Action not permitted
Modal body text goes here.
Modal Title
Modal Body
cve-2024-47220
Vulnerability from cvelistv5
Published
2024-09-22 00:00
Modified
2025-01-09 17:33
Severity ?
EPSS score ?
Summary
An issue was discovered in the WEBrick toolkit through 1.8.1 for Ruby. It allows HTTP request smuggling by providing both a Content-Length header and a Transfer-Encoding header, e.g., "GET /admin HTTP/1.1\r\n" inside of a "POST /user HTTP/1.1\r\n" request. NOTE: the supplier's position is "Webrick should not be used in production."
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:ruby:webrick:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "webrick",
"vendor": "ruby",
"versions": [
{
"lessThanOrEqual": "1.8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-47220",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-23T15:01:28.031073Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-09T17:33:17.696Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in the WEBrick toolkit through 1.8.1 for Ruby. It allows HTTP request smuggling by providing both a Content-Length header and a Transfer-Encoding header, e.g., \"GET /admin HTTP/1.1\\r\\n\" inside of a \"POST /user HTTP/1.1\\r\\n\" request. NOTE: the supplier\u0027s position is \"Webrick should not be used in production.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-25T14:15:45.642637",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/ruby/webrick/issues/145"
},
{
"url": "https://github.com/ruby/webrick/pull/146/commits/d88321da45dcd230ac2b4585cad4833d6d5e8841"
},
{
"url": "https://github.com/ruby/webrick/issues/145#issuecomment-2369994610"
},
{
"url": "https://github.com/ruby/webrick/issues/145#issuecomment-2372838285"
}
],
"tags": [
"disputed"
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-47220",
"datePublished": "2024-09-22T00:00:00",
"dateReserved": "2024-09-22T00:00:00",
"dateUpdated": "2025-01-09T17:33:17.696Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2024-47220\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2024-09-22T01:15:11.950\",\"lastModified\":\"2025-01-09T18:15:28.837\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[{\"sourceIdentifier\":\"cve@mitre.org\",\"tags\":[\"disputed\"]}],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An issue was discovered in the WEBrick toolkit through 1.8.1 for Ruby. It allows HTTP request smuggling by providing both a Content-Length header and a Transfer-Encoding header, e.g., \\\"GET /admin HTTP/1.1\\\\r\\\\n\\\" inside of a \\\"POST /user HTTP/1.1\\\\r\\\\n\\\" request. NOTE: the supplier\u0027s position is \\\"Webrick should not be used in production.\\\"\"},{\"lang\":\"es\",\"value\":\"Se descubri\u00f3 un problema en el kit de herramientas WEBrick a trav\u00e9s de la versi\u00f3n 1.8.1 para Ruby. Permite el contrabando de solicitudes HTTP al proporcionar un encabezado Content-Length y un encabezado Transfer-Encoding, por ejemplo, \\\"GET /admin HTTP/1.1\\\\r\\\\n\\\" dentro de una solicitud \\\"POST /user HTTP/1.1\\\\r\\\\n\\\". NOTA: la posici\u00f3n del proveedor es \\\"Webrick no debe usarse en producci\u00f3n\\\".\"}],\"metrics\":{},\"references\":[{\"url\":\"https://github.com/ruby/webrick/issues/145\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://github.com/ruby/webrick/issues/145#issuecomment-2369994610\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://github.com/ruby/webrick/issues/145#issuecomment-2372838285\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://github.com/ruby/webrick/pull/146/commits/d88321da45dcd230ac2b4585cad4833d6d5e8841\",\"source\":\"cve@mitre.org\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-47220\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-09-23T15:01:28.031073Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:ruby:webrick:*:*:*:*:*:*:*:*\"], \"vendor\": \"ruby\", \"product\": \"webrick\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"1.8.1\"}], \"defaultStatus\": \"unknown\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-09-23T15:07:20.012Z\"}}], \"cna\": {\"tags\": [\"disputed\"], \"affected\": [{\"vendor\": \"n/a\", \"product\": \"n/a\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"references\": [{\"url\": \"https://github.com/ruby/webrick/issues/145\"}, {\"url\": \"https://github.com/ruby/webrick/pull/146/commits/d88321da45dcd230ac2b4585cad4833d6d5e8841\"}, {\"url\": \"https://github.com/ruby/webrick/issues/145#issuecomment-2369994610\"}, {\"url\": \"https://github.com/ruby/webrick/issues/145#issuecomment-2372838285\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"An issue was discovered in the WEBrick toolkit through 1.8.1 for Ruby. It allows HTTP request smuggling by providing both a Content-Length header and a Transfer-Encoding header, e.g., \\\"GET /admin HTTP/1.1\\\\r\\\\n\\\" inside of a \\\"POST /user HTTP/1.1\\\\r\\\\n\\\" request. NOTE: the supplier\u0027s position is \\\"Webrick should not be used in production.\\\"\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"n/a\"}]}], \"providerMetadata\": {\"orgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"shortName\": \"mitre\", \"dateUpdated\": \"2024-09-25T14:15:45.642637\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2024-47220\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-01-09T17:33:17.696Z\", \"dateReserved\": \"2024-09-22T00:00:00\", \"assignerOrgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"datePublished\": \"2024-09-22T00:00:00\", \"assignerShortName\": \"mitre\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
fkie_cve-2024-47220
Vulnerability from fkie_nvd
Published
2024-09-22 01:15
Modified
2025-01-09 18:15
Severity ?
Summary
An issue was discovered in the WEBrick toolkit through 1.8.1 for Ruby. It allows HTTP request smuggling by providing both a Content-Length header and a Transfer-Encoding header, e.g., "GET /admin HTTP/1.1\r\n" inside of a "POST /user HTTP/1.1\r\n" request. NOTE: the supplier's position is "Webrick should not be used in production."
References
Impacted products
| Vendor | Product | Version |
|---|
{
"cveTags": [
{
"sourceIdentifier": "cve@mitre.org",
"tags": [
"disputed"
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in the WEBrick toolkit through 1.8.1 for Ruby. It allows HTTP request smuggling by providing both a Content-Length header and a Transfer-Encoding header, e.g., \"GET /admin HTTP/1.1\\r\\n\" inside of a \"POST /user HTTP/1.1\\r\\n\" request. NOTE: the supplier\u0027s position is \"Webrick should not be used in production.\""
},
{
"lang": "es",
"value": "Se descubri\u00f3 un problema en el kit de herramientas WEBrick a trav\u00e9s de la versi\u00f3n 1.8.1 para Ruby. Permite el contrabando de solicitudes HTTP al proporcionar un encabezado Content-Length y un encabezado Transfer-Encoding, por ejemplo, \"GET /admin HTTP/1.1\\r\\n\" dentro de una solicitud \"POST /user HTTP/1.1\\r\\n\". NOTA: la posici\u00f3n del proveedor es \"Webrick no debe usarse en producci\u00f3n\"."
}
],
"id": "CVE-2024-47220",
"lastModified": "2025-01-09T18:15:28.837",
"metrics": {},
"published": "2024-09-22T01:15:11.950",
"references": [
{
"source": "cve@mitre.org",
"url": "https://github.com/ruby/webrick/issues/145"
},
{
"source": "cve@mitre.org",
"url": "https://github.com/ruby/webrick/issues/145#issuecomment-2369994610"
},
{
"source": "cve@mitre.org",
"url": "https://github.com/ruby/webrick/issues/145#issuecomment-2372838285"
},
{
"source": "cve@mitre.org",
"url": "https://github.com/ruby/webrick/pull/146/commits/d88321da45dcd230ac2b4585cad4833d6d5e8841"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Awaiting Analysis"
}
wid-sec-w-2025-0001
Vulnerability from csaf_certbund
Published
2025-01-01 23:00
Modified
2025-01-06 23:00
Summary
IBM DB2: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
IBM DB2 ist ein relationales Datenbanksystem (RDBS) von IBM.
Angriff
Ein entfernter oder lokaler Angreifer kann mehrere Schwachstellen in IBM DB2 on Cloud Pak for Data ausnutzen, um seine Privilegien zu erhöhen, beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, Sicherheitsmaßnahmen zu umgehen oder einen Denial-of-Service-Zustand zu erzeugen.
Betroffene Betriebssysteme
- Sonstiges
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "IBM DB2 ist ein relationales Datenbanksystem (RDBS) von IBM.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter oder lokaler Angreifer kann mehrere Schwachstellen in IBM DB2 on Cloud Pak for Data ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen oder einen Denial-of-Service-Zustand zu erzeugen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-0001 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0001.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-0001 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0001"
},
{
"category": "external",
"summary": "IBM Security Bulletin vom 2025-01-01",
"url": "https://www.ibm.com/support/pages/node/7180105"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7180361 vom 2025-01-07",
"url": "https://www.ibm.com/support/pages/node/7180361"
}
],
"source_lang": "en-US",
"title": "IBM DB2: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-01-06T23:00:00.000+00:00",
"generator": {
"date": "2025-01-07T11:42:20.646+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.10"
}
},
"id": "WID-SEC-W-2025-0001",
"initial_release_date": "2025-01-01T23:00:00.000+00:00",
"revision_history": [
{
"date": "2025-01-01T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2025-01-06T23:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von IBM aufgenommen"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c5.1.0",
"product": {
"name": "IBM DB2 \u003c5.1.0",
"product_id": "T039987"
}
},
{
"category": "product_version",
"name": "5.1.0",
"product": {
"name": "IBM DB2 5.1.0",
"product_id": "T039987-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:db2:5.1.0"
}
}
},
{
"category": "product_version_range",
"name": "Warehouse \u003c5.1.0",
"product": {
"name": "IBM DB2 Warehouse \u003c5.1.0",
"product_id": "T039988"
}
},
{
"category": "product_version",
"name": "Warehouse 5.1.0",
"product": {
"name": "IBM DB2 Warehouse 5.1.0",
"product_id": "T039988-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:db2:warehouse__5.1.0"
}
}
}
],
"category": "product_name",
"name": "DB2"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.1.6.4",
"product": {
"name": "IBM Spectrum Protect Plus \u003c10.1.6.4",
"product_id": "T040030"
}
},
{
"category": "product_version",
"name": "10.1.6.4",
"product": {
"name": "IBM Spectrum Protect Plus 10.1.6.4",
"product_id": "T040030-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:spectrum_protect_plus:10.1.6.4"
}
}
}
],
"category": "product_name",
"name": "Spectrum Protect Plus"
}
],
"category": "vendor",
"name": "IBM"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-32740",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in IBM DB2 on Cloud Pak for Data. Diese existieren wegen unsachgem\u00e4\u00dfer \u00dcberpr\u00fcfungen, sowie Fehlern in der Speicherbehandlung, Eingabevalidierung und Berechtigungsverwaltung bez\u00fcglich der genutzten Komponenten, wie z.B. Java SE, cURL, Bouncy Castle, Kerberos und expat. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen oder einen Denial-of-Service-Zustand zu erzeugen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T040030",
"T039988",
"T039987"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2021-32740"
},
{
"cve": "CVE-2021-41186",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in IBM DB2 on Cloud Pak for Data. Diese existieren wegen unsachgem\u00e4\u00dfer \u00dcberpr\u00fcfungen, sowie Fehlern in der Speicherbehandlung, Eingabevalidierung und Berechtigungsverwaltung bez\u00fcglich der genutzten Komponenten, wie z.B. Java SE, cURL, Bouncy Castle, Kerberos und expat. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen oder einen Denial-of-Service-Zustand zu erzeugen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T040030",
"T039988",
"T039987"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2021-41186"
},
{
"cve": "CVE-2022-0759",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in IBM DB2 on Cloud Pak for Data. Diese existieren wegen unsachgem\u00e4\u00dfer \u00dcberpr\u00fcfungen, sowie Fehlern in der Speicherbehandlung, Eingabevalidierung und Berechtigungsverwaltung bez\u00fcglich der genutzten Komponenten, wie z.B. Java SE, cURL, Bouncy Castle, Kerberos und expat. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen oder einen Denial-of-Service-Zustand zu erzeugen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T040030",
"T039988",
"T039987"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2022-0759"
},
{
"cve": "CVE-2022-24795",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in IBM DB2 on Cloud Pak for Data. Diese existieren wegen unsachgem\u00e4\u00dfer \u00dcberpr\u00fcfungen, sowie Fehlern in der Speicherbehandlung, Eingabevalidierung und Berechtigungsverwaltung bez\u00fcglich der genutzten Komponenten, wie z.B. Java SE, cURL, Bouncy Castle, Kerberos und expat. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen oder einen Denial-of-Service-Zustand zu erzeugen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T040030",
"T039988",
"T039987"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2022-24795"
},
{
"cve": "CVE-2022-31163",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in IBM DB2 on Cloud Pak for Data. Diese existieren wegen unsachgem\u00e4\u00dfer \u00dcberpr\u00fcfungen, sowie Fehlern in der Speicherbehandlung, Eingabevalidierung und Berechtigungsverwaltung bez\u00fcglich der genutzten Komponenten, wie z.B. Java SE, cURL, Bouncy Castle, Kerberos und expat. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen oder einen Denial-of-Service-Zustand zu erzeugen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T040030",
"T039988",
"T039987"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2022-31163"
},
{
"cve": "CVE-2023-39325",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in IBM DB2 on Cloud Pak for Data. Diese existieren wegen unsachgem\u00e4\u00dfer \u00dcberpr\u00fcfungen, sowie Fehlern in der Speicherbehandlung, Eingabevalidierung und Berechtigungsverwaltung bez\u00fcglich der genutzten Komponenten, wie z.B. Java SE, cURL, Bouncy Castle, Kerberos und expat. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen oder einen Denial-of-Service-Zustand zu erzeugen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T040030",
"T039988",
"T039987"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2023-39325"
},
{
"cve": "CVE-2023-41993",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in IBM DB2 on Cloud Pak for Data. Diese existieren wegen unsachgem\u00e4\u00dfer \u00dcberpr\u00fcfungen, sowie Fehlern in der Speicherbehandlung, Eingabevalidierung und Berechtigungsverwaltung bez\u00fcglich der genutzten Komponenten, wie z.B. Java SE, cURL, Bouncy Castle, Kerberos und expat. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen oder einen Denial-of-Service-Zustand zu erzeugen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T040030",
"T039988",
"T039987"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2023-41993"
},
{
"cve": "CVE-2023-45283",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in IBM DB2 on Cloud Pak for Data. Diese existieren wegen unsachgem\u00e4\u00dfer \u00dcberpr\u00fcfungen, sowie Fehlern in der Speicherbehandlung, Eingabevalidierung und Berechtigungsverwaltung bez\u00fcglich der genutzten Komponenten, wie z.B. Java SE, cURL, Bouncy Castle, Kerberos und expat. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen oder einen Denial-of-Service-Zustand zu erzeugen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T040030",
"T039988",
"T039987"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2023-45283"
},
{
"cve": "CVE-2023-45288",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in IBM DB2 on Cloud Pak for Data. Diese existieren wegen unsachgem\u00e4\u00dfer \u00dcberpr\u00fcfungen, sowie Fehlern in der Speicherbehandlung, Eingabevalidierung und Berechtigungsverwaltung bez\u00fcglich der genutzten Komponenten, wie z.B. Java SE, cURL, Bouncy Castle, Kerberos und expat. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen oder einen Denial-of-Service-Zustand zu erzeugen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T040030",
"T039988",
"T039987"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2023-45288"
},
{
