rhsa-2025:0892
Vulnerability from csaf_redhat
Published
2025-02-03 16:38
Modified
2025-02-20 11:27
Summary
Red Hat Security Advisory: Red Hat OpenShift Dev Spaces 3.18.0 release
Notes
Topic
Red Hat OpenShift Dev Spaces 3.18 has been released.
All containers have been updated to include feature enhancements, bug fixes and CVE fixes.
Following the Red Hat Product Security standards this update is rated as having a security impact of Important. The Common Vulnerability Scoring System (CVSS) base score is available for every fixed CVE in the references section.
Details
Red Hat OpenShift Dev Spaces provides a cloud developer workspace server and a browser-based IDE built for teams and organizations. Dev Spaces runs in OpenShift and is well-suited for container-based development.
The 3.18 release is based on Eclipse Che 7.95 and uses the DevWorkspace engine to provide support for workspaces based on devfile v2.1 and v2.2.
Users still using the v1 standard should migrate as soon as possible.
https://devfile.io/docs/2.2.0/migrating-to-devfile-v2
The CVEs addressed in this release are:
CVE-2024-21538 - Updated cross-spawn dependency to 7.0.6 in Dev Spaces Code and Dev Spaces Dashboard.
CVE-2023-44270 - Updated PostCSS dependency to 8.4.33 in Dev Spaces Code and 8.4.49 in Dev Spaces Dashboard.
CVE-2024-45337 - Updated golang.org/x/crypto to v0.31.0 in Dev Spaces Operator.
CVE-2024-45338 - Updated the golang.org/x/net dependency to v0.33.0 in Dev Spaces Operator.
CVE-2024-45801 - Updated DOMPurify dependency to 3.1.3 in Dev Spaces Code.
CVE-2024-55565 - Updated nanoid dependency to 3.3.8 in Dev Spaces Code and Dev Spaces Dashboard.
Dev Spaces releases support the latest two OpenShift 4 EUS releases. Users are expected to update to newer OpenShift releases in order to continue to get Dev Spaces updates.
https://access.redhat.com/support/policy/updates/openshift#devspaces
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Dev Spaces 3.18 has been released.\n\nAll containers have been updated to include feature enhancements, bug fixes and CVE fixes.\n\nFollowing the Red Hat Product Security standards this update is rated as having a security impact of Important. The Common Vulnerability Scoring System (CVSS) base score is available for every fixed CVE in the references section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Dev Spaces provides a cloud developer workspace server and a browser-based IDE built for teams and organizations. Dev Spaces runs in OpenShift and is well-suited for container-based development.\n\nThe 3.18 release is based on Eclipse Che 7.95 and uses the DevWorkspace engine to provide support for workspaces based on devfile v2.1 and v2.2.\n\nUsers still using the v1 standard should migrate as soon as possible.\n\nhttps://devfile.io/docs/2.2.0/migrating-to-devfile-v2\n\nThe CVEs addressed in this release are:\nCVE-2024-21538 - Updated cross-spawn dependency to 7.0.6 in Dev Spaces Code and Dev Spaces Dashboard.\nCVE-2023-44270 - Updated PostCSS dependency to 8.4.33 in Dev Spaces Code and 8.4.49 in Dev Spaces Dashboard. \nCVE-2024-45337 - Updated golang.org/x/crypto to v0.31.0 in Dev Spaces Operator.\nCVE-2024-45338 - Updated the golang.org/x/net dependency to v0.33.0 in Dev Spaces Operator.\nCVE-2024-45801 - Updated DOMPurify dependency to 3.1.3 in Dev Spaces Code.\nCVE-2024-55565 - Updated nanoid dependency to 3.3.8 in Dev Spaces Code and Dev Spaces Dashboard.\n\nDev Spaces releases support the latest two OpenShift 4 EUS releases. Users are expected to update to newer OpenShift releases in order to continue to get Dev Spaces updates. \n\nhttps://access.redhat.com/support/policy/updates/openshift#devspaces",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:0892",
"url": "https://access.redhat.com/errata/RHSA-2025:0892"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2312631",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312631"
},
{
"category": "external",
"summary": "2324550",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2324550"
},
{
"category": "external",
"summary": "2326998",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2326998"
},
{
"category": "external",
"summary": "2331063",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331063"
},
{
"category": "external",
"summary": "2331720",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331720"
},
{
"category": "external",
"summary": "2333122",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2333122"
},
{
"category": "external",
"summary": "CRW-7648",
"url": "https://issues.redhat.com/browse/CRW-7648"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_0892.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift Dev Spaces 3.18.0 release",
"tracking": {
"current_release_date": "2025-02-20T11:27:09+00:00",
"generator": {
"date": "2025-02-20T11:27:09+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.3.1"
}
},
"id": "RHSA-2025:0892",
"initial_release_date": "2025-02-03T16:38:18+00:00",
"revision_history": [
{
"date": "2025-02-03T16:38:18+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-02-03T16:38:18+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-02-20T11:27:09+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Dev Spaces 3",
"product": {
