Vulnerability-Lookup

RHBA-2021_3393

Vulnerability from csaf_redhat - Published: 2021-09-07 16:28 - Updated: 2024-11-22 17:18

Summary

Red Hat Bug Fix Advisory: Openshift Logging Bug Fix Release (5.2.0)

Severity

Moderate

Notes

Topic: Openshift Logging Bug Fix Release (5.2.0)

Details: Openshift Logging Bug Fix Release (5.2.0)

Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

CVE-2021-32740

A resource-consumption vulnerability was found in rubygem addressable, where its URI template implementation could allow an attacker's crafted template to consume resources, resulting in a denial of service. The highest threat from this vulnerability is to system availability.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-400 - Uncontrolled Resource Consumption

Vendor Fix For important instructions on how to upgrade your cluster and fully apply this errata update, see the following documentation, which will be updated shortly for this release: https://docs.openshift.com/container-platform/4.8/logging/cluster-logging-release-notes.html For Red Hat OpenShift Logging 5.2, see the following instructions to apply this update: https://docs.openshift.com/container-platform/4.8/logging/cluster-logging-upgrading.html https://access.redhat.com/errata/RHBA-2021:3393

Workaround Create template objects only from trusted sources that have been validated not to produce catastrophic backtracking.

References

URL

Category

	https://access.redhat.com/errata/RHBA-2021:3393	self
	https://issues.redhat.com/browse/LOG-1071	external
	https://issues.redhat.com/browse/LOG-1130	external
	https://issues.redhat.com/browse/LOG-1271	external
	https://issues.redhat.com/browse/LOG-1273	external
	https://issues.redhat.com/browse/LOG-1276	external
	https://issues.redhat.com/browse/LOG-1353	external
	https://issues.redhat.com/browse/LOG-1385	external
	https://issues.redhat.com/browse/LOG-1411	external
	https://issues.redhat.com/browse/LOG-1420	external
	https://issues.redhat.com/browse/LOG-1440	external
	https://issues.redhat.com/browse/LOG-1446	external
	https://issues.redhat.com/browse/LOG-1499	external
	https://issues.redhat.com/browse/LOG-1558	external
	https://issues.redhat.com/browse/LOG-1567	external
	https://issues.redhat.com/browse/LOG-1570	external
	https://issues.redhat.com/browse/LOG-1589	external
	https://issues.redhat.com/browse/LOG-1590	external
	https://issues.redhat.com/browse/LOG-1623	external
	https://issues.redhat.com/browse/LOG-1624	external
	https://issues.redhat.com/browse/LOG-1625	external
	https://issues.redhat.com/browse/LOG-1647	external
	https://issues.redhat.com/browse/LOG-1657	external
	https://issues.redhat.com/browse/LOG-1681	external
	https://issues.redhat.com/browse/LOG-1683	external
	https://issues.redhat.com/browse/LOG-1702	external
	https://issues.redhat.com/browse/LOG-1714	external
	https://issues.redhat.com/browse/LOG-1722	external
	https://issues.redhat.com/browse/LOG-1723	external
	https://security.access.redhat.com/data/csaf/v2/a…	self
	https://access.redhat.com/security/cve/CVE-2021-32740	self
	https://bugzilla.redhat.com/show_bug.cgi?id=1979702	external
	https://www.cve.org/CVERecord?id=CVE-2021-32740	external
	https://nvd.nist.gov/vuln/detail/CVE-2021-32740	external
	https://github.com/sporkmonger/addressable/securi…	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Openshift Logging Bug Fix Release (5.2.0)",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Openshift Logging Bug Fix Release (5.2.0)",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHBA-2021:3393",
        "url": "https://access.redhat.com/errata/RHBA-2021:3393"
      },
      {
        "category": "external",
        "summary": "LOG-1071",
        "url": "https://issues.redhat.com/browse/LOG-1071"
      },
      {
        "category": "external",
        "summary": "LOG-1130",
        "url": "https://issues.redhat.com/browse/LOG-1130"
      },
      {
        "category": "external",
        "summary": "LOG-1271",
        "url": "https://issues.redhat.com/browse/LOG-1271"
      },
      {
        "category": "external",
        "summary": "LOG-1273",
        "url": "https://issues.redhat.com/browse/LOG-1273"
      },
      {
        "category": "external",
        "summary": "LOG-1276",
        "url": "https://issues.redhat.com/browse/LOG-1276"
      },
      {
        "category": "external",
        "summary": "LOG-1353",
        "url": "https://issues.redhat.com/browse/LOG-1353"
      },
      {
        "category": "external",
        "summary": "LOG-1385",
        "url": "https://issues.redhat.com/browse/LOG-1385"
      },
      {
        "category": "external",
        "summary": "LOG-1411",
        "url": "https://issues.redhat.com/browse/LOG-1411"
      },
      {
        "category": "external",
        "summary": "LOG-1420",
        "url": "https://issues.redhat.com/browse/LOG-1420"
      },
      {
        "category": "external",
        "summary": "LOG-1440",
        "url": "https://issues.redhat.com/browse/LOG-1440"
      },
      {
        "category": "external",
        "summary": "LOG-1446",
        "url": "https://issues.redhat.com/browse/LOG-1446"
      },
      {
        "category": "external",
        "summary": "LOG-1499",
        "url": "https://issues.redhat.com/browse/LOG-1499"
      },
      {
        "category": "external",
        "summary": "LOG-1558",
        "url": "https://issues.redhat.com/browse/LOG-1558"
      },
      {
        "category": "external",
        "summary": "LOG-1567",
        "url": "https://issues.redhat.com/browse/LOG-1567"
      },
      {
        "category": "external",
        "summary": "LOG-1570",
        "url": "https://issues.redhat.com/browse/LOG-1570"
      },
      {
        "category": "external",
        "summary": "LOG-1589",
        "url": "https://issues.redhat.com/browse/LOG-1589"
      },
      {
        "category": "external",
        "summary": "LOG-1590",
        "url": "https://issues.redhat.com/browse/LOG-1590"
      },
      {
        "category": "external",
        "summary": "LOG-1623",
        "url": "https://issues.redhat.com/browse/LOG-1623"
      },
      {
        "category": "external",
        "summary": "LOG-1624",
        "url": "https://issues.redhat.com/browse/LOG-1624"
      },
      {
        "category": "external",
        "summary": "LOG-1625",
        "url": "https://issues.redhat.com/browse/LOG-1625"
      },
      {
        "category": "external",
        "summary": "LOG-1647",
        "url": "https://issues.redhat.com/browse/LOG-1647"
      },
      {
        "category": "external",
        "summary": "LOG-1657",
        "url": "https://issues.redhat.com/browse/LOG-1657"
      },
      {
        "category": "external",
        "summary": "LOG-1681",
        "url": "https://issues.redhat.com/browse/LOG-1681"
      },
      {
        "category": "external",
        "summary": "LOG-1683",
        "url": "https://issues.redhat.com/browse/LOG-1683"
      },
      {
        "category": "external",
        "summary": "LOG-1702",
        "url": "https://issues.redhat.com/browse/LOG-1702"
      },
      {
        "category": "external",
        "summary": "LOG-1714",
        "url": "https://issues.redhat.com/browse/LOG-1714"
      },
      {
        "category": "external",
        "summary": "LOG-1722",
        "url": "https://issues.redhat.com/browse/LOG-1722"
      },
      {
        "category": "external",
        "summary": "LOG-1723",
        "url": "https://issues.redhat.com/browse/LOG-1723"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhba-2021_3393.json"
