rhsa-2024_0691
Vulnerability from csaf_redhat
Published
2024-02-05 20:30
Modified
2025-01-06 07:14
Summary
Red Hat Security Advisory: Errata Advisory for Red Hat OpenShift GitOps v1.9.4 security update
Notes
Topic
An update is now available for Red Hat OpenShift GitOps v1.9.4. Red Hat
Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Errata Advisory for Red Hat OpenShift GitOps v1.9.4.
Security Fix(es):
* TRIAGE CVE-2024-22424 openshift-gitops-operator-container: argo-cd: vulnerable to a cross-server request forgery (CSRF) attack [gitops-1.9]
* CVE-2023-49568 openshift-gitops-container: go-git: Maliciously crafted Git server replies can cause DoS on go-git clients [gitops-1.9]
* CVE-2023-49569 openshift-gitops-container: go-git: Maliciously crafted Git server replies can lead to path traversal and RCE on go-git clients [gitops-1.9]
* CVE-2023-49568 openshift-gitops-argocd-container: go-git: Maliciously crafted Git server replies can cause DoS on go-git clients [gitops-1.9]
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE page(s)
listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Critical", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update is now available for Red Hat OpenShift GitOps v1.9.4. Red Hat\nProduct Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Errata Advisory for Red Hat OpenShift GitOps v1.9.4.\n\nSecurity Fix(es):\n\n* TRIAGE CVE-2024-22424 openshift-gitops-operator-container: argo-cd: vulnerable to a cross-server request forgery (CSRF) attack [gitops-1.9]\n\n* CVE-2023-49568 openshift-gitops-container: go-git: Maliciously crafted Git server replies can cause DoS on go-git clients [gitops-1.9]\n\n* CVE-2023-49569 openshift-gitops-container: go-git: Maliciously crafted Git server replies can lead to path traversal and RCE on go-git clients [gitops-1.9]\n\n* CVE-2023-49568 openshift-gitops-argocd-container: go-git: Maliciously crafted Git server replies can cause DoS on go-git clients [gitops-1.9]\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE page(s)\nlisted in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:0691", url: "https://access.redhat.com/errata/RHSA-2024:0691", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#critical", url: "https://access.redhat.com/security/updates/classification/#critical", }, { category: "external", summary: "https://docs.openshift.com/container-platform/latest/cicd/gitops/understanding-openshift-gitops.html", url: "https://docs.openshift.com/container-platform/latest/cicd/gitops/understanding-openshift-gitops.html", }, { category: "external", summary: "2258165", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2258165", }, { category: "external", summary: "2259105", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2259105", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_0691.json", }, ], title: "Red Hat Security Advisory: Errata Advisory for Red Hat OpenShift GitOps v1.9.4 security update", tracking: { current_release_date: "2025-01-06T07:14:05+00:00", generator: { date: "2025-01-06T07:14:05+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.5", }, }, id: "RHSA-2024:0691", initial_release_date: "2024-02-05T20:30:07+00:00", revision_history: [ { date: "2024-02-05T20:30:07+00:00", number: "1", summary: "Initial version", }, { date: "2024-03-22T15:42:02+00:00", number: "2", summary: "Last updated version", }, { date: "2025-01-06T07:14:05+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat OpenShift GitOps 1.9", product: { name: "Red Hat OpenShift GitOps 1.9", product_id: "8Base-GitOps-1.9", product_identification_helper: { cpe: "cpe:/a:redhat:openshift_gitops:1.9::el9", }, }, }, ], category: "product_family", name: "Red Hat OpenShift GitOps", }, { branches: [ { category: "product_version", name: "openshift-gitops-1/argocd-rhel8@sha256:1cca6eda59e4ed1d409aa0ef039b524e58412422cc1f492c2bc515f5905ed516_arm64", product: { name: "openshift-gitops-1/argocd-rhel8@sha256:1cca6eda59e4ed1d409aa0ef039b524e58412422cc1f492c2bc515f5905ed516_arm64", product_id: "openshift-gitops-1/argocd-rhel8@sha256:1cca6eda59e4ed1d409aa0ef039b524e58412422cc1f492c2bc515f5905ed516_arm64", product_identification_helper: { purl: "pkg:oci/argocd-rhel8@sha256:1cca6eda59e4ed1d409aa0ef039b524e58412422cc1f492c2bc515f5905ed516?arch=arm64&repository_url=registry.redhat.io/openshift-gitops-1/argocd-rhel8&tag=v1.9.4-1", }, }, }, { category: "product_version", name: "openshift-gitops-1/argo-rollouts-rhel8@sha256:bf88a002fcc9d1780b9a82595181f4425f14937d9117e6f5793d41695e400ebc_arm64", product: { name: "openshift-gitops-1/argo-rollouts-rhel8@sha256:bf88a002fcc9d1780b9a82595181f4425f14937d9117e6f5793d41695e400ebc_arm64", product_id: "openshift-gitops-1/argo-rollouts-rhel8@sha256:bf88a002fcc9d1780b9a82595181f4425f14937d9117e6f5793d41695e400ebc_arm64", product_identification_helper: { purl: "pkg:oci/argo-rollouts-rhel8@sha256:bf88a002fcc9d1780b9a82595181f4425f14937d9117e6f5793d41695e400ebc?arch=arm64&repository_url=registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8&tag=v1.9.4-1", }, }, }, { category: "product_version", name: "openshift-gitops-1/console-plugin-rhel8@sha256:f4dbcf9637738494a0906ab3da3e2935761ad2b1194a8f5797490b01523fa875_arm64", product: { name: "openshift-gitops-1/console-plugin-rhel8@sha256:f4dbcf9637738494a0906ab3da3e2935761ad2b1194a8f5797490b01523fa875_arm64", product_id: "openshift-gitops-1/console-plugin-rhel8@sha256:f4dbcf9637738494a0906ab3da3e2935761ad2b1194a8f5797490b01523fa875_arm64", product_identification_helper: { purl: "pkg:oci/console-plugin-rhel8@sha256:f4dbcf9637738494a0906ab3da3e2935761ad2b1194a8f5797490b01523fa875?arch=arm64&repository_url=registry.redhat.io/openshift-gitops-1/console-plugin-rhel8&tag=v1.9.4-1", }, }, }, { category: "product_version", name: "openshift-gitops-1/gitops-rhel8@sha256:5a446497a5e9ea9e9ee6501e0664c22b410d8eaa8bf32c6b57e11a8a34dc534e_arm64", product: { name: "openshift-gitops-1/gitops-rhel8@sha256:5a446497a5e9ea9e9ee6501e0664c22b410d8eaa8bf32c6b57e11a8a34dc534e_arm64", product_id: "openshift-gitops-1/gitops-rhel8@sha256:5a446497a5e9ea9e9ee6501e0664c22b410d8eaa8bf32c6b57e11a8a34dc534e_arm64", product_identification_helper: { purl: "pkg:oci/gitops-rhel8@sha256:5a446497a5e9ea9e9ee6501e0664c22b410d8eaa8bf32c6b57e11a8a34dc534e?arch=arm64&repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8&tag=v1.9.4-1", }, }, }, { category: "product_version", name: "openshift-gitops-1/dex-rhel8@sha256:c80e9ddfe27033af92d26aa16da7a2211bdca4a17d2d08adb6bb79aed39e693c_arm64", product: { name: "openshift-gitops-1/dex-rhel8@sha256:c80e9ddfe27033af92d26aa16da7a2211bdca4a17d2d08adb6bb79aed39e693c_arm64", product_id: "openshift-gitops-1/dex-rhel8@sha256:c80e9ddfe27033af92d26aa16da7a2211bdca4a17d2d08adb6bb79aed39e693c_arm64", product_identification_helper: { purl: "pkg:oci/dex-rhel8@sha256:c80e9ddfe27033af92d26aa16da7a2211bdca4a17d2d08adb6bb79aed39e693c?arch=arm64&repository_url=registry.redhat.io/openshift-gitops-1/dex-rhel8&tag=v1.9.4-1", }, }, }, { category: "product_version", name: "openshift-gitops-1/kam-delivery-rhel8@sha256:6751faddc6fad904c7e9b72118fd90b9b3c818522e17f2bbd7acf99d2613f59a_arm64", product: { name: "openshift-gitops-1/kam-delivery-rhel8@sha256:6751faddc6fad904c7e9b72118fd90b9b3c818522e17f2bbd7acf99d2613f59a_arm64", product_id: "openshift-gitops-1/kam-delivery-rhel8@sha256:6751faddc6fad904c7e9b72118fd90b9b3c818522e17f2bbd7acf99d2613f59a_arm64", product_identification_helper: { purl: "pkg:oci/kam-delivery-rhel8@sha256:6751faddc6fad904c7e9b72118fd90b9b3c818522e17f2bbd7acf99d2613f59a?arch=arm64&repository_url=registry.redhat.io/openshift-gitops-1/kam-delivery-rhel8&tag=v1.9.4-1", }, }, }, { category: "product_version", name: "openshift-gitops-1/must-gather-rhel8@sha256:7de4cb6db7d0792022f92af68cb9ea7290b3b471ef298c27c0a890cf6847eab3_arm64", product: { name: "openshift-gitops-1/must-gather-rhel8@sha256:7de4cb6db7d0792022f92af68cb9ea7290b3b471ef298c27c0a890cf6847eab3_arm64", product_id: "openshift-gitops-1/must-gather-rhel8@sha256:7de4cb6db7d0792022f92af68cb9ea7290b3b471ef298c27c0a890cf6847eab3_arm64", product_identification_helper: { purl: "pkg:oci/must-gather-rhel8@sha256:7de4cb6db7d0792022f92af68cb9ea7290b3b471ef298c27c0a890cf6847eab3?arch=arm64&repository_url=registry.redhat.io/openshift-gitops-1/must-gather-rhel8&tag=v1.9.4-1", }, }, }, { category: "product_version", name: "openshift-gitops-1/gitops-rhel8-operator@sha256:fbf6a44ccd0ea12d8d2e069203a5d7edcbb30e9724f781d43e3529fe0abb4798_arm64", product: { name: "openshift-gitops-1/gitops-rhel8-operator@sha256:fbf6a44ccd0ea12d8d2e069203a5d7edcbb30e9724f781d43e3529fe0abb4798_arm64", product_id: "openshift-gitops-1/gitops-rhel8-operator@sha256:fbf6a44ccd0ea12d8d2e069203a5d7edcbb30e9724f781d43e3529fe0abb4798_arm64", product_identification_helper: { purl: "pkg:oci/gitops-rhel8-operator@sha256:fbf6a44ccd0ea12d8d2e069203a5d7edcbb30e9724f781d43e3529fe0abb4798?arch=arm64&repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator&tag=v1.9.4-1", }, }, }, ], category: "architecture", name: "arm64", }, { branches: [ { category: "product_version", name: "openshift-gitops-1/argocd-rhel8@sha256:1072c8b7c1563b5b7c7eb29119ec97765c3e0dad267ad8800b8146cbe7336cc6_s390x", product: { name: "openshift-gitops-1/argocd-rhel8@sha256:1072c8b7c1563b5b7c7eb29119ec97765c3e0dad267ad8800b8146cbe7336cc6_s390x", product_id: "openshift-gitops-1/argocd-rhel8@sha256:1072c8b7c1563b5b7c7eb29119ec97765c3e0dad267ad8800b8146cbe7336cc6_s390x", product_identification_helper: { purl: "pkg:oci/argocd-rhel8@sha256:1072c8b7c1563b5b7c7eb29119ec97765c3e0dad267ad8800b8146cbe7336cc6?arch=s390x&repository_url=registry.redhat.io/openshift-gitops-1/argocd-rhel8&tag=v1.9.4-1", }, }, }, { category: "product_version", name: "openshift-gitops-1/argo-rollouts-rhel8@sha256:c3d3b382770538d7388bf23a10b1915f8fc254b9f76d18751089028a0ec947ff_s390x", product: { name: "openshift-gitops-1/argo-rollouts-rhel8@sha256:c3d3b382770538d7388bf23a10b1915f8fc254b9f76d18751089028a0ec947ff_s390x", product_id: "openshift-gitops-1/argo-rollouts-rhel8@sha256:c3d3b382770538d7388bf23a10b1915f8fc254b9f76d18751089028a0ec947ff_s390x", product_identification_helper: { purl: "pkg:oci/argo-rollouts-rhel8@sha256:c3d3b382770538d7388bf23a10b1915f8fc254b9f76d18751089028a0ec947ff?arch=s390x&repository_url=registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8&tag=v1.9.4-1", }, }, }, { category: "product_version", name: "openshift-gitops-1/console-plugin-rhel8@sha256:6a30cc9219b91d00524216523d1c45a4123b809c03a785d4ed4e20a8efc61e35_s390x", product: { name: "openshift-gitops-1/console-plugin-rhel8@sha256:6a30cc9219b91d00524216523d1c45a4123b809c03a785d4ed4e20a8efc61e35_s390x", product_id: "openshift-gitops-1/console-plugin-rhel8@sha256:6a30cc9219b91d00524216523d1c45a4123b809c03a785d4ed4e20a8efc61e35_s390x", product_identification_helper: { purl: "pkg:oci/console-plugin-rhel8@sha256:6a30cc9219b91d00524216523d1c45a4123b809c03a785d4ed4e20a8efc61e35?arch=s390x&repository_url=registry.redhat.io/openshift-gitops-1/console-plugin-rhel8&tag=v1.9.4-1", }, }, }, { category: "product_version", name: "openshift-gitops-1/gitops-rhel8@sha256:0e589b8414b025e6bcbfba17590341c2143115885dcef479e8e68ac929ae3820_s390x", product: { name: "openshift-gitops-1/gitops-rhel8@sha256:0e589b8414b025e6bcbfba17590341c2143115885dcef479e8e68ac929ae3820_s390x", product_id: "openshift-gitops-1/gitops-rhel8@sha256:0e589b8414b025e6bcbfba17590341c2143115885dcef479e8e68ac929ae3820_s390x", product_identification_helper: { purl: "pkg:oci/gitops-rhel8@sha256:0e589b8414b025e6bcbfba17590341c2143115885dcef479e8e68ac929ae3820?arch=s390x&repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8&tag=v1.9.4-1", }, }, }, { category: "product_version", name: "openshift-gitops-1/dex-rhel8@sha256:962c98496645544fba458f5862aa4bc8abf43c6c95021127c75a7f9f3a64aab0_s390x", product: { name: "openshift-gitops-1/dex-rhel8@sha256:962c98496645544fba458f5862aa4bc8abf43c6c95021127c75a7f9f3a64aab0_s390x", product_id: "openshift-gitops-1/dex-rhel8@sha256:962c98496645544fba458f5862aa4bc8abf43c6c95021127c75a7f9f3a64aab0_s390x", product_identification_helper: { purl: "pkg:oci/dex-rhel8@sha256:962c98496645544fba458f5862aa4bc8abf43c6c95021127c75a7f9f3a64aab0?arch=s390x&repository_url=registry.redhat.io/openshift-gitops-1/dex-rhel8&tag=v1.9.4-1", }, }, }, { category: "product_version", name: "openshift-gitops-1/kam-delivery-rhel8@sha256:66f047335f44ca1fdd69f38002bceb3d01b972c293b8bfdb768e072cda2d1283_s390x", product: { name: "openshift-gitops-1/kam-delivery-rhel8@sha256:66f047335f44ca1fdd69f38002bceb3d01b972c293b8bfdb768e072cda2d1283_s390x", product_id: "openshift-gitops-1/kam-delivery-rhel8@sha256:66f047335f44ca1fdd69f38002bceb3d01b972c293b8bfdb768e072cda2d1283_s390x", product_identification_helper: { purl: "pkg:oci/kam-delivery-rhel8@sha256:66f047335f44ca1fdd69f38002bceb3d01b972c293b8bfdb768e072cda2d1283?arch=s390x&repository_url=registry.redhat.io/openshift-gitops-1/kam-delivery-rhel8&tag=v1.9.4-1", }, }, }, { category: "product_version", name: "openshift-gitops-1/must-gather-rhel8@sha256:623c6f082189daa2b4af5750acaaa856ece5926ba10e62f99678fe103239c124_s390x", product: { name: "openshift-gitops-1/must-gather-rhel8@sha256:623c6f082189daa2b4af5750acaaa856ece5926ba10e62f99678fe103239c124_s390x", product_id: "openshift-gitops-1/must-gather-rhel8@sha256:623c6f082189daa2b4af5750acaaa856ece5926ba10e62f99678fe103239c124_s390x", product_identification_helper: { purl: "pkg:oci/must-gather-rhel8@sha256:623c6f082189daa2b4af5750acaaa856ece5926ba10e62f99678fe103239c124?arch=s390x&repository_url=registry.redhat.io/openshift-gitops-1/must-gather-rhel8&tag=v1.9.4-1", }, }, }, { category: "product_version", name: "openshift-gitops-1/gitops-rhel8-operator@sha256:b509f44121f29f65da9302ad916df9a6a65bb2e563c64f48f58347bd146a2960_s390x", product: { name: "openshift-gitops-1/gitops-rhel8-operator@sha256:b509f44121f29f65da9302ad916df9a6a65bb2e563c64f48f58347bd146a2960_s390x", product_id: "openshift-gitops-1/gitops-rhel8-operator@sha256:b509f44121f29f65da9302ad916df9a6a65bb2e563c64f48f58347bd146a2960_s390x", product_identification_helper: { purl: "pkg:oci/gitops-rhel8-operator@sha256:b509f44121f29f65da9302ad916df9a6a65bb2e563c64f48f58347bd146a2960?arch=s390x&repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator&tag=v1.9.4-1", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "openshift-gitops-1/argocd-rhel8@sha256:e96c6e5d7bf4ffc828a463e4f8f48f661ca8af5487de4ecbedba1e818933aebb_amd64", product: { name: "openshift-gitops-1/argocd-rhel8@sha256:e96c6e5d7bf4ffc828a463e4f8f48f661ca8af5487de4ecbedba1e818933aebb_amd64", product_id: "openshift-gitops-1/argocd-rhel8@sha256:e96c6e5d7bf4ffc828a463e4f8f48f661ca8af5487de4ecbedba1e818933aebb_amd64", product_identification_helper: { purl: "pkg:oci/argocd-rhel8@sha256:e96c6e5d7bf4ffc828a463e4f8f48f661ca8af5487de4ecbedba1e818933aebb?arch=amd64&repository_url=registry.redhat.io/openshift-gitops-1/argocd-rhel8&tag=v1.9.4-1", }, }, }, { category: "product_version", name: "openshift-gitops-1/argo-rollouts-rhel8@sha256:e259d73120a0611fbabdc93b4ee9a49eee6e8fa60841a4b7398b536a34bea5a9_amd64", product: { name: "openshift-gitops-1/argo-rollouts-rhel8@sha256:e259d73120a0611fbabdc93b4ee9a49eee6e8fa60841a4b7398b536a34bea5a9_amd64", product_id: "openshift-gitops-1/argo-rollouts-rhel8@sha256:e259d73120a0611fbabdc93b4ee9a49eee6e8fa60841a4b7398b536a34bea5a9_amd64", product_identification_helper: { purl: "pkg:oci/argo-rollouts-rhel8@sha256:e259d73120a0611fbabdc93b4ee9a49eee6e8fa60841a4b7398b536a34bea5a9?arch=amd64&repository_url=registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8&tag=v1.9.4-1", }, }, }, { category: "product_version", name: "openshift-gitops-1/console-plugin-rhel8@sha256:4175e60402edd252b70a8762606760174aecb0463987bc307e59e0f842dc7976_amd64", product: { name: "openshift-gitops-1/console-plugin-rhel8@sha256:4175e60402edd252b70a8762606760174aecb0463987bc307e59e0f842dc7976_amd64", product_id: "openshift-gitops-1/console-plugin-rhel8@sha256:4175e60402edd252b70a8762606760174aecb0463987bc307e59e0f842dc7976_amd64", product_identification_helper: { purl: "pkg:oci/console-plugin-rhel8@sha256:4175e60402edd252b70a8762606760174aecb0463987bc307e59e0f842dc7976?arch=amd64&repository_url=registry.redhat.io/openshift-gitops-1/console-plugin-rhel8&tag=v1.9.4-1", }, }, }, { category: "product_version", name: "openshift-gitops-1/gitops-rhel8@sha256:521c08653c7792317e5872c306b4e276da0d55237b9a7fa5c7ff615def846a61_amd64", product: { name: "openshift-gitops-1/gitops-rhel8@sha256:521c08653c7792317e5872c306b4e276da0d55237b9a7fa5c7ff615def846a61_amd64", product_id: "openshift-gitops-1/gitops-rhel8@sha256:521c08653c7792317e5872c306b4e276da0d55237b9a7fa5c7ff615def846a61_amd64", product_identification_helper: { purl: "pkg:oci/gitops-rhel8@sha256:521c08653c7792317e5872c306b4e276da0d55237b9a7fa5c7ff615def846a61?arch=amd64&repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8&tag=v1.9.4-1", }, }, }, { category: "product_version", name: "openshift-gitops-1/dex-rhel8@sha256:60b93bcaf87c4b277bbfc18a920d246363452e0f5b1156333312e5b737bbf381_amd64", product: { name: "openshift-gitops-1/dex-rhel8@sha256:60b93bcaf87c4b277bbfc18a920d246363452e0f5b1156333312e5b737bbf381_amd64", product_id: "openshift-gitops-1/dex-rhel8@sha256:60b93bcaf87c4b277bbfc18a920d246363452e0f5b1156333312e5b737bbf381_amd64", product_identification_helper: { purl: "pkg:oci/dex-rhel8@sha256:60b93bcaf87c4b277bbfc18a920d246363452e0f5b1156333312e5b737bbf381?arch=amd64&repository_url=registry.redhat.io/openshift-gitops-1/dex-rhel8&tag=v1.9.4-1", }, }, }, { category: "product_version", name: "openshift-gitops-1/kam-delivery-rhel8@sha256:dd6b5013139815f60509703f6fc414974451ad73f7c93f758a8e98bf487606b4_amd64", product: { name: "openshift-gitops-1/kam-delivery-rhel8@sha256:dd6b5013139815f60509703f6fc414974451ad73f7c93f758a8e98bf487606b4_amd64", product_id: "openshift-gitops-1/kam-delivery-rhel8@sha256:dd6b5013139815f60509703f6fc414974451ad73f7c93f758a8e98bf487606b4_amd64", product_identification_helper: { purl: "pkg:oci/kam-delivery-rhel8@sha256:dd6b5013139815f60509703f6fc414974451ad73f7c93f758a8e98bf487606b4?arch=amd64&repository_url=registry.redhat.io/openshift-gitops-1/kam-delivery-rhel8&tag=v1.9.4-1", }, }, }, { category: "product_version", name: "openshift-gitops-1/must-gather-rhel8@sha256:793f9cd70553423d340ce703ec639dca2bdb84748a2a0ec49477f602b9d2ef99_amd64", product: { name: "openshift-gitops-1/must-gather-rhel8@sha256:793f9cd70553423d340ce703ec639dca2bdb84748a2a0ec49477f602b9d2ef99_amd64", product_id: "openshift-gitops-1/must-gather-rhel8@sha256:793f9cd70553423d340ce703ec639dca2bdb84748a2a0ec49477f602b9d2ef99_amd64", product_identification_helper: { purl: "pkg:oci/must-gather-rhel8@sha256:793f9cd70553423d340ce703ec639dca2bdb84748a2a0ec49477f602b9d2ef99?arch=amd64&repository_url=registry.redhat.io/openshift-gitops-1/must-gather-rhel8&tag=v1.9.4-1", }, }, }, { category: "product_version", name: "openshift-gitops-1/gitops-operator-bundle@sha256:27efa0ab1d9c69047a924bc1dcd2b56108f5f390a6da56afb6ab7a37cb4578e2_amd64", product: { name: "openshift-gitops-1/gitops-operator-bundle@sha256:27efa0ab1d9c69047a924bc1dcd2b56108f5f390a6da56afb6ab7a37cb4578e2_amd64", product_id: "openshift-gitops-1/gitops-operator-bundle@sha256:27efa0ab1d9c69047a924bc1dcd2b56108f5f390a6da56afb6ab7a37cb4578e2_amd64", product_identification_helper: { purl: "pkg:oci/gitops-operator-bundle@sha256:27efa0ab1d9c69047a924bc1dcd2b56108f5f390a6da56afb6ab7a37cb4578e2?arch=amd64&repository_url=registry.redhat.io/openshift-gitops-1/gitops-operator-bundle&tag=v1.9.4-1", }, }, }, { category: "product_version", name: "openshift-gitops-1/gitops-rhel8-operator@sha256:3da9453e99b7515c0e23ceab208c98d26c98eadd521cb6c470d8b1b5eb7057e0_amd64", product: { name: "openshift-gitops-1/gitops-rhel8-operator@sha256:3da9453e99b7515c0e23ceab208c98d26c98eadd521cb6c470d8b1b5eb7057e0_amd64", product_id: "openshift-gitops-1/gitops-rhel8-operator@sha256:3da9453e99b7515c0e23ceab208c98d26c98eadd521cb6c470d8b1b5eb7057e0_amd64", product_identification_helper: { purl: "pkg:oci/gitops-rhel8-operator@sha256:3da9453e99b7515c0e23ceab208c98d26c98eadd521cb6c470d8b1b5eb7057e0?arch=amd64&repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator&tag=v1.9.4-1", }, }, }, ], category: "architecture", name: "amd64", }, { branches: [ { category: "product_version", name: "openshift-gitops-1/argocd-rhel8@sha256:218da32ea9eb21533976f1d8348b46e64a878e2703e562e33e3b43a57c81a2e1_ppc64le", product: { name: "openshift-gitops-1/argocd-rhel8@sha256:218da32ea9eb21533976f1d8348b46e64a878e2703e562e33e3b43a57c81a2e1_ppc64le", product_id: "openshift-gitops-1/argocd-rhel8@sha256:218da32ea9eb21533976f1d8348b46e64a878e2703e562e33e3b43a57c81a2e1_ppc64le", product_identification_helper: { purl: "pkg:oci/argocd-rhel8@sha256:218da32ea9eb21533976f1d8348b46e64a878e2703e562e33e3b43a57c81a2e1?arch=ppc64le&repository_url=registry.redhat.io/openshift-gitops-1/argocd-rhel8&tag=v1.9.4-1", }, }, }, { category: "product_version", name: "openshift-gitops-1/argo-rollouts-rhel8@sha256:34d14cedc2ecd941f1ad4d38bce019a723283d78add071ff4d36e85a10815e2a_ppc64le", product: { name: "openshift-gitops-1/argo-rollouts-rhel8@sha256:34d14cedc2ecd941f1ad4d38bce019a723283d78add071ff4d36e85a10815e2a_ppc64le", product_id: "openshift-gitops-1/argo-rollouts-rhel8@sha256:34d14cedc2ecd941f1ad4d38bce019a723283d78add071ff4d36e85a10815e2a_ppc64le", product_identification_helper: { purl: "pkg:oci/argo-rollouts-rhel8@sha256:34d14cedc2ecd941f1ad4d38bce019a723283d78add071ff4d36e85a10815e2a?arch=ppc64le&repository_url=registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8&tag=v1.9.4-1", }, }, }, { category: "product_version", name: "openshift-gitops-1/console-plugin-rhel8@sha256:a39ddb1efd87a6d2032b83aa4a0afa0f51b5d125d212bc341d59242448badec5_ppc64le", product: { name: "openshift-gitops-1/console-plugin-rhel8@sha256:a39ddb1efd87a6d2032b83aa4a0afa0f51b5d125d212bc341d59242448badec5_ppc64le", product_id: "openshift-gitops-1/console-plugin-rhel8@sha256:a39ddb1efd87a6d2032b83aa4a0afa0f51b5d125d212bc341d59242448badec5_ppc64le", product_identification_helper: { purl: "pkg:oci/console-plugin-rhel8@sha256:a39ddb1efd87a6d2032b83aa4a0afa0f51b5d125d212bc341d59242448badec5?arch=ppc64le&repository_url=registry.redhat.io/openshift-gitops-1/console-plugin-rhel8&tag=v1.9.4-1", }, }, }, { category: "product_version", name: "openshift-gitops-1/gitops-rhel8@sha256:8fc8c324c3f9671dbb6102676fa11c3e5dbab5cb491ba83fbe31c203b2c87e58_ppc64le", product: { name: "openshift-gitops-1/gitops-rhel8@sha256:8fc8c324c3f9671dbb6102676fa11c3e5dbab5cb491ba83fbe31c203b2c87e58_ppc64le", product_id: "openshift-gitops-1/gitops-rhel8@sha256:8fc8c324c3f9671dbb6102676fa11c3e5dbab5cb491ba83fbe31c203b2c87e58_ppc64le", product_identification_helper: { purl: "pkg:oci/gitops-rhel8@sha256:8fc8c324c3f9671dbb6102676fa11c3e5dbab5cb491ba83fbe31c203b2c87e58?arch=ppc64le&repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8&tag=v1.9.4-1", }, }, }, { category: "product_version", name: "openshift-gitops-1/dex-rhel8@sha256:d87f8baf652171fc9bae7818f9de36412f01bd3c0b4c32cbe6da56376d9cbb1e_ppc64le", product: { name: "openshift-gitops-1/dex-rhel8@sha256:d87f8baf652171fc9bae7818f9de36412f01bd3c0b4c32cbe6da56376d9cbb1e_ppc64le", product_id: "openshift-gitops-1/dex-rhel8@sha256:d87f8baf652171fc9bae7818f9de36412f01bd3c0b4c32cbe6da56376d9cbb1e_ppc64le", product_identification_helper: { purl: "pkg:oci/dex-rhel8@sha256:d87f8baf652171fc9bae7818f9de36412f01bd3c0b4c32cbe6da56376d9cbb1e?arch=ppc64le&repository_url=registry.redhat.io/openshift-gitops-1/dex-rhel8&tag=v1.9.4-1", }, }, }, { category: "product_version", name: "openshift-gitops-1/kam-delivery-rhel8@sha256:7eb085abd98c9e2ea3bea9a31dda02e852e425f743c57b829c1dea170d1840a8_ppc64le", product: { name: "openshift-gitops-1/kam-delivery-rhel8@sha256:7eb085abd98c9e2ea3bea9a31dda02e852e425f743c57b829c1dea170d1840a8_ppc64le", product_id: "openshift-gitops-1/kam-delivery-rhel8@sha256:7eb085abd98c9e2ea3bea9a31dda02e852e425f743c57b829c1dea170d1840a8_ppc64le", product_identification_helper: { purl: "pkg:oci/kam-delivery-rhel8@sha256:7eb085abd98c9e2ea3bea9a31dda02e852e425f743c57b829c1dea170d1840a8?arch=ppc64le&repository_url=registry.redhat.io/openshift-gitops-1/kam-delivery-rhel8&tag=v1.9.4-1", }, }, }, { category: "product_version", name: "openshift-gitops-1/must-gather-rhel8@sha256:32b44ea49cb194e826b2532ac3f11e0dcb7bbdf04cc2c4639590d610f9cf3d38_ppc64le", product: { name: "openshift-gitops-1/must-gather-rhel8@sha256:32b44ea49cb194e826b2532ac3f11e0dcb7bbdf04cc2c4639590d610f9cf3d38_ppc64le", product_id: "openshift-gitops-1/must-gather-rhel8@sha256:32b44ea49cb194e826b2532ac3f11e0dcb7bbdf04cc2c4639590d610f9cf3d38_ppc64le", product_identification_helper: { purl: "pkg:oci/must-gather-rhel8@sha256:32b44ea49cb194e826b2532ac3f11e0dcb7bbdf04cc2c4639590d610f9cf3d38?arch=ppc64le&repository_url=registry.redhat.io/openshift-gitops-1/must-gather-rhel8&tag=v1.9.4-1", }, }, }, { category: "product_version", name: "openshift-gitops-1/gitops-rhel8-operator@sha256:412d9d2eec7c05923183621f62da212af1d133f2945c61f07fff2e45a8a8d068_ppc64le", product: { name: "openshift-gitops-1/gitops-rhel8-operator@sha256:412d9d2eec7c05923183621f62da212af1d133f2945c61f07fff2e45a8a8d068_ppc64le", product_id: "openshift-gitops-1/gitops-rhel8-operator@sha256:412d9d2eec7c05923183621f62da212af1d133f2945c61f07fff2e45a8a8d068_ppc64le", product_identification_helper: { purl: "pkg:oci/gitops-rhel8-operator@sha256:412d9d2eec7c05923183621f62da212af1d133f2945c61f07fff2e45a8a8d068?arch=ppc64le&repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator&tag=v1.9.4-1", }, }, }, ], category: "architecture", name: "ppc64le", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "openshift-gitops-1/argo-rollouts-rhel8@sha256:34d14cedc2ecd941f1ad4d38bce019a723283d78add071ff4d36e85a10815e2a_ppc64le as a component of Red Hat OpenShift GitOps 1.9", product_id: "8Base-GitOps-1.9:openshift-gitops-1/argo-rollouts-rhel8@sha256:34d14cedc2ecd941f1ad4d38bce019a723283d78add071ff4d36e85a10815e2a_ppc64le", }, product_reference: "openshift-gitops-1/argo-rollouts-rhel8@sha256:34d14cedc2ecd941f1ad4d38bce019a723283d78add071ff4d36e85a10815e2a_ppc64le", relates_to_product_reference: "8Base-GitOps-1.9", }, { category: "default_component_of", full_product_name: { name: "openshift-gitops-1/argo-rollouts-rhel8@sha256:bf88a002fcc9d1780b9a82595181f4425f14937d9117e6f5793d41695e400ebc_arm64 as a component of Red Hat OpenShift GitOps 1.9", product_id: "8Base-GitOps-1.9:openshift-gitops-1/argo-rollouts-rhel8@sha256:bf88a002fcc9d1780b9a82595181f4425f14937d9117e6f5793d41695e400ebc_arm64", }, product_reference: "openshift-gitops-1/argo-rollouts-rhel8@sha256:bf88a002fcc9d1780b9a82595181f4425f14937d9117e6f5793d41695e400ebc_arm64", relates_to_product_reference: "8Base-GitOps-1.9", }, { category: "default_component_of", full_product_name: { name: "openshift-gitops-1/argo-rollouts-rhel8@sha256:c3d3b382770538d7388bf23a10b1915f8fc254b9f76d18751089028a0ec947ff_s390x as a component of Red Hat OpenShift GitOps 1.9", product_id: "8Base-GitOps-1.9:openshift-gitops-1/argo-rollouts-rhel8@sha256:c3d3b382770538d7388bf23a10b1915f8fc254b9f76d18751089028a0ec947ff_s390x", }, product_reference: "openshift-gitops-1/argo-rollouts-rhel8@sha256:c3d3b382770538d7388bf23a10b1915f8fc254b9f76d18751089028a0ec947ff_s390x", relates_to_product_reference: "8Base-GitOps-1.9", }, { category: "default_component_of", full_product_name: { name: "openshift-gitops-1/argo-rollouts-rhel8@sha256:e259d73120a0611fbabdc93b4ee9a49eee6e8fa60841a4b7398b536a34bea5a9_amd64 as a component of Red Hat OpenShift GitOps 1.9", product_id: "8Base-GitOps-1.9:openshift-gitops-1/argo-rollouts-rhel8@sha256:e259d73120a0611fbabdc93b4ee9a49eee6e8fa60841a4b7398b536a34bea5a9_amd64", }, product_reference: "openshift-gitops-1/argo-rollouts-rhel8@sha256:e259d73120a0611fbabdc93b4ee9a49eee6e8fa60841a4b7398b536a34bea5a9_amd64", relates_to_product_reference: "8Base-GitOps-1.9", }, { category: "default_component_of", full_product_name: { name: "openshift-gitops-1/argocd-rhel8@sha256:1072c8b7c1563b5b7c7eb29119ec97765c3e0dad267ad8800b8146cbe7336cc6_s390x as a component of Red Hat OpenShift GitOps 1.9", product_id: "8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:1072c8b7c1563b5b7c7eb29119ec97765c3e0dad267ad8800b8146cbe7336cc6_s390x", }, product_reference: "openshift-gitops-1/argocd-rhel8@sha256:1072c8b7c1563b5b7c7eb29119ec97765c3e0dad267ad8800b8146cbe7336cc6_s390x", relates_to_product_reference: "8Base-GitOps-1.9", }, { category: "default_component_of", full_product_name: { name: "openshift-gitops-1/argocd-rhel8@sha256:1cca6eda59e4ed1d409aa0ef039b524e58412422cc1f492c2bc515f5905ed516_arm64 as a component of Red Hat OpenShift GitOps 1.9", product_id: "8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:1cca6eda59e4ed1d409aa0ef039b524e58412422cc1f492c2bc515f5905ed516_arm64", }, product_reference: "openshift-gitops-1/argocd-rhel8@sha256:1cca6eda59e4ed1d409aa0ef039b524e58412422cc1f492c2bc515f5905ed516_arm64", relates_to_product_reference: "8Base-GitOps-1.9", }, { category: "default_component_of", full_product_name: { name: "openshift-gitops-1/argocd-rhel8@sha256:218da32ea9eb21533976f1d8348b46e64a878e2703e562e33e3b43a57c81a2e1_ppc64le as a component of Red Hat OpenShift GitOps 1.9", product_id: "8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:218da32ea9eb21533976f1d8348b46e64a878e2703e562e33e3b43a57c81a2e1_ppc64le", }, product_reference: "openshift-gitops-1/argocd-rhel8@sha256:218da32ea9eb21533976f1d8348b46e64a878e2703e562e33e3b43a57c81a2e1_ppc64le", relates_to_product_reference: "8Base-GitOps-1.9", }, { category: "default_component_of", full_product_name: { name: "openshift-gitops-1/argocd-rhel8@sha256:e96c6e5d7bf4ffc828a463e4f8f48f661ca8af5487de4ecbedba1e818933aebb_amd64 as a component of Red Hat OpenShift GitOps 1.9", product_id: "8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:e96c6e5d7bf4ffc828a463e4f8f48f661ca8af5487de4ecbedba1e818933aebb_amd64", }, product_reference: "openshift-gitops-1/argocd-rhel8@sha256:e96c6e5d7bf4ffc828a463e4f8f48f661ca8af5487de4ecbedba1e818933aebb_amd64", relates_to_product_reference: "8Base-GitOps-1.9", }, { category: "default_component_of", full_product_name: { name: "openshift-gitops-1/console-plugin-rhel8@sha256:4175e60402edd252b70a8762606760174aecb0463987bc307e59e0f842dc7976_amd64 as a component of Red Hat OpenShift GitOps 1.9", product_id: "8Base-GitOps-1.9:openshift-gitops-1/console-plugin-rhel8@sha256:4175e60402edd252b70a8762606760174aecb0463987bc307e59e0f842dc7976_amd64", }, product_reference: "openshift-gitops-1/console-plugin-rhel8@sha256:4175e60402edd252b70a8762606760174aecb0463987bc307e59e0f842dc7976_amd64", relates_to_product_reference: "8Base-GitOps-1.9", }, { category: "default_component_of", full_product_name: { name: "openshift-gitops-1/console-plugin-rhel8@sha256:6a30cc9219b91d00524216523d1c45a4123b809c03a785d4ed4e20a8efc61e35_s390x as a component of Red Hat OpenShift GitOps 1.9", product_id: "8Base-GitOps-1.9:openshift-gitops-1/console-plugin-rhel8@sha256:6a30cc9219b91d00524216523d1c45a4123b809c03a785d4ed4e20a8efc61e35_s390x", }, product_reference: "openshift-gitops-1/console-plugin-rhel8@sha256:6a30cc9219b91d00524216523d1c45a4123b809c03a785d4ed4e20a8efc61e35_s390x", relates_to_product_reference: "8Base-GitOps-1.9", }, { category: "default_component_of", full_product_name: { name: "openshift-gitops-1/console-plugin-rhel8@sha256:a39ddb1efd87a6d2032b83aa4a0afa0f51b5d125d212bc341d59242448badec5_ppc64le as a component of Red Hat OpenShift GitOps 1.9", product_id: "8Base-GitOps-1.9:openshift-gitops-1/console-plugin-rhel8@sha256:a39ddb1efd87a6d2032b83aa4a0afa0f51b5d125d212bc341d59242448badec5_ppc64le", }, product_reference: "openshift-gitops-1/console-plugin-rhel8@sha256:a39ddb1efd87a6d2032b83aa4a0afa0f51b5d125d212bc341d59242448badec5_ppc64le", relates_to_product_reference: "8Base-GitOps-1.9", }, { category: "default_component_of", full_product_name: { name: "openshift-gitops-1/console-plugin-rhel8@sha256:f4dbcf9637738494a0906ab3da3e2935761ad2b1194a8f5797490b01523fa875_arm64 as a component of Red Hat OpenShift GitOps 1.9", product_id: "8Base-GitOps-1.9:openshift-gitops-1/console-plugin-rhel8@sha256:f4dbcf9637738494a0906ab3da3e2935761ad2b1194a8f5797490b01523fa875_arm64", }, product_reference: "openshift-gitops-1/console-plugin-rhel8@sha256:f4dbcf9637738494a0906ab3da3e2935761ad2b1194a8f5797490b01523fa875_arm64", relates_to_product_reference: "8Base-GitOps-1.9", }, { category: "default_component_of", full_product_name: { name: "openshift-gitops-1/dex-rhel8@sha256:60b93bcaf87c4b277bbfc18a920d246363452e0f5b1156333312e5b737bbf381_amd64 as a component of Red Hat OpenShift GitOps 1.9", product_id: "8Base-GitOps-1.9:openshift-gitops-1/dex-rhel8@sha256:60b93bcaf87c4b277bbfc18a920d246363452e0f5b1156333312e5b737bbf381_amd64", }, product_reference: "openshift-gitops-1/dex-rhel8@sha256:60b93bcaf87c4b277bbfc18a920d246363452e0f5b1156333312e5b737bbf381_amd64", relates_to_product_reference: "8Base-GitOps-1.9", }, { category: "default_component_of", full_product_name: { name: "openshift-gitops-1/dex-rhel8@sha256:962c98496645544fba458f5862aa4bc8abf43c6c95021127c75a7f9f3a64aab0_s390x as a component of Red Hat OpenShift GitOps 1.9", product_id: "8Base-GitOps-1.9:openshift-gitops-1/dex-rhel8@sha256:962c98496645544fba458f5862aa4bc8abf43c6c95021127c75a7f9f3a64aab0_s390x", }, product_reference: "openshift-gitops-1/dex-rhel8@sha256:962c98496645544fba458f5862aa4bc8abf43c6c95021127c75a7f9f3a64aab0_s390x", relates_to_product_reference: "8Base-GitOps-1.9", }, { category: "default_component_of", full_product_name: { name: "openshift-gitops-1/dex-rhel8@sha256:c80e9ddfe27033af92d26aa16da7a2211bdca4a17d2d08adb6bb79aed39e693c_arm64 as a component of Red Hat OpenShift GitOps 1.9", product_id: "8Base-GitOps-1.9:openshift-gitops-1/dex-rhel8@sha256:c80e9ddfe27033af92d26aa16da7a2211bdca4a17d2d08adb6bb79aed39e693c_arm64", }, product_reference: "openshift-gitops-1/dex-rhel8@sha256:c80e9ddfe27033af92d26aa16da7a2211bdca4a17d2d08adb6bb79aed39e693c_arm64", relates_to_product_reference: "8Base-GitOps-1.9", }, { category: "default_component_of", full_product_name: { name: "openshift-gitops-1/dex-rhel8@sha256:d87f8baf652171fc9bae7818f9de36412f01bd3c0b4c32cbe6da56376d9cbb1e_ppc64le as a component of Red Hat OpenShift GitOps 1.9", product_id: "8Base-GitOps-1.9:openshift-gitops-1/dex-rhel8@sha256:d87f8baf652171fc9bae7818f9de36412f01bd3c0b4c32cbe6da56376d9cbb1e_ppc64le", }, product_reference: "openshift-gitops-1/dex-rhel8@sha256:d87f8baf652171fc9bae7818f9de36412f01bd3c0b4c32cbe6da56376d9cbb1e_ppc64le", relates_to_product_reference: "8Base-GitOps-1.9", }, { category: "default_component_of", full_product_name: { name: "openshift-gitops-1/gitops-operator-bundle@sha256:27efa0ab1d9c69047a924bc1dcd2b56108f5f390a6da56afb6ab7a37cb4578e2_amd64 as a component of Red Hat OpenShift GitOps 1.9", product_id: "8Base-GitOps-1.9:openshift-gitops-1/gitops-operator-bundle@sha256:27efa0ab1d9c69047a924bc1dcd2b56108f5f390a6da56afb6ab7a37cb4578e2_amd64", }, product_reference: "openshift-gitops-1/gitops-operator-bundle@sha256:27efa0ab1d9c69047a924bc1dcd2b56108f5f390a6da56afb6ab7a37cb4578e2_amd64", relates_to_product_reference: "8Base-GitOps-1.9", }, { category: "default_component_of", full_product_name: { name: "openshift-gitops-1/gitops-rhel8-operator@sha256:3da9453e99b7515c0e23ceab208c98d26c98eadd521cb6c470d8b1b5eb7057e0_amd64 as a component of Red Hat OpenShift GitOps 1.9", product_id: "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8-operator@sha256:3da9453e99b7515c0e23ceab208c98d26c98eadd521cb6c470d8b1b5eb7057e0_amd64", }, product_reference: "openshift-gitops-1/gitops-rhel8-operator@sha256:3da9453e99b7515c0e23ceab208c98d26c98eadd521cb6c470d8b1b5eb7057e0_amd64", relates_to_product_reference: "8Base-GitOps-1.9", }, { category: "default_component_of", full_product_name: { name: "openshift-gitops-1/gitops-rhel8-operator@sha256:412d9d2eec7c05923183621f62da212af1d133f2945c61f07fff2e45a8a8d068_ppc64le as a component of Red Hat OpenShift GitOps 1.9", product_id: "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8-operator@sha256:412d9d2eec7c05923183621f62da212af1d133f2945c61f07fff2e45a8a8d068_ppc64le", }, product_reference: "openshift-gitops-1/gitops-rhel8-operator@sha256:412d9d2eec7c05923183621f62da212af1d133f2945c61f07fff2e45a8a8d068_ppc64le", relates_to_product_reference: "8Base-GitOps-1.9", }, { category: "default_component_of", full_product_name: { name: "openshift-gitops-1/gitops-rhel8-operator@sha256:b509f44121f29f65da9302ad916df9a6a65bb2e563c64f48f58347bd146a2960_s390x as a component of Red Hat OpenShift GitOps 1.9", product_id: "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8-operator@sha256:b509f44121f29f65da9302ad916df9a6a65bb2e563c64f48f58347bd146a2960_s390x", }, product_reference: "openshift-gitops-1/gitops-rhel8-operator@sha256:b509f44121f29f65da9302ad916df9a6a65bb2e563c64f48f58347bd146a2960_s390x", relates_to_product_reference: "8Base-GitOps-1.9", }, { category: "default_component_of", full_product_name: { name: "openshift-gitops-1/gitops-rhel8-operator@sha256:fbf6a44ccd0ea12d8d2e069203a5d7edcbb30e9724f781d43e3529fe0abb4798_arm64 as a component of Red Hat OpenShift GitOps 1.9", product_id: "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8-operator@sha256:fbf6a44ccd0ea12d8d2e069203a5d7edcbb30e9724f781d43e3529fe0abb4798_arm64", }, product_reference: "openshift-gitops-1/gitops-rhel8-operator@sha256:fbf6a44ccd0ea12d8d2e069203a5d7edcbb30e9724f781d43e3529fe0abb4798_arm64", relates_to_product_reference: "8Base-GitOps-1.9", }, { category: "default_component_of", full_product_name: { name: "openshift-gitops-1/gitops-rhel8@sha256:0e589b8414b025e6bcbfba17590341c2143115885dcef479e8e68ac929ae3820_s390x as a component of Red Hat OpenShift GitOps 1.9", product_id: "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8@sha256:0e589b8414b025e6bcbfba17590341c2143115885dcef479e8e68ac929ae3820_s390x", }, product_reference: "openshift-gitops-1/gitops-rhel8@sha256:0e589b8414b025e6bcbfba17590341c2143115885dcef479e8e68ac929ae3820_s390x", relates_to_product_reference: "8Base-GitOps-1.9", }, { category: "default_component_of", full_product_name: { name: "openshift-gitops-1/gitops-rhel8@sha256:521c08653c7792317e5872c306b4e276da0d55237b9a7fa5c7ff615def846a61_amd64 as a component of Red Hat OpenShift GitOps 1.9", product_id: "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8@sha256:521c08653c7792317e5872c306b4e276da0d55237b9a7fa5c7ff615def846a61_amd64", }, product_reference: "openshift-gitops-1/gitops-rhel8@sha256:521c08653c7792317e5872c306b4e276da0d55237b9a7fa5c7ff615def846a61_amd64", relates_to_product_reference: "8Base-GitOps-1.9", }, { category: "default_component_of", full_product_name: { name: "openshift-gitops-1/gitops-rhel8@sha256:5a446497a5e9ea9e9ee6501e0664c22b410d8eaa8bf32c6b57e11a8a34dc534e_arm64 as a component of Red Hat OpenShift GitOps 1.9", product_id: "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8@sha256:5a446497a5e9ea9e9ee6501e0664c22b410d8eaa8bf32c6b57e11a8a34dc534e_arm64", }, product_reference: "openshift-gitops-1/gitops-rhel8@sha256:5a446497a5e9ea9e9ee6501e0664c22b410d8eaa8bf32c6b57e11a8a34dc534e_arm64", relates_to_product_reference: "8Base-GitOps-1.9", }, { category: "default_component_of", full_product_name: { name: "openshift-gitops-1/gitops-rhel8@sha256:8fc8c324c3f9671dbb6102676fa11c3e5dbab5cb491ba83fbe31c203b2c87e58_ppc64le as a component of Red Hat OpenShift GitOps 1.9", product_id: "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8@sha256:8fc8c324c3f9671dbb6102676fa11c3e5dbab5cb491ba83fbe31c203b2c87e58_ppc64le", }, product_reference: "openshift-gitops-1/gitops-rhel8@sha256:8fc8c324c3f9671dbb6102676fa11c3e5dbab5cb491ba83fbe31c203b2c87e58_ppc64le", relates_to_product_reference: "8Base-GitOps-1.9", }, { category: "default_component_of", full_product_name: { name: "openshift-gitops-1/kam-delivery-rhel8@sha256:66f047335f44ca1fdd69f38002bceb3d01b972c293b8bfdb768e072cda2d1283_s390x as a component of Red Hat OpenShift GitOps 1.9", product_id: "8Base-GitOps-1.9:openshift-gitops-1/kam-delivery-rhel8@sha256:66f047335f44ca1fdd69f38002bceb3d01b972c293b8bfdb768e072cda2d1283_s390x", }, product_reference: "openshift-gitops-1/kam-delivery-rhel8@sha256:66f047335f44ca1fdd69f38002bceb3d01b972c293b8bfdb768e072cda2d1283_s390x", relates_to_product_reference: "8Base-GitOps-1.9", }, { category: "default_component_of", full_product_name: { name: "openshift-gitops-1/kam-delivery-rhel8@sha256:6751faddc6fad904c7e9b72118fd90b9b3c818522e17f2bbd7acf99d2613f59a_arm64 as a component of Red Hat OpenShift GitOps 1.9", product_id: "8Base-GitOps-1.9:openshift-gitops-1/kam-delivery-rhel8@sha256:6751faddc6fad904c7e9b72118fd90b9b3c818522e17f2bbd7acf99d2613f59a_arm64", }, product_reference: "openshift-gitops-1/kam-delivery-rhel8@sha256:6751faddc6fad904c7e9b72118fd90b9b3c818522e17f2bbd7acf99d2613f59a_arm64", relates_to_product_reference: "8Base-GitOps-1.9", }, { category: "default_component_of", full_product_name: { name: "openshift-gitops-1/kam-delivery-rhel8@sha256:7eb085abd98c9e2ea3bea9a31dda02e852e425f743c57b829c1dea170d1840a8_ppc64le as a component of Red Hat OpenShift GitOps 1.9", product_id: "8Base-GitOps-1.9:openshift-gitops-1/kam-delivery-rhel8@sha256:7eb085abd98c9e2ea3bea9a31dda02e852e425f743c57b829c1dea170d1840a8_ppc64le", }, product_reference: "openshift-gitops-1/kam-delivery-rhel8@sha256:7eb085abd98c9e2ea3bea9a31dda02e852e425f743c57b829c1dea170d1840a8_ppc64le", relates_to_product_reference: "8Base-GitOps-1.9", }, { category: "default_component_of", full_product_name: { name: "openshift-gitops-1/kam-delivery-rhel8@sha256:dd6b5013139815f60509703f6fc414974451ad73f7c93f758a8e98bf487606b4_amd64 as a component of Red Hat OpenShift GitOps 1.9", product_id: "8Base-GitOps-1.9:openshift-gitops-1/kam-delivery-rhel8@sha256:dd6b5013139815f60509703f6fc414974451ad73f7c93f758a8e98bf487606b4_amd64", }, product_reference: "openshift-gitops-1/kam-delivery-rhel8@sha256:dd6b5013139815f60509703f6fc414974451ad73f7c93f758a8e98bf487606b4_amd64", relates_to_product_reference: "8Base-GitOps-1.9", }, { category: "default_component_of", full_product_name: { name: "openshift-gitops-1/must-gather-rhel8@sha256:32b44ea49cb194e826b2532ac3f11e0dcb7bbdf04cc2c4639590d610f9cf3d38_ppc64le as a component of Red Hat OpenShift GitOps 1.9", product_id: "8Base-GitOps-1.9:openshift-gitops-1/must-gather-rhel8@sha256:32b44ea49cb194e826b2532ac3f11e0dcb7bbdf04cc2c4639590d610f9cf3d38_ppc64le", }, product_reference: "openshift-gitops-1/must-gather-rhel8@sha256:32b44ea49cb194e826b2532ac3f11e0dcb7bbdf04cc2c4639590d610f9cf3d38_ppc64le", relates_to_product_reference: "8Base-GitOps-1.9", }, { category: "default_component_of", full_product_name: { name: "openshift-gitops-1/must-gather-rhel8@sha256:623c6f082189daa2b4af5750acaaa856ece5926ba10e62f99678fe103239c124_s390x as a component of Red Hat OpenShift GitOps 1.9", product_id: "8Base-GitOps-1.9:openshift-gitops-1/must-gather-rhel8@sha256:623c6f082189daa2b4af5750acaaa856ece5926ba10e62f99678fe103239c124_s390x", }, product_reference: "openshift-gitops-1/must-gather-rhel8@sha256:623c6f082189daa2b4af5750acaaa856ece5926ba10e62f99678fe103239c124_s390x", relates_to_product_reference: "8Base-GitOps-1.9", }, { category: "default_component_of", full_product_name: { name: "openshift-gitops-1/must-gather-rhel8@sha256:793f9cd70553423d340ce703ec639dca2bdb84748a2a0ec49477f602b9d2ef99_amd64 as a component of Red Hat OpenShift GitOps 1.9", product_id: "8Base-GitOps-1.9:openshift-gitops-1/must-gather-rhel8@sha256:793f9cd70553423d340ce703ec639dca2bdb84748a2a0ec49477f602b9d2ef99_amd64", }, product_reference: "openshift-gitops-1/must-gather-rhel8@sha256:793f9cd70553423d340ce703ec639dca2bdb84748a2a0ec49477f602b9d2ef99_amd64", relates_to_product_reference: "8Base-GitOps-1.9", }, { category: "default_component_of", full_product_name: { name: "openshift-gitops-1/must-gather-rhel8@sha256:7de4cb6db7d0792022f92af68cb9ea7290b3b471ef298c27c0a890cf6847eab3_arm64 as a component of Red Hat OpenShift GitOps 1.9", product_id: "8Base-GitOps-1.9:openshift-gitops-1/must-gather-rhel8@sha256:7de4cb6db7d0792022f92af68cb9ea7290b3b471ef298c27c0a890cf6847eab3_arm64", }, product_reference: "openshift-gitops-1/must-gather-rhel8@sha256:7de4cb6db7d0792022f92af68cb9ea7290b3b471ef298c27c0a890cf6847eab3_arm64", relates_to_product_reference: "8Base-GitOps-1.9", }, ], }, vulnerabilities: [ { cve: "CVE-2023-49568", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2024-01-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2258165", }, ], notes: [ { category: "description", text: "A denial of service (DoS) vulnerability was found in the go library go-git. This issue may allow an attacker to perform denial of service attacks by providing specially crafted responses from a Git server, which can trigger resource exhaustion in go-git clients.", title: "Vulnerability description", }, { category: "summary", text: "go-git: Maliciously crafted Git server replies can cause DoS on go-git clients", title: "Vulnerability summary", }, { category: "other", text: "This problem only affects the go implementation and not the original git cli code. Applications using only in-memory filesystems are not affected by this issue. Clients should be limited to connect to only trusted git servers to reduce the risk of compromise.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-GitOps-1.9:openshift-gitops-1/argo-rollouts-rhel8@sha256:34d14cedc2ecd941f1ad4d38bce019a723283d78add071ff4d36e85a10815e2a_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/argo-rollouts-rhel8@sha256:bf88a002fcc9d1780b9a82595181f4425f14937d9117e6f5793d41695e400ebc_arm64", "8Base-GitOps-1.9:openshift-gitops-1/argo-rollouts-rhel8@sha256:c3d3b382770538d7388bf23a10b1915f8fc254b9f76d18751089028a0ec947ff_s390x", "8Base-GitOps-1.9:openshift-gitops-1/argo-rollouts-rhel8@sha256:e259d73120a0611fbabdc93b4ee9a49eee6e8fa60841a4b7398b536a34bea5a9_amd64", "8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:1072c8b7c1563b5b7c7eb29119ec97765c3e0dad267ad8800b8146cbe7336cc6_s390x", "8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:1cca6eda59e4ed1d409aa0ef039b524e58412422cc1f492c2bc515f5905ed516_arm64", "8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:218da32ea9eb21533976f1d8348b46e64a878e2703e562e33e3b43a57c81a2e1_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:e96c6e5d7bf4ffc828a463e4f8f48f661ca8af5487de4ecbedba1e818933aebb_amd64", "8Base-GitOps-1.9:openshift-gitops-1/console-plugin-rhel8@sha256:4175e60402edd252b70a8762606760174aecb0463987bc307e59e0f842dc7976_amd64", "8Base-GitOps-1.9:openshift-gitops-1/console-plugin-rhel8@sha256:6a30cc9219b91d00524216523d1c45a4123b809c03a785d4ed4e20a8efc61e35_s390x", "8Base-GitOps-1.9:openshift-gitops-1/console-plugin-rhel8@sha256:a39ddb1efd87a6d2032b83aa4a0afa0f51b5d125d212bc341d59242448badec5_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/console-plugin-rhel8@sha256:f4dbcf9637738494a0906ab3da3e2935761ad2b1194a8f5797490b01523fa875_arm64", "8Base-GitOps-1.9:openshift-gitops-1/dex-rhel8@sha256:60b93bcaf87c4b277bbfc18a920d246363452e0f5b1156333312e5b737bbf381_amd64", "8Base-GitOps-1.9:openshift-gitops-1/dex-rhel8@sha256:962c98496645544fba458f5862aa4bc8abf43c6c95021127c75a7f9f3a64aab0_s390x", "8Base-GitOps-1.9:openshift-gitops-1/dex-rhel8@sha256:c80e9ddfe27033af92d26aa16da7a2211bdca4a17d2d08adb6bb79aed39e693c_arm64", "8Base-GitOps-1.9:openshift-gitops-1/dex-rhel8@sha256:d87f8baf652171fc9bae7818f9de36412f01bd3c0b4c32cbe6da56376d9cbb1e_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/gitops-operator-bundle@sha256:27efa0ab1d9c69047a924bc1dcd2b56108f5f390a6da56afb6ab7a37cb4578e2_amd64", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8-operator@sha256:3da9453e99b7515c0e23ceab208c98d26c98eadd521cb6c470d8b1b5eb7057e0_amd64", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8-operator@sha256:412d9d2eec7c05923183621f62da212af1d133f2945c61f07fff2e45a8a8d068_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8-operator@sha256:b509f44121f29f65da9302ad916df9a6a65bb2e563c64f48f58347bd146a2960_s390x", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8-operator@sha256:fbf6a44ccd0ea12d8d2e069203a5d7edcbb30e9724f781d43e3529fe0abb4798_arm64", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8@sha256:0e589b8414b025e6bcbfba17590341c2143115885dcef479e8e68ac929ae3820_s390x", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8@sha256:521c08653c7792317e5872c306b4e276da0d55237b9a7fa5c7ff615def846a61_amd64", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8@sha256:5a446497a5e9ea9e9ee6501e0664c22b410d8eaa8bf32c6b57e11a8a34dc534e_arm64", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8@sha256:8fc8c324c3f9671dbb6102676fa11c3e5dbab5cb491ba83fbe31c203b2c87e58_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/kam-delivery-rhel8@sha256:66f047335f44ca1fdd69f38002bceb3d01b972c293b8bfdb768e072cda2d1283_s390x", "8Base-GitOps-1.9:openshift-gitops-1/kam-delivery-rhel8@sha256:6751faddc6fad904c7e9b72118fd90b9b3c818522e17f2bbd7acf99d2613f59a_arm64", "8Base-GitOps-1.9:openshift-gitops-1/kam-delivery-rhel8@sha256:7eb085abd98c9e2ea3bea9a31dda02e852e425f743c57b829c1dea170d1840a8_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/kam-delivery-rhel8@sha256:dd6b5013139815f60509703f6fc414974451ad73f7c93f758a8e98bf487606b4_amd64", "8Base-GitOps-1.9:openshift-gitops-1/must-gather-rhel8@sha256:32b44ea49cb194e826b2532ac3f11e0dcb7bbdf04cc2c4639590d610f9cf3d38_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/must-gather-rhel8@sha256:623c6f082189daa2b4af5750acaaa856ece5926ba10e62f99678fe103239c124_s390x", "8Base-GitOps-1.9:openshift-gitops-1/must-gather-rhel8@sha256:793f9cd70553423d340ce703ec639dca2bdb84748a2a0ec49477f602b9d2ef99_amd64", "8Base-GitOps-1.9:openshift-gitops-1/must-gather-rhel8@sha256:7de4cb6db7d0792022f92af68cb9ea7290b3b471ef298c27c0a890cf6847eab3_arm64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-49568", }, { category: "external", summary: "RHBZ#2258165", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2258165", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-49568", url: "https://www.cve.org/CVERecord?id=CVE-2023-49568", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-49568", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-49568", }, { category: "external", summary: "https://github.com/go-git/go-git/security/advisories/GHSA-mw99-9chc-xw7r", url: "https://github.com/go-git/go-git/security/advisories/GHSA-mw99-9chc-xw7r", }, ], release_date: "2023-12-24T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-02-05T20:30:07+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-GitOps-1.9:openshift-gitops-1/argo-rollouts-rhel8@sha256:34d14cedc2ecd941f1ad4d38bce019a723283d78add071ff4d36e85a10815e2a_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/argo-rollouts-rhel8@sha256:bf88a002fcc9d1780b9a82595181f4425f14937d9117e6f5793d41695e400ebc_arm64", "8Base-GitOps-1.9:openshift-gitops-1/argo-rollouts-rhel8@sha256:c3d3b382770538d7388bf23a10b1915f8fc254b9f76d18751089028a0ec947ff_s390x", "8Base-GitOps-1.9:openshift-gitops-1/argo-rollouts-rhel8@sha256:e259d73120a0611fbabdc93b4ee9a49eee6e8fa60841a4b7398b536a34bea5a9_amd64", "8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:1072c8b7c1563b5b7c7eb29119ec97765c3e0dad267ad8800b8146cbe7336cc6_s390x", "8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:1cca6eda59e4ed1d409aa0ef039b524e58412422cc1f492c2bc515f5905ed516_arm64", "8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:218da32ea9eb21533976f1d8348b46e64a878e2703e562e33e3b43a57c81a2e1_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:e96c6e5d7bf4ffc828a463e4f8f48f661ca8af5487de4ecbedba1e818933aebb_amd64", "8Base-GitOps-1.9:openshift-gitops-1/console-plugin-rhel8@sha256:4175e60402edd252b70a8762606760174aecb0463987bc307e59e0f842dc7976_amd64", "8Base-GitOps-1.9:openshift-gitops-1/console-plugin-rhel8@sha256:6a30cc9219b91d00524216523d1c45a4123b809c03a785d4ed4e20a8efc61e35_s390x", "8Base-GitOps-1.9:openshift-gitops-1/console-plugin-rhel8@sha256:a39ddb1efd87a6d2032b83aa4a0afa0f51b5d125d212bc341d59242448badec5_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/console-plugin-rhel8@sha256:f4dbcf9637738494a0906ab3da3e2935761ad2b1194a8f5797490b01523fa875_arm64", "8Base-GitOps-1.9:openshift-gitops-1/dex-rhel8@sha256:60b93bcaf87c4b277bbfc18a920d246363452e0f5b1156333312e5b737bbf381_amd64", "8Base-GitOps-1.9:openshift-gitops-1/dex-rhel8@sha256:962c98496645544fba458f5862aa4bc8abf43c6c95021127c75a7f9f3a64aab0_s390x", "8Base-GitOps-1.9:openshift-gitops-1/dex-rhel8@sha256:c80e9ddfe27033af92d26aa16da7a2211bdca4a17d2d08adb6bb79aed39e693c_arm64", "8Base-GitOps-1.9:openshift-gitops-1/dex-rhel8@sha256:d87f8baf652171fc9bae7818f9de36412f01bd3c0b4c32cbe6da56376d9cbb1e_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/gitops-operator-bundle@sha256:27efa0ab1d9c69047a924bc1dcd2b56108f5f390a6da56afb6ab7a37cb4578e2_amd64", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8-operator@sha256:3da9453e99b7515c0e23ceab208c98d26c98eadd521cb6c470d8b1b5eb7057e0_amd64", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8-operator@sha256:412d9d2eec7c05923183621f62da212af1d133f2945c61f07fff2e45a8a8d068_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8-operator@sha256:b509f44121f29f65da9302ad916df9a6a65bb2e563c64f48f58347bd146a2960_s390x", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8-operator@sha256:fbf6a44ccd0ea12d8d2e069203a5d7edcbb30e9724f781d43e3529fe0abb4798_arm64", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8@sha256:0e589b8414b025e6bcbfba17590341c2143115885dcef479e8e68ac929ae3820_s390x", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8@sha256:521c08653c7792317e5872c306b4e276da0d55237b9a7fa5c7ff615def846a61_amd64", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8@sha256:5a446497a5e9ea9e9ee6501e0664c22b410d8eaa8bf32c6b57e11a8a34dc534e_arm64", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8@sha256:8fc8c324c3f9671dbb6102676fa11c3e5dbab5cb491ba83fbe31c203b2c87e58_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/kam-delivery-rhel8@sha256:66f047335f44ca1fdd69f38002bceb3d01b972c293b8bfdb768e072cda2d1283_s390x", "8Base-GitOps-1.9:openshift-gitops-1/kam-delivery-rhel8@sha256:6751faddc6fad904c7e9b72118fd90b9b3c818522e17f2bbd7acf99d2613f59a_arm64", "8Base-GitOps-1.9:openshift-gitops-1/kam-delivery-rhel8@sha256:7eb085abd98c9e2ea3bea9a31dda02e852e425f743c57b829c1dea170d1840a8_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/kam-delivery-rhel8@sha256:dd6b5013139815f60509703f6fc414974451ad73f7c93f758a8e98bf487606b4_amd64", "8Base-GitOps-1.9:openshift-gitops-1/must-gather-rhel8@sha256:32b44ea49cb194e826b2532ac3f11e0dcb7bbdf04cc2c4639590d610f9cf3d38_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/must-gather-rhel8@sha256:623c6f082189daa2b4af5750acaaa856ece5926ba10e62f99678fe103239c124_s390x", "8Base-GitOps-1.9:openshift-gitops-1/must-gather-rhel8@sha256:793f9cd70553423d340ce703ec639dca2bdb84748a2a0ec49477f602b9d2ef99_amd64", "8Base-GitOps-1.9:openshift-gitops-1/must-gather-rhel8@sha256:7de4cb6db7d0792022f92af68cb9ea7290b3b471ef298c27c0a890cf6847eab3_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:0691", }, { category: "workaround", details: "In cases where a bump to the latest version of go-git is not possible, a recommendation to reduce the exposure of this threat is limiting its use to only trust-worthy Git servers.", product_ids: [ "8Base-GitOps-1.9:openshift-gitops-1/argo-rollouts-rhel8@sha256:34d14cedc2ecd941f1ad4d38bce019a723283d78add071ff4d36e85a10815e2a_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/argo-rollouts-rhel8@sha256:bf88a002fcc9d1780b9a82595181f4425f14937d9117e6f5793d41695e400ebc_arm64", "8Base-GitOps-1.9:openshift-gitops-1/argo-rollouts-rhel8@sha256:c3d3b382770538d7388bf23a10b1915f8fc254b9f76d18751089028a0ec947ff_s390x", "8Base-GitOps-1.9:openshift-gitops-1/argo-rollouts-rhel8@sha256:e259d73120a0611fbabdc93b4ee9a49eee6e8fa60841a4b7398b536a34bea5a9_amd64", "8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:1072c8b7c1563b5b7c7eb29119ec97765c3e0dad267ad8800b8146cbe7336cc6_s390x", "8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:1cca6eda59e4ed1d409aa0ef039b524e58412422cc1f492c2bc515f5905ed516_arm64", "8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:218da32ea9eb21533976f1d8348b46e64a878e2703e562e33e3b43a57c81a2e1_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:e96c6e5d7bf4ffc828a463e4f8f48f661ca8af5487de4ecbedba1e818933aebb_amd64", "8Base-GitOps-1.9:openshift-gitops-1/console-plugin-rhel8@sha256:4175e60402edd252b70a8762606760174aecb0463987bc307e59e0f842dc7976_amd64", "8Base-GitOps-1.9:openshift-gitops-1/console-plugin-rhel8@sha256:6a30cc9219b91d00524216523d1c45a4123b809c03a785d4ed4e20a8efc61e35_s390x", "8Base-GitOps-1.9:openshift-gitops-1/console-plugin-rhel8@sha256:a39ddb1efd87a6d2032b83aa4a0afa0f51b5d125d212bc341d59242448badec5_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/console-plugin-rhel8@sha256:f4dbcf9637738494a0906ab3da3e2935761ad2b1194a8f5797490b01523fa875_arm64", "8Base-GitOps-1.9:openshift-gitops-1/dex-rhel8@sha256:60b93bcaf87c4b277bbfc18a920d246363452e0f5b1156333312e5b737bbf381_amd64", "8Base-GitOps-1.9:openshift-gitops-1/dex-rhel8@sha256:962c98496645544fba458f5862aa4bc8abf43c6c95021127c75a7f9f3a64aab0_s390x", "8Base-GitOps-1.9:openshift-gitops-1/dex-rhel8@sha256:c80e9ddfe27033af92d26aa16da7a2211bdca4a17d2d08adb6bb79aed39e693c_arm64", "8Base-GitOps-1.9:openshift-gitops-1/dex-rhel8@sha256:d87f8baf652171fc9bae7818f9de36412f01bd3c0b4c32cbe6da56376d9cbb1e_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/gitops-operator-bundle@sha256:27efa0ab1d9c69047a924bc1dcd2b56108f5f390a6da56afb6ab7a37cb4578e2_amd64", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8-operator@sha256:3da9453e99b7515c0e23ceab208c98d26c98eadd521cb6c470d8b1b5eb7057e0_amd64", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8-operator@sha256:412d9d2eec7c05923183621f62da212af1d133f2945c61f07fff2e45a8a8d068_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8-operator@sha256:b509f44121f29f65da9302ad916df9a6a65bb2e563c64f48f58347bd146a2960_s390x", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8-operator@sha256:fbf6a44ccd0ea12d8d2e069203a5d7edcbb30e9724f781d43e3529fe0abb4798_arm64", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8@sha256:0e589b8414b025e6bcbfba17590341c2143115885dcef479e8e68ac929ae3820_s390x", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8@sha256:521c08653c7792317e5872c306b4e276da0d55237b9a7fa5c7ff615def846a61_amd64", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8@sha256:5a446497a5e9ea9e9ee6501e0664c22b410d8eaa8bf32c6b57e11a8a34dc534e_arm64", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8@sha256:8fc8c324c3f9671dbb6102676fa11c3e5dbab5cb491ba83fbe31c203b2c87e58_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/kam-delivery-rhel8@sha256:66f047335f44ca1fdd69f38002bceb3d01b972c293b8bfdb768e072cda2d1283_s390x", "8Base-GitOps-1.9:openshift-gitops-1/kam-delivery-rhel8@sha256:6751faddc6fad904c7e9b72118fd90b9b3c818522e17f2bbd7acf99d2613f59a_arm64", "8Base-GitOps-1.9:openshift-gitops-1/kam-delivery-rhel8@sha256:7eb085abd98c9e2ea3bea9a31dda02e852e425f743c57b829c1dea170d1840a8_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/kam-delivery-rhel8@sha256:dd6b5013139815f60509703f6fc414974451ad73f7c93f758a8e98bf487606b4_amd64", "8Base-GitOps-1.9:openshift-gitops-1/must-gather-rhel8@sha256:32b44ea49cb194e826b2532ac3f11e0dcb7bbdf04cc2c4639590d610f9cf3d38_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/must-gather-rhel8@sha256:623c6f082189daa2b4af5750acaaa856ece5926ba10e62f99678fe103239c124_s390x", "8Base-GitOps-1.9:openshift-gitops-1/must-gather-rhel8@sha256:793f9cd70553423d340ce703ec639dca2bdb84748a2a0ec49477f602b9d2ef99_amd64", "8Base-GitOps-1.9:openshift-gitops-1/must-gather-rhel8@sha256:7de4cb6db7d0792022f92af68cb9ea7290b3b471ef298c27c0a890cf6847eab3_arm64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-GitOps-1.9:openshift-gitops-1/argo-rollouts-rhel8@sha256:34d14cedc2ecd941f1ad4d38bce019a723283d78add071ff4d36e85a10815e2a_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/argo-rollouts-rhel8@sha256:bf88a002fcc9d1780b9a82595181f4425f14937d9117e6f5793d41695e400ebc_arm64", "8Base-GitOps-1.9:openshift-gitops-1/argo-rollouts-rhel8@sha256:c3d3b382770538d7388bf23a10b1915f8fc254b9f76d18751089028a0ec947ff_s390x", "8Base-GitOps-1.9:openshift-gitops-1/argo-rollouts-rhel8@sha256:e259d73120a0611fbabdc93b4ee9a49eee6e8fa60841a4b7398b536a34bea5a9_amd64", "8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:1072c8b7c1563b5b7c7eb29119ec97765c3e0dad267ad8800b8146cbe7336cc6_s390x", "8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:1cca6eda59e4ed1d409aa0ef039b524e58412422cc1f492c2bc515f5905ed516_arm64", "8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:218da32ea9eb21533976f1d8348b46e64a878e2703e562e33e3b43a57c81a2e1_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:e96c6e5d7bf4ffc828a463e4f8f48f661ca8af5487de4ecbedba1e818933aebb_amd64", "8Base-GitOps-1.9:openshift-gitops-1/console-plugin-rhel8@sha256:4175e60402edd252b70a8762606760174aecb0463987bc307e59e0f842dc7976_amd64", "8Base-GitOps-1.9:openshift-gitops-1/console-plugin-rhel8@sha256:6a30cc9219b91d00524216523d1c45a4123b809c03a785d4ed4e20a8efc61e35_s390x", "8Base-GitOps-1.9:openshift-gitops-1/console-plugin-rhel8@sha256:a39ddb1efd87a6d2032b83aa4a0afa0f51b5d125d212bc341d59242448badec5_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/console-plugin-rhel8@sha256:f4dbcf9637738494a0906ab3da3e2935761ad2b1194a8f5797490b01523fa875_arm64", "8Base-GitOps-1.9:openshift-gitops-1/dex-rhel8@sha256:60b93bcaf87c4b277bbfc18a920d246363452e0f5b1156333312e5b737bbf381_amd64", "8Base-GitOps-1.9:openshift-gitops-1/dex-rhel8@sha256:962c98496645544fba458f5862aa4bc8abf43c6c95021127c75a7f9f3a64aab0_s390x", "8Base-GitOps-1.9:openshift-gitops-1/dex-rhel8@sha256:c80e9ddfe27033af92d26aa16da7a2211bdca4a17d2d08adb6bb79aed39e693c_arm64", "8Base-GitOps-1.9:openshift-gitops-1/dex-rhel8@sha256:d87f8baf652171fc9bae7818f9de36412f01bd3c0b4c32cbe6da56376d9cbb1e_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/gitops-operator-bundle@sha256:27efa0ab1d9c69047a924bc1dcd2b56108f5f390a6da56afb6ab7a37cb4578e2_amd64", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8-operator@sha256:3da9453e99b7515c0e23ceab208c98d26c98eadd521cb6c470d8b1b5eb7057e0_amd64", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8-operator@sha256:412d9d2eec7c05923183621f62da212af1d133f2945c61f07fff2e45a8a8d068_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8-operator@sha256:b509f44121f29f65da9302ad916df9a6a65bb2e563c64f48f58347bd146a2960_s390x", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8-operator@sha256:fbf6a44ccd0ea12d8d2e069203a5d7edcbb30e9724f781d43e3529fe0abb4798_arm64", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8@sha256:0e589b8414b025e6bcbfba17590341c2143115885dcef479e8e68ac929ae3820_s390x", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8@sha256:521c08653c7792317e5872c306b4e276da0d55237b9a7fa5c7ff615def846a61_amd64", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8@sha256:5a446497a5e9ea9e9ee6501e0664c22b410d8eaa8bf32c6b57e11a8a34dc534e_arm64", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8@sha256:8fc8c324c3f9671dbb6102676fa11c3e5dbab5cb491ba83fbe31c203b2c87e58_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/kam-delivery-rhel8@sha256:66f047335f44ca1fdd69f38002bceb3d01b972c293b8bfdb768e072cda2d1283_s390x", "8Base-GitOps-1.9:openshift-gitops-1/kam-delivery-rhel8@sha256:6751faddc6fad904c7e9b72118fd90b9b3c818522e17f2bbd7acf99d2613f59a_arm64", "8Base-GitOps-1.9:openshift-gitops-1/kam-delivery-rhel8@sha256:7eb085abd98c9e2ea3bea9a31dda02e852e425f743c57b829c1dea170d1840a8_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/kam-delivery-rhel8@sha256:dd6b5013139815f60509703f6fc414974451ad73f7c93f758a8e98bf487606b4_amd64", "8Base-GitOps-1.9:openshift-gitops-1/must-gather-rhel8@sha256:32b44ea49cb194e826b2532ac3f11e0dcb7bbdf04cc2c4639590d610f9cf3d38_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/must-gather-rhel8@sha256:623c6f082189daa2b4af5750acaaa856ece5926ba10e62f99678fe103239c124_s390x", "8Base-GitOps-1.9:openshift-gitops-1/must-gather-rhel8@sha256:793f9cd70553423d340ce703ec639dca2bdb84748a2a0ec49477f602b9d2ef99_amd64", "8Base-GitOps-1.9:openshift-gitops-1/must-gather-rhel8@sha256:7de4cb6db7d0792022f92af68cb9ea7290b3b471ef298c27c0a890cf6847eab3_arm64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "go-git: Maliciously crafted Git server replies can cause DoS on go-git clients", }, { cve: "CVE-2024-22424", cwe: { id: "CWE-352", name: "Cross-Site Request Forgery (CSRF)", }, discovery_date: "2024-01-19T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2259105", }, ], notes: [ { category: "description", text: "A flaw was found in the Argo CD API before versions 2.10-rc2, 2.9.4, 2.8.8, and 2.7.15. These versions are vulnerable to a Cross-server request forgery (CSRF) attack when the attacker can write HTML to a page on the same parent domain as Argo CD. A CSRF attack works by tricking an authenticated Argo CD user into loading a web page that contains code to call Argo CD API endpoints on the victim’s behalf.", title: "Vulnerability description", }, { category: "summary", text: "argo-cd: vulnerable to a cross-server request forgery (CSRF) attack", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-GitOps-1.9:openshift-gitops-1/argo-rollouts-rhel8@sha256:34d14cedc2ecd941f1ad4d38bce019a723283d78add071ff4d36e85a10815e2a_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/argo-rollouts-rhel8@sha256:bf88a002fcc9d1780b9a82595181f4425f14937d9117e6f5793d41695e400ebc_arm64", "8Base-GitOps-1.9:openshift-gitops-1/argo-rollouts-rhel8@sha256:c3d3b382770538d7388bf23a10b1915f8fc254b9f76d18751089028a0ec947ff_s390x", "8Base-GitOps-1.9:openshift-gitops-1/argo-rollouts-rhel8@sha256:e259d73120a0611fbabdc93b4ee9a49eee6e8fa60841a4b7398b536a34bea5a9_amd64", "8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:1072c8b7c1563b5b7c7eb29119ec97765c3e0dad267ad8800b8146cbe7336cc6_s390x", "8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:1cca6eda59e4ed1d409aa0ef039b524e58412422cc1f492c2bc515f5905ed516_arm64", "8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:218da32ea9eb21533976f1d8348b46e64a878e2703e562e33e3b43a57c81a2e1_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:e96c6e5d7bf4ffc828a463e4f8f48f661ca8af5487de4ecbedba1e818933aebb_amd64", "8Base-GitOps-1.9:openshift-gitops-1/console-plugin-rhel8@sha256:4175e60402edd252b70a8762606760174aecb0463987bc307e59e0f842dc7976_amd64", "8Base-GitOps-1.9:openshift-gitops-1/console-plugin-rhel8@sha256:6a30cc9219b91d00524216523d1c45a4123b809c03a785d4ed4e20a8efc61e35_s390x", "8Base-GitOps-1.9:openshift-gitops-1/console-plugin-rhel8@sha256:a39ddb1efd87a6d2032b83aa4a0afa0f51b5d125d212bc341d59242448badec5_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/console-plugin-rhel8@sha256:f4dbcf9637738494a0906ab3da3e2935761ad2b1194a8f5797490b01523fa875_arm64", "8Base-GitOps-1.9:openshift-gitops-1/dex-rhel8@sha256:60b93bcaf87c4b277bbfc18a920d246363452e0f5b1156333312e5b737bbf381_amd64", "8Base-GitOps-1.9:openshift-gitops-1/dex-rhel8@sha256:962c98496645544fba458f5862aa4bc8abf43c6c95021127c75a7f9f3a64aab0_s390x", "8Base-GitOps-1.9:openshift-gitops-1/dex-rhel8@sha256:c80e9ddfe27033af92d26aa16da7a2211bdca4a17d2d08adb6bb79aed39e693c_arm64", "8Base-GitOps-1.9:openshift-gitops-1/dex-rhel8@sha256:d87f8baf652171fc9bae7818f9de36412f01bd3c0b4c32cbe6da56376d9cbb1e_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/gitops-operator-bundle@sha256:27efa0ab1d9c69047a924bc1dcd2b56108f5f390a6da56afb6ab7a37cb4578e2_amd64", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8-operator@sha256:3da9453e99b7515c0e23ceab208c98d26c98eadd521cb6c470d8b1b5eb7057e0_amd64", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8-operator@sha256:412d9d2eec7c05923183621f62da212af1d133f2945c61f07fff2e45a8a8d068_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8-operator@sha256:b509f44121f29f65da9302ad916df9a6a65bb2e563c64f48f58347bd146a2960_s390x", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8-operator@sha256:fbf6a44ccd0ea12d8d2e069203a5d7edcbb30e9724f781d43e3529fe0abb4798_arm64", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8@sha256:0e589b8414b025e6bcbfba17590341c2143115885dcef479e8e68ac929ae3820_s390x", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8@sha256:521c08653c7792317e5872c306b4e276da0d55237b9a7fa5c7ff615def846a61_amd64", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8@sha256:5a446497a5e9ea9e9ee6501e0664c22b410d8eaa8bf32c6b57e11a8a34dc534e_arm64", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8@sha256:8fc8c324c3f9671dbb6102676fa11c3e5dbab5cb491ba83fbe31c203b2c87e58_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/kam-delivery-rhel8@sha256:66f047335f44ca1fdd69f38002bceb3d01b972c293b8bfdb768e072cda2d1283_s390x", "8Base-GitOps-1.9:openshift-gitops-1/kam-delivery-rhel8@sha256:6751faddc6fad904c7e9b72118fd90b9b3c818522e17f2bbd7acf99d2613f59a_arm64", "8Base-GitOps-1.9:openshift-gitops-1/kam-delivery-rhel8@sha256:7eb085abd98c9e2ea3bea9a31dda02e852e425f743c57b829c1dea170d1840a8_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/kam-delivery-rhel8@sha256:dd6b5013139815f60509703f6fc414974451ad73f7c93f758a8e98bf487606b4_amd64", "8Base-GitOps-1.9:openshift-gitops-1/must-gather-rhel8@sha256:32b44ea49cb194e826b2532ac3f11e0dcb7bbdf04cc2c4639590d610f9cf3d38_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/must-gather-rhel8@sha256:623c6f082189daa2b4af5750acaaa856ece5926ba10e62f99678fe103239c124_s390x", "8Base-GitOps-1.9:openshift-gitops-1/must-gather-rhel8@sha256:793f9cd70553423d340ce703ec639dca2bdb84748a2a0ec49477f602b9d2ef99_amd64", "8Base-GitOps-1.9:openshift-gitops-1/must-gather-rhel8@sha256:7de4cb6db7d0792022f92af68cb9ea7290b3b471ef298c27c0a890cf6847eab3_arm64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-22424", }, { category: "external", summary: "RHBZ#2259105", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2259105", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-22424", url: "https://www.cve.org/CVERecord?id=CVE-2024-22424", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-22424", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-22424", }, { category: "external", summary: "https://github.com/argoproj/argo-cd/issues/2496", url: "https://github.com/argoproj/argo-cd/issues/2496", }, { category: "external", summary: "https://github.com/argoproj/argo-cd/pull/16860", url: "https://github.com/argoproj/argo-cd/pull/16860", }, { category: "external", summary: "https://github.com/argoproj/argo-cd/security/advisories/GHSA-92mw-q256-5vwg", url: "https://github.com/argoproj/argo-cd/security/advisories/GHSA-92mw-q256-5vwg", }, ], release_date: "2024-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-02-05T20:30:07+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-GitOps-1.9:openshift-gitops-1/argo-rollouts-rhel8@sha256:34d14cedc2ecd941f1ad4d38bce019a723283d78add071ff4d36e85a10815e2a_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/argo-rollouts-rhel8@sha256:bf88a002fcc9d1780b9a82595181f4425f14937d9117e6f5793d41695e400ebc_arm64", "8Base-GitOps-1.9:openshift-gitops-1/argo-rollouts-rhel8@sha256:c3d3b382770538d7388bf23a10b1915f8fc254b9f76d18751089028a0ec947ff_s390x", "8Base-GitOps-1.9:openshift-gitops-1/argo-rollouts-rhel8@sha256:e259d73120a0611fbabdc93b4ee9a49eee6e8fa60841a4b7398b536a34bea5a9_amd64", "8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:1072c8b7c1563b5b7c7eb29119ec97765c3e0dad267ad8800b8146cbe7336cc6_s390x", "8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:1cca6eda59e4ed1d409aa0ef039b524e58412422cc1f492c2bc515f5905ed516_arm64", "8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:218da32ea9eb21533976f1d8348b46e64a878e2703e562e33e3b43a57c81a2e1_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:e96c6e5d7bf4ffc828a463e4f8f48f661ca8af5487de4ecbedba1e818933aebb_amd64", "8Base-GitOps-1.9:openshift-gitops-1/console-plugin-rhel8@sha256:4175e60402edd252b70a8762606760174aecb0463987bc307e59e0f842dc7976_amd64", "8Base-GitOps-1.9:openshift-gitops-1/console-plugin-rhel8@sha256:6a30cc9219b91d00524216523d1c45a4123b809c03a785d4ed4e20a8efc61e35_s390x", "8Base-GitOps-1.9:openshift-gitops-1/console-plugin-rhel8@sha256:a39ddb1efd87a6d2032b83aa4a0afa0f51b5d125d212bc341d59242448badec5_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/console-plugin-rhel8@sha256:f4dbcf9637738494a0906ab3da3e2935761ad2b1194a8f5797490b01523fa875_arm64", "8Base-GitOps-1.9:openshift-gitops-1/dex-rhel8@sha256:60b93bcaf87c4b277bbfc18a920d246363452e0f5b1156333312e5b737bbf381_amd64", "8Base-GitOps-1.9:openshift-gitops-1/dex-rhel8@sha256:962c98496645544fba458f5862aa4bc8abf43c6c95021127c75a7f9f3a64aab0_s390x", "8Base-GitOps-1.9:openshift-gitops-1/dex-rhel8@sha256:c80e9ddfe27033af92d26aa16da7a2211bdca4a17d2d08adb6bb79aed39e693c_arm64", "8Base-GitOps-1.9:openshift-gitops-1/dex-rhel8@sha256:d87f8baf652171fc9bae7818f9de36412f01bd3c0b4c32cbe6da56376d9cbb1e_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/gitops-operator-bundle@sha256:27efa0ab1d9c69047a924bc1dcd2b56108f5f390a6da56afb6ab7a37cb4578e2_amd64", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8-operator@sha256:3da9453e99b7515c0e23ceab208c98d26c98eadd521cb6c470d8b1b5eb7057e0_amd64", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8-operator@sha256:412d9d2eec7c05923183621f62da212af1d133f2945c61f07fff2e45a8a8d068_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8-operator@sha256:b509f44121f29f65da9302ad916df9a6a65bb2e563c64f48f58347bd146a2960_s390x", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8-operator@sha256:fbf6a44ccd0ea12d8d2e069203a5d7edcbb30e9724f781d43e3529fe0abb4798_arm64", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8@sha256:0e589b8414b025e6bcbfba17590341c2143115885dcef479e8e68ac929ae3820_s390x", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8@sha256:521c08653c7792317e5872c306b4e276da0d55237b9a7fa5c7ff615def846a61_amd64", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8@sha256:5a446497a5e9ea9e9ee6501e0664c22b410d8eaa8bf32c6b57e11a8a34dc534e_arm64", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8@sha256:8fc8c324c3f9671dbb6102676fa11c3e5dbab5cb491ba83fbe31c203b2c87e58_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/kam-delivery-rhel8@sha256:66f047335f44ca1fdd69f38002bceb3d01b972c293b8bfdb768e072cda2d1283_s390x", "8Base-GitOps-1.9:openshift-gitops-1/kam-delivery-rhel8@sha256:6751faddc6fad904c7e9b72118fd90b9b3c818522e17f2bbd7acf99d2613f59a_arm64", "8Base-GitOps-1.9:openshift-gitops-1/kam-delivery-rhel8@sha256:7eb085abd98c9e2ea3bea9a31dda02e852e425f743c57b829c1dea170d1840a8_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/kam-delivery-rhel8@sha256:dd6b5013139815f60509703f6fc414974451ad73f7c93f758a8e98bf487606b4_amd64", "8Base-GitOps-1.9:openshift-gitops-1/must-gather-rhel8@sha256:32b44ea49cb194e826b2532ac3f11e0dcb7bbdf04cc2c4639590d610f9cf3d38_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/must-gather-rhel8@sha256:623c6f082189daa2b4af5750acaaa856ece5926ba10e62f99678fe103239c124_s390x", "8Base-GitOps-1.9:openshift-gitops-1/must-gather-rhel8@sha256:793f9cd70553423d340ce703ec639dca2bdb84748a2a0ec49477f602b9d2ef99_amd64", "8Base-GitOps-1.9:openshift-gitops-1/must-gather-rhel8@sha256:7de4cb6db7d0792022f92af68cb9ea7290b3b471ef298c27c0a890cf6847eab3_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:0691", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.3, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H", version: "3.1", }, products: [ "8Base-GitOps-1.9:openshift-gitops-1/argo-rollouts-rhel8@sha256:34d14cedc2ecd941f1ad4d38bce019a723283d78add071ff4d36e85a10815e2a_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/argo-rollouts-rhel8@sha256:bf88a002fcc9d1780b9a82595181f4425f14937d9117e6f5793d41695e400ebc_arm64", "8Base-GitOps-1.9:openshift-gitops-1/argo-rollouts-rhel8@sha256:c3d3b382770538d7388bf23a10b1915f8fc254b9f76d18751089028a0ec947ff_s390x", "8Base-GitOps-1.9:openshift-gitops-1/argo-rollouts-rhel8@sha256:e259d73120a0611fbabdc93b4ee9a49eee6e8fa60841a4b7398b536a34bea5a9_amd64", "8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:1072c8b7c1563b5b7c7eb29119ec97765c3e0dad267ad8800b8146cbe7336cc6_s390x", "8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:1cca6eda59e4ed1d409aa0ef039b524e58412422cc1f492c2bc515f5905ed516_arm64", "8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:218da32ea9eb21533976f1d8348b46e64a878e2703e562e33e3b43a57c81a2e1_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:e96c6e5d7bf4ffc828a463e4f8f48f661ca8af5487de4ecbedba1e818933aebb_amd64", "8Base-GitOps-1.9:openshift-gitops-1/console-plugin-rhel8@sha256:4175e60402edd252b70a8762606760174aecb0463987bc307e59e0f842dc7976_amd64", "8Base-GitOps-1.9:openshift-gitops-1/console-plugin-rhel8@sha256:6a30cc9219b91d00524216523d1c45a4123b809c03a785d4ed4e20a8efc61e35_s390x", "8Base-GitOps-1.9:openshift-gitops-1/console-plugin-rhel8@sha256:a39ddb1efd87a6d2032b83aa4a0afa0f51b5d125d212bc341d59242448badec5_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/console-plugin-rhel8@sha256:f4dbcf9637738494a0906ab3da3e2935761ad2b1194a8f5797490b01523fa875_arm64", "8Base-GitOps-1.9:openshift-gitops-1/dex-rhel8@sha256:60b93bcaf87c4b277bbfc18a920d246363452e0f5b1156333312e5b737bbf381_amd64", "8Base-GitOps-1.9:openshift-gitops-1/dex-rhel8@sha256:962c98496645544fba458f5862aa4bc8abf43c6c95021127c75a7f9f3a64aab0_s390x", "8Base-GitOps-1.9:openshift-gitops-1/dex-rhel8@sha256:c80e9ddfe27033af92d26aa16da7a2211bdca4a17d2d08adb6bb79aed39e693c_arm64", "8Base-GitOps-1.9:openshift-gitops-1/dex-rhel8@sha256:d87f8baf652171fc9bae7818f9de36412f01bd3c0b4c32cbe6da56376d9cbb1e_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/gitops-operator-bundle@sha256:27efa0ab1d9c69047a924bc1dcd2b56108f5f390a6da56afb6ab7a37cb4578e2_amd64", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8-operator@sha256:3da9453e99b7515c0e23ceab208c98d26c98eadd521cb6c470d8b1b5eb7057e0_amd64", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8-operator@sha256:412d9d2eec7c05923183621f62da212af1d133f2945c61f07fff2e45a8a8d068_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8-operator@sha256:b509f44121f29f65da9302ad916df9a6a65bb2e563c64f48f58347bd146a2960_s390x", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8-operator@sha256:fbf6a44ccd0ea12d8d2e069203a5d7edcbb30e9724f781d43e3529fe0abb4798_arm64", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8@sha256:0e589b8414b025e6bcbfba17590341c2143115885dcef479e8e68ac929ae3820_s390x", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8@sha256:521c08653c7792317e5872c306b4e276da0d55237b9a7fa5c7ff615def846a61_amd64", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8@sha256:5a446497a5e9ea9e9ee6501e0664c22b410d8eaa8bf32c6b57e11a8a34dc534e_arm64", "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8@sha256:8fc8c324c3f9671dbb6102676fa11c3e5dbab5cb491ba83fbe31c203b2c87e58_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/kam-delivery-rhel8@sha256:66f047335f44ca1fdd69f38002bceb3d01b972c293b8bfdb768e072cda2d1283_s390x", "8Base-GitOps-1.9:openshift-gitops-1/kam-delivery-rhel8@sha256:6751faddc6fad904c7e9b72118fd90b9b3c818522e17f2bbd7acf99d2613f59a_arm64", "8Base-GitOps-1.9:openshift-gitops-1/kam-delivery-rhel8@sha256:7eb085abd98c9e2ea3bea9a31dda02e852e425f743c57b829c1dea170d1840a8_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/kam-delivery-rhel8@sha256:dd6b5013139815f60509703f6fc414974451ad73f7c93f758a8e98bf487606b4_amd64", "8Base-GitOps-1.9:openshift-gitops-1/must-gather-rhel8@sha256:32b44ea49cb194e826b2532ac3f11e0dcb7bbdf04cc2c4639590d610f9cf3d38_ppc64le", "8Base-GitOps-1.9:openshift-gitops-1/must-gather-rhel8@sha256:623c6f082189daa2b4af5750acaaa856ece5926ba10e62f99678fe103239c124_s390x", "8Base-GitOps-1.9:openshift-gitops-1/must-gather-rhel8@sha256:793f9cd70553423d340ce703ec639dca2bdb84748a2a0ec49477f602b9d2ef99_amd64", "8Base-GitOps-1.9:openshift-gitops-1/must-gather-rhel8@sha256:7de4cb6db7d0792022f92af68cb9ea7290b3b471ef298c27c0a890cf6847eab3_arm64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "argo-cd: vulnerable to a cross-server request forgery (CSRF) attack", }, ], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
Title of the comment
Description of the comment
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.