: "self", summary: "SUSE CVE CVE-2024-48948 page", url: "https://www.suse.com/security/cve/CVE-2024-48948/", }, { category: "self", summary: "SUSE CVE CVE-2024-48949 page", url: "https://www.suse.com/security/cve/CVE-2024-48949/", }, { category: "self", summary: "SUSE CVE CVE-2024-51744 page", url: "https://www.suse.com/security/cve/CVE-2024-51744/", }, { category: "self", summary: "SUSE CVE CVE-2024-55565 page", url: "https://www.suse.com/security/cve/CVE-2024-55565/", }, { category: "self", summary: "SUSE CVE CVE-2024-6104 page", url: "https://www.suse.com/security/cve/CVE-2024-6104/", }, ], title: "velociraptor-0.7.0.4.git142.862ef23-1.1 on GA media", tracking: { current_release_date: "2025-01-17T00:00:00Z", generator: { date: "2025-01-17T00:00:00Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "openSUSE-SU-2025:14663-1", initial_release_date: "2025-01-17T00:00:00Z", revision_history: [ { date: "2025-01-17T00:00:00Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "velociraptor-0.7.0.4.git142.862ef23-1.1.aarch64", product: { name: "velociraptor-0.7.0.4.git142.862ef23-1.1.aarch64", product_id: "velociraptor-0.7.0.4.git142.862ef23-1.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "velociraptor-0.7.0.4.git142.862ef23-1.1.ppc64le", product: { name: "velociraptor-0.7.0.4.git142.862ef23-1.1.ppc64le", product_id: "velociraptor-0.7.0.4.git142.862ef23-1.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "velociraptor-0.7.0.4.git142.862ef23-1.1.s390x", product: { name: "velociraptor-0.7.0.4.git142.862ef23-1.1.s390x", product_id: "velociraptor-0.7.0.4.git142.862ef23-1.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "velociraptor-0.7.0.4.git142.862ef23-1.1.x86_64", product: { name: "velociraptor-0.7.0.4.git142.862ef23-1.1.x86_64", product_id: "velociraptor-0.7.0.4.git142.862ef23-1.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "openSUSE Tumbleweed", product: { name: "openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed", product_identification_helper: { cpe: "cpe:/o:opensuse:tumbleweed", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "velociraptor-0.7.0.4.git142.862ef23-1.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.aarch64", }, product_reference: "velociraptor-0.7.0.4.git142.862ef23-1.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "velociraptor-0.7.0.4.git142.862ef23-1.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.ppc64le", }, product_reference: "velociraptor-0.7.0.4.git142.862ef23-1.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "velociraptor-0.7.0.4.git142.862ef23-1.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.s390x", }, product_reference: "velociraptor-0.7.0.4.git142.862ef23-1.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "velociraptor-0.7.0.4.git142.862ef23-1.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.x86_64", }, product_reference: "velociraptor-0.7.0.4.git142.862ef23-1.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, ], }, vulnerabilities: [ { cve: "CVE-2023-1732", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-1732", }, ], notes: [ { category: "general", text: "When sampling randomness for a shared secret, the implementation of Kyber and FrodoKEM, did not check whether crypto/rand.Read() returns an error. In rare deployment cases (error thrown by the Read() function), this could lead to a predictable shared secret.\n\nThe tkn20 and blindrsa components did not check whether enough randomness was returned from the user provided randomness source. Typically the user provides crypto/rand.Reader, which in the vast majority of cases will always return the right number random bytes. In the cases where it does not, or the user provides a source that does not, the blinding for blindrsa is weak and integrity of the plaintext is not ensured in tkn20.\n\n", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.aarch64", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.ppc64le", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.s390x", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-1732", url: "https://www.suse.com/security/cve/CVE-2023-1732", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.aarch64", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.ppc64le", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.s390x", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.aarch64", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.ppc64le", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.s390x", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-17T00:00:00Z", details: "important", }, ], title: "CVE-2023-1732", }, { cve: "CVE-2023-44270", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-44270", }, ], notes: [ { category: "general", text: "An issue was discovered in PostCSS before 8.4.31. The vulnerability affects linters using PostCSS to parse external untrusted CSS. An attacker can prepare CSS in such a way that it will contains parts parsed by PostCSS as a CSS comment. After processing by PostCSS, it will be included in the PostCSS output in CSS nodes (rules, properties) despite being included in a comment.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.aarch64", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.ppc64le", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.s390x", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-44270", url: "https://www.suse.com/security/cve/CVE-2023-44270", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.aarch64", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.ppc64le", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.s390x", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.aarch64", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.ppc64le", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.s390x", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-17T00:00:00Z", details: "moderate", }, ], title: "CVE-2023-44270", }, { cve: "CVE-2023-45133", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-45133", }, ], notes: [ { category: "general", text: "Babel is a compiler for writingJavaScript. In `@babel/traverse` prior to versions 7.23.2 and 8.0.0-alpha.4 and all versions of `babel-traverse`, using Babel to compile code that was specifically crafted by an attacker can lead to arbitrary code execution during compilation, when using plugins that rely on the `path.evaluate()`or `path.evaluateTruthy()` internal Babel methods. Known affected plugins are `@babel/plugin-transform-runtime`; `@babel/preset-env` when using its `useBuiltIns` option; and any \"polyfill provider\" plugin that depends on `@babel/helper-define-polyfill-provider`, such as `babel-plugin-polyfill-corejs3`, `babel-plugin-polyfill-corejs2`, `babel-plugin-polyfill-es-shims`, `babel-plugin-polyfill-regenerator`. No other plugins under the `@babel/` namespace are impacted, but third-party plugins might be. Users that only compile trusted code are not impacted. The vulnerability has been fixed in `@babel/traverse@7.23.2` and `@babel/traverse@8.0.0-alpha.4`. Those who cannot upgrade `@babel/traverse` and are using one of the affected packages mentioned above should upgrade them to their latest version to avoid triggering the vulnerable code path in affected `@babel/traverse` versions: `@babel/plugin-transform-runtime` v7.23.2, `@babel/preset-env` v7.23.2, `@babel/helper-define-polyfill-provider` v0.4.3, `babel-plugin-polyfill-corejs2` v0.4.6, `babel-plugin-polyfill-corejs3` v0.8.5, `babel-plugin-polyfill-es-shims` v0.10.0, `babel-plugin-polyfill-regenerator` v0.5.3.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.aarch64", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.ppc64le", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.s390x", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-45133", url: "https://www.suse.com/security/cve/CVE-2023-45133", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.aarch64", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.ppc64le", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.s390x", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 9.3, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.aarch64", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.ppc64le", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.s390x", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-17T00:00:00Z", details: "critical", }, ], title: "CVE-2023-45133", }, { cve: "CVE-2023-45683", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-45683", }, ], notes: [ { category: "general", text: "github.com/crewjam/saml is a saml library for the go language. In affected versions the package does not validate the ACS Location URI according to the SAML binding being parsed. If abused, this flaw allows attackers to register malicious Service Providers at the IdP and inject Javascript in the ACS endpoint definition, achieving Cross-Site-Scripting (XSS) in the IdP context during the redirection at the end of a SAML SSO Flow. Consequently, an attacker may perform any authenticated action as the victim once the victim's browser loaded the SAML IdP initiated SSO link for the malicious service provider. Note: SP registration is commonly an unrestricted operation in IdPs, hence not requiring particular permissions or publicly accessible to ease the IdP interoperability. This issue is fixed in version 0.4.14. Users unable to upgrade may perform external validation of URLs provided in SAML metadata, or restrict the ability for end-users to upload arbitrary metadata.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.aarch64", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.ppc64le", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.s390x", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-45683", url: "https://www.suse.com/security/cve/CVE-2023-45683", }, { category: "external", summary: "SUSE Bug 1216308 for CVE-2023-45683", url: "https://bugzilla.suse.com/1216308", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.aarch64", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.ppc64le", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.s390x", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.aarch64", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.ppc64le", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.s390x", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-17T00:00:00Z", details: "important", }, ], title: "CVE-2023-45683", }, { cve: "CVE-2023-46234", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-46234", }, ], notes: [ { category: "general", text: "browserify-sign is a package to duplicate the functionality of node's crypto public key functions, much of this is based on Fedor Indutny's work on indutny/tls.js. An upper bound check issue in `dsaVerify` function allows an attacker to construct signatures that can be successfully verified by any public key, thus leading to a signature forgery attack. All places in this project that involve DSA verification of user-input signatures will be affected by this vulnerability. This issue has been patched in version 4.2.2.\n", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.aarch64", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.ppc64le", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.s390x", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-46234", url: "https://www.suse.com/security/cve/CVE-2023-46234", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.aarch64", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.ppc64le", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.s390x", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.aarch64", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.ppc64le", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.s390x", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-17T00:00:00Z", details: "important", }, ], title: "CVE-2023-46234", }, { cve: "CVE-2024-21538", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-21538", }, ], notes: [ { category: "general", text: "Versions of the package cross-spawn before 7.0.5 are vulnerable to Regular Expression Denial of Service (ReDoS) due to improper input sanitization. An attacker can increase the CPU usage and crash the program by crafting a very large and well crafted string.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.aarch64", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.ppc64le", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.s390x", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-21538", url: "https://www.suse.com/security/cve/CVE-2024-21538", }, { category: "external", summary: "SUSE Bug 1233843 for CVE-2024-21538", url: "https://bugzilla.suse.com/1233843", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.aarch64", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.ppc64le", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.s390x", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.aarch64", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.ppc64le", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.s390x", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-17T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-21538", }, { cve: "CVE-2024-23331", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-23331", }, ], notes: [ { category: "general", text: "Vite is a frontend tooling framework for javascript. The Vite dev server option `server.fs.deny` can be bypassed on case-insensitive file systems using case-augmented versions of filenames. Notably this affects servers hosted on Windows. This bypass is similar to CVE-2023-34092 -- with surface area reduced to hosts having case-insensitive filesystems. Since `picomatch` defaults to case-sensitive glob matching, but the file server doesn't discriminate; a blacklist bypass is possible. By requesting raw filesystem paths using augmented casing, the matcher derived from `config.server.fs.deny` fails to block access to sensitive files. This issue has been addressed in vite@5.0.12, vite@4.5.2, vite@3.2.8, and vite@2.9.17. Users are advised to upgrade. Users unable to upgrade should restrict access to dev servers.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.aarch64", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.ppc64le", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.s390x", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-23331", url: "https://www.suse.com/security/cve/CVE-2024-23331", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.aarch64", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.ppc64le", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.s390x", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.aarch64", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.ppc64le", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.s390x", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-17T00:00:00Z", details: "important", }, ], title: "CVE-2024-23331", }, { cve: "CVE-2024-24786", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-24786", }, ], notes: [ { category: "general", text: "The protojson.Unmarshal function can enter an infinite loop when unmarshaling certain forms of invalid JSON. This condition can occur when unmarshaling into a message which contains a google.protobuf.Any value, or when the UnmarshalOptions.DiscardUnknown option is set.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.aarch64", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.ppc64le", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.s390x", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-24786", url: "https://www.suse.com/security/cve/CVE-2024-24786", }, { category: "external", summary: "SUSE Bug 1226136 for CVE-2024-24786", url: "https://bugzilla.suse.com/1226136", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.aarch64", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.ppc64le", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.s390x", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.aarch64", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.ppc64le", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.s390x", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-17T00:00:00Z", details: "important", }, ], title: "CVE-2024-24786", }, { cve: "CVE-2024-28180", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-28180", }, ], notes: [ { category: "general", text: "Package jose aims to provide an implementation of the Javascript Object Signing and Encryption set of standards. An attacker could send a JWE containing compressed data that used large amounts of memory and CPU when decompressed by Decrypt or DecryptMulti. Those functions now return an error if the decompressed data would exceed 250kB or 10x the compressed size (whichever is larger). This vulnerability has been patched in versions 4.0.1, 3.0.3 and 2.6.3.\n", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.aarch64", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.ppc64le", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.s390x", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-28180", url: "https://www.suse.com/security/cve/CVE-2024-28180", }, { category: "external", summary: "SUSE Bug 1234984 for CVE-2024-28180", url: "https://bugzilla.suse.com/1234984", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.aarch64", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.ppc64le", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.s390x", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.aarch64", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.ppc64le", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.s390x", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-17T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-28180", }, { cve: "CVE-2024-31207", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-31207", }, ], notes: [ { category: "general", text: "Vite (French word for \"quick\", pronounced /vit/, like \"veet\") is a frontend build tooling to improve the frontend development experience.`server.fs.deny` does not deny requests for patterns with directories. This vulnerability has been patched in version(s) 5.2.6, 5.1.7, 5.0.13, 4.5.3, 3.2.10 and 2.9.18.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.aarch64", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.ppc64le", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.s390x", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-31207", url: "https://www.suse.com/security/cve/CVE-2024-31207", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.aarch64", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.ppc64le", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.s390x", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-17T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-31207", }, { cve: "CVE-2024-37298", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-37298", }, ], notes: [ { category: "general", text: "gorilla/schema converts structs to and from form values. Prior to version 1.4.1 Running `schema.Decoder.Decode()` on a struct that has a field of type `[]struct{...}` opens it up to malicious attacks regarding memory allocations, taking advantage of the sparse slice functionality. Any use of `schema.Decoder.Decode()` on a struct with arrays of other structs could be vulnerable to this memory exhaustion vulnerability. Version 1.4.1 contains a patch for the issue.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.aarch64", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.ppc64le", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.s390x", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-37298", url: "https://www.suse.com/security/cve/CVE-2024-37298", }, { category: "external", summary: "SUSE Bug 1227309 for CVE-2024-37298", url: "https://bugzilla.suse.com/1227309", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.aarch64", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.ppc64le", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.s390x", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-17T00:00:00Z", details: "important", }, ], title: "CVE-2024-37298", }, { cve: "CVE-2024-4067", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-4067", }, ], notes: [ { category: "general", text: "The NPM package `micromatch` prior to 4.0.8 is vulnerable to Regular Expression Denial of Service (ReDoS). The vulnerability occurs in `micromatch.braces()` in `index.js` because the pattern `.*` will greedily match anything. By passing a malicious payload, the pattern matching will keep backtracking to the input while it doesn't find the closing bracket. As the input size increases, the consumption time will also increase until it causes the application to hang or slow down. There was a merged fix but further testing shows the issue persists. This issue should be mitigated by using a safe pattern that won't start backtracking the regular expression due to greedy matching. This issue was fixed in version 4.0.8.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.aarch64", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.ppc64le", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.s390x", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-4067", url: "https://www.suse.com/security/cve/CVE-2024-4067", }, { category: "external", summary: "SUSE Bug 1224255 for CVE-2024-4067", url: "https://bugzilla.suse.com/1224255", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.aarch64", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.ppc64le", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.s390x", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.aarch64", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.ppc64le", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.s390x", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-17T00:00:00Z", details: "important", }, ], title: "CVE-2024-4067", }, { cve: "CVE-2024-4068", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-4068", }, ], notes: [ { category: "general", text: "The NPM package `braces`, versions prior to 3.0.3, fails to limit the number of characters it can handle, which could lead to Memory Exhaustion. In `lib/parse.js,` if a malicious user sends \"imbalanced braces\" as input, the parsing will enter a loop, which will cause the program to start allocating heap memory without freeing it at any moment of the loop. Eventually, the JavaScript heap limit is reached, and the program will crash.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.aarch64", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.ppc64le", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.s390x", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-4068", url: "https://www.suse.com/security/cve/CVE-2024-4068", }, { category: "external", summary: "SUSE Bug 1224256 for CVE-2024-4068", url: "https://bugzilla.suse.com/1224256", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.aarch64", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.ppc64le", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.s390x", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.aarch64", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.ppc64le", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.s390x", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-17T00:00:00Z", details: "important", }, ], title: "CVE-2024-4068", }, { cve: "CVE-2024-42459", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-42459", }, ], notes: [ { category: "general", text: "In the Elliptic package 6.5.6 for Node.js, EDDSA signature malleability occurs because there is a missing signature length check, and thus zero-valued bytes can be removed or appended.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.aarch64", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.ppc64le", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.s390x", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-42459", url: "https://www.suse.com/security/cve/CVE-2024-42459", }, { category: "external", summary: "SUSE Bug 1232538 for CVE-2024-42459", url: "https://bugzilla.suse.com/1232538", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.aarch64", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.ppc64le", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.s390x", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.aarch64", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.ppc64le", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.s390x", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-17T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-42459", }, { cve: "CVE-2024-42460", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-42460", }, ], notes: [ { category: "general", text: "In the Elliptic package 6.5.6 for Node.js, ECDSA signature malleability occurs because there is a missing check for whether the leading bit of r and s is zero.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.aarch64", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.ppc64le", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.s390x", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-42460", url: "https://www.suse.com/security/cve/CVE-2024-42460", }, { category: "external", summary: "SUSE Bug 1232538 for CVE-2024-42460", url: "https://bugzilla.suse.com/1232538", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.aarch64", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.ppc64le", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.s390x", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.aarch64", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.ppc64le", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.s390x", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-17T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-42460", }, { cve: "CVE-2024-42461", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-42461", }, ], notes: [ { category: "general", text: "In the Elliptic package 6.5.6 for Node.js, ECDSA signature malleability occurs because BER-encoded signatures are allowed.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.aarch64", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.ppc64le", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.s390x", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-42461", url: "https://www.suse.com/security/cve/CVE-2024-42461", }, { category: "external", summary: "SUSE Bug 1232538 for CVE-2024-42461", url: "https://bugzilla.suse.com/1232538", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.aarch64", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.ppc64le", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.s390x", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.aarch64", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.ppc64le", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.s390x", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-17T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-42461", }, { cve: "CVE-2024-45296", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-45296", }, ], notes: [ { category: "general", text: "path-to-regexp turns path strings into a regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance. Because JavaScript is single threaded and regex matching runs on the main thread, poor performance will block the event loop and lead to a DoS. The bad regular expression is generated any time you have two parameters within a single segment, separated by something that is not a period (.). For users of 0.1, upgrade to 0.1.10. All other users should upgrade to 8.0.0.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.aarch64", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.ppc64le", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.s390x", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-45296", url: "https://www.suse.com/security/cve/CVE-2024-45296", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.aarch64", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.ppc64le", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.s390x", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-17T00:00:00Z", details: "important", }, ], title: "CVE-2024-45296", }, { cve: "CVE-2024-45338", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-45338", }, ], notes: [ { category: "general", text: "An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This could cause a denial of service.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.aarch64", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.ppc64le", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.s390x", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-45338", url: "https://www.suse.com/security/cve/CVE-2024-45338", }, { category: "external", summary: "SUSE Bug 1234794 for CVE-2024-45338", url: "https://bugzilla.suse.com/1234794", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.aarch64", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.ppc64le", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.s390x", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.aarch64", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.ppc64le", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.s390x", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-17T00:00:00Z", details: "important", }, ], title: "CVE-2024-45338", }, { cve: "CVE-2024-45811", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-45811", }, ], notes: [ { category: "general", text: "Vite a frontend build tooling framework for javascript. In affected versions the contents of arbitrary files can be returned to the browser. `@fs` denies access to files outside of Vite serving allow list. Adding `?import&raw` to the URL bypasses this limitation and returns the file content if it exists. This issue has been patched in versions 5.4.6, 5.3.6, 5.2.14, 4.5.5, and 3.2.11. Users are advised to upgrade. There are no known workarounds for this vulnerability.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.aarch64", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.ppc64le", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.s390x", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-45811", url: "https://www.suse.com/security/cve/CVE-2024-45811", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.aarch64", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.ppc64le", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.s390x", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-17T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-45811", }, { cve: "CVE-2024-45812", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-45812", }, ], notes: [ { category: "general", text: "Vite a frontend build tooling framework for javascript. Affected versions of vite were discovered to contain a DOM Clobbering vulnerability when building scripts to `cjs`/`iife`/`umd` output format. The DOM Clobbering gadget in the module can lead to cross-site scripting (XSS) in web pages where scriptless attacker-controlled HTML elements (e.g., an img tag with an unsanitized name attribute) are present. DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script, seemingly benign HTML markups in the webpage (e.g. through a post or comment) and leverages the gadgets (pieces of js code) living in the existing javascript code to transform it into executable code. We have identified a DOM Clobbering vulnerability in Vite bundled scripts, particularly when the scripts dynamically import other scripts from the assets folder and the developer sets the build output format to `cjs`, `iife`, or `umd`. In such cases, Vite replaces relative paths starting with `__VITE_ASSET__` using the URL retrieved from `document.currentScript`. However, this implementation is vulnerable to a DOM Clobbering attack. The `document.currentScript` lookup can be shadowed by an attacker via the browser's named DOM tree element access mechanism. This manipulation allows an attacker to replace the intended script element with a malicious HTML element. When this happens, the src attribute of the attacker-controlled element is used as the URL for importing scripts, potentially leading to the dynamic loading of scripts from an attacker-controlled server. This vulnerability can result in cross-site scripting (XSS) attacks on websites that include Vite-bundled files (configured with an output format of `cjs`, `iife`, or `umd`) and allow users to inject certain scriptless HTML tags without properly sanitizing the name or id attributes. This issue has been patched in versions 5.4.6, 5.3.6, 5.2.14, 4.5.5, and 3.2.11. Users are advised to upgrade. There are no known workarounds for this vulnerability.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.aarch64", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.ppc64le", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.s390x", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-45812", url: "https://www.suse.com/security/cve/CVE-2024-45812", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.aarch64", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.ppc64le", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.s390x", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-17T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-45812", }, { cve: "CVE-2024-47068", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47068", }, ], notes: [ { category: "general", text: "Rollup is a module bundler for JavaScript. Versions prior to 2.79.2, 3.29.5, and 4.22.4 are susceptible to a DOM Clobbering vulnerability when bundling scripts with properties from `import.meta` (e.g., `import.meta.url`) in `cjs`/`umd`/`iife` format. The DOM Clobbering gadget can lead to cross-site scripting (XSS) in web pages where scriptless attacker-controlled HTML elements (e.g., an `img` tag with an unsanitized `name` attribute) are present. Versions 2.79.2, 3.29.5, and 4.22.4 contain a patch for the vulnerability.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.aarch64", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.ppc64le", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.s390x", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47068", url: "https://www.suse.com/security/cve/CVE-2024-47068", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.aarch64", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.ppc64le", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.s390x", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.aarch64", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.ppc64le", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.s390x", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-17T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47068", }, { cve: "CVE-2024-47875", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47875", }, ], notes: [ { category: "general", text: "DOMPurify is a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMpurify was vulnerable to nesting-based mXSS. This vulnerability is fixed in 2.5.0 and 3.1.3.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.aarch64", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.ppc64le", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.s390x", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47875", url: "https://www.suse.com/security/cve/CVE-2024-47875", }, { category: "external", summary: "SUSE Bug 1231571 for CVE-2024-47875", url: "https://bugzilla.suse.com/1231571", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.aarch64", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.ppc64le", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.s390x", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.aarch64", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.ppc64le", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.s390x", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-17T00:00:00Z", details: "important", }, ], title: "CVE-2024-47875", }, { cve: "CVE-2024-48948", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-48948", }, ], notes: [ { category: "general", text: "The Elliptic package 6.5.7 for Node.js, in its for ECDSA implementation, does not correctly verify valid signatures if the hash contains at least four leading 0 bytes and when the order of the elliptic curve's base point is smaller than the hash, because of an _truncateToN anomaly. This leads to valid signatures being rejected. Legitimate transactions or communications may be incorrectly flagged as invalid.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.aarch64", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.ppc64le", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.s390x", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-48948", url: "https://www.suse.com/security/cve/CVE-2024-48948", }, { category: "external", summary: "SUSE Bug 1231681 for CVE-2024-48948", url: "https://bugzilla.suse.com/1231681", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.aarch64", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.ppc64le", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.s390x", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.aarch64", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.ppc64le", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.s390x", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-17T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-48948", }, { cve: "CVE-2024-48949", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-48949", }, ], notes: [ { category: "general", text: "The verify function in lib/elliptic/eddsa/index.js in the Elliptic package before 6.5.6 for Node.js omits \"sig.S().gte(sig.eddsa.curve.n) || sig.S().isNeg()\" validation.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.aarch64", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.ppc64le", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.s390x", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-48949", url: "https://www.suse.com/security/cve/CVE-2024-48949", }, { category: "external", summary: "SUSE Bug 1231557 for CVE-2024-48949", url: "https://bugzilla.suse.com/1231557", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.aarch64", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.ppc64le", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.s390x", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.2, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.aarch64", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.ppc64le", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.s390x", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-17T00:00:00Z", details: "important", }, ], title: "CVE-2024-48949", }, { cve: "CVE-2024-51744", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-51744", }, ], notes: [ { category: "general", text: "golang-jwt is a Go implementation of JSON Web Tokens. Unclear documentation of the error behavior in `ParseWithClaims` can lead to situation where users are potentially not checking errors in the way they should be. Especially, if a token is both expired and invalid, the errors returned by `ParseWithClaims` return both error codes. If users only check for the `jwt.ErrTokenExpired ` using `error.Is`, they will ignore the embedded `jwt.ErrTokenSignatureInvalid` and thus potentially accept invalid tokens. A fix has been back-ported with the error handling logic from the `v5` branch to the `v4` branch. In this logic, the `ParseWithClaims` function will immediately return in \"dangerous\" situations (e.g., an invalid signature), limiting the combined errors only to situations where the signature is valid, but further validation failed (e.g., if the signature is valid, but is expired AND has the wrong audience). This fix is part of the 4.5.1 release. We are aware that this changes the behaviour of an established function and is not 100 % backwards compatible, so updating to 4.5.1 might break your code. In case you cannot update to 4.5.0, please make sure that you are properly checking for all errors (\"dangerous\" ones first), so that you are not running in the case detailed above.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.aarch64", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.ppc64le", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.s390x", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-51744", url: "https://www.suse.com/security/cve/CVE-2024-51744", }, { category: "external", summary: "SUSE Bug 1232936 for CVE-2024-51744", url: "https://bugzilla.suse.com/1232936", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.aarch64", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.ppc64le", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.s390x", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.1, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.aarch64", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.ppc64le", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.s390x", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-17T00:00:00Z", details: "low", }, ], title: "CVE-2024-51744", }, { cve: "CVE-2024-55565", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-55565", }, ], notes: [ { category: "general", text: "nanoid (aka Nano ID) before 5.0.9 mishandles non-integer values. 3.3.8 is also a fixed version.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.aarch64", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.ppc64le", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.s390x", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-55565", url: "https://www.suse.com/security/cve/CVE-2024-55565", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.aarch64", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.ppc64le", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.s390x", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-17T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-55565", }, { cve: "CVE-2024-6104", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-6104", }, ], notes: [ { category: "general", text: "go-retryablehttp prior to 0.7.7 did not sanitize urls when writing them to its log file. This could lead to go-retryablehttp writing sensitive HTTP basic auth credentials to its log file. This vulnerability, CVE-2024-6104, was fixed in go-retryablehttp 0.7.7.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.aarch64", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.ppc64le", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.s390x", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-6104", url: "https://www.suse.com/security/cve/CVE-2024-6104", }, { category: "external", summary: "SUSE Bug 1227024 for CVE-2024-6104", url: "https://bugzilla.suse.com/1227024", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.aarch64", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.ppc64le", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.s390x", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.aarch64", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.ppc64le", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.s390x", "openSUSE Tumbleweed:velociraptor-0.7.0.4.git142.862ef23-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-17T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-6104", }, ], }