      }
    ],
    "title": "Red Hat Bug Fix Advisory: Openshift Logging Bug Fix Release (5.2.0)",
    "tracking": {
      "current_release_date": "2024-11-22T17:18:10+00:00",
      "generator": {
        "date": "2024-11-22T17:18:10+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.1"
        }
      },
      "id": "RHBA-2021:3393",
      "initial_release_date": "2021-09-07T16:28:17+00:00",
      "revision_history": [
        {
          "date": "2021-09-07T16:28:17+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2021-09-07T16:28:17+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-11-22T17:18:10+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "OpenShift Logging 5.2",
                "product": {
                  "name": "OpenShift Logging 5.2",
                  "product_id": "8Base-OSE-LOGGING-5.2",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:logging:5.2::el8"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat OpenShift Enterprise"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "openshift-logging/cluster-logging-rhel8-operator@sha256:b9bccd956a9fe22506696f4ff1a83410ebbeb48b8dad3c1ee5dbd9270e061e04_s390x",
                "product": {
                  "name": "openshift-logging/cluster-logging-rhel8-operator@sha256:b9bccd956a9fe22506696f4ff1a83410ebbeb48b8dad3c1ee5dbd9270e061e04_s390x",
                  "product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:b9bccd956a9fe22506696f4ff1a83410ebbeb48b8dad3c1ee5dbd9270e061e04_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:b9bccd956a9fe22506696f4ff1a83410ebbeb48b8dad3c1ee5dbd9270e061e04?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.2.0-20"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-logging/elasticsearch-rhel8-operator@sha256:f0a264457205a99090348ba53c3db478ea1f0c7fd28159bb3b2b9adb284e9aa1_s390x",
                "product": {
                  "name": "openshift-logging/elasticsearch-rhel8-operator@sha256:f0a264457205a99090348ba53c3db478ea1f0c7fd28159bb3b2b9adb284e9aa1_s390x",
                  "product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:f0a264457205a99090348ba53c3db478ea1f0c7fd28159bb3b2b9adb284e9aa1_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:f0a264457205a99090348ba53c3db478ea1f0c7fd28159bb3b2b9adb284e9aa1?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.2.0-14"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:5dad0b5e1e09e9c0b8ac0dbe3635ff9986ef5efa2fbd1d8057a4ec71a045b91a_s390x",
                "product": {
                  "name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:5dad0b5e1e09e9c0b8ac0dbe3635ff9986ef5efa2fbd1d8057a4ec71a045b91a_s390x",
                  "product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:5dad0b5e1e09e9c0b8ac0dbe3635ff9986ef5efa2fbd1d8057a4ec71a045b91a_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:5dad0b5e1e09e9c0b8ac0dbe3635ff9986ef5efa2fbd1d8057a4ec71a045b91a?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v5.2.0-11"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:dd5cec2e593b6a036901a23ae9c483a957fea15b7691c396f6b78cc6f132780f_s390x",
                "product": {
                  "name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:dd5cec2e593b6a036901a23ae9c483a957fea15b7691c396f6b78cc6f132780f_s390x",
                  "product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:dd5cec2e593b6a036901a23ae9c483a957fea15b7691c396f6b78cc6f132780f_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:dd5cec2e593b6a036901a23ae9c483a957fea15b7691c396f6b78cc6f132780f?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v5.2.0-14"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-logging/logging-curator5-rhel8@sha256:0c3372e846ce58fc9159ef61e80d625cd657a682f9e0dadd8a255194681e05fd_s390x",
                "product": {
                  "name": "openshift-logging/logging-curator5-rhel8@sha256:0c3372e846ce58fc9159ef61e80d625cd657a682f9e0dadd8a255194681e05fd_s390x",
                  "product_id": "openshift-logging/logging-curator5-rhel8@sha256:0c3372e846ce58fc9159ef61e80d625cd657a682f9e0dadd8a255194681e05fd_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/logging-curator5-rhel8@sha256:0c3372e846ce58fc9159ef61e80d625cd657a682f9e0dadd8a255194681e05fd?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.2.0-8"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-logging/elasticsearch6-rhel8@sha256:96d9268d923e7a5838d8d569bf148695830a8130d570a181b72bbf4baa206e9d_s390x",
                "product": {
                  "name": "openshift-logging/elasticsearch6-rhel8@sha256:96d9268d923e7a5838d8d569bf148695830a8130d570a181b72bbf4baa206e9d_s390x",
                  "product_id": "openshift-logging/elasticsearch6-rhel8@sha256:96d9268d923e7a5838d8d569bf148695830a8130d570a181b72bbf4baa206e9d_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/elasticsearch6-rhel8@sha256:96d9268d923e7a5838d8d569bf148695830a8130d570a181b72bbf4baa206e9d?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v5.2.0-8"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-logging/eventrouter-rhel8@sha256:7a5dc91fde153508d66095020483d0098be01786fec9d164530dc3f4f5c85793_s390x",
                "product": {
                  "name": "openshift-logging/eventrouter-rhel8@sha256:7a5dc91fde153508d66095020483d0098be01786fec9d164530dc3f4f5c85793_s390x",
                  "product_id": "openshift-logging/eventrouter-rhel8@sha256:7a5dc91fde153508d66095020483d0098be01786fec9d164530dc3f4f5c85793_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/eventrouter-rhel8@sha256:7a5dc91fde153508d66095020483d0098be01786fec9d164530dc3f4f5c85793?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v5.2.0-10"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-logging/fluentd-rhel8@sha256:a9f2513d88f73a1e8791285e01fb8679887ee55428f25ac83eb296de09783aa1_s390x",
                "product": {
                  "name": "openshift-logging/fluentd-rhel8@sha256:a9f2513d88f73a1e8791285e01fb8679887ee55428f25ac83eb296de09783aa1_s390x",
                  "product_id": "openshift-logging/fluentd-rhel8@sha256:a9f2513d88f73a1e8791285e01fb8679887ee55428f25ac83eb296de09783aa1_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/fluentd-rhel8@sha256:a9f2513d88f73a1e8791285e01fb8679887ee55428f25ac83eb296de09783aa1?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v5.2.0-10"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-logging/kibana6-rhel8@sha256:62bb4c55d5b033a2a27ee958c7aac2bd213072e3e35541aba817532b415b10d8_s390x",
                "product": {
                  "name": "openshift-logging/kibana6-rhel8@sha256:62bb4c55d5b033a2a27ee958c7aac2bd213072e3e35541aba817532b415b10d8_s390x",
                  "product_id": "openshift-logging/kibana6-rhel8@sha256:62bb4c55d5b033a2a27ee958c7aac2bd213072e3e35541aba817532b415b10d8_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/kibana6-rhel8@sha256:62bb4c55d5b033a2a27ee958c7aac2bd213072e3e35541aba817532b415b10d8?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v5.2.0-9"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "openshift-logging/cluster-logging-rhel8-operator@sha256:423828d9ee730e4c264713256d19cab0d8fcd0eeee32883922bd589c0d3c9ecb_amd64",
                "product": {
                  "name": "openshift-logging/cluster-logging-rhel8-operator@sha256:423828d9ee730e4c264713256d19cab0d8fcd0eeee32883922bd589c0d3c9ecb_amd64",