"cve": "CVE-2023-6597",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in IBM DB2 on Cloud Pak for Data. Diese existieren wegen unsachgem\u00e4\u00dfer \u00dcberpr\u00fcfungen, sowie Fehlern in der Speicherbehandlung, Eingabevalidierung und Berechtigungsverwaltung bez\u00fcglich der genutzten Komponenten, wie z.B. Java SE, cURL, Bouncy Castle, Kerberos und expat. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen oder einen Denial-of-Service-Zustand zu erzeugen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T040030",
"T039988",
"T039987"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2023-6597"
},
{
"cve": "CVE-2024-0406",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in IBM DB2 on Cloud Pak for Data. Diese existieren wegen unsachgem\u00e4\u00dfer \u00dcberpr\u00fcfungen, sowie Fehlern in der Speicherbehandlung, Eingabevalidierung und Berechtigungsverwaltung bez\u00fcglich der genutzten Komponenten, wie z.B. Java SE, cURL, Bouncy Castle, Kerberos und expat. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen oder einen Denial-of-Service-Zustand zu erzeugen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T040030",
"T039988",
"T039987"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2024-0406"
},
{
"cve": "CVE-2024-20918",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in IBM DB2 on Cloud Pak for Data. Diese existieren wegen unsachgem\u00e4\u00dfer \u00dcberpr\u00fcfungen, sowie Fehlern in der Speicherbehandlung, Eingabevalidierung und Berechtigungsverwaltung bez\u00fcglich der genutzten Komponenten, wie z.B. Java SE, cURL, Bouncy Castle, Kerberos und expat. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen oder einen Denial-of-Service-Zustand zu erzeugen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T040030",
"T039988",
"T039987"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2024-20918"
},
{
"cve": "CVE-2024-20952",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in IBM DB2 on Cloud Pak for Data. Diese existieren wegen unsachgem\u00e4\u00dfer \u00dcberpr\u00fcfungen, sowie Fehlern in der Speicherbehandlung, Eingabevalidierung und Berechtigungsverwaltung bez\u00fcglich der genutzten Komponenten, wie z.B. Java SE, cURL, Bouncy Castle, Kerberos und expat. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen oder einen Denial-of-Service-Zustand zu erzeugen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T040030",
"T039988",
"T039987"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2024-20952"
},
{
"cve": "CVE-2024-2398",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in IBM DB2 on Cloud Pak for Data. Diese existieren wegen unsachgem\u00e4\u00dfer \u00dcberpr\u00fcfungen, sowie Fehlern in der Speicherbehandlung, Eingabevalidierung und Berechtigungsverwaltung bez\u00fcglich der genutzten Komponenten, wie z.B. Java SE, cURL, Bouncy Castle, Kerberos und expat. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen oder einen Denial-of-Service-Zustand zu erzeugen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T040030",
"T039988",
"T039987"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2024-2398"
},
{
"cve": "CVE-2024-24786",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in IBM DB2 on Cloud Pak for Data. Diese existieren wegen unsachgem\u00e4\u00dfer \u00dcberpr\u00fcfungen, sowie Fehlern in der Speicherbehandlung, Eingabevalidierung und Berechtigungsverwaltung bez\u00fcglich der genutzten Komponenten, wie z.B. Java SE, cURL, Bouncy Castle, Kerberos und expat. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen oder einen Denial-of-Service-Zustand zu erzeugen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T040030",
"T039988",
"T039987"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2024-24786"
},
{
"cve": "CVE-2024-27281",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in IBM DB2 on Cloud Pak for Data. Diese existieren wegen unsachgem\u00e4\u00dfer \u00dcberpr\u00fcfungen, sowie Fehlern in der Speicherbehandlung, Eingabevalidierung und Berechtigungsverwaltung bez\u00fcglich der genutzten Komponenten, wie z.B. Java SE, cURL, Bouncy Castle, Kerberos und expat. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen oder einen Denial-of-Service-Zustand zu erzeugen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T040030",
"T039988",
"T039987"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2024-27281"
},
{
"cve": "CVE-2024-2961",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in IBM DB2 on Cloud Pak for Data. Diese existieren wegen unsachgem\u00e4\u00dfer \u00dcberpr\u00fcfungen, sowie Fehlern in der Speicherbehandlung, Eingabevalidierung und Berechtigungsverwaltung bez\u00fcglich der genutzten Komponenten, wie z.B. Java SE, cURL, Bouncy Castle, Kerberos und expat. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen oder einen Denial-of-Service-Zustand zu erzeugen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T040030",
"T039988",
"T039987"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2024-2961"
},
{
"cve": "CVE-2024-29857",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in IBM DB2 on Cloud Pak for Data. Diese existieren wegen unsachgem\u00e4\u00dfer \u00dcberpr\u00fcfungen, sowie Fehlern in der Speicherbehandlung, Eingabevalidierung und Berechtigungsverwaltung bez\u00fcglich der genutzten Komponenten, wie z.B. Java SE, cURL, Bouncy Castle, Kerberos und expat. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen oder einen Denial-of-Service-Zustand zu erzeugen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T040030",
"T039988",
"T039987"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2024-29857"
},
{
"cve": "CVE-2024-33599",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in IBM DB2 on Cloud Pak for Data. Diese existieren wegen unsachgem\u00e4\u00dfer \u00dcberpr\u00fcfungen, sowie Fehlern in der Speicherbehandlung, Eingabevalidierung und Berechtigungsverwaltung bez\u00fcglich der genutzten Komponenten, wie z.B. Java SE, cURL, Bouncy Castle, Kerberos und expat. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen oder einen Denial-of-Service-Zustand zu erzeugen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T040030",
"T039988",
"T039987"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2024-33599"
},
{
"cve": "CVE-2024-33883",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in IBM DB2 on Cloud Pak for Data. Diese existieren wegen unsachgem\u00e4\u00dfer \u00dcberpr\u00fcfungen, sowie Fehlern in der Speicherbehandlung, Eingabevalidierung und Berechtigungsverwaltung bez\u00fcglich der genutzten Komponenten, wie z.B. Java SE, cURL, Bouncy Castle, Kerberos und expat. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen oder einen Denial-of-Service-Zustand zu erzeugen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T040030",
"T039988",
"T039987"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2024-33883"
},
{
"cve": "CVE-2024-37370",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in IBM DB2 on Cloud Pak for Data. Diese existieren wegen unsachgem\u00e4\u00dfer \u00dcberpr\u00fcfungen, sowie Fehlern in der Speicherbehandlung, Eingabevalidierung und Berechtigungsverwaltung bez\u00fcglich der genutzten Komponenten, wie z.B. Java SE, cURL, Bouncy Castle, Kerberos und expat. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen oder einen Denial-of-Service-Zustand zu erzeugen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T040030",
"T039988",
"T039987"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2024-37370"
},
{
"cve": "CVE-2024-37371",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in IBM DB2 on Cloud Pak for Data. Diese existieren wegen unsachgem\u00e4\u00dfer \u00dcberpr\u00fcfungen, sowie Fehlern in der Speicherbehandlung, Eingabevalidierung und Berechtigungsverwaltung bez\u00fcglich der genutzten Komponenten, wie z.B. Java SE, cURL, Bouncy Castle, Kerberos und expat. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen oder einen Denial-of-Service-Zustand zu erzeugen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T040030",
"T039988",
"T039987"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2024-37371"
},
{
"cve": "CVE-2024-37890",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in IBM DB2 on Cloud Pak for Data. Diese existieren wegen unsachgem\u00e4\u00dfer \u00dcberpr\u00fcfungen, sowie Fehlern in der Speicherbehandlung, Eingabevalidierung und Berechtigungsverwaltung bez\u00fcglich der genutzten Komponenten, wie z.B. Java SE, cURL, Bouncy Castle, Kerberos und expat. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen oder einen Denial-of-Service-Zustand zu erzeugen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T040030",
"T039988",
"T039987"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2024-37890"
},
{
"cve": "CVE-2024-39338",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in IBM DB2 on Cloud Pak for Data. Diese existieren wegen unsachgem\u00e4\u00dfer \u00dcberpr\u00fcfungen, sowie Fehlern in der Speicherbehandlung, Eingabevalidierung und Berechtigungsverwaltung bez\u00fcglich der genutzten Komponenten, wie z.B. Java SE, cURL, Bouncy Castle, Kerberos und expat. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen oder einen Denial-of-Service-Zustand zu erzeugen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T040030",
"T039988",
"T039987"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2024-39338"
},
{
"cve": "CVE-2024-4068",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in IBM DB2 on Cloud Pak for Data. Diese existieren wegen unsachgem\u00e4\u00dfer \u00dcberpr\u00fcfungen, sowie Fehlern in der Speicherbehandlung, Eingabevalidierung und Berechtigungsverwaltung bez\u00fcglich der genutzten Komponenten, wie z.B. Java SE, cURL, Bouncy Castle, Kerberos und expat. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen oder einen Denial-of-Service-Zustand zu erzeugen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T040030",
"T039988",
"T039987"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2024-4068"
},
{
"cve": "CVE-2024-41110",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in IBM DB2 on Cloud Pak for Data. Diese existieren wegen unsachgem\u00e4\u00dfer \u00dcberpr\u00fcfungen, sowie Fehlern in der Speicherbehandlung, Eingabevalidierung und Berechtigungsverwaltung bez\u00fcglich der genutzten Komponenten, wie z.B. Java SE, cURL, Bouncy Castle, Kerberos und expat. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen oder einen Denial-of-Service-Zustand zu erzeugen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T040030",
"T039988",
"T039987"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2024-41110"
},
{
"cve": "CVE-2024-41123",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in IBM DB2 on Cloud Pak for Data. Diese existieren wegen unsachgem\u00e4\u00dfer \u00dcberpr\u00fcfungen, sowie Fehlern in der Speicherbehandlung, Eingabevalidierung und Berechtigungsverwaltung bez\u00fcglich der genutzten Komponenten, wie z.B. Java SE, cURL, Bouncy Castle, Kerberos und expat. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen oder einen Denial-of-Service-Zustand zu erzeugen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T040030",
"T039988",
"T039987"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2024-41123"
},
{
"cve": "CVE-2024-41946",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in IBM DB2 on Cloud Pak for Data. Diese existieren wegen unsachgem\u00e4\u00dfer \u00dcberpr\u00fcfungen, sowie Fehlern in der Speicherbehandlung, Eingabevalidierung und Berechtigungsverwaltung bez\u00fcglich der genutzten Komponenten, wie z.B. Java SE, cURL, Bouncy Castle, Kerberos und expat. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen oder einen Denial-of-Service-Zustand zu erzeugen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T040030",
"T039988",
"T039987"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2024-41946"
},
{
"cve": "CVE-2024-45296",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in IBM DB2 on Cloud Pak for Data. Diese existieren wegen unsachgem\u00e4\u00dfer \u00dcberpr\u00fcfungen, sowie Fehlern in der Speicherbehandlung, Eingabevalidierung und Berechtigungsverwaltung bez\u00fcglich der genutzten Komponenten, wie z.B. Java SE, cURL, Bouncy Castle, Kerberos und expat. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen oder einen Denial-of-Service-Zustand zu erzeugen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T040030",
"T039988",
"T039987"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2024-45296"
},
{
"cve": "CVE-2024-45491",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in IBM DB2 on Cloud Pak for Data. Diese existieren wegen unsachgem\u00e4\u00dfer \u00dcberpr\u00fcfungen, sowie Fehlern in der Speicherbehandlung, Eingabevalidierung und Berechtigungsverwaltung bez\u00fcglich der genutzten Komponenten, wie z.B. Java SE, cURL, Bouncy Castle, Kerberos und expat. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen oder einen Denial-of-Service-Zustand zu erzeugen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T040030",
"T039988",
"T039987"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2024-45491"
},
{
"cve": "CVE-2024-45590",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in IBM DB2 on Cloud Pak for Data. Diese existieren wegen unsachgem\u00e4\u00dfer \u00dcberpr\u00fcfungen, sowie Fehlern in der Speicherbehandlung, Eingabevalidierung und Berechtigungsverwaltung bez\u00fcglich der genutzten Komponenten, wie z.B. Java SE, cURL, Bouncy Castle, Kerberos und expat. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen oder einen Denial-of-Service-Zustand zu erzeugen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T040030",
"T039988",
"T039987"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2024-45590"
},
{
"cve": "CVE-2024-47220",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in IBM DB2 on Cloud Pak for Data. Diese existieren wegen unsachgem\u00e4\u00dfer \u00dcberpr\u00fcfungen, sowie Fehlern in der Speicherbehandlung, Eingabevalidierung und Berechtigungsverwaltung bez\u00fcglich der genutzten Komponenten, wie z.B. Java SE, cURL, Bouncy Castle, Kerberos und expat. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen oder einen Denial-of-Service-Zustand zu erzeugen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T040030",
"T039988",
"T039987"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2024-47220"
},
{
"cve": "CVE-2024-47554",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in IBM DB2 on Cloud Pak for Data. Diese existieren wegen unsachgem\u00e4\u00dfer \u00dcberpr\u00fcfungen, sowie Fehlern in der Speicherbehandlung, Eingabevalidierung und Berechtigungsverwaltung bez\u00fcglich der genutzten Komponenten, wie z.B. Java SE, cURL, Bouncy Castle, Kerberos und expat. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen oder einen Denial-of-Service-Zustand zu erzeugen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T040030",
"T039988",
"T039987"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2024-47554"
},
{
"cve": "CVE-2024-6119",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in IBM DB2 on Cloud Pak for Data. Diese existieren wegen unsachgem\u00e4\u00dfer \u00dcberpr\u00fcfungen, sowie Fehlern in der Speicherbehandlung, Eingabevalidierung und Berechtigungsverwaltung bez\u00fcglich der genutzten Komponenten, wie z.B. Java SE, cURL, Bouncy Castle, Kerberos und expat. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen oder einen Denial-of-Service-Zustand zu erzeugen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T040030",
"T039988",
"T039987"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2024-6119"
},
{
"cve": "CVE-2024-6345",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in IBM DB2 on Cloud Pak for Data. Diese existieren wegen unsachgem\u00e4\u00dfer \u00dcberpr\u00fcfungen, sowie Fehlern in der Speicherbehandlung, Eingabevalidierung und Berechtigungsverwaltung bez\u00fcglich der genutzten Komponenten, wie z.B. Java SE, cURL, Bouncy Castle, Kerberos und expat. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen oder einen Denial-of-Service-Zustand zu erzeugen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T040030",
"T039988",
"T039987"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2024-6345"
}
]
}
ghsa-6f62-3596-g6w7
Vulnerability from github
Published
2024-09-22 03:30
Modified
2024-09-25 17:53
Severity ?
Summary
HTTP Request Smuggling in ruby webrick
Details
An issue was discovered in the WEBrick toolkit through 1.8.1 for Ruby. It allows HTTP request smuggling by providing both a Content-Length header and a Transfer-Encoding header, e.g., "GET /admin HTTP/1.1\r\n" inside of a "POST /user HTTP/1.1\r\n" request. NOTE: the supplier's position is "Webrick should not be used in production."