rhsa-2023_6180
Vulnerability from csaf_redhat
Published
2023-10-30 12:53
Modified
2024-12-10 16:36
Summary
Red Hat Security Advisory: Red Hat OpenShift distributed tracing 2.9.0 containers security update
Notes
Topic
An update is now available for Red Hat Openshift distributed tracing 2.9.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Release of Red Hat OpenShift distributed tracing provides these changes:
Security Fix(es):
* browserify-sign: upper bound check issue in dsaVerify leads to a signature forgery attack (CVE-2023-46234)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update is now available for Red Hat Openshift distributed tracing 2.9.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Release of Red Hat OpenShift distributed tracing provides these changes:\n\nSecurity Fix(es):\n\n* browserify-sign: upper bound check issue in dsaVerify leads to a signature forgery attack (CVE-2023-46234)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2023:6180", url: "https://access.redhat.com/errata/RHSA-2023:6180", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "2246470", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2246470", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_6180.json", }, ], title: "Red Hat Security Advisory: Red Hat OpenShift distributed tracing 2.9.0 containers security update", tracking: { current_release_date: "2024-12-10T16:36:54+00:00", generator: { date: "2024-12-10T16:36:54+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.3", }, }, id: "RHSA-2023:6180", initial_release_date: "2023-10-30T12:53:43+00:00", revision_history: [ { date: "2023-10-30T12:53:43+00:00", number: "1", summary: "Initial version", }, { date: "2023-10-30T12:53:43+00:00", number: "2", summary: "Last updated version", }, { date: "2024-12-10T16:36:54+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat OpenShift distributed tracing 2.9", product: { name: "Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9", product_identification_helper: { cpe: "cpe:/a:redhat:openshift_distributed_tracing:2.9::el8", }, }, }, ], category: "product_family", name: "Red Hat OpenShift distributed tracing", }, { branches: [ { category: "product_version", name: "rhosdt/jaeger-agent-rhel8@sha256:7ebe5c551baccd151d6ef2120eb7009570b33647bfd6332320dfa0f5f661ed8a_amd64", product: { name: "rhosdt/jaeger-agent-rhel8@sha256:7ebe5c551baccd151d6ef2120eb7009570b33647bfd6332320dfa0f5f661ed8a_amd64", product_id: "rhosdt/jaeger-agent-rhel8@sha256:7ebe5c551baccd151d6ef2120eb7009570b33647bfd6332320dfa0f5f661ed8a_amd64", product_identification_helper: { purl: "pkg:oci/jaeger-agent-rhel8@sha256:7ebe5c551baccd151d6ef2120eb7009570b33647bfd6332320dfa0f5f661ed8a?arch=amd64&repository_url=registry.redhat.io/rhosdt/jaeger-agent-rhel8&tag=1.47.1-5", }, }, }, { category: "product_version", name: "rhosdt/jaeger-all-in-one-rhel8@sha256:bb3e6e3b54c116d45c23154b3f3bd122a99a62ceb4499cd56774f1e0cec1c214_amd64", product: { name: "rhosdt/jaeger-all-in-one-rhel8@sha256:bb3e6e3b54c116d45c23154b3f3bd122a99a62ceb4499cd56774f1e0cec1c214_amd64", product_id: "rhosdt/jaeger-all-in-one-rhel8@sha256:bb3e6e3b54c116d45c23154b3f3bd122a99a62ceb4499cd56774f1e0cec1c214_amd64", product_identification_helper: { purl: "pkg:oci/jaeger-all-in-one-rhel8@sha256:bb3e6e3b54c116d45c23154b3f3bd122a99a62ceb4499cd56774f1e0cec1c214?arch=amd64&repository_url=registry.redhat.io/rhosdt/jaeger-all-in-one-rhel8&tag=1.47.1-5", }, }, }, { category: "product_version", name: "rhosdt/jaeger-collector-rhel8@sha256:df8436011b04ced795985116fff8eb5cc0009f0002ce9c000f9db741980b5a72_amd64", product: { name: "rhosdt/jaeger-collector-rhel8@sha256:df8436011b04ced795985116fff8eb5cc0009f0002ce9c000f9db741980b5a72_amd64", product_id: "rhosdt/jaeger-collector-rhel8@sha256:df8436011b04ced795985116fff8eb5cc0009f0002ce9c000f9db741980b5a72_amd64", product_identification_helper: { purl: "pkg:oci/jaeger-collector-rhel8@sha256:df8436011b04ced795985116fff8eb5cc0009f0002ce9c000f9db741980b5a72?arch=amd64&repository_url=registry.redhat.io/rhosdt/jaeger-collector-rhel8&tag=1.47.1-5", }, }, }, { category: "product_version", name: "rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c3883a6c2f828592783cd1cd336c23a29245e9c45b10dd2b6d1aa8b86a670c31_amd64", product: { name: "rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c3883a6c2f828592783cd1cd336c23a29245e9c45b10dd2b6d1aa8b86a670c31_amd64", product_id: "rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c3883a6c2f828592783cd1cd336c23a29245e9c45b10dd2b6d1aa8b86a670c31_amd64", product_identification_helper: { purl: "pkg:oci/jaeger-es-index-cleaner-rhel8@sha256:c3883a6c2f828592783cd1cd336c23a29245e9c45b10dd2b6d1aa8b86a670c31?arch=amd64&repository_url=registry.redhat.io/rhosdt/jaeger-es-index-cleaner-rhel8&tag=1.47.1-5", }, }, }, { category: "product_version", name: "rhosdt/jaeger-es-rollover-rhel8@sha256:ba453c045a93b2ac9e9a820ca616ea4af912972a99a5e4b07135658f1ddc752d_amd64", product: { name: "rhosdt/jaeger-es-rollover-rhel8@sha256:ba453c045a93b2ac9e9a820ca616ea4af912972a99a5e4b07135658f1ddc752d_amd64", product_id: "rhosdt/jaeger-es-rollover-rhel8@sha256:ba453c045a93b2ac9e9a820ca616ea4af912972a99a5e4b07135658f1ddc752d_amd64", product_identification_helper: { purl: "pkg:oci/jaeger-es-rollover-rhel8@sha256:ba453c045a93b2ac9e9a820ca616ea4af912972a99a5e4b07135658f1ddc752d?arch=amd64&repository_url=registry.redhat.io/rhosdt/jaeger-es-rollover-rhel8&tag=1.47.1-5", }, }, }, { category: "product_version", name: "rhosdt/jaeger-ingester-rhel8@sha256:f72338e446068e2487de8f6eb2249a69e27f24523a771e8aba0fcc2fbf263fe8_amd64", product: { name: "rhosdt/jaeger-ingester-rhel8@sha256:f72338e446068e2487de8f6eb2249a69e27f24523a771e8aba0fcc2fbf263fe8_amd64", product_id: "rhosdt/jaeger-ingester-rhel8@sha256:f72338e446068e2487de8f6eb2249a69e27f24523a771e8aba0fcc2fbf263fe8_amd64", product_identification_helper: { purl: "pkg:oci/jaeger-ingester-rhel8@sha256:f72338e446068e2487de8f6eb2249a69e27f24523a771e8aba0fcc2fbf263fe8?arch=amd64&repository_url=registry.redhat.io/rhosdt/jaeger-ingester-rhel8&tag=1.47.1-5", }, }, }, { category: "product_version", name: "rhosdt/jaeger-operator-bundle@sha256:5dfb4b1c8b7c835e0c493927cb5c22bc68989244e49e284f90a063d54c6d1aa9_amd64", product: { name: "rhosdt/jaeger-operator-bundle@sha256:5dfb4b1c8b7c835e0c493927cb5c22bc68989244e49e284f90a063d54c6d1aa9_amd64", product_id: "rhosdt/jaeger-operator-bundle@sha256:5dfb4b1c8b7c835e0c493927cb5c22bc68989244e49e284f90a063d54c6d1aa9_amd64", product_identification_helper: { purl: "pkg:oci/jaeger-operator-bundle@sha256:5dfb4b1c8b7c835e0c493927cb5c22bc68989244e49e284f90a063d54c6d1aa9?arch=amd64&repository_url=registry.redhat.io/rhosdt/jaeger-operator-bundle&tag=1.47.1-14", }, }, }, { category: "product_version", name: "rhosdt/jaeger-rhel8-operator@sha256:9198140a0252287e5114e04b97d5454227b51bac8fa4411dea1b0d0843f3c668_amd64", product: { name: "rhosdt/jaeger-rhel8-operator@sha256:9198140a0252287e5114e04b97d5454227b51bac8fa4411dea1b0d0843f3c668_amd64", product_id: "rhosdt/jaeger-rhel8-operator@sha256:9198140a0252287e5114e04b97d5454227b51bac8fa4411dea1b0d0843f3c668_amd64", product_identification_helper: { purl: "pkg:oci/jaeger-rhel8-operator@sha256:9198140a0252287e5114e04b97d5454227b51bac8fa4411dea1b0d0843f3c668?arch=amd64&repository_url=registry.redhat.io/rhosdt/jaeger-rhel8-operator&tag=1.47.1-5", }, }, }, { category: "product_version", name: "rhosdt/jaeger-query-rhel8@sha256:d9adfa493c64269d2ce744572d9a4c230e8a7c2503a35dbb3df5346e52a6dd2c_amd64", product: { name: "rhosdt/jaeger-query-rhel8@sha256:d9adfa493c64269d2ce744572d9a4c230e8a7c2503a35dbb3df5346e52a6dd2c_amd64", product_id: "rhosdt/jaeger-query-rhel8@sha256:d9adfa493c64269d2ce744572d9a4c230e8a7c2503a35dbb3df5346e52a6dd2c_amd64", product_identification_helper: { purl: "pkg:oci/jaeger-query-rhel8@sha256:d9adfa493c64269d2ce744572d9a4c230e8a7c2503a35dbb3df5346e52a6dd2c?arch=amd64&repository_url=registry.redhat.io/rhosdt/jaeger-query-rhel8&tag=1.47.1-5", }, }, }, { category: "product_version", name: "rhosdt/opentelemetry-collector-rhel8@sha256:2adc2877050289ee2568c4f03ce171dc2c30bf86976fcc63c09bd0bf18b92cc4_amd64", product: { name: "rhosdt/opentelemetry-collector-rhel8@sha256:2adc2877050289ee2568c4f03ce171dc2c30bf86976fcc63c09bd0bf18b92cc4_amd64", product_id: "rhosdt/opentelemetry-collector-rhel8@sha256:2adc2877050289ee2568c4f03ce171dc2c30bf86976fcc63c09bd0bf18b92cc4_amd64", product_identification_helper: { purl: "pkg:oci/opentelemetry-collector-rhel8@sha256:2adc2877050289ee2568c4f03ce171dc2c30bf86976fcc63c09bd0bf18b92cc4?arch=amd64&repository_url=registry.redhat.io/rhosdt/opentelemetry-collector-rhel8&tag=0.81.1-5", }, }, }, { category: "product_version", name: "rhosdt/opentelemetry-operator-bundle@sha256:eaa126d86aecf2bd330f2234104a905a71ab280a4d74a2614d98daaf13e821e2_amd64", product: { name: "rhosdt/opentelemetry-operator-bundle@sha256:eaa126d86aecf2bd330f2234104a905a71ab280a4d74a2614d98daaf13e821e2_amd64", product_id: "rhosdt/opentelemetry-operator-bundle@sha256:eaa126d86aecf2bd330f2234104a905a71ab280a4d74a2614d98daaf13e821e2_amd64", product_identification_helper: { purl: "pkg:oci/opentelemetry-operator-bundle@sha256:eaa126d86aecf2bd330f2234104a905a71ab280a4d74a2614d98daaf13e821e2?arch=amd64&repository_url=registry.redhat.io/rhosdt/opentelemetry-operator-bundle&tag=0.81.1-12", }, }, }, { category: "product_version", name: "rhosdt/opentelemetry-rhel8-operator@sha256:746f118b9224ba6a175526f265d956ae8ce6c7c170db2217bd34b028f03999af_amd64", product: { name: "rhosdt/opentelemetry-rhel8-operator@sha256:746f118b9224ba6a175526f265d956ae8ce6c7c170db2217bd34b028f03999af_amd64", product_id: "rhosdt/opentelemetry-rhel8-operator@sha256:746f118b9224ba6a175526f265d956ae8ce6c7c170db2217bd34b028f03999af_amd64", product_identification_helper: { purl: "pkg:oci/opentelemetry-rhel8-operator@sha256:746f118b9224ba6a175526f265d956ae8ce6c7c170db2217bd34b028f03999af?arch=amd64&repository_url=registry.redhat.io/rhosdt/opentelemetry-rhel8-operator&tag=0.81.1-5", }, }, }, { category: "product_version", name: "rhosdt/tempo-rhel8@sha256:29200f7311b63df76f6723878e4a8e2c315376b421e4e5febe2323a926d48594_amd64", product: { name: "rhosdt/tempo-rhel8@sha256:29200f7311b63df76f6723878e4a8e2c315376b421e4e5febe2323a926d48594_amd64", product_id: "rhosdt/tempo-rhel8@sha256:29200f7311b63df76f6723878e4a8e2c315376b421e4e5febe2323a926d48594_amd64", product_identification_helper: { purl: "pkg:oci/tempo-rhel8@sha256:29200f7311b63df76f6723878e4a8e2c315376b421e4e5febe2323a926d48594?arch=amd64&repository_url=registry.redhat.io/rhosdt/tempo-rhel8&tag=2.1.1-10", }, }, }, { category: "product_version", name: "rhosdt/tempo-gateway-rhel8@sha256:9e9d91554f5edb5a3e00f2a294056bb540ed1597fc8af5d44432ce81d54bf977_amd64", product: { name: "rhosdt/tempo-gateway-rhel8@sha256:9e9d91554f5edb5a3e00f2a294056bb540ed1597fc8af5d44432ce81d54bf977_amd64", product_id: "rhosdt/tempo-gateway-rhel8@sha256:9e9d91554f5edb5a3e00f2a294056bb540ed1597fc8af5d44432ce81d54bf977_amd64", product_identification_helper: { purl: "pkg:oci/tempo-gateway-rhel8@sha256:9e9d91554f5edb5a3e00f2a294056bb540ed1597fc8af5d44432ce81d54bf977?arch=amd64&repository_url=registry.redhat.io/rhosdt/tempo-gateway-rhel8&tag=742e3d3-3", }, }, }, { category: "product_version", name: "rhosdt/tempo-gateway-opa-rhel8@sha256:dd22e49f8d5aa7f009169aec3c43e68307e0842cde9260a70dd424159e61c89d_amd64", product: { name: "rhosdt/tempo-gateway-opa-rhel8@sha256:dd22e49f8d5aa7f009169aec3c43e68307e0842cde9260a70dd424159e61c89d_amd64", product_id: "rhosdt/tempo-gateway-opa-rhel8@sha256:dd22e49f8d5aa7f009169aec3c43e68307e0842cde9260a70dd424159e61c89d_amd64", product_identification_helper: { purl: "pkg:oci/tempo-gateway-opa-rhel8@sha256:dd22e49f8d5aa7f009169aec3c43e68307e0842cde9260a70dd424159e61c89d?arch=amd64&repository_url=registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8&tag=fe53f40-2", }, }, }, { category: "product_version", name: "rhosdt/tempo-operator-bundle@sha256:b6ec1460415bf8c69d82cf9267494dc5445242b6a0957318eae5bf333693cb2e_amd64", product: { name: "rhosdt/tempo-operator-bundle@sha256:b6ec1460415bf8c69d82cf9267494dc5445242b6a0957318eae5bf333693cb2e_amd64", product_id: "rhosdt/tempo-operator-bundle@sha256:b6ec1460415bf8c69d82cf9267494dc5445242b6a0957318eae5bf333693cb2e_amd64", product_identification_helper: { purl: "pkg:oci/tempo-operator-bundle@sha256:b6ec1460415bf8c69d82cf9267494dc5445242b6a0957318eae5bf333693cb2e?arch=amd64&repository_url=registry.redhat.io/rhosdt/tempo-operator-bundle&tag=0.3.1-11", }, }, }, { category: "product_version", name: "rhosdt/tempo-rhel8-operator@sha256:a18638de4d39738b696f044e0d181fdeaf82499f2a2b4b46c07675db5fbe8c3f_amd64", product: { name: "rhosdt/tempo-rhel8-operator@sha256:a18638de4d39738b696f044e0d181fdeaf82499f2a2b4b46c07675db5fbe8c3f_amd64", product_id: "rhosdt/tempo-rhel8-operator@sha256:a18638de4d39738b696f044e0d181fdeaf82499f2a2b4b46c07675db5fbe8c3f_amd64", product_identification_helper: { purl: "pkg:oci/tempo-rhel8-operator@sha256:a18638de4d39738b696f044e0d181fdeaf82499f2a2b4b46c07675db5fbe8c3f?arch=amd64&repository_url=registry.redhat.io/rhosdt/tempo-rhel8-operator&tag=0.3.1-3", }, }, }, { category: "product_version", name: "rhosdt/tempo-query-rhel8@sha256:b903b41e1096a25b53c5272c8457baa352e2c83fa997852d4a8ed614e2c02802_amd64", product: { name: "rhosdt/tempo-query-rhel8@sha256:b903b41e1096a25b53c5272c8457baa352e2c83fa997852d4a8ed614e2c02802_amd64", product_id: "rhosdt/tempo-query-rhel8@sha256:b903b41e1096a25b53c5272c8457baa352e2c83fa997852d4a8ed614e2c02802_amd64", product_identification_helper: { purl: "pkg:oci/tempo-query-rhel8@sha256:b903b41e1096a25b53c5272c8457baa352e2c83fa997852d4a8ed614e2c02802?arch=amd64&repository_url=registry.redhat.io/rhosdt/tempo-query-rhel8&tag=0.3.1-4", }, }, }, ], category: "architecture", name: "amd64", }, { branches: [ { category: "product_version", name: "rhosdt/jaeger-agent-rhel8@sha256:952f7701d0c1d8ac9c01c0b2ff9d28a4dad480fd34e68eef162e41b5bb0a17e1_ppc64le", product: { name: "rhosdt/jaeger-agent-rhel8@sha256:952f7701d0c1d8ac9c01c0b2ff9d28a4dad480fd34e68eef162e41b5bb0a17e1_ppc64le", product_id: "rhosdt/jaeger-agent-rhel8@sha256:952f7701d0c1d8ac9c01c0b2ff9d28a4dad480fd34e68eef162e41b5bb0a17e1_ppc64le", product_identification_helper: { purl: "pkg:oci/jaeger-agent-rhel8@sha256:952f7701d0c1d8ac9c01c0b2ff9d28a4dad480fd34e68eef162e41b5bb0a17e1?arch=ppc64le&repository_url=registry.redhat.io/rhosdt/jaeger-agent-rhel8&tag=1.47.1-5", }, }, }, { category: "product_version", name: "rhosdt/jaeger-all-in-one-rhel8@sha256:16934a17528d69fb0d39f605364fbc012a3e4d7401df45c91c995ac8ef9ed920_ppc64le", product: { name: "rhosdt/jaeger-all-in-one-rhel8@sha256:16934a17528d69fb0d39f605364fbc012a3e4d7401df45c91c995ac8ef9ed920_ppc64le", product_id: "rhosdt/jaeger-all-in-one-rhel8@sha256:16934a17528d69fb0d39f605364fbc012a3e4d7401df45c91c995ac8ef9ed920_ppc64le", product_identification_helper: { purl: "pkg:oci/jaeger-all-in-one-rhel8@sha256:16934a17528d69fb0d39f605364fbc012a3e4d7401df45c91c995ac8ef9ed920?arch=ppc64le&repository_url=registry.redhat.io/rhosdt/jaeger-all-in-one-rhel8&tag=1.47.1-5", }, }, }, { category: "product_version", name: "rhosdt/jaeger-collector-rhel8@sha256:467961ec80abc54ee85939f0287041223b181bb7c9a622b556785ff1dd8119f5_ppc64le", product: { name: "rhosdt/jaeger-collector-rhel8@sha256:467961ec80abc54ee85939f0287041223b181bb7c9a622b556785ff1dd8119f5_ppc64le", product_id: "rhosdt/jaeger-collector-rhel8@sha256:467961ec80abc54ee85939f0287041223b181bb7c9a622b556785ff1dd8119f5_ppc64le", product_identification_helper: { purl: "pkg:oci/jaeger-collector-rhel8@sha256:467961ec80abc54ee85939f0287041223b181bb7c9a622b556785ff1dd8119f5?arch=ppc64le&repository_url=registry.redhat.io/rhosdt/jaeger-collector-rhel8&tag=1.47.1-5", }, }, }, { category: "product_version", name: "rhosdt/jaeger-es-index-cleaner-rhel8@sha256:43f26cad1cd0ea7e5ac2e605077302473382ab85b3f8da72e49c4dd06114dab2_ppc64le", product: { name: "rhosdt/jaeger-es-index-cleaner-rhel8@sha256:43f26cad1cd0ea7e5ac2e605077302473382ab85b3f8da72e49c4dd06114dab2_ppc64le", product_id: "rhosdt/jaeger-es-index-cleaner-rhel8@sha256:43f26cad1cd0ea7e5ac2e605077302473382ab85b3f8da72e49c4dd06114dab2_ppc64le", product_identification_helper: { purl: "pkg:oci/jaeger-es-index-cleaner-rhel8@sha256:43f26cad1cd0ea7e5ac2e605077302473382ab85b3f8da72e49c4dd06114dab2?arch=ppc64le&repository_url=registry.redhat.io/rhosdt/jaeger-es-index-cleaner-rhel8&tag=1.47.1-5", }, }, }, { category: "product_version", name: "rhosdt/jaeger-es-rollover-rhel8@sha256:0c8511e092b0138282ce3997cf06d8ba5995b9aa17aa436bcb3eacad910ff54d_ppc64le", product: { name: "rhosdt/jaeger-es-rollover-rhel8@sha256:0c8511e092b0138282ce3997cf06d8ba5995b9aa17aa436bcb3eacad910ff54d_ppc64le", product_id: "rhosdt/jaeger-es-rollover-rhel8@sha256:0c8511e092b0138282ce3997cf06d8ba5995b9aa17aa436bcb3eacad910ff54d_ppc64le", product_identification_helper: { purl: "pkg:oci/jaeger-es-rollover-rhel8@sha256:0c8511e092b0138282ce3997cf06d8ba5995b9aa17aa436bcb3eacad910ff54d?arch=ppc64le&repository_url=registry.redhat.io/rhosdt/jaeger-es-rollover-rhel8&tag=1.47.1-5", }, }, }, { category: "product_version", name: "rhosdt/jaeger-ingester-rhel8@sha256:8341ef7ade15d0f823fb0ef8d1d2e2aab3f6078feae7a341a2f7b4c6bd94fba1_ppc64le", product: { name: "rhosdt/jaeger-ingester-rhel8@sha256:8341ef7ade15d0f823fb0ef8d1d2e2aab3f6078feae7a341a2f7b4c6bd94fba1_ppc64le", product_id: "rhosdt/jaeger-ingester-rhel8@sha256:8341ef7ade15d0f823fb0ef8d1d2e2aab3f6078feae7a341a2f7b4c6bd94fba1_ppc64le", product_identification_helper: { purl: "pkg:oci/jaeger-ingester-rhel8@sha256:8341ef7ade15d0f823fb0ef8d1d2e2aab3f6078feae7a341a2f7b4c6bd94fba1?arch=ppc64le&repository_url=registry.redhat.io/rhosdt/jaeger-ingester-rhel8&tag=1.47.1-5", }, }, }, { category: "product_version", name: "rhosdt/jaeger-operator-bundle@sha256:a59c693b975fad667a6cfebed3e2cf564419baf0a10aa27b71a22581b789dc10_ppc64le", product: { name: "rhosdt/jaeger-operator-bundle@sha256:a59c693b975fad667a6cfebed3e2cf564419baf0a10aa27b71a22581b789dc10_ppc64le", product_id: "rhosdt/jaeger-operator-bundle@sha256:a59c693b975fad667a6cfebed3e2cf564419baf0a10aa27b71a22581b789dc10_ppc64le", product_identification_helper: { purl: "pkg:oci/jaeger-operator-bundle@sha256:a59c693b975fad667a6cfebed3e2cf564419baf0a10aa27b71a22581b789dc10?arch=ppc64le&repository_url=registry.redhat.io/rhosdt/jaeger-operator-bundle&tag=1.47.1-14", }, }, }, { category: "product_version", name: "rhosdt/jaeger-rhel8-operator@sha256:e50b850a731b7ab45345ab4e9495e4806ac0c6f8ba9ae13b83673a3b06a014f9_ppc64le", product: { name: "rhosdt/jaeger-rhel8-operator@sha256:e50b850a731b7ab45345ab4e9495e4806ac0c6f8ba9ae13b83673a3b06a014f9_ppc64le", product_id: "rhosdt/jaeger-rhel8-operator@sha256:e50b850a731b7ab45345ab4e9495e4806ac0c6f8ba9ae13b83673a3b06a014f9_ppc64le", product_identification_helper: { purl: "pkg:oci/jaeger-rhel8-operator@sha256:e50b850a731b7ab45345ab4e9495e4806ac0c6f8ba9ae13b83673a3b06a014f9?arch=ppc64le&repository_url=registry.redhat.io/rhosdt/jaeger-rhel8-operator&tag=1.47.1-5", }, }, }, { category: "product_version", name: "rhosdt/jaeger-query-rhel8@sha256:4da3891b6d4df60dc7e0248bbb543d8363d32671bc3b0eb1671468dd4d3b7ebe_ppc64le", product: { name: "rhosdt/jaeger-query-rhel8@sha256:4da3891b6d4df60dc7e0248bbb543d8363d32671bc3b0eb1671468dd4d3b7ebe_ppc64le", product_id: "rhosdt/jaeger-query-rhel8@sha256:4da3891b6d4df60dc7e0248bbb543d8363d32671bc3b0eb1671468dd4d3b7ebe_ppc64le", product_identification_helper: { purl: "pkg:oci/jaeger-query-rhel8@sha256:4da3891b6d4df60dc7e0248bbb543d8363d32671bc3b0eb1671468dd4d3b7ebe?arch=ppc64le&repository_url=registry.redhat.io/rhosdt/jaeger-query-rhel8&tag=1.47.1-5", }, }, }, { category: "product_version", name: "rhosdt/opentelemetry-collector-rhel8@sha256:73017b0ad2d4ea26900253abdc9a62d55a40ff04905a391e91610ad7a9d762d3_ppc64le", product: { name: "rhosdt/opentelemetry-collector-rhel8@sha256:73017b0ad2d4ea26900253abdc9a62d55a40ff04905a391e91610ad7a9d762d3_ppc64le", product_id: "rhosdt/opentelemetry-collector-rhel8@sha256:73017b0ad2d4ea26900253abdc9a62d55a40ff04905a391e91610ad7a9d762d3_ppc64le", product_identification_helper: { purl: "pkg:oci/opentelemetry-collector-rhel8@sha256:73017b0ad2d4ea26900253abdc9a62d55a40ff04905a391e91610ad7a9d762d3?arch=ppc64le&repository_url=registry.redhat.io/rhosdt/opentelemetry-collector-rhel8&tag=0.81.1-5", }, }, }, { category: "product_version", name: "rhosdt/opentelemetry-operator-bundle@sha256:33f921009c9baaf82d3d10406073e9da9b31540d6b3b421c7a3659e2d8310179_ppc64le", product: { name: "rhosdt/opentelemetry-operator-bundle@sha256:33f921009c9baaf82d3d10406073e9da9b31540d6b3b421c7a3659e2d8310179_ppc64le", product_id: "rhosdt/opentelemetry-operator-bundle@sha256:33f921009c9baaf82d3d10406073e9da9b31540d6b3b421c7a3659e2d8310179_ppc64le", product_identification_helper: { purl: "pkg:oci/opentelemetry-operator-bundle@sha256:33f921009c9baaf82d3d10406073e9da9b31540d6b3b421c7a3659e2d8310179?arch=ppc64le&repository_url=registry.redhat.io/rhosdt/opentelemetry-operator-bundle&tag=0.81.1-12", }, }, }, { category: "product_version", name: "rhosdt/opentelemetry-rhel8-operator@sha256:8a237928d7c059ecd5d1f3aad89ab094a73452e221c133cd9c5c7689db9b87bf_ppc64le", product: { name: "rhosdt/opentelemetry-rhel8-operator@sha256:8a237928d7c059ecd5d1f3aad89ab094a73452e221c133cd9c5c7689db9b87bf_ppc64le", product_id: "rhosdt/opentelemetry-rhel8-operator@sha256:8a237928d7c059ecd5d1f3aad89ab094a73452e221c133cd9c5c7689db9b87bf_ppc64le", product_identification_helper: { purl: "pkg:oci/opentelemetry-rhel8-operator@sha256:8a237928d7c059ecd5d1f3aad89ab094a73452e221c133cd9c5c7689db9b87bf?arch=ppc64le&repository_url=registry.redhat.io/rhosdt/opentelemetry-rhel8-operator&tag=0.81.1-5", }, }, }, { category: "product_version", name: "rhosdt/tempo-rhel8@sha256:42c59f6a87c791fd6a3e829af331e2c5778612f503b402c0a08278cc9dc09ef7_ppc64le", product: { name: "rhosdt/tempo-rhel8@sha256:42c59f6a87c791fd6a3e829af331e2c5778612f503b402c0a08278cc9dc09ef7_ppc64le", product_id: "rhosdt/tempo-rhel8@sha256:42c59f6a87c791fd6a3e829af331e2c5778612f503b402c0a08278cc9dc09ef7_ppc64le", product_identification_helper: { purl: "pkg:oci/tempo-rhel8@sha256:42c59f6a87c791fd6a3e829af331e2c5778612f503b402c0a08278cc9dc09ef7?arch=ppc64le&repository_url=registry.redhat.io/rhosdt/tempo-rhel8&tag=2.1.1-10", }, }, }, { category: "product_version", name: "rhosdt/tempo-gateway-rhel8@sha256:3c15440847fbc38023d590dd5f93ee524f53e2999c4483cfb3ba9bbf6bba904f_ppc64le", product: { name: "rhosdt/tempo-gateway-rhel8@sha256:3c15440847fbc38023d590dd5f93ee524f53e2999c4483cfb3ba9bbf6bba904f_ppc64le", product_id: "rhosdt/tempo-gateway-rhel8@sha256:3c15440847fbc38023d590dd5f93ee524f53e2999c4483cfb3ba9bbf6bba904f_ppc64le", product_identification_helper: { purl: "pkg:oci/tempo-gateway-rhel8@sha256:3c15440847fbc38023d590dd5f93ee524f53e2999c4483cfb3ba9bbf6bba904f?arch=ppc64le&repository_url=registry.redhat.io/rhosdt/tempo-gateway-rhel8&tag=742e3d3-3", }, }, }, { category: "product_version", name: "rhosdt/tempo-gateway-opa-rhel8@sha256:cbad12c58f243298974f51d2278730feb5fbb74cdc6de409dd0578794ab6c1a4_ppc64le", product: { name: "rhosdt/tempo-gateway-opa-rhel8@sha256:cbad12c58f243298974f51d2278730feb5fbb74cdc6de409dd0578794ab6c1a4_ppc64le", product_id: "rhosdt/tempo-gateway-opa-rhel8@sha256:cbad12c58f243298974f51d2278730feb5fbb74cdc6de409dd0578794ab6c1a4_ppc64le", product_identification_helper: { purl: "pkg:oci/tempo-gateway-opa-rhel8@sha256:cbad12c58f243298974f51d2278730feb5fbb74cdc6de409dd0578794ab6c1a4?arch=ppc64le&repository_url=registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8&tag=fe53f40-2", }, }, }, { category: "product_version", name: "rhosdt/tempo-operator-bundle@sha256:6df979ecc2195ddd8c1b84a0355fa4df58cf55c34f0b07669659d72501a701d4_ppc64le", product: { name: "rhosdt/tempo-operator-bundle@sha256:6df979ecc2195ddd8c1b84a0355fa4df58cf55c34f0b07669659d72501a701d4_ppc64le", product_id: "rhosdt/tempo-operator-bundle@sha256:6df979ecc2195ddd8c1b84a0355fa4df58cf55c34f0b07669659d72501a701d4_ppc64le", product_identification_helper: { purl: "pkg:oci/tempo-operator-bundle@sha256:6df979ecc2195ddd8c1b84a0355fa4df58cf55c34f0b07669659d72501a701d4?arch=ppc64le&repository_url=registry.redhat.io/rhosdt/tempo-operator-bundle&tag=0.3.1-11", }, }, }, { category: "product_version", name: "rhosdt/tempo-rhel8-operator@sha256:5aee6e4bfecba226d276b95c62a68a1b6d513d60c9c8aff84752725e6c01b8c0_ppc64le", product: { name: "rhosdt/tempo-rhel8-operator@sha256:5aee6e4bfecba226d276b95c62a68a1b6d513d60c9c8aff84752725e6c01b8c0_ppc64le", product_id: "rhosdt/tempo-rhel8-operator@sha256:5aee6e4bfecba226d276b95c62a68a1b6d513d60c9c8aff84752725e6c01b8c0_ppc64le", product_identification_helper: { purl: "pkg:oci/tempo-rhel8-operator@sha256:5aee6e4bfecba226d276b95c62a68a1b6d513d60c9c8aff84752725e6c01b8c0?arch=ppc64le&repository_url=registry.redhat.io/rhosdt/tempo-rhel8-operator&tag=0.3.1-3", }, }, }, { category: "product_version", name: "rhosdt/tempo-query-rhel8@sha256:0d51e3a8b92cab3b8f5221fc076b2079a68e7ba75f7f3ecb9322fe7ba77e862f_ppc64le", product: { name: "rhosdt/tempo-query-rhel8@sha256:0d51e3a8b92cab3b8f5221fc076b2079a68e7ba75f7f3ecb9322fe7ba77e862f_ppc64le", product_id: "rhosdt/tempo-query-rhel8@sha256:0d51e3a8b92cab3b8f5221fc076b2079a68e7ba75f7f3ecb9322fe7ba77e862f_ppc64le", product_identification_helper: { purl: "pkg:oci/tempo-query-rhel8@sha256:0d51e3a8b92cab3b8f5221fc076b2079a68e7ba75f7f3ecb9322fe7ba77e862f?arch=ppc64le&repository_url=registry.redhat.io/rhosdt/tempo-query-rhel8&tag=0.3.1-4", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "rhosdt/jaeger-agent-rhel8@sha256:2619637d44fd87e5c07301de93841899fffc109dcfaff59d56349cedc208a679_s390x", product: { name: "rhosdt/jaeger-agent-rhel8@sha256:2619637d44fd87e5c07301de93841899fffc109dcfaff59d56349cedc208a679_s390x", product_id: "rhosdt/jaeger-agent-rhel8@sha256:2619637d44fd87e5c07301de93841899fffc109dcfaff59d56349cedc208a679_s390x", product_identification_helper: { purl: "pkg:oci/jaeger-agent-rhel8@sha256:2619637d44fd87e5c07301de93841899fffc109dcfaff59d56349cedc208a679?arch=s390x&repository_url=registry.redhat.io/rhosdt/jaeger-agent-rhel8&tag=1.47.1-5", }, }, }, { category: "product_version", name: "rhosdt/jaeger-all-in-one-rhel8@sha256:f99bb528c12edb65c36659a0a5d59d7a76449ce9649bf7c5be7b273f8485fc25_s390x", product: { name: "rhosdt/jaeger-all-in-one-rhel8@sha256:f99bb528c12edb65c36659a0a5d59d7a76449ce9649bf7c5be7b273f8485fc25_s390x", product_id: "rhosdt/jaeger-all-in-one-rhel8@sha256:f99bb528c12edb65c36659a0a5d59d7a76449ce9649bf7c5be7b273f8485fc25_s390x", product_identification_helper: { purl: "pkg:oci/jaeger-all-in-one-rhel8@sha256:f99bb528c12edb65c36659a0a5d59d7a76449ce9649bf7c5be7b273f8485fc25?arch=s390x&repository_url=registry.redhat.io/rhosdt/jaeger-all-in-one-rhel8&tag=1.47.1-5", }, }, }, { category: "product_version", name: "rhosdt/jaeger-collector-rhel8@sha256:a7e722132e7a538443f59788b82edcc52f5ec22e9343725c4401c9bdf7093b9a_s390x", product: { name: "rhosdt/jaeger-collector-rhel8@sha256:a7e722132e7a538443f59788b82edcc52f5ec22e9343725c4401c9bdf7093b9a_s390x", product_id: "rhosdt/jaeger-collector-rhel8@sha256:a7e722132e7a538443f59788b82edcc52f5ec22e9343725c4401c9bdf7093b9a_s390x", product_identification_helper: { purl: "pkg:oci/jaeger-collector-rhel8@sha256:a7e722132e7a538443f59788b82edcc52f5ec22e9343725c4401c9bdf7093b9a?arch=s390x&repository_url=registry.redhat.io/rhosdt/jaeger-collector-rhel8&tag=1.47.1-5", }, }, }, { category: "product_version", name: "rhosdt/jaeger-es-index-cleaner-rhel8@sha256:b0a3660137670fedc4e56ca656d56fb739c2fa48d9d0cf5f66fd150bd61365d5_s390x", product: { name: "rhosdt/jaeger-es-index-cleaner-rhel8@sha256:b0a3660137670fedc4e56ca656d56fb739c2fa48d9d0cf5f66fd150bd61365d5_s390x", product_id: "rhosdt/jaeger-es-index-cleaner-rhel8@sha256:b0a3660137670fedc4e56ca656d56fb739c2fa48d9d0cf5f66fd150bd61365d5_s390x", product_identification_helper: { purl: "pkg:oci/jaeger-es-index-cleaner-rhel8@sha256:b0a3660137670fedc4e56ca656d56fb739c2fa48d9d0cf5f66fd150bd61365d5?arch=s390x&repository_url=registry.redhat.io/rhosdt/jaeger-es-index-cleaner-rhel8&tag=1.47.1-5", }, }, }, { category: "product_version", name: "rhosdt/jaeger-es-rollover-rhel8@sha256:5068337fc3ab78c2bed33b7eb0f1c1cf67c753a00c006e945aded3ecad884edc_s390x", product: { name: "rhosdt/jaeger-es-rollover-rhel8@sha256:5068337fc3ab78c2bed33b7eb0f1c1cf67c753a00c006e945aded3ecad884edc_s390x", product_id: "rhosdt/jaeger-es-rollover-rhel8@sha256:5068337fc3ab78c2bed33b7eb0f1c1cf67c753a00c006e945aded3ecad884edc_s390x", product_identification_helper: { purl: "pkg:oci/jaeger-es-rollover-rhel8@sha256:5068337fc3ab78c2bed33b7eb0f1c1cf67c753a00c006e945aded3ecad884edc?arch=s390x&repository_url=registry.redhat.io/rhosdt/jaeger-es-rollover-rhel8&tag=1.47.1-5", }, }, }, { category: "product_version", name: "rhosdt/jaeger-ingester-rhel8@sha256:f117be17c9d1713db3719e4e1a7eb3b4697f9c12ac176c311b4c5d6ee27e59f9_s390x", product: { name: "rhosdt/jaeger-ingester-rhel8@sha256:f117be17c9d1713db3719e4e1a7eb3b4697f9c12ac176c311b4c5d6ee27e59f9_s390x", product_id: "rhosdt/jaeger-ingester-rhel8@sha256:f117be17c9d1713db3719e4e1a7eb3b4697f9c12ac176c311b4c5d6ee27e59f9_s390x", product_identification_helper: { purl: "pkg:oci/jaeger-ingester-rhel8@sha256:f117be17c9d1713db3719e4e1a7eb3b4697f9c12ac176c311b4c5d6ee27e59f9?arch=s390x&repository_url=registry.redhat.io/rhosdt/jaeger-ingester-rhel8&tag=1.47.1-5", }, }, }, { category: "product_version", name: "rhosdt/jaeger-operator-bundle@sha256:bf2cc048dd6e18cb05a17a6de1e45cabd734af0f88555d0c1057bf3b82ac1e0f_s390x", product: { name: "rhosdt/jaeger-operator-bundle@sha256:bf2cc048dd6e18cb05a17a6de1e45cabd734af0f88555d0c1057bf3b82ac1e0f_s390x", product_id: "rhosdt/jaeger-operator-bundle@sha256:bf2cc048dd6e18cb05a17a6de1e45cabd734af0f88555d0c1057bf3b82ac1e0f_s390x", product_identification_helper: { purl: "pkg:oci/jaeger-operator-bundle@sha256:bf2cc048dd6e18cb05a17a6de1e45cabd734af0f88555d0c1057bf3b82ac1e0f?arch=s390x&repository_url=registry.redhat.io/rhosdt/jaeger-operator-bundle&tag=1.47.1-14", }, }, }, { category: "product_version", name: "rhosdt/jaeger-rhel8-operator@sha256:a9173c66a6929bf5fc689bd434203155e365d23e5e9ae7666d89224ec39df975_s390x", product: { name: "rhosdt/jaeger-rhel8-operator@sha256:a9173c66a6929bf5fc689bd434203155e365d23e5e9ae7666d89224ec39df975_s390x", product_id: "rhosdt/jaeger-rhel8-operator@sha256:a9173c66a6929bf5fc689bd434203155e365d23e5e9ae7666d89224ec39df975_s390x", product_identification_helper: { purl: "pkg:oci/jaeger-rhel8-operator@sha256:a9173c66a6929bf5fc689bd434203155e365d23e5e9ae7666d89224ec39df975?arch=s390x&repository_url=registry.redhat.io/rhosdt/jaeger-rhel8-operator&tag=1.47.1-5", }, }, }, { category: "product_version", name: "rhosdt/jaeger-query-rhel8@sha256:4e62b4264b5e4c63bc7d0cecf154dd481605e1d0ff94d563e9d6a8bc43c4835a_s390x", product: { name: "rhosdt/jaeger-query-rhel8@sha256:4e62b4264b5e4c63bc7d0cecf154dd481605e1d0ff94d563e9d6a8bc43c4835a_s390x", product_id: "rhosdt/jaeger-query-rhel8@sha256:4e62b4264b5e4c63bc7d0cecf154dd481605e1d0ff94d563e9d6a8bc43c4835a_s390x", product_identification_helper: { purl: "pkg:oci/jaeger-query-rhel8@sha256:4e62b4264b5e4c63bc7d0cecf154dd481605e1d0ff94d563e9d6a8bc43c4835a?arch=s390x&repository_url=registry.redhat.io/rhosdt/jaeger-query-rhel8&tag=1.47.1-5", }, }, }, { category: "product_version", name: "rhosdt/opentelemetry-collector-rhel8@sha256:cb9a2f0df6852eb9d11deb8c4c14142bcae17a70301c55974fd0d87116814c9f_s390x", product: { name: "rhosdt/opentelemetry-collector-rhel8@sha256:cb9a2f0df6852eb9d11deb8c4c14142bcae17a70301c55974fd0d87116814c9f_s390x", product_id: "rhosdt/opentelemetry-collector-rhel8@sha256:cb9a2f0df6852eb9d11deb8c4c14142bcae17a70301c55974fd0d87116814c9f_s390x", product_identification_helper: { purl: "pkg:oci/opentelemetry-collector-rhel8@sha256:cb9a2f0df6852eb9d11deb8c4c14142bcae17a70301c55974fd0d87116814c9f?arch=s390x&repository_url=registry.redhat.io/rhosdt/opentelemetry-collector-rhel8&tag=0.81.1-5", }, }, }, { category: "product_version", name: "rhosdt/opentelemetry-operator-bundle@sha256:0ec97472d9bb1d99bfc0653194acf1b44de185a9e63756fb692acaa713ade2db_s390x", product: { name: "rhosdt/opentelemetry-operator-bundle@sha256:0ec97472d9bb1d99bfc0653194acf1b44de185a9e63756fb692acaa713ade2db_s390x", product_id: "rhosdt/opentelemetry-operator-bundle@sha256:0ec97472d9bb1d99bfc0653194acf1b44de185a9e63756fb692acaa713ade2db_s390x", product_identification_helper: { purl: "pkg:oci/opentelemetry-operator-bundle@sha256:0ec97472d9bb1d99bfc0653194acf1b44de185a9e63756fb692acaa713ade2db?arch=s390x&repository_url=registry.redhat.io/rhosdt/opentelemetry-operator-bundle&tag=0.81.1-12", }, }, }, { category: "product_version", name: "rhosdt/opentelemetry-rhel8-operator@sha256:ecead456f33621f78b97d0d151f816d39246af1ca69696616f033213791142dc_s390x", product: { name: "rhosdt/opentelemetry-rhel8-operator@sha256:ecead456f33621f78b97d0d151f816d39246af1ca69696616f033213791142dc_s390x", product_id: "rhosdt/opentelemetry-rhel8-operator@sha256:ecead456f33621f78b97d0d151f816d39246af1ca69696616f033213791142dc_s390x", product_identification_helper: { purl: "pkg:oci/opentelemetry-rhel8-operator@sha256:ecead456f33621f78b97d0d151f816d39246af1ca69696616f033213791142dc?arch=s390x&repository_url=registry.redhat.io/rhosdt/opentelemetry-rhel8-operator&tag=0.81.1-5", }, }, }, { category: "product_version", name: "rhosdt/tempo-rhel8@sha256:d557bf48ab4db2b2c98a65d1a028b7cde4363ee888c274d0629829c1b07977ef_s390x", product: { name: "rhosdt/tempo-rhel8@sha256:d557bf48ab4db2b2c98a65d1a028b7cde4363ee888c274d0629829c1b07977ef_s390x", product_id: "rhosdt/tempo-rhel8@sha256:d557bf48ab4db2b2c98a65d1a028b7cde4363ee888c274d0629829c1b07977ef_s390x", product_identification_helper: { purl: "pkg:oci/tempo-rhel8@sha256:d557bf48ab4db2b2c98a65d1a028b7cde4363ee888c274d0629829c1b07977ef?arch=s390x&repository_url=registry.redhat.io/rhosdt/tempo-rhel8&tag=2.1.1-10", }, }, }, { category: "product_version", name: "rhosdt/tempo-gateway-rhel8@sha256:ac25a060b441ba7b1a2f282083e0900f26d159a02486d85bf496c28ce61ad970_s390x", product: { name: "rhosdt/tempo-gateway-rhel8@sha256:ac25a060b441ba7b1a2f282083e0900f26d159a02486d85bf496c28ce61ad970_s390x", product_id: "rhosdt/tempo-gateway-rhel8@sha256:ac25a060b441ba7b1a2f282083e0900f26d159a02486d85bf496c28ce61ad970_s390x", product_identification_helper: { purl: "pkg:oci/tempo-gateway-rhel8@sha256:ac25a060b441ba7b1a2f282083e0900f26d159a02486d85bf496c28ce61ad970?arch=s390x&repository_url=registry.redhat.io/rhosdt/tempo-gateway-rhel8&tag=742e3d3-3", }, }, }, { category: "product_version", name: "rhosdt/tempo-gateway-opa-rhel8@sha256:ae1228eb0e7c975eeec459749408a70324245aa99fd41bce03cd9f45ceb42d0b_s390x", product: { name: "rhosdt/tempo-gateway-opa-rhel8@sha256:ae1228eb0e7c975eeec459749408a70324245aa99fd41bce03cd9f45ceb42d0b_s390x", product_id: "rhosdt/tempo-gateway-opa-rhel8@sha256:ae1228eb0e7c975eeec459749408a70324245aa99fd41bce03cd9f45ceb42d0b_s390x", product_identification_helper: { purl: "pkg:oci/tempo-gateway-opa-rhel8@sha256:ae1228eb0e7c975eeec459749408a70324245aa99fd41bce03cd9f45ceb42d0b?arch=s390x&repository_url=registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8&tag=fe53f40-2", }, }, }, { category: "product_version", name: "rhosdt/tempo-operator-bundle@sha256:a66560fd323c9cb1466ca2fede9111665cadfc1ddaf9ce28e0aad6fdddf89763_s390x", product: { name: "rhosdt/tempo-operator-bundle@sha256:a66560fd323c9cb1466ca2fede9111665cadfc1ddaf9ce28e0aad6fdddf89763_s390x", product_id: "rhosdt/tempo-operator-bundle@sha256:a66560fd323c9cb1466ca2fede9111665cadfc1ddaf9ce28e0aad6fdddf89763_s390x", product_identification_helper: { purl: "pkg:oci/tempo-operator-bundle@sha256:a66560fd323c9cb1466ca2fede9111665cadfc1ddaf9ce28e0aad6fdddf89763?arch=s390x&repository_url=registry.redhat.io/rhosdt/tempo-operator-bundle&tag=0.3.1-11", }, }, }, { category: "product_version", name: "rhosdt/tempo-rhel8-operator@sha256:e9615e41e857331edacf87fcd98ced0a50fba92757131fdb433ad3e9490e4dd7_s390x", product: { name: "rhosdt/tempo-rhel8-operator@sha256:e9615e41e857331edacf87fcd98ced0a50fba92757131fdb433ad3e9490e4dd7_s390x", product_id: "rhosdt/tempo-rhel8-operator@sha256:e9615e41e857331edacf87fcd98ced0a50fba92757131fdb433ad3e9490e4dd7_s390x", product_identification_helper: { purl: "pkg:oci/tempo-rhel8-operator@sha256:e9615e41e857331edacf87fcd98ced0a50fba92757131fdb433ad3e9490e4dd7?arch=s390x&repository_url=registry.redhat.io/rhosdt/tempo-rhel8-operator&tag=0.3.1-3", }, }, }, { category: "product_version", name: "rhosdt/tempo-query-rhel8@sha256:a602d31cee6906b1d0218de85403decb0155746990f9cd218731c7d4e717f1a1_s390x", product: { name: "rhosdt/tempo-query-rhel8@sha256:a602d31cee6906b1d0218de85403decb0155746990f9cd218731c7d4e717f1a1_s390x", product_id: "rhosdt/tempo-query-rhel8@sha256:a602d31cee6906b1d0218de85403decb0155746990f9cd218731c7d4e717f1a1_s390x", product_identification_helper: { purl: "pkg:oci/tempo-query-rhel8@sha256:a602d31cee6906b1d0218de85403decb0155746990f9cd218731c7d4e717f1a1?arch=s390x&repository_url=registry.redhat.io/rhosdt/tempo-query-rhel8&tag=0.3.1-4", }, }, }, ], category: "architecture", name: "s390x", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "rhosdt/jaeger-agent-rhel8@sha256:2619637d44fd87e5c07301de93841899fffc109dcfaff59d56349cedc208a679_s390x as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:2619637d44fd87e5c07301de93841899fffc109dcfaff59d56349cedc208a679_s390x", }, product_reference: "rhosdt/jaeger-agent-rhel8@sha256:2619637d44fd87e5c07301de93841899fffc109dcfaff59d56349cedc208a679_s390x", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/jaeger-agent-rhel8@sha256:7ebe5c551baccd151d6ef2120eb7009570b33647bfd6332320dfa0f5f661ed8a_amd64 as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:7ebe5c551baccd151d6ef2120eb7009570b33647bfd6332320dfa0f5f661ed8a_amd64", }, product_reference: "rhosdt/jaeger-agent-rhel8@sha256:7ebe5c551baccd151d6ef2120eb7009570b33647bfd6332320dfa0f5f661ed8a_amd64", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/jaeger-agent-rhel8@sha256:952f7701d0c1d8ac9c01c0b2ff9d28a4dad480fd34e68eef162e41b5bb0a17e1_ppc64le as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:952f7701d0c1d8ac9c01c0b2ff9d28a4dad480fd34e68eef162e41b5bb0a17e1_ppc64le", }, product_reference: "rhosdt/jaeger-agent-rhel8@sha256:952f7701d0c1d8ac9c01c0b2ff9d28a4dad480fd34e68eef162e41b5bb0a17e1_ppc64le", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/jaeger-all-in-one-rhel8@sha256:16934a17528d69fb0d39f605364fbc012a3e4d7401df45c91c995ac8ef9ed920_ppc64le as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:16934a17528d69fb0d39f605364fbc012a3e4d7401df45c91c995ac8ef9ed920_ppc64le", }, product_reference: "rhosdt/jaeger-all-in-one-rhel8@sha256:16934a17528d69fb0d39f605364fbc012a3e4d7401df45c91c995ac8ef9ed920_ppc64le", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/jaeger-all-in-one-rhel8@sha256:bb3e6e3b54c116d45c23154b3f3bd122a99a62ceb4499cd56774f1e0cec1c214_amd64 as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:bb3e6e3b54c116d45c23154b3f3bd122a99a62ceb4499cd56774f1e0cec1c214_amd64", }, product_reference: "rhosdt/jaeger-all-in-one-rhel8@sha256:bb3e6e3b54c116d45c23154b3f3bd122a99a62ceb4499cd56774f1e0cec1c214_amd64", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/jaeger-all-in-one-rhel8@sha256:f99bb528c12edb65c36659a0a5d59d7a76449ce9649bf7c5be7b273f8485fc25_s390x as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:f99bb528c12edb65c36659a0a5d59d7a76449ce9649bf7c5be7b273f8485fc25_s390x", }, product_reference: "rhosdt/jaeger-all-in-one-rhel8@sha256:f99bb528c12edb65c36659a0a5d59d7a76449ce9649bf7c5be7b273f8485fc25_s390x", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/jaeger-collector-rhel8@sha256:467961ec80abc54ee85939f0287041223b181bb7c9a622b556785ff1dd8119f5_ppc64le as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:467961ec80abc54ee85939f0287041223b181bb7c9a622b556785ff1dd8119f5_ppc64le", }, product_reference: "rhosdt/jaeger-collector-rhel8@sha256:467961ec80abc54ee85939f0287041223b181bb7c9a622b556785ff1dd8119f5_ppc64le", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/jaeger-collector-rhel8@sha256:a7e722132e7a538443f59788b82edcc52f5ec22e9343725c4401c9bdf7093b9a_s390x as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:a7e722132e7a538443f59788b82edcc52f5ec22e9343725c4401c9bdf7093b9a_s390x", }, product_reference: "rhosdt/jaeger-collector-rhel8@sha256:a7e722132e7a538443f59788b82edcc52f5ec22e9343725c4401c9bdf7093b9a_s390x", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/jaeger-collector-rhel8@sha256:df8436011b04ced795985116fff8eb5cc0009f0002ce9c000f9db741980b5a72_amd64 as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:df8436011b04ced795985116fff8eb5cc0009f0002ce9c000f9db741980b5a72_amd64", }, product_reference: "rhosdt/jaeger-collector-rhel8@sha256:df8436011b04ced795985116fff8eb5cc0009f0002ce9c000f9db741980b5a72_amd64", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/jaeger-es-index-cleaner-rhel8@sha256:43f26cad1cd0ea7e5ac2e605077302473382ab85b3f8da72e49c4dd06114dab2_ppc64le as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:43f26cad1cd0ea7e5ac2e605077302473382ab85b3f8da72e49c4dd06114dab2_ppc64le", }, product_reference: "rhosdt/jaeger-es-index-cleaner-rhel8@sha256:43f26cad1cd0ea7e5ac2e605077302473382ab85b3f8da72e49c4dd06114dab2_ppc64le", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/jaeger-es-index-cleaner-rhel8@sha256:b0a3660137670fedc4e56ca656d56fb739c2fa48d9d0cf5f66fd150bd61365d5_s390x as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:b0a3660137670fedc4e56ca656d56fb739c2fa48d9d0cf5f66fd150bd61365d5_s390x", }, product_reference: "rhosdt/jaeger-es-index-cleaner-rhel8@sha256:b0a3660137670fedc4e56ca656d56fb739c2fa48d9d0cf5f66fd150bd61365d5_s390x", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c3883a6c2f828592783cd1cd336c23a29245e9c45b10dd2b6d1aa8b86a670c31_amd64 as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c3883a6c2f828592783cd1cd336c23a29245e9c45b10dd2b6d1aa8b86a670c31_amd64", }, product_reference: "rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c3883a6c2f828592783cd1cd336c23a29245e9c45b10dd2b6d1aa8b86a670c31_amd64", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/jaeger-es-rollover-rhel8@sha256:0c8511e092b0138282ce3997cf06d8ba5995b9aa17aa436bcb3eacad910ff54d_ppc64le as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:0c8511e092b0138282ce3997cf06d8ba5995b9aa17aa436bcb3eacad910ff54d_ppc64le", }, product_reference: "rhosdt/jaeger-es-rollover-rhel8@sha256:0c8511e092b0138282ce3997cf06d8ba5995b9aa17aa436bcb3eacad910ff54d_ppc64le", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/jaeger-es-rollover-rhel8@sha256:5068337fc3ab78c2bed33b7eb0f1c1cf67c753a00c006e945aded3ecad884edc_s390x as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:5068337fc3ab78c2bed33b7eb0f1c1cf67c753a00c006e945aded3ecad884edc_s390x", }, product_reference: "rhosdt/jaeger-es-rollover-rhel8@sha256:5068337fc3ab78c2bed33b7eb0f1c1cf67c753a00c006e945aded3ecad884edc_s390x", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/jaeger-es-rollover-rhel8@sha256:ba453c045a93b2ac9e9a820ca616ea4af912972a99a5e4b07135658f1ddc752d_amd64 as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:ba453c045a93b2ac9e9a820ca616ea4af912972a99a5e4b07135658f1ddc752d_amd64", }, product_reference: "rhosdt/jaeger-es-rollover-rhel8@sha256:ba453c045a93b2ac9e9a820ca616ea4af912972a99a5e4b07135658f1ddc752d_amd64", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/jaeger-ingester-rhel8@sha256:8341ef7ade15d0f823fb0ef8d1d2e2aab3f6078feae7a341a2f7b4c6bd94fba1_ppc64le as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:8341ef7ade15d0f823fb0ef8d1d2e2aab3f6078feae7a341a2f7b4c6bd94fba1_ppc64le", }, product_reference: "rhosdt/jaeger-ingester-rhel8@sha256:8341ef7ade15d0f823fb0ef8d1d2e2aab3f6078feae7a341a2f7b4c6bd94fba1_ppc64le", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/jaeger-ingester-rhel8@sha256:f117be17c9d1713db3719e4e1a7eb3b4697f9c12ac176c311b4c5d6ee27e59f9_s390x as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:f117be17c9d1713db3719e4e1a7eb3b4697f9c12ac176c311b4c5d6ee27e59f9_s390x", }, product_reference: "rhosdt/jaeger-ingester-rhel8@sha256:f117be17c9d1713db3719e4e1a7eb3b4697f9c12ac176c311b4c5d6ee27e59f9_s390x", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/jaeger-ingester-rhel8@sha256:f72338e446068e2487de8f6eb2249a69e27f24523a771e8aba0fcc2fbf263fe8_amd64 as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:f72338e446068e2487de8f6eb2249a69e27f24523a771e8aba0fcc2fbf263fe8_amd64", }, product_reference: "rhosdt/jaeger-ingester-rhel8@sha256:f72338e446068e2487de8f6eb2249a69e27f24523a771e8aba0fcc2fbf263fe8_amd64", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/jaeger-operator-bundle@sha256:5dfb4b1c8b7c835e0c493927cb5c22bc68989244e49e284f90a063d54c6d1aa9_amd64 as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:5dfb4b1c8b7c835e0c493927cb5c22bc68989244e49e284f90a063d54c6d1aa9_amd64", }, product_reference: "rhosdt/jaeger-operator-bundle@sha256:5dfb4b1c8b7c835e0c493927cb5c22bc68989244e49e284f90a063d54c6d1aa9_amd64", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/jaeger-operator-bundle@sha256:a59c693b975fad667a6cfebed3e2cf564419baf0a10aa27b71a22581b789dc10_ppc64le as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:a59c693b975fad667a6cfebed3e2cf564419baf0a10aa27b71a22581b789dc10_ppc64le", }, product_reference: "rhosdt/jaeger-operator-bundle@sha256:a59c693b975fad667a6cfebed3e2cf564419baf0a10aa27b71a22581b789dc10_ppc64le", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/jaeger-operator-bundle@sha256:bf2cc048dd6e18cb05a17a6de1e45cabd734af0f88555d0c1057bf3b82ac1e0f_s390x as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:bf2cc048dd6e18cb05a17a6de1e45cabd734af0f88555d0c1057bf3b82ac1e0f_s390x", }, product_reference: "rhosdt/jaeger-operator-bundle@sha256:bf2cc048dd6e18cb05a17a6de1e45cabd734af0f88555d0c1057bf3b82ac1e0f_s390x", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/jaeger-query-rhel8@sha256:4da3891b6d4df60dc7e0248bbb543d8363d32671bc3b0eb1671468dd4d3b7ebe_ppc64le as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:4da3891b6d4df60dc7e0248bbb543d8363d32671bc3b0eb1671468dd4d3b7ebe_ppc64le", }, product_reference: "rhosdt/jaeger-query-rhel8@sha256:4da3891b6d4df60dc7e0248bbb543d8363d32671bc3b0eb1671468dd4d3b7ebe_ppc64le", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/jaeger-query-rhel8@sha256:4e62b4264b5e4c63bc7d0cecf154dd481605e1d0ff94d563e9d6a8bc43c4835a_s390x as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:4e62b4264b5e4c63bc7d0cecf154dd481605e1d0ff94d563e9d6a8bc43c4835a_s390x", }, product_reference: "rhosdt/jaeger-query-rhel8@sha256:4e62b4264b5e4c63bc7d0cecf154dd481605e1d0ff94d563e9d6a8bc43c4835a_s390x", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/jaeger-query-rhel8@sha256:d9adfa493c64269d2ce744572d9a4c230e8a7c2503a35dbb3df5346e52a6dd2c_amd64 as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:d9adfa493c64269d2ce744572d9a4c230e8a7c2503a35dbb3df5346e52a6dd2c_amd64", }, product_reference: "rhosdt/jaeger-query-rhel8@sha256:d9adfa493c64269d2ce744572d9a4c230e8a7c2503a35dbb3df5346e52a6dd2c_amd64", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/jaeger-rhel8-operator@sha256:9198140a0252287e5114e04b97d5454227b51bac8fa4411dea1b0d0843f3c668_amd64 as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:9198140a0252287e5114e04b97d5454227b51bac8fa4411dea1b0d0843f3c668_amd64", }, product_reference: "rhosdt/jaeger-rhel8-operator@sha256:9198140a0252287e5114e04b97d5454227b51bac8fa4411dea1b0d0843f3c668_amd64", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/jaeger-rhel8-operator@sha256:a9173c66a6929bf5fc689bd434203155e365d23e5e9ae7666d89224ec39df975_s390x as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:a9173c66a6929bf5fc689bd434203155e365d23e5e9ae7666d89224ec39df975_s390x", }, product_reference: "rhosdt/jaeger-rhel8-operator@sha256:a9173c66a6929bf5fc689bd434203155e365d23e5e9ae7666d89224ec39df975_s390x", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/jaeger-rhel8-operator@sha256:e50b850a731b7ab45345ab4e9495e4806ac0c6f8ba9ae13b83673a3b06a014f9_ppc64le as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:e50b850a731b7ab45345ab4e9495e4806ac0c6f8ba9ae13b83673a3b06a014f9_ppc64le", }, product_reference: "rhosdt/jaeger-rhel8-operator@sha256:e50b850a731b7ab45345ab4e9495e4806ac0c6f8ba9ae13b83673a3b06a014f9_ppc64le", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/opentelemetry-collector-rhel8@sha256:2adc2877050289ee2568c4f03ce171dc2c30bf86976fcc63c09bd0bf18b92cc4_amd64 as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:2adc2877050289ee2568c4f03ce171dc2c30bf86976fcc63c09bd0bf18b92cc4_amd64", }, product_reference: "rhosdt/opentelemetry-collector-rhel8@sha256:2adc2877050289ee2568c4f03ce171dc2c30bf86976fcc63c09bd0bf18b92cc4_amd64", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/opentelemetry-collector-rhel8@sha256:73017b0ad2d4ea26900253abdc9a62d55a40ff04905a391e91610ad7a9d762d3_ppc64le as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:73017b0ad2d4ea26900253abdc9a62d55a40ff04905a391e91610ad7a9d762d3_ppc64le", }, product_reference: "rhosdt/opentelemetry-collector-rhel8@sha256:73017b0ad2d4ea26900253abdc9a62d55a40ff04905a391e91610ad7a9d762d3_ppc64le", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/opentelemetry-collector-rhel8@sha256:cb9a2f0df6852eb9d11deb8c4c14142bcae17a70301c55974fd0d87116814c9f_s390x as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:cb9a2f0df6852eb9d11deb8c4c14142bcae17a70301c55974fd0d87116814c9f_s390x", }, product_reference: "rhosdt/opentelemetry-collector-rhel8@sha256:cb9a2f0df6852eb9d11deb8c4c14142bcae17a70301c55974fd0d87116814c9f_s390x", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/opentelemetry-operator-bundle@sha256:0ec97472d9bb1d99bfc0653194acf1b44de185a9e63756fb692acaa713ade2db_s390x as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:0ec97472d9bb1d99bfc0653194acf1b44de185a9e63756fb692acaa713ade2db_s390x", }, product_reference: "rhosdt/opentelemetry-operator-bundle@sha256:0ec97472d9bb1d99bfc0653194acf1b44de185a9e63756fb692acaa713ade2db_s390x", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/opentelemetry-operator-bundle@sha256:33f921009c9baaf82d3d10406073e9da9b31540d6b3b421c7a3659e2d8310179_ppc64le as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:33f921009c9baaf82d3d10406073e9da9b31540d6b3b421c7a3659e2d8310179_ppc64le", }, product_reference: "rhosdt/opentelemetry-operator-bundle@sha256:33f921009c9baaf82d3d10406073e9da9b31540d6b3b421c7a3659e2d8310179_ppc64le", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/opentelemetry-operator-bundle@sha256:eaa126d86aecf2bd330f2234104a905a71ab280a4d74a2614d98daaf13e821e2_amd64 as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:eaa126d86aecf2bd330f2234104a905a71ab280a4d74a2614d98daaf13e821e2_amd64", }, product_reference: "rhosdt/opentelemetry-operator-bundle@sha256:eaa126d86aecf2bd330f2234104a905a71ab280a4d74a2614d98daaf13e821e2_amd64", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/opentelemetry-rhel8-operator@sha256:746f118b9224ba6a175526f265d956ae8ce6c7c170db2217bd34b028f03999af_amd64 as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:746f118b9224ba6a175526f265d956ae8ce6c7c170db2217bd34b028f03999af_amd64", }, product_reference: "rhosdt/opentelemetry-rhel8-operator@sha256:746f118b9224ba6a175526f265d956ae8ce6c7c170db2217bd34b028f03999af_amd64", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/opentelemetry-rhel8-operator@sha256:8a237928d7c059ecd5d1f3aad89ab094a73452e221c133cd9c5c7689db9b87bf_ppc64le as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:8a237928d7c059ecd5d1f3aad89ab094a73452e221c133cd9c5c7689db9b87bf_ppc64le", }, product_reference: "rhosdt/opentelemetry-rhel8-operator@sha256:8a237928d7c059ecd5d1f3aad89ab094a73452e221c133cd9c5c7689db9b87bf_ppc64le", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/opentelemetry-rhel8-operator@sha256:ecead456f33621f78b97d0d151f816d39246af1ca69696616f033213791142dc_s390x as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:ecead456f33621f78b97d0d151f816d39246af1ca69696616f033213791142dc_s390x", }, product_reference: "rhosdt/opentelemetry-rhel8-operator@sha256:ecead456f33621f78b97d0d151f816d39246af1ca69696616f033213791142dc_s390x", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/tempo-gateway-opa-rhel8@sha256:ae1228eb0e7c975eeec459749408a70324245aa99fd41bce03cd9f45ceb42d0b_s390x as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:ae1228eb0e7c975eeec459749408a70324245aa99fd41bce03cd9f45ceb42d0b_s390x", }, product_reference: "rhosdt/tempo-gateway-opa-rhel8@sha256:ae1228eb0e7c975eeec459749408a70324245aa99fd41bce03cd9f45ceb42d0b_s390x", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/tempo-gateway-opa-rhel8@sha256:cbad12c58f243298974f51d2278730feb5fbb74cdc6de409dd0578794ab6c1a4_ppc64le as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:cbad12c58f243298974f51d2278730feb5fbb74cdc6de409dd0578794ab6c1a4_ppc64le", }, product_reference: "rhosdt/tempo-gateway-opa-rhel8@sha256:cbad12c58f243298974f51d2278730feb5fbb74cdc6de409dd0578794ab6c1a4_ppc64le", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/tempo-gateway-opa-rhel8@sha256:dd22e49f8d5aa7f009169aec3c43e68307e0842cde9260a70dd424159e61c89d_amd64 as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:dd22e49f8d5aa7f009169aec3c43e68307e0842cde9260a70dd424159e61c89d_amd64", }, product_reference: "rhosdt/tempo-gateway-opa-rhel8@sha256:dd22e49f8d5aa7f009169aec3c43e68307e0842cde9260a70dd424159e61c89d_amd64", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/tempo-gateway-rhel8@sha256:3c15440847fbc38023d590dd5f93ee524f53e2999c4483cfb3ba9bbf6bba904f_ppc64le as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:3c15440847fbc38023d590dd5f93ee524f53e2999c4483cfb3ba9bbf6bba904f_ppc64le", }, product_reference: "rhosdt/tempo-gateway-rhel8@sha256:3c15440847fbc38023d590dd5f93ee524f53e2999c4483cfb3ba9bbf6bba904f_ppc64le", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/tempo-gateway-rhel8@sha256:9e9d91554f5edb5a3e00f2a294056bb540ed1597fc8af5d44432ce81d54bf977_amd64 as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:9e9d91554f5edb5a3e00f2a294056bb540ed1597fc8af5d44432ce81d54bf977_amd64", }, product_reference: "rhosdt/tempo-gateway-rhel8@sha256:9e9d91554f5edb5a3e00f2a294056bb540ed1597fc8af5d44432ce81d54bf977_amd64", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/tempo-gateway-rhel8@sha256:ac25a060b441ba7b1a2f282083e0900f26d159a02486d85bf496c28ce61ad970_s390x as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:ac25a060b441ba7b1a2f282083e0900f26d159a02486d85bf496c28ce61ad970_s390x", }, product_reference: "rhosdt/tempo-gateway-rhel8@sha256:ac25a060b441ba7b1a2f282083e0900f26d159a02486d85bf496c28ce61ad970_s390x", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/tempo-operator-bundle@sha256:6df979ecc2195ddd8c1b84a0355fa4df58cf55c34f0b07669659d72501a701d4_ppc64le as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:6df979ecc2195ddd8c1b84a0355fa4df58cf55c34f0b07669659d72501a701d4_ppc64le", }, product_reference: "rhosdt/tempo-operator-bundle@sha256:6df979ecc2195ddd8c1b84a0355fa4df58cf55c34f0b07669659d72501a701d4_ppc64le", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/tempo-operator-bundle@sha256:a66560fd323c9cb1466ca2fede9111665cadfc1ddaf9ce28e0aad6fdddf89763_s390x as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:a66560fd323c9cb1466ca2fede9111665cadfc1ddaf9ce28e0aad6fdddf89763_s390x", }, product_reference: "rhosdt/tempo-operator-bundle@sha256:a66560fd323c9cb1466ca2fede9111665cadfc1ddaf9ce28e0aad6fdddf89763_s390x", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/tempo-operator-bundle@sha256:b6ec1460415bf8c69d82cf9267494dc5445242b6a0957318eae5bf333693cb2e_amd64 as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:b6ec1460415bf8c69d82cf9267494dc5445242b6a0957318eae5bf333693cb2e_amd64", }, product_reference: "rhosdt/tempo-operator-bundle@sha256:b6ec1460415bf8c69d82cf9267494dc5445242b6a0957318eae5bf333693cb2e_amd64", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/tempo-query-rhel8@sha256:0d51e3a8b92cab3b8f5221fc076b2079a68e7ba75f7f3ecb9322fe7ba77e862f_ppc64le as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:0d51e3a8b92cab3b8f5221fc076b2079a68e7ba75f7f3ecb9322fe7ba77e862f_ppc64le", }, product_reference: "rhosdt/tempo-query-rhel8@sha256:0d51e3a8b92cab3b8f5221fc076b2079a68e7ba75f7f3ecb9322fe7ba77e862f_ppc64le", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/tempo-query-rhel8@sha256:a602d31cee6906b1d0218de85403decb0155746990f9cd218731c7d4e717f1a1_s390x as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:a602d31cee6906b1d0218de85403decb0155746990f9cd218731c7d4e717f1a1_s390x", }, product_reference: "rhosdt/tempo-query-rhel8@sha256:a602d31cee6906b1d0218de85403decb0155746990f9cd218731c7d4e717f1a1_s390x", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/tempo-query-rhel8@sha256:b903b41e1096a25b53c5272c8457baa352e2c83fa997852d4a8ed614e2c02802_amd64 as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:b903b41e1096a25b53c5272c8457baa352e2c83fa997852d4a8ed614e2c02802_amd64", }, product_reference: "rhosdt/tempo-query-rhel8@sha256:b903b41e1096a25b53c5272c8457baa352e2c83fa997852d4a8ed614e2c02802_amd64", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/tempo-rhel8-operator@sha256:5aee6e4bfecba226d276b95c62a68a1b6d513d60c9c8aff84752725e6c01b8c0_ppc64le as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:5aee6e4bfecba226d276b95c62a68a1b6d513d60c9c8aff84752725e6c01b8c0_ppc64le", }, product_reference: "rhosdt/tempo-rhel8-operator@sha256:5aee6e4bfecba226d276b95c62a68a1b6d513d60c9c8aff84752725e6c01b8c0_ppc64le", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/tempo-rhel8-operator@sha256:a18638de4d39738b696f044e0d181fdeaf82499f2a2b4b46c07675db5fbe8c3f_amd64 as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:a18638de4d39738b696f044e0d181fdeaf82499f2a2b4b46c07675db5fbe8c3f_amd64", }, product_reference: "rhosdt/tempo-rhel8-operator@sha256:a18638de4d39738b696f044e0d181fdeaf82499f2a2b4b46c07675db5fbe8c3f_amd64", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/tempo-rhel8-operator@sha256:e9615e41e857331edacf87fcd98ced0a50fba92757131fdb433ad3e9490e4dd7_s390x as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:e9615e41e857331edacf87fcd98ced0a50fba92757131fdb433ad3e9490e4dd7_s390x", }, product_reference: "rhosdt/tempo-rhel8-operator@sha256:e9615e41e857331edacf87fcd98ced0a50fba92757131fdb433ad3e9490e4dd7_s390x", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/tempo-rhel8@sha256:29200f7311b63df76f6723878e4a8e2c315376b421e4e5febe2323a926d48594_amd64 as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:29200f7311b63df76f6723878e4a8e2c315376b421e4e5febe2323a926d48594_amd64", }, product_reference: "rhosdt/tempo-rhel8@sha256:29200f7311b63df76f6723878e4a8e2c315376b421e4e5febe2323a926d48594_amd64", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/tempo-rhel8@sha256:42c59f6a87c791fd6a3e829af331e2c5778612f503b402c0a08278cc9dc09ef7_ppc64le as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:42c59f6a87c791fd6a3e829af331e2c5778612f503b402c0a08278cc9dc09ef7_ppc64le", }, product_reference: "rhosdt/tempo-rhel8@sha256:42c59f6a87c791fd6a3e829af331e2c5778612f503b402c0a08278cc9dc09ef7_ppc64le", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/tempo-rhel8@sha256:d557bf48ab4db2b2c98a65d1a028b7cde4363ee888c274d0629829c1b07977ef_s390x as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:d557bf48ab4db2b2c98a65d1a028b7cde4363ee888c274d0629829c1b07977ef_s390x", }, product_reference: "rhosdt/tempo-rhel8@sha256:d557bf48ab4db2b2c98a65d1a028b7cde4363ee888c274d0629829c1b07977ef_s390x", relates_to_product_reference: "8Base-RHOSDT-2.9", }, ], }, vulnerabilities: [ { cve: "CVE-2023-46234", cwe: { id: "CWE-347", name: "Improper Verification of Cryptographic Signature", }, discovery_date: "2023-10-27T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2246470", }, ], notes: [ { category: "description", text: "A flaw was found in browserify-sign node package. This issue may allow a malicious user to execute a signature forgery attack by not correctly checking cryptographic signatures for DSA data, resulting in a jeopardized environment.", title: "Vulnerability description", }, { category: "summary", text: "browserify-sign: upper bound check issue in dsaVerify leads to a signature forgery attack", title: "Vulnerability summary", }, { category: "other", text: "An attacker could impact the integrity of a server when handling unknown input due to the lack of DSA verification, for example, pretending to be a legitimate user, gaining unauthorized access. Therefore, the impact for this vulnerability is important.\n\nRed Hat Fuse 7 uses browserify-sign as a transitive development dependency, hence the Low impact.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:2619637d44fd87e5c07301de93841899fffc109dcfaff59d56349cedc208a679_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:7ebe5c551baccd151d6ef2120eb7009570b33647bfd6332320dfa0f5f661ed8a_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:952f7701d0c1d8ac9c01c0b2ff9d28a4dad480fd34e68eef162e41b5bb0a17e1_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:16934a17528d69fb0d39f605364fbc012a3e4d7401df45c91c995ac8ef9ed920_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:bb3e6e3b54c116d45c23154b3f3bd122a99a62ceb4499cd56774f1e0cec1c214_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:f99bb528c12edb65c36659a0a5d59d7a76449ce9649bf7c5be7b273f8485fc25_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:467961ec80abc54ee85939f0287041223b181bb7c9a622b556785ff1dd8119f5_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:a7e722132e7a538443f59788b82edcc52f5ec22e9343725c4401c9bdf7093b9a_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:df8436011b04ced795985116fff8eb5cc0009f0002ce9c000f9db741980b5a72_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:43f26cad1cd0ea7e5ac2e605077302473382ab85b3f8da72e49c4dd06114dab2_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:b0a3660137670fedc4e56ca656d56fb739c2fa48d9d0cf5f66fd150bd61365d5_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c3883a6c2f828592783cd1cd336c23a29245e9c45b10dd2b6d1aa8b86a670c31_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:0c8511e092b0138282ce3997cf06d8ba5995b9aa17aa436bcb3eacad910ff54d_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:5068337fc3ab78c2bed33b7eb0f1c1cf67c753a00c006e945aded3ecad884edc_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:ba453c045a93b2ac9e9a820ca616ea4af912972a99a5e4b07135658f1ddc752d_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:8341ef7ade15d0f823fb0ef8d1d2e2aab3f6078feae7a341a2f7b4c6bd94fba1_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:f117be17c9d1713db3719e4e1a7eb3b4697f9c12ac176c311b4c5d6ee27e59f9_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:f72338e446068e2487de8f6eb2249a69e27f24523a771e8aba0fcc2fbf263fe8_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:5dfb4b1c8b7c835e0c493927cb5c22bc68989244e49e284f90a063d54c6d1aa9_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:a59c693b975fad667a6cfebed3e2cf564419baf0a10aa27b71a22581b789dc10_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:bf2cc048dd6e18cb05a17a6de1e45cabd734af0f88555d0c1057bf3b82ac1e0f_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:4da3891b6d4df60dc7e0248bbb543d8363d32671bc3b0eb1671468dd4d3b7ebe_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:4e62b4264b5e4c63bc7d0cecf154dd481605e1d0ff94d563e9d6a8bc43c4835a_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:d9adfa493c64269d2ce744572d9a4c230e8a7c2503a35dbb3df5346e52a6dd2c_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:9198140a0252287e5114e04b97d5454227b51bac8fa4411dea1b0d0843f3c668_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:a9173c66a6929bf5fc689bd434203155e365d23e5e9ae7666d89224ec39df975_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:e50b850a731b7ab45345ab4e9495e4806ac0c6f8ba9ae13b83673a3b06a014f9_ppc64le", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:2adc2877050289ee2568c4f03ce171dc2c30bf86976fcc63c09bd0bf18b92cc4_amd64", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:73017b0ad2d4ea26900253abdc9a62d55a40ff04905a391e91610ad7a9d762d3_ppc64le", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:cb9a2f0df6852eb9d11deb8c4c14142bcae17a70301c55974fd0d87116814c9f_s390x", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:0ec97472d9bb1d99bfc0653194acf1b44de185a9e63756fb692acaa713ade2db_s390x", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:33f921009c9baaf82d3d10406073e9da9b31540d6b3b421c7a3659e2d8310179_ppc64le", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:eaa126d86aecf2bd330f2234104a905a71ab280a4d74a2614d98daaf13e821e2_amd64", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:746f118b9224ba6a175526f265d956ae8ce6c7c170db2217bd34b028f03999af_amd64", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:8a237928d7c059ecd5d1f3aad89ab094a73452e221c133cd9c5c7689db9b87bf_ppc64le", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:ecead456f33621f78b97d0d151f816d39246af1ca69696616f033213791142dc_s390x", "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:ae1228eb0e7c975eeec459749408a70324245aa99fd41bce03cd9f45ceb42d0b_s390x", "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:cbad12c58f243298974f51d2278730feb5fbb74cdc6de409dd0578794ab6c1a4_ppc64le", "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:dd22e49f8d5aa7f009169aec3c43e68307e0842cde9260a70dd424159e61c89d_amd64", "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:3c15440847fbc38023d590dd5f93ee524f53e2999c4483cfb3ba9bbf6bba904f_ppc64le", "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:9e9d91554f5edb5a3e00f2a294056bb540ed1597fc8af5d44432ce81d54bf977_amd64", "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:ac25a060b441ba7b1a2f282083e0900f26d159a02486d85bf496c28ce61ad970_s390x", "8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:6df979ecc2195ddd8c1b84a0355fa4df58cf55c34f0b07669659d72501a701d4_ppc64le", "8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:a66560fd323c9cb1466ca2fede9111665cadfc1ddaf9ce28e0aad6fdddf89763_s390x", "8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:b6ec1460415bf8c69d82cf9267494dc5445242b6a0957318eae5bf333693cb2e_amd64", "8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:0d51e3a8b92cab3b8f5221fc076b2079a68e7ba75f7f3ecb9322fe7ba77e862f_ppc64le", "8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:a602d31cee6906b1d0218de85403decb0155746990f9cd218731c7d4e717f1a1_s390x", "8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:b903b41e1096a25b53c5272c8457baa352e2c83fa997852d4a8ed614e2c02802_amd64", "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:5aee6e4bfecba226d276b95c62a68a1b6d513d60c9c8aff84752725e6c01b8c0_ppc64le", "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:a18638de4d39738b696f044e0d181fdeaf82499f2a2b4b46c07675db5fbe8c3f_amd64", "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:e9615e41e857331edacf87fcd98ced0a50fba92757131fdb433ad3e9490e4dd7_s390x", "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:29200f7311b63df76f6723878e4a8e2c315376b421e4e5febe2323a926d48594_amd64", "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:42c59f6a87c791fd6a3e829af331e2c5778612f503b402c0a08278cc9dc09ef7_ppc64le", "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:d557bf48ab4db2b2c98a65d1a028b7cde4363ee888c274d0629829c1b07977ef_s390x", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-46234", }, { category: "external", summary: "RHBZ#2246470", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2246470", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-46234", url: "https://www.cve.org/CVERecord?id=CVE-2023-46234", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-46234", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-46234", }, { category: "external", summary: "https://github.com/browserify/browserify-sign/security/advisories/GHSA-x9w5-v3q2-3rhw", url: "https://github.com/browserify/browserify-sign/security/advisories/GHSA-x9w5-v3q2-3rhw", }, ], release_date: "2023-10-26T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-10-30T12:53:43+00:00", details: "To update all RPMs for your particular architecture, run:\n\nrpm -Fvh [filenames]\n\nwhere [filenames] is a list of the RPMs you wish to upgrade. Only those RPMs which are currently installed will be updated. Those RPMs which are\nnot installed but included in the list will not be updated. Note that you can also use wildcards (*.rpm) if your current directory *only* contains the desired RPMs.\n\nPlease note that this update is also available via Red Hat Network. Many people find this an easier way to apply updates. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate RPMs being upgraded on your system.", product_ids: [ "8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:2619637d44fd87e5c07301de93841899fffc109dcfaff59d56349cedc208a679_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:7ebe5c551baccd151d6ef2120eb7009570b33647bfd6332320dfa0f5f661ed8a_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:952f7701d0c1d8ac9c01c0b2ff9d28a4dad480fd34e68eef162e41b5bb0a17e1_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:16934a17528d69fb0d39f605364fbc012a3e4d7401df45c91c995ac8ef9ed920_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:bb3e6e3b54c116d45c23154b3f3bd122a99a62ceb4499cd56774f1e0cec1c214_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:f99bb528c12edb65c36659a0a5d59d7a76449ce9649bf7c5be7b273f8485fc25_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:467961ec80abc54ee85939f0287041223b181bb7c9a622b556785ff1dd8119f5_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:a7e722132e7a538443f59788b82edcc52f5ec22e9343725c4401c9bdf7093b9a_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:df8436011b04ced795985116fff8eb5cc0009f0002ce9c000f9db741980b5a72_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:43f26cad1cd0ea7e5ac2e605077302473382ab85b3f8da72e49c4dd06114dab2_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:b0a3660137670fedc4e56ca656d56fb739c2fa48d9d0cf5f66fd150bd61365d5_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c3883a6c2f828592783cd1cd336c23a29245e9c45b10dd2b6d1aa8b86a670c31_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:0c8511e092b0138282ce3997cf06d8ba5995b9aa17aa436bcb3eacad910ff54d_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:5068337fc3ab78c2bed33b7eb0f1c1cf67c753a00c006e945aded3ecad884edc_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:ba453c045a93b2ac9e9a820ca616ea4af912972a99a5e4b07135658f1ddc752d_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:8341ef7ade15d0f823fb0ef8d1d2e2aab3f6078feae7a341a2f7b4c6bd94fba1_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:f117be17c9d1713db3719e4e1a7eb3b4697f9c12ac176c311b4c5d6ee27e59f9_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:f72338e446068e2487de8f6eb2249a69e27f24523a771e8aba0fcc2fbf263fe8_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:5dfb4b1c8b7c835e0c493927cb5c22bc68989244e49e284f90a063d54c6d1aa9_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:a59c693b975fad667a6cfebed3e2cf564419baf0a10aa27b71a22581b789dc10_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:bf2cc048dd6e18cb05a17a6de1e45cabd734af0f88555d0c1057bf3b82ac1e0f_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:4da3891b6d4df60dc7e0248bbb543d8363d32671bc3b0eb1671468dd4d3b7ebe_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:4e62b4264b5e4c63bc7d0cecf154dd481605e1d0ff94d563e9d6a8bc43c4835a_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:d9adfa493c64269d2ce744572d9a4c230e8a7c2503a35dbb3df5346e52a6dd2c_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:9198140a0252287e5114e04b97d5454227b51bac8fa4411dea1b0d0843f3c668_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:a9173c66a6929bf5fc689bd434203155e365d23e5e9ae7666d89224ec39df975_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:e50b850a731b7ab45345ab4e9495e4806ac0c6f8ba9ae13b83673a3b06a014f9_ppc64le", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:2adc2877050289ee2568c4f03ce171dc2c30bf86976fcc63c09bd0bf18b92cc4_amd64", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:73017b0ad2d4ea26900253abdc9a62d55a40ff04905a391e91610ad7a9d762d3_ppc64le", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:cb9a2f0df6852eb9d11deb8c4c14142bcae17a70301c55974fd0d87116814c9f_s390x", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:0ec97472d9bb1d99bfc0653194acf1b44de185a9e63756fb692acaa713ade2db_s390x", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:33f921009c9baaf82d3d10406073e9da9b31540d6b3b421c7a3659e2d8310179_ppc64le", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:eaa126d86aecf2bd330f2234104a905a71ab280a4d74a2614d98daaf13e821e2_amd64", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:746f118b9224ba6a175526f265d956ae8ce6c7c170db2217bd34b028f03999af_amd64", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:8a237928d7c059ecd5d1f3aad89ab094a73452e221c133cd9c5c7689db9b87bf_ppc64le", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:ecead456f33621f78b97d0d151f816d39246af1ca69696616f033213791142dc_s390x", "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:ae1228eb0e7c975eeec459749408a70324245aa99fd41bce03cd9f45ceb42d0b_s390x", "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:cbad12c58f243298974f51d2278730feb5fbb74cdc6de409dd0578794ab6c1a4_ppc64le", "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:dd22e49f8d5aa7f009169aec3c43e68307e0842cde9260a70dd424159e61c89d_amd64", "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:3c15440847fbc38023d590dd5f93ee524f53e2999c4483cfb3ba9bbf6bba904f_ppc64le", "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:9e9d91554f5edb5a3e00f2a294056bb540ed1597fc8af5d44432ce81d54bf977_amd64", "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:ac25a060b441ba7b1a2f282083e0900f26d159a02486d85bf496c28ce61ad970_s390x", "8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:6df979ecc2195ddd8c1b84a0355fa4df58cf55c34f0b07669659d72501a701d4_ppc64le", "8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:a66560fd323c9cb1466ca2fede9111665cadfc1ddaf9ce28e0aad6fdddf89763_s390x", "8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:b6ec1460415bf8c69d82cf9267494dc5445242b6a0957318eae5bf333693cb2e_amd64", "8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:0d51e3a8b92cab3b8f5221fc076b2079a68e7ba75f7f3ecb9322fe7ba77e862f_ppc64le", "8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:a602d31cee6906b1d0218de85403decb0155746990f9cd218731c7d4e717f1a1_s390x", "8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:b903b41e1096a25b53c5272c8457baa352e2c83fa997852d4a8ed614e2c02802_amd64", "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:5aee6e4bfecba226d276b95c62a68a1b6d513d60c9c8aff84752725e6c01b8c0_ppc64le", "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:a18638de4d39738b696f044e0d181fdeaf82499f2a2b4b46c07675db5fbe8c3f_amd64", "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:e9615e41e857331edacf87fcd98ced0a50fba92757131fdb433ad3e9490e4dd7_s390x", "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:29200f7311b63df76f6723878e4a8e2c315376b421e4e5febe2323a926d48594_amd64", "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:42c59f6a87c791fd6a3e829af331e2c5778612f503b402c0a08278cc9dc09ef7_ppc64le", "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:d557bf48ab4db2b2c98a65d1a028b7cde4363ee888c274d0629829c1b07977ef_s390x", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:6180", }, { category: "workaround", details: "No current mitigation is yet available for this flaw.", product_ids: [ "8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:2619637d44fd87e5c07301de93841899fffc109dcfaff59d56349cedc208a679_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:7ebe5c551baccd151d6ef2120eb7009570b33647bfd6332320dfa0f5f661ed8a_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:952f7701d0c1d8ac9c01c0b2ff9d28a4dad480fd34e68eef162e41b5bb0a17e1_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:16934a17528d69fb0d39f605364fbc012a3e4d7401df45c91c995ac8ef9ed920_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:bb3e6e3b54c116d45c23154b3f3bd122a99a62ceb4499cd56774f1e0cec1c214_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:f99bb528c12edb65c36659a0a5d59d7a76449ce9649bf7c5be7b273f8485fc25_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:467961ec80abc54ee85939f0287041223b181bb7c9a622b556785ff1dd8119f5_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:a7e722132e7a538443f59788b82edcc52f5ec22e9343725c4401c9bdf7093b9a_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:df8436011b04ced795985116fff8eb5cc0009f0002ce9c000f9db741980b5a72_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:43f26cad1cd0ea7e5ac2e605077302473382ab85b3f8da72e49c4dd06114dab2_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:b0a3660137670fedc4e56ca656d56fb739c2fa48d9d0cf5f66fd150bd61365d5_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c3883a6c2f828592783cd1cd336c23a29245e9c45b10dd2b6d1aa8b86a670c31_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:0c8511e092b0138282ce3997cf06d8ba5995b9aa17aa436bcb3eacad910ff54d_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:5068337fc3ab78c2bed33b7eb0f1c1cf67c753a00c006e945aded3ecad884edc_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:ba453c045a93b2ac9e9a820ca616ea4af912972a99a5e4b07135658f1ddc752d_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:8341ef7ade15d0f823fb0ef8d1d2e2aab3f6078feae7a341a2f7b4c6bd94fba1_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:f117be17c9d1713db3719e4e1a7eb3b4697f9c12ac176c311b4c5d6ee27e59f9_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:f72338e446068e2487de8f6eb2249a69e27f24523a771e8aba0fcc2fbf263fe8_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:5dfb4b1c8b7c835e0c493927cb5c22bc68989244e49e284f90a063d54c6d1aa9_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:a59c693b975fad667a6cfebed3e2cf564419baf0a10aa27b71a22581b789dc10_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:bf2cc048dd6e18cb05a17a6de1e45cabd734af0f88555d0c1057bf3b82ac1e0f_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:4da3891b6d4df60dc7e0248bbb543d8363d32671bc3b0eb1671468dd4d3b7ebe_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:4e62b4264b5e4c63bc7d0cecf154dd481605e1d0ff94d563e9d6a8bc43c4835a_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:d9adfa493c64269d2ce744572d9a4c230e8a7c2503a35dbb3df5346e52a6dd2c_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:9198140a0252287e5114e04b97d5454227b51bac8fa4411dea1b0d0843f3c668_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:a9173c66a6929bf5fc689bd434203155e365d23e5e9ae7666d89224ec39df975_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:e50b850a731b7ab45345ab4e9495e4806ac0c6f8ba9ae13b83673a3b06a014f9_ppc64le", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:2adc2877050289ee2568c4f03ce171dc2c30bf86976fcc63c09bd0bf18b92cc4_amd64", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:73017b0ad2d4ea26900253abdc9a62d55a40ff04905a391e91610ad7a9d762d3_ppc64le", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:cb9a2f0df6852eb9d11deb8c4c14142bcae17a70301c55974fd0d87116814c9f_s390x", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:0ec97472d9bb1d99bfc0653194acf1b44de185a9e63756fb692acaa713ade2db_s390x", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:33f921009c9baaf82d3d10406073e9da9b31540d6b3b421c7a3659e2d8310179_ppc64le", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:eaa126d86aecf2bd330f2234104a905a71ab280a4d74a2614d98daaf13e821e2_amd64", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:746f118b9224ba6a175526f265d956ae8ce6c7c170db2217bd34b028f03999af_amd64", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:8a237928d7c059ecd5d1f3aad89ab094a73452e221c133cd9c5c7689db9b87bf_ppc64le", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:ecead456f33621f78b97d0d151f816d39246af1ca69696616f033213791142dc_s390x", "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:ae1228eb0e7c975eeec459749408a70324245aa99fd41bce03cd9f45ceb42d0b_s390x", "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:cbad12c58f243298974f51d2278730feb5fbb74cdc6de409dd0578794ab6c1a4_ppc64le", "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:dd22e49f8d5aa7f009169aec3c43e68307e0842cde9260a70dd424159e61c89d_amd64", "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:3c15440847fbc38023d590dd5f93ee524f53e2999c4483cfb3ba9bbf6bba904f_ppc64le", "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:9e9d91554f5edb5a3e00f2a294056bb540ed1597fc8af5d44432ce81d54bf977_amd64", "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:ac25a060b441ba7b1a2f282083e0900f26d159a02486d85bf496c28ce61ad970_s390x", "8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:6df979ecc2195ddd8c1b84a0355fa4df58cf55c34f0b07669659d72501a701d4_ppc64le", "8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:a66560fd323c9cb1466ca2fede9111665cadfc1ddaf9ce28e0aad6fdddf89763_s390x", "8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:b6ec1460415bf8c69d82cf9267494dc5445242b6a0957318eae5bf333693cb2e_amd64", "8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:0d51e3a8b92cab3b8f5221fc076b2079a68e7ba75f7f3ecb9322fe7ba77e862f_ppc64le", "8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:a602d31cee6906b1d0218de85403decb0155746990f9cd218731c7d4e717f1a1_s390x", "8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:b903b41e1096a25b53c5272c8457baa352e2c83fa997852d4a8ed614e2c02802_amd64", "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:5aee6e4bfecba226d276b95c62a68a1b6d513d60c9c8aff84752725e6c01b8c0_ppc64le", "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:a18638de4d39738b696f044e0d181fdeaf82499f2a2b4b46c07675db5fbe8c3f_amd64", "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:e9615e41e857331edacf87fcd98ced0a50fba92757131fdb433ad3e9490e4dd7_s390x", "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:29200f7311b63df76f6723878e4a8e2c315376b421e4e5febe2323a926d48594_amd64", "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:42c59f6a87c791fd6a3e829af331e2c5778612f503b402c0a08278cc9dc09ef7_ppc64le", "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:d557bf48ab4db2b2c98a65d1a028b7cde4363ee888c274d0629829c1b07977ef_s390x", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:2619637d44fd87e5c07301de93841899fffc109dcfaff59d56349cedc208a679_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:7ebe5c551baccd151d6ef2120eb7009570b33647bfd6332320dfa0f5f661ed8a_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:952f7701d0c1d8ac9c01c0b2ff9d28a4dad480fd34e68eef162e41b5bb0a17e1_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:16934a17528d69fb0d39f605364fbc012a3e4d7401df45c91c995ac8ef9ed920_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:bb3e6e3b54c116d45c23154b3f3bd122a99a62ceb4499cd56774f1e0cec1c214_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:f99bb528c12edb65c36659a0a5d59d7a76449ce9649bf7c5be7b273f8485fc25_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:467961ec80abc54ee85939f0287041223b181bb7c9a622b556785ff1dd8119f5_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:a7e722132e7a538443f59788b82edcc52f5ec22e9343725c4401c9bdf7093b9a_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:df8436011b04ced795985116fff8eb5cc0009f0002ce9c000f9db741980b5a72_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:43f26cad1cd0ea7e5ac2e605077302473382ab85b3f8da72e49c4dd06114dab2_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:b0a3660137670fedc4e56ca656d56fb739c2fa48d9d0cf5f66fd150bd61365d5_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c3883a6c2f828592783cd1cd336c23a29245e9c45b10dd2b6d1aa8b86a670c31_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:0c8511e092b0138282ce3997cf06d8ba5995b9aa17aa436bcb3eacad910ff54d_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:5068337fc3ab78c2bed33b7eb0f1c1cf67c753a00c006e945aded3ecad884edc_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:ba453c045a93b2ac9e9a820ca616ea4af912972a99a5e4b07135658f1ddc752d_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:8341ef7ade15d0f823fb0ef8d1d2e2aab3f6078feae7a341a2f7b4c6bd94fba1_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:f117be17c9d1713db3719e4e1a7eb3b4697f9c12ac176c311b4c5d6ee27e59f9_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:f72338e446068e2487de8f6eb2249a69e27f24523a771e8aba0fcc2fbf263fe8_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:5dfb4b1c8b7c835e0c493927cb5c22bc68989244e49e284f90a063d54c6d1aa9_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:a59c693b975fad667a6cfebed3e2cf564419baf0a10aa27b71a22581b789dc10_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:bf2cc048dd6e18cb05a17a6de1e45cabd734af0f88555d0c1057bf3b82ac1e0f_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:4da3891b6d4df60dc7e0248bbb543d8363d32671bc3b0eb1671468dd4d3b7ebe_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:4e62b4264b5e4c63bc7d0cecf154dd481605e1d0ff94d563e9d6a8bc43c4835a_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:d9adfa493c64269d2ce744572d9a4c230e8a7c2503a35dbb3df5346e52a6dd2c_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:9198140a0252287e5114e04b97d5454227b51bac8fa4411dea1b0d0843f3c668_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:a9173c66a6929bf5fc689bd434203155e365d23e5e9ae7666d89224ec39df975_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:e50b850a731b7ab45345ab4e9495e4806ac0c6f8ba9ae13b83673a3b06a014f9_ppc64le", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:2adc2877050289ee2568c4f03ce171dc2c30bf86976fcc63c09bd0bf18b92cc4_amd64", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:73017b0ad2d4ea26900253abdc9a62d55a40ff04905a391e91610ad7a9d762d3_ppc64le", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:cb9a2f0df6852eb9d11deb8c4c14142bcae17a70301c55974fd0d87116814c9f_s390x", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:0ec97472d9bb1d99bfc0653194acf1b44de185a9e63756fb692acaa713ade2db_s390x", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:33f921009c9baaf82d3d10406073e9da9b31540d6b3b421c7a3659e2d8310179_ppc64le", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:eaa126d86aecf2bd330f2234104a905a71ab280a4d74a2614d98daaf13e821e2_amd64", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:746f118b9224ba6a175526f265d956ae8ce6c7c170db2217bd34b028f03999af_amd64", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:8a237928d7c059ecd5d1f3aad89ab094a73452e221c133cd9c5c7689db9b87bf_ppc64le", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:ecead456f33621f78b97d0d151f816d39246af1ca69696616f033213791142dc_s390x", "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:ae1228eb0e7c975eeec459749408a70324245aa99fd41bce03cd9f45ceb42d0b_s390x", "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:cbad12c58f243298974f51d2278730feb5fbb74cdc6de409dd0578794ab6c1a4_ppc64le", "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:dd22e49f8d5aa7f009169aec3c43e68307e0842cde9260a70dd424159e61c89d_amd64", "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:3c15440847fbc38023d590dd5f93ee524f53e2999c4483cfb3ba9bbf6bba904f_ppc64le", "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:9e9d91554f5edb5a3e00f2a294056bb540ed1597fc8af5d44432ce81d54bf977_amd64", "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:ac25a060b441ba7b1a2f282083e0900f26d159a02486d85bf496c28ce61ad970_s390x", "8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:6df979ecc2195ddd8c1b84a0355fa4df58cf55c34f0b07669659d72501a701d4_ppc64le", "8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:a66560fd323c9cb1466ca2fede9111665cadfc1ddaf9ce28e0aad6fdddf89763_s390x", "8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:b6ec1460415bf8c69d82cf9267494dc5445242b6a0957318eae5bf333693cb2e_amd64", "8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:0d51e3a8b92cab3b8f5221fc076b2079a68e7ba75f7f3ecb9322fe7ba77e862f_ppc64le", "8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:a602d31cee6906b1d0218de85403decb0155746990f9cd218731c7d4e717f1a1_s390x", "8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:b903b41e1096a25b53c5272c8457baa352e2c83fa997852d4a8ed614e2c02802_amd64", "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:5aee6e4bfecba226d276b95c62a68a1b6d513d60c9c8aff84752725e6c01b8c0_ppc64le", "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:a18638de4d39738b696f044e0d181fdeaf82499f2a2b4b46c07675db5fbe8c3f_amd64", "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:e9615e41e857331edacf87fcd98ced0a50fba92757131fdb433ad3e9490e4dd7_s390x", "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:29200f7311b63df76f6723878e4a8e2c315376b421e4e5febe2323a926d48594_amd64", "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:42c59f6a87c791fd6a3e829af331e2c5778612f503b402c0a08278cc9dc09ef7_ppc64le", "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:d557bf48ab4db2b2c98a65d1a028b7cde4363ee888c274d0629829c1b07977ef_s390x", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "browserify-sign: upper bound check issue in dsaVerify leads to a signature forgery attack", }, ], }
RHSA-2023:6180
Vulnerability from csaf_redhat
Published
2023-10-30 12:53
Modified
2025-04-01 14:03
Summary
Red Hat Security Advisory: Red Hat OpenShift distributed tracing 2.9.0 containers security update
Notes
Topic
An update is now available for Red Hat Openshift distributed tracing 2.9.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Release of Red Hat OpenShift distributed tracing provides these changes:
Security Fix(es):
* browserify-sign: upper bound check issue in dsaVerify leads to a signature forgery attack (CVE-2023-46234)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update is now available for Red Hat Openshift distributed tracing 2.9.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Release of Red Hat OpenShift distributed tracing provides these changes:\n\nSecurity Fix(es):\n\n* browserify-sign: upper bound check issue in dsaVerify leads to a signature forgery attack (CVE-2023-46234)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2023:6180", url: "https://access.redhat.com/errata/RHSA-2023:6180", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "2246470", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2246470", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_6180.json", }, ], title: "Red Hat Security Advisory: Red Hat OpenShift distributed tracing 2.9.0 containers security update", tracking: { current_release_date: "2025-04-01T14:03:44+00:00", generator: { date: "2025-04-01T14:03:44+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.2", }, }, id: "RHSA-2023:6180", initial_release_date: "2023-10-30T12:53:43+00:00", revision_history: [ { date: "2023-10-30T12:53:43+00:00", number: "1", summary: "Initial version", }, { date: "2023-10-30T12:53:43+00:00", number: "2", summary: "Last updated version", }, { date: "2025-04-01T14:03:44+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat OpenShift distributed tracing 2.9", product: { name: "Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9", product_identification_helper: { cpe: "cpe:/a:redhat:openshift_distributed_tracing:2.9::el8", }, }, }, ], category: "product_family", name: "Red Hat OpenShift distributed tracing", }, { branches: [ { category: "product_version", name: "rhosdt/jaeger-agent-rhel8@sha256:7ebe5c551baccd151d6ef2120eb7009570b33647bfd6332320dfa0f5f661ed8a_amd64", product: { name: "rhosdt/jaeger-agent-rhel8@sha256:7ebe5c551baccd151d6ef2120eb7009570b33647bfd6332320dfa0f5f661ed8a_amd64", product_id: "rhosdt/jaeger-agent-rhel8@sha256:7ebe5c551baccd151d6ef2120eb7009570b33647bfd6332320dfa0f5f661ed8a_amd64", product_identification_helper: { purl: "pkg:oci/jaeger-agent-rhel8@sha256:7ebe5c551baccd151d6ef2120eb7009570b33647bfd6332320dfa0f5f661ed8a?arch=amd64&repository_url=registry.redhat.io/rhosdt/jaeger-agent-rhel8&tag=1.47.1-5", }, }, }, { category: "product_version", name: "rhosdt/jaeger-all-in-one-rhel8@sha256:bb3e6e3b54c116d45c23154b3f3bd122a99a62ceb4499cd56774f1e0cec1c214_amd64", product: { name: "rhosdt/jaeger-all-in-one-rhel8@sha256:bb3e6e3b54c116d45c23154b3f3bd122a99a62ceb4499cd56774f1e0cec1c214_amd64", product_id: "rhosdt/jaeger-all-in-one-rhel8@sha256:bb3e6e3b54c116d45c23154b3f3bd122a99a62ceb4499cd56774f1e0cec1c214_amd64", product_identification_helper: { purl: "pkg:oci/jaeger-all-in-one-rhel8@sha256:bb3e6e3b54c116d45c23154b3f3bd122a99a62ceb4499cd56774f1e0cec1c214?arch=amd64&repository_url=registry.redhat.io/rhosdt/jaeger-all-in-one-rhel8&tag=1.47.1-5", }, }, }, { category: "product_version", name: "rhosdt/jaeger-collector-rhel8@sha256:df8436011b04ced795985116fff8eb5cc0009f0002ce9c000f9db741980b5a72_amd64", product: { name: "rhosdt/jaeger-collector-rhel8@sha256:df8436011b04ced795985116fff8eb5cc0009f0002ce9c000f9db741980b5a72_amd64", product_id: "rhosdt/jaeger-collector-rhel8@sha256:df8436011b04ced795985116fff8eb5cc0009f0002ce9c000f9db741980b5a72_amd64", product_identification_helper: { purl: "pkg:oci/jaeger-collector-rhel8@sha256:df8436011b04ced795985116fff8eb5cc0009f0002ce9c000f9db741980b5a72?arch=amd64&repository_url=registry.redhat.io/rhosdt/jaeger-collector-rhel8&tag=1.47.1-5", }, }, }, { category: "product_version", name: "rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c3883a6c2f828592783cd1cd336c23a29245e9c45b10dd2b6d1aa8b86a670c31_amd64", product: { name: "rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c3883a6c2f828592783cd1cd336c23a29245e9c45b10dd2b6d1aa8b86a670c31_amd64", product_id: "rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c3883a6c2f828592783cd1cd336c23a29245e9c45b10dd2b6d1aa8b86a670c31_amd64", product_identification_helper: { purl: "pkg:oci/jaeger-es-index-cleaner-rhel8@sha256:c3883a6c2f828592783cd1cd336c23a29245e9c45b10dd2b6d1aa8b86a670c31?arch=amd64&repository_url=registry.redhat.io/rhosdt/jaeger-es-index-cleaner-rhel8&tag=1.47.1-5", }, }, }, { category: "product_version", name: "rhosdt/jaeger-es-rollover-rhel8@sha256:ba453c045a93b2ac9e9a820ca616ea4af912972a99a5e4b07135658f1ddc752d_amd64", product: { name: "rhosdt/jaeger-es-rollover-rhel8@sha256:ba453c045a93b2ac9e9a820ca616ea4af912972a99a5e4b07135658f1ddc752d_amd64", product_id: "rhosdt/jaeger-es-rollover-rhel8@sha256:ba453c045a93b2ac9e9a820ca616ea4af912972a99a5e4b07135658f1ddc752d_amd64", product_identification_helper: { purl: "pkg:oci/jaeger-es-rollover-rhel8@sha256:ba453c045a93b2ac9e9a820ca616ea4af912972a99a5e4b07135658f1ddc752d?arch=amd64&repository_url=registry.redhat.io/rhosdt/jaeger-es-rollover-rhel8&tag=1.47.1-5", }, }, }, { category: "product_version", name: "rhosdt/jaeger-ingester-rhel8@sha256:f72338e446068e2487de8f6eb2249a69e27f24523a771e8aba0fcc2fbf263fe8_amd64", product: { name: "rhosdt/jaeger-ingester-rhel8@sha256:f72338e446068e2487de8f6eb2249a69e27f24523a771e8aba0fcc2fbf263fe8_amd64", product_id: "rhosdt/jaeger-ingester-rhel8@sha256:f72338e446068e2487de8f6eb2249a69e27f24523a771e8aba0fcc2fbf263fe8_amd64", product_identification_helper: { purl: "pkg:oci/jaeger-ingester-rhel8@sha256:f72338e446068e2487de8f6eb2249a69e27f24523a771e8aba0fcc2fbf263fe8?arch=amd64&repository_url=registry.redhat.io/rhosdt/jaeger-ingester-rhel8&tag=1.47.1-5", }, }, }, { category: "product_version", name: "rhosdt/jaeger-operator-bundle@sha256:5dfb4b1c8b7c835e0c493927cb5c22bc68989244e49e284f90a063d54c6d1aa9_amd64", product: { name: "rhosdt/jaeger-operator-bundle@sha256:5dfb4b1c8b7c835e0c493927cb5c22bc68989244e49e284f90a063d54c6d1aa9_amd64", product_id: "rhosdt/jaeger-operator-bundle@sha256:5dfb4b1c8b7c835e0c493927cb5c22bc68989244e49e284f90a063d54c6d1aa9_amd64", product_identification_helper: { purl: "pkg:oci/jaeger-operator-bundle@sha256:5dfb4b1c8b7c835e0c493927cb5c22bc68989244e49e284f90a063d54c6d1aa9?arch=amd64&repository_url=registry.redhat.io/rhosdt/jaeger-operator-bundle&tag=1.47.1-14", }, }, }, { category: "product_version", name: "rhosdt/jaeger-rhel8-operator@sha256:9198140a0252287e5114e04b97d5454227b51bac8fa4411dea1b0d0843f3c668_amd64", product: { name: "rhosdt/jaeger-rhel8-operator@sha256:9198140a0252287e5114e04b97d5454227b51bac8fa4411dea1b0d0843f3c668_amd64", product_id: "rhosdt/jaeger-rhel8-operator@sha256:9198140a0252287e5114e04b97d5454227b51bac8fa4411dea1b0d0843f3c668_amd64", product_identification_helper: { purl: "pkg:oci/jaeger-rhel8-operator@sha256:9198140a0252287e5114e04b97d5454227b51bac8fa4411dea1b0d0843f3c668?arch=amd64&repository_url=registry.redhat.io/rhosdt/jaeger-rhel8-operator&tag=1.47.1-5", }, }, }, { category: "product_version", name: "rhosdt/jaeger-query-rhel8@sha256:d9adfa493c64269d2ce744572d9a4c230e8a7c2503a35dbb3df5346e52a6dd2c_amd64", product: { name: "rhosdt/jaeger-query-rhel8@sha256:d9adfa493c64269d2ce744572d9a4c230e8a7c2503a35dbb3df5346e52a6dd2c_amd64", product_id: "rhosdt/jaeger-query-rhel8@sha256:d9adfa493c64269d2ce744572d9a4c230e8a7c2503a35dbb3df5346e52a6dd2c_amd64", product_identification_helper: { purl: "pkg:oci/jaeger-query-rhel8@sha256:d9adfa493c64269d2ce744572d9a4c230e8a7c2503a35dbb3df5346e52a6dd2c?arch=amd64&repository_url=registry.redhat.io/rhosdt/jaeger-query-rhel8&tag=1.47.1-5", }, }, }, { category: "product_version", name: "rhosdt/opentelemetry-collector-rhel8@sha256:2adc2877050289ee2568c4f03ce171dc2c30bf86976fcc63c09bd0bf18b92cc4_amd64", product: { name: "rhosdt/opentelemetry-collector-rhel8@sha256:2adc2877050289ee2568c4f03ce171dc2c30bf86976fcc63c09bd0bf18b92cc4_amd64", product_id: "rhosdt/opentelemetry-collector-rhel8@sha256:2adc2877050289ee2568c4f03ce171dc2c30bf86976fcc63c09bd0bf18b92cc4_amd64", product_identification_helper: { purl: "pkg:oci/opentelemetry-collector-rhel8@sha256:2adc2877050289ee2568c4f03ce171dc2c30bf86976fcc63c09bd0bf18b92cc4?arch=amd64&repository_url=registry.redhat.io/rhosdt/opentelemetry-collector-rhel8&tag=0.81.1-5", }, }, }, { category: "product_version", name: "rhosdt/opentelemetry-operator-bundle@sha256:eaa126d86aecf2bd330f2234104a905a71ab280a4d74a2614d98daaf13e821e2_amd64", product: { name: "rhosdt/opentelemetry-operator-bundle@sha256:eaa126d86aecf2bd330f2234104a905a71ab280a4d74a2614d98daaf13e821e2_amd64", product_id: "rhosdt/opentelemetry-operator-bundle@sha256:eaa126d86aecf2bd330f2234104a905a71ab280a4d74a2614d98daaf13e821e2_amd64", product_identification_helper: { purl: "pkg:oci/opentelemetry-operator-bundle@sha256:eaa126d86aecf2bd330f2234104a905a71ab280a4d74a2614d98daaf13e821e2?arch=amd64&repository_url=registry.redhat.io/rhosdt/opentelemetry-operator-bundle&tag=0.81.1-12", }, }, }, { category: "product_version", name: "rhosdt/opentelemetry-rhel8-operator@sha256:746f118b9224ba6a175526f265d956ae8ce6c7c170db2217bd34b028f03999af_amd64", product: { name: "rhosdt/opentelemetry-rhel8-operator@sha256:746f118b9224ba6a175526f265d956ae8ce6c7c170db2217bd34b028f03999af_amd64", product_id: "rhosdt/opentelemetry-rhel8-operator@sha256:746f118b9224ba6a175526f265d956ae8ce6c7c170db2217bd34b028f03999af_amd64", product_identification_helper: { purl: "pkg:oci/opentelemetry-rhel8-operator@sha256:746f118b9224ba6a175526f265d956ae8ce6c7c170db2217bd34b028f03999af?arch=amd64&repository_url=registry.redhat.io/rhosdt/opentelemetry-rhel8-operator&tag=0.81.1-5", }, }, }, { category: "product_version", name: "rhosdt/tempo-rhel8@sha256:29200f7311b63df76f6723878e4a8e2c315376b421e4e5febe2323a926d48594_amd64", product: { name: "rhosdt/tempo-rhel8@sha256:29200f7311b63df76f6723878e4a8e2c315376b421e4e5febe2323a926d48594_amd64", product_id: "rhosdt/tempo-rhel8@sha256:29200f7311b63df76f6723878e4a8e2c315376b421e4e5febe2323a926d48594_amd64", product_identification_helper: { purl: "pkg:oci/tempo-rhel8@sha256:29200f7311b63df76f6723878e4a8e2c315376b421e4e5febe2323a926d48594?arch=amd64&repository_url=registry.redhat.io/rhosdt/tempo-rhel8&tag=2.1.1-10", }, }, }, { category: "product_version", name: "rhosdt/tempo-gateway-rhel8@sha256:9e9d91554f5edb5a3e00f2a294056bb540ed1597fc8af5d44432ce81d54bf977_amd64", product: { name: "rhosdt/tempo-gateway-rhel8@sha256:9e9d91554f5edb5a3e00f2a294056bb540ed1597fc8af5d44432ce81d54bf977_amd64", product_id: "rhosdt/tempo-gateway-rhel8@sha256:9e9d91554f5edb5a3e00f2a294056bb540ed1597fc8af5d44432ce81d54bf977_amd64", product_identification_helper: { purl: "pkg:oci/tempo-gateway-rhel8@sha256:9e9d91554f5edb5a3e00f2a294056bb540ed1597fc8af5d44432ce81d54bf977?arch=amd64&repository_url=registry.redhat.io/rhosdt/tempo-gateway-rhel8&tag=742e3d3-3", }, }, }, { category: "product_version", name: "rhosdt/tempo-gateway-opa-rhel8@sha256:dd22e49f8d5aa7f009169aec3c43e68307e0842cde9260a70dd424159e61c89d_amd64", product: { name: "rhosdt/tempo-gateway-opa-rhel8@sha256:dd22e49f8d5aa7f009169aec3c43e68307e0842cde9260a70dd424159e61c89d_amd64", product_id: "rhosdt/tempo-gateway-opa-rhel8@sha256:dd22e49f8d5aa7f009169aec3c43e68307e0842cde9260a70dd424159e61c89d_amd64", product_identification_helper: { purl: "pkg:oci/tempo-gateway-opa-rhel8@sha256:dd22e49f8d5aa7f009169aec3c43e68307e0842cde9260a70dd424159e61c89d?arch=amd64&repository_url=registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8&tag=fe53f40-2", }, }, }, { category: "product_version", name: "rhosdt/tempo-operator-bundle@sha256:b6ec1460415bf8c69d82cf9267494dc5445242b6a0957318eae5bf333693cb2e_amd64", product: { name: "rhosdt/tempo-operator-bundle@sha256:b6ec1460415bf8c69d82cf9267494dc5445242b6a0957318eae5bf333693cb2e_amd64", product_id: "rhosdt/tempo-operator-bundle@sha256:b6ec1460415bf8c69d82cf9267494dc5445242b6a0957318eae5bf333693cb2e_amd64", product_identification_helper: { purl: "pkg:oci/tempo-operator-bundle@sha256:b6ec1460415bf8c69d82cf9267494dc5445242b6a0957318eae5bf333693cb2e?arch=amd64&repository_url=registry.redhat.io/rhosdt/tempo-operator-bundle&tag=0.3.1-11", }, }, }, { category: "product_version", name: "rhosdt/tempo-rhel8-operator@sha256:a18638de4d39738b696f044e0d181fdeaf82499f2a2b4b46c07675db5fbe8c3f_amd64", product: { name: "rhosdt/tempo-rhel8-operator@sha256:a18638de4d39738b696f044e0d181fdeaf82499f2a2b4b46c07675db5fbe8c3f_amd64", product_id: "rhosdt/tempo-rhel8-operator@sha256:a18638de4d39738b696f044e0d181fdeaf82499f2a2b4b46c07675db5fbe8c3f_amd64", product_identification_helper: { purl: "pkg:oci/tempo-rhel8-operator@sha256:a18638de4d39738b696f044e0d181fdeaf82499f2a2b4b46c07675db5fbe8c3f?arch=amd64&repository_url=registry.redhat.io/rhosdt/tempo-rhel8-operator&tag=0.3.1-3", }, }, }, { category: "product_version", name: "rhosdt/tempo-query-rhel8@sha256:b903b41e1096a25b53c5272c8457baa352e2c83fa997852d4a8ed614e2c02802_amd64", product: { name: "rhosdt/tempo-query-rhel8@sha256:b903b41e1096a25b53c5272c8457baa352e2c83fa997852d4a8ed614e2c02802_amd64", product_id: "rhosdt/tempo-query-rhel8@sha256:b903b41e1096a25b53c5272c8457baa352e2c83fa997852d4a8ed614e2c02802_amd64", product_identification_helper: { purl: "pkg:oci/tempo-query-rhel8@sha256:b903b41e1096a25b53c5272c8457baa352e2c83fa997852d4a8ed614e2c02802?arch=amd64&repository_url=registry.redhat.io/rhosdt/tempo-query-rhel8&tag=0.3.1-4", }, }, }, ], category: "architecture", name: "amd64", }, { branches: [ { category: "product_version", name: "rhosdt/jaeger-agent-rhel8@sha256:952f7701d0c1d8ac9c01c0b2ff9d28a4dad480fd34e68eef162e41b5bb0a17e1_ppc64le", product: { name: "rhosdt/jaeger-agent-rhel8@sha256:952f7701d0c1d8ac9c01c0b2ff9d28a4dad480fd34e68eef162e41b5bb0a17e1_ppc64le", product_id: "rhosdt/jaeger-agent-rhel8@sha256:952f7701d0c1d8ac9c01c0b2ff9d28a4dad480fd34e68eef162e41b5bb0a17e1_ppc64le", product_identification_helper: { purl: "pkg:oci/jaeger-agent-rhel8@sha256:952f7701d0c1d8ac9c01c0b2ff9d28a4dad480fd34e68eef162e41b5bb0a17e1?arch=ppc64le&repository_url=registry.redhat.io/rhosdt/jaeger-agent-rhel8&tag=1.47.1-5", }, }, }, { category: "product_version", name: "rhosdt/jaeger-all-in-one-rhel8@sha256:16934a17528d69fb0d39f605364fbc012a3e4d7401df45c91c995ac8ef9ed920_ppc64le", product: { name: "rhosdt/jaeger-all-in-one-rhel8@sha256:16934a17528d69fb0d39f605364fbc012a3e4d7401df45c91c995ac8ef9ed920_ppc64le", product_id: "rhosdt/jaeger-all-in-one-rhel8@sha256:16934a17528d69fb0d39f605364fbc012a3e4d7401df45c91c995ac8ef9ed920_ppc64le", product_identification_helper: { purl: "pkg:oci/jaeger-all-in-one-rhel8@sha256:16934a17528d69fb0d39f605364fbc012a3e4d7401df45c91c995ac8ef9ed920?arch=ppc64le&repository_url=registry.redhat.io/rhosdt/jaeger-all-in-one-rhel8&tag=1.47.1-5", }, }, }, { category: "product_version", name: "rhosdt/jaeger-collector-rhel8@sha256:467961ec80abc54ee85939f0287041223b181bb7c9a622b556785ff1dd8119f5_ppc64le", product: { name: "rhosdt/jaeger-collector-rhel8@sha256:467961ec80abc54ee85939f0287041223b181bb7c9a622b556785ff1dd8119f5_ppc64le", product_id: "rhosdt/jaeger-collector-rhel8@sha256:467961ec80abc54ee85939f0287041223b181bb7c9a622b556785ff1dd8119f5_ppc64le", product_identification_helper: { purl: "pkg:oci/jaeger-collector-rhel8@sha256:467961ec80abc54ee85939f0287041223b181bb7c9a622b556785ff1dd8119f5?arch=ppc64le&repository_url=registry.redhat.io/rhosdt/jaeger-collector-rhel8&tag=1.47.1-5", }, }, }, { category: "product_version", name: "rhosdt/jaeger-es-index-cleaner-rhel8@sha256:43f26cad1cd0ea7e5ac2e605077302473382ab85b3f8da72e49c4dd06114dab2_ppc64le", product: { name: "rhosdt/jaeger-es-index-cleaner-rhel8@sha256:43f26cad1cd0ea7e5ac2e605077302473382ab85b3f8da72e49c4dd06114dab2_ppc64le", product_id: "rhosdt/jaeger-es-index-cleaner-rhel8@sha256:43f26cad1cd0ea7e5ac2e605077302473382ab85b3f8da72e49c4dd06114dab2_ppc64le", product_identification_helper: { purl: "pkg:oci/jaeger-es-index-cleaner-rhel8@sha256:43f26cad1cd0ea7e5ac2e605077302473382ab85b3f8da72e49c4dd06114dab2?arch=ppc64le&repository_url=registry.redhat.io/rhosdt/jaeger-es-index-cleaner-rhel8&tag=1.47.1-5", }, }, }, { category: "product_version", name: "rhosdt/jaeger-es-rollover-rhel8@sha256:0c8511e092b0138282ce3997cf06d8ba5995b9aa17aa436bcb3eacad910ff54d_ppc64le", product: { name: "rhosdt/jaeger-es-rollover-rhel8@sha256:0c8511e092b0138282ce3997cf06d8ba5995b9aa17aa436bcb3eacad910ff54d_ppc64le", product_id: "rhosdt/jaeger-es-rollover-rhel8@sha256:0c8511e092b0138282ce3997cf06d8ba5995b9aa17aa436bcb3eacad910ff54d_ppc64le", product_identification_helper: { purl: "pkg:oci/jaeger-es-rollover-rhel8@sha256:0c8511e092b0138282ce3997cf06d8ba5995b9aa17aa436bcb3eacad910ff54d?arch=ppc64le&repository_url=registry.redhat.io/rhosdt/jaeger-es-rollover-rhel8&tag=1.47.1-5", }, }, }, { category: "product_version", name: "rhosdt/jaeger-ingester-rhel8@sha256:8341ef7ade15d0f823fb0ef8d1d2e2aab3f6078feae7a341a2f7b4c6bd94fba1_ppc64le", product: { name: "rhosdt/jaeger-ingester-rhel8@sha256:8341ef7ade15d0f823fb0ef8d1d2e2aab3f6078feae7a341a2f7b4c6bd94fba1_ppc64le", product_id: "rhosdt/jaeger-ingester-rhel8@sha256:8341ef7ade15d0f823fb0ef8d1d2e2aab3f6078feae7a341a2f7b4c6bd94fba1_ppc64le", product_identification_helper: { purl: "pkg:oci/jaeger-ingester-rhel8@sha256:8341ef7ade15d0f823fb0ef8d1d2e2aab3f6078feae7a341a2f7b4c6bd94fba1?arch=ppc64le&repository_url=registry.redhat.io/rhosdt/jaeger-ingester-rhel8&tag=1.47.1-5", }, }, }, { category: "product_version", name: "rhosdt/jaeger-operator-bundle@sha256:a59c693b975fad667a6cfebed3e2cf564419baf0a10aa27b71a22581b789dc10_ppc64le", product: { name: "rhosdt/jaeger-operator-bundle@sha256:a59c693b975fad667a6cfebed3e2cf564419baf0a10aa27b71a22581b789dc10_ppc64le", product_id: "rhosdt/jaeger-operator-bundle@sha256:a59c693b975fad667a6cfebed3e2cf564419baf0a10aa27b71a22581b789dc10_ppc64le", product_identification_helper: { purl: "pkg:oci/jaeger-operator-bundle@sha256:a59c693b975fad667a6cfebed3e2cf564419baf0a10aa27b71a22581b789dc10?arch=ppc64le&repository_url=registry.redhat.io/rhosdt/jaeger-operator-bundle&tag=1.47.1-14", }, }, }, { category: "product_version", name: "rhosdt/jaeger-rhel8-operator@sha256:e50b850a731b7ab45345ab4e9495e4806ac0c6f8ba9ae13b83673a3b06a014f9_ppc64le", product: { name: "rhosdt/jaeger-rhel8-operator@sha256:e50b850a731b7ab45345ab4e9495e4806ac0c6f8ba9ae13b83673a3b06a014f9_ppc64le", product_id: "rhosdt/jaeger-rhel8-operator@sha256:e50b850a731b7ab45345ab4e9495e4806ac0c6f8ba9ae13b83673a3b06a014f9_ppc64le", product_identification_helper: { purl: "pkg:oci/jaeger-rhel8-operator@sha256:e50b850a731b7ab45345ab4e9495e4806ac0c6f8ba9ae13b83673a3b06a014f9?arch=ppc64le&repository_url=registry.redhat.io/rhosdt/jaeger-rhel8-operator&tag=1.47.1-5", }, }, }, { category: "product_version", name: "rhosdt/jaeger-query-rhel8@sha256:4da3891b6d4df60dc7e0248bbb543d8363d32671bc3b0eb1671468dd4d3b7ebe_ppc64le", product: { name: "rhosdt/jaeger-query-rhel8@sha256:4da3891b6d4df60dc7e0248bbb543d8363d32671bc3b0eb1671468dd4d3b7ebe_ppc64le", product_id: "rhosdt/jaeger-query-rhel8@sha256:4da3891b6d4df60dc7e0248bbb543d8363d32671bc3b0eb1671468dd4d3b7ebe_ppc64le", product_identification_helper: { purl: "pkg:oci/jaeger-query-rhel8@sha256:4da3891b6d4df60dc7e0248bbb543d8363d32671bc3b0eb1671468dd4d3b7ebe?arch=ppc64le&repository_url=registry.redhat.io/rhosdt/jaeger-query-rhel8&tag=1.47.1-5", }, }, }, { category: "product_version", name: "rhosdt/opentelemetry-collector-rhel8@sha256:73017b0ad2d4ea26900253abdc9a62d55a40ff04905a391e91610ad7a9d762d3_ppc64le", product: { name: "rhosdt/opentelemetry-collector-rhel8@sha256:73017b0ad2d4ea26900253abdc9a62d55a40ff04905a391e91610ad7a9d762d3_ppc64le", product_id: "rhosdt/opentelemetry-collector-rhel8@sha256:73017b0ad2d4ea26900253abdc9a62d55a40ff04905a391e91610ad7a9d762d3_ppc64le", product_identification_helper: { purl: "pkg:oci/opentelemetry-collector-rhel8@sha256:73017b0ad2d4ea26900253abdc9a62d55a40ff04905a391e91610ad7a9d762d3?arch=ppc64le&repository_url=registry.redhat.io/rhosdt/opentelemetry-collector-rhel8&tag=0.81.1-5", }, }, }, { category: "product_version", name: "rhosdt/opentelemetry-operator-bundle@sha256:33f921009c9baaf82d3d10406073e9da9b31540d6b3b421c7a3659e2d8310179_ppc64le", product: { name: "rhosdt/opentelemetry-operator-bundle@sha256:33f921009c9baaf82d3d10406073e9da9b31540d6b3b421c7a3659e2d8310179_ppc64le", product_id: "rhosdt/opentelemetry-operator-bundle@sha256:33f921009c9baaf82d3d10406073e9da9b31540d6b3b421c7a3659e2d8310179_ppc64le", product_identification_helper: { purl: "pkg:oci/opentelemetry-operator-bundle@sha256:33f921009c9baaf82d3d10406073e9da9b31540d6b3b421c7a3659e2d8310179?arch=ppc64le&repository_url=registry.redhat.io/rhosdt/opentelemetry-operator-bundle&tag=0.81.1-12", }, }, }, { category: "product_version", name: "rhosdt/opentelemetry-rhel8-operator@sha256:8a237928d7c059ecd5d1f3aad89ab094a73452e221c133cd9c5c7689db9b87bf_ppc64le", product: { name: "rhosdt/opentelemetry-rhel8-operator@sha256:8a237928d7c059ecd5d1f3aad89ab094a73452e221c133cd9c5c7689db9b87bf_ppc64le", product_id: "rhosdt/opentelemetry-rhel8-operator@sha256:8a237928d7c059ecd5d1f3aad89ab094a73452e221c133cd9c5c7689db9b87bf_ppc64le", product_identification_helper: { purl: "pkg:oci/opentelemetry-rhel8-operator@sha256:8a237928d7c059ecd5d1f3aad89ab094a73452e221c133cd9c5c7689db9b87bf?arch=ppc64le&repository_url=registry.redhat.io/rhosdt/opentelemetry-rhel8-operator&tag=0.81.1-5", }, }, }, { category: "product_version", name: "rhosdt/tempo-rhel8@sha256:42c59f6a87c791fd6a3e829af331e2c5778612f503b402c0a08278cc9dc09ef7_ppc64le", product: { name: "rhosdt/tempo-rhel8@sha256:42c59f6a87c791fd6a3e829af331e2c5778612f503b402c0a08278cc9dc09ef7_ppc64le", product_id: "rhosdt/tempo-rhel8@sha256:42c59f6a87c791fd6a3e829af331e2c5778612f503b402c0a08278cc9dc09ef7_ppc64le", product_identification_helper: { purl: "pkg:oci/tempo-rhel8@sha256:42c59f6a87c791fd6a3e829af331e2c5778612f503b402c0a08278cc9dc09ef7?arch=ppc64le&repository_url=registry.redhat.io/rhosdt/tempo-rhel8&tag=2.1.1-10", }, }, }, { category: "product_version", name: "rhosdt/tempo-gateway-rhel8@sha256:3c15440847fbc38023d590dd5f93ee524f53e2999c4483cfb3ba9bbf6bba904f_ppc64le", product: { name: "rhosdt/tempo-gateway-rhel8@sha256:3c15440847fbc38023d590dd5f93ee524f53e2999c4483cfb3ba9bbf6bba904f_ppc64le", product_id: "rhosdt/tempo-gateway-rhel8@sha256:3c15440847fbc38023d590dd5f93ee524f53e2999c4483cfb3ba9bbf6bba904f_ppc64le", product_identification_helper: { purl: "pkg:oci/tempo-gateway-rhel8@sha256:3c15440847fbc38023d590dd5f93ee524f53e2999c4483cfb3ba9bbf6bba904f?arch=ppc64le&repository_url=registry.redhat.io/rhosdt/tempo-gateway-rhel8&tag=742e3d3-3", }, }, }, { category: "product_version", name: "rhosdt/tempo-gateway-opa-rhel8@sha256:cbad12c58f243298974f51d2278730feb5fbb74cdc6de409dd0578794ab6c1a4_ppc64le", product: { name: "rhosdt/tempo-gateway-opa-rhel8@sha256:cbad12c58f243298974f51d2278730feb5fbb74cdc6de409dd0578794ab6c1a4_ppc64le", product_id: "rhosdt/tempo-gateway-opa-rhel8@sha256:cbad12c58f243298974f51d2278730feb5fbb74cdc6de409dd0578794ab6c1a4_ppc64le", product_identification_helper: { purl: "pkg:oci/tempo-gateway-opa-rhel8@sha256:cbad12c58f243298974f51d2278730feb5fbb74cdc6de409dd0578794ab6c1a4?arch=ppc64le&repository_url=registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8&tag=fe53f40-2", }, }, }, { category: "product_version", name: "rhosdt/tempo-operator-bundle@sha256:6df979ecc2195ddd8c1b84a0355fa4df58cf55c34f0b07669659d72501a701d4_ppc64le", product: { name: "rhosdt/tempo-operator-bundle@sha256:6df979ecc2195ddd8c1b84a0355fa4df58cf55c34f0b07669659d72501a701d4_ppc64le", product_id: "rhosdt/tempo-operator-bundle@sha256:6df979ecc2195ddd8c1b84a0355fa4df58cf55c34f0b07669659d72501a701d4_ppc64le", product_identification_helper: { purl: "pkg:oci/tempo-operator-bundle@sha256:6df979ecc2195ddd8c1b84a0355fa4df58cf55c34f0b07669659d72501a701d4?arch=ppc64le&repository_url=registry.redhat.io/rhosdt/tempo-operator-bundle&tag=0.3.1-11", }, }, }, { category: "product_version", name: "rhosdt/tempo-rhel8-operator@sha256:5aee6e4bfecba226d276b95c62a68a1b6d513d60c9c8aff84752725e6c01b8c0_ppc64le", product: { name: "rhosdt/tempo-rhel8-operator@sha256:5aee6e4bfecba226d276b95c62a68a1b6d513d60c9c8aff84752725e6c01b8c0_ppc64le", product_id: "rhosdt/tempo-rhel8-operator@sha256:5aee6e4bfecba226d276b95c62a68a1b6d513d60c9c8aff84752725e6c01b8c0_ppc64le", product_identification_helper: { purl: "pkg:oci/tempo-rhel8-operator@sha256:5aee6e4bfecba226d276b95c62a68a1b6d513d60c9c8aff84752725e6c01b8c0?arch=ppc64le&repository_url=registry.redhat.io/rhosdt/tempo-rhel8-operator&tag=0.3.1-3", }, }, }, { category: "product_version", name: "rhosdt/tempo-query-rhel8@sha256:0d51e3a8b92cab3b8f5221fc076b2079a68e7ba75f7f3ecb9322fe7ba77e862f_ppc64le", product: { name: "rhosdt/tempo-query-rhel8@sha256:0d51e3a8b92cab3b8f5221fc076b2079a68e7ba75f7f3ecb9322fe7ba77e862f_ppc64le", product_id: "rhosdt/tempo-query-rhel8@sha256:0d51e3a8b92cab3b8f5221fc076b2079a68e7ba75f7f3ecb9322fe7ba77e862f_ppc64le", product_identification_helper: { purl: "pkg:oci/tempo-query-rhel8@sha256:0d51e3a8b92cab3b8f5221fc076b2079a68e7ba75f7f3ecb9322fe7ba77e862f?arch=ppc64le&repository_url=registry.redhat.io/rhosdt/tempo-query-rhel8&tag=0.3.1-4", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "rhosdt/jaeger-agent-rhel8@sha256:2619637d44fd87e5c07301de93841899fffc109dcfaff59d56349cedc208a679_s390x", product: { name: "rhosdt/jaeger-agent-rhel8@sha256:2619637d44fd87e5c07301de93841899fffc109dcfaff59d56349cedc208a679_s390x", product_id: "rhosdt/jaeger-agent-rhel8@sha256:2619637d44fd87e5c07301de93841899fffc109dcfaff59d56349cedc208a679_s390x", product_identification_helper: { purl: "pkg:oci/jaeger-agent-rhel8@sha256:2619637d44fd87e5c07301de93841899fffc109dcfaff59d56349cedc208a679?arch=s390x&repository_url=registry.redhat.io/rhosdt/jaeger-agent-rhel8&tag=1.47.1-5", }, }, }, { category: "product_version", name: "rhosdt/jaeger-all-in-one-rhel8@sha256:f99bb528c12edb65c36659a0a5d59d7a76449ce9649bf7c5be7b273f8485fc25_s390x", product: { name: "rhosdt/jaeger-all-in-one-rhel8@sha256:f99bb528c12edb65c36659a0a5d59d7a76449ce9649bf7c5be7b273f8485fc25_s390x", product_id: "rhosdt/jaeger-all-in-one-rhel8@sha256:f99bb528c12edb65c36659a0a5d59d7a76449ce9649bf7c5be7b273f8485fc25_s390x", product_identification_helper: { purl: "pkg:oci/jaeger-all-in-one-rhel8@sha256:f99bb528c12edb65c36659a0a5d59d7a76449ce9649bf7c5be7b273f8485fc25?arch=s390x&repository_url=registry.redhat.io/rhosdt/jaeger-all-in-one-rhel8&tag=1.47.1-5", }, }, }, { category: "product_version", name: "rhosdt/jaeger-collector-rhel8@sha256:a7e722132e7a538443f59788b82edcc52f5ec22e9343725c4401c9bdf7093b9a_s390x", product: { name: "rhosdt/jaeger-collector-rhel8@sha256:a7e722132e7a538443f59788b82edcc52f5ec22e9343725c4401c9bdf7093b9a_s390x", product_id: "rhosdt/jaeger-collector-rhel8@sha256:a7e722132e7a538443f59788b82edcc52f5ec22e9343725c4401c9bdf7093b9a_s390x", product_identification_helper: { purl: "pkg:oci/jaeger-collector-rhel8@sha256:a7e722132e7a538443f59788b82edcc52f5ec22e9343725c4401c9bdf7093b9a?arch=s390x&repository_url=registry.redhat.io/rhosdt/jaeger-collector-rhel8&tag=1.47.1-5", }, }, }, { category: "product_version", name: "rhosdt/jaeger-es-index-cleaner-rhel8@sha256:b0a3660137670fedc4e56ca656d56fb739c2fa48d9d0cf5f66fd150bd61365d5_s390x", product: { name: "rhosdt/jaeger-es-index-cleaner-rhel8@sha256:b0a3660137670fedc4e56ca656d56fb739c2fa48d9d0cf5f66fd150bd61365d5_s390x", product_id: "rhosdt/jaeger-es-index-cleaner-rhel8@sha256:b0a3660137670fedc4e56ca656d56fb739c2fa48d9d0cf5f66fd150bd61365d5_s390x", product_identification_helper: { purl: "pkg:oci/jaeger-es-index-cleaner-rhel8@sha256:b0a3660137670fedc4e56ca656d56fb739c2fa48d9d0cf5f66fd150bd61365d5?arch=s390x&repository_url=registry.redhat.io/rhosdt/jaeger-es-index-cleaner-rhel8&tag=1.47.1-5", }, }, }, { category: "product_version", name: "rhosdt/jaeger-es-rollover-rhel8@sha256:5068337fc3ab78c2bed33b7eb0f1c1cf67c753a00c006e945aded3ecad884edc_s390x", product: { name: "rhosdt/jaeger-es-rollover-rhel8@sha256:5068337fc3ab78c2bed33b7eb0f1c1cf67c753a00c006e945aded3ecad884edc_s390x", product_id: "rhosdt/jaeger-es-rollover-rhel8@sha256:5068337fc3ab78c2bed33b7eb0f1c1cf67c753a00c006e945aded3ecad884edc_s390x", product_identification_helper: { purl: "pkg:oci/jaeger-es-rollover-rhel8@sha256:5068337fc3ab78c2bed33b7eb0f1c1cf67c753a00c006e945aded3ecad884edc?arch=s390x&repository_url=registry.redhat.io/rhosdt/jaeger-es-rollover-rhel8&tag=1.47.1-5", }, }, }, { category: "product_version", name: "rhosdt/jaeger-ingester-rhel8@sha256:f117be17c9d1713db3719e4e1a7eb3b4697f9c12ac176c311b4c5d6ee27e59f9_s390x", product: { name: "rhosdt/jaeger-ingester-rhel8@sha256:f117be17c9d1713db3719e4e1a7eb3b4697f9c12ac176c311b4c5d6ee27e59f9_s390x", product_id: "rhosdt/jaeger-ingester-rhel8@sha256:f117be17c9d1713db3719e4e1a7eb3b4697f9c12ac176c311b4c5d6ee27e59f9_s390x", product_identification_helper: { purl: "pkg:oci/jaeger-ingester-rhel8@sha256:f117be17c9d1713db3719e4e1a7eb3b4697f9c12ac176c311b4c5d6ee27e59f9?arch=s390x&repository_url=registry.redhat.io/rhosdt/jaeger-ingester-rhel8&tag=1.47.1-5", }, }, }, { category: "product_version", name: "rhosdt/jaeger-operator-bundle@sha256:bf2cc048dd6e18cb05a17a6de1e45cabd734af0f88555d0c1057bf3b82ac1e0f_s390x", product: { name: "rhosdt/jaeger-operator-bundle@sha256:bf2cc048dd6e18cb05a17a6de1e45cabd734af0f88555d0c1057bf3b82ac1e0f_s390x", product_id: "rhosdt/jaeger-operator-bundle@sha256:bf2cc048dd6e18cb05a17a6de1e45cabd734af0f88555d0c1057bf3b82ac1e0f_s390x", product_identification_helper: { purl: "pkg:oci/jaeger-operator-bundle@sha256:bf2cc048dd6e18cb05a17a6de1e45cabd734af0f88555d0c1057bf3b82ac1e0f?arch=s390x&repository_url=registry.redhat.io/rhosdt/jaeger-operator-bundle&tag=1.47.1-14", }, }, }, { category: "product_version", name: "rhosdt/jaeger-rhel8-operator@sha256:a9173c66a6929bf5fc689bd434203155e365d23e5e9ae7666d89224ec39df975_s390x", product: { name: "rhosdt/jaeger-rhel8-operator@sha256:a9173c66a6929bf5fc689bd434203155e365d23e5e9ae7666d89224ec39df975_s390x", product_id: "rhosdt/jaeger-rhel8-operator@sha256:a9173c66a6929bf5fc689bd434203155e365d23e5e9ae7666d89224ec39df975_s390x", product_identification_helper: { purl: "pkg:oci/jaeger-rhel8-operator@sha256:a9173c66a6929bf5fc689bd434203155e365d23e5e9ae7666d89224ec39df975?arch=s390x&repository_url=registry.redhat.io/rhosdt/jaeger-rhel8-operator&tag=1.47.1-5", }, }, }, { category: "product_version", name: "rhosdt/jaeger-query-rhel8@sha256:4e62b4264b5e4c63bc7d0cecf154dd481605e1d0ff94d563e9d6a8bc43c4835a_s390x", product: { name: "rhosdt/jaeger-query-rhel8@sha256:4e62b4264b5e4c63bc7d0cecf154dd481605e1d0ff94d563e9d6a8bc43c4835a_s390x", product_id: "rhosdt/jaeger-query-rhel8@sha256:4e62b4264b5e4c63bc7d0cecf154dd481605e1d0ff94d563e9d6a8bc43c4835a_s390x", product_identification_helper: { purl: "pkg:oci/jaeger-query-rhel8@sha256:4e62b4264b5e4c63bc7d0cecf154dd481605e1d0ff94d563e9d6a8bc43c4835a?arch=s390x&repository_url=registry.redhat.io/rhosdt/jaeger-query-rhel8&tag=1.47.1-5", }, }, }, { category: "product_version", name: "rhosdt/opentelemetry-collector-rhel8@sha256:cb9a2f0df6852eb9d11deb8c4c14142bcae17a70301c55974fd0d87116814c9f_s390x", product: { name: "rhosdt/opentelemetry-collector-rhel8@sha256:cb9a2f0df6852eb9d11deb8c4c14142bcae17a70301c55974fd0d87116814c9f_s390x", product_id: "rhosdt/opentelemetry-collector-rhel8@sha256:cb9a2f0df6852eb9d11deb8c4c14142bcae17a70301c55974fd0d87116814c9f_s390x", product_identification_helper: { purl: "pkg:oci/opentelemetry-collector-rhel8@sha256:cb9a2f0df6852eb9d11deb8c4c14142bcae17a70301c55974fd0d87116814c9f?arch=s390x&repository_url=registry.redhat.io/rhosdt/opentelemetry-collector-rhel8&tag=0.81.1-5", }, }, }, { category: "product_version", name: "rhosdt/opentelemetry-operator-bundle@sha256:0ec97472d9bb1d99bfc0653194acf1b44de185a9e63756fb692acaa713ade2db_s390x", product: { name: "rhosdt/opentelemetry-operator-bundle@sha256:0ec97472d9bb1d99bfc0653194acf1b44de185a9e63756fb692acaa713ade2db_s390x", product_id: "rhosdt/opentelemetry-operator-bundle@sha256:0ec97472d9bb1d99bfc0653194acf1b44de185a9e63756fb692acaa713ade2db_s390x", product_identification_helper: { purl: "pkg:oci/opentelemetry-operator-bundle@sha256:0ec97472d9bb1d99bfc0653194acf1b44de185a9e63756fb692acaa713ade2db?arch=s390x&repository_url=registry.redhat.io/rhosdt/opentelemetry-operator-bundle&tag=0.81.1-12", }, }, }, { category: "product_version", name: "rhosdt/opentelemetry-rhel8-operator@sha256:ecead456f33621f78b97d0d151f816d39246af1ca69696616f033213791142dc_s390x", product: { name: "rhosdt/opentelemetry-rhel8-operator@sha256:ecead456f33621f78b97d0d151f816d39246af1ca69696616f033213791142dc_s390x", product_id: "rhosdt/opentelemetry-rhel8-operator@sha256:ecead456f33621f78b97d0d151f816d39246af1ca69696616f033213791142dc_s390x", product_identification_helper: { purl: "pkg:oci/opentelemetry-rhel8-operator@sha256:ecead456f33621f78b97d0d151f816d39246af1ca69696616f033213791142dc?arch=s390x&repository_url=registry.redhat.io/rhosdt/opentelemetry-rhel8-operator&tag=0.81.1-5", }, }, }, { category: "product_version", name: "rhosdt/tempo-rhel8@sha256:d557bf48ab4db2b2c98a65d1a028b7cde4363ee888c274d0629829c1b07977ef_s390x", product: { name: "rhosdt/tempo-rhel8@sha256:d557bf48ab4db2b2c98a65d1a028b7cde4363ee888c274d0629829c1b07977ef_s390x", product_id: "rhosdt/tempo-rhel8@sha256:d557bf48ab4db2b2c98a65d1a028b7cde4363ee888c274d0629829c1b07977ef_s390x", product_identification_helper: { purl: "pkg:oci/tempo-rhel8@sha256:d557bf48ab4db2b2c98a65d1a028b7cde4363ee888c274d0629829c1b07977ef?arch=s390x&repository_url=registry.redhat.io/rhosdt/tempo-rhel8&tag=2.1.1-10", }, }, }, { category: "product_version", name: "rhosdt/tempo-gateway-rhel8@sha256:ac25a060b441ba7b1a2f282083e0900f26d159a02486d85bf496c28ce61ad970_s390x", product: { name: "rhosdt/tempo-gateway-rhel8@sha256:ac25a060b441ba7b1a2f282083e0900f26d159a02486d85bf496c28ce61ad970_s390x", product_id: "rhosdt/tempo-gateway-rhel8@sha256:ac25a060b441ba7b1a2f282083e0900f26d159a02486d85bf496c28ce61ad970_s390x", product_identification_helper: { purl: "pkg:oci/tempo-gateway-rhel8@sha256:ac25a060b441ba7b1a2f282083e0900f26d159a02486d85bf496c28ce61ad970?arch=s390x&repository_url=registry.redhat.io/rhosdt/tempo-gateway-rhel8&tag=742e3d3-3", }, }, }, { category: "product_version", name: "rhosdt/tempo-gateway-opa-rhel8@sha256:ae1228eb0e7c975eeec459749408a70324245aa99fd41bce03cd9f45ceb42d0b_s390x", product: { name: "rhosdt/tempo-gateway-opa-rhel8@sha256:ae1228eb0e7c975eeec459749408a70324245aa99fd41bce03cd9f45ceb42d0b_s390x", product_id: "rhosdt/tempo-gateway-opa-rhel8@sha256:ae1228eb0e7c975eeec459749408a70324245aa99fd41bce03cd9f45ceb42d0b_s390x", product_identification_helper: { purl: "pkg:oci/tempo-gateway-opa-rhel8@sha256:ae1228eb0e7c975eeec459749408a70324245aa99fd41bce03cd9f45ceb42d0b?arch=s390x&repository_url=registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8&tag=fe53f40-2", }, }, }, { category: "product_version", name: "rhosdt/tempo-operator-bundle@sha256:a66560fd323c9cb1466ca2fede9111665cadfc1ddaf9ce28e0aad6fdddf89763_s390x", product: { name: "rhosdt/tempo-operator-bundle@sha256:a66560fd323c9cb1466ca2fede9111665cadfc1ddaf9ce28e0aad6fdddf89763_s390x", product_id: "rhosdt/tempo-operator-bundle@sha256:a66560fd323c9cb1466ca2fede9111665cadfc1ddaf9ce28e0aad6fdddf89763_s390x", product_identification_helper: { purl: "pkg:oci/tempo-operator-bundle@sha256:a66560fd323c9cb1466ca2fede9111665cadfc1ddaf9ce28e0aad6fdddf89763?arch=s390x&repository_url=registry.redhat.io/rhosdt/tempo-operator-bundle&tag=0.3.1-11", }, }, }, { category: "product_version", name: "rhosdt/tempo-rhel8-operator@sha256:e9615e41e857331edacf87fcd98ced0a50fba92757131fdb433ad3e9490e4dd7_s390x", product: { name: "rhosdt/tempo-rhel8-operator@sha256:e9615e41e857331edacf87fcd98ced0a50fba92757131fdb433ad3e9490e4dd7_s390x", product_id: "rhosdt/tempo-rhel8-operator@sha256:e9615e41e857331edacf87fcd98ced0a50fba92757131fdb433ad3e9490e4dd7_s390x", product_identification_helper: { purl: "pkg:oci/tempo-rhel8-operator@sha256:e9615e41e857331edacf87fcd98ced0a50fba92757131fdb433ad3e9490e4dd7?arch=s390x&repository_url=registry.redhat.io/rhosdt/tempo-rhel8-operator&tag=0.3.1-3", }, }, }, { category: "product_version", name: "rhosdt/tempo-query-rhel8@sha256:a602d31cee6906b1d0218de85403decb0155746990f9cd218731c7d4e717f1a1_s390x", product: { name: "rhosdt/tempo-query-rhel8@sha256:a602d31cee6906b1d0218de85403decb0155746990f9cd218731c7d4e717f1a1_s390x", product_id: "rhosdt/tempo-query-rhel8@sha256:a602d31cee6906b1d0218de85403decb0155746990f9cd218731c7d4e717f1a1_s390x", product_identification_helper: { purl: "pkg:oci/tempo-query-rhel8@sha256:a602d31cee6906b1d0218de85403decb0155746990f9cd218731c7d4e717f1a1?arch=s390x&repository_url=registry.redhat.io/rhosdt/tempo-query-rhel8&tag=0.3.1-4", }, }, }, ], category: "architecture", name: "s390x", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "rhosdt/jaeger-agent-rhel8@sha256:2619637d44fd87e5c07301de93841899fffc109dcfaff59d56349cedc208a679_s390x as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:2619637d44fd87e5c07301de93841899fffc109dcfaff59d56349cedc208a679_s390x", }, product_reference: "rhosdt/jaeger-agent-rhel8@sha256:2619637d44fd87e5c07301de93841899fffc109dcfaff59d56349cedc208a679_s390x", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/jaeger-agent-rhel8@sha256:7ebe5c551baccd151d6ef2120eb7009570b33647bfd6332320dfa0f5f661ed8a_amd64 as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:7ebe5c551baccd151d6ef2120eb7009570b33647bfd6332320dfa0f5f661ed8a_amd64", }, product_reference: "rhosdt/jaeger-agent-rhel8@sha256:7ebe5c551baccd151d6ef2120eb7009570b33647bfd6332320dfa0f5f661ed8a_amd64", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/jaeger-agent-rhel8@sha256:952f7701d0c1d8ac9c01c0b2ff9d28a4dad480fd34e68eef162e41b5bb0a17e1_ppc64le as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:952f7701d0c1d8ac9c01c0b2ff9d28a4dad480fd34e68eef162e41b5bb0a17e1_ppc64le", }, product_reference: "rhosdt/jaeger-agent-rhel8@sha256:952f7701d0c1d8ac9c01c0b2ff9d28a4dad480fd34e68eef162e41b5bb0a17e1_ppc64le", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/jaeger-all-in-one-rhel8@sha256:16934a17528d69fb0d39f605364fbc012a3e4d7401df45c91c995ac8ef9ed920_ppc64le as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:16934a17528d69fb0d39f605364fbc012a3e4d7401df45c91c995ac8ef9ed920_ppc64le", }, product_reference: "rhosdt/jaeger-all-in-one-rhel8@sha256:16934a17528d69fb0d39f605364fbc012a3e4d7401df45c91c995ac8ef9ed920_ppc64le", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/jaeger-all-in-one-rhel8@sha256:bb3e6e3b54c116d45c23154b3f3bd122a99a62ceb4499cd56774f1e0cec1c214_amd64 as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:bb3e6e3b54c116d45c23154b3f3bd122a99a62ceb4499cd56774f1e0cec1c214_amd64", }, product_reference: "rhosdt/jaeger-all-in-one-rhel8@sha256:bb3e6e3b54c116d45c23154b3f3bd122a99a62ceb4499cd56774f1e0cec1c214_amd64", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/jaeger-all-in-one-rhel8@sha256:f99bb528c12edb65c36659a0a5d59d7a76449ce9649bf7c5be7b273f8485fc25_s390x as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:f99bb528c12edb65c36659a0a5d59d7a76449ce9649bf7c5be7b273f8485fc25_s390x", }, product_reference: "rhosdt/jaeger-all-in-one-rhel8@sha256:f99bb528c12edb65c36659a0a5d59d7a76449ce9649bf7c5be7b273f8485fc25_s390x", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/jaeger-collector-rhel8@sha256:467961ec80abc54ee85939f0287041223b181bb7c9a622b556785ff1dd8119f5_ppc64le as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:467961ec80abc54ee85939f0287041223b181bb7c9a622b556785ff1dd8119f5_ppc64le", }, product_reference: "rhosdt/jaeger-collector-rhel8@sha256:467961ec80abc54ee85939f0287041223b181bb7c9a622b556785ff1dd8119f5_ppc64le", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/jaeger-collector-rhel8@sha256:a7e722132e7a538443f59788b82edcc52f5ec22e9343725c4401c9bdf7093b9a_s390x as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:a7e722132e7a538443f59788b82edcc52f5ec22e9343725c4401c9bdf7093b9a_s390x", }, product_reference: "rhosdt/jaeger-collector-rhel8@sha256:a7e722132e7a538443f59788b82edcc52f5ec22e9343725c4401c9bdf7093b9a_s390x", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/jaeger-collector-rhel8@sha256:df8436011b04ced795985116fff8eb5cc0009f0002ce9c000f9db741980b5a72_amd64 as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:df8436011b04ced795985116fff8eb5cc0009f0002ce9c000f9db741980b5a72_amd64", }, product_reference: "rhosdt/jaeger-collector-rhel8@sha256:df8436011b04ced795985116fff8eb5cc0009f0002ce9c000f9db741980b5a72_amd64", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/jaeger-es-index-cleaner-rhel8@sha256:43f26cad1cd0ea7e5ac2e605077302473382ab85b3f8da72e49c4dd06114dab2_ppc64le as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:43f26cad1cd0ea7e5ac2e605077302473382ab85b3f8da72e49c4dd06114dab2_ppc64le", }, product_reference: "rhosdt/jaeger-es-index-cleaner-rhel8@sha256:43f26cad1cd0ea7e5ac2e605077302473382ab85b3f8da72e49c4dd06114dab2_ppc64le", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/jaeger-es-index-cleaner-rhel8@sha256:b0a3660137670fedc4e56ca656d56fb739c2fa48d9d0cf5f66fd150bd61365d5_s390x as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:b0a3660137670fedc4e56ca656d56fb739c2fa48d9d0cf5f66fd150bd61365d5_s390x", }, product_reference: "rhosdt/jaeger-es-index-cleaner-rhel8@sha256:b0a3660137670fedc4e56ca656d56fb739c2fa48d9d0cf5f66fd150bd61365d5_s390x", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c3883a6c2f828592783cd1cd336c23a29245e9c45b10dd2b6d1aa8b86a670c31_amd64 as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c3883a6c2f828592783cd1cd336c23a29245e9c45b10dd2b6d1aa8b86a670c31_amd64", }, product_reference: "rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c3883a6c2f828592783cd1cd336c23a29245e9c45b10dd2b6d1aa8b86a670c31_amd64", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/jaeger-es-rollover-rhel8@sha256:0c8511e092b0138282ce3997cf06d8ba5995b9aa17aa436bcb3eacad910ff54d_ppc64le as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:0c8511e092b0138282ce3997cf06d8ba5995b9aa17aa436bcb3eacad910ff54d_ppc64le", }, product_reference: "rhosdt/jaeger-es-rollover-rhel8@sha256:0c8511e092b0138282ce3997cf06d8ba5995b9aa17aa436bcb3eacad910ff54d_ppc64le", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/jaeger-es-rollover-rhel8@sha256:5068337fc3ab78c2bed33b7eb0f1c1cf67c753a00c006e945aded3ecad884edc_s390x as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:5068337fc3ab78c2bed33b7eb0f1c1cf67c753a00c006e945aded3ecad884edc_s390x", }, product_reference: "rhosdt/jaeger-es-rollover-rhel8@sha256:5068337fc3ab78c2bed33b7eb0f1c1cf67c753a00c006e945aded3ecad884edc_s390x", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/jaeger-es-rollover-rhel8@sha256:ba453c045a93b2ac9e9a820ca616ea4af912972a99a5e4b07135658f1ddc752d_amd64 as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:ba453c045a93b2ac9e9a820ca616ea4af912972a99a5e4b07135658f1ddc752d_amd64", }, product_reference: "rhosdt/jaeger-es-rollover-rhel8@sha256:ba453c045a93b2ac9e9a820ca616ea4af912972a99a5e4b07135658f1ddc752d_amd64", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/jaeger-ingester-rhel8@sha256:8341ef7ade15d0f823fb0ef8d1d2e2aab3f6078feae7a341a2f7b4c6bd94fba1_ppc64le as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:8341ef7ade15d0f823fb0ef8d1d2e2aab3f6078feae7a341a2f7b4c6bd94fba1_ppc64le", }, product_reference: "rhosdt/jaeger-ingester-rhel8@sha256:8341ef7ade15d0f823fb0ef8d1d2e2aab3f6078feae7a341a2f7b4c6bd94fba1_ppc64le", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/jaeger-ingester-rhel8@sha256:f117be17c9d1713db3719e4e1a7eb3b4697f9c12ac176c311b4c5d6ee27e59f9_s390x as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:f117be17c9d1713db3719e4e1a7eb3b4697f9c12ac176c311b4c5d6ee27e59f9_s390x", }, product_reference: "rhosdt/jaeger-ingester-rhel8@sha256:f117be17c9d1713db3719e4e1a7eb3b4697f9c12ac176c311b4c5d6ee27e59f9_s390x", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/jaeger-ingester-rhel8@sha256:f72338e446068e2487de8f6eb2249a69e27f24523a771e8aba0fcc2fbf263fe8_amd64 as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:f72338e446068e2487de8f6eb2249a69e27f24523a771e8aba0fcc2fbf263fe8_amd64", }, product_reference: "rhosdt/jaeger-ingester-rhel8@sha256:f72338e446068e2487de8f6eb2249a69e27f24523a771e8aba0fcc2fbf263fe8_amd64", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/jaeger-operator-bundle@sha256:5dfb4b1c8b7c835e0c493927cb5c22bc68989244e49e284f90a063d54c6d1aa9_amd64 as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:5dfb4b1c8b7c835e0c493927cb5c22bc68989244e49e284f90a063d54c6d1aa9_amd64", }, product_reference: "rhosdt/jaeger-operator-bundle@sha256:5dfb4b1c8b7c835e0c493927cb5c22bc68989244e49e284f90a063d54c6d1aa9_amd64", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/jaeger-operator-bundle@sha256:a59c693b975fad667a6cfebed3e2cf564419baf0a10aa27b71a22581b789dc10_ppc64le as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:a59c693b975fad667a6cfebed3e2cf564419baf0a10aa27b71a22581b789dc10_ppc64le", }, product_reference: "rhosdt/jaeger-operator-bundle@sha256:a59c693b975fad667a6cfebed3e2cf564419baf0a10aa27b71a22581b789dc10_ppc64le", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/jaeger-operator-bundle@sha256:bf2cc048dd6e18cb05a17a6de1e45cabd734af0f88555d0c1057bf3b82ac1e0f_s390x as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:bf2cc048dd6e18cb05a17a6de1e45cabd734af0f88555d0c1057bf3b82ac1e0f_s390x", }, product_reference: "rhosdt/jaeger-operator-bundle@sha256:bf2cc048dd6e18cb05a17a6de1e45cabd734af0f88555d0c1057bf3b82ac1e0f_s390x", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/jaeger-query-rhel8@sha256:4da3891b6d4df60dc7e0248bbb543d8363d32671bc3b0eb1671468dd4d3b7ebe_ppc64le as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:4da3891b6d4df60dc7e0248bbb543d8363d32671bc3b0eb1671468dd4d3b7ebe_ppc64le", }, product_reference: "rhosdt/jaeger-query-rhel8@sha256:4da3891b6d4df60dc7e0248bbb543d8363d32671bc3b0eb1671468dd4d3b7ebe_ppc64le", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/jaeger-query-rhel8@sha256:4e62b4264b5e4c63bc7d0cecf154dd481605e1d0ff94d563e9d6a8bc43c4835a_s390x as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:4e62b4264b5e4c63bc7d0cecf154dd481605e1d0ff94d563e9d6a8bc43c4835a_s390x", }, product_reference: "rhosdt/jaeger-query-rhel8@sha256:4e62b4264b5e4c63bc7d0cecf154dd481605e1d0ff94d563e9d6a8bc43c4835a_s390x", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/jaeger-query-rhel8@sha256:d9adfa493c64269d2ce744572d9a4c230e8a7c2503a35dbb3df5346e52a6dd2c_amd64 as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:d9adfa493c64269d2ce744572d9a4c230e8a7c2503a35dbb3df5346e52a6dd2c_amd64", }, product_reference: "rhosdt/jaeger-query-rhel8@sha256:d9adfa493c64269d2ce744572d9a4c230e8a7c2503a35dbb3df5346e52a6dd2c_amd64", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/jaeger-rhel8-operator@sha256:9198140a0252287e5114e04b97d5454227b51bac8fa4411dea1b0d0843f3c668_amd64 as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:9198140a0252287e5114e04b97d5454227b51bac8fa4411dea1b0d0843f3c668_amd64", }, product_reference: "rhosdt/jaeger-rhel8-operator@sha256:9198140a0252287e5114e04b97d5454227b51bac8fa4411dea1b0d0843f3c668_amd64", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/jaeger-rhel8-operator@sha256:a9173c66a6929bf5fc689bd434203155e365d23e5e9ae7666d89224ec39df975_s390x as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:a9173c66a6929bf5fc689bd434203155e365d23e5e9ae7666d89224ec39df975_s390x", }, product_reference: "rhosdt/jaeger-rhel8-operator@sha256:a9173c66a6929bf5fc689bd434203155e365d23e5e9ae7666d89224ec39df975_s390x", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/jaeger-rhel8-operator@sha256:e50b850a731b7ab45345ab4e9495e4806ac0c6f8ba9ae13b83673a3b06a014f9_ppc64le as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:e50b850a731b7ab45345ab4e9495e4806ac0c6f8ba9ae13b83673a3b06a014f9_ppc64le", }, product_reference: "rhosdt/jaeger-rhel8-operator@sha256:e50b850a731b7ab45345ab4e9495e4806ac0c6f8ba9ae13b83673a3b06a014f9_ppc64le", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/opentelemetry-collector-rhel8@sha256:2adc2877050289ee2568c4f03ce171dc2c30bf86976fcc63c09bd0bf18b92cc4_amd64 as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:2adc2877050289ee2568c4f03ce171dc2c30bf86976fcc63c09bd0bf18b92cc4_amd64", }, product_reference: "rhosdt/opentelemetry-collector-rhel8@sha256:2adc2877050289ee2568c4f03ce171dc2c30bf86976fcc63c09bd0bf18b92cc4_amd64", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/opentelemetry-collector-rhel8@sha256:73017b0ad2d4ea26900253abdc9a62d55a40ff04905a391e91610ad7a9d762d3_ppc64le as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:73017b0ad2d4ea26900253abdc9a62d55a40ff04905a391e91610ad7a9d762d3_ppc64le", }, product_reference: "rhosdt/opentelemetry-collector-rhel8@sha256:73017b0ad2d4ea26900253abdc9a62d55a40ff04905a391e91610ad7a9d762d3_ppc64le", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/opentelemetry-collector-rhel8@sha256:cb9a2f0df6852eb9d11deb8c4c14142bcae17a70301c55974fd0d87116814c9f_s390x as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:cb9a2f0df6852eb9d11deb8c4c14142bcae17a70301c55974fd0d87116814c9f_s390x", }, product_reference: "rhosdt/opentelemetry-collector-rhel8@sha256:cb9a2f0df6852eb9d11deb8c4c14142bcae17a70301c55974fd0d87116814c9f_s390x", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/opentelemetry-operator-bundle@sha256:0ec97472d9bb1d99bfc0653194acf1b44de185a9e63756fb692acaa713ade2db_s390x as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:0ec97472d9bb1d99bfc0653194acf1b44de185a9e63756fb692acaa713ade2db_s390x", }, product_reference: "rhosdt/opentelemetry-operator-bundle@sha256:0ec97472d9bb1d99bfc0653194acf1b44de185a9e63756fb692acaa713ade2db_s390x", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/opentelemetry-operator-bundle@sha256:33f921009c9baaf82d3d10406073e9da9b31540d6b3b421c7a3659e2d8310179_ppc64le as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:33f921009c9baaf82d3d10406073e9da9b31540d6b3b421c7a3659e2d8310179_ppc64le", }, product_reference: "rhosdt/opentelemetry-operator-bundle@sha256:33f921009c9baaf82d3d10406073e9da9b31540d6b3b421c7a3659e2d8310179_ppc64le", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/opentelemetry-operator-bundle@sha256:eaa126d86aecf2bd330f2234104a905a71ab280a4d74a2614d98daaf13e821e2_amd64 as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:eaa126d86aecf2bd330f2234104a905a71ab280a4d74a2614d98daaf13e821e2_amd64", }, product_reference: "rhosdt/opentelemetry-operator-bundle@sha256:eaa126d86aecf2bd330f2234104a905a71ab280a4d74a2614d98daaf13e821e2_amd64", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/opentelemetry-rhel8-operator@sha256:746f118b9224ba6a175526f265d956ae8ce6c7c170db2217bd34b028f03999af_amd64 as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:746f118b9224ba6a175526f265d956ae8ce6c7c170db2217bd34b028f03999af_amd64", }, product_reference: "rhosdt/opentelemetry-rhel8-operator@sha256:746f118b9224ba6a175526f265d956ae8ce6c7c170db2217bd34b028f03999af_amd64", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/opentelemetry-rhel8-operator@sha256:8a237928d7c059ecd5d1f3aad89ab094a73452e221c133cd9c5c7689db9b87bf_ppc64le as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:8a237928d7c059ecd5d1f3aad89ab094a73452e221c133cd9c5c7689db9b87bf_ppc64le", }, product_reference: "rhosdt/opentelemetry-rhel8-operator@sha256:8a237928d7c059ecd5d1f3aad89ab094a73452e221c133cd9c5c7689db9b87bf_ppc64le", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/opentelemetry-rhel8-operator@sha256:ecead456f33621f78b97d0d151f816d39246af1ca69696616f033213791142dc_s390x as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:ecead456f33621f78b97d0d151f816d39246af1ca69696616f033213791142dc_s390x", }, product_reference: "rhosdt/opentelemetry-rhel8-operator@sha256:ecead456f33621f78b97d0d151f816d39246af1ca69696616f033213791142dc_s390x", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/tempo-gateway-opa-rhel8@sha256:ae1228eb0e7c975eeec459749408a70324245aa99fd41bce03cd9f45ceb42d0b_s390x as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:ae1228eb0e7c975eeec459749408a70324245aa99fd41bce03cd9f45ceb42d0b_s390x", }, product_reference: "rhosdt/tempo-gateway-opa-rhel8@sha256:ae1228eb0e7c975eeec459749408a70324245aa99fd41bce03cd9f45ceb42d0b_s390x", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/tempo-gateway-opa-rhel8@sha256:cbad12c58f243298974f51d2278730feb5fbb74cdc6de409dd0578794ab6c1a4_ppc64le as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:cbad12c58f243298974f51d2278730feb5fbb74cdc6de409dd0578794ab6c1a4_ppc64le", }, product_reference: "rhosdt/tempo-gateway-opa-rhel8@sha256:cbad12c58f243298974f51d2278730feb5fbb74cdc6de409dd0578794ab6c1a4_ppc64le", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/tempo-gateway-opa-rhel8@sha256:dd22e49f8d5aa7f009169aec3c43e68307e0842cde9260a70dd424159e61c89d_amd64 as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:dd22e49f8d5aa7f009169aec3c43e68307e0842cde9260a70dd424159e61c89d_amd64", }, product_reference: "rhosdt/tempo-gateway-opa-rhel8@sha256:dd22e49f8d5aa7f009169aec3c43e68307e0842cde9260a70dd424159e61c89d_amd64", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/tempo-gateway-rhel8@sha256:3c15440847fbc38023d590dd5f93ee524f53e2999c4483cfb3ba9bbf6bba904f_ppc64le as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:3c15440847fbc38023d590dd5f93ee524f53e2999c4483cfb3ba9bbf6bba904f_ppc64le", }, product_reference: "rhosdt/tempo-gateway-rhel8@sha256:3c15440847fbc38023d590dd5f93ee524f53e2999c4483cfb3ba9bbf6bba904f_ppc64le", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/tempo-gateway-rhel8@sha256:9e9d91554f5edb5a3e00f2a294056bb540ed1597fc8af5d44432ce81d54bf977_amd64 as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:9e9d91554f5edb5a3e00f2a294056bb540ed1597fc8af5d44432ce81d54bf977_amd64", }, product_reference: "rhosdt/tempo-gateway-rhel8@sha256:9e9d91554f5edb5a3e00f2a294056bb540ed1597fc8af5d44432ce81d54bf977_amd64", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/tempo-gateway-rhel8@sha256:ac25a060b441ba7b1a2f282083e0900f26d159a02486d85bf496c28ce61ad970_s390x as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:ac25a060b441ba7b1a2f282083e0900f26d159a02486d85bf496c28ce61ad970_s390x", }, product_reference: "rhosdt/tempo-gateway-rhel8@sha256:ac25a060b441ba7b1a2f282083e0900f26d159a02486d85bf496c28ce61ad970_s390x", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/tempo-operator-bundle@sha256:6df979ecc2195ddd8c1b84a0355fa4df58cf55c34f0b07669659d72501a701d4_ppc64le as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:6df979ecc2195ddd8c1b84a0355fa4df58cf55c34f0b07669659d72501a701d4_ppc64le", }, product_reference: "rhosdt/tempo-operator-bundle@sha256:6df979ecc2195ddd8c1b84a0355fa4df58cf55c34f0b07669659d72501a701d4_ppc64le", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/tempo-operator-bundle@sha256:a66560fd323c9cb1466ca2fede9111665cadfc1ddaf9ce28e0aad6fdddf89763_s390x as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:a66560fd323c9cb1466ca2fede9111665cadfc1ddaf9ce28e0aad6fdddf89763_s390x", }, product_reference: "rhosdt/tempo-operator-bundle@sha256:a66560fd323c9cb1466ca2fede9111665cadfc1ddaf9ce28e0aad6fdddf89763_s390x", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/tempo-operator-bundle@sha256:b6ec1460415bf8c69d82cf9267494dc5445242b6a0957318eae5bf333693cb2e_amd64 as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:b6ec1460415bf8c69d82cf9267494dc5445242b6a0957318eae5bf333693cb2e_amd64", }, product_reference: "rhosdt/tempo-operator-bundle@sha256:b6ec1460415bf8c69d82cf9267494dc5445242b6a0957318eae5bf333693cb2e_amd64", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/tempo-query-rhel8@sha256:0d51e3a8b92cab3b8f5221fc076b2079a68e7ba75f7f3ecb9322fe7ba77e862f_ppc64le as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:0d51e3a8b92cab3b8f5221fc076b2079a68e7ba75f7f3ecb9322fe7ba77e862f_ppc64le", }, product_reference: "rhosdt/tempo-query-rhel8@sha256:0d51e3a8b92cab3b8f5221fc076b2079a68e7ba75f7f3ecb9322fe7ba77e862f_ppc64le", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/tempo-query-rhel8@sha256:a602d31cee6906b1d0218de85403decb0155746990f9cd218731c7d4e717f1a1_s390x as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:a602d31cee6906b1d0218de85403decb0155746990f9cd218731c7d4e717f1a1_s390x", }, product_reference: "rhosdt/tempo-query-rhel8@sha256:a602d31cee6906b1d0218de85403decb0155746990f9cd218731c7d4e717f1a1_s390x", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/tempo-query-rhel8@sha256:b903b41e1096a25b53c5272c8457baa352e2c83fa997852d4a8ed614e2c02802_amd64 as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:b903b41e1096a25b53c5272c8457baa352e2c83fa997852d4a8ed614e2c02802_amd64", }, product_reference: "rhosdt/tempo-query-rhel8@sha256:b903b41e1096a25b53c5272c8457baa352e2c83fa997852d4a8ed614e2c02802_amd64", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/tempo-rhel8-operator@sha256:5aee6e4bfecba226d276b95c62a68a1b6d513d60c9c8aff84752725e6c01b8c0_ppc64le as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:5aee6e4bfecba226d276b95c62a68a1b6d513d60c9c8aff84752725e6c01b8c0_ppc64le", }, product_reference: "rhosdt/tempo-rhel8-operator@sha256:5aee6e4bfecba226d276b95c62a68a1b6d513d60c9c8aff84752725e6c01b8c0_ppc64le", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/tempo-rhel8-operator@sha256:a18638de4d39738b696f044e0d181fdeaf82499f2a2b4b46c07675db5fbe8c3f_amd64 as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:a18638de4d39738b696f044e0d181fdeaf82499f2a2b4b46c07675db5fbe8c3f_amd64", }, product_reference: "rhosdt/tempo-rhel8-operator@sha256:a18638de4d39738b696f044e0d181fdeaf82499f2a2b4b46c07675db5fbe8c3f_amd64", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/tempo-rhel8-operator@sha256:e9615e41e857331edacf87fcd98ced0a50fba92757131fdb433ad3e9490e4dd7_s390x as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:e9615e41e857331edacf87fcd98ced0a50fba92757131fdb433ad3e9490e4dd7_s390x", }, product_reference: "rhosdt/tempo-rhel8-operator@sha256:e9615e41e857331edacf87fcd98ced0a50fba92757131fdb433ad3e9490e4dd7_s390x", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/tempo-rhel8@sha256:29200f7311b63df76f6723878e4a8e2c315376b421e4e5febe2323a926d48594_amd64 as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:29200f7311b63df76f6723878e4a8e2c315376b421e4e5febe2323a926d48594_amd64", }, product_reference: "rhosdt/tempo-rhel8@sha256:29200f7311b63df76f6723878e4a8e2c315376b421e4e5febe2323a926d48594_amd64", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/tempo-rhel8@sha256:42c59f6a87c791fd6a3e829af331e2c5778612f503b402c0a08278cc9dc09ef7_ppc64le as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:42c59f6a87c791fd6a3e829af331e2c5778612f503b402c0a08278cc9dc09ef7_ppc64le", }, product_reference: "rhosdt/tempo-rhel8@sha256:42c59f6a87c791fd6a3e829af331e2c5778612f503b402c0a08278cc9dc09ef7_ppc64le", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/tempo-rhel8@sha256:d557bf48ab4db2b2c98a65d1a028b7cde4363ee888c274d0629829c1b07977ef_s390x as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:d557bf48ab4db2b2c98a65d1a028b7cde4363ee888c274d0629829c1b07977ef_s390x", }, product_reference: "rhosdt/tempo-rhel8@sha256:d557bf48ab4db2b2c98a65d1a028b7cde4363ee888c274d0629829c1b07977ef_s390x", relates_to_product_reference: "8Base-RHOSDT-2.9", }, ], }, vulnerabilities: [ { cve: "CVE-2023-46234", cwe: { id: "CWE-347", name: "Improper Verification of Cryptographic Signature", }, discovery_date: "2023-10-27T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2246470", }, ], notes: [ { category: "description", text: "A flaw was found in browserify-sign node package. This issue may allow a malicious user to execute a signature forgery attack by not correctly checking cryptographic signatures for DSA data, resulting in a jeopardized environment.", title: "Vulnerability description", }, { category: "summary", text: "browserify-sign: upper bound check issue in dsaVerify leads to a signature forgery attack", title: "Vulnerability summary", }, { category: "other", text: "An attacker could impact the integrity of a server when handling unknown input due to the lack of DSA verification, for example, pretending to be a legitimate user, gaining unauthorized access. Therefore, the impact for this vulnerability is important.\n\nRed Hat Fuse 7 uses browserify-sign as a transitive development dependency, hence the Low impact.