                  "product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:423828d9ee730e4c264713256d19cab0d8fcd0eeee32883922bd589c0d3c9ecb_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:423828d9ee730e4c264713256d19cab0d8fcd0eeee32883922bd589c0d3c9ecb?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.2.0-20"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-logging/cluster-logging-operator-bundle@sha256:b86bf7654c7919887a004c3953840eed5d514bf0f08106ce043bc4c3dae37c83_amd64",
                "product": {
                  "name": "openshift-logging/cluster-logging-operator-bundle@sha256:b86bf7654c7919887a004c3953840eed5d514bf0f08106ce043bc4c3dae37c83_amd64",
                  "product_id": "openshift-logging/cluster-logging-operator-bundle@sha256:b86bf7654c7919887a004c3953840eed5d514bf0f08106ce043bc4c3dae37c83_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/cluster-logging-operator-bundle@sha256:b86bf7654c7919887a004c3953840eed5d514bf0f08106ce043bc4c3dae37c83?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-operator-bundle\u0026tag=v5.2.0-57"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-logging/elasticsearch-rhel8-operator@sha256:cafdc3bd78546fb514cb2cbdc4eb49a577c96cc87089c3b86e8e8af730d500d3_amd64",
                "product": {
                  "name": "openshift-logging/elasticsearch-rhel8-operator@sha256:cafdc3bd78546fb514cb2cbdc4eb49a577c96cc87089c3b86e8e8af730d500d3_amd64",
                  "product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:cafdc3bd78546fb514cb2cbdc4eb49a577c96cc87089c3b86e8e8af730d500d3_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:cafdc3bd78546fb514cb2cbdc4eb49a577c96cc87089c3b86e8e8af730d500d3?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.2.0-14"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-logging/elasticsearch-operator-bundle@sha256:788929ff683450b7cb0c48af4f5e6d0b2dc7d4a38d4d072c9a16e0d0542a1304_amd64",
                "product": {
                  "name": "openshift-logging/elasticsearch-operator-bundle@sha256:788929ff683450b7cb0c48af4f5e6d0b2dc7d4a38d4d072c9a16e0d0542a1304_amd64",
                  "product_id": "openshift-logging/elasticsearch-operator-bundle@sha256:788929ff683450b7cb0c48af4f5e6d0b2dc7d4a38d4d072c9a16e0d0542a1304_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/elasticsearch-operator-bundle@sha256:788929ff683450b7cb0c48af4f5e6d0b2dc7d4a38d4d072c9a16e0d0542a1304?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-operator-bundle\u0026tag=v5.2.0-58"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:3c0fa213fc00f5301278d4dd8cdc3b86625bdeca3c446871fc833b693f17fed1_amd64",
                "product": {
                  "name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:3c0fa213fc00f5301278d4dd8cdc3b86625bdeca3c446871fc833b693f17fed1_amd64",
                  "product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:3c0fa213fc00f5301278d4dd8cdc3b86625bdeca3c446871fc833b693f17fed1_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:3c0fa213fc00f5301278d4dd8cdc3b86625bdeca3c446871fc833b693f17fed1?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v5.2.0-11"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:660f26a9af99e0d0d2b26d5f3c485692100f8fc81f91803448cd79cc36938dec_amd64",
                "product": {
                  "name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:660f26a9af99e0d0d2b26d5f3c485692100f8fc81f91803448cd79cc36938dec_amd64",
                  "product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:660f26a9af99e0d0d2b26d5f3c485692100f8fc81f91803448cd79cc36938dec_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:660f26a9af99e0d0d2b26d5f3c485692100f8fc81f91803448cd79cc36938dec?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v5.2.0-14"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-logging/logging-curator5-rhel8@sha256:9937504a2361c70f2ea9b10fae6ce5ff4096bc3c5f3d01b0cea7c041ff0cabcb_amd64",
                "product": {
                  "name": "openshift-logging/logging-curator5-rhel8@sha256:9937504a2361c70f2ea9b10fae6ce5ff4096bc3c5f3d01b0cea7c041ff0cabcb_amd64",
                  "product_id": "openshift-logging/logging-curator5-rhel8@sha256:9937504a2361c70f2ea9b10fae6ce5ff4096bc3c5f3d01b0cea7c041ff0cabcb_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/logging-curator5-rhel8@sha256:9937504a2361c70f2ea9b10fae6ce5ff4096bc3c5f3d01b0cea7c041ff0cabcb?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.2.0-8"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-logging/elasticsearch6-rhel8@sha256:7730e3d1c2f0ad01f044b21dbb90f079c486f311026854695e816e164d4e1cb3_amd64",
                "product": {
                  "name": "openshift-logging/elasticsearch6-rhel8@sha256:7730e3d1c2f0ad01f044b21dbb90f079c486f311026854695e816e164d4e1cb3_amd64",
                  "product_id": "openshift-logging/elasticsearch6-rhel8@sha256:7730e3d1c2f0ad01f044b21dbb90f079c486f311026854695e816e164d4e1cb3_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/elasticsearch6-rhel8@sha256:7730e3d1c2f0ad01f044b21dbb90f079c486f311026854695e816e164d4e1cb3?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v5.2.0-8"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-logging/eventrouter-rhel8@sha256:ce7dc68e2a3e32b58e231267ee3be305bc976fef670c7ddbcdc50ddfffbd209d_amd64",
                "product": {
                  "name": "openshift-logging/eventrouter-rhel8@sha256:ce7dc68e2a3e32b58e231267ee3be305bc976fef670c7ddbcdc50ddfffbd209d_amd64",
                  "product_id": "openshift-logging/eventrouter-rhel8@sha256:ce7dc68e2a3e32b58e231267ee3be305bc976fef670c7ddbcdc50ddfffbd209d_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/eventrouter-rhel8@sha256:ce7dc68e2a3e32b58e231267ee3be305bc976fef670c7ddbcdc50ddfffbd209d?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v5.2.0-10"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-logging/fluentd-rhel8@sha256:76f129f017634397a17657ac57e6aa0d54152d43fe520960fd953f382e2d7242_amd64",
                "product": {
                  "name": "openshift-logging/fluentd-rhel8@sha256:76f129f017634397a17657ac57e6aa0d54152d43fe520960fd953f382e2d7242_amd64",
                  "product_id": "openshift-logging/fluentd-rhel8@sha256:76f129f017634397a17657ac57e6aa0d54152d43fe520960fd953f382e2d7242_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/fluentd-rhel8@sha256:76f129f017634397a17657ac57e6aa0d54152d43fe520960fd953f382e2d7242?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v5.2.0-10"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-logging/kibana6-rhel8@sha256:bd8241504d7eba68b32af8b82be1129a4ac6a843f1015ed214e773a653af9393_amd64",
                "product": {
                  "name": "openshift-logging/kibana6-rhel8@sha256:bd8241504d7eba68b32af8b82be1129a4ac6a843f1015ed214e773a653af9393_amd64",
                  "product_id": "openshift-logging/kibana6-rhel8@sha256:bd8241504d7eba68b32af8b82be1129a4ac6a843f1015ed214e773a653af9393_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/kibana6-rhel8@sha256:bd8241504d7eba68b32af8b82be1129a4ac6a843f1015ed214e773a653af9393?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v5.2.0-9"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "amd64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "openshift-logging/cluster-logging-rhel8-operator@sha256:09af2549ff71a9ffa19538ff53599713af715b9623f6f5114449d45232162c71_ppc64le",
                "product": {
                  "name": "openshift-logging/cluster-logging-rhel8-operator@sha256:09af2549ff71a9ffa19538ff53599713af715b9623f6f5114449d45232162c71_ppc64le",