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 1.8.1"
},
"package": {
"ecosystem": "RubyGems",
"name": "webrick"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.8.2"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2024-47220"
],
"database_specific": {
"cwe_ids": [
"CWE-444"
],
"github_reviewed": true,
"github_reviewed_at": "2024-09-23T20:43:55Z",
"nvd_published_at": "2024-09-22T01:15:11Z",
"severity": "HIGH"
},
"details": "An issue was discovered in the WEBrick toolkit through 1.8.1 for Ruby. It allows HTTP request smuggling by providing both a Content-Length header and a Transfer-Encoding header, e.g., \"GET /admin HTTP/1.1\\r\\n\" inside of a \"POST /user HTTP/1.1\\r\\n\" request. NOTE: the supplier\u0027s position is \"Webrick should not be used in production.\"",
"id": "GHSA-6f62-3596-g6w7",
"modified": "2024-09-25T17:53:10Z",
"published": "2024-09-22T03:30:30Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-47220"
},
{
"type": "WEB",
"url": "https://github.com/ruby/webrick/issues/145"
},
{
"type": "WEB",
"url": "https://github.com/ruby/webrick/issues/145#issuecomment-2369994610"
},
{
"type": "WEB",
"url": "https://github.com/ruby/webrick/issues/145#issuecomment-2372838285"
},
{
"type": "WEB",
"url": "https://github.com/ruby/webrick/pull/146/commits/d88321da45dcd230ac2b4585cad4833d6d5e8841"
},
{
"type": "WEB",
"url": "https://github.com/ruby/webrick/commit/f5faca9222541591e1a7c3c97552ebb0c92733c7"
},
{
"type": "PACKAGE",
"url": "https://github.com/ruby/webrick"
},
{
"type": "WEB",
"url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/webrick/CVE-2024-47220.yml"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"type": "CVSS_V3"
}
],
"summary": "HTTP Request Smuggling in ruby webrick"
}
rhsa-2025:1227
Vulnerability from csaf_redhat
Published
2025-02-12 16:40
Modified
2025-02-19 23:28
Summary
Red Hat Security Advisory: Logging for Red Hat OpenShift - 5.9.11
Notes
Topic
Logging for Red Hat OpenShift - 5.9.11
Details
Logging for Red Hat OpenShift - 5.9.11
logging-fluentd-container: HTTP request smuggling (CVE-2024-47220)
cluster-logging-operator-container: Info Leak via Uninitialized Stack Contents (CVE-2024-12085)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Logging for Red Hat OpenShift - 5.9.11",
"title": "Topic"
},
{
"category": "general",
"text": "Logging for Red Hat OpenShift - 5.9.11\nlogging-fluentd-container: HTTP request smuggling (CVE-2024-47220)\ncluster-logging-operator-container: Info Leak via Uninitialized Stack Contents (CVE-2024-12085)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:1227",
"url": "https://access.redhat.com/errata/RHSA-2025:1227"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2314051",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2314051"
},
{
"category": "external",
"summary": "2330539",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2330539"
},
{
"category": "external",
"summary": "LOG-5691",
"url": "https://issues.redhat.com/browse/LOG-5691"
},
{
"category": "external",
"summary": "LOG-6581",
"url": "https://issues.redhat.com/browse/LOG-6581"
},
{
"category": "external",
"summary": "LOG-6586",
"url": "https://issues.redhat.com/browse/LOG-6586"
},
{
"category": "external",
"summary": "LOG-6635",
"url": "https://issues.redhat.com/browse/LOG-6635"
},
{
"category": "external",
"summary": "LOG-6645",
"url": "https://issues.redhat.com/browse/LOG-6645"
},
{
"category": "external",
"summary": "LOG-6656",
"url": "https://issues.redhat.com/browse/LOG-6656"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_1227.json"
}
],
"title": "Red Hat Security Advisory: Logging for Red Hat OpenShift - 5.9.11",
"tracking": {
"current_release_date": "2025-02-19T23:28:59+00:00",
"generator": {
"date": "2025-02-19T23:28:59+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.3.1"
}
},
"id": "RHSA-2025:1227",
"initial_release_date": "2025-02-12T16:40:08+00:00",
"revision_history": [
{
"date": "2025-02-12T16:40:08+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-02-12T16:40:08+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-02-19T23:28:59+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHOL 5.9 for RHEL 9",
"product": {
"name": "RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:logging:5.9::el9"
}
}
}
],
"category": "product_family",
"name": "logging for Red Hat OpenShift"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel9-operator@sha256:e6386dbf8cf2d2c0d953f3c378baceeb480ee8943d7522d975c2abde7aab0325_ppc64le",
"product": {
"name": "openshift-logging/cluster-logging-rhel9-operator@sha256:e6386dbf8cf2d2c0d953f3c378baceeb480ee8943d7522d975c2abde7aab0325_ppc64le",
"product_id": "openshift-logging/cluster-logging-rhel9-operator@sha256:e6386dbf8cf2d2c0d953f3c378baceeb480ee8943d7522d975c2abde7aab0325_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel9-operator@sha256:e6386dbf8cf2d2c0d953f3c378baceeb480ee8943d7522d975c2abde7aab0325?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator\u0026tag=v5.9.11-11"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel9@sha256:cf0db800309fc6549eed4ac00b4bb4fad601bfe0f941cf4a4c3092b05d037be1_ppc64le",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel9@sha256:cf0db800309fc6549eed4ac00b4bb4fad601bfe0f941cf4a4c3092b05d037be1_ppc64le",
"product_id": "openshift-logging/log-file-metric-exporter-rhel9@sha256:cf0db800309fc6549eed4ac00b4bb4fad601bfe0f941cf4a4c3092b05d037be1_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel9@sha256:cf0db800309fc6549eed4ac00b4bb4fad601bfe0f941cf4a4c3092b05d037be1?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9\u0026tag=v1.1.0-321"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel9@sha256:cfdb5836eb9828b86977aec2186906bc9c12b80eca4ab066ca13e542d797f921_ppc64le",
"product": {
"name": "openshift-logging/eventrouter-rhel9@sha256:cfdb5836eb9828b86977aec2186906bc9c12b80eca4ab066ca13e542d797f921_ppc64le",
"product_id": "openshift-logging/eventrouter-rhel9@sha256:cfdb5836eb9828b86977aec2186906bc9c12b80eca4ab066ca13e542d797f921_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel9@sha256:cfdb5836eb9828b86977aec2186906bc9c12b80eca4ab066ca13e542d797f921?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel9\u0026tag=v0.4.0-340"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel9@sha256:d0516cdb390b87797550ccd54b92d8986c1742f405f8b894df7b61a474801a68_ppc64le",
"product": {
"name": "openshift-logging/fluentd-rhel9@sha256:d0516cdb390b87797550ccd54b92d8986c1742f405f8b894df7b61a474801a68_ppc64le",
"product_id": "openshift-logging/fluentd-rhel9@sha256:d0516cdb390b87797550ccd54b92d8986c1742f405f8b894df7b61a474801a68_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel9@sha256:d0516cdb390b87797550ccd54b92d8986c1742f405f8b894df7b61a474801a68?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel9\u0026tag=v5.9.11-5"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-loki-rhel9@sha256:78b2993a35bc6c52dba0d9e9516943ebba02432206de321b8a06c4012bc1b349_ppc64le",
"product": {
"name": "openshift-logging/logging-loki-rhel9@sha256:78b2993a35bc6c52dba0d9e9516943ebba02432206de321b8a06c4012bc1b349_ppc64le",
"product_id": "openshift-logging/logging-loki-rhel9@sha256:78b2993a35bc6c52dba0d9e9516943ebba02432206de321b8a06c4012bc1b349_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel9@sha256:78b2993a35bc6c52dba0d9e9516943ebba02432206de321b8a06c4012bc1b349?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel9\u0026tag=v3.3.2-8"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/vector-rhel9@sha256:dbb2f1221cec4aec7349496fae6f5136012eedfe4c54751fee25e68da7cd0ed1_ppc64le",
"product": {
"name": "openshift-logging/vector-rhel9@sha256:dbb2f1221cec4aec7349496fae6f5136012eedfe4c54751fee25e68da7cd0ed1_ppc64le",
"product_id": "openshift-logging/vector-rhel9@sha256:dbb2f1221cec4aec7349496fae6f5136012eedfe4c54751fee25e68da7cd0ed1_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel9@sha256:dbb2f1221cec4aec7349496fae6f5136012eedfe4c54751fee25e68da7cd0ed1?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel9\u0026tag=v0.34.1-30"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-view-plugin-rhel9@sha256:74be6cdcdfe1da1b5431cd7f66c78db2a7c399445e905ef704ca4171d3ccf846_ppc64le",
"product": {
"name": "openshift-logging/logging-view-plugin-rhel9@sha256:74be6cdcdfe1da1b5431cd7f66c78db2a7c399445e905ef704ca4171d3ccf846_ppc64le",
"product_id": "openshift-logging/logging-view-plugin-rhel9@sha256:74be6cdcdfe1da1b5431cd7f66c78db2a7c399445e905ef704ca4171d3ccf846_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logging-view-plugin-rhel9@sha256:74be6cdcdfe1da1b5431cd7f66c78db2a7c399445e905ef704ca4171d3ccf846?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/logging-view-plugin-rhel9\u0026tag=v5.9.11-6"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/loki-rhel9-operator@sha256:35d52bf4cbed75a78fba98ead066a88993622f5b648b49265455c90dbea6b57a_ppc64le",
"product": {
"name": "openshift-logging/loki-rhel9-operator@sha256:35d52bf4cbed75a78fba98ead066a88993622f5b648b49265455c90dbea6b57a_ppc64le",
"product_id": "openshift-logging/loki-rhel9-operator@sha256:35d52bf4cbed75a78fba98ead066a88993622f5b648b49265455c90dbea6b57a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel9-operator@sha256:35d52bf4cbed75a78fba98ead066a88993622f5b648b49265455c90dbea6b57a?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel9-operator\u0026tag=v5.9.11-4"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/lokistack-gateway-rhel9@sha256:590380885bc50a26570c0dad142a0920cce5d6e2f44c76cf5b9758fc28512e9c_ppc64le",
"product": {
"name": "openshift-logging/lokistack-gateway-rhel9@sha256:590380885bc50a26570c0dad142a0920cce5d6e2f44c76cf5b9758fc28512e9c_ppc64le",
"product_id": "openshift-logging/lokistack-gateway-rhel9@sha256:590380885bc50a26570c0dad142a0920cce5d6e2f44c76cf5b9758fc28512e9c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel9@sha256:590380885bc50a26570c0dad142a0920cce5d6e2f44c76cf5b9758fc28512e9c?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel9\u0026tag=v0.1.0-724"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/opa-openshift-rhel9@sha256:50ba9a45a46d5419475536c90a98abbe088c07b914f522e9278e4f2349417e96_ppc64le",
"product": {
"name": "openshift-logging/opa-openshift-rhel9@sha256:50ba9a45a46d5419475536c90a98abbe088c07b914f522e9278e4f2349417e96_ppc64le",
"product_id": "openshift-logging/opa-openshift-rhel9@sha256:50ba9a45a46d5419475536c90a98abbe088c07b914f522e9278e4f2349417e96_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel9@sha256:50ba9a45a46d5419475536c90a98abbe088c07b914f522e9278e4f2349417e96?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel9\u0026tag=v0.1.0-341"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel9-operator@sha256:883f362a4397547edf23b158fec1d7c83d33d88d331d3f6041656a6834ca01ae_amd64",
"product": {
"name": "openshift-logging/cluster-logging-rhel9-operator@sha256:883f362a4397547edf23b158fec1d7c83d33d88d331d3f6041656a6834ca01ae_amd64",
"product_id": "openshift-logging/cluster-logging-rhel9-operator@sha256:883f362a4397547edf23b158fec1d7c83d33d88d331d3f6041656a6834ca01ae_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel9-operator@sha256:883f362a4397547edf23b158fec1d7c83d33d88d331d3f6041656a6834ca01ae?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator\u0026tag=v5.9.11-11"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:05d36790c431c5bcdce4ac9b0e52aa1cb05fd4b544102733d49b74d23571f74c_amd64",
"product": {
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:05d36790c431c5bcdce4ac9b0e52aa1cb05fd4b544102733d49b74d23571f74c_amd64",
"product_id": "openshift-logging/cluster-logging-operator-bundle@sha256:05d36790c431c5bcdce4ac9b0e52aa1cb05fd4b544102733d49b74d23571f74c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-operator-bundle@sha256:05d36790c431c5bcdce4ac9b0e52aa1cb05fd4b544102733d49b74d23571f74c?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-operator-bundle\u0026tag=v5.9.11-25"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel9@sha256:ac93b9ee0ef564713e225ad271a44d4b382ea5e6a44138fddef76645df7fc599_amd64",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel9@sha256:ac93b9ee0ef564713e225ad271a44d4b382ea5e6a44138fddef76645df7fc599_amd64",
"product_id": "openshift-logging/log-file-metric-exporter-rhel9@sha256:ac93b9ee0ef564713e225ad271a44d4b382ea5e6a44138fddef76645df7fc599_amd64",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel9@sha256:ac93b9ee0ef564713e225ad271a44d4b382ea5e6a44138fddef76645df7fc599?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9\u0026tag=v1.1.0-321"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel9@sha256:a64fff60352252e6f0200e8f041f3216bad06320c95c6840da2e9c51fcab480c_amd64",
"product": {
"name": "openshift-logging/eventrouter-rhel9@sha256:a64fff60352252e6f0200e8f041f3216bad06320c95c6840da2e9c51fcab480c_amd64",
"product_id": "openshift-logging/eventrouter-rhel9@sha256:a64fff60352252e6f0200e8f041f3216bad06320c95c6840da2e9c51fcab480c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel9@sha256:a64fff60352252e6f0200e8f041f3216bad06320c95c6840da2e9c51fcab480c?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel9\u0026tag=v0.4.0-340"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel9@sha256:67927403108d96de2c1611c578a17e32afa8c6dadf62a96d3378efc16bd20396_amd64",
"product": {
"name": "openshift-logging/fluentd-rhel9@sha256:67927403108d96de2c1611c578a17e32afa8c6dadf62a96d3378efc16bd20396_amd64",
"product_id": "openshift-logging/fluentd-rhel9@sha256:67927403108d96de2c1611c578a17e32afa8c6dadf62a96d3378efc16bd20396_amd64",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel9@sha256:67927403108d96de2c1611c578a17e32afa8c6dadf62a96d3378efc16bd20396?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel9\u0026tag=v5.9.11-5"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-loki-rhel9@sha256:295698b1487cf0b8c216ebe404e7c8c8c4cfee4e59fee0967c96fc444c0fdc4f_amd64",
"product": {
"name": "openshift-logging/logging-loki-rhel9@sha256:295698b1487cf0b8c216ebe404e7c8c8c4cfee4e59fee0967c96fc444c0fdc4f_amd64",
"product_id": "openshift-logging/logging-loki-rhel9@sha256:295698b1487cf0b8c216ebe404e7c8c8c4cfee4e59fee0967c96fc444c0fdc4f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel9@sha256:295698b1487cf0b8c216ebe404e7c8c8c4cfee4e59fee0967c96fc444c0fdc4f?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel9\u0026tag=v3.3.2-8"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/vector-rhel9@sha256:8d570ea2e7f197a56dab73f36728c8afd66a2f886458444a37cb5d7f603ca2e2_amd64",
"product": {
"name": "openshift-logging/vector-rhel9@sha256:8d570ea2e7f197a56dab73f36728c8afd66a2f886458444a37cb5d7f603ca2e2_amd64",
"product_id": "openshift-logging/vector-rhel9@sha256:8d570ea2e7f197a56dab73f36728c8afd66a2f886458444a37cb5d7f603ca2e2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel9@sha256:8d570ea2e7f197a56dab73f36728c8afd66a2f886458444a37cb5d7f603ca2e2?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel9\u0026tag=v0.34.1-30"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-view-plugin-rhel9@sha256:f95c480d56b07083820e799e1de944693a6945a89c360d3d5859392090e4f944_amd64",
"product": {
"name": "openshift-logging/logging-view-plugin-rhel9@sha256:f95c480d56b07083820e799e1de944693a6945a89c360d3d5859392090e4f944_amd64",
"product_id": "openshift-logging/logging-view-plugin-rhel9@sha256:f95c480d56b07083820e799e1de944693a6945a89c360d3d5859392090e4f944_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logging-view-plugin-rhel9@sha256:f95c480d56b07083820e799e1de944693a6945a89c360d3d5859392090e4f944?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/logging-view-plugin-rhel9\u0026tag=v5.9.11-6"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/loki-operator-bundle@sha256:fd4dd6de9fa37ef936cdb1c7d13716c85207f114701fb0ffad00233242fbfb63_amd64",
"product": {
"name": "openshift-logging/loki-operator-bundle@sha256:fd4dd6de9fa37ef936cdb1c7d13716c85207f114701fb0ffad00233242fbfb63_amd64",
"product_id": "openshift-logging/loki-operator-bundle@sha256:fd4dd6de9fa37ef936cdb1c7d13716c85207f114701fb0ffad00233242fbfb63_amd64",