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:2619637d44fd87e5c07301de93841899fffc109dcfaff59d56349cedc208a679_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:7ebe5c551baccd151d6ef2120eb7009570b33647bfd6332320dfa0f5f661ed8a_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:952f7701d0c1d8ac9c01c0b2ff9d28a4dad480fd34e68eef162e41b5bb0a17e1_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:16934a17528d69fb0d39f605364fbc012a3e4d7401df45c91c995ac8ef9ed920_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:bb3e6e3b54c116d45c23154b3f3bd122a99a62ceb4499cd56774f1e0cec1c214_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:f99bb528c12edb65c36659a0a5d59d7a76449ce9649bf7c5be7b273f8485fc25_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:467961ec80abc54ee85939f0287041223b181bb7c9a622b556785ff1dd8119f5_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:a7e722132e7a538443f59788b82edcc52f5ec22e9343725c4401c9bdf7093b9a_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:df8436011b04ced795985116fff8eb5cc0009f0002ce9c000f9db741980b5a72_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:43f26cad1cd0ea7e5ac2e605077302473382ab85b3f8da72e49c4dd06114dab2_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:b0a3660137670fedc4e56ca656d56fb739c2fa48d9d0cf5f66fd150bd61365d5_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c3883a6c2f828592783cd1cd336c23a29245e9c45b10dd2b6d1aa8b86a670c31_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:0c8511e092b0138282ce3997cf06d8ba5995b9aa17aa436bcb3eacad910ff54d_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:5068337fc3ab78c2bed33b7eb0f1c1cf67c753a00c006e945aded3ecad884edc_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:ba453c045a93b2ac9e9a820ca616ea4af912972a99a5e4b07135658f1ddc752d_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:8341ef7ade15d0f823fb0ef8d1d2e2aab3f6078feae7a341a2f7b4c6bd94fba1_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:f117be17c9d1713db3719e4e1a7eb3b4697f9c12ac176c311b4c5d6ee27e59f9_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:f72338e446068e2487de8f6eb2249a69e27f24523a771e8aba0fcc2fbf263fe8_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:5dfb4b1c8b7c835e0c493927cb5c22bc68989244e49e284f90a063d54c6d1aa9_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:a59c693b975fad667a6cfebed3e2cf564419baf0a10aa27b71a22581b789dc10_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:bf2cc048dd6e18cb05a17a6de1e45cabd734af0f88555d0c1057bf3b82ac1e0f_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:4da3891b6d4df60dc7e0248bbb543d8363d32671bc3b0eb1671468dd4d3b7ebe_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:4e62b4264b5e4c63bc7d0cecf154dd481605e1d0ff94d563e9d6a8bc43c4835a_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:d9adfa493c64269d2ce744572d9a4c230e8a7c2503a35dbb3df5346e52a6dd2c_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:9198140a0252287e5114e04b97d5454227b51bac8fa4411dea1b0d0843f3c668_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:a9173c66a6929bf5fc689bd434203155e365d23e5e9ae7666d89224ec39df975_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:e50b850a731b7ab45345ab4e9495e4806ac0c6f8ba9ae13b83673a3b06a014f9_ppc64le", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:2adc2877050289ee2568c4f03ce171dc2c30bf86976fcc63c09bd0bf18b92cc4_amd64", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:73017b0ad2d4ea26900253abdc9a62d55a40ff04905a391e91610ad7a9d762d3_ppc64le", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:cb9a2f0df6852eb9d11deb8c4c14142bcae17a70301c55974fd0d87116814c9f_s390x", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:0ec97472d9bb1d99bfc0653194acf1b44de185a9e63756fb692acaa713ade2db_s390x", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:33f921009c9baaf82d3d10406073e9da9b31540d6b3b421c7a3659e2d8310179_ppc64le", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:eaa126d86aecf2bd330f2234104a905a71ab280a4d74a2614d98daaf13e821e2_amd64", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:746f118b9224ba6a175526f265d956ae8ce6c7c170db2217bd34b028f03999af_amd64", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:8a237928d7c059ecd5d1f3aad89ab094a73452e221c133cd9c5c7689db9b87bf_ppc64le", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:ecead456f33621f78b97d0d151f816d39246af1ca69696616f033213791142dc_s390x", "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:ae1228eb0e7c975eeec459749408a70324245aa99fd41bce03cd9f45ceb42d0b_s390x", "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:cbad12c58f243298974f51d2278730feb5fbb74cdc6de409dd0578794ab6c1a4_ppc64le", "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:dd22e49f8d5aa7f009169aec3c43e68307e0842cde9260a70dd424159e61c89d_amd64", "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:3c15440847fbc38023d590dd5f93ee524f53e2999c4483cfb3ba9bbf6bba904f_ppc64le", "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:9e9d91554f5edb5a3e00f2a294056bb540ed1597fc8af5d44432ce81d54bf977_amd64", "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:ac25a060b441ba7b1a2f282083e0900f26d159a02486d85bf496c28ce61ad970_s390x", "8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:6df979ecc2195ddd8c1b84a0355fa4df58cf55c34f0b07669659d72501a701d4_ppc64le", "8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:a66560fd323c9cb1466ca2fede9111665cadfc1ddaf9ce28e0aad6fdddf89763_s390x", "8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:b6ec1460415bf8c69d82cf9267494dc5445242b6a0957318eae5bf333693cb2e_amd64", "8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:0d51e3a8b92cab3b8f5221fc076b2079a68e7ba75f7f3ecb9322fe7ba77e862f_ppc64le", "8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:a602d31cee6906b1d0218de85403decb0155746990f9cd218731c7d4e717f1a1_s390x", "8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:b903b41e1096a25b53c5272c8457baa352e2c83fa997852d4a8ed614e2c02802_amd64", "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:5aee6e4bfecba226d276b95c62a68a1b6d513d60c9c8aff84752725e6c01b8c0_ppc64le", "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:a18638de4d39738b696f044e0d181fdeaf82499f2a2b4b46c07675db5fbe8c3f_amd64", "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:e9615e41e857331edacf87fcd98ced0a50fba92757131fdb433ad3e9490e4dd7_s390x", "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:29200f7311b63df76f6723878e4a8e2c315376b421e4e5febe2323a926d48594_amd64", "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:42c59f6a87c791fd6a3e829af331e2c5778612f503b402c0a08278cc9dc09ef7_ppc64le", "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:d557bf48ab4db2b2c98a65d1a028b7cde4363ee888c274d0629829c1b07977ef_s390x", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-46234", }, { category: "external", summary: "RHBZ#2246470", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2246470", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-46234", url: "https://www.cve.org/CVERecord?id=CVE-2023-46234", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-46234", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-46234", }, { category: "external", summary: "https://github.com/browserify/browserify-sign/security/advisories/GHSA-x9w5-v3q2-3rhw", url: "https://github.com/browserify/browserify-sign/security/advisories/GHSA-x9w5-v3q2-3rhw", }, ], release_date: "2023-10-26T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-10-30T12:53:43+00:00", details: "To update all RPMs for your particular architecture, run:\n\nrpm -Fvh [filenames]\n\nwhere [filenames] is a list of the RPMs you wish to upgrade. Only those RPMs which are currently installed will be updated. Those RPMs which are\nnot installed but included in the list will not be updated. Note that you can also use wildcards (*.rpm) if your current directory *only* contains the desired RPMs.\n\nPlease note that this update is also available via Red Hat Network. Many people find this an easier way to apply updates. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate RPMs being upgraded on your system.", product_ids: [ "8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:2619637d44fd87e5c07301de93841899fffc109dcfaff59d56349cedc208a679_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:7ebe5c551baccd151d6ef2120eb7009570b33647bfd6332320dfa0f5f661ed8a_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:952f7701d0c1d8ac9c01c0b2ff9d28a4dad480fd34e68eef162e41b5bb0a17e1_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:16934a17528d69fb0d39f605364fbc012a3e4d7401df45c91c995ac8ef9ed920_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:bb3e6e3b54c116d45c23154b3f3bd122a99a62ceb4499cd56774f1e0cec1c214_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:f99bb528c12edb65c36659a0a5d59d7a76449ce9649bf7c5be7b273f8485fc25_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:467961ec80abc54ee85939f0287041223b181bb7c9a622b556785ff1dd8119f5_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:a7e722132e7a538443f59788b82edcc52f5ec22e9343725c4401c9bdf7093b9a_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:df8436011b04ced795985116fff8eb5cc0009f0002ce9c000f9db741980b5a72_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:43f26cad1cd0ea7e5ac2e605077302473382ab85b3f8da72e49c4dd06114dab2_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:b0a3660137670fedc4e56ca656d56fb739c2fa48d9d0cf5f66fd150bd61365d5_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c3883a6c2f828592783cd1cd336c23a29245e9c45b10dd2b6d1aa8b86a670c31_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:0c8511e092b0138282ce3997cf06d8ba5995b9aa17aa436bcb3eacad910ff54d_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:5068337fc3ab78c2bed33b7eb0f1c1cf67c753a00c006e945aded3ecad884edc_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:ba453c045a93b2ac9e9a820ca616ea4af912972a99a5e4b07135658f1ddc752d_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:8341ef7ade15d0f823fb0ef8d1d2e2aab3f6078feae7a341a2f7b4c6bd94fba1_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:f117be17c9d1713db3719e4e1a7eb3b4697f9c12ac176c311b4c5d6ee27e59f9_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:f72338e446068e2487de8f6eb2249a69e27f24523a771e8aba0fcc2fbf263fe8_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:5dfb4b1c8b7c835e0c493927cb5c22bc68989244e49e284f90a063d54c6d1aa9_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:a59c693b975fad667a6cfebed3e2cf564419baf0a10aa27b71a22581b789dc10_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:bf2cc048dd6e18cb05a17a6de1e45cabd734af0f88555d0c1057bf3b82ac1e0f_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:4da3891b6d4df60dc7e0248bbb543d8363d32671bc3b0eb1671468dd4d3b7ebe_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:4e62b4264b5e4c63bc7d0cecf154dd481605e1d0ff94d563e9d6a8bc43c4835a_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:d9adfa493c64269d2ce744572d9a4c230e8a7c2503a35dbb3df5346e52a6dd2c_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:9198140a0252287e5114e04b97d5454227b51bac8fa4411dea1b0d0843f3c668_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:a9173c66a6929bf5fc689bd434203155e365d23e5e9ae7666d89224ec39df975_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:e50b850a731b7ab45345ab4e9495e4806ac0c6f8ba9ae13b83673a3b06a014f9_ppc64le", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:2adc2877050289ee2568c4f03ce171dc2c30bf86976fcc63c09bd0bf18b92cc4_amd64", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:73017b0ad2d4ea26900253abdc9a62d55a40ff04905a391e91610ad7a9d762d3_ppc64le", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:cb9a2f0df6852eb9d11deb8c4c14142bcae17a70301c55974fd0d87116814c9f_s390x", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:0ec97472d9bb1d99bfc0653194acf1b44de185a9e63756fb692acaa713ade2db_s390x", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:33f921009c9baaf82d3d10406073e9da9b31540d6b3b421c7a3659e2d8310179_ppc64le", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:eaa126d86aecf2bd330f2234104a905a71ab280a4d74a2614d98daaf13e821e2_amd64", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:746f118b9224ba6a175526f265d956ae8ce6c7c170db2217bd34b028f03999af_amd64", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:8a237928d7c059ecd5d1f3aad89ab094a73452e221c133cd9c5c7689db9b87bf_ppc64le", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:ecead456f33621f78b97d0d151f816d39246af1ca69696616f033213791142dc_s390x", "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:ae1228eb0e7c975eeec459749408a70324245aa99fd41bce03cd9f45ceb42d0b_s390x", "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:cbad12c58f243298974f51d2278730feb5fbb74cdc6de409dd0578794ab6c1a4_ppc64le", "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:dd22e49f8d5aa7f009169aec3c43e68307e0842cde9260a70dd424159e61c89d_amd64", "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:3c15440847fbc38023d590dd5f93ee524f53e2999c4483cfb3ba9bbf6bba904f_ppc64le", "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:9e9d91554f5edb5a3e00f2a294056bb540ed1597fc8af5d44432ce81d54bf977_amd64", "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:ac25a060b441ba7b1a2f282083e0900f26d159a02486d85bf496c28ce61ad970_s390x", "8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:6df979ecc2195ddd8c1b84a0355fa4df58cf55c34f0b07669659d72501a701d4_ppc64le", "8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:a66560fd323c9cb1466ca2fede9111665cadfc1ddaf9ce28e0aad6fdddf89763_s390x", "8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:b6ec1460415bf8c69d82cf9267494dc5445242b6a0957318eae5bf333693cb2e_amd64", "8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:0d51e3a8b92cab3b8f5221fc076b2079a68e7ba75f7f3ecb9322fe7ba77e862f_ppc64le", "8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:a602d31cee6906b1d0218de85403decb0155746990f9cd218731c7d4e717f1a1_s390x", "8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:b903b41e1096a25b53c5272c8457baa352e2c83fa997852d4a8ed614e2c02802_amd64", "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:5aee6e4bfecba226d276b95c62a68a1b6d513d60c9c8aff84752725e6c01b8c0_ppc64le", "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:a18638de4d39738b696f044e0d181fdeaf82499f2a2b4b46c07675db5fbe8c3f_amd64", "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:e9615e41e857331edacf87fcd98ced0a50fba92757131fdb433ad3e9490e4dd7_s390x", "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:29200f7311b63df76f6723878e4a8e2c315376b421e4e5febe2323a926d48594_amd64", "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:42c59f6a87c791fd6a3e829af331e2c5778612f503b402c0a08278cc9dc09ef7_ppc64le", "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:d557bf48ab4db2b2c98a65d1a028b7cde4363ee888c274d0629829c1b07977ef_s390x", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:6180", }, { category: "workaround", details: "No current mitigation is yet available for this flaw.", product_ids: [ "8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:2619637d44fd87e5c07301de93841899fffc109dcfaff59d56349cedc208a679_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:7ebe5c551baccd151d6ef2120eb7009570b33647bfd6332320dfa0f5f661ed8a_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:952f7701d0c1d8ac9c01c0b2ff9d28a4dad480fd34e68eef162e41b5bb0a17e1_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:16934a17528d69fb0d39f605364fbc012a3e4d7401df45c91c995ac8ef9ed920_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:bb3e6e3b54c116d45c23154b3f3bd122a99a62ceb4499cd56774f1e0cec1c214_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:f99bb528c12edb65c36659a0a5d59d7a76449ce9649bf7c5be7b273f8485fc25_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:467961ec80abc54ee85939f0287041223b181bb7c9a622b556785ff1dd8119f5_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:a7e722132e7a538443f59788b82edcc52f5ec22e9343725c4401c9bdf7093b9a_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:df8436011b04ced795985116fff8eb5cc0009f0002ce9c000f9db741980b5a72_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:43f26cad1cd0ea7e5ac2e605077302473382ab85b3f8da72e49c4dd06114dab2_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:b0a3660137670fedc4e56ca656d56fb739c2fa48d9d0cf5f66fd150bd61365d5_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c3883a6c2f828592783cd1cd336c23a29245e9c45b10dd2b6d1aa8b86a670c31_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:0c8511e092b0138282ce3997cf06d8ba5995b9aa17aa436bcb3eacad910ff54d_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:5068337fc3ab78c2bed33b7eb0f1c1cf67c753a00c006e945aded3ecad884edc_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:ba453c045a93b2ac9e9a820ca616ea4af912972a99a5e4b07135658f1ddc752d_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:8341ef7ade15d0f823fb0ef8d1d2e2aab3f6078feae7a341a2f7b4c6bd94fba1_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:f117be17c9d1713db3719e4e1a7eb3b4697f9c12ac176c311b4c5d6ee27e59f9_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:f72338e446068e2487de8f6eb2249a69e27f24523a771e8aba0fcc2fbf263fe8_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:5dfb4b1c8b7c835e0c493927cb5c22bc68989244e49e284f90a063d54c6d1aa9_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:a59c693b975fad667a6cfebed3e2cf564419baf0a10aa27b71a22581b789dc10_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:bf2cc048dd6e18cb05a17a6de1e45cabd734af0f88555d0c1057bf3b82ac1e0f_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:4da3891b6d4df60dc7e0248bbb543d8363d32671bc3b0eb1671468dd4d3b7ebe_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:4e62b4264b5e4c63bc7d0cecf154dd481605e1d0ff94d563e9d6a8bc43c4835a_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:d9adfa493c64269d2ce744572d9a4c230e8a7c2503a35dbb3df5346e52a6dd2c_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:9198140a0252287e5114e04b97d5454227b51bac8fa4411dea1b0d0843f3c668_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:a9173c66a6929bf5fc689bd434203155e365d23e5e9ae7666d89224ec39df975_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:e50b850a731b7ab45345ab4e9495e4806ac0c6f8ba9ae13b83673a3b06a014f9_ppc64le", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:2adc2877050289ee2568c4f03ce171dc2c30bf86976fcc63c09bd0bf18b92cc4_amd64", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:73017b0ad2d4ea26900253abdc9a62d55a40ff04905a391e91610ad7a9d762d3_ppc64le", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:cb9a2f0df6852eb9d11deb8c4c14142bcae17a70301c55974fd0d87116814c9f_s390x", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:0ec97472d9bb1d99bfc0653194acf1b44de185a9e63756fb692acaa713ade2db_s390x", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:33f921009c9baaf82d3d10406073e9da9b31540d6b3b421c7a3659e2d8310179_ppc64le", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:eaa126d86aecf2bd330f2234104a905a71ab280a4d74a2614d98daaf13e821e2_amd64", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:746f118b9224ba6a175526f265d956ae8ce6c7c170db2217bd34b028f03999af_amd64", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:8a237928d7c059ecd5d1f3aad89ab094a73452e221c133cd9c5c7689db9b87bf_ppc64le", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:ecead456f33621f78b97d0d151f816d39246af1ca69696616f033213791142dc_s390x", "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:ae1228eb0e7c975eeec459749408a70324245aa99fd41bce03cd9f45ceb42d0b_s390x", "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:cbad12c58f243298974f51d2278730feb5fbb74cdc6de409dd0578794ab6c1a4_ppc64le", "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:dd22e49f8d5aa7f009169aec3c43e68307e0842cde9260a70dd424159e61c89d_amd64", "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:3c15440847fbc38023d590dd5f93ee524f53e2999c4483cfb3ba9bbf6bba904f_ppc64le", "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:9e9d91554f5edb5a3e00f2a294056bb540ed1597fc8af5d44432ce81d54bf977_amd64", "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:ac25a060b441ba7b1a2f282083e0900f26d159a02486d85bf496c28ce61ad970_s390x", "8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:6df979ecc2195ddd8c1b84a0355fa4df58cf55c34f0b07669659d72501a701d4_ppc64le", "8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:a66560fd323c9cb1466ca2fede9111665cadfc1ddaf9ce28e0aad6fdddf89763_s390x", "8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:b6ec1460415bf8c69d82cf9267494dc5445242b6a0957318eae5bf333693cb2e_amd64", "8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:0d51e3a8b92cab3b8f5221fc076b2079a68e7ba75f7f3ecb9322fe7ba77e862f_ppc64le", "8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:a602d31cee6906b1d0218de85403decb0155746990f9cd218731c7d4e717f1a1_s390x", "8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:b903b41e1096a25b53c5272c8457baa352e2c83fa997852d4a8ed614e2c02802_amd64", "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:5aee6e4bfecba226d276b95c62a68a1b6d513d60c9c8aff84752725e6c01b8c0_ppc64le", "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:a18638de4d39738b696f044e0d181fdeaf82499f2a2b4b46c07675db5fbe8c3f_amd64", "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:e9615e41e857331edacf87fcd98ced0a50fba92757131fdb433ad3e9490e4dd7_s390x", "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:29200f7311b63df76f6723878e4a8e2c315376b421e4e5febe2323a926d48594_amd64", "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:42c59f6a87c791fd6a3e829af331e2c5778612f503b402c0a08278cc9dc09ef7_ppc64le", "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:d557bf48ab4db2b2c98a65d1a028b7cde4363ee888c274d0629829c1b07977ef_s390x", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:2619637d44fd87e5c07301de93841899fffc109dcfaff59d56349cedc208a679_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:7ebe5c551baccd151d6ef2120eb7009570b33647bfd6332320dfa0f5f661ed8a_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:952f7701d0c1d8ac9c01c0b2ff9d28a4dad480fd34e68eef162e41b5bb0a17e1_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:16934a17528d69fb0d39f605364fbc012a3e4d7401df45c91c995ac8ef9ed920_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:bb3e6e3b54c116d45c23154b3f3bd122a99a62ceb4499cd56774f1e0cec1c214_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:f99bb528c12edb65c36659a0a5d59d7a76449ce9649bf7c5be7b273f8485fc25_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:467961ec80abc54ee85939f0287041223b181bb7c9a622b556785ff1dd8119f5_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:a7e722132e7a538443f59788b82edcc52f5ec22e9343725c4401c9bdf7093b9a_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:df8436011b04ced795985116fff8eb5cc0009f0002ce9c000f9db741980b5a72_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:43f26cad1cd0ea7e5ac2e605077302473382ab85b3f8da72e49c4dd06114dab2_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:b0a3660137670fedc4e56ca656d56fb739c2fa48d9d0cf5f66fd150bd61365d5_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c3883a6c2f828592783cd1cd336c23a29245e9c45b10dd2b6d1aa8b86a670c31_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:0c8511e092b0138282ce3997cf06d8ba5995b9aa17aa436bcb3eacad910ff54d_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:5068337fc3ab78c2bed33b7eb0f1c1cf67c753a00c006e945aded3ecad884edc_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:ba453c045a93b2ac9e9a820ca616ea4af912972a99a5e4b07135658f1ddc752d_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:8341ef7ade15d0f823fb0ef8d1d2e2aab3f6078feae7a341a2f7b4c6bd94fba1_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:f117be17c9d1713db3719e4e1a7eb3b4697f9c12ac176c311b4c5d6ee27e59f9_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:f72338e446068e2487de8f6eb2249a69e27f24523a771e8aba0fcc2fbf263fe8_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:5dfb4b1c8b7c835e0c493927cb5c22bc68989244e49e284f90a063d54c6d1aa9_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:a59c693b975fad667a6cfebed3e2cf564419baf0a10aa27b71a22581b789dc10_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:bf2cc048dd6e18cb05a17a6de1e45cabd734af0f88555d0c1057bf3b82ac1e0f_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:4da3891b6d4df60dc7e0248bbb543d8363d32671bc3b0eb1671468dd4d3b7ebe_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:4e62b4264b5e4c63bc7d0cecf154dd481605e1d0ff94d563e9d6a8bc43c4835a_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:d9adfa493c64269d2ce744572d9a4c230e8a7c2503a35dbb3df5346e52a6dd2c_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:9198140a0252287e5114e04b97d5454227b51bac8fa4411dea1b0d0843f3c668_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:a9173c66a6929bf5fc689bd434203155e365d23e5e9ae7666d89224ec39df975_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:e50b850a731b7ab45345ab4e9495e4806ac0c6f8ba9ae13b83673a3b06a014f9_ppc64le", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:2adc2877050289ee2568c4f03ce171dc2c30bf86976fcc63c09bd0bf18b92cc4_amd64", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:73017b0ad2d4ea26900253abdc9a62d55a40ff04905a391e91610ad7a9d762d3_ppc64le", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:cb9a2f0df6852eb9d11deb8c4c14142bcae17a70301c55974fd0d87116814c9f_s390x", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:0ec97472d9bb1d99bfc0653194acf1b44de185a9e63756fb692acaa713ade2db_s390x", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:33f921009c9baaf82d3d10406073e9da9b31540d6b3b421c7a3659e2d8310179_ppc64le", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:eaa126d86aecf2bd330f2234104a905a71ab280a4d74a2614d98daaf13e821e2_amd64", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:746f118b9224ba6a175526f265d956ae8ce6c7c170db2217bd34b028f03999af_amd64", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:8a237928d7c059ecd5d1f3aad89ab094a73452e221c133cd9c5c7689db9b87bf_ppc64le", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:ecead456f33621f78b97d0d151f816d39246af1ca69696616f033213791142dc_s390x", "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:ae1228eb0e7c975eeec459749408a70324245aa99fd41bce03cd9f45ceb42d0b_s390x", "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:cbad12c58f243298974f51d2278730feb5fbb74cdc6de409dd0578794ab6c1a4_ppc64le", "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:dd22e49f8d5aa7f009169aec3c43e68307e0842cde9260a70dd424159e61c89d_amd64", "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:3c15440847fbc38023d590dd5f93ee524f53e2999c4483cfb3ba9bbf6bba904f_ppc64le", "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:9e9d91554f5edb5a3e00f2a294056bb540ed1597fc8af5d44432ce81d54bf977_amd64", "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:ac25a060b441ba7b1a2f282083e0900f26d159a02486d85bf496c28ce61ad970_s390x", "8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:6df979ecc2195ddd8c1b84a0355fa4df58cf55c34f0b07669659d72501a701d4_ppc64le", "8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:a66560fd323c9cb1466ca2fede9111665cadfc1ddaf9ce28e0aad6fdddf89763_s390x", "8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:b6ec1460415bf8c69d82cf9267494dc5445242b6a0957318eae5bf333693cb2e_amd64", "8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:0d51e3a8b92cab3b8f5221fc076b2079a68e7ba75f7f3ecb9322fe7ba77e862f_ppc64le", "8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:a602d31cee6906b1d0218de85403decb0155746990f9cd218731c7d4e717f1a1_s390x", "8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:b903b41e1096a25b53c5272c8457baa352e2c83fa997852d4a8ed614e2c02802_amd64", "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:5aee6e4bfecba226d276b95c62a68a1b6d513d60c9c8aff84752725e6c01b8c0_ppc64le", "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:a18638de4d39738b696f044e0d181fdeaf82499f2a2b4b46c07675db5fbe8c3f_amd64", "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:e9615e41e857331edacf87fcd98ced0a50fba92757131fdb433ad3e9490e4dd7_s390x", "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:29200f7311b63df76f6723878e4a8e2c315376b421e4e5febe2323a926d48594_amd64", "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:42c59f6a87c791fd6a3e829af331e2c5778612f503b402c0a08278cc9dc09ef7_ppc64le", "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:d557bf48ab4db2b2c98a65d1a028b7cde4363ee888c274d0629829c1b07977ef_s390x", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "browserify-sign: upper bound check issue in dsaVerify leads to a signature forgery attack", }, ], }
rhsa-2023:6180
Vulnerability from csaf_redhat
Published
2023-10-30 12:53
Modified
2025-04-01 14:03
Summary
Red Hat Security Advisory: Red Hat OpenShift distributed tracing 2.9.0 containers security update
Notes
Topic
An update is now available for Red Hat Openshift distributed tracing 2.9.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Release of Red Hat OpenShift distributed tracing provides these changes:
Security Fix(es):
* browserify-sign: upper bound check issue in dsaVerify leads to a signature forgery attack (CVE-2023-46234)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update is now available for Red Hat Openshift distributed tracing 2.9.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Release of Red Hat OpenShift distributed tracing provides these changes:\n\nSecurity Fix(es):\n\n* browserify-sign: upper bound check issue in dsaVerify leads to a signature forgery attack (CVE-2023-46234)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2023:6180", url: "https://access.redhat.com/errata/RHSA-2023:6180", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "2246470", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2246470", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_6180.json", }, ], title: "Red Hat Security Advisory: Red Hat OpenShift distributed tracing 2.9.0 containers security update", tracking: { current_release_date: "2025-04-01T14:03:44+00:00", generator: { date: "2025-04-01T14:03:44+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.2", }, }, id: "RHSA-2023:6180", initial_release_date: "2023-10-30T12:53:43+00:00", revision_history: [ { date: "2023-10-30T12:53:43+00:00", number: "1", summary: "Initial version", }, { date: "2023-10-30T12:53:43+00:00", number: "2", summary: "Last updated version", }, { date: "2025-04-01T14:03:44+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat OpenShift distributed tracing 2.9", product: { name: "Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9", product_identification_helper: { cpe: "cpe:/a:redhat:openshift_distributed_tracing:2.9::el8", }, }, }, ], category: "product_family", name: "Red Hat OpenShift distributed tracing", }, { branches: [ { category: "product_version", name: "rhosdt/jaeger-agent-rhel8@sha256:7ebe5c551baccd151d6ef2120eb7009570b33647bfd6332320dfa0f5f661ed8a_amd64", product: { name: "rhosdt/jaeger-agent-rhel8@sha256:7ebe5c551baccd151d6ef2120eb7009570b33647bfd6332320dfa0f5f661ed8a_amd64", product_id: "rhosdt/jaeger-agent-rhel8@sha256:7ebe5c551baccd151d6ef2120eb7009570b33647bfd6332320dfa0f5f661ed8a_amd64", product_identification_helper: { purl: "pkg:oci/jaeger-agent-rhel8@sha256:7ebe5c551baccd151d6ef2120eb7009570b33647bfd6332320dfa0f5f661ed8a?arch=amd64&repository_url=registry.redhat.io/rhosdt/jaeger-agent-rhel8&tag=1.47.1-5", }, }, }, { category: "product_version", name: "rhosdt/jaeger-all-in-one-rhel8@sha256:bb3e6e3b54c116d45c23154b3f3bd122a99a62ceb4499cd56774f1e0cec1c214_amd64", product: { name: "rhosdt/jaeger-all-in-one-rhel8@sha256:bb3e6e3b54c116d45c23154b3f3bd122a99a62ceb4499cd56774f1e0cec1c214_amd64", product_id: "rhosdt/jaeger-all-in-one-rhel8@sha256:bb3e6e3b54c116d45c23154b3f3bd122a99a62ceb4499cd56774f1e0cec1c214_amd64", product_identification_helper: { purl: "pkg:oci/jaeger-all-in-one-rhel8@sha256:bb3e6e3b54c116d45c23154b3f3bd122a99a62ceb4499cd56774f1e0cec1c214?arch=amd64&repository_url=registry.redhat.io/rhosdt/jaeger-all-in-one-rhel8&tag=1.47.1-5", }, }, }, { category: "product_version", name: "rhosdt/jaeger-collector-rhel8@sha256:df8436011b04ced795985116fff8eb5cc0009f0002ce9c000f9db741980b5a72_amd64", product: { name: "rhosdt/jaeger-collector-rhel8@sha256:df8436011b04ced795985116fff8eb5cc0009f0002ce9c000f9db741980b5a72_amd64", product_id: "rhosdt/jaeger-collector-rhel8@sha256:df8436011b04ced795985116fff8eb5cc0009f0002ce9c000f9db741980b5a72_amd64", product_identification_helper: { purl: "pkg:oci/jaeger-collector-rhel8@sha256:df8436011b04ced795985116fff8eb5cc0009f0002ce9c000f9db741980b5a72?arch=amd64&repository_url=registry.redhat.io/rhosdt/jaeger-collector-rhel8&tag=1.47.1-5", }, }, }, { category: "product_version", name: "rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c3883a6c2f828592783cd1cd336c23a29245e9c45b10dd2b6d1aa8b86a670c31_amd64", product: { name: "rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c3883a6c2f828592783cd1cd336c23a29245e9c45b10dd2b6d1aa8b86a670c31_amd64", product_id: "rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c3883a6c2f828592783cd1cd336c23a29245e9c45b10dd2b6d1aa8b86a670c31_amd64", product_identification_helper: { purl: "pkg:oci/jaeger-es-index-cleaner-rhel8@sha256:c3883a6c2f828592783cd1cd336c23a29245e9c45b10dd2b6d1aa8b86a670c31?arch=amd64&repository_url=registry.redhat.io/rhosdt/jaeger-es-index-cleaner-rhel8&tag=1.47.1-5", }, }, }, { category: "product_version", name: "rhosdt/jaeger-es-rollover-rhel8@sha256:ba453c045a93b2ac9e9a820ca616ea4af912972a99a5e4b07135658f1ddc752d_amd64", product: { name: "rhosdt/jaeger-es-rollover-rhel8@sha256:ba453c045a93b2ac9e9a820ca616ea4af912972a99a5e4b07135658f1ddc752d_amd64", product_id: "rhosdt/jaeger-es-rollover-rhel8@sha256:ba453c045a93b2ac9e9a820ca616ea4af912972a99a5e4b07135658f1ddc752d_amd64", product_identification_helper: { purl: "pkg:oci/jaeger-es-rollover-rhel8@sha256:ba453c045a93b2ac9e9a820ca616ea4af912972a99a5e4b07135658f1ddc752d?arch=amd64&repository_url=registry.redhat.io/rhosdt/jaeger-es-rollover-rhel8&tag=1.47.1-5", }, }, }, { category: "product_version", name: "rhosdt/jaeger-ingester-rhel8@sha256:f72338e446068e2487de8f6eb2249a69e27f24523a771e8aba0fcc2fbf263fe8_amd64", product: { name: "rhosdt/jaeger-ingester-rhel8@sha256:f72338e446068e2487de8f6eb2249a69e27f24523a771e8aba0fcc2fbf263fe8_amd64", product_id: "rhosdt/jaeger-ingester-rhel8@sha256:f72338e446068e2487de8f6eb2249a69e27f24523a771e8aba0fcc2fbf263fe8_amd64", product_identification_helper: { purl: "pkg:oci/jaeger-ingester-rhel8@sha256:f72338e446068e2487de8f6eb2249a69e27f24523a771e8aba0fcc2fbf263fe8?arch=amd64&repository_url=registry.redhat.io/rhosdt/jaeger-ingester-rhel8&tag=1.47.1-5", }, }, }, { category: "product_version", name: "rhosdt/jaeger-operator-bundle@sha256:5dfb4b1c8b7c835e0c493927cb5c22bc68989244e49e284f90a063d54c6d1aa9_amd64", product: { name: "rhosdt/jaeger-operator-bundle@sha256:5dfb4b1c8b7c835e0c493927cb5c22bc68989244e49e284f90a063d54c6d1aa9_amd64", product_id: "rhosdt/jaeger-operator-bundle@sha256:5dfb4b1c8b7c835e0c493927cb5c22bc68989244e49e284f90a063d54c6d1aa9_amd64", product_identification_helper: { purl: "pkg:oci/jaeger-operator-bundle@sha256:5dfb4b1c8b7c835e0c493927cb5c22bc68989244e49e284f90a063d54c6d1aa9?arch=amd64&repository_url=registry.redhat.io/rhosdt/jaeger-operator-bundle&tag=1.47.1-14", }, }, }, { category: "product_version", name: "rhosdt/jaeger-rhel8-operator@sha256:9198140a0252287e5114e04b97d5454227b51bac8fa4411dea1b0d0843f3c668_amd64", product: { name: "rhosdt/jaeger-rhel8-operator@sha256:9198140a0252287e5114e04b97d5454227b51bac8fa4411dea1b0d0843f3c668_amd64", product_id: "rhosdt/jaeger-rhel8-operator@sha256:9198140a0252287e5114e04b97d5454227b51bac8fa4411dea1b0d0843f3c668_amd64", product_identification_helper: { purl: "pkg:oci/jaeger-rhel8-operator@sha256:9198140a0252287e5114e04b97d5454227b51bac8fa4411dea1b0d0843f3c668?arch=amd64&repository_url=registry.redhat.io/rhosdt/jaeger-rhel8-operator&tag=1.47.1-5", }, }, }, { category: "product_version", name: "rhosdt/jaeger-query-rhel8@sha256:d9adfa493c64269d2ce744572d9a4c230e8a7c2503a35dbb3df5346e52a6dd2c_amd64", product: { name: "rhosdt/jaeger-query-rhel8@sha256:d9adfa493c64269d2ce744572d9a4c230e8a7c2503a35dbb3df5346e52a6dd2c_amd64", product_id: "rhosdt/jaeger-query-rhel8@sha256:d9adfa493c64269d2ce744572d9a4c230e8a7c2503a35dbb3df5346e52a6dd2c_amd64", product_identification_helper: { purl: "pkg:oci/jaeger-query-rhel8@sha256:d9adfa493c64269d2ce744572d9a4c230e8a7c2503a35dbb3df5346e52a6dd2c?arch=amd64&repository_url=registry.redhat.io/rhosdt/jaeger-query-rhel8&tag=1.47.1-5", }, }, }, { category: "product_version", name: "rhosdt/opentelemetry-collector-rhel8@sha256:2adc2877050289ee2568c4f03ce171dc2c30bf86976fcc63c09bd0bf18b92cc4_amd64", product: { name: "rhosdt/opentelemetry-collector-rhel8@sha256:2adc2877050289ee2568c4f03ce171dc2c30bf86976fcc63c09bd0bf18b92cc4_amd64", product_id: "rhosdt/opentelemetry-collector-rhel8@sha256:2adc2877050289ee2568c4f03ce171dc2c30bf86976fcc63c09bd0bf18b92cc4_amd64", product_identification_helper: { purl: "pkg:oci/opentelemetry-collector-rhel8@sha256:2adc2877050289ee2568c4f03ce171dc2c30bf86976fcc63c09bd0bf18b92cc4?arch=amd64&repository_url=registry.redhat.io/rhosdt/opentelemetry-collector-rhel8&tag=0.81.1-5", }, }, }, { category: "product_version", name: "rhosdt/opentelemetry-operator-bundle@sha256:eaa126d86aecf2bd330f2234104a905a71ab280a4d74a2614d98daaf13e821e2_amd64", product: { name: "rhosdt/opentelemetry-operator-bundle@sha256:eaa126d86aecf2bd330f2234104a905a71ab280a4d74a2614d98daaf13e821e2_amd64", product_id: "rhosdt/opentelemetry-operator-bundle@sha256:eaa126d86aecf2bd330f2234104a905a71ab280a4d74a2614d98daaf13e821e2_amd64", product_identification_helper: { purl: "pkg:oci/opentelemetry-operator-bundle@sha256:eaa126d86aecf2bd330f2234104a905a71ab280a4d74a2614d98daaf13e821e2?arch=amd64&repository_url=registry.redhat.io/rhosdt/opentelemetry-operator-bundle&tag=0.81.1-12", }, }, }, { category: "product_version", name: "rhosdt/opentelemetry-rhel8-operator@sha256:746f118b9224ba6a175526f265d956ae8ce6c7c170db2217bd34b028f03999af_amd64", product: { name: "rhosdt/opentelemetry-rhel8-operator@sha256:746f118b9224ba6a175526f265d956ae8ce6c7c170db2217bd34b028f03999af_amd64", product_id: "rhosdt/opentelemetry-rhel8-operator@sha256:746f118b9224ba6a175526f265d956ae8ce6c7c170db2217bd34b028f03999af_amd64", product_identification_helper: { purl: "pkg:oci/opentelemetry-rhel8-operator@sha256:746f118b9224ba6a175526f265d956ae8ce6c7c170db2217bd34b028f03999af?arch=amd64&repository_url=registry.redhat.io/rhosdt/opentelemetry-rhel8-operator&tag=0.81.1-5", }, }, }, { category: "product_version", name: "rhosdt/tempo-rhel8@sha256:29200f7311b63df76f6723878e4a8e2c315376b421e4e5febe2323a926d48594_amd64", product: { name: "rhosdt/tempo-rhel8@sha256:29200f7311b63df76f6723878e4a8e2c315376b421e4e5febe2323a926d48594_amd64", product_id: "rhosdt/tempo-rhel8@sha256:29200f7311b63df76f6723878e4a8e2c315376b421e4e5febe2323a926d48594_amd64", product_identification_helper: { purl: "pkg:oci/tempo-rhel8@sha256:29200f7311b63df76f6723878e4a8e2c315376b421e4e5febe2323a926d48594?arch=amd64&repository_url=registry.redhat.io/rhosdt/tempo-rhel8&tag=2.1.1-10", }, }, }, { category: "product_version", name: "rhosdt/tempo-gateway-rhel8@sha256:9e9d91554f5edb5a3e00f2a294056bb540ed1597fc8af5d44432ce81d54bf977_amd64", product: { name: "rhosdt/tempo-gateway-rhel8@sha256:9e9d91554f5edb5a3e00f2a294056bb540ed1597fc8af5d44432ce81d54bf977_amd64", product_id: "rhosdt/tempo-gateway-rhel8@sha256:9e9d91554f5edb5a3e00f2a294056bb540ed1597fc8af5d44432ce81d54bf977_amd64", product_identification_helper: { purl: "pkg:oci/tempo-gateway-rhel8@sha256:9e9d91554f5edb5a3e00f2a294056bb540ed1597fc8af5d44432ce81d54bf977?arch=amd64&repository_url=registry.redhat.io/rhosdt/tempo-gateway-rhel8&tag=742e3d3-3", }, }, }, { category: "product_version", name: "rhosdt/tempo-gateway-opa-rhel8@sha256:dd22e49f8d5aa7f009169aec3c43e68307e0842cde9260a70dd424159e61c89d_amd64", product: { name: "rhosdt/tempo-gateway-opa-rhel8@sha256:dd22e49f8d5aa7f009169aec3c43e68307e0842cde9260a70dd424159e61c89d_amd64", product_id: "rhosdt/tempo-gateway-opa-rhel8@sha256:dd22e49f8d5aa7f009169aec3c43e68307e0842cde9260a70dd424159e61c89d_amd64", product_identification_helper: { purl: "pkg:oci/tempo-gateway-opa-rhel8@sha256:dd22e49f8d5aa7f009169aec3c43e68307e0842cde9260a70dd424159e61c89d?arch=amd64&repository_url=registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8&tag=fe53f40-2", }, }, }, { category: "product_version", name: "rhosdt/tempo-operator-bundle@sha256:b6ec1460415bf8c69d82cf9267494dc5445242b6a0957318eae5bf333693cb2e_amd64", product: { name: "rhosdt/tempo-operator-bundle@sha256:b6ec1460415bf8c69d82cf9267494dc5445242b6a0957318eae5bf333693cb2e_amd64", product_id: "rhosdt/tempo-operator-bundle@sha256:b6ec1460415bf8c69d82cf9267494dc5445242b6a0957318eae5bf333693cb2e_amd64", product_identification_helper: { purl: "pkg:oci/tempo-operator-bundle@sha256:b6ec1460415bf8c69d82cf9267494dc5445242b6a0957318eae5bf333693cb2e?arch=amd64&repository_url=registry.redhat.io/rhosdt/tempo-operator-bundle&tag=0.3.1-11", }, }, }, { category: "product_version", name: "rhosdt/tempo-rhel8-operator@sha256:a18638de4d39738b696f044e0d181fdeaf82499f2a2b4b46c07675db5fbe8c3f_amd64", product: { name: "rhosdt/tempo-rhel8-operator@sha256:a18638de4d39738b696f044e0d181fdeaf82499f2a2b4b46c07675db5fbe8c3f_amd64", product_id: "rhosdt/tempo-rhel8-operator@sha256:a18638de4d39738b696f044e0d181fdeaf82499f2a2b4b46c07675db5fbe8c3f_amd64", product_identification_helper: { purl: "pkg:oci/tempo-rhel8-operator@sha256:a18638de4d39738b696f044e0d181fdeaf82499f2a2b4b46c07675db5fbe8c3f?arch=amd64&repository_url=registry.redhat.io/rhosdt/tempo-rhel8-operator&tag=0.3.1-3", }, }, }, { category: "product_version", name: "rhosdt/tempo-query-rhel8@sha256:b903b41e1096a25b53c5272c8457baa352e2c83fa997852d4a8ed614e2c02802_amd64", product: { name: "rhosdt/tempo-query-rhel8@sha256:b903b41e1096a25b53c5272c8457baa352e2c83fa997852d4a8ed614e2c02802_amd64", product_id: "rhosdt/tempo-query-rhel8@sha256:b903b41e1096a25b53c5272c8457baa352e2c83fa997852d4a8ed614e2c02802_amd64", product_identification_helper: { purl: "pkg:oci/tempo-query-rhel8@sha256:b903b41e1096a25b53c5272c8457baa352e2c83fa997852d4a8ed614e2c02802?arch=amd64&repository_url=registry.redhat.io/rhosdt/tempo-query-rhel8&tag=0.3.1-4", }, }, }, ], category: "architecture", name: "amd64", }, { branches: [ { category: "product_version", name: "rhosdt/jaeger-agent-rhel8@sha256:952f7701d0c1d8ac9c01c0b2ff9d28a4dad480fd34e68eef162e41b5bb0a17e1_ppc64le", product: { name: "rhosdt/jaeger-agent-rhel8@sha256:952f7701d0c1d8ac9c01c0b2ff9d28a4dad480fd34e68eef162e41b5bb0a17e1_ppc64le", product_id: "rhosdt/jaeger-agent-rhel8@sha256:952f7701d0c1d8ac9c01c0b2ff9d28a4dad480fd34e68eef162e41b5bb0a17e1_ppc64le", product_identification_helper: { purl: "pkg:oci/jaeger-agent-rhel8@sha256:952f7701d0c1d8ac9c01c0b2ff9d28a4dad480fd34e68eef162e41b5bb0a17e1?arch=ppc64le&repository_url=registry.redhat.io/rhosdt/jaeger-agent-rhel8&tag=1.47.1-5", }, }, }, { category: "product_version", name: "rhosdt/jaeger-all-in-one-rhel8@sha256:16934a17528d69fb0d39f605364fbc012a3e4d7401df45c91c995ac8ef9ed920_ppc64le", product: { name: "rhosdt/jaeger-all-in-one-rhel8@sha256:16934a17528d69fb0d39f605364fbc012a3e4d7401df45c91c995ac8ef9ed920_ppc64le", product_id: "rhosdt/jaeger-all-in-one-rhel8@sha256:16934a17528d69fb0d39f605364fbc012a3e4d7401df45c91c995ac8ef9ed920_ppc64le", product_identification_helper: { purl: "pkg:oci/jaeger-all-in-one-rhel8@sha256:16934a17528d69fb0d39f605364fbc012a3e4d7401df45c91c995ac8ef9ed920?arch=ppc64le&repository_url=registry.redhat.io/rhosdt/jaeger-all-in-one-rhel8&tag=1.47.1-5", }, }, }, { category: "product_version", name: "rhosdt/jaeger-collector-rhel8@sha256:467961ec80abc54ee85939f0287041223b181bb7c9a622b556785ff1dd8119f5_ppc64le", product: { name: "rhosdt/jaeger-collector-rhel8@sha256:467961ec80abc54ee85939f0287041223b181bb7c9a622b556785ff1dd8119f5_ppc64le", product_id: "rhosdt/jaeger-collector-rhel8@sha256:467961ec80abc54ee85939f0287041223b181bb7c9a622b556785ff1dd8119f5_ppc64le", product_identification_helper: { purl: "pkg:oci/jaeger-collector-rhel8@sha256:467961ec80abc54ee85939f0287041223b181bb7c9a622b556785ff1dd8119f5?arch=ppc64le&repository_url=registry.redhat.io/rhosdt/jaeger-collector-rhel8&tag=1.47.1-5", }, }, }, { category: "product_version", name: "rhosdt/jaeger-es-index-cleaner-rhel8@sha256:43f26cad1cd0ea7e5ac2e605077302473382ab85b3f8da72e49c4dd06114dab2_ppc64le", product: { name: "rhosdt/jaeger-es-index-cleaner-rhel8@sha256:43f26cad1cd0ea7e5ac2e605077302473382ab85b3f8da72e49c4dd06114dab2_ppc64le", product_id: "rhosdt/jaeger-es-index-cleaner-rhel8@sha256:43f26cad1cd0ea7e5ac2e605077302473382ab85b3f8da72e49c4dd06114dab2_ppc64le", product_identification_helper: { purl: "pkg:oci/jaeger-es-index-cleaner-rhel8@sha256:43f26cad1cd0ea7e5ac2e605077302473382ab85b3f8da72e49c4dd06114dab2?arch=ppc64le&repository_url=registry.redhat.io/rhosdt/jaeger-es-index-cleaner-rhel8&tag=1.47.1-5", }, }, }, { category: "product_version", name: "rhosdt/jaeger-es-rollover-rhel8@sha256:0c8511e092b0138282ce3997cf06d8ba5995b9aa17aa436bcb3eacad910ff54d_ppc64le", product: { name: "rhosdt/jaeger-es-rollover-rhel8@sha256:0c8511e092b0138282ce3997cf06d8ba5995b9aa17aa436bcb3eacad910ff54d_ppc64le", product_id: "rhosdt/jaeger-es-rollover-rhel8@sha256:0c8511e092b0138282ce3997cf06d8ba5995b9aa17aa436bcb3eacad910ff54d_ppc64le", product_identification_helper: { purl: "pkg:oci/jaeger-es-rollover-rhel8@sha256:0c8511e092b0138282ce3997cf06d8ba5995b9aa17aa436bcb3eacad910ff54d?arch=ppc64le&repository_url=registry.redhat.io/rhosdt/jaeger-es-rollover-rhel8&tag=1.47.1-5", }, }, }, { category: "product_version", name: "rhosdt/jaeger-ingester-rhel8@sha256:8341ef7ade15d0f823fb0ef8d1d2e2aab3f6078feae7a341a2f7b4c6bd94fba1_ppc64le", product: { name: "rhosdt/jaeger-ingester-rhel8@sha256:8341ef7ade15d0f823fb0ef8d1d2e2aab3f6078feae7a341a2f7b4c6bd94fba1_ppc64le", product_id: "rhosdt/jaeger-ingester-rhel8@sha256:8341ef7ade15d0f823fb0ef8d1d2e2aab3f6078feae7a341a2f7b4c6bd94fba1_ppc64le", product_identification_helper: { purl: "pkg:oci/jaeger-ingester-rhel8@sha256:8341ef7ade15d0f823fb0ef8d1d2e2aab3f6078feae7a341a2f7b4c6bd94fba1?arch=ppc64le&repository_url=registry.redhat.io/rhosdt/jaeger-ingester-rhel8&tag=1.47.1-5", }, }, }, { category: "product_version", name: "rhosdt/jaeger-operator-bundle@sha256:a59c693b975fad667a6cfebed3e2cf564419baf0a10aa27b71a22581b789dc10_ppc64le", product: { name: "rhosdt/jaeger-operator-bundle@sha256:a59c693b975fad667a6cfebed3e2cf564419baf0a10aa27b71a22581b789dc10_ppc64le", product_id: "rhosdt/jaeger-operator-bundle@sha256:a59c693b975fad667a6cfebed3e2cf564419baf0a10aa27b71a22581b789dc10_ppc64le", product_identification_helper: { purl: "pkg:oci/jaeger-operator-bundle@sha256:a59c693b975fad667a6cfebed3e2cf564419baf0a10aa27b71a22581b789dc10?arch=ppc64le&repository_url=registry.redhat.io/rhosdt/jaeger-operator-bundle&tag=1.47.1-14", }, }, }, { category: "product_version", name: "rhosdt/jaeger-rhel8-operator@sha256:e50b850a731b7ab45345ab4e9495e4806ac0c6f8ba9ae13b83673a3b06a014f9_ppc64le", product: { name: "rhosdt/jaeger-rhel8-operator@sha256:e50b850a731b7ab45345ab4e9495e4806ac0c6f8ba9ae13b83673a3b06a014f9_ppc64le", product_id: "rhosdt/jaeger-rhel8-operator@sha256:e50b850a731b7ab45345ab4e9495e4806ac0c6f8ba9ae13b83673a3b06a014f9_ppc64le", product_identification_helper: { purl: "pkg:oci/jaeger-rhel8-operator@sha256:e50b850a731b7ab45345ab4e9495e4806ac0c6f8ba9ae13b83673a3b06a014f9?arch=ppc64le&repository_url=registry.redhat.io/rhosdt/jaeger-rhel8-operator&tag=1.47.1-5", }, }, }, { category: "product_version", name: "rhosdt/jaeger-query-rhel8@sha256:4da3891b6d4df60dc7e0248bbb543d8363d32671bc3b0eb1671468dd4d3b7ebe_ppc64le", product: { name: "rhosdt/jaeger-query-rhel8@sha256:4da3891b6d4df60dc7e0248bbb543d8363d32671bc3b0eb1671468dd4d3b7ebe_ppc64le", product_id: "rhosdt/jaeger-query-rhel8@sha256:4da3891b6d4df60dc7e0248bbb543d8363d32671bc3b0eb1671468dd4d3b7ebe_ppc64le", product_identification_helper: { purl: "pkg:oci/jaeger-query-rhel8@sha256:4da3891b6d4df60dc7e0248bbb543d8363d32671bc3b0eb1671468dd4d3b7ebe?arch=ppc64le&repository_url=registry.redhat.io/rhosdt/jaeger-query-rhel8&tag=1.47.1-5", }, }, }, { category: "product_version", name: "rhosdt/opentelemetry-collector-rhel8@sha256:73017b0ad2d4ea26900253abdc9a62d55a40ff04905a391e91610ad7a9d762d3_ppc64le", product: { name: "rhosdt/opentelemetry-collector-rhel8@sha256:73017b0ad2d4ea26900253abdc9a62d55a40ff04905a391e91610ad7a9d762d3_ppc64le", product_id: "rhosdt/opentelemetry-collector-rhel8@sha256:73017b0ad2d4ea26900253abdc9a62d55a40ff04905a391e91610ad7a9d762d3_ppc64le", product_identification_helper: { purl: "pkg:oci/opentelemetry-collector-rhel8@sha256:73017b0ad2d4ea26900253abdc9a62d55a40ff04905a391e91610ad7a9d762d3?arch=ppc64le&repository_url=registry.redhat.io/rhosdt/opentelemetry-collector-rhel8&tag=0.81.1-5", }, }, }, { category: "product_version", name: "rhosdt/opentelemetry-operator-bundle@sha256:33f921009c9baaf82d3d10406073e9da9b31540d6b3b421c7a3659e2d8310179_ppc64le", product: { name: "rhosdt/opentelemetry-operator-bundle@sha256:33f921009c9baaf82d3d10406073e9da9b31540d6b3b421c7a3659e2d8310179_ppc64le", product_id: "rhosdt/opentelemetry-operator-bundle@sha256:33f921009c9baaf82d3d10406073e9da9b31540d6b3b421c7a3659e2d8310179_ppc64le", product_identification_helper: { purl: "pkg:oci/opentelemetry-operator-bundle@sha256:33f921009c9baaf82d3d10406073e9da9b31540d6b3b421c7a3659e2d8310179?arch=ppc64le&repository_url=registry.redhat.io/rhosdt/opentelemetry-operator-bundle&tag=0.81.1-12", }, }, }, { category: "product_version", name: "rhosdt/opentelemetry-rhel8-operator@sha256:8a237928d7c059ecd5d1f3aad89ab094a73452e221c133cd9c5c7689db9b87bf_ppc64le", product: { name: "rhosdt/opentelemetry-rhel8-operator@sha256:8a237928d7c059ecd5d1f3aad89ab094a73452e221c133cd9c5c7689db9b87bf_ppc64le", product_id: "rhosdt/opentelemetry-rhel8-operator@sha256:8a237928d7c059ecd5d1f3aad89ab094a73452e221c133cd9c5c7689db9b87bf_ppc64le", product_identification_helper: { purl: "pkg:oci/opentelemetry-rhel8-operator@sha256:8a237928d7c059ecd5d1f3aad89ab094a73452e221c133cd9c5c7689db9b87bf?arch=ppc64le&repository_url=registry.redhat.io/rhosdt/opentelemetry-rhel8-operator&tag=0.81.1-5", }, }, }, { category: "product_version", name: "rhosdt/tempo-rhel8@sha256:42c59f6a87c791fd6a3e829af331e2c5778612f503b402c0a08278cc9dc09ef7_ppc64le", product: { name: "rhosdt/tempo-rhel8@sha256:42c59f6a87c791fd6a3e829af331e2c5778612f503b402c0a08278cc9dc09ef7_ppc64le", product_id: "rhosdt/tempo-rhel8@sha256:42c59f6a87c791fd6a3e829af331e2c5778612f503b402c0a08278cc9dc09ef7_ppc64le", product_identification_helper: { purl: "pkg:oci/tempo-rhel8@sha256:42c59f6a87c791fd6a3e829af331e2c5778612f503b402c0a08278cc9dc09ef7?arch=ppc64le&repository_url=registry.redhat.io/rhosdt/tempo-rhel8&tag=2.1.1-10", }, }, }, { category: "product_version", name: "rhosdt/tempo-gateway-rhel8@sha256:3c15440847fbc38023d590dd5f93ee524f53e2999c4483cfb3ba9bbf6bba904f_ppc64le", product: { name: "rhosdt/tempo-gateway-rhel8@sha256:3c15440847fbc38023d590dd5f93ee524f53e2999c4483cfb3ba9bbf6bba904f_ppc64le", product_id: "rhosdt/tempo-gateway-rhel8@sha256:3c15440847fbc38023d590dd5f93ee524f53e2999c4483cfb3ba9bbf6bba904f_ppc64le", product_identification_helper: { purl: "pkg:oci/tempo-gateway-rhel8@sha256:3c15440847fbc38023d590dd5f93ee524f53e2999c4483cfb3ba9bbf6bba904f?arch=ppc64le&repository_url=registry.redhat.io/rhosdt/tempo-gateway-rhel8&tag=742e3d3-3", }, }, }, { category: "product_version", name: "rhosdt/tempo-gateway-opa-rhel8@sha256:cbad12c58f243298974f51d2278730feb5fbb74cdc6de409dd0578794ab6c1a4_ppc64le", product: { name: "rhosdt/tempo-gateway-opa-rhel8@sha256:cbad12c58f243298974f51d2278730feb5fbb74cdc6de409dd0578794ab6c1a4_ppc64le", product_id: "rhosdt/tempo-gateway-opa-rhel8@sha256:cbad12c58f243298974f51d2278730feb5fbb74cdc6de409dd0578794ab6c1a4_ppc64le", product_identification_helper: { purl: "pkg:oci/tempo-gateway-opa-rhel8@sha256:cbad12c58f243298974f51d2278730feb5fbb74cdc6de409dd0578794ab6c1a4?arch=ppc64le&repository_url=registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8&tag=fe53f40-2", }, }, }, { category: "product_version", name: "rhosdt/tempo-operator-bundle@sha256:6df979ecc2195ddd8c1b84a0355fa4df58cf55c34f0b07669659d72501a701d4_ppc64le", product: { name: "rhosdt/tempo-operator-bundle@sha256:6df979ecc2195ddd8c1b84a0355fa4df58cf55c34f0b07669659d72501a701d4_ppc64le", product_id: "rhosdt/tempo-operator-bundle@sha256:6df979ecc2195ddd8c1b84a0355fa4df58cf55c34f0b07669659d72501a701d4_ppc64le", product_identification_helper: { purl: "pkg:oci/tempo-operator-bundle@sha256:6df979ecc2195ddd8c1b84a0355fa4df58cf55c34f0b07669659d72501a701d4?arch=ppc64le&repository_url=registry.redhat.io/rhosdt/tempo-operator-bundle&tag=0.3.1-11", }, }, }, { category: "product_version", name: "rhosdt/tempo-rhel8-operator@sha256:5aee6e4bfecba226d276b95c62a68a1b6d513d60c9c8aff84752725e6c01b8c0_ppc64le", product: { name: "rhosdt/tempo-rhel8-operator@sha256:5aee6e4bfecba226d276b95c62a68a1b6d513d60c9c8aff84752725e6c01b8c0_ppc64le", product_id: "rhosdt/tempo-rhel8-operator@sha256:5aee6e4bfecba226d276b95c62a68a1b6d513d60c9c8aff84752725e6c01b8c0_ppc64le", product_identification_helper: { purl: "pkg:oci/tempo-rhel8-operator@sha256:5aee6e4bfecba226d276b95c62a68a1b6d513d60c9c8aff84752725e6c01b8c0?arch=ppc64le&repository_url=registry.redhat.io/rhosdt/tempo-rhel8-operator&tag=0.3.1-3", }, }, }, { category: "product_version", name: "rhosdt/tempo-query-rhel8@sha256:0d51e3a8b92cab3b8f5221fc076b2079a68e7ba75f7f3ecb9322fe7ba77e862f_ppc64le", product: { name: "rhosdt/tempo-query-rhel8@sha256:0d51e3a8b92cab3b8f5221fc076b2079a68e7ba75f7f3ecb9322fe7ba77e862f_ppc64le", product_id: "rhosdt/tempo-query-rhel8@sha256:0d51e3a8b92cab3b8f5221fc076b2079a68e7ba75f7f3ecb9322fe7ba77e862f_ppc64le", product_identification_helper: { purl: "pkg:oci/tempo-query-rhel8@sha256:0d51e3a8b92cab3b8f5221fc076b2079a68e7ba75f7f3ecb9322fe7ba77e862f?arch=ppc64le&repository_url=registry.redhat.io/rhosdt/tempo-query-rhel8&tag=0.3.1-4", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "rhosdt/jaeger-agent-rhel8@sha256:2619637d44fd87e5c07301de93841899fffc109dcfaff59d56349cedc208a679_s390x", product: { name: "rhosdt/jaeger-agent-rhel8@sha256:2619637d44fd87e5c07301de93841899fffc109dcfaff59d56349cedc208a679_s390x", product_id: "rhosdt/jaeger-agent-rhel8@sha256:2619637d44fd87e5c07301de93841899fffc109dcfaff59d56349cedc208a679_s390x", product_identification_helper: { purl: "pkg:oci/jaeger-agent-rhel8@sha256:2619637d44fd87e5c07301de93841899fffc109dcfaff59d56349cedc208a679?arch=s390x&repository_url=registry.redhat.io/rhosdt/jaeger-agent-rhel8&tag=1.47.1-5", }, }, }, { category: "product_version", name: "rhosdt/jaeger-all-in-one-rhel8@sha256:f99bb528c12edb65c36659a0a5d59d7a76449ce9649bf7c5be7b273f8485fc25_s390x", product: { name: "rhosdt/jaeger-all-in-one-rhel8@sha256:f99bb528c12edb65c36659a0a5d59d7a76449ce9649bf7c5be7b273f8485fc25_s390x", product_id: "rhosdt/jaeger-all-in-one-rhel8@sha256:f99bb528c12edb65c36659a0a5d59d7a76449ce9649bf7c5be7b273f8485fc25_s390x", product_identification_helper: { purl: "pkg:oci/jaeger-all-in-one-rhel8@sha256:f99bb528c12edb65c36659a0a5d59d7a76449ce9649bf7c5be7b273f8485fc25?arch=s390x&repository_url=registry.redhat.io/rhosdt/jaeger-all-in-one-rhel8&tag=1.47.1-5", }, }, }, { category: "product_version", name: "rhosdt/jaeger-collector-rhel8@sha256:a7e722132e7a538443f59788b82edcc52f5ec22e9343725c4401c9bdf7093b9a_s390x", product: { name: "rhosdt/jaeger-collector-rhel8@sha256:a7e722132e7a538443f59788b82edcc52f5ec22e9343725c4401c9bdf7093b9a_s390x", product_id: "rhosdt/jaeger-collector-rhel8@sha256:a7e722132e7a538443f59788b82edcc52f5ec22e9343725c4401c9bdf7093b9a_s390x", product_identification_helper: { purl: "pkg:oci/jaeger-collector-rhel8@sha256:a7e722132e7a538443f59788b82edcc52f5ec22e9343725c4401c9bdf7093b9a?arch=s390x&repository_url=registry.redhat.io/rhosdt/jaeger-collector-rhel8&tag=1.47.1-5", }, }, }, { category: "product_version", name: "rhosdt/jaeger-es-index-cleaner-rhel8@sha256:b0a3660137670fedc4e56ca656d56fb739c2fa48d9d0cf5f66fd150bd61365d5_s390x", product: { name: "rhosdt/jaeger-es-index-cleaner-rhel8@sha256:b0a3660137670fedc4e56ca656d56fb739c2fa48d9d0cf5f66fd150bd61365d5_s390x", product_id: "rhosdt/jaeger-es-index-cleaner-rhel8@sha256:b0a3660137670fedc4e56ca656d56fb739c2fa48d9d0cf5f66fd150bd61365d5_s390x", product_identification_helper: { purl: "pkg:oci/jaeger-es-index-cleaner-rhel8@sha256:b0a3660137670fedc4e56ca656d56fb739c2fa48d9d0cf5f66fd150bd61365d5?arch=s390x&repository_url=registry.redhat.io/rhosdt/jaeger-es-index-cleaner-rhel8&tag=1.47.1-5", }, }, }, { category: "product_version", name: "rhosdt/jaeger-es-rollover-rhel8@sha256:5068337fc3ab78c2bed33b7eb0f1c1cf67c753a00c006e945aded3ecad884edc_s390x", product: { name: "rhosdt/jaeger-es-rollover-rhel8@sha256:5068337fc3ab78c2bed33b7eb0f1c1cf67c753a00c006e945aded3ecad884edc_s390x", product_id: "rhosdt/jaeger-es-rollover-rhel8@sha256:5068337fc3ab78c2bed33b7eb0f1c1cf67c753a00c006e945aded3ecad884edc_s390x", product_identification_helper: { purl: "pkg:oci/jaeger-es-rollover-rhel8@sha256:5068337fc3ab78c2bed33b7eb0f1c1cf67c753a00c006e945aded3ecad884edc?arch=s390x&repository_url=registry.redhat.io/rhosdt/jaeger-es-rollover-rhel8&tag=1.47.1-5", }, }, }, { category: "product_version", name: "rhosdt/jaeger-ingester-rhel8@sha256:f117be17c9d1713db3719e4e1a7eb3b4697f9c12ac176c311b4c5d6ee27e59f9_s390x", product: { name: "rhosdt/jaeger-ingester-rhel8@sha256:f117be17c9d1713db3719e4e1a7eb3b4697f9c12ac176c311b4c5d6ee27e59f9_s390x", product_id: "rhosdt/jaeger-ingester-rhel8@sha256:f117be17c9d1713db3719e4e1a7eb3b4697f9c12ac176c311b4c5d6ee27e59f9_s390x", product_identification_helper: { purl: "pkg:oci/jaeger-ingester-rhel8@sha256:f117be17c9d1713db3719e4e1a7eb3b4697f9c12ac176c311b4c5d6ee27e59f9?arch=s390x&repository_url=registry.redhat.io/rhosdt/jaeger-ingester-rhel8&tag=1.47.1-5", }, }, }, { category: "product_version", name: "rhosdt/jaeger-operator-bundle@sha256:bf2cc048dd6e18cb05a17a6de1e45cabd734af0f88555d0c1057bf3b82ac1e0f_s390x", product: { name: "rhosdt/jaeger-operator-bundle@sha256:bf2cc048dd6e18cb05a17a6de1e45cabd734af0f88555d0c1057bf3b82ac1e0f_s390x", product_id: "rhosdt/jaeger-operator-bundle@sha256:bf2cc048dd6e18cb05a17a6de1e45cabd734af0f88555d0c1057bf3b82ac1e0f_s390x", product_identification_helper: { purl: "pkg:oci/jaeger-operator-bundle@sha256:bf2cc048dd6e18cb05a17a6de1e45cabd734af0f88555d0c1057bf3b82ac1e0f?arch=s390x&repository_url=registry.redhat.io/rhosdt/jaeger-operator-bundle&tag=1.47.1-14", }, }, }, { category: "product_version", name: "rhosdt/jaeger-rhel8-operator@sha256:a9173c66a6929bf5fc689bd434203155e365d23e5e9ae7666d89224ec39df975_s390x", product: { name: "rhosdt/jaeger-rhel8-operator@sha256:a9173c66a6929bf5fc689bd434203155e365d23e5e9ae7666d89224ec39df975_s390x", product_id: "rhosdt/jaeger-rhel8-operator@sha256:a9173c66a6929bf5fc689bd434203155e365d23e5e9ae7666d89224ec39df975_s390x", product_identification_helper: { purl: "pkg:oci/jaeger-rhel8-operator@sha256:a9173c66a6929bf5fc689bd434203155e365d23e5e9ae7666d89224ec39df975?arch=s390x&repository_url=registry.redhat.io/rhosdt/jaeger-rhel8-operator&tag=1.47.1-5", }, }, }, { category: "product_version", name: "rhosdt/jaeger-query-rhel8@sha256:4e62b4264b5e4c63bc7d0cecf154dd481605e1d0ff94d563e9d6a8bc43c4835a_s390x", product: { name: "rhosdt/jaeger-query-rhel8@sha256:4e62b4264b5e4c63bc7d0cecf154dd481605e1d0ff94d563e9d6a8bc43c4835a_s390x", product_id: "rhosdt/jaeger-query-rhel8@sha256:4e62b4264b5e4c63bc7d0cecf154dd481605e1d0ff94d563e9d6a8bc43c4835a_s390x", product_identification_helper: { purl: "pkg:oci/jaeger-query-rhel8@sha256:4e62b4264b5e4c63bc7d0cecf154dd481605e1d0ff94d563e9d6a8bc43c4835a?arch=s390x&repository_url=registry.redhat.io/rhosdt/jaeger-query-rhel8&tag=1.47.1-5", }, }, }, { category: "product_version", name: "rhosdt/opentelemetry-collector-rhel8@sha256:cb9a2f0df6852eb9d11deb8c4c14142bcae17a70301c55974fd0d87116814c9f_s390x", product: { name: "rhosdt/opentelemetry-collector-rhel8@sha256:cb9a2f0df6852eb9d11deb8c4c14142bcae17a70301c55974fd0d87116814c9f_s390x", product_id: "rhosdt/opentelemetry-collector-rhel8@sha256:cb9a2f0df6852eb9d11deb8c4c14142bcae17a70301c55974fd0d87116814c9f_s390x", product_identification_helper: { purl: "pkg:oci/opentelemetry-collector-rhel8@sha256:cb9a2f0df6852eb9d11deb8c4c14142bcae17a70301c55974fd0d87116814c9f?arch=s390x&repository_url=registry.redhat.io/rhosdt/opentelemetry-collector-rhel8&tag=0.81.1-5", }, }, }, { category: "product_version", name: "rhosdt/opentelemetry-operator-bundle@sha256:0ec97472d9bb1d99bfc0653194acf1b44de185a9e63756fb692acaa713ade2db_s390x", product: { name: "rhosdt/opentelemetry-operator-bundle@sha256:0ec97472d9bb1d99bfc0653194acf1b44de185a9e63756fb692acaa713ade2db_s390x", product_id: "rhosdt/opentelemetry-operator-bundle@sha256:0ec97472d9bb1d99bfc0653194acf1b44de185a9e63756fb692acaa713ade2db_s390x", product_identification_helper: { purl: "pkg:oci/opentelemetry-operator-bundle@sha256:0ec97472d9bb1d99bfc0653194acf1b44de185a9e63756fb692acaa713ade2db?arch=s390x&repository_url=registry.redhat.io/rhosdt/opentelemetry-operator-bundle&tag=0.81.1-12", }, }, }, { category: "product_version", name: "rhosdt/opentelemetry-rhel8-operator@sha256:ecead456f33621f78b97d0d151f816d39246af1ca69696616f033213791142dc_s390x", product: { name: "rhosdt/opentelemetry-rhel8-operator@sha256:ecead456f33621f78b97d0d151f816d39246af1ca69696616f033213791142dc_s390x", product_id: "rhosdt/opentelemetry-rhel8-operator@sha256:ecead456f33621f78b97d0d151f816d39246af1ca69696616f033213791142dc_s390x", product_identification_helper: { purl: "pkg:oci/opentelemetry-rhel8-operator@sha256:ecead456f33621f78b97d0d151f816d39246af1ca69696616f033213791142dc?arch=s390x&repository_url=registry.redhat.io/rhosdt/opentelemetry-rhel8-operator&tag=0.81.1-5", }, }, }, { category: "product_version", name: "rhosdt/tempo-rhel8@sha256:d557bf48ab4db2b2c98a65d1a028b7cde4363ee888c274d0629829c1b07977ef_s390x", product: { name: "rhosdt/tempo-rhel8@sha256:d557bf48ab4db2b2c98a65d1a028b7cde4363ee888c274d0629829c1b07977ef_s390x", product_id: "rhosdt/tempo-rhel8@sha256:d557bf48ab4db2b2c98a65d1a028b7cde4363ee888c274d0629829c1b07977ef_s390x", product_identification_helper: { purl: "pkg:oci/tempo-rhel8@sha256:d557bf48ab4db2b2c98a65d1a028b7cde4363ee888c274d0629829c1b07977ef?arch=s390x&repository_url=registry.redhat.io/rhosdt/tempo-rhel8&tag=2.1.1-10", }, }, }, { category: "product_version", name: "rhosdt/tempo-gateway-rhel8@sha256:ac25a060b441ba7b1a2f282083e0900f26d159a02486d85bf496c28ce61ad970_s390x", product: { name: "rhosdt/tempo-gateway-rhel8@sha256:ac25a060b441ba7b1a2f282083e0900f26d159a02486d85bf496c28ce61ad970_s390x", product_id: "rhosdt/tempo-gateway-rhel8@sha256:ac25a060b441ba7b1a2f282083e0900f26d159a02486d85bf496c28ce61ad970_s390x", product_identification_helper: { purl: "pkg:oci/tempo-gateway-rhel8@sha256:ac25a060b441ba7b1a2f282083e0900f26d159a02486d85bf496c28ce61ad970?arch=s390x&repository_url=registry.redhat.io/rhosdt/tempo-gateway-rhel8&tag=742e3d3-3", }, }, }, { category: "product_version", name: "rhosdt/tempo-gateway-opa-rhel8@sha256:ae1228eb0e7c975eeec459749408a70324245aa99fd41bce03cd9f45ceb42d0b_s390x", product: { name: "rhosdt/tempo-gateway-opa-rhel8@sha256:ae1228eb0e7c975eeec459749408a70324245aa99fd41bce03cd9f45ceb42d0b_s390x", product_id: "rhosdt/tempo-gateway-opa-rhel8@sha256:ae1228eb0e7c975eeec459749408a70324245aa99fd41bce03cd9f45ceb42d0b_s390x", product_identification_helper: { purl: "pkg:oci/tempo-gateway-opa-rhel8@sha256:ae1228eb0e7c975eeec459749408a70324245aa99fd41bce03cd9f45ceb42d0b?arch=s390x&repository_url=registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8&tag=fe53f40-2", }, }, }, { category: "product_version", name: "rhosdt/tempo-operator-bundle@sha256:a66560fd323c9cb1466ca2fede9111665cadfc1ddaf9ce28e0aad6fdddf89763_s390x", product: { name: "rhosdt/tempo-operator-bundle@sha256:a66560fd323c9cb1466ca2fede9111665cadfc1ddaf9ce28e0aad6fdddf89763_s390x", product_id: "rhosdt/tempo-operator-bundle@sha256:a66560fd323c9cb1466ca2fede9111665cadfc1ddaf9ce28e0aad6fdddf89763_s390x", product_identification_helper: { purl: "pkg:oci/tempo-operator-bundle@sha256:a66560fd323c9cb1466ca2fede9111665cadfc1ddaf9ce28e0aad6fdddf89763?arch=s390x&repository_url=registry.redhat.io/rhosdt/tempo-operator-bundle&tag=0.3.1-11", }, }, }, { category: "product_version", name: "rhosdt/tempo-rhel8-operator@sha256:e9615e41e857331edacf87fcd98ced0a50fba92757131fdb433ad3e9490e4dd7_s390x", product: { name: "rhosdt/tempo-rhel8-operator@sha256:e9615e41e857331edacf87fcd98ced0a50fba92757131fdb433ad3e9490e4dd7_s390x", product_id: "rhosdt/tempo-rhel8-operator@sha256:e9615e41e857331edacf87fcd98ced0a50fba92757131fdb433ad3e9490e4dd7_s390x", product_identification_helper: { purl: "pkg:oci/tempo-rhel8-operator@sha256:e9615e41e857331edacf87fcd98ced0a50fba92757131fdb433ad3e9490e4dd7?arch=s390x&repository_url=registry.redhat.io/rhosdt/tempo-rhel8-operator&tag=0.3.1-3", }, }, }, { category: "product_version", name: "rhosdt/tempo-query-rhel8@sha256:a602d31cee6906b1d0218de85403decb0155746990f9cd218731c7d4e717f1a1_s390x", product: { name: "rhosdt/tempo-query-rhel8@sha256:a602d31cee6906b1d0218de85403decb0155746990f9cd218731c7d4e717f1a1_s390x", product_id: "rhosdt/tempo-query-rhel8@sha256:a602d31cee6906b1d0218de85403decb0155746990f9cd218731c7d4e717f1a1_s390x", product_identification_helper: { purl: "pkg:oci/tempo-query-rhel8@sha256:a602d31cee6906b1d0218de85403decb0155746990f9cd218731c7d4e717f1a1?arch=s390x&repository_url=registry.redhat.io/rhosdt/tempo-query-rhel8&tag=0.3.1-4", }, }, }, ], category: "architecture", name: "s390x", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "rhosdt/jaeger-agent-rhel8@sha256:2619637d44fd87e5c07301de93841899fffc109dcfaff59d56349cedc208a679_s390x as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:2619637d44fd87e5c07301de93841899fffc109dcfaff59d56349cedc208a679_s390x", }, product_reference: "rhosdt/jaeger-agent-rhel8@sha256:2619637d44fd87e5c07301de93841899fffc109dcfaff59d56349cedc208a679_s390x", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/jaeger-agent-rhel8@sha256:7ebe5c551baccd151d6ef2120eb7009570b33647bfd6332320dfa0f5f661ed8a_amd64 as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:7ebe5c551baccd151d6ef2120eb7009570b33647bfd6332320dfa0f5f661ed8a_amd64", }, product_reference: "rhosdt/jaeger-agent-rhel8@sha256:7ebe5c551baccd151d6ef2120eb7009570b33647bfd6332320dfa0f5f661ed8a_amd64", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/jaeger-agent-rhel8@sha256:952f7701d0c1d8ac9c01c0b2ff9d28a4dad480fd34e68eef162e41b5bb0a17e1_ppc64le as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:952f7701d0c1d8ac9c01c0b2ff9d28a4dad480fd34e68eef162e41b5bb0a17e1_ppc64le", }, product_reference: "rhosdt/jaeger-agent-rhel8@sha256:952f7701d0c1d8ac9c01c0b2ff9d28a4dad480fd34e68eef162e41b5bb0a17e1_ppc64le", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/jaeger-all-in-one-rhel8@sha256:16934a17528d69fb0d39f605364fbc012a3e4d7401df45c91c995ac8ef9ed920_ppc64le as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:16934a17528d69fb0d39f605364fbc012a3e4d7401df45c91c995ac8ef9ed920_ppc64le", }, product_reference: "rhosdt/jaeger-all-in-one-rhel8@sha256:16934a17528d69fb0d39f605364fbc012a3e4d7401df45c91c995ac8ef9ed920_ppc64le", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/jaeger-all-in-one-rhel8@sha256:bb3e6e3b54c116d45c23154b3f3bd122a99a62ceb4499cd56774f1e0cec1c214_amd64 as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:bb3e6e3b54c116d45c23154b3f3bd122a99a62ceb4499cd56774f1e0cec1c214_amd64", }, product_reference: "rhosdt/jaeger-all-in-one-rhel8@sha256:bb3e6e3b54c116d45c23154b3f3bd122a99a62ceb4499cd56774f1e0cec1c214_amd64", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/jaeger-all-in-one-rhel8@sha256:f99bb528c12edb65c36659a0a5d59d7a76449ce9649bf7c5be7b273f8485fc25_s390x as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:f99bb528c12edb65c36659a0a5d59d7a76449ce9649bf7c5be7b273f8485fc25_s390x", }, product_reference: "rhosdt/jaeger-all-in-one-rhel8@sha256:f99bb528c12edb65c36659a0a5d59d7a76449ce9649bf7c5be7b273f8485fc25_s390x", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/jaeger-collector-rhel8@sha256:467961ec80abc54ee85939f0287041223b181bb7c9a622b556785ff1dd8119f5_ppc64le as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:467961ec80abc54ee85939f0287041223b181bb7c9a622b556785ff1dd8119f5_ppc64le", }, product_reference: "rhosdt/jaeger-collector-rhel8@sha256:467961ec80abc54ee85939f0287041223b181bb7c9a622b556785ff1dd8119f5_ppc64le", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/jaeger-collector-rhel8@sha256:a7e722132e7a538443f59788b82edcc52f5ec22e9343725c4401c9bdf7093b9a_s390x as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:a7e722132e7a538443f59788b82edcc52f5ec22e9343725c4401c9bdf7093b9a_s390x", }, product_reference: "rhosdt/jaeger-collector-rhel8@sha256:a7e722132e7a538443f59788b82edcc52f5ec22e9343725c4401c9bdf7093b9a_s390x", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/jaeger-collector-rhel8@sha256:df8436011b04ced795985116fff8eb5cc0009f0002ce9c000f9db741980b5a72_amd64 as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:df8436011b04ced795985116fff8eb5cc0009f0002ce9c000f9db741980b5a72_amd64", }, product_reference: "rhosdt/jaeger-collector-rhel8@sha256:df8436011b04ced795985116fff8eb5cc0009f0002ce9c000f9db741980b5a72_amd64", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/jaeger-es-index-cleaner-rhel8@sha256:43f26cad1cd0ea7e5ac2e605077302473382ab85b3f8da72e49c4dd06114dab2_ppc64le as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:43f26cad1cd0ea7e5ac2e605077302473382ab85b3f8da72e49c4dd06114dab2_ppc64le", }, product_reference: "rhosdt/jaeger-es-index-cleaner-rhel8@sha256:43f26cad1cd0ea7e5ac2e605077302473382ab85b3f8da72e49c4dd06114dab2_ppc64le", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/jaeger-es-index-cleaner-rhel8@sha256:b0a3660137670fedc4e56ca656d56fb739c2fa48d9d0cf5f66fd150bd61365d5_s390x as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:b0a3660137670fedc4e56ca656d56fb739c2fa48d9d0cf5f66fd150bd61365d5_s390x", }, product_reference: "rhosdt/jaeger-es-index-cleaner-rhel8@sha256:b0a3660137670fedc4e56ca656d56fb739c2fa48d9d0cf5f66fd150bd61365d5_s390x", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c3883a6c2f828592783cd1cd336c23a29245e9c45b10dd2b6d1aa8b86a670c31_amd64 as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c3883a6c2f828592783cd1cd336c23a29245e9c45b10dd2b6d1aa8b86a670c31_amd64", }, product_reference: "rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c3883a6c2f828592783cd1cd336c23a29245e9c45b10dd2b6d1aa8b86a670c31_amd64", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/jaeger-es-rollover-rhel8@sha256:0c8511e092b0138282ce3997cf06d8ba5995b9aa17aa436bcb3eacad910ff54d_ppc64le as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:0c8511e092b0138282ce3997cf06d8ba5995b9aa17aa436bcb3eacad910ff54d_ppc64le", }, product_reference: "rhosdt/jaeger-es-rollover-rhel8@sha256:0c8511e092b0138282ce3997cf06d8ba5995b9aa17aa436bcb3eacad910ff54d_ppc64le", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/jaeger-es-rollover-rhel8@sha256:5068337fc3ab78c2bed33b7eb0f1c1cf67c753a00c006e945aded3ecad884edc_s390x as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:5068337fc3ab78c2bed33b7eb0f1c1cf67c753a00c006e945aded3ecad884edc_s390x", }, product_reference: "rhosdt/jaeger-es-rollover-rhel8@sha256:5068337fc3ab78c2bed33b7eb0f1c1cf67c753a00c006e945aded3ecad884edc_s390x", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/jaeger-es-rollover-rhel8@sha256:ba453c045a93b2ac9e9a820ca616ea4af912972a99a5e4b07135658f1ddc752d_amd64 as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:ba453c045a93b2ac9e9a820ca616ea4af912972a99a5e4b07135658f1ddc752d_amd64", }, product_reference: "rhosdt/jaeger-es-rollover-rhel8@sha256:ba453c045a93b2ac9e9a820ca616ea4af912972a99a5e4b07135658f1ddc752d_amd64", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/jaeger-ingester-rhel8@sha256:8341ef7ade15d0f823fb0ef8d1d2e2aab3f6078feae7a341a2f7b4c6bd94fba1_ppc64le as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:8341ef7ade15d0f823fb0ef8d1d2e2aab3f6078feae7a341a2f7b4c6bd94fba1_ppc64le", }, product_reference: "rhosdt/jaeger-ingester-rhel8@sha256:8341ef7ade15d0f823fb0ef8d1d2e2aab3f6078feae7a341a2f7b4c6bd94fba1_ppc64le", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/jaeger-ingester-rhel8@sha256:f117be17c9d1713db3719e4e1a7eb3b4697f9c12ac176c311b4c5d6ee27e59f9_s390x as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:f117be17c9d1713db3719e4e1a7eb3b4697f9c12ac176c311b4c5d6ee27e59f9_s390x", }, product_reference: "rhosdt/jaeger-ingester-rhel8@sha256:f117be17c9d1713db3719e4e1a7eb3b4697f9c12ac176c311b4c5d6ee27e59f9_s390x", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/jaeger-ingester-rhel8@sha256:f72338e446068e2487de8f6eb2249a69e27f24523a771e8aba0fcc2fbf263fe8_amd64 as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:f72338e446068e2487de8f6eb2249a69e27f24523a771e8aba0fcc2fbf263fe8_amd64", }, product_reference: "rhosdt/jaeger-ingester-rhel8@sha256:f72338e446068e2487de8f6eb2249a69e27f24523a771e8aba0fcc2fbf263fe8_amd64", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/jaeger-operator-bundle@sha256:5dfb4b1c8b7c835e0c493927cb5c22bc68989244e49e284f90a063d54c6d1aa9_amd64 as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:5dfb4b1c8b7c835e0c493927cb5c22bc68989244e49e284f90a063d54c6d1aa9_amd64", }, product_reference: "rhosdt/jaeger-operator-bundle@sha256:5dfb4b1c8b7c835e0c493927cb5c22bc68989244e49e284f90a063d54c6d1aa9_amd64", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/jaeger-operator-bundle@sha256:a59c693b975fad667a6cfebed3e2cf564419baf0a10aa27b71a22581b789dc10_ppc64le as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:a59c693b975fad667a6cfebed3e2cf564419baf0a10aa27b71a22581b789dc10_ppc64le", }, product_reference: "rhosdt/jaeger-operator-bundle@sha256:a59c693b975fad667a6cfebed3e2cf564419baf0a10aa27b71a22581b789dc10_ppc64le", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/jaeger-operator-bundle@sha256:bf2cc048dd6e18cb05a17a6de1e45cabd734af0f88555d0c1057bf3b82ac1e0f_s390x as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:bf2cc048dd6e18cb05a17a6de1e45cabd734af0f88555d0c1057bf3b82ac1e0f_s390x", }, product_reference: "rhosdt/jaeger-operator-bundle@sha256:bf2cc048dd6e18cb05a17a6de1e45cabd734af0f88555d0c1057bf3b82ac1e0f_s390x", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/jaeger-query-rhel8@sha256:4da3891b6d4df60dc7e0248bbb543d8363d32671bc3b0eb1671468dd4d3b7ebe_ppc64le as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:4da3891b6d4df60dc7e0248bbb543d8363d32671bc3b0eb1671468dd4d3b7ebe_ppc64le", }, product_reference: "rhosdt/jaeger-query-rhel8@sha256:4da3891b6d4df60dc7e0248bbb543d8363d32671bc3b0eb1671468dd4d3b7ebe_ppc64le", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/jaeger-query-rhel8@sha256:4e62b4264b5e4c63bc7d0cecf154dd481605e1d0ff94d563e9d6a8bc43c4835a_s390x as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:4e62b4264b5e4c63bc7d0cecf154dd481605e1d0ff94d563e9d6a8bc43c4835a_s390x", }, product_reference: "rhosdt/jaeger-query-rhel8@sha256:4e62b4264b5e4c63bc7d0cecf154dd481605e1d0ff94d563e9d6a8bc43c4835a_s390x", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/jaeger-query-rhel8@sha256:d9adfa493c64269d2ce744572d9a4c230e8a7c2503a35dbb3df5346e52a6dd2c_amd64 as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:d9adfa493c64269d2ce744572d9a4c230e8a7c2503a35dbb3df5346e52a6dd2c_amd64", }, product_reference: "rhosdt/jaeger-query-rhel8@sha256:d9adfa493c64269d2ce744572d9a4c230e8a7c2503a35dbb3df5346e52a6dd2c_amd64", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/jaeger-rhel8-operator@sha256:9198140a0252287e5114e04b97d5454227b51bac8fa4411dea1b0d0843f3c668_amd64 as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:9198140a0252287e5114e04b97d5454227b51bac8fa4411dea1b0d0843f3c668_amd64", }, product_reference: "rhosdt/jaeger-rhel8-operator@sha256:9198140a0252287e5114e04b97d5454227b51bac8fa4411dea1b0d0843f3c668_amd64", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/jaeger-rhel8-operator@sha256:a9173c66a6929bf5fc689bd434203155e365d23e5e9ae7666d89224ec39df975_s390x as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:a9173c66a6929bf5fc689bd434203155e365d23e5e9ae7666d89224ec39df975_s390x", }, product_reference: "rhosdt/jaeger-rhel8-operator@sha256:a9173c66a6929bf5fc689bd434203155e365d23e5e9ae7666d89224ec39df975_s390x", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/jaeger-rhel8-operator@sha256:e50b850a731b7ab45345ab4e9495e4806ac0c6f8ba9ae13b83673a3b06a014f9_ppc64le as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:e50b850a731b7ab45345ab4e9495e4806ac0c6f8ba9ae13b83673a3b06a014f9_ppc64le", }, product_reference: "rhosdt/jaeger-rhel8-operator@sha256:e50b850a731b7ab45345ab4e9495e4806ac0c6f8ba9ae13b83673a3b06a014f9_ppc64le", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/opentelemetry-collector-rhel8@sha256:2adc2877050289ee2568c4f03ce171dc2c30bf86976fcc63c09bd0bf18b92cc4_amd64 as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:2adc2877050289ee2568c4f03ce171dc2c30bf86976fcc63c09bd0bf18b92cc4_amd64", }, product_reference: "rhosdt/opentelemetry-collector-rhel8@sha256:2adc2877050289ee2568c4f03ce171dc2c30bf86976fcc63c09bd0bf18b92cc4_amd64", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/opentelemetry-collector-rhel8@sha256:73017b0ad2d4ea26900253abdc9a62d55a40ff04905a391e91610ad7a9d762d3_ppc64le as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:73017b0ad2d4ea26900253abdc9a62d55a40ff04905a391e91610ad7a9d762d3_ppc64le", }, product_reference: "rhosdt/opentelemetry-collector-rhel8@sha256:73017b0ad2d4ea26900253abdc9a62d55a40ff04905a391e91610ad7a9d762d3_ppc64le", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/opentelemetry-collector-rhel8@sha256:cb9a2f0df6852eb9d11deb8c4c14142bcae17a70301c55974fd0d87116814c9f_s390x as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:cb9a2f0df6852eb9d11deb8c4c14142bcae17a70301c55974fd0d87116814c9f_s390x", }, product_reference: "rhosdt/opentelemetry-collector-rhel8@sha256:cb9a2f0df6852eb9d11deb8c4c14142bcae17a70301c55974fd0d87116814c9f_s390x", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/opentelemetry-operator-bundle@sha256:0ec97472d9bb1d99bfc0653194acf1b44de185a9e63756fb692acaa713ade2db_s390x as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:0ec97472d9bb1d99bfc0653194acf1b44de185a9e63756fb692acaa713ade2db_s390x", }, product_reference: "rhosdt/opentelemetry-operator-bundle@sha256:0ec97472d9bb1d99bfc0653194acf1b44de185a9e63756fb692acaa713ade2db_s390x", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/opentelemetry-operator-bundle@sha256:33f921009c9baaf82d3d10406073e9da9b31540d6b3b421c7a3659e2d8310179_ppc64le as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:33f921009c9baaf82d3d10406073e9da9b31540d6b3b421c7a3659e2d8310179_ppc64le", }, product_reference: "rhosdt/opentelemetry-operator-bundle@sha256:33f921009c9baaf82d3d10406073e9da9b31540d6b3b421c7a3659e2d8310179_ppc64le", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/opentelemetry-operator-bundle@sha256:eaa126d86aecf2bd330f2234104a905a71ab280a4d74a2614d98daaf13e821e2_amd64 as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:eaa126d86aecf2bd330f2234104a905a71ab280a4d74a2614d98daaf13e821e2_amd64", }, product_reference: "rhosdt/opentelemetry-operator-bundle@sha256:eaa126d86aecf2bd330f2234104a905a71ab280a4d74a2614d98daaf13e821e2_amd64", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/opentelemetry-rhel8-operator@sha256:746f118b9224ba6a175526f265d956ae8ce6c7c170db2217bd34b028f03999af_amd64 as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:746f118b9224ba6a175526f265d956ae8ce6c7c170db2217bd34b028f03999af_amd64", }, product_reference: "rhosdt/opentelemetry-rhel8-operator@sha256:746f118b9224ba6a175526f265d956ae8ce6c7c170db2217bd34b028f03999af_amd64", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/opentelemetry-rhel8-operator@sha256:8a237928d7c059ecd5d1f3aad89ab094a73452e221c133cd9c5c7689db9b87bf_ppc64le as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:8a237928d7c059ecd5d1f3aad89ab094a73452e221c133cd9c5c7689db9b87bf_ppc64le", }, product_reference: "rhosdt/opentelemetry-rhel8-operator@sha256:8a237928d7c059ecd5d1f3aad89ab094a73452e221c133cd9c5c7689db9b87bf_ppc64le", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/opentelemetry-rhel8-operator@sha256:ecead456f33621f78b97d0d151f816d39246af1ca69696616f033213791142dc_s390x as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:ecead456f33621f78b97d0d151f816d39246af1ca69696616f033213791142dc_s390x", }, product_reference: "rhosdt/opentelemetry-rhel8-operator@sha256:ecead456f33621f78b97d0d151f816d39246af1ca69696616f033213791142dc_s390x", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/tempo-gateway-opa-rhel8@sha256:ae1228eb0e7c975eeec459749408a70324245aa99fd41bce03cd9f45ceb42d0b_s390x as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:ae1228eb0e7c975eeec459749408a70324245aa99fd41bce03cd9f45ceb42d0b_s390x", }, product_reference: "rhosdt/tempo-gateway-opa-rhel8@sha256:ae1228eb0e7c975eeec459749408a70324245aa99fd41bce03cd9f45ceb42d0b_s390x", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/tempo-gateway-opa-rhel8@sha256:cbad12c58f243298974f51d2278730feb5fbb74cdc6de409dd0578794ab6c1a4_ppc64le as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:cbad12c58f243298974f51d2278730feb5fbb74cdc6de409dd0578794ab6c1a4_ppc64le", }, product_reference: "rhosdt/tempo-gateway-opa-rhel8@sha256:cbad12c58f243298974f51d2278730feb5fbb74cdc6de409dd0578794ab6c1a4_ppc64le", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/tempo-gateway-opa-rhel8@sha256:dd22e49f8d5aa7f009169aec3c43e68307e0842cde9260a70dd424159e61c89d_amd64 as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:dd22e49f8d5aa7f009169aec3c43e68307e0842cde9260a70dd424159e61c89d_amd64", }, product_reference: "rhosdt/tempo-gateway-opa-rhel8@sha256:dd22e49f8d5aa7f009169aec3c43e68307e0842cde9260a70dd424159e61c89d_amd64", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/tempo-gateway-rhel8@sha256:3c15440847fbc38023d590dd5f93ee524f53e2999c4483cfb3ba9bbf6bba904f_ppc64le as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:3c15440847fbc38023d590dd5f93ee524f53e2999c4483cfb3ba9bbf6bba904f_ppc64le", }, product_reference: "rhosdt/tempo-gateway-rhel8@sha256:3c15440847fbc38023d590dd5f93ee524f53e2999c4483cfb3ba9bbf6bba904f_ppc64le", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/tempo-gateway-rhel8@sha256:9e9d91554f5edb5a3e00f2a294056bb540ed1597fc8af5d44432ce81d54bf977_amd64 as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:9e9d91554f5edb5a3e00f2a294056bb540ed1597fc8af5d44432ce81d54bf977_amd64", }, product_reference: "rhosdt/tempo-gateway-rhel8@sha256:9e9d91554f5edb5a3e00f2a294056bb540ed1597fc8af5d44432ce81d54bf977_amd64", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/tempo-gateway-rhel8@sha256:ac25a060b441ba7b1a2f282083e0900f26d159a02486d85bf496c28ce61ad970_s390x as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:ac25a060b441ba7b1a2f282083e0900f26d159a02486d85bf496c28ce61ad970_s390x", }, product_reference: "rhosdt/tempo-gateway-rhel8@sha256:ac25a060b441ba7b1a2f282083e0900f26d159a02486d85bf496c28ce61ad970_s390x", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/tempo-operator-bundle@sha256:6df979ecc2195ddd8c1b84a0355fa4df58cf55c34f0b07669659d72501a701d4_ppc64le as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:6df979ecc2195ddd8c1b84a0355fa4df58cf55c34f0b07669659d72501a701d4_ppc64le", }, product_reference: "rhosdt/tempo-operator-bundle@sha256:6df979ecc2195ddd8c1b84a0355fa4df58cf55c34f0b07669659d72501a701d4_ppc64le", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/tempo-operator-bundle@sha256:a66560fd323c9cb1466ca2fede9111665cadfc1ddaf9ce28e0aad6fdddf89763_s390x as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:a66560fd323c9cb1466ca2fede9111665cadfc1ddaf9ce28e0aad6fdddf89763_s390x", }, product_reference: "rhosdt/tempo-operator-bundle@sha256:a66560fd323c9cb1466ca2fede9111665cadfc1ddaf9ce28e0aad6fdddf89763_s390x", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/tempo-operator-bundle@sha256:b6ec1460415bf8c69d82cf9267494dc5445242b6a0957318eae5bf333693cb2e_amd64 as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:b6ec1460415bf8c69d82cf9267494dc5445242b6a0957318eae5bf333693cb2e_amd64", }, product_reference: "rhosdt/tempo-operator-bundle@sha256:b6ec1460415bf8c69d82cf9267494dc5445242b6a0957318eae5bf333693cb2e_amd64", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/tempo-query-rhel8@sha256:0d51e3a8b92cab3b8f5221fc076b2079a68e7ba75f7f3ecb9322fe7ba77e862f_ppc64le as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:0d51e3a8b92cab3b8f5221fc076b2079a68e7ba75f7f3ecb9322fe7ba77e862f_ppc64le", }, product_reference: "rhosdt/tempo-query-rhel8@sha256:0d51e3a8b92cab3b8f5221fc076b2079a68e7ba75f7f3ecb9322fe7ba77e862f_ppc64le", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/tempo-query-rhel8@sha256:a602d31cee6906b1d0218de85403decb0155746990f9cd218731c7d4e717f1a1_s390x as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:a602d31cee6906b1d0218de85403decb0155746990f9cd218731c7d4e717f1a1_s390x", }, product_reference: "rhosdt/tempo-query-rhel8@sha256:a602d31cee6906b1d0218de85403decb0155746990f9cd218731c7d4e717f1a1_s390x", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/tempo-query-rhel8@sha256:b903b41e1096a25b53c5272c8457baa352e2c83fa997852d4a8ed614e2c02802_amd64 as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:b903b41e1096a25b53c5272c8457baa352e2c83fa997852d4a8ed614e2c02802_amd64", }, product_reference: "rhosdt/tempo-query-rhel8@sha256:b903b41e1096a25b53c5272c8457baa352e2c83fa997852d4a8ed614e2c02802_amd64", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/tempo-rhel8-operator@sha256:5aee6e4bfecba226d276b95c62a68a1b6d513d60c9c8aff84752725e6c01b8c0_ppc64le as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:5aee6e4bfecba226d276b95c62a68a1b6d513d60c9c8aff84752725e6c01b8c0_ppc64le", }, product_reference: "rhosdt/tempo-rhel8-operator@sha256:5aee6e4bfecba226d276b95c62a68a1b6d513d60c9c8aff84752725e6c01b8c0_ppc64le", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/tempo-rhel8-operator@sha256:a18638de4d39738b696f044e0d181fdeaf82499f2a2b4b46c07675db5fbe8c3f_amd64 as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:a18638de4d39738b696f044e0d181fdeaf82499f2a2b4b46c07675db5fbe8c3f_amd64", }, product_reference: "rhosdt/tempo-rhel8-operator@sha256:a18638de4d39738b696f044e0d181fdeaf82499f2a2b4b46c07675db5fbe8c3f_amd64", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/tempo-rhel8-operator@sha256:e9615e41e857331edacf87fcd98ced0a50fba92757131fdb433ad3e9490e4dd7_s390x as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:e9615e41e857331edacf87fcd98ced0a50fba92757131fdb433ad3e9490e4dd7_s390x", }, product_reference: "rhosdt/tempo-rhel8-operator@sha256:e9615e41e857331edacf87fcd98ced0a50fba92757131fdb433ad3e9490e4dd7_s390x", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/tempo-rhel8@sha256:29200f7311b63df76f6723878e4a8e2c315376b421e4e5febe2323a926d48594_amd64 as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:29200f7311b63df76f6723878e4a8e2c315376b421e4e5febe2323a926d48594_amd64", }, product_reference: "rhosdt/tempo-rhel8@sha256:29200f7311b63df76f6723878e4a8e2c315376b421e4e5febe2323a926d48594_amd64", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/tempo-rhel8@sha256:42c59f6a87c791fd6a3e829af331e2c5778612f503b402c0a08278cc9dc09ef7_ppc64le as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:42c59f6a87c791fd6a3e829af331e2c5778612f503b402c0a08278cc9dc09ef7_ppc64le", }, product_reference: "rhosdt/tempo-rhel8@sha256:42c59f6a87c791fd6a3e829af331e2c5778612f503b402c0a08278cc9dc09ef7_ppc64le", relates_to_product_reference: "8Base-RHOSDT-2.9", }, { category: "default_component_of", full_product_name: { name: "rhosdt/tempo-rhel8@sha256:d557bf48ab4db2b2c98a65d1a028b7cde4363ee888c274d0629829c1b07977ef_s390x as a component of Red Hat OpenShift distributed tracing 2.9", product_id: "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:d557bf48ab4db2b2c98a65d1a028b7cde4363ee888c274d0629829c1b07977ef_s390x", }, product_reference: "rhosdt/tempo-rhel8@sha256:d557bf48ab4db2b2c98a65d1a028b7cde4363ee888c274d0629829c1b07977ef_s390x", relates_to_product_reference: "8Base-RHOSDT-2.9", }, ], }, vulnerabilities: [ { cve: "CVE-2023-46234", cwe: { id: "CWE-347", name: "Improper Verification of Cryptographic Signature", }, discovery_date: "2023-10-27T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2246470", }, ], notes: [ { category: "description", text: "A flaw was found in browserify-sign node package. This issue may allow a malicious user to execute a signature forgery attack by not correctly checking cryptographic signatures for DSA data, resulting in a jeopardized environment.", title: "Vulnerability description", }, { category: "summary", text: "browserify-sign: upper bound check issue in dsaVerify leads to a signature forgery attack", title: "Vulnerability summary", }, { category: "other", text: "An attacker could impact the integrity of a server when handling unknown input due to the lack of DSA verification, for example, pretending to be a legitimate user, gaining unauthorized access. Therefore, the impact for this vulnerability is important.\n\nRed Hat Fuse 7 uses browserify-sign as a transitive development dependency, hence the Low impact.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:2619637d44fd87e5c07301de93841899fffc109dcfaff59d56349cedc208a679_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:7ebe5c551baccd151d6ef2120eb7009570b33647bfd6332320dfa0f5f661ed8a_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:952f7701d0c1d8ac9c01c0b2ff9d28a4dad480fd34e68eef162e41b5bb0a17e1_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:16934a17528d69fb0d39f605364fbc012a3e4d7401df45c91c995ac8ef9ed920_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:bb3e6e3b54c116d45c23154b3f3bd122a99a62ceb4499cd56774f1e0cec1c214_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:f99bb528c12edb65c36659a0a5d59d7a76449ce9649bf7c5be7b273f8485fc25_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:467961ec80abc54ee85939f0287041223b181bb7c9a622b556785ff1dd8119f5_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:a7e722132e7a538443f59788b82edcc52f5ec22e9343725c4401c9bdf7093b9a_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:df8436011b04ced795985116fff8eb5cc0009f0002ce9c000f9db741980b5a72_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:43f26cad1cd0ea7e5ac2e605077302473382ab85b3f8da72e49c4dd06114dab2_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:b0a3660137670fedc4e56ca656d56fb739c2fa48d9d0cf5f66fd150bd61365d5_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c3883a6c2f828592783cd1cd336c23a29245e9c45b10dd2b6d1aa8b86a670c31_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:0c8511e092b0138282ce3997cf06d8ba5995b9aa17aa436bcb3eacad910ff54d_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:5068337fc3ab78c2bed33b7eb0f1c1cf67c753a00c006e945aded3ecad884edc_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:ba453c045a93b2ac9e9a820ca616ea4af912972a99a5e4b07135658f1ddc752d_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:8341ef7ade15d0f823fb0ef8d1d2e2aab3f6078feae7a341a2f7b4c6bd94fba1_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:f117be17c9d1713db3719e4e1a7eb3b4697f9c12ac176c311b4c5d6ee27e59f9_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:f72338e446068e2487de8f6eb2249a69e27f24523a771e8aba0fcc2fbf263fe8_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:5dfb4b1c8b7c835e0c493927cb5c22bc68989244e49e284f90a063d54c6d1aa9_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:a59c693b975fad667a6cfebed3e2cf564419baf0a10aa27b71a22581b789dc10_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:bf2cc048dd6e18cb05a17a6de1e45cabd734af0f88555d0c1057bf3b82ac1e0f_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:4da3891b6d4df60dc7e0248bbb543d8363d32671bc3b0eb1671468dd4d3b7ebe_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:4e62b4264b5e4c63bc7d0cecf154dd481605e1d0ff94d563e9d6a8bc43c4835a_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:d9adfa493c64269d2ce744572d9a4c230e8a7c2503a35dbb3df5346e52a6dd2c_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:9198140a0252287e5114e04b97d5454227b51bac8fa4411dea1b0d0843f3c668_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:a9173c66a6929bf5fc689bd434203155e365d23e5e9ae7666d89224ec39df975_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:e50b850a731b7ab45345ab4e9495e4806ac0c6f8ba9ae13b83673a3b06a014f9_ppc64le", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:2adc2877050289ee2568c4f03ce171dc2c30bf86976fcc63c09bd0bf18b92cc4_amd64", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:73017b0ad2d4ea26900253abdc9a62d55a40ff04905a391e91610ad7a9d762d3_ppc64le", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:cb9a2f0df6852eb9d11deb8c4c14142bcae17a70301c55974fd0d87116814c9f_s390x", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:0ec97472d9bb1d99bfc0653194acf1b44de185a9e63756fb692acaa713ade2db_s390x", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:33f921009c9baaf82d3d10406073e9da9b31540d6b3b421c7a3659e2d8310179_ppc64le", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:eaa126d86aecf2bd330f2234104a905a71ab280a4d74a2614d98daaf13e821e2_amd64", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:746f118b9224ba6a175526f265d956ae8ce6c7c170db2217bd34b028f03999af_amd64", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:8a237928d7c059ecd5d1f3aad89ab094a73452e221c133cd9c5c7689db9b87bf_ppc64le", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:ecead456f33621f78b97d0d151f816d39246af1ca69696616f033213791142dc_s390x", "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:ae1228eb0e7c975eeec459749408a70324245aa99fd41bce03cd9f45ceb42d0b_s390x", "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:cbad12c58f243298974f51d2278730feb5fbb74cdc6de409dd0578794ab6c1a4_ppc64le", "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:dd22e49f8d5aa7f009169aec3c43e68307e0842cde9260a70dd424159e61c89d_amd64", "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:3c15440847fbc38023d590dd5f93ee524f53e2999c4483cfb3ba9bbf6bba904f_ppc64le", "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:9e9d91554f5edb5a3e00f2a294056bb540ed1597fc8af5d44432ce81d54bf977_amd64", "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:ac25a060b441ba7b1a2f282083e0900f26d159a02486d85bf496c28ce61ad970_s390x", "8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:6df979ecc2195ddd8c1b84a0355fa4df58cf55c34f0b07669659d72501a701d4_ppc64le", "8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:a66560fd323c9cb1466ca2fede9111665cadfc1ddaf9ce28e0aad6fdddf89763_s390x", "8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:b6ec1460415bf8c69d82cf9267494dc5445242b6a0957318eae5bf333693cb2e_amd64", "8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:0d51e3a8b92cab3b8f5221fc076b2079a68e7ba75f7f3ecb9322fe7ba77e862f_ppc64le", "8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:a602d31cee6906b1d0218de85403decb0155746990f9cd218731c7d4e717f1a1_s390x", "8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:b903b41e1096a25b53c5272c8457baa352e2c83fa997852d4a8ed614e2c02802_amd64", "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:5aee6e4bfecba226d276b95c62a68a1b6d513d60c9c8aff84752725e6c01b8c0_ppc64le", "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:a18638de4d39738b696f044e0d181fdeaf82499f2a2b4b46c07675db5fbe8c3f_amd64", "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:e9615e41e857331edacf87fcd98ced0a50fba92757131fdb433ad3e9490e4dd7_s390x", "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:29200f7311b63df76f6723878e4a8e2c315376b421e4e5febe2323a926d48594_amd64", "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:42c59f6a87c791fd6a3e829af331e2c5778612f503b402c0a08278cc9dc09ef7_ppc64le", "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:d557bf48ab4db2b2c98a65d1a028b7cde4363ee888c274d0629829c1b07977ef_s390x", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-46234", }, { category: "external", summary: "RHBZ#2246470", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2246470", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-46234", url: "https://www.cve.org/CVERecord?id=CVE-2023-46234", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-46234", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-46234", }, { category: "external", summary: "https://github.com/browserify/browserify-sign/security/advisories/GHSA-x9w5-v3q2-3rhw", url: "https://github.com/browserify/browserify-sign/security/advisories/GHSA-x9w5-v3q2-3rhw", }, ], release_date: "2023-10-26T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-10-30T12:53:43+00:00", details: "To update all RPMs for your particular architecture, run:\n\nrpm -Fvh [filenames]\n\nwhere [filenames] is a list of the RPMs you wish to upgrade. Only those RPMs which are currently installed will be updated. Those RPMs which are\nnot installed but included in the list will not be updated. Note that you can also use wildcards (*.rpm) if your current directory *only* contains the desired RPMs.\n\nPlease note that this update is also available via Red Hat Network. Many people find this an easier way to apply updates. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate RPMs being upgraded on your system.", product_ids: [ "8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:2619637d44fd87e5c07301de93841899fffc109dcfaff59d56349cedc208a679_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:7ebe5c551baccd151d6ef2120eb7009570b33647bfd6332320dfa0f5f661ed8a_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:952f7701d0c1d8ac9c01c0b2ff9d28a4dad480fd34e68eef162e41b5bb0a17e1_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:16934a17528d69fb0d39f605364fbc012a3e4d7401df45c91c995ac8ef9ed920_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:bb3e6e3b54c116d45c23154b3f3bd122a99a62ceb4499cd56774f1e0cec1c214_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:f99bb528c12edb65c36659a0a5d59d7a76449ce9649bf7c5be7b273f8485fc25_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:467961ec80abc54ee85939f0287041223b181bb7c9a622b556785ff1dd8119f5_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:a7e722132e7a538443f59788b82edcc52f5ec22e9343725c4401c9bdf7093b9a_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:df8436011b04ced795985116fff8eb5cc0009f0002ce9c000f9db741980b5a72_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:43f26cad1cd0ea7e5ac2e605077302473382ab85b3f8da72e49c4dd06114dab2_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:b0a3660137670fedc4e56ca656d56fb739c2fa48d9d0cf5f66fd150bd61365d5_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c3883a6c2f828592783cd1cd336c23a29245e9c45b10dd2b6d1aa8b86a670c31_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:0c8511e092b0138282ce3997cf06d8ba5995b9aa17aa436bcb3eacad910ff54d_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:5068337fc3ab78c2bed33b7eb0f1c1cf67c753a00c006e945aded3ecad884edc_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:ba453c045a93b2ac9e9a820ca616ea4af912972a99a5e4b07135658f1ddc752d_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:8341ef7ade15d0f823fb0ef8d1d2e2aab3f6078feae7a341a2f7b4c6bd94fba1_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:f117be17c9d1713db3719e4e1a7eb3b4697f9c12ac176c311b4c5d6ee27e59f9_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:f72338e446068e2487de8f6eb2249a69e27f24523a771e8aba0fcc2fbf263fe8_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:5dfb4b1c8b7c835e0c493927cb5c22bc68989244e49e284f90a063d54c6d1aa9_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:a59c693b975fad667a6cfebed3e2cf564419baf0a10aa27b71a22581b789dc10_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:bf2cc048dd6e18cb05a17a6de1e45cabd734af0f88555d0c1057bf3b82ac1e0f_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:4da3891b6d4df60dc7e0248bbb543d8363d32671bc3b0eb1671468dd4d3b7ebe_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:4e62b4264b5e4c63bc7d0cecf154dd481605e1d0ff94d563e9d6a8bc43c4835a_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:d9adfa493c64269d2ce744572d9a4c230e8a7c2503a35dbb3df5346e52a6dd2c_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:9198140a0252287e5114e04b97d5454227b51bac8fa4411dea1b0d0843f3c668_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:a9173c66a6929bf5fc689bd434203155e365d23e5e9ae7666d89224ec39df975_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:e50b850a731b7ab45345ab4e9495e4806ac0c6f8ba9ae13b83673a3b06a014f9_ppc64le", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:2adc2877050289ee2568c4f03ce171dc2c30bf86976fcc63c09bd0bf18b92cc4_amd64", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:73017b0ad2d4ea26900253abdc9a62d55a40ff04905a391e91610ad7a9d762d3_ppc64le", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:cb9a2f0df6852eb9d11deb8c4c14142bcae17a70301c55974fd0d87116814c9f_s390x", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:0ec97472d9bb1d99bfc0653194acf1b44de185a9e63756fb692acaa713ade2db_s390x", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:33f921009c9baaf82d3d10406073e9da9b31540d6b3b421c7a3659e2d8310179_ppc64le", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:eaa126d86aecf2bd330f2234104a905a71ab280a4d74a2614d98daaf13e821e2_amd64", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:746f118b9224ba6a175526f265d956ae8ce6c7c170db2217bd34b028f03999af_amd64", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:8a237928d7c059ecd5d1f3aad89ab094a73452e221c133cd9c5c7689db9b87bf_ppc64le", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:ecead456f33621f78b97d0d151f816d39246af1ca69696616f033213791142dc_s390x", "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:ae1228eb0e7c975eeec459749408a70324245aa99fd41bce03cd9f45ceb42d0b_s390x", "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:cbad12c58f243298974f51d2278730feb5fbb74cdc6de409dd0578794ab6c1a4_ppc64le", "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:dd22e49f8d5aa7f009169aec3c43e68307e0842cde9260a70dd424159e61c89d_amd64", "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:3c15440847fbc38023d590dd5f93ee524f53e2999c4483cfb3ba9bbf6bba904f_ppc64le", "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:9e9d91554f5edb5a3e00f2a294056bb540ed1597fc8af5d44432ce81d54bf977_amd64", "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:ac25a060b441ba7b1a2f282083e0900f26d159a02486d85bf496c28ce61ad970_s390x", "8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:6df979ecc2195ddd8c1b84a0355fa4df58cf55c34f0b07669659d72501a701d4_ppc64le", "8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:a66560fd323c9cb1466ca2fede9111665cadfc1ddaf9ce28e0aad6fdddf89763_s390x", "8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:b6ec1460415bf8c69d82cf9267494dc5445242b6a0957318eae5bf333693cb2e_amd64", "8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:0d51e3a8b92cab3b8f5221fc076b2079a68e7ba75f7f3ecb9322fe7ba77e862f_ppc64le", "8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:a602d31cee6906b1d0218de85403decb0155746990f9cd218731c7d4e717f1a1_s390x", "8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:b903b41e1096a25b53c5272c8457baa352e2c83fa997852d4a8ed614e2c02802_amd64", "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:5aee6e4bfecba226d276b95c62a68a1b6d513d60c9c8aff84752725e6c01b8c0_ppc64le", "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:a18638de4d39738b696f044e0d181fdeaf82499f2a2b4b46c07675db5fbe8c3f_amd64", "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:e9615e41e857331edacf87fcd98ced0a50fba92757131fdb433ad3e9490e4dd7_s390x", "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:29200f7311b63df76f6723878e4a8e2c315376b421e4e5febe2323a926d48594_amd64", "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:42c59f6a87c791fd6a3e829af331e2c5778612f503b402c0a08278cc9dc09ef7_ppc64le", "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:d557bf48ab4db2b2c98a65d1a028b7cde4363ee888c274d0629829c1b07977ef_s390x", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:6180", }, { category: "workaround", details: "No current mitigation is yet available for this flaw.", product_ids: [ "8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:2619637d44fd87e5c07301de93841899fffc109dcfaff59d56349cedc208a679_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:7ebe5c551baccd151d6ef2120eb7009570b33647bfd6332320dfa0f5f661ed8a_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:952f7701d0c1d8ac9c01c0b2ff9d28a4dad480fd34e68eef162e41b5bb0a17e1_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:16934a17528d69fb0d39f605364fbc012a3e4d7401df45c91c995ac8ef9ed920_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:bb3e6e3b54c116d45c23154b3f3bd122a99a62ceb4499cd56774f1e0cec1c214_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:f99bb528c12edb65c36659a0a5d59d7a76449ce9649bf7c5be7b273f8485fc25_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:467961ec80abc54ee85939f0287041223b181bb7c9a622b556785ff1dd8119f5_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:a7e722132e7a538443f59788b82edcc52f5ec22e9343725c4401c9bdf7093b9a_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:df8436011b04ced795985116fff8eb5cc0009f0002ce9c000f9db741980b5a72_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:43f26cad1cd0ea7e5ac2e605077302473382ab85b3f8da72e49c4dd06114dab2_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:b0a3660137670fedc4e56ca656d56fb739c2fa48d9d0cf5f66fd150bd61365d5_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c3883a6c2f828592783cd1cd336c23a29245e9c45b10dd2b6d1aa8b86a670c31_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:0c8511e092b0138282ce3997cf06d8ba5995b9aa17aa436bcb3eacad910ff54d_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:5068337fc3ab78c2bed33b7eb0f1c1cf67c753a00c006e945aded3ecad884edc_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:ba453c045a93b2ac9e9a820ca616ea4af912972a99a5e4b07135658f1ddc752d_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:8341ef7ade15d0f823fb0ef8d1d2e2aab3f6078feae7a341a2f7b4c6bd94fba1_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:f117be17c9d1713db3719e4e1a7eb3b4697f9c12ac176c311b4c5d6ee27e59f9_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:f72338e446068e2487de8f6eb2249a69e27f24523a771e8aba0fcc2fbf263fe8_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:5dfb4b1c8b7c835e0c493927cb5c22bc68989244e49e284f90a063d54c6d1aa9_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:a59c693b975fad667a6cfebed3e2cf564419baf0a10aa27b71a22581b789dc10_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:bf2cc048dd6e18cb05a17a6de1e45cabd734af0f88555d0c1057bf3b82ac1e0f_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:4da3891b6d4df60dc7e0248bbb543d8363d32671bc3b0eb1671468dd4d3b7ebe_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:4e62b4264b5e4c63bc7d0cecf154dd481605e1d0ff94d563e9d6a8bc43c4835a_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:d9adfa493c64269d2ce744572d9a4c230e8a7c2503a35dbb3df5346e52a6dd2c_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:9198140a0252287e5114e04b97d5454227b51bac8fa4411dea1b0d0843f3c668_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:a9173c66a6929bf5fc689bd434203155e365d23e5e9ae7666d89224ec39df975_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:e50b850a731b7ab45345ab4e9495e4806ac0c6f8ba9ae13b83673a3b06a014f9_ppc64le", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:2adc2877050289ee2568c4f03ce171dc2c30bf86976fcc63c09bd0bf18b92cc4_amd64", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:73017b0ad2d4ea26900253abdc9a62d55a40ff04905a391e91610ad7a9d762d3_ppc64le", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:cb9a2f0df6852eb9d11deb8c4c14142bcae17a70301c55974fd0d87116814c9f_s390x", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:0ec97472d9bb1d99bfc0653194acf1b44de185a9e63756fb692acaa713ade2db_s390x", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:33f921009c9baaf82d3d10406073e9da9b31540d6b3b421c7a3659e2d8310179_ppc64le", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:eaa126d86aecf2bd330f2234104a905a71ab280a4d74a2614d98daaf13e821e2_amd64", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:746f118b9224ba6a175526f265d956ae8ce6c7c170db2217bd34b028f03999af_amd64", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:8a237928d7c059ecd5d1f3aad89ab094a73452e221c133cd9c5c7689db9b87bf_ppc64le", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:ecead456f33621f78b97d0d151f816d39246af1ca69696616f033213791142dc_s390x", "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:ae1228eb0e7c975eeec459749408a70324245aa99fd41bce03cd9f45ceb42d0b_s390x", "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:cbad12c58f243298974f51d2278730feb5fbb74cdc6de409dd0578794ab6c1a4_ppc64le", "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:dd22e49f8d5aa7f009169aec3c43e68307e0842cde9260a70dd424159e61c89d_amd64", "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:3c15440847fbc38023d590dd5f93ee524f53e2999c4483cfb3ba9bbf6bba904f_ppc64le", "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:9e9d91554f5edb5a3e00f2a294056bb540ed1597fc8af5d44432ce81d54bf977_amd64", "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:ac25a060b441ba7b1a2f282083e0900f26d159a02486d85bf496c28ce61ad970_s390x", "8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:6df979ecc2195ddd8c1b84a0355fa4df58cf55c34f0b07669659d72501a701d4_ppc64le", "8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:a66560fd323c9cb1466ca2fede9111665cadfc1ddaf9ce28e0aad6fdddf89763_s390x", "8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:b6ec1460415bf8c69d82cf9267494dc5445242b6a0957318eae5bf333693cb2e_amd64", "8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:0d51e3a8b92cab3b8f5221fc076b2079a68e7ba75f7f3ecb9322fe7ba77e862f_ppc64le", "8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:a602d31cee6906b1d0218de85403decb0155746990f9cd218731c7d4e717f1a1_s390x", "8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:b903b41e1096a25b53c5272c8457baa352e2c83fa997852d4a8ed614e2c02802_amd64", "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:5aee6e4bfecba226d276b95c62a68a1b6d513d60c9c8aff84752725e6c01b8c0_ppc64le", "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:a18638de4d39738b696f044e0d181fdeaf82499f2a2b4b46c07675db5fbe8c3f_amd64", "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:e9615e41e857331edacf87fcd98ced0a50fba92757131fdb433ad3e9490e4dd7_s390x", "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:29200f7311b63df76f6723878e4a8e2c315376b421e4e5febe2323a926d48594_amd64", "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:42c59f6a87c791fd6a3e829af331e2c5778612f503b402c0a08278cc9dc09ef7_ppc64le", "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:d557bf48ab4db2b2c98a65d1a028b7cde4363ee888c274d0629829c1b07977ef_s390x", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:2619637d44fd87e5c07301de93841899fffc109dcfaff59d56349cedc208a679_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:7ebe5c551baccd151d6ef2120eb7009570b33647bfd6332320dfa0f5f661ed8a_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:952f7701d0c1d8ac9c01c0b2ff9d28a4dad480fd34e68eef162e41b5bb0a17e1_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:16934a17528d69fb0d39f605364fbc012a3e4d7401df45c91c995ac8ef9ed920_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:bb3e6e3b54c116d45c23154b3f3bd122a99a62ceb4499cd56774f1e0cec1c214_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:f99bb528c12edb65c36659a0a5d59d7a76449ce9649bf7c5be7b273f8485fc25_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:467961ec80abc54ee85939f0287041223b181bb7c9a622b556785ff1dd8119f5_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:a7e722132e7a538443f59788b82edcc52f5ec22e9343725c4401c9bdf7093b9a_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:df8436011b04ced795985116fff8eb5cc0009f0002ce9c000f9db741980b5a72_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:43f26cad1cd0ea7e5ac2e605077302473382ab85b3f8da72e49c4dd06114dab2_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:b0a3660137670fedc4e56ca656d56fb739c2fa48d9d0cf5f66fd150bd61365d5_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c3883a6c2f828592783cd1cd336c23a29245e9c45b10dd2b6d1aa8b86a670c31_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:0c8511e092b0138282ce3997cf06d8ba5995b9aa17aa436bcb3eacad910ff54d_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:5068337fc3ab78c2bed33b7eb0f1c1cf67c753a00c006e945aded3ecad884edc_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:ba453c045a93b2ac9e9a820ca616ea4af912972a99a5e4b07135658f1ddc752d_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:8341ef7ade15d0f823fb0ef8d1d2e2aab3f6078feae7a341a2f7b4c6bd94fba1_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:f117be17c9d1713db3719e4e1a7eb3b4697f9c12ac176c311b4c5d6ee27e59f9_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:f72338e446068e2487de8f6eb2249a69e27f24523a771e8aba0fcc2fbf263fe8_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:5dfb4b1c8b7c835e0c493927cb5c22bc68989244e49e284f90a063d54c6d1aa9_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:a59c693b975fad667a6cfebed3e2cf564419baf0a10aa27b71a22581b789dc10_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:bf2cc048dd6e18cb05a17a6de1e45cabd734af0f88555d0c1057bf3b82ac1e0f_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:4da3891b6d4df60dc7e0248bbb543d8363d32671bc3b0eb1671468dd4d3b7ebe_ppc64le", "8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:4e62b4264b5e4c63bc7d0cecf154dd481605e1d0ff94d563e9d6a8bc43c4835a_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:d9adfa493c64269d2ce744572d9a4c230e8a7c2503a35dbb3df5346e52a6dd2c_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:9198140a0252287e5114e04b97d5454227b51bac8fa4411dea1b0d0843f3c668_amd64", "8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:a9173c66a6929bf5fc689bd434203155e365d23e5e9ae7666d89224ec39df975_s390x", "8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:e50b850a731b7ab45345ab4e9495e4806ac0c6f8ba9ae13b83673a3b06a014f9_ppc64le", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:2adc2877050289ee2568c4f03ce171dc2c30bf86976fcc63c09bd0bf18b92cc4_amd64", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:73017b0ad2d4ea26900253abdc9a62d55a40ff04905a391e91610ad7a9d762d3_ppc64le", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:cb9a2f0df6852eb9d11deb8c4c14142bcae17a70301c55974fd0d87116814c9f_s390x", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:0ec97472d9bb1d99bfc0653194acf1b44de185a9e63756fb692acaa713ade2db_s390x", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:33f921009c9baaf82d3d10406073e9da9b31540d6b3b421c7a3659e2d8310179_ppc64le", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:eaa126d86aecf2bd330f2234104a905a71ab280a4d74a2614d98daaf13e821e2_amd64", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:746f118b9224ba6a175526f265d956ae8ce6c7c170db2217bd34b028f03999af_amd64", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:8a237928d7c059ecd5d1f3aad89ab094a73452e221c133cd9c5c7689db9b87bf_ppc64le", "8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:ecead456f33621f78b97d0d151f816d39246af1ca69696616f033213791142dc_s390x", "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:ae1228eb0e7c975eeec459749408a70324245aa99fd41bce03cd9f45ceb42d0b_s390x", "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:cbad12c58f243298974f51d2278730feb5fbb74cdc6de409dd0578794ab6c1a4_ppc64le", "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:dd22e49f8d5aa7f009169aec3c43e68307e0842cde9260a70dd424159e61c89d_amd64", "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:3c15440847fbc38023d590dd5f93ee524f53e2999c4483cfb3ba9bbf6bba904f_ppc64le", "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:9e9d91554f5edb5a3e00f2a294056bb540ed1597fc8af5d44432ce81d54bf977_amd64", "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:ac25a060b441ba7b1a2f282083e0900f26d159a02486d85bf496c28ce61ad970_s390x", "8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:6df979ecc2195ddd8c1b84a0355fa4df58cf55c34f0b07669659d72501a701d4_ppc64le", "8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:a66560fd323c9cb1466ca2fede9111665cadfc1ddaf9ce28e0aad6fdddf89763_s390x", "8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:b6ec1460415bf8c69d82cf9267494dc5445242b6a0957318eae5bf333693cb2e_amd64", "8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:0d51e3a8b92cab3b8f5221fc076b2079a68e7ba75f7f3ecb9322fe7ba77e862f_ppc64le", "8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:a602d31cee6906b1d0218de85403decb0155746990f9cd218731c7d4e717f1a1_s390x", "8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:b903b41e1096a25b53c5272c8457baa352e2c83fa997852d4a8ed614e2c02802_amd64", "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:5aee6e4bfecba226d276b95c62a68a1b6d513d60c9c8aff84752725e6c01b8c0_ppc64le", "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:a18638de4d39738b696f044e0d181fdeaf82499f2a2b4b46c07675db5fbe8c3f_amd64", "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:e9615e41e857331edacf87fcd98ced0a50fba92757131fdb433ad3e9490e4dd7_s390x", "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:29200f7311b63df76f6723878e4a8e2c315376b421e4e5febe2323a926d48594_amd64", "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:42c59f6a87c791fd6a3e829af331e2c5778612f503b402c0a08278cc9dc09ef7_ppc64le", "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:d557bf48ab4db2b2c98a65d1a028b7cde4363ee888c274d0629829c1b07977ef_s390x", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "browserify-sign: upper bound check issue in dsaVerify leads to a signature forgery attack", }, ], }
fkie_cve-2023-46234
Vulnerability from fkie_nvd
Published
2023-10-26 15:15
Modified
2025-02-13 18:15
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Summary
browserify-sign is a package to duplicate the functionality of node's crypto public key functions, much of this is based on Fedor Indutny's work on indutny/tls.js. An upper bound check issue in `dsaVerify` function allows an attacker to construct signatures that can be successfully verified by any public key, thus leading to a signature forgery attack. All places in this project that involve DSA verification of user-input signatures will be affected by this vulnerability. This issue has been patched in version 4.2.2.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| browserify | browserify-sign | * | |
| debian | debian_linux | 11.0 | |
| debian | debian_linux | 12.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:browserify:browserify-sign:*:*:*:*:*:node.js:*:*", matchCriteriaId: "DE51BF6D-53CC-41A1-9530-BD9B1DCFBE6D", versionEndExcluding: "4.2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", matchCriteriaId: "FA6FEEC2-9F11-4643-8827-749718254FED", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*", matchCriteriaId: "46D69DCC-AE4D-4EA5-861C-D60951444C6C", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "browserify-sign is a package to duplicate the functionality of node's crypto public key functions, much of this is based on Fedor Indutny's work on indutny/tls.js. An upper bound check issue in `dsaVerify` function allows an attacker to construct signatures that can be successfully verified by any public key, thus leading to a signature forgery attack. All places in this project that involve DSA verification of user-input signatures will be affected by this vulnerability. This issue has been patched in version 4.2.2.", }, { lang: "es", value: "browserify-sign es un paquete para duplicar la funcionalidad de las funciones de clave pública criptográfica del nodo, gran parte de esto se basa en el trabajo de Fedor Indutny en indutny/tls.js. Un problema de verificación de límite superior en la función `dsaVerify` permite a un atacante construir firmas que pueden verificarse con éxito mediante cualquier clave pública, lo que lleva a un ataque de falsificación de firmas. Todos los lugares de este proyecto que implican la verificación DSA de las firmas ingresadas por los usuarios se verán afectados por esta vulnerabilidad. Este problema se solucionó en la versión 4.2.2.", }, ], id: "CVE-2023-46234", lastModified: "2025-02-13T18:15:34.370", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 2.5, source: "security-advisories@github.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-10-26T15:15:09.087", references: [ { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://github.com/browserify/browserify-sign/commit/85994cd6348b50f2fd1b73c54e20881416f44a30", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://github.com/browserify/browserify-sign/security/advisories/GHSA-x9w5-v3q2-3rhw", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2023/10/msg00040.html", }, { source: "security-advisories@github.com", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3HUE6ZR5SL73KHL7XUPAOEL6SB7HUDT2/", }, { source: "security-advisories@github.com", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6PVVPNSAGSDS63HQ74PJ7MZ3MU5IYNVZ/", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2023/dsa-5539", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://github.com/browserify/browserify-sign/commit/85994cd6348b50f2fd1b73c54e20881416f44a30", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://github.com/browserify/browserify-sign/security/advisories/GHSA-x9w5-v3q2-3rhw", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2023/10/msg00040.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3HUE6ZR5SL73KHL7XUPAOEL6SB7HUDT2/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6PVVPNSAGSDS63HQ74PJ7MZ3MU5IYNVZ/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2023/dsa-5539", }, ], sourceIdentifier: "security-advisories@github.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-347", }, ], source: "security-advisories@github.com", type: "Secondary", }, ], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.