                  "product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:09af2549ff71a9ffa19538ff53599713af715b9623f6f5114449d45232162c71_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:09af2549ff71a9ffa19538ff53599713af715b9623f6f5114449d45232162c71?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.2.0-20"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-logging/elasticsearch-rhel8-operator@sha256:e7d91d273055029172d55ae4d39d76321d67dee8be7e3ee5fc29bcd5e82d1af0_ppc64le",
                "product": {
                  "name": "openshift-logging/elasticsearch-rhel8-operator@sha256:e7d91d273055029172d55ae4d39d76321d67dee8be7e3ee5fc29bcd5e82d1af0_ppc64le",
                  "product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:e7d91d273055029172d55ae4d39d76321d67dee8be7e3ee5fc29bcd5e82d1af0_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:e7d91d273055029172d55ae4d39d76321d67dee8be7e3ee5fc29bcd5e82d1af0?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.2.0-14"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:07394901f71213f2428c99a6a0e469ef9be97db4fd2ff41d3ec8fc3a862b2bfe_ppc64le",
                "product": {
                  "name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:07394901f71213f2428c99a6a0e469ef9be97db4fd2ff41d3ec8fc3a862b2bfe_ppc64le",
                  "product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:07394901f71213f2428c99a6a0e469ef9be97db4fd2ff41d3ec8fc3a862b2bfe_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:07394901f71213f2428c99a6a0e469ef9be97db4fd2ff41d3ec8fc3a862b2bfe?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v5.2.0-11"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:a484b5b99cad803ae3fb72a720e09096f52380a5443152b4531c69fac970473f_ppc64le",
                "product": {
                  "name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:a484b5b99cad803ae3fb72a720e09096f52380a5443152b4531c69fac970473f_ppc64le",
                  "product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:a484b5b99cad803ae3fb72a720e09096f52380a5443152b4531c69fac970473f_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:a484b5b99cad803ae3fb72a720e09096f52380a5443152b4531c69fac970473f?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v5.2.0-14"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-logging/logging-curator5-rhel8@sha256:2a6c0dae3b3c96b0c669a30cb748caae05fb36927fb5143a861a50c0f5fc7577_ppc64le",
                "product": {
                  "name": "openshift-logging/logging-curator5-rhel8@sha256:2a6c0dae3b3c96b0c669a30cb748caae05fb36927fb5143a861a50c0f5fc7577_ppc64le",
                  "product_id": "openshift-logging/logging-curator5-rhel8@sha256:2a6c0dae3b3c96b0c669a30cb748caae05fb36927fb5143a861a50c0f5fc7577_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/logging-curator5-rhel8@sha256:2a6c0dae3b3c96b0c669a30cb748caae05fb36927fb5143a861a50c0f5fc7577?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.2.0-8"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-logging/elasticsearch6-rhel8@sha256:95c8eb02898b1923e41e6abeeda9cf3fea77e6d736ad4846df9567400435f4f4_ppc64le",
                "product": {
                  "name": "openshift-logging/elasticsearch6-rhel8@sha256:95c8eb02898b1923e41e6abeeda9cf3fea77e6d736ad4846df9567400435f4f4_ppc64le",
                  "product_id": "openshift-logging/elasticsearch6-rhel8@sha256:95c8eb02898b1923e41e6abeeda9cf3fea77e6d736ad4846df9567400435f4f4_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/elasticsearch6-rhel8@sha256:95c8eb02898b1923e41e6abeeda9cf3fea77e6d736ad4846df9567400435f4f4?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v5.2.0-8"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-logging/eventrouter-rhel8@sha256:018721a7037fa8cae65b0b1c7ba3995642bb35e38c39dd22cc276ff159e27a39_ppc64le",
                "product": {
                  "name": "openshift-logging/eventrouter-rhel8@sha256:018721a7037fa8cae65b0b1c7ba3995642bb35e38c39dd22cc276ff159e27a39_ppc64le",
                  "product_id": "openshift-logging/eventrouter-rhel8@sha256:018721a7037fa8cae65b0b1c7ba3995642bb35e38c39dd22cc276ff159e27a39_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/eventrouter-rhel8@sha256:018721a7037fa8cae65b0b1c7ba3995642bb35e38c39dd22cc276ff159e27a39?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v5.2.0-10"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-logging/fluentd-rhel8@sha256:61e1d646090fe7832579e0cdb6c82750f42498354ed192935dd3e2c69cf88607_ppc64le",
                "product": {
                  "name": "openshift-logging/fluentd-rhel8@sha256:61e1d646090fe7832579e0cdb6c82750f42498354ed192935dd3e2c69cf88607_ppc64le",
                  "product_id": "openshift-logging/fluentd-rhel8@sha256:61e1d646090fe7832579e0cdb6c82750f42498354ed192935dd3e2c69cf88607_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/fluentd-rhel8@sha256:61e1d646090fe7832579e0cdb6c82750f42498354ed192935dd3e2c69cf88607?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v5.2.0-10"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-logging/kibana6-rhel8@sha256:1db3ea077db0c2948210558883d85d04f94658aab02754eba5c3cdb49e42de29_ppc64le",
                "product": {
                  "name": "openshift-logging/kibana6-rhel8@sha256:1db3ea077db0c2948210558883d85d04f94658aab02754eba5c3cdb49e42de29_ppc64le",
                  "product_id": "openshift-logging/kibana6-rhel8@sha256:1db3ea077db0c2948210558883d85d04f94658aab02754eba5c3cdb49e42de29_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/kibana6-rhel8@sha256:1db3ea077db0c2948210558883d85d04f94658aab02754eba5c3cdb49e42de29?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v5.2.0-9"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-logging/cluster-logging-operator-bundle@sha256:b86bf7654c7919887a004c3953840eed5d514bf0f08106ce043bc4c3dae37c83_amd64 as a component of OpenShift Logging 5.2",
          "product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-operator-bundle@sha256:b86bf7654c7919887a004c3953840eed5d514bf0f08106ce043bc4c3dae37c83_amd64"
        },
        "product_reference": "openshift-logging/cluster-logging-operator-bundle@sha256:b86bf7654c7919887a004c3953840eed5d514bf0f08106ce043bc4c3dae37c83_amd64",
        "relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-logging/cluster-logging-rhel8-operator@sha256:09af2549ff71a9ffa19538ff53599713af715b9623f6f5114449d45232162c71_ppc64le as a component of OpenShift Logging 5.2",
          "product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:09af2549ff71a9ffa19538ff53599713af715b9623f6f5114449d45232162c71_ppc64le"
        },
        "product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:09af2549ff71a9ffa19538ff53599713af715b9623f6f5114449d45232162c71_ppc64le",
        "relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-logging/cluster-logging-rhel8-operator@sha256:423828d9ee730e4c264713256d19cab0d8fcd0eeee32883922bd589c0d3c9ecb_amd64 as a component of OpenShift Logging 5.2",
          "product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:423828d9ee730e4c264713256d19cab0d8fcd0eeee32883922bd589c0d3c9ecb_amd64"
        },
        "product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:423828d9ee730e4c264713256d19cab0d8fcd0eeee32883922bd589c0d3c9ecb_amd64",
        "relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-logging/cluster-logging-rhel8-operator@sha256:b9bccd956a9fe22506696f4ff1a83410ebbeb48b8dad3c1ee5dbd9270e061e04_s390x as a component of OpenShift Logging 5.2",