"product_identification_helper": {
"purl": "pkg:oci/loki-operator-bundle@sha256:fd4dd6de9fa37ef936cdb1c7d13716c85207f114701fb0ffad00233242fbfb63?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/loki-operator-bundle\u0026tag=v5.9.11-9"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/loki-rhel9-operator@sha256:6f379a6740699d19a0b9c14ed4f306b4cf8533b6d88e28e4cd2564a02e20f334_amd64",
"product": {
"name": "openshift-logging/loki-rhel9-operator@sha256:6f379a6740699d19a0b9c14ed4f306b4cf8533b6d88e28e4cd2564a02e20f334_amd64",
"product_id": "openshift-logging/loki-rhel9-operator@sha256:6f379a6740699d19a0b9c14ed4f306b4cf8533b6d88e28e4cd2564a02e20f334_amd64",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel9-operator@sha256:6f379a6740699d19a0b9c14ed4f306b4cf8533b6d88e28e4cd2564a02e20f334?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel9-operator\u0026tag=v5.9.11-4"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/lokistack-gateway-rhel9@sha256:735c68e2570fb35cd9cecc13b81840ff38d11ed62aa4c7f0d78804845adfbf39_amd64",
"product": {
"name": "openshift-logging/lokistack-gateway-rhel9@sha256:735c68e2570fb35cd9cecc13b81840ff38d11ed62aa4c7f0d78804845adfbf39_amd64",
"product_id": "openshift-logging/lokistack-gateway-rhel9@sha256:735c68e2570fb35cd9cecc13b81840ff38d11ed62aa4c7f0d78804845adfbf39_amd64",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel9@sha256:735c68e2570fb35cd9cecc13b81840ff38d11ed62aa4c7f0d78804845adfbf39?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel9\u0026tag=v0.1.0-724"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/opa-openshift-rhel9@sha256:e850537f0ab9420570d42365d7f4ed9fff65110c3910a334dac2aa29b6e3e2b9_amd64",
"product": {
"name": "openshift-logging/opa-openshift-rhel9@sha256:e850537f0ab9420570d42365d7f4ed9fff65110c3910a334dac2aa29b6e3e2b9_amd64",
"product_id": "openshift-logging/opa-openshift-rhel9@sha256:e850537f0ab9420570d42365d7f4ed9fff65110c3910a334dac2aa29b6e3e2b9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel9@sha256:e850537f0ab9420570d42365d7f4ed9fff65110c3910a334dac2aa29b6e3e2b9?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel9\u0026tag=v0.1.0-341"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel9-operator@sha256:f6fae7a55c5f45d90a9df360cefda01de744b10b50b138d40f75a1cf1f778511_arm64",
"product": {
"name": "openshift-logging/cluster-logging-rhel9-operator@sha256:f6fae7a55c5f45d90a9df360cefda01de744b10b50b138d40f75a1cf1f778511_arm64",
"product_id": "openshift-logging/cluster-logging-rhel9-operator@sha256:f6fae7a55c5f45d90a9df360cefda01de744b10b50b138d40f75a1cf1f778511_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel9-operator@sha256:f6fae7a55c5f45d90a9df360cefda01de744b10b50b138d40f75a1cf1f778511?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator\u0026tag=v5.9.11-11"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel9@sha256:1abab6bfcbc41e0c0e50b56a1796e20ba0a5a68433632bcc82eeb2d37d8c3402_arm64",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel9@sha256:1abab6bfcbc41e0c0e50b56a1796e20ba0a5a68433632bcc82eeb2d37d8c3402_arm64",
"product_id": "openshift-logging/log-file-metric-exporter-rhel9@sha256:1abab6bfcbc41e0c0e50b56a1796e20ba0a5a68433632bcc82eeb2d37d8c3402_arm64",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel9@sha256:1abab6bfcbc41e0c0e50b56a1796e20ba0a5a68433632bcc82eeb2d37d8c3402?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9\u0026tag=v1.1.0-321"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel9@sha256:f937390944ecd159bca06b91289e847a00a3949c29823e8a9f9490cf2aaa5671_arm64",
"product": {
"name": "openshift-logging/eventrouter-rhel9@sha256:f937390944ecd159bca06b91289e847a00a3949c29823e8a9f9490cf2aaa5671_arm64",
"product_id": "openshift-logging/eventrouter-rhel9@sha256:f937390944ecd159bca06b91289e847a00a3949c29823e8a9f9490cf2aaa5671_arm64",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel9@sha256:f937390944ecd159bca06b91289e847a00a3949c29823e8a9f9490cf2aaa5671?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel9\u0026tag=v0.4.0-340"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel9@sha256:e15eecf4b824e54f22facd4468460d50718cf8c493370d7486cc3b22e3be1545_arm64",
"product": {
"name": "openshift-logging/fluentd-rhel9@sha256:e15eecf4b824e54f22facd4468460d50718cf8c493370d7486cc3b22e3be1545_arm64",
"product_id": "openshift-logging/fluentd-rhel9@sha256:e15eecf4b824e54f22facd4468460d50718cf8c493370d7486cc3b22e3be1545_arm64",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel9@sha256:e15eecf4b824e54f22facd4468460d50718cf8c493370d7486cc3b22e3be1545?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel9\u0026tag=v5.9.11-5"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-loki-rhel9@sha256:6d73fef832b6c9fc131507f2a0dc966bfc40ee9c8005019ba43f417ca89985e3_arm64",
"product": {
"name": "openshift-logging/logging-loki-rhel9@sha256:6d73fef832b6c9fc131507f2a0dc966bfc40ee9c8005019ba43f417ca89985e3_arm64",
"product_id": "openshift-logging/logging-loki-rhel9@sha256:6d73fef832b6c9fc131507f2a0dc966bfc40ee9c8005019ba43f417ca89985e3_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel9@sha256:6d73fef832b6c9fc131507f2a0dc966bfc40ee9c8005019ba43f417ca89985e3?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel9\u0026tag=v3.3.2-8"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/vector-rhel9@sha256:46a7a38202e74ffcd0c64be726ee0a05ca61b0b3d8676fffc9b2156da8cfcf11_arm64",
"product": {
"name": "openshift-logging/vector-rhel9@sha256:46a7a38202e74ffcd0c64be726ee0a05ca61b0b3d8676fffc9b2156da8cfcf11_arm64",
"product_id": "openshift-logging/vector-rhel9@sha256:46a7a38202e74ffcd0c64be726ee0a05ca61b0b3d8676fffc9b2156da8cfcf11_arm64",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel9@sha256:46a7a38202e74ffcd0c64be726ee0a05ca61b0b3d8676fffc9b2156da8cfcf11?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel9\u0026tag=v0.34.1-30"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-view-plugin-rhel9@sha256:abf424f8915d9766eb87f151bce018cfb1864d45f0d85f4707b09b7072277a03_arm64",
"product": {
"name": "openshift-logging/logging-view-plugin-rhel9@sha256:abf424f8915d9766eb87f151bce018cfb1864d45f0d85f4707b09b7072277a03_arm64",
"product_id": "openshift-logging/logging-view-plugin-rhel9@sha256:abf424f8915d9766eb87f151bce018cfb1864d45f0d85f4707b09b7072277a03_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logging-view-plugin-rhel9@sha256:abf424f8915d9766eb87f151bce018cfb1864d45f0d85f4707b09b7072277a03?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/logging-view-plugin-rhel9\u0026tag=v5.9.11-6"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/loki-rhel9-operator@sha256:b35a0df55c1de24bcc6ce7740210abd61b4fc4d1e769a3c36f6014dee55efea9_arm64",
"product": {
"name": "openshift-logging/loki-rhel9-operator@sha256:b35a0df55c1de24bcc6ce7740210abd61b4fc4d1e769a3c36f6014dee55efea9_arm64",
"product_id": "openshift-logging/loki-rhel9-operator@sha256:b35a0df55c1de24bcc6ce7740210abd61b4fc4d1e769a3c36f6014dee55efea9_arm64",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel9-operator@sha256:b35a0df55c1de24bcc6ce7740210abd61b4fc4d1e769a3c36f6014dee55efea9?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel9-operator\u0026tag=v5.9.11-4"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/lokistack-gateway-rhel9@sha256:df94b5b1b5220c6b1347c43352a1edb05f480f4d70c97cf0d3667631471f1d9c_arm64",
"product": {
"name": "openshift-logging/lokistack-gateway-rhel9@sha256:df94b5b1b5220c6b1347c43352a1edb05f480f4d70c97cf0d3667631471f1d9c_arm64",
"product_id": "openshift-logging/lokistack-gateway-rhel9@sha256:df94b5b1b5220c6b1347c43352a1edb05f480f4d70c97cf0d3667631471f1d9c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel9@sha256:df94b5b1b5220c6b1347c43352a1edb05f480f4d70c97cf0d3667631471f1d9c?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel9\u0026tag=v0.1.0-724"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/opa-openshift-rhel9@sha256:9507ecc73d91c9cb8179a8f57375c95941fe71c3fb6e6347b4fdc3ea2c5cfe17_arm64",
"product": {
"name": "openshift-logging/opa-openshift-rhel9@sha256:9507ecc73d91c9cb8179a8f57375c95941fe71c3fb6e6347b4fdc3ea2c5cfe17_arm64",
"product_id": "openshift-logging/opa-openshift-rhel9@sha256:9507ecc73d91c9cb8179a8f57375c95941fe71c3fb6e6347b4fdc3ea2c5cfe17_arm64",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel9@sha256:9507ecc73d91c9cb8179a8f57375c95941fe71c3fb6e6347b4fdc3ea2c5cfe17?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel9\u0026tag=v0.1.0-341"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel9-operator@sha256:5d91887518d966664794f4871653624da04a9c555d21752a4790b70bac47e1de_s390x",
"product": {
"name": "openshift-logging/cluster-logging-rhel9-operator@sha256:5d91887518d966664794f4871653624da04a9c555d21752a4790b70bac47e1de_s390x",
"product_id": "openshift-logging/cluster-logging-rhel9-operator@sha256:5d91887518d966664794f4871653624da04a9c555d21752a4790b70bac47e1de_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel9-operator@sha256:5d91887518d966664794f4871653624da04a9c555d21752a4790b70bac47e1de?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator\u0026tag=v5.9.11-11"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel9@sha256:c8131af6025d0db9b10d9d8f7622de16520bd39755ef8d856dcbd0652175138b_s390x",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel9@sha256:c8131af6025d0db9b10d9d8f7622de16520bd39755ef8d856dcbd0652175138b_s390x",
"product_id": "openshift-logging/log-file-metric-exporter-rhel9@sha256:c8131af6025d0db9b10d9d8f7622de16520bd39755ef8d856dcbd0652175138b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel9@sha256:c8131af6025d0db9b10d9d8f7622de16520bd39755ef8d856dcbd0652175138b?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9\u0026tag=v1.1.0-321"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel9@sha256:62a3fb23bd1d405a87d94a9a93ad2b3dd1d44d9eb2d062cf40cb48469e2fe754_s390x",
"product": {
"name": "openshift-logging/eventrouter-rhel9@sha256:62a3fb23bd1d405a87d94a9a93ad2b3dd1d44d9eb2d062cf40cb48469e2fe754_s390x",
"product_id": "openshift-logging/eventrouter-rhel9@sha256:62a3fb23bd1d405a87d94a9a93ad2b3dd1d44d9eb2d062cf40cb48469e2fe754_s390x",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel9@sha256:62a3fb23bd1d405a87d94a9a93ad2b3dd1d44d9eb2d062cf40cb48469e2fe754?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel9\u0026tag=v0.4.0-340"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel9@sha256:ff369dce86ef0a6dc6fd0f9a84c191f5fc5551d5fa80bf06017cc97c134b8218_s390x",
"product": {
"name": "openshift-logging/fluentd-rhel9@sha256:ff369dce86ef0a6dc6fd0f9a84c191f5fc5551d5fa80bf06017cc97c134b8218_s390x",
"product_id": "openshift-logging/fluentd-rhel9@sha256:ff369dce86ef0a6dc6fd0f9a84c191f5fc5551d5fa80bf06017cc97c134b8218_s390x",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel9@sha256:ff369dce86ef0a6dc6fd0f9a84c191f5fc5551d5fa80bf06017cc97c134b8218?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel9\u0026tag=v5.9.11-5"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-loki-rhel9@sha256:1d4a55c485dd0866a3d7ac66a4e07d4ee4b974b3b0e0086e97b531fd1be22983_s390x",
"product": {
"name": "openshift-logging/logging-loki-rhel9@sha256:1d4a55c485dd0866a3d7ac66a4e07d4ee4b974b3b0e0086e97b531fd1be22983_s390x",
"product_id": "openshift-logging/logging-loki-rhel9@sha256:1d4a55c485dd0866a3d7ac66a4e07d4ee4b974b3b0e0086e97b531fd1be22983_s390x",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel9@sha256:1d4a55c485dd0866a3d7ac66a4e07d4ee4b974b3b0e0086e97b531fd1be22983?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel9\u0026tag=v3.3.2-8"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/vector-rhel9@sha256:85a2ee2d4df59d237ebb12c7700ed0b6439c1330aae341c3909f56de73128d66_s390x",
"product": {
"name": "openshift-logging/vector-rhel9@sha256:85a2ee2d4df59d237ebb12c7700ed0b6439c1330aae341c3909f56de73128d66_s390x",
"product_id": "openshift-logging/vector-rhel9@sha256:85a2ee2d4df59d237ebb12c7700ed0b6439c1330aae341c3909f56de73128d66_s390x",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel9@sha256:85a2ee2d4df59d237ebb12c7700ed0b6439c1330aae341c3909f56de73128d66?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel9\u0026tag=v0.34.1-30"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-view-plugin-rhel9@sha256:a480418c3a90a85d411d46a2276112089173affbb23c5fb32691c9e53433eda4_s390x",
"product": {
"name": "openshift-logging/logging-view-plugin-rhel9@sha256:a480418c3a90a85d411d46a2276112089173affbb23c5fb32691c9e53433eda4_s390x",
"product_id": "openshift-logging/logging-view-plugin-rhel9@sha256:a480418c3a90a85d411d46a2276112089173affbb23c5fb32691c9e53433eda4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/logging-view-plugin-rhel9@sha256:a480418c3a90a85d411d46a2276112089173affbb23c5fb32691c9e53433eda4?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/logging-view-plugin-rhel9\u0026tag=v5.9.11-6"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/loki-rhel9-operator@sha256:f69b982c4c9cf8af53f2a16ba1af93f8288b667ab6cc5461690231096fe211ff_s390x",
"product": {
"name": "openshift-logging/loki-rhel9-operator@sha256:f69b982c4c9cf8af53f2a16ba1af93f8288b667ab6cc5461690231096fe211ff_s390x",
"product_id": "openshift-logging/loki-rhel9-operator@sha256:f69b982c4c9cf8af53f2a16ba1af93f8288b667ab6cc5461690231096fe211ff_s390x",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel9-operator@sha256:f69b982c4c9cf8af53f2a16ba1af93f8288b667ab6cc5461690231096fe211ff?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel9-operator\u0026tag=v5.9.11-4"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/lokistack-gateway-rhel9@sha256:902c4b759d2efe260456756511a4243ccd7ad114b2c39d2cf51305296903a290_s390x",
"product": {
"name": "openshift-logging/lokistack-gateway-rhel9@sha256:902c4b759d2efe260456756511a4243ccd7ad114b2c39d2cf51305296903a290_s390x",
"product_id": "openshift-logging/lokistack-gateway-rhel9@sha256:902c4b759d2efe260456756511a4243ccd7ad114b2c39d2cf51305296903a290_s390x",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel9@sha256:902c4b759d2efe260456756511a4243ccd7ad114b2c39d2cf51305296903a290?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel9\u0026tag=v0.1.0-724"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/opa-openshift-rhel9@sha256:c86ede957b5807e3194675759716650c4df0ef7d2e8894b942b7a2aab2c0f38f_s390x",
"product": {
"name": "openshift-logging/opa-openshift-rhel9@sha256:c86ede957b5807e3194675759716650c4df0ef7d2e8894b942b7a2aab2c0f38f_s390x",
"product_id": "openshift-logging/opa-openshift-rhel9@sha256:c86ede957b5807e3194675759716650c4df0ef7d2e8894b942b7a2aab2c0f38f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel9@sha256:c86ede957b5807e3194675759716650c4df0ef7d2e8894b942b7a2aab2c0f38f?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel9\u0026tag=v0.1.0-341"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:05d36790c431c5bcdce4ac9b0e52aa1cb05fd4b544102733d49b74d23571f74c_amd64 as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/cluster-logging-operator-bundle@sha256:05d36790c431c5bcdce4ac9b0e52aa1cb05fd4b544102733d49b74d23571f74c_amd64"
},
"product_reference": "openshift-logging/cluster-logging-operator-bundle@sha256:05d36790c431c5bcdce4ac9b0e52aa1cb05fd4b544102733d49b74d23571f74c_amd64",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel9-operator@sha256:5d91887518d966664794f4871653624da04a9c555d21752a4790b70bac47e1de_s390x as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:5d91887518d966664794f4871653624da04a9c555d21752a4790b70bac47e1de_s390x"
},
"product_reference": "openshift-logging/cluster-logging-rhel9-operator@sha256:5d91887518d966664794f4871653624da04a9c555d21752a4790b70bac47e1de_s390x",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel9-operator@sha256:883f362a4397547edf23b158fec1d7c83d33d88d331d3f6041656a6834ca01ae_amd64 as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:883f362a4397547edf23b158fec1d7c83d33d88d331d3f6041656a6834ca01ae_amd64"
},