          "product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:b9bccd956a9fe22506696f4ff1a83410ebbeb48b8dad3c1ee5dbd9270e061e04_s390x"
        },
        "product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:b9bccd956a9fe22506696f4ff1a83410ebbeb48b8dad3c1ee5dbd9270e061e04_s390x",
        "relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-logging/elasticsearch-operator-bundle@sha256:788929ff683450b7cb0c48af4f5e6d0b2dc7d4a38d4d072c9a16e0d0542a1304_amd64 as a component of OpenShift Logging 5.2",
          "product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-operator-bundle@sha256:788929ff683450b7cb0c48af4f5e6d0b2dc7d4a38d4d072c9a16e0d0542a1304_amd64"
        },
        "product_reference": "openshift-logging/elasticsearch-operator-bundle@sha256:788929ff683450b7cb0c48af4f5e6d0b2dc7d4a38d4d072c9a16e0d0542a1304_amd64",
        "relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:07394901f71213f2428c99a6a0e469ef9be97db4fd2ff41d3ec8fc3a862b2bfe_ppc64le as a component of OpenShift Logging 5.2",
          "product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:07394901f71213f2428c99a6a0e469ef9be97db4fd2ff41d3ec8fc3a862b2bfe_ppc64le"
        },
        "product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:07394901f71213f2428c99a6a0e469ef9be97db4fd2ff41d3ec8fc3a862b2bfe_ppc64le",
        "relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:3c0fa213fc00f5301278d4dd8cdc3b86625bdeca3c446871fc833b693f17fed1_amd64 as a component of OpenShift Logging 5.2",
          "product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:3c0fa213fc00f5301278d4dd8cdc3b86625bdeca3c446871fc833b693f17fed1_amd64"
        },
        "product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:3c0fa213fc00f5301278d4dd8cdc3b86625bdeca3c446871fc833b693f17fed1_amd64",
        "relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:5dad0b5e1e09e9c0b8ac0dbe3635ff9986ef5efa2fbd1d8057a4ec71a045b91a_s390x as a component of OpenShift Logging 5.2",
          "product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:5dad0b5e1e09e9c0b8ac0dbe3635ff9986ef5efa2fbd1d8057a4ec71a045b91a_s390x"
        },
        "product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:5dad0b5e1e09e9c0b8ac0dbe3635ff9986ef5efa2fbd1d8057a4ec71a045b91a_s390x",
        "relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-logging/elasticsearch-rhel8-operator@sha256:cafdc3bd78546fb514cb2cbdc4eb49a577c96cc87089c3b86e8e8af730d500d3_amd64 as a component of OpenShift Logging 5.2",
          "product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:cafdc3bd78546fb514cb2cbdc4eb49a577c96cc87089c3b86e8e8af730d500d3_amd64"
        },
        "product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:cafdc3bd78546fb514cb2cbdc4eb49a577c96cc87089c3b86e8e8af730d500d3_amd64",
        "relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-logging/elasticsearch-rhel8-operator@sha256:e7d91d273055029172d55ae4d39d76321d67dee8be7e3ee5fc29bcd5e82d1af0_ppc64le as a component of OpenShift Logging 5.2",
          "product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:e7d91d273055029172d55ae4d39d76321d67dee8be7e3ee5fc29bcd5e82d1af0_ppc64le"
        },
        "product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:e7d91d273055029172d55ae4d39d76321d67dee8be7e3ee5fc29bcd5e82d1af0_ppc64le",
        "relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-logging/elasticsearch-rhel8-operator@sha256:f0a264457205a99090348ba53c3db478ea1f0c7fd28159bb3b2b9adb284e9aa1_s390x as a component of OpenShift Logging 5.2",
          "product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:f0a264457205a99090348ba53c3db478ea1f0c7fd28159bb3b2b9adb284e9aa1_s390x"
        },
        "product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:f0a264457205a99090348ba53c3db478ea1f0c7fd28159bb3b2b9adb284e9aa1_s390x",
        "relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-logging/elasticsearch6-rhel8@sha256:7730e3d1c2f0ad01f044b21dbb90f079c486f311026854695e816e164d4e1cb3_amd64 as a component of OpenShift Logging 5.2",
          "product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:7730e3d1c2f0ad01f044b21dbb90f079c486f311026854695e816e164d4e1cb3_amd64"
        },
        "product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:7730e3d1c2f0ad01f044b21dbb90f079c486f311026854695e816e164d4e1cb3_amd64",
        "relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-logging/elasticsearch6-rhel8@sha256:95c8eb02898b1923e41e6abeeda9cf3fea77e6d736ad4846df9567400435f4f4_ppc64le as a component of OpenShift Logging 5.2",
          "product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:95c8eb02898b1923e41e6abeeda9cf3fea77e6d736ad4846df9567400435f4f4_ppc64le"
        },
        "product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:95c8eb02898b1923e41e6abeeda9cf3fea77e6d736ad4846df9567400435f4f4_ppc64le",
        "relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-logging/elasticsearch6-rhel8@sha256:96d9268d923e7a5838d8d569bf148695830a8130d570a181b72bbf4baa206e9d_s390x as a component of OpenShift Logging 5.2",
          "product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:96d9268d923e7a5838d8d569bf148695830a8130d570a181b72bbf4baa206e9d_s390x"
        },
        "product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:96d9268d923e7a5838d8d569bf148695830a8130d570a181b72bbf4baa206e9d_s390x",
        "relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-logging/eventrouter-rhel8@sha256:018721a7037fa8cae65b0b1c7ba3995642bb35e38c39dd22cc276ff159e27a39_ppc64le as a component of OpenShift Logging 5.2",
          "product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:018721a7037fa8cae65b0b1c7ba3995642bb35e38c39dd22cc276ff159e27a39_ppc64le"
        },
        "product_reference": "openshift-logging/eventrouter-rhel8@sha256:018721a7037fa8cae65b0b1c7ba3995642bb35e38c39dd22cc276ff159e27a39_ppc64le",
        "relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-logging/eventrouter-rhel8@sha256:7a5dc91fde153508d66095020483d0098be01786fec9d164530dc3f4f5c85793_s390x as a component of OpenShift Logging 5.2",
          "product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:7a5dc91fde153508d66095020483d0098be01786fec9d164530dc3f4f5c85793_s390x"
        },
        "product_reference": "openshift-logging/eventrouter-rhel8@sha256:7a5dc91fde153508d66095020483d0098be01786fec9d164530dc3f4f5c85793_s390x",
        "relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-logging/eventrouter-rhel8@sha256:ce7dc68e2a3e32b58e231267ee3be305bc976fef670c7ddbcdc50ddfffbd209d_amd64 as a component of OpenShift Logging 5.2",
          "product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:ce7dc68e2a3e32b58e231267ee3be305bc976fef670c7ddbcdc50ddfffbd209d_amd64"
        },
        "product_reference": "openshift-logging/eventrouter-rhel8@sha256:ce7dc68e2a3e32b58e231267ee3be305bc976fef670c7ddbcdc50ddfffbd209d_amd64",
        "relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-logging/fluentd-rhel8@sha256:61e1d646090fe7832579e0cdb6c82750f42498354ed192935dd3e2c69cf88607_ppc64le as a component of OpenShift Logging 5.2",
          "product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:61e1d646090fe7832579e0cdb6c82750f42498354ed192935dd3e2c69cf88607_ppc64le"
        },
        "product_reference": "openshift-logging/fluentd-rhel8@sha256:61e1d646090fe7832579e0cdb6c82750f42498354ed192935dd3e2c69cf88607_ppc64le",