"product_reference": "openshift-logging/cluster-logging-rhel9-operator@sha256:883f362a4397547edf23b158fec1d7c83d33d88d331d3f6041656a6834ca01ae_amd64",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel9-operator@sha256:e6386dbf8cf2d2c0d953f3c378baceeb480ee8943d7522d975c2abde7aab0325_ppc64le as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:e6386dbf8cf2d2c0d953f3c378baceeb480ee8943d7522d975c2abde7aab0325_ppc64le"
},
"product_reference": "openshift-logging/cluster-logging-rhel9-operator@sha256:e6386dbf8cf2d2c0d953f3c378baceeb480ee8943d7522d975c2abde7aab0325_ppc64le",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel9-operator@sha256:f6fae7a55c5f45d90a9df360cefda01de744b10b50b138d40f75a1cf1f778511_arm64 as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:f6fae7a55c5f45d90a9df360cefda01de744b10b50b138d40f75a1cf1f778511_arm64"
},
"product_reference": "openshift-logging/cluster-logging-rhel9-operator@sha256:f6fae7a55c5f45d90a9df360cefda01de744b10b50b138d40f75a1cf1f778511_arm64",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel9@sha256:62a3fb23bd1d405a87d94a9a93ad2b3dd1d44d9eb2d062cf40cb48469e2fe754_s390x as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:62a3fb23bd1d405a87d94a9a93ad2b3dd1d44d9eb2d062cf40cb48469e2fe754_s390x"
},
"product_reference": "openshift-logging/eventrouter-rhel9@sha256:62a3fb23bd1d405a87d94a9a93ad2b3dd1d44d9eb2d062cf40cb48469e2fe754_s390x",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel9@sha256:a64fff60352252e6f0200e8f041f3216bad06320c95c6840da2e9c51fcab480c_amd64 as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:a64fff60352252e6f0200e8f041f3216bad06320c95c6840da2e9c51fcab480c_amd64"
},
"product_reference": "openshift-logging/eventrouter-rhel9@sha256:a64fff60352252e6f0200e8f041f3216bad06320c95c6840da2e9c51fcab480c_amd64",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel9@sha256:cfdb5836eb9828b86977aec2186906bc9c12b80eca4ab066ca13e542d797f921_ppc64le as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:cfdb5836eb9828b86977aec2186906bc9c12b80eca4ab066ca13e542d797f921_ppc64le"
},
"product_reference": "openshift-logging/eventrouter-rhel9@sha256:cfdb5836eb9828b86977aec2186906bc9c12b80eca4ab066ca13e542d797f921_ppc64le",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel9@sha256:f937390944ecd159bca06b91289e847a00a3949c29823e8a9f9490cf2aaa5671_arm64 as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:f937390944ecd159bca06b91289e847a00a3949c29823e8a9f9490cf2aaa5671_arm64"
},
"product_reference": "openshift-logging/eventrouter-rhel9@sha256:f937390944ecd159bca06b91289e847a00a3949c29823e8a9f9490cf2aaa5671_arm64",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel9@sha256:67927403108d96de2c1611c578a17e32afa8c6dadf62a96d3378efc16bd20396_amd64 as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:67927403108d96de2c1611c578a17e32afa8c6dadf62a96d3378efc16bd20396_amd64"
},
"product_reference": "openshift-logging/fluentd-rhel9@sha256:67927403108d96de2c1611c578a17e32afa8c6dadf62a96d3378efc16bd20396_amd64",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel9@sha256:d0516cdb390b87797550ccd54b92d8986c1742f405f8b894df7b61a474801a68_ppc64le as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:d0516cdb390b87797550ccd54b92d8986c1742f405f8b894df7b61a474801a68_ppc64le"
},
"product_reference": "openshift-logging/fluentd-rhel9@sha256:d0516cdb390b87797550ccd54b92d8986c1742f405f8b894df7b61a474801a68_ppc64le",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel9@sha256:e15eecf4b824e54f22facd4468460d50718cf8c493370d7486cc3b22e3be1545_arm64 as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:e15eecf4b824e54f22facd4468460d50718cf8c493370d7486cc3b22e3be1545_arm64"
},
"product_reference": "openshift-logging/fluentd-rhel9@sha256:e15eecf4b824e54f22facd4468460d50718cf8c493370d7486cc3b22e3be1545_arm64",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel9@sha256:ff369dce86ef0a6dc6fd0f9a84c191f5fc5551d5fa80bf06017cc97c134b8218_s390x as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:ff369dce86ef0a6dc6fd0f9a84c191f5fc5551d5fa80bf06017cc97c134b8218_s390x"
},
"product_reference": "openshift-logging/fluentd-rhel9@sha256:ff369dce86ef0a6dc6fd0f9a84c191f5fc5551d5fa80bf06017cc97c134b8218_s390x",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel9@sha256:1abab6bfcbc41e0c0e50b56a1796e20ba0a5a68433632bcc82eeb2d37d8c3402_arm64 as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:1abab6bfcbc41e0c0e50b56a1796e20ba0a5a68433632bcc82eeb2d37d8c3402_arm64"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel9@sha256:1abab6bfcbc41e0c0e50b56a1796e20ba0a5a68433632bcc82eeb2d37d8c3402_arm64",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel9@sha256:ac93b9ee0ef564713e225ad271a44d4b382ea5e6a44138fddef76645df7fc599_amd64 as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:ac93b9ee0ef564713e225ad271a44d4b382ea5e6a44138fddef76645df7fc599_amd64"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel9@sha256:ac93b9ee0ef564713e225ad271a44d4b382ea5e6a44138fddef76645df7fc599_amd64",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel9@sha256:c8131af6025d0db9b10d9d8f7622de16520bd39755ef8d856dcbd0652175138b_s390x as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:c8131af6025d0db9b10d9d8f7622de16520bd39755ef8d856dcbd0652175138b_s390x"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel9@sha256:c8131af6025d0db9b10d9d8f7622de16520bd39755ef8d856dcbd0652175138b_s390x",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel9@sha256:cf0db800309fc6549eed4ac00b4bb4fad601bfe0f941cf4a4c3092b05d037be1_ppc64le as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:cf0db800309fc6549eed4ac00b4bb4fad601bfe0f941cf4a4c3092b05d037be1_ppc64le"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel9@sha256:cf0db800309fc6549eed4ac00b4bb4fad601bfe0f941cf4a4c3092b05d037be1_ppc64le",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-loki-rhel9@sha256:1d4a55c485dd0866a3d7ac66a4e07d4ee4b974b3b0e0086e97b531fd1be22983_s390x as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:1d4a55c485dd0866a3d7ac66a4e07d4ee4b974b3b0e0086e97b531fd1be22983_s390x"
},
"product_reference": "openshift-logging/logging-loki-rhel9@sha256:1d4a55c485dd0866a3d7ac66a4e07d4ee4b974b3b0e0086e97b531fd1be22983_s390x",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-loki-rhel9@sha256:295698b1487cf0b8c216ebe404e7c8c8c4cfee4e59fee0967c96fc444c0fdc4f_amd64 as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:295698b1487cf0b8c216ebe404e7c8c8c4cfee4e59fee0967c96fc444c0fdc4f_amd64"
},
"product_reference": "openshift-logging/logging-loki-rhel9@sha256:295698b1487cf0b8c216ebe404e7c8c8c4cfee4e59fee0967c96fc444c0fdc4f_amd64",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-loki-rhel9@sha256:6d73fef832b6c9fc131507f2a0dc966bfc40ee9c8005019ba43f417ca89985e3_arm64 as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:6d73fef832b6c9fc131507f2a0dc966bfc40ee9c8005019ba43f417ca89985e3_arm64"
},
"product_reference": "openshift-logging/logging-loki-rhel9@sha256:6d73fef832b6c9fc131507f2a0dc966bfc40ee9c8005019ba43f417ca89985e3_arm64",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-loki-rhel9@sha256:78b2993a35bc6c52dba0d9e9516943ebba02432206de321b8a06c4012bc1b349_ppc64le as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:78b2993a35bc6c52dba0d9e9516943ebba02432206de321b8a06c4012bc1b349_ppc64le"
},
"product_reference": "openshift-logging/logging-loki-rhel9@sha256:78b2993a35bc6c52dba0d9e9516943ebba02432206de321b8a06c4012bc1b349_ppc64le",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-view-plugin-rhel9@sha256:74be6cdcdfe1da1b5431cd7f66c78db2a7c399445e905ef704ca4171d3ccf846_ppc64le as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:74be6cdcdfe1da1b5431cd7f66c78db2a7c399445e905ef704ca4171d3ccf846_ppc64le"
},
"product_reference": "openshift-logging/logging-view-plugin-rhel9@sha256:74be6cdcdfe1da1b5431cd7f66c78db2a7c399445e905ef704ca4171d3ccf846_ppc64le",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-view-plugin-rhel9@sha256:a480418c3a90a85d411d46a2276112089173affbb23c5fb32691c9e53433eda4_s390x as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:a480418c3a90a85d411d46a2276112089173affbb23c5fb32691c9e53433eda4_s390x"
},
"product_reference": "openshift-logging/logging-view-plugin-rhel9@sha256:a480418c3a90a85d411d46a2276112089173affbb23c5fb32691c9e53433eda4_s390x",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-view-plugin-rhel9@sha256:abf424f8915d9766eb87f151bce018cfb1864d45f0d85f4707b09b7072277a03_arm64 as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:abf424f8915d9766eb87f151bce018cfb1864d45f0d85f4707b09b7072277a03_arm64"
},
"product_reference": "openshift-logging/logging-view-plugin-rhel9@sha256:abf424f8915d9766eb87f151bce018cfb1864d45f0d85f4707b09b7072277a03_arm64",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-view-plugin-rhel9@sha256:f95c480d56b07083820e799e1de944693a6945a89c360d3d5859392090e4f944_amd64 as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:f95c480d56b07083820e799e1de944693a6945a89c360d3d5859392090e4f944_amd64"
},
"product_reference": "openshift-logging/logging-view-plugin-rhel9@sha256:f95c480d56b07083820e799e1de944693a6945a89c360d3d5859392090e4f944_amd64",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/loki-operator-bundle@sha256:fd4dd6de9fa37ef936cdb1c7d13716c85207f114701fb0ffad00233242fbfb63_amd64 as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/loki-operator-bundle@sha256:fd4dd6de9fa37ef936cdb1c7d13716c85207f114701fb0ffad00233242fbfb63_amd64"
},
"product_reference": "openshift-logging/loki-operator-bundle@sha256:fd4dd6de9fa37ef936cdb1c7d13716c85207f114701fb0ffad00233242fbfb63_amd64",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/loki-rhel9-operator@sha256:35d52bf4cbed75a78fba98ead066a88993622f5b648b49265455c90dbea6b57a_ppc64le as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:35d52bf4cbed75a78fba98ead066a88993622f5b648b49265455c90dbea6b57a_ppc64le"
},
"product_reference": "openshift-logging/loki-rhel9-operator@sha256:35d52bf4cbed75a78fba98ead066a88993622f5b648b49265455c90dbea6b57a_ppc64le",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/loki-rhel9-operator@sha256:6f379a6740699d19a0b9c14ed4f306b4cf8533b6d88e28e4cd2564a02e20f334_amd64 as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:6f379a6740699d19a0b9c14ed4f306b4cf8533b6d88e28e4cd2564a02e20f334_amd64"
},
"product_reference": "openshift-logging/loki-rhel9-operator@sha256:6f379a6740699d19a0b9c14ed4f306b4cf8533b6d88e28e4cd2564a02e20f334_amd64",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/loki-rhel9-operator@sha256:b35a0df55c1de24bcc6ce7740210abd61b4fc4d1e769a3c36f6014dee55efea9_arm64 as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:b35a0df55c1de24bcc6ce7740210abd61b4fc4d1e769a3c36f6014dee55efea9_arm64"
},
"product_reference": "openshift-logging/loki-rhel9-operator@sha256:b35a0df55c1de24bcc6ce7740210abd61b4fc4d1e769a3c36f6014dee55efea9_arm64",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/loki-rhel9-operator@sha256:f69b982c4c9cf8af53f2a16ba1af93f8288b667ab6cc5461690231096fe211ff_s390x as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:f69b982c4c9cf8af53f2a16ba1af93f8288b667ab6cc5461690231096fe211ff_s390x"
},
"product_reference": "openshift-logging/loki-rhel9-operator@sha256:f69b982c4c9cf8af53f2a16ba1af93f8288b667ab6cc5461690231096fe211ff_s390x",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/lokistack-gateway-rhel9@sha256:590380885bc50a26570c0dad142a0920cce5d6e2f44c76cf5b9758fc28512e9c_ppc64le as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:590380885bc50a26570c0dad142a0920cce5d6e2f44c76cf5b9758fc28512e9c_ppc64le"
},
"product_reference": "openshift-logging/lokistack-gateway-rhel9@sha256:590380885bc50a26570c0dad142a0920cce5d6e2f44c76cf5b9758fc28512e9c_ppc64le",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/lokistack-gateway-rhel9@sha256:735c68e2570fb35cd9cecc13b81840ff38d11ed62aa4c7f0d78804845adfbf39_amd64 as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:735c68e2570fb35cd9cecc13b81840ff38d11ed62aa4c7f0d78804845adfbf39_amd64"
},
"product_reference": "openshift-logging/lokistack-gateway-rhel9@sha256:735c68e2570fb35cd9cecc13b81840ff38d11ed62aa4c7f0d78804845adfbf39_amd64",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/lokistack-gateway-rhel9@sha256:902c4b759d2efe260456756511a4243ccd7ad114b2c39d2cf51305296903a290_s390x as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:902c4b759d2efe260456756511a4243ccd7ad114b2c39d2cf51305296903a290_s390x"
},
"product_reference": "openshift-logging/lokistack-gateway-rhel9@sha256:902c4b759d2efe260456756511a4243ccd7ad114b2c39d2cf51305296903a290_s390x",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/lokistack-gateway-rhel9@sha256:df94b5b1b5220c6b1347c43352a1edb05f480f4d70c97cf0d3667631471f1d9c_arm64 as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:df94b5b1b5220c6b1347c43352a1edb05f480f4d70c97cf0d3667631471f1d9c_arm64"
},
"product_reference": "openshift-logging/lokistack-gateway-rhel9@sha256:df94b5b1b5220c6b1347c43352a1edb05f480f4d70c97cf0d3667631471f1d9c_arm64",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/opa-openshift-rhel9@sha256:50ba9a45a46d5419475536c90a98abbe088c07b914f522e9278e4f2349417e96_ppc64le as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:50ba9a45a46d5419475536c90a98abbe088c07b914f522e9278e4f2349417e96_ppc64le"
},
"product_reference": "openshift-logging/opa-openshift-rhel9@sha256:50ba9a45a46d5419475536c90a98abbe088c07b914f522e9278e4f2349417e96_ppc64le",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/opa-openshift-rhel9@sha256:9507ecc73d91c9cb8179a8f57375c95941fe71c3fb6e6347b4fdc3ea2c5cfe17_arm64 as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:9507ecc73d91c9cb8179a8f57375c95941fe71c3fb6e6347b4fdc3ea2c5cfe17_arm64"
},
"product_reference": "openshift-logging/opa-openshift-rhel9@sha256:9507ecc73d91c9cb8179a8f57375c95941fe71c3fb6e6347b4fdc3ea2c5cfe17_arm64",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/opa-openshift-rhel9@sha256:c86ede957b5807e3194675759716650c4df0ef7d2e8894b942b7a2aab2c0f38f_s390x as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:c86ede957b5807e3194675759716650c4df0ef7d2e8894b942b7a2aab2c0f38f_s390x"
},
"product_reference": "openshift-logging/opa-openshift-rhel9@sha256:c86ede957b5807e3194675759716650c4df0ef7d2e8894b942b7a2aab2c0f38f_s390x",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/opa-openshift-rhel9@sha256:e850537f0ab9420570d42365d7f4ed9fff65110c3910a334dac2aa29b6e3e2b9_amd64 as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:e850537f0ab9420570d42365d7f4ed9fff65110c3910a334dac2aa29b6e3e2b9_amd64"
},
"product_reference": "openshift-logging/opa-openshift-rhel9@sha256:e850537f0ab9420570d42365d7f4ed9fff65110c3910a334dac2aa29b6e3e2b9_amd64",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/vector-rhel9@sha256:46a7a38202e74ffcd0c64be726ee0a05ca61b0b3d8676fffc9b2156da8cfcf11_arm64 as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:46a7a38202e74ffcd0c64be726ee0a05ca61b0b3d8676fffc9b2156da8cfcf11_arm64"
},
"product_reference": "openshift-logging/vector-rhel9@sha256:46a7a38202e74ffcd0c64be726ee0a05ca61b0b3d8676fffc9b2156da8cfcf11_arm64",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/vector-rhel9@sha256:85a2ee2d4df59d237ebb12c7700ed0b6439c1330aae341c3909f56de73128d66_s390x as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:85a2ee2d4df59d237ebb12c7700ed0b6439c1330aae341c3909f56de73128d66_s390x"
},
"product_reference": "openshift-logging/vector-rhel9@sha256:85a2ee2d4df59d237ebb12c7700ed0b6439c1330aae341c3909f56de73128d66_s390x",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/vector-rhel9@sha256:8d570ea2e7f197a56dab73f36728c8afd66a2f886458444a37cb5d7f603ca2e2_amd64 as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:8d570ea2e7f197a56dab73f36728c8afd66a2f886458444a37cb5d7f603ca2e2_amd64"
},
"product_reference": "openshift-logging/vector-rhel9@sha256:8d570ea2e7f197a56dab73f36728c8afd66a2f886458444a37cb5d7f603ca2e2_amd64",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/vector-rhel9@sha256:dbb2f1221cec4aec7349496fae6f5136012eedfe4c54751fee25e68da7cd0ed1_ppc64le as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:dbb2f1221cec4aec7349496fae6f5136012eedfe4c54751fee25e68da7cd0ed1_ppc64le"
},
"product_reference": "openshift-logging/vector-rhel9@sha256:dbb2f1221cec4aec7349496fae6f5136012eedfe4c54751fee25e68da7cd0ed1_ppc64le",
"relates_to_product_reference": "9Base-RHOL-5.9"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Pedro Gallegos",
"Simon Scannell",
"Jasiel Spelman"
],
"organization": "Google"
}
],
"cve": "CVE-2024-12085",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"discovery_date": "2024-12-05T12:06:36.594000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2330539"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in rsync which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length (s2length) to cause a comparison between a checksum and uninitialized memory and leak one byte of uninitialized stack data at a time.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rsync: Info Leak via Uninitialized Stack Contents",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as having Important impact as it helps bypass Address Space Layout Randomization (ASLR). ASLR is a memory protection system which makes the exploitation of memory corruption vulnerabilities more difficult.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOL-5.9:openshift-logging/cluster-logging-operator-bundle@sha256:05d36790c431c5bcdce4ac9b0e52aa1cb05fd4b544102733d49b74d23571f74c_amd64",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:5d91887518d966664794f4871653624da04a9c555d21752a4790b70bac47e1de_s390x",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:883f362a4397547edf23b158fec1d7c83d33d88d331d3f6041656a6834ca01ae_amd64",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:e6386dbf8cf2d2c0d953f3c378baceeb480ee8943d7522d975c2abde7aab0325_ppc64le",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:f6fae7a55c5f45d90a9df360cefda01de744b10b50b138d40f75a1cf1f778511_arm64",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:62a3fb23bd1d405a87d94a9a93ad2b3dd1d44d9eb2d062cf40cb48469e2fe754_s390x",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:a64fff60352252e6f0200e8f041f3216bad06320c95c6840da2e9c51fcab480c_amd64",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:cfdb5836eb9828b86977aec2186906bc9c12b80eca4ab066ca13e542d797f921_ppc64le",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:f937390944ecd159bca06b91289e847a00a3949c29823e8a9f9490cf2aaa5671_arm64",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:67927403108d96de2c1611c578a17e32afa8c6dadf62a96d3378efc16bd20396_amd64",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:d0516cdb390b87797550ccd54b92d8986c1742f405f8b894df7b61a474801a68_ppc64le",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:e15eecf4b824e54f22facd4468460d50718cf8c493370d7486cc3b22e3be1545_arm64",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:ff369dce86ef0a6dc6fd0f9a84c191f5fc5551d5fa80bf06017cc97c134b8218_s390x",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:1abab6bfcbc41e0c0e50b56a1796e20ba0a5a68433632bcc82eeb2d37d8c3402_arm64",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:ac93b9ee0ef564713e225ad271a44d4b382ea5e6a44138fddef76645df7fc599_amd64",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:c8131af6025d0db9b10d9d8f7622de16520bd39755ef8d856dcbd0652175138b_s390x",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:cf0db800309fc6549eed4ac00b4bb4fad601bfe0f941cf4a4c3092b05d037be1_ppc64le",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:1d4a55c485dd0866a3d7ac66a4e07d4ee4b974b3b0e0086e97b531fd1be22983_s390x",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:295698b1487cf0b8c216ebe404e7c8c8c4cfee4e59fee0967c96fc444c0fdc4f_amd64",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:6d73fef832b6c9fc131507f2a0dc966bfc40ee9c8005019ba43f417ca89985e3_arm64",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:78b2993a35bc6c52dba0d9e9516943ebba02432206de321b8a06c4012bc1b349_ppc64le",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:74be6cdcdfe1da1b5431cd7f66c78db2a7c399445e905ef704ca4171d3ccf846_ppc64le",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:a480418c3a90a85d411d46a2276112089173affbb23c5fb32691c9e53433eda4_s390x",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:abf424f8915d9766eb87f151bce018cfb1864d45f0d85f4707b09b7072277a03_arm64",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:f95c480d56b07083820e799e1de944693a6945a89c360d3d5859392090e4f944_amd64",
"9Base-RHOL-5.9:openshift-logging/loki-operator-bundle@sha256:fd4dd6de9fa37ef936cdb1c7d13716c85207f114701fb0ffad00233242fbfb63_amd64",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:35d52bf4cbed75a78fba98ead066a88993622f5b648b49265455c90dbea6b57a_ppc64le",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:6f379a6740699d19a0b9c14ed4f306b4cf8533b6d88e28e4cd2564a02e20f334_amd64",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:b35a0df55c1de24bcc6ce7740210abd61b4fc4d1e769a3c36f6014dee55efea9_arm64",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:f69b982c4c9cf8af53f2a16ba1af93f8288b667ab6cc5461690231096fe211ff_s390x",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:590380885bc50a26570c0dad142a0920cce5d6e2f44c76cf5b9758fc28512e9c_ppc64le",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:735c68e2570fb35cd9cecc13b81840ff38d11ed62aa4c7f0d78804845adfbf39_amd64",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:902c4b759d2efe260456756511a4243ccd7ad114b2c39d2cf51305296903a290_s390x",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:df94b5b1b5220c6b1347c43352a1edb05f480f4d70c97cf0d3667631471f1d9c_arm64",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:50ba9a45a46d5419475536c90a98abbe088c07b914f522e9278e4f2349417e96_ppc64le",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:9507ecc73d91c9cb8179a8f57375c95941fe71c3fb6e6347b4fdc3ea2c5cfe17_arm64",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:c86ede957b5807e3194675759716650c4df0ef7d2e8894b942b7a2aab2c0f38f_s390x",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:e850537f0ab9420570d42365d7f4ed9fff65110c3910a334dac2aa29b6e3e2b9_amd64",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:46a7a38202e74ffcd0c64be726ee0a05ca61b0b3d8676fffc9b2156da8cfcf11_arm64",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:85a2ee2d4df59d237ebb12c7700ed0b6439c1330aae341c3909f56de73128d66_s390x",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:8d570ea2e7f197a56dab73f36728c8afd66a2f886458444a37cb5d7f603ca2e2_amd64",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:dbb2f1221cec4aec7349496fae6f5136012eedfe4c54751fee25e68da7cd0ed1_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-12085"
},
{
"category": "external",
"summary": "RHBZ#2330539",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2330539"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-12085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12085"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-12085",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-12085"
},
{
"category": "external",
"summary": "https://kb.cert.org/vuls/id/952657",
"url": "https://kb.cert.org/vuls/id/952657"
}
],
"release_date": "2025-01-14T15:06:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-02-12T16:40:08+00:00",
"details": "For OpenShift Container Platform 4.14 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.14/release_notes/ocp-4-14-release-notes.html\n\nFor Red Hat OpenShift Logging 5.9, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.14/logging/cluster-logging-upgrading.html",
"product_ids": [
"9Base-RHOL-5.9:openshift-logging/cluster-logging-operator-bundle@sha256:05d36790c431c5bcdce4ac9b0e52aa1cb05fd4b544102733d49b74d23571f74c_amd64",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:5d91887518d966664794f4871653624da04a9c555d21752a4790b70bac47e1de_s390x",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:883f362a4397547edf23b158fec1d7c83d33d88d331d3f6041656a6834ca01ae_amd64",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:e6386dbf8cf2d2c0d953f3c378baceeb480ee8943d7522d975c2abde7aab0325_ppc64le",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:f6fae7a55c5f45d90a9df360cefda01de744b10b50b138d40f75a1cf1f778511_arm64",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:62a3fb23bd1d405a87d94a9a93ad2b3dd1d44d9eb2d062cf40cb48469e2fe754_s390x",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:a64fff60352252e6f0200e8f041f3216bad06320c95c6840da2e9c51fcab480c_amd64",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:cfdb5836eb9828b86977aec2186906bc9c12b80eca4ab066ca13e542d797f921_ppc64le",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:f937390944ecd159bca06b91289e847a00a3949c29823e8a9f9490cf2aaa5671_arm64",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:67927403108d96de2c1611c578a17e32afa8c6dadf62a96d3378efc16bd20396_amd64",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:d0516cdb390b87797550ccd54b92d8986c1742f405f8b894df7b61a474801a68_ppc64le",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:e15eecf4b824e54f22facd4468460d50718cf8c493370d7486cc3b22e3be1545_arm64",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:ff369dce86ef0a6dc6fd0f9a84c191f5fc5551d5fa80bf06017cc97c134b8218_s390x",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:1abab6bfcbc41e0c0e50b56a1796e20ba0a5a68433632bcc82eeb2d37d8c3402_arm64",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:ac93b9ee0ef564713e225ad271a44d4b382ea5e6a44138fddef76645df7fc599_amd64",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:c8131af6025d0db9b10d9d8f7622de16520bd39755ef8d856dcbd0652175138b_s390x",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:cf0db800309fc6549eed4ac00b4bb4fad601bfe0f941cf4a4c3092b05d037be1_ppc64le",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:1d4a55c485dd0866a3d7ac66a4e07d4ee4b974b3b0e0086e97b531fd1be22983_s390x",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:295698b1487cf0b8c216ebe404e7c8c8c4cfee4e59fee0967c96fc444c0fdc4f_amd64",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:6d73fef832b6c9fc131507f2a0dc966bfc40ee9c8005019ba43f417ca89985e3_arm64",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:78b2993a35bc6c52dba0d9e9516943ebba02432206de321b8a06c4012bc1b349_ppc64le",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:74be6cdcdfe1da1b5431cd7f66c78db2a7c399445e905ef704ca4171d3ccf846_ppc64le",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:a480418c3a90a85d411d46a2276112089173affbb23c5fb32691c9e53433eda4_s390x",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:abf424f8915d9766eb87f151bce018cfb1864d45f0d85f4707b09b7072277a03_arm64",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:f95c480d56b07083820e799e1de944693a6945a89c360d3d5859392090e4f944_amd64",
"9Base-RHOL-5.9:openshift-logging/loki-operator-bundle@sha256:fd4dd6de9fa37ef936cdb1c7d13716c85207f114701fb0ffad00233242fbfb63_amd64",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:35d52bf4cbed75a78fba98ead066a88993622f5b648b49265455c90dbea6b57a_ppc64le",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:6f379a6740699d19a0b9c14ed4f306b4cf8533b6d88e28e4cd2564a02e20f334_amd64",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:b35a0df55c1de24bcc6ce7740210abd61b4fc4d1e769a3c36f6014dee55efea9_arm64",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:f69b982c4c9cf8af53f2a16ba1af93f8288b667ab6cc5461690231096fe211ff_s390x",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:590380885bc50a26570c0dad142a0920cce5d6e2f44c76cf5b9758fc28512e9c_ppc64le",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:735c68e2570fb35cd9cecc13b81840ff38d11ed62aa4c7f0d78804845adfbf39_amd64",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:902c4b759d2efe260456756511a4243ccd7ad114b2c39d2cf51305296903a290_s390x",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:df94b5b1b5220c6b1347c43352a1edb05f480f4d70c97cf0d3667631471f1d9c_arm64",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:50ba9a45a46d5419475536c90a98abbe088c07b914f522e9278e4f2349417e96_ppc64le",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:9507ecc73d91c9cb8179a8f57375c95941fe71c3fb6e6347b4fdc3ea2c5cfe17_arm64",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:c86ede957b5807e3194675759716650c4df0ef7d2e8894b942b7a2aab2c0f38f_s390x",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:e850537f0ab9420570d42365d7f4ed9fff65110c3910a334dac2aa29b6e3e2b9_amd64",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:46a7a38202e74ffcd0c64be726ee0a05ca61b0b3d8676fffc9b2156da8cfcf11_arm64",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:85a2ee2d4df59d237ebb12c7700ed0b6439c1330aae341c3909f56de73128d66_s390x",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:8d570ea2e7f197a56dab73f36728c8afd66a2f886458444a37cb5d7f603ca2e2_amd64",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:dbb2f1221cec4aec7349496fae6f5136012eedfe4c54751fee25e68da7cd0ed1_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:1227"
},
{
"category": "workaround",
"details": "Seeing as this vulnerability relies on information leakage coming from the presence of data in the uninitialized memory of the `sum2` buffer, a potential mitigation involves compiling rsync with the `-ftrivial-auto-var-init=zero` option set. This mitigates the issue because it initializes the `sum2` variable\u0027s memory with zeroes to prevent uninitialized memory disclosure.",
"product_ids": [
"9Base-RHOL-5.9:openshift-logging/cluster-logging-operator-bundle@sha256:05d36790c431c5bcdce4ac9b0e52aa1cb05fd4b544102733d49b74d23571f74c_amd64",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:5d91887518d966664794f4871653624da04a9c555d21752a4790b70bac47e1de_s390x",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:883f362a4397547edf23b158fec1d7c83d33d88d331d3f6041656a6834ca01ae_amd64",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:e6386dbf8cf2d2c0d953f3c378baceeb480ee8943d7522d975c2abde7aab0325_ppc64le",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:f6fae7a55c5f45d90a9df360cefda01de744b10b50b138d40f75a1cf1f778511_arm64",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:62a3fb23bd1d405a87d94a9a93ad2b3dd1d44d9eb2d062cf40cb48469e2fe754_s390x",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:a64fff60352252e6f0200e8f041f3216bad06320c95c6840da2e9c51fcab480c_amd64",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:cfdb5836eb9828b86977aec2186906bc9c12b80eca4ab066ca13e542d797f921_ppc64le",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:f937390944ecd159bca06b91289e847a00a3949c29823e8a9f9490cf2aaa5671_arm64",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:67927403108d96de2c1611c578a17e32afa8c6dadf62a96d3378efc16bd20396_amd64",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:d0516cdb390b87797550ccd54b92d8986c1742f405f8b894df7b61a474801a68_ppc64le",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:e15eecf4b824e54f22facd4468460d50718cf8c493370d7486cc3b22e3be1545_arm64",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:ff369dce86ef0a6dc6fd0f9a84c191f5fc5551d5fa80bf06017cc97c134b8218_s390x",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:1abab6bfcbc41e0c0e50b56a1796e20ba0a5a68433632bcc82eeb2d37d8c3402_arm64",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:ac93b9ee0ef564713e225ad271a44d4b382ea5e6a44138fddef76645df7fc599_amd64",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:c8131af6025d0db9b10d9d8f7622de16520bd39755ef8d856dcbd0652175138b_s390x",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:cf0db800309fc6549eed4ac00b4bb4fad601bfe0f941cf4a4c3092b05d037be1_ppc64le",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:1d4a55c485dd0866a3d7ac66a4e07d4ee4b974b3b0e0086e97b531fd1be22983_s390x",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:295698b1487cf0b8c216ebe404e7c8c8c4cfee4e59fee0967c96fc444c0fdc4f_amd64",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:6d73fef832b6c9fc131507f2a0dc966bfc40ee9c8005019ba43f417ca89985e3_arm64",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:78b2993a35bc6c52dba0d9e9516943ebba02432206de321b8a06c4012bc1b349_ppc64le",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:74be6cdcdfe1da1b5431cd7f66c78db2a7c399445e905ef704ca4171d3ccf846_ppc64le",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:a480418c3a90a85d411d46a2276112089173affbb23c5fb32691c9e53433eda4_s390x",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:abf424f8915d9766eb87f151bce018cfb1864d45f0d85f4707b09b7072277a03_arm64",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:f95c480d56b07083820e799e1de944693a6945a89c360d3d5859392090e4f944_amd64",