        "relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-logging/fluentd-rhel8@sha256:76f129f017634397a17657ac57e6aa0d54152d43fe520960fd953f382e2d7242_amd64 as a component of OpenShift Logging 5.2",
          "product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:76f129f017634397a17657ac57e6aa0d54152d43fe520960fd953f382e2d7242_amd64"
        },
        "product_reference": "openshift-logging/fluentd-rhel8@sha256:76f129f017634397a17657ac57e6aa0d54152d43fe520960fd953f382e2d7242_amd64",
        "relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-logging/fluentd-rhel8@sha256:a9f2513d88f73a1e8791285e01fb8679887ee55428f25ac83eb296de09783aa1_s390x as a component of OpenShift Logging 5.2",
          "product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:a9f2513d88f73a1e8791285e01fb8679887ee55428f25ac83eb296de09783aa1_s390x"
        },
        "product_reference": "openshift-logging/fluentd-rhel8@sha256:a9f2513d88f73a1e8791285e01fb8679887ee55428f25ac83eb296de09783aa1_s390x",
        "relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-logging/kibana6-rhel8@sha256:1db3ea077db0c2948210558883d85d04f94658aab02754eba5c3cdb49e42de29_ppc64le as a component of OpenShift Logging 5.2",
          "product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:1db3ea077db0c2948210558883d85d04f94658aab02754eba5c3cdb49e42de29_ppc64le"
        },
        "product_reference": "openshift-logging/kibana6-rhel8@sha256:1db3ea077db0c2948210558883d85d04f94658aab02754eba5c3cdb49e42de29_ppc64le",
        "relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-logging/kibana6-rhel8@sha256:62bb4c55d5b033a2a27ee958c7aac2bd213072e3e35541aba817532b415b10d8_s390x as a component of OpenShift Logging 5.2",
          "product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:62bb4c55d5b033a2a27ee958c7aac2bd213072e3e35541aba817532b415b10d8_s390x"
        },
        "product_reference": "openshift-logging/kibana6-rhel8@sha256:62bb4c55d5b033a2a27ee958c7aac2bd213072e3e35541aba817532b415b10d8_s390x",
        "relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-logging/kibana6-rhel8@sha256:bd8241504d7eba68b32af8b82be1129a4ac6a843f1015ed214e773a653af9393_amd64 as a component of OpenShift Logging 5.2",
          "product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:bd8241504d7eba68b32af8b82be1129a4ac6a843f1015ed214e773a653af9393_amd64"
        },
        "product_reference": "openshift-logging/kibana6-rhel8@sha256:bd8241504d7eba68b32af8b82be1129a4ac6a843f1015ed214e773a653af9393_amd64",
        "relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:660f26a9af99e0d0d2b26d5f3c485692100f8fc81f91803448cd79cc36938dec_amd64 as a component of OpenShift Logging 5.2",
          "product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:660f26a9af99e0d0d2b26d5f3c485692100f8fc81f91803448cd79cc36938dec_amd64"
        },
        "product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:660f26a9af99e0d0d2b26d5f3c485692100f8fc81f91803448cd79cc36938dec_amd64",
        "relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:a484b5b99cad803ae3fb72a720e09096f52380a5443152b4531c69fac970473f_ppc64le as a component of OpenShift Logging 5.2",
          "product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:a484b5b99cad803ae3fb72a720e09096f52380a5443152b4531c69fac970473f_ppc64le"
        },
        "product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:a484b5b99cad803ae3fb72a720e09096f52380a5443152b4531c69fac970473f_ppc64le",
        "relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:dd5cec2e593b6a036901a23ae9c483a957fea15b7691c396f6b78cc6f132780f_s390x as a component of OpenShift Logging 5.2",
          "product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:dd5cec2e593b6a036901a23ae9c483a957fea15b7691c396f6b78cc6f132780f_s390x"
        },
        "product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:dd5cec2e593b6a036901a23ae9c483a957fea15b7691c396f6b78cc6f132780f_s390x",
        "relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-logging/logging-curator5-rhel8@sha256:0c3372e846ce58fc9159ef61e80d625cd657a682f9e0dadd8a255194681e05fd_s390x as a component of OpenShift Logging 5.2",
          "product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:0c3372e846ce58fc9159ef61e80d625cd657a682f9e0dadd8a255194681e05fd_s390x"
        },
        "product_reference": "openshift-logging/logging-curator5-rhel8@sha256:0c3372e846ce58fc9159ef61e80d625cd657a682f9e0dadd8a255194681e05fd_s390x",
        "relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-logging/logging-curator5-rhel8@sha256:2a6c0dae3b3c96b0c669a30cb748caae05fb36927fb5143a861a50c0f5fc7577_ppc64le as a component of OpenShift Logging 5.2",
          "product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:2a6c0dae3b3c96b0c669a30cb748caae05fb36927fb5143a861a50c0f5fc7577_ppc64le"
        },
        "product_reference": "openshift-logging/logging-curator5-rhel8@sha256:2a6c0dae3b3c96b0c669a30cb748caae05fb36927fb5143a861a50c0f5fc7577_ppc64le",
        "relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-logging/logging-curator5-rhel8@sha256:9937504a2361c70f2ea9b10fae6ce5ff4096bc3c5f3d01b0cea7c041ff0cabcb_amd64 as a component of OpenShift Logging 5.2",
          "product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:9937504a2361c70f2ea9b10fae6ce5ff4096bc3c5f3d01b0cea7c041ff0cabcb_amd64"
        },
        "product_reference": "openshift-logging/logging-curator5-rhel8@sha256:9937504a2361c70f2ea9b10fae6ce5ff4096bc3c5f3d01b0cea7c041ff0cabcb_amd64",
        "relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2021-32740",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "discovery_date": "2021-07-06T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-operator-bundle@sha256:b86bf7654c7919887a004c3953840eed5d514bf0f08106ce043bc4c3dae37c83_amd64",
            "8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:09af2549ff71a9ffa19538ff53599713af715b9623f6f5114449d45232162c71_ppc64le",
            "8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:423828d9ee730e4c264713256d19cab0d8fcd0eeee32883922bd589c0d3c9ecb_amd64",
            "8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:b9bccd956a9fe22506696f4ff1a83410ebbeb48b8dad3c1ee5dbd9270e061e04_s390x",
            "8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-operator-bundle@sha256:788929ff683450b7cb0c48af4f5e6d0b2dc7d4a38d4d072c9a16e0d0542a1304_amd64",
            "8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:07394901f71213f2428c99a6a0e469ef9be97db4fd2ff41d3ec8fc3a862b2bfe_ppc64le",
            "8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:3c0fa213fc00f5301278d4dd8cdc3b86625bdeca3c446871fc833b693f17fed1_amd64",
            "8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:5dad0b5e1e09e9c0b8ac0dbe3635ff9986ef5efa2fbd1d8057a4ec71a045b91a_s390x",
            "8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:cafdc3bd78546fb514cb2cbdc4eb49a577c96cc87089c3b86e8e8af730d500d3_amd64",
            "8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:e7d91d273055029172d55ae4d39d76321d67dee8be7e3ee5fc29bcd5e82d1af0_ppc64le",
            "8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:f0a264457205a99090348ba53c3db478ea1f0c7fd28159bb3b2b9adb284e9aa1_s390x",
            "8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:7730e3d1c2f0ad01f044b21dbb90f079c486f311026854695e816e164d4e1cb3_amd64",
            "8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:95c8eb02898b1923e41e6abeeda9cf3fea77e6d736ad4846df9567400435f4f4_ppc64le",