"9Base-RHOL-5.9:openshift-logging/loki-operator-bundle@sha256:fd4dd6de9fa37ef936cdb1c7d13716c85207f114701fb0ffad00233242fbfb63_amd64",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:35d52bf4cbed75a78fba98ead066a88993622f5b648b49265455c90dbea6b57a_ppc64le",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:6f379a6740699d19a0b9c14ed4f306b4cf8533b6d88e28e4cd2564a02e20f334_amd64",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:b35a0df55c1de24bcc6ce7740210abd61b4fc4d1e769a3c36f6014dee55efea9_arm64",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:f69b982c4c9cf8af53f2a16ba1af93f8288b667ab6cc5461690231096fe211ff_s390x",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:590380885bc50a26570c0dad142a0920cce5d6e2f44c76cf5b9758fc28512e9c_ppc64le",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:735c68e2570fb35cd9cecc13b81840ff38d11ed62aa4c7f0d78804845adfbf39_amd64",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:902c4b759d2efe260456756511a4243ccd7ad114b2c39d2cf51305296903a290_s390x",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:df94b5b1b5220c6b1347c43352a1edb05f480f4d70c97cf0d3667631471f1d9c_arm64",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:50ba9a45a46d5419475536c90a98abbe088c07b914f522e9278e4f2349417e96_ppc64le",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:9507ecc73d91c9cb8179a8f57375c95941fe71c3fb6e6347b4fdc3ea2c5cfe17_arm64",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:c86ede957b5807e3194675759716650c4df0ef7d2e8894b942b7a2aab2c0f38f_s390x",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:e850537f0ab9420570d42365d7f4ed9fff65110c3910a334dac2aa29b6e3e2b9_amd64",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:46a7a38202e74ffcd0c64be726ee0a05ca61b0b3d8676fffc9b2156da8cfcf11_arm64",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:85a2ee2d4df59d237ebb12c7700ed0b6439c1330aae341c3909f56de73128d66_s390x",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:8d570ea2e7f197a56dab73f36728c8afd66a2f886458444a37cb5d7f603ca2e2_amd64",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:dbb2f1221cec4aec7349496fae6f5136012eedfe4c54751fee25e68da7cd0ed1_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"9Base-RHOL-5.9:openshift-logging/cluster-logging-operator-bundle@sha256:05d36790c431c5bcdce4ac9b0e52aa1cb05fd4b544102733d49b74d23571f74c_amd64",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:5d91887518d966664794f4871653624da04a9c555d21752a4790b70bac47e1de_s390x",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:883f362a4397547edf23b158fec1d7c83d33d88d331d3f6041656a6834ca01ae_amd64",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:e6386dbf8cf2d2c0d953f3c378baceeb480ee8943d7522d975c2abde7aab0325_ppc64le",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:f6fae7a55c5f45d90a9df360cefda01de744b10b50b138d40f75a1cf1f778511_arm64",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:62a3fb23bd1d405a87d94a9a93ad2b3dd1d44d9eb2d062cf40cb48469e2fe754_s390x",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:a64fff60352252e6f0200e8f041f3216bad06320c95c6840da2e9c51fcab480c_amd64",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:cfdb5836eb9828b86977aec2186906bc9c12b80eca4ab066ca13e542d797f921_ppc64le",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:f937390944ecd159bca06b91289e847a00a3949c29823e8a9f9490cf2aaa5671_arm64",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:67927403108d96de2c1611c578a17e32afa8c6dadf62a96d3378efc16bd20396_amd64",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:d0516cdb390b87797550ccd54b92d8986c1742f405f8b894df7b61a474801a68_ppc64le",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:e15eecf4b824e54f22facd4468460d50718cf8c493370d7486cc3b22e3be1545_arm64",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:ff369dce86ef0a6dc6fd0f9a84c191f5fc5551d5fa80bf06017cc97c134b8218_s390x",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:1abab6bfcbc41e0c0e50b56a1796e20ba0a5a68433632bcc82eeb2d37d8c3402_arm64",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:ac93b9ee0ef564713e225ad271a44d4b382ea5e6a44138fddef76645df7fc599_amd64",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:c8131af6025d0db9b10d9d8f7622de16520bd39755ef8d856dcbd0652175138b_s390x",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:cf0db800309fc6549eed4ac00b4bb4fad601bfe0f941cf4a4c3092b05d037be1_ppc64le",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:1d4a55c485dd0866a3d7ac66a4e07d4ee4b974b3b0e0086e97b531fd1be22983_s390x",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:295698b1487cf0b8c216ebe404e7c8c8c4cfee4e59fee0967c96fc444c0fdc4f_amd64",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:6d73fef832b6c9fc131507f2a0dc966bfc40ee9c8005019ba43f417ca89985e3_arm64",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:78b2993a35bc6c52dba0d9e9516943ebba02432206de321b8a06c4012bc1b349_ppc64le",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:74be6cdcdfe1da1b5431cd7f66c78db2a7c399445e905ef704ca4171d3ccf846_ppc64le",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:a480418c3a90a85d411d46a2276112089173affbb23c5fb32691c9e53433eda4_s390x",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:abf424f8915d9766eb87f151bce018cfb1864d45f0d85f4707b09b7072277a03_arm64",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:f95c480d56b07083820e799e1de944693a6945a89c360d3d5859392090e4f944_amd64",
"9Base-RHOL-5.9:openshift-logging/loki-operator-bundle@sha256:fd4dd6de9fa37ef936cdb1c7d13716c85207f114701fb0ffad00233242fbfb63_amd64",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:35d52bf4cbed75a78fba98ead066a88993622f5b648b49265455c90dbea6b57a_ppc64le",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:6f379a6740699d19a0b9c14ed4f306b4cf8533b6d88e28e4cd2564a02e20f334_amd64",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:b35a0df55c1de24bcc6ce7740210abd61b4fc4d1e769a3c36f6014dee55efea9_arm64",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:f69b982c4c9cf8af53f2a16ba1af93f8288b667ab6cc5461690231096fe211ff_s390x",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:590380885bc50a26570c0dad142a0920cce5d6e2f44c76cf5b9758fc28512e9c_ppc64le",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:735c68e2570fb35cd9cecc13b81840ff38d11ed62aa4c7f0d78804845adfbf39_amd64",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:902c4b759d2efe260456756511a4243ccd7ad114b2c39d2cf51305296903a290_s390x",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:df94b5b1b5220c6b1347c43352a1edb05f480f4d70c97cf0d3667631471f1d9c_arm64",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:50ba9a45a46d5419475536c90a98abbe088c07b914f522e9278e4f2349417e96_ppc64le",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:9507ecc73d91c9cb8179a8f57375c95941fe71c3fb6e6347b4fdc3ea2c5cfe17_arm64",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:c86ede957b5807e3194675759716650c4df0ef7d2e8894b942b7a2aab2c0f38f_s390x",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:e850537f0ab9420570d42365d7f4ed9fff65110c3910a334dac2aa29b6e3e2b9_amd64",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:46a7a38202e74ffcd0c64be726ee0a05ca61b0b3d8676fffc9b2156da8cfcf11_arm64",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:85a2ee2d4df59d237ebb12c7700ed0b6439c1330aae341c3909f56de73128d66_s390x",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:8d570ea2e7f197a56dab73f36728c8afd66a2f886458444a37cb5d7f603ca2e2_amd64",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:dbb2f1221cec4aec7349496fae6f5136012eedfe4c54751fee25e68da7cd0ed1_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "rsync: Info Leak via Uninitialized Stack Contents"
},
{
"cve": "CVE-2024-47220",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2024-09-22T01:20:12.271450+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2314051"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the webrick toolkit. This issue occurs because the server incorrectly handles requests with both Content-Length and Transfer-Encoding headers. This can allow an attacker to sneak in an extra request such as GET /admin after the normal request POST /user. As a result, unauthorized users can access restricted areas like /admin by POST /user.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "WEBrick: HTTP request smuggling",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE is rated as having Moderate impact because Webrick should not be used in production. It is only still maintained because there are other gems relying on it, most of which do so only for testing, and only because it is a pure ruby implementation and it was shipped with Ruby in the past.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOL-5.9:openshift-logging/cluster-logging-operator-bundle@sha256:05d36790c431c5bcdce4ac9b0e52aa1cb05fd4b544102733d49b74d23571f74c_amd64",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:5d91887518d966664794f4871653624da04a9c555d21752a4790b70bac47e1de_s390x",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:883f362a4397547edf23b158fec1d7c83d33d88d331d3f6041656a6834ca01ae_amd64",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:e6386dbf8cf2d2c0d953f3c378baceeb480ee8943d7522d975c2abde7aab0325_ppc64le",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:f6fae7a55c5f45d90a9df360cefda01de744b10b50b138d40f75a1cf1f778511_arm64",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:62a3fb23bd1d405a87d94a9a93ad2b3dd1d44d9eb2d062cf40cb48469e2fe754_s390x",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:a64fff60352252e6f0200e8f041f3216bad06320c95c6840da2e9c51fcab480c_amd64",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:cfdb5836eb9828b86977aec2186906bc9c12b80eca4ab066ca13e542d797f921_ppc64le",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:f937390944ecd159bca06b91289e847a00a3949c29823e8a9f9490cf2aaa5671_arm64",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:67927403108d96de2c1611c578a17e32afa8c6dadf62a96d3378efc16bd20396_amd64",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:d0516cdb390b87797550ccd54b92d8986c1742f405f8b894df7b61a474801a68_ppc64le",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:e15eecf4b824e54f22facd4468460d50718cf8c493370d7486cc3b22e3be1545_arm64",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:ff369dce86ef0a6dc6fd0f9a84c191f5fc5551d5fa80bf06017cc97c134b8218_s390x",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:1abab6bfcbc41e0c0e50b56a1796e20ba0a5a68433632bcc82eeb2d37d8c3402_arm64",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:ac93b9ee0ef564713e225ad271a44d4b382ea5e6a44138fddef76645df7fc599_amd64",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:c8131af6025d0db9b10d9d8f7622de16520bd39755ef8d856dcbd0652175138b_s390x",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:cf0db800309fc6549eed4ac00b4bb4fad601bfe0f941cf4a4c3092b05d037be1_ppc64le",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:1d4a55c485dd0866a3d7ac66a4e07d4ee4b974b3b0e0086e97b531fd1be22983_s390x",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:295698b1487cf0b8c216ebe404e7c8c8c4cfee4e59fee0967c96fc444c0fdc4f_amd64",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:6d73fef832b6c9fc131507f2a0dc966bfc40ee9c8005019ba43f417ca89985e3_arm64",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:78b2993a35bc6c52dba0d9e9516943ebba02432206de321b8a06c4012bc1b349_ppc64le",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:74be6cdcdfe1da1b5431cd7f66c78db2a7c399445e905ef704ca4171d3ccf846_ppc64le",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:a480418c3a90a85d411d46a2276112089173affbb23c5fb32691c9e53433eda4_s390x",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:abf424f8915d9766eb87f151bce018cfb1864d45f0d85f4707b09b7072277a03_arm64",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:f95c480d56b07083820e799e1de944693a6945a89c360d3d5859392090e4f944_amd64",
"9Base-RHOL-5.9:openshift-logging/loki-operator-bundle@sha256:fd4dd6de9fa37ef936cdb1c7d13716c85207f114701fb0ffad00233242fbfb63_amd64",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:35d52bf4cbed75a78fba98ead066a88993622f5b648b49265455c90dbea6b57a_ppc64le",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:6f379a6740699d19a0b9c14ed4f306b4cf8533b6d88e28e4cd2564a02e20f334_amd64",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:b35a0df55c1de24bcc6ce7740210abd61b4fc4d1e769a3c36f6014dee55efea9_arm64",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:f69b982c4c9cf8af53f2a16ba1af93f8288b667ab6cc5461690231096fe211ff_s390x",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:590380885bc50a26570c0dad142a0920cce5d6e2f44c76cf5b9758fc28512e9c_ppc64le",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:735c68e2570fb35cd9cecc13b81840ff38d11ed62aa4c7f0d78804845adfbf39_amd64",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:902c4b759d2efe260456756511a4243ccd7ad114b2c39d2cf51305296903a290_s390x",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:df94b5b1b5220c6b1347c43352a1edb05f480f4d70c97cf0d3667631471f1d9c_arm64",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:50ba9a45a46d5419475536c90a98abbe088c07b914f522e9278e4f2349417e96_ppc64le",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:9507ecc73d91c9cb8179a8f57375c95941fe71c3fb6e6347b4fdc3ea2c5cfe17_arm64",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:c86ede957b5807e3194675759716650c4df0ef7d2e8894b942b7a2aab2c0f38f_s390x",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:e850537f0ab9420570d42365d7f4ed9fff65110c3910a334dac2aa29b6e3e2b9_amd64",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:46a7a38202e74ffcd0c64be726ee0a05ca61b0b3d8676fffc9b2156da8cfcf11_arm64",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:85a2ee2d4df59d237ebb12c7700ed0b6439c1330aae341c3909f56de73128d66_s390x",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:8d570ea2e7f197a56dab73f36728c8afd66a2f886458444a37cb5d7f603ca2e2_amd64",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:dbb2f1221cec4aec7349496fae6f5136012eedfe4c54751fee25e68da7cd0ed1_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-47220"
},
{
"category": "external",
"summary": "RHBZ#2314051",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2314051"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-47220",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47220"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-47220",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-47220"
},
{
"category": "external",
"summary": "https://github.com/ruby/webrick/issues/145",
"url": "https://github.com/ruby/webrick/issues/145"
},
{
"category": "external",
"summary": "https://github.com/ruby/webrick/pull/146/commits/d88321da45dcd230ac2b4585cad4833d6d5e8841",
"url": "https://github.com/ruby/webrick/pull/146/commits/d88321da45dcd230ac2b4585cad4833d6d5e8841"
}
],
"release_date": "2024-09-22T01:15:11.950000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-02-12T16:40:08+00:00",
"details": "For OpenShift Container Platform 4.14 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.14/release_notes/ocp-4-14-release-notes.html\n\nFor Red Hat OpenShift Logging 5.9, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.14/logging/cluster-logging-upgrading.html",
"product_ids": [