            "8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:96d9268d923e7a5838d8d569bf148695830a8130d570a181b72bbf4baa206e9d_s390x",
            "8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:018721a7037fa8cae65b0b1c7ba3995642bb35e38c39dd22cc276ff159e27a39_ppc64le",
            "8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:7a5dc91fde153508d66095020483d0098be01786fec9d164530dc3f4f5c85793_s390x",
            "8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:ce7dc68e2a3e32b58e231267ee3be305bc976fef670c7ddbcdc50ddfffbd209d_amd64",
            "8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:1db3ea077db0c2948210558883d85d04f94658aab02754eba5c3cdb49e42de29_ppc64le",
            "8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:62bb4c55d5b033a2a27ee958c7aac2bd213072e3e35541aba817532b415b10d8_s390x",
            "8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:bd8241504d7eba68b32af8b82be1129a4ac6a843f1015ed214e773a653af9393_amd64",
            "8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:660f26a9af99e0d0d2b26d5f3c485692100f8fc81f91803448cd79cc36938dec_amd64",
            "8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:a484b5b99cad803ae3fb72a720e09096f52380a5443152b4531c69fac970473f_ppc64le",
            "8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:dd5cec2e593b6a036901a23ae9c483a957fea15b7691c396f6b78cc6f132780f_s390x",
            "8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:0c3372e846ce58fc9159ef61e80d625cd657a682f9e0dadd8a255194681e05fd_s390x",
            "8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:2a6c0dae3b3c96b0c669a30cb748caae05fb36927fb5143a861a50c0f5fc7577_ppc64le",
            "8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:9937504a2361c70f2ea9b10fae6ce5ff4096bc3c5f3d01b0cea7c041ff0cabcb_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1979702"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A resource-consumption vulnerability was found in rubygem addressable, where its URI template implementation could allow an attacker\u0027s crafted template to consume resources, resulting in a denial of service. The highest threat from this vulnerability is to system availability.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "rubygem-addressable: ReDoS in templates",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat CloudForms 5.0 (CFME 5.11) is in the maintenance support phase and we are no longer fixing Moderate/Low severity security bugs. Reference: https://access.redhat.com/support/policy/updates/cloudforms\n\nOpenShift 3.11 components are currently in maintenance support phase, hence Moderate/Low severity security bugs are set as Out Of Support Scope (OOSS). Reference: https://access.redhat.com/support/policy/updates/openshift_noncurrent",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:61e1d646090fe7832579e0cdb6c82750f42498354ed192935dd3e2c69cf88607_ppc64le",
          "8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:76f129f017634397a17657ac57e6aa0d54152d43fe520960fd953f382e2d7242_amd64",
          "8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:a9f2513d88f73a1e8791285e01fb8679887ee55428f25ac83eb296de09783aa1_s390x"
        ],
        "known_not_affected": [
          "8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-operator-bundle@sha256:b86bf7654c7919887a004c3953840eed5d514bf0f08106ce043bc4c3dae37c83_amd64",
          "8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:09af2549ff71a9ffa19538ff53599713af715b9623f6f5114449d45232162c71_ppc64le",
          "8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:423828d9ee730e4c264713256d19cab0d8fcd0eeee32883922bd589c0d3c9ecb_amd64",
          "8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:b9bccd956a9fe22506696f4ff1a83410ebbeb48b8dad3c1ee5dbd9270e061e04_s390x",
          "8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-operator-bundle@sha256:788929ff683450b7cb0c48af4f5e6d0b2dc7d4a38d4d072c9a16e0d0542a1304_amd64",
          "8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:07394901f71213f2428c99a6a0e469ef9be97db4fd2ff41d3ec8fc3a862b2bfe_ppc64le",
          "8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:3c0fa213fc00f5301278d4dd8cdc3b86625bdeca3c446871fc833b693f17fed1_amd64",
          "8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:5dad0b5e1e09e9c0b8ac0dbe3635ff9986ef5efa2fbd1d8057a4ec71a045b91a_s390x",
          "8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:cafdc3bd78546fb514cb2cbdc4eb49a577c96cc87089c3b86e8e8af730d500d3_amd64",
          "8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:e7d91d273055029172d55ae4d39d76321d67dee8be7e3ee5fc29bcd5e82d1af0_ppc64le",
          "8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:f0a264457205a99090348ba53c3db478ea1f0c7fd28159bb3b2b9adb284e9aa1_s390x",
          "8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:7730e3d1c2f0ad01f044b21dbb90f079c486f311026854695e816e164d4e1cb3_amd64",
          "8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:95c8eb02898b1923e41e6abeeda9cf3fea77e6d736ad4846df9567400435f4f4_ppc64le",
          "8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:96d9268d923e7a5838d8d569bf148695830a8130d570a181b72bbf4baa206e9d_s390x",
          "8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:018721a7037fa8cae65b0b1c7ba3995642bb35e38c39dd22cc276ff159e27a39_ppc64le",
          "8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:7a5dc91fde153508d66095020483d0098be01786fec9d164530dc3f4f5c85793_s390x",
          "8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:ce7dc68e2a3e32b58e231267ee3be305bc976fef670c7ddbcdc50ddfffbd209d_amd64",
          "8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:1db3ea077db0c2948210558883d85d04f94658aab02754eba5c3cdb49e42de29_ppc64le",
          "8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:62bb4c55d5b033a2a27ee958c7aac2bd213072e3e35541aba817532b415b10d8_s390x",
          "8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:bd8241504d7eba68b32af8b82be1129a4ac6a843f1015ed214e773a653af9393_amd64",
          "8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:660f26a9af99e0d0d2b26d5f3c485692100f8fc81f91803448cd79cc36938dec_amd64",
          "8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:a484b5b99cad803ae3fb72a720e09096f52380a5443152b4531c69fac970473f_ppc64le",
          "8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:dd5cec2e593b6a036901a23ae9c483a957fea15b7691c396f6b78cc6f132780f_s390x",
          "8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:0c3372e846ce58fc9159ef61e80d625cd657a682f9e0dadd8a255194681e05fd_s390x",
          "8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:2a6c0dae3b3c96b0c669a30cb748caae05fb36927fb5143a861a50c0f5fc7577_ppc64le",
          "8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:9937504a2361c70f2ea9b10fae6ce5ff4096bc3c5f3d01b0cea7c041ff0cabcb_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2021-32740"
        },
        {
          "category": "external",
          "summary": "RHBZ#1979702",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1979702"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2021-32740",
          "url": "https://www.cve.org/CVERecord?id=CVE-2021-32740"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-32740",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32740"
        },
        {
          "category": "external",
          "summary": "https://github.com/sporkmonger/addressable/security/advisories/GHSA-jxhc-q857-3j6g",
          "url": "https://github.com/sporkmonger/addressable/security/advisories/GHSA-jxhc-q857-3j6g"
        }
      ],
      "release_date": "2021-07-03T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2021-09-07T16:28:17+00:00",
          "details": "For important instructions on how to upgrade your cluster and fully apply this errata update, see the following documentation, which will be updated shortly for this release:\n\nhttps://docs.openshift.com/container-platform/4.8/logging/cluster-logging-release-notes.html\n\nFor Red Hat OpenShift Logging 5.2, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.8/logging/cluster-logging-upgrading.html",
          "product_ids": [
            "8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:61e1d646090fe7832579e0cdb6c82750f42498354ed192935dd3e2c69cf88607_ppc64le",
            "8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:76f129f017634397a17657ac57e6aa0d54152d43fe520960fd953f382e2d7242_amd64",
            "8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:a9f2513d88f73a1e8791285e01fb8679887ee55428f25ac83eb296de09783aa1_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHBA-2021:3393"
        },
        {
          "category": "workaround",
          "details": "Create template objects only from trusted sources that have been validated not to produce catastrophic backtracking.",
          "product_ids": [
            "8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-operator-bundle@sha256:b86bf7654c7919887a004c3953840eed5d514bf0f08106ce043bc4c3dae37c83_amd64",
            "8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:09af2549ff71a9ffa19538ff53599713af715b9623f6f5114449d45232162c71_ppc64le",
            "8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:423828d9ee730e4c264713256d19cab0d8fcd0eeee32883922bd589c0d3c9ecb_amd64",
            "8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:b9bccd956a9fe22506696f4ff1a83410ebbeb48b8dad3c1ee5dbd9270e061e04_s390x",
            "8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-operator-bundle@sha256:788929ff683450b7cb0c48af4f5e6d0b2dc7d4a38d4d072c9a16e0d0542a1304_amd64",
            "8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:07394901f71213f2428c99a6a0e469ef9be97db4fd2ff41d3ec8fc3a862b2bfe_ppc64le",
            "8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:3c0fa213fc00f5301278d4dd8cdc3b86625bdeca3c446871fc833b693f17fed1_amd64",
            "8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:5dad0b5e1e09e9c0b8ac0dbe3635ff9986ef5efa2fbd1d8057a4ec71a045b91a_s390x",
            "8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:cafdc3bd78546fb514cb2cbdc4eb49a577c96cc87089c3b86e8e8af730d500d3_amd64",
            "8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:e7d91d273055029172d55ae4d39d76321d67dee8be7e3ee5fc29bcd5e82d1af0_ppc64le",
            "8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:f0a264457205a99090348ba53c3db478ea1f0c7fd28159bb3b2b9adb284e9aa1_s390x",
            "8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:7730e3d1c2f0ad01f044b21dbb90f079c486f311026854695e816e164d4e1cb3_amd64",
            "8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:95c8eb02898b1923e41e6abeeda9cf3fea77e6d736ad4846df9567400435f4f4_ppc64le",
            "8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:96d9268d923e7a5838d8d569bf148695830a8130d570a181b72bbf4baa206e9d_s390x",
            "8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:018721a7037fa8cae65b0b1c7ba3995642bb35e38c39dd22cc276ff159e27a39_ppc64le",
            "8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:7a5dc91fde153508d66095020483d0098be01786fec9d164530dc3f4f5c85793_s390x",
            "8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:ce7dc68e2a3e32b58e231267ee3be305bc976fef670c7ddbcdc50ddfffbd209d_amd64",
            "8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:61e1d646090fe7832579e0cdb6c82750f42498354ed192935dd3e2c69cf88607_ppc64le",
            "8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:76f129f017634397a17657ac57e6aa0d54152d43fe520960fd953f382e2d7242_amd64",
            "8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:a9f2513d88f73a1e8791285e01fb8679887ee55428f25ac83eb296de09783aa1_s390x",
            "8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:1db3ea077db0c2948210558883d85d04f94658aab02754eba5c3cdb49e42de29_ppc64le",
            "8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:62bb4c55d5b033a2a27ee958c7aac2bd213072e3e35541aba817532b415b10d8_s390x",
            "8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:bd8241504d7eba68b32af8b82be1129a4ac6a843f1015ed214e773a653af9393_amd64",
            "8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:660f26a9af99e0d0d2b26d5f3c485692100f8fc81f91803448cd79cc36938dec_amd64",
            "8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:a484b5b99cad803ae3fb72a720e09096f52380a5443152b4531c69fac970473f_ppc64le",
            "8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:dd5cec2e593b6a036901a23ae9c483a957fea15b7691c396f6b78cc6f132780f_s390x",
            "8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:0c3372e846ce58fc9159ef61e80d625cd657a682f9e0dadd8a255194681e05fd_s390x",
            "8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:2a6c0dae3b3c96b0c669a30cb748caae05fb36927fb5143a861a50c0f5fc7577_ppc64le",
            "8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:9937504a2361c70f2ea9b10fae6ce5ff4096bc3c5f3d01b0cea7c041ff0cabcb_amd64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:61e1d646090fe7832579e0cdb6c82750f42498354ed192935dd3e2c69cf88607_ppc64le",
            "8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:76f129f017634397a17657ac57e6aa0d54152d43fe520960fd953f382e2d7242_amd64",
            "8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:a9f2513d88f73a1e8791285e01fb8679887ee55428f25ac83eb296de09783aa1_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "rubygem-addressable: ReDoS in templates"
    }
  ]
}

CVE-2021-32740 (GCVE-0-2021-32740)

Vulnerability from cvelistv5 – Published: 2021-07-06 14:15 – Updated: 2024-08-03 23:33

Title

Regular Expression Denial of Service in Addressable templates

Summary

Addressable is an alternative implementation to the URI implementation that is part of Ruby's standard library. An uncontrolled resource consumption vulnerability exists after version 2.3.0 through version 2.7.0. Within the URI template implementation in Addressable, a maliciously crafted template may result in uncontrolled resource consumption, leading to denial of service when matched against a URI. In typical usage, templates would not normally be read from untrusted user input, but nonetheless, no previous security advisory for Addressable has cautioned against doing this. Users of the parsing capabilities in Addressable but not the URI template capabilities are unaffected. The vulnerability is patched in version 2.8.0. As a workaround, only create Template objects from trusted sources that have been validated not to produce catastrophic backtracking.

Severity ?

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-400 - Uncontrolled Resource Consumption

Assigner

GitHub_M

References

URL

	Vendor	Product	Version
	sporkmonger	addressable	Affected: > 2.3.0, <= 2.7.0

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

RHBA-2021_3393

CVE-2021-32740 (GCVE-0-2021-32740)

Tags

Sightings

Nomenclature