"9Base-RHOL-5.9:openshift-logging/cluster-logging-operator-bundle@sha256:05d36790c431c5bcdce4ac9b0e52aa1cb05fd4b544102733d49b74d23571f74c_amd64",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:5d91887518d966664794f4871653624da04a9c555d21752a4790b70bac47e1de_s390x",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:883f362a4397547edf23b158fec1d7c83d33d88d331d3f6041656a6834ca01ae_amd64",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:e6386dbf8cf2d2c0d953f3c378baceeb480ee8943d7522d975c2abde7aab0325_ppc64le",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:f6fae7a55c5f45d90a9df360cefda01de744b10b50b138d40f75a1cf1f778511_arm64",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:62a3fb23bd1d405a87d94a9a93ad2b3dd1d44d9eb2d062cf40cb48469e2fe754_s390x",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:a64fff60352252e6f0200e8f041f3216bad06320c95c6840da2e9c51fcab480c_amd64",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:cfdb5836eb9828b86977aec2186906bc9c12b80eca4ab066ca13e542d797f921_ppc64le",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:f937390944ecd159bca06b91289e847a00a3949c29823e8a9f9490cf2aaa5671_arm64",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:67927403108d96de2c1611c578a17e32afa8c6dadf62a96d3378efc16bd20396_amd64",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:d0516cdb390b87797550ccd54b92d8986c1742f405f8b894df7b61a474801a68_ppc64le",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:e15eecf4b824e54f22facd4468460d50718cf8c493370d7486cc3b22e3be1545_arm64",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:ff369dce86ef0a6dc6fd0f9a84c191f5fc5551d5fa80bf06017cc97c134b8218_s390x",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:1abab6bfcbc41e0c0e50b56a1796e20ba0a5a68433632bcc82eeb2d37d8c3402_arm64",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:ac93b9ee0ef564713e225ad271a44d4b382ea5e6a44138fddef76645df7fc599_amd64",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:c8131af6025d0db9b10d9d8f7622de16520bd39755ef8d856dcbd0652175138b_s390x",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:cf0db800309fc6549eed4ac00b4bb4fad601bfe0f941cf4a4c3092b05d037be1_ppc64le",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:1d4a55c485dd0866a3d7ac66a4e07d4ee4b974b3b0e0086e97b531fd1be22983_s390x",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:295698b1487cf0b8c216ebe404e7c8c8c4cfee4e59fee0967c96fc444c0fdc4f_amd64",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:6d73fef832b6c9fc131507f2a0dc966bfc40ee9c8005019ba43f417ca89985e3_arm64",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:78b2993a35bc6c52dba0d9e9516943ebba02432206de321b8a06c4012bc1b349_ppc64le",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:74be6cdcdfe1da1b5431cd7f66c78db2a7c399445e905ef704ca4171d3ccf846_ppc64le",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:a480418c3a90a85d411d46a2276112089173affbb23c5fb32691c9e53433eda4_s390x",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:abf424f8915d9766eb87f151bce018cfb1864d45f0d85f4707b09b7072277a03_arm64",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:f95c480d56b07083820e799e1de944693a6945a89c360d3d5859392090e4f944_amd64",
"9Base-RHOL-5.9:openshift-logging/loki-operator-bundle@sha256:fd4dd6de9fa37ef936cdb1c7d13716c85207f114701fb0ffad00233242fbfb63_amd64",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:35d52bf4cbed75a78fba98ead066a88993622f5b648b49265455c90dbea6b57a_ppc64le",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:6f379a6740699d19a0b9c14ed4f306b4cf8533b6d88e28e4cd2564a02e20f334_amd64",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:b35a0df55c1de24bcc6ce7740210abd61b4fc4d1e769a3c36f6014dee55efea9_arm64",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:f69b982c4c9cf8af53f2a16ba1af93f8288b667ab6cc5461690231096fe211ff_s390x",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:590380885bc50a26570c0dad142a0920cce5d6e2f44c76cf5b9758fc28512e9c_ppc64le",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:735c68e2570fb35cd9cecc13b81840ff38d11ed62aa4c7f0d78804845adfbf39_amd64",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:902c4b759d2efe260456756511a4243ccd7ad114b2c39d2cf51305296903a290_s390x",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:df94b5b1b5220c6b1347c43352a1edb05f480f4d70c97cf0d3667631471f1d9c_arm64",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:50ba9a45a46d5419475536c90a98abbe088c07b914f522e9278e4f2349417e96_ppc64le",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:9507ecc73d91c9cb8179a8f57375c95941fe71c3fb6e6347b4fdc3ea2c5cfe17_arm64",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:c86ede957b5807e3194675759716650c4df0ef7d2e8894b942b7a2aab2c0f38f_s390x",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:e850537f0ab9420570d42365d7f4ed9fff65110c3910a334dac2aa29b6e3e2b9_amd64",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:46a7a38202e74ffcd0c64be726ee0a05ca61b0b3d8676fffc9b2156da8cfcf11_arm64",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:85a2ee2d4df59d237ebb12c7700ed0b6439c1330aae341c3909f56de73128d66_s390x",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:8d570ea2e7f197a56dab73f36728c8afd66a2f886458444a37cb5d7f603ca2e2_amd64",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:dbb2f1221cec4aec7349496fae6f5136012eedfe4c54751fee25e68da7cd0ed1_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:1227"
},
{
"category": "workaround",
"details": "As a temporary workaround, avoid using WEBrick in production environments. If you must use it, ensure that your application is behind a reverse proxy that can handle request validation and filtering to mitigate the risk of HTTP request smuggling.",
"product_ids": [
"9Base-RHOL-5.9:openshift-logging/cluster-logging-operator-bundle@sha256:05d36790c431c5bcdce4ac9b0e52aa1cb05fd4b544102733d49b74d23571f74c_amd64",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:5d91887518d966664794f4871653624da04a9c555d21752a4790b70bac47e1de_s390x",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:883f362a4397547edf23b158fec1d7c83d33d88d331d3f6041656a6834ca01ae_amd64",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:e6386dbf8cf2d2c0d953f3c378baceeb480ee8943d7522d975c2abde7aab0325_ppc64le",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:f6fae7a55c5f45d90a9df360cefda01de744b10b50b138d40f75a1cf1f778511_arm64",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:62a3fb23bd1d405a87d94a9a93ad2b3dd1d44d9eb2d062cf40cb48469e2fe754_s390x",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:a64fff60352252e6f0200e8f041f3216bad06320c95c6840da2e9c51fcab480c_amd64",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:cfdb5836eb9828b86977aec2186906bc9c12b80eca4ab066ca13e542d797f921_ppc64le",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:f937390944ecd159bca06b91289e847a00a3949c29823e8a9f9490cf2aaa5671_arm64",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:67927403108d96de2c1611c578a17e32afa8c6dadf62a96d3378efc16bd20396_amd64",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:d0516cdb390b87797550ccd54b92d8986c1742f405f8b894df7b61a474801a68_ppc64le",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:e15eecf4b824e54f22facd4468460d50718cf8c493370d7486cc3b22e3be1545_arm64",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:ff369dce86ef0a6dc6fd0f9a84c191f5fc5551d5fa80bf06017cc97c134b8218_s390x",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:1abab6bfcbc41e0c0e50b56a1796e20ba0a5a68433632bcc82eeb2d37d8c3402_arm64",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:ac93b9ee0ef564713e225ad271a44d4b382ea5e6a44138fddef76645df7fc599_amd64",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:c8131af6025d0db9b10d9d8f7622de16520bd39755ef8d856dcbd0652175138b_s390x",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:cf0db800309fc6549eed4ac00b4bb4fad601bfe0f941cf4a4c3092b05d037be1_ppc64le",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:1d4a55c485dd0866a3d7ac66a4e07d4ee4b974b3b0e0086e97b531fd1be22983_s390x",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:295698b1487cf0b8c216ebe404e7c8c8c4cfee4e59fee0967c96fc444c0fdc4f_amd64",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:6d73fef832b6c9fc131507f2a0dc966bfc40ee9c8005019ba43f417ca89985e3_arm64",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:78b2993a35bc6c52dba0d9e9516943ebba02432206de321b8a06c4012bc1b349_ppc64le",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:74be6cdcdfe1da1b5431cd7f66c78db2a7c399445e905ef704ca4171d3ccf846_ppc64le",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:a480418c3a90a85d411d46a2276112089173affbb23c5fb32691c9e53433eda4_s390x",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:abf424f8915d9766eb87f151bce018cfb1864d45f0d85f4707b09b7072277a03_arm64",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:f95c480d56b07083820e799e1de944693a6945a89c360d3d5859392090e4f944_amd64",
"9Base-RHOL-5.9:openshift-logging/loki-operator-bundle@sha256:fd4dd6de9fa37ef936cdb1c7d13716c85207f114701fb0ffad00233242fbfb63_amd64",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:35d52bf4cbed75a78fba98ead066a88993622f5b648b49265455c90dbea6b57a_ppc64le",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:6f379a6740699d19a0b9c14ed4f306b4cf8533b6d88e28e4cd2564a02e20f334_amd64",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:b35a0df55c1de24bcc6ce7740210abd61b4fc4d1e769a3c36f6014dee55efea9_arm64",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:f69b982c4c9cf8af53f2a16ba1af93f8288b667ab6cc5461690231096fe211ff_s390x",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:590380885bc50a26570c0dad142a0920cce5d6e2f44c76cf5b9758fc28512e9c_ppc64le",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:735c68e2570fb35cd9cecc13b81840ff38d11ed62aa4c7f0d78804845adfbf39_amd64",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:902c4b759d2efe260456756511a4243ccd7ad114b2c39d2cf51305296903a290_s390x",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:df94b5b1b5220c6b1347c43352a1edb05f480f4d70c97cf0d3667631471f1d9c_arm64",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:50ba9a45a46d5419475536c90a98abbe088c07b914f522e9278e4f2349417e96_ppc64le",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:9507ecc73d91c9cb8179a8f57375c95941fe71c3fb6e6347b4fdc3ea2c5cfe17_arm64",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:c86ede957b5807e3194675759716650c4df0ef7d2e8894b942b7a2aab2c0f38f_s390x",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:e850537f0ab9420570d42365d7f4ed9fff65110c3910a334dac2aa29b6e3e2b9_amd64",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:46a7a38202e74ffcd0c64be726ee0a05ca61b0b3d8676fffc9b2156da8cfcf11_arm64",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:85a2ee2d4df59d237ebb12c7700ed0b6439c1330aae341c3909f56de73128d66_s390x",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:8d570ea2e7f197a56dab73f36728c8afd66a2f886458444a37cb5d7f603ca2e2_amd64",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:dbb2f1221cec4aec7349496fae6f5136012eedfe4c54751fee25e68da7cd0ed1_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-RHOL-5.9:openshift-logging/cluster-logging-operator-bundle@sha256:05d36790c431c5bcdce4ac9b0e52aa1cb05fd4b544102733d49b74d23571f74c_amd64",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:5d91887518d966664794f4871653624da04a9c555d21752a4790b70bac47e1de_s390x",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:883f362a4397547edf23b158fec1d7c83d33d88d331d3f6041656a6834ca01ae_amd64",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:e6386dbf8cf2d2c0d953f3c378baceeb480ee8943d7522d975c2abde7aab0325_ppc64le",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:f6fae7a55c5f45d90a9df360cefda01de744b10b50b138d40f75a1cf1f778511_arm64",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:62a3fb23bd1d405a87d94a9a93ad2b3dd1d44d9eb2d062cf40cb48469e2fe754_s390x",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:a64fff60352252e6f0200e8f041f3216bad06320c95c6840da2e9c51fcab480c_amd64",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:cfdb5836eb9828b86977aec2186906bc9c12b80eca4ab066ca13e542d797f921_ppc64le",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:f937390944ecd159bca06b91289e847a00a3949c29823e8a9f9490cf2aaa5671_arm64",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:67927403108d96de2c1611c578a17e32afa8c6dadf62a96d3378efc16bd20396_amd64",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:d0516cdb390b87797550ccd54b92d8986c1742f405f8b894df7b61a474801a68_ppc64le",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:e15eecf4b824e54f22facd4468460d50718cf8c493370d7486cc3b22e3be1545_arm64",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:ff369dce86ef0a6dc6fd0f9a84c191f5fc5551d5fa80bf06017cc97c134b8218_s390x",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:1abab6bfcbc41e0c0e50b56a1796e20ba0a5a68433632bcc82eeb2d37d8c3402_arm64",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:ac93b9ee0ef564713e225ad271a44d4b382ea5e6a44138fddef76645df7fc599_amd64",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:c8131af6025d0db9b10d9d8f7622de16520bd39755ef8d856dcbd0652175138b_s390x",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:cf0db800309fc6549eed4ac00b4bb4fad601bfe0f941cf4a4c3092b05d037be1_ppc64le",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:1d4a55c485dd0866a3d7ac66a4e07d4ee4b974b3b0e0086e97b531fd1be22983_s390x",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:295698b1487cf0b8c216ebe404e7c8c8c4cfee4e59fee0967c96fc444c0fdc4f_amd64",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:6d73fef832b6c9fc131507f2a0dc966bfc40ee9c8005019ba43f417ca89985e3_arm64",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:78b2993a35bc6c52dba0d9e9516943ebba02432206de321b8a06c4012bc1b349_ppc64le",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:74be6cdcdfe1da1b5431cd7f66c78db2a7c399445e905ef704ca4171d3ccf846_ppc64le",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:a480418c3a90a85d411d46a2276112089173affbb23c5fb32691c9e53433eda4_s390x",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:abf424f8915d9766eb87f151bce018cfb1864d45f0d85f4707b09b7072277a03_arm64",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:f95c480d56b07083820e799e1de944693a6945a89c360d3d5859392090e4f944_amd64",
"9Base-RHOL-5.9:openshift-logging/loki-operator-bundle@sha256:fd4dd6de9fa37ef936cdb1c7d13716c85207f114701fb0ffad00233242fbfb63_amd64",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:35d52bf4cbed75a78fba98ead066a88993622f5b648b49265455c90dbea6b57a_ppc64le",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:6f379a6740699d19a0b9c14ed4f306b4cf8533b6d88e28e4cd2564a02e20f334_amd64",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:b35a0df55c1de24bcc6ce7740210abd61b4fc4d1e769a3c36f6014dee55efea9_arm64",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:f69b982c4c9cf8af53f2a16ba1af93f8288b667ab6cc5461690231096fe211ff_s390x",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:590380885bc50a26570c0dad142a0920cce5d6e2f44c76cf5b9758fc28512e9c_ppc64le",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:735c68e2570fb35cd9cecc13b81840ff38d11ed62aa4c7f0d78804845adfbf39_amd64",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:902c4b759d2efe260456756511a4243ccd7ad114b2c39d2cf51305296903a290_s390x",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:df94b5b1b5220c6b1347c43352a1edb05f480f4d70c97cf0d3667631471f1d9c_arm64",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:50ba9a45a46d5419475536c90a98abbe088c07b914f522e9278e4f2349417e96_ppc64le",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:9507ecc73d91c9cb8179a8f57375c95941fe71c3fb6e6347b4fdc3ea2c5cfe17_arm64",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:c86ede957b5807e3194675759716650c4df0ef7d2e8894b942b7a2aab2c0f38f_s390x",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:e850537f0ab9420570d42365d7f4ed9fff65110c3910a334dac2aa29b6e3e2b9_amd64",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:46a7a38202e74ffcd0c64be726ee0a05ca61b0b3d8676fffc9b2156da8cfcf11_arm64",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:85a2ee2d4df59d237ebb12c7700ed0b6439c1330aae341c3909f56de73128d66_s390x",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:8d570ea2e7f197a56dab73f36728c8afd66a2f886458444a37cb5d7f603ca2e2_amd64",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:dbb2f1221cec4aec7349496fae6f5136012eedfe4c54751fee25e68da7cd0ed1_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "WEBrick: HTTP request smuggling"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.