"name": "Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_devspaces:3::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Dev Spaces"
},
{
"branches": [
{
"category": "product_version",
"name": "devspaces/code-rhel9@sha256:03465af90654f18716911c227ad49422cda691bdea686936df1d37dcc058e485_ppc64le",
"product": {
"name": "devspaces/code-rhel9@sha256:03465af90654f18716911c227ad49422cda691bdea686936df1d37dcc058e485_ppc64le",
"product_id": "devspaces/code-rhel9@sha256:03465af90654f18716911c227ad49422cda691bdea686936df1d37dcc058e485_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/code-rhel9@sha256:03465af90654f18716911c227ad49422cda691bdea686936df1d37dcc058e485?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces/code-rhel9\u0026tag=3.18-6"
}
}
},
{
"category": "product_version",
"name": "devspaces/configbump-rhel9@sha256:741e2650528085ebfe65969d5c48ab7f3f258d73f0a35e9f0ca0ff2186a64072_ppc64le",
"product": {
"name": "devspaces/configbump-rhel9@sha256:741e2650528085ebfe65969d5c48ab7f3f258d73f0a35e9f0ca0ff2186a64072_ppc64le",
"product_id": "devspaces/configbump-rhel9@sha256:741e2650528085ebfe65969d5c48ab7f3f258d73f0a35e9f0ca0ff2186a64072_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/configbump-rhel9@sha256:741e2650528085ebfe65969d5c48ab7f3f258d73f0a35e9f0ca0ff2186a64072?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces/configbump-rhel9\u0026tag=latest"
}
}
},
{
"category": "product_version",
"name": "devspaces/dashboard-rhel9@sha256:a929eb292b97c9fc5d573a1ce5dc283268e189ec271abca29e183769b7f8ab86_ppc64le",
"product": {
"name": "devspaces/dashboard-rhel9@sha256:a929eb292b97c9fc5d573a1ce5dc283268e189ec271abca29e183769b7f8ab86_ppc64le",
"product_id": "devspaces/dashboard-rhel9@sha256:a929eb292b97c9fc5d573a1ce5dc283268e189ec271abca29e183769b7f8ab86_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/dashboard-rhel9@sha256:a929eb292b97c9fc5d573a1ce5dc283268e189ec271abca29e183769b7f8ab86?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces/dashboard-rhel9\u0026tag=3.18-10"
}
}
},
{
"category": "product_version",
"name": "devspaces/imagepuller-rhel9@sha256:d68cced8fab3fd16ddaaf45fe0c5498b60a4a09a2b5c4e5f984529d041d13708_ppc64le",
"product": {
"name": "devspaces/imagepuller-rhel9@sha256:d68cced8fab3fd16ddaaf45fe0c5498b60a4a09a2b5c4e5f984529d041d13708_ppc64le",
"product_id": "devspaces/imagepuller-rhel9@sha256:d68cced8fab3fd16ddaaf45fe0c5498b60a4a09a2b5c4e5f984529d041d13708_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/imagepuller-rhel9@sha256:d68cced8fab3fd16ddaaf45fe0c5498b60a4a09a2b5c4e5f984529d041d13708?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces/imagepuller-rhel9\u0026tag=latest"
}
}
},
{
"category": "product_version",
"name": "devspaces/machineexec-rhel9@sha256:92c07684e0deb9c515e509853d2d58a714b655f8be48be942f1da12da5cc65e0_ppc64le",
"product": {
"name": "devspaces/machineexec-rhel9@sha256:92c07684e0deb9c515e509853d2d58a714b655f8be48be942f1da12da5cc65e0_ppc64le",
"product_id": "devspaces/machineexec-rhel9@sha256:92c07684e0deb9c515e509853d2d58a714b655f8be48be942f1da12da5cc65e0_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/machineexec-rhel9@sha256:92c07684e0deb9c515e509853d2d58a714b655f8be48be942f1da12da5cc65e0?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces/machineexec-rhel9\u0026tag=latest"
}
}
},
{
"category": "product_version",
"name": "devspaces/devspaces-operator-bundle@sha256:677b3ce8d509429000a0696e05518ea9d4e69533407480b7728e523375c5303b_ppc64le",
"product": {
"name": "devspaces/devspaces-operator-bundle@sha256:677b3ce8d509429000a0696e05518ea9d4e69533407480b7728e523375c5303b_ppc64le",
"product_id": "devspaces/devspaces-operator-bundle@sha256:677b3ce8d509429000a0696e05518ea9d4e69533407480b7728e523375c5303b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/devspaces-operator-bundle@sha256:677b3ce8d509429000a0696e05518ea9d4e69533407480b7728e523375c5303b?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces/devspaces-operator-bundle\u0026tag=3.18-36"
}
}
},
{
"category": "product_version",
"name": "devspaces/pluginregistry-rhel9@sha256:c57424174146743c9185105ae51c49e578a9dae1ca53375879a730704a5a686f_ppc64le",
"product": {
"name": "devspaces/pluginregistry-rhel9@sha256:c57424174146743c9185105ae51c49e578a9dae1ca53375879a730704a5a686f_ppc64le",
"product_id": "devspaces/pluginregistry-rhel9@sha256:c57424174146743c9185105ae51c49e578a9dae1ca53375879a730704a5a686f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pluginregistry-rhel9@sha256:c57424174146743c9185105ae51c49e578a9dae1ca53375879a730704a5a686f?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces/pluginregistry-rhel9\u0026tag=latest"
}
}
},
{
"category": "product_version",
"name": "devspaces/devspaces-rhel9-operator@sha256:98f3e811e3c8ebec180a6dc58353f72acf0dffad608b59d091af5f1887d37e05_ppc64le",
"product": {
"name": "devspaces/devspaces-rhel9-operator@sha256:98f3e811e3c8ebec180a6dc58353f72acf0dffad608b59d091af5f1887d37e05_ppc64le",
"product_id": "devspaces/devspaces-rhel9-operator@sha256:98f3e811e3c8ebec180a6dc58353f72acf0dffad608b59d091af5f1887d37e05_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/devspaces-rhel9-operator@sha256:98f3e811e3c8ebec180a6dc58353f72acf0dffad608b59d091af5f1887d37e05?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces/devspaces-rhel9-operator\u0026tag=latest"
}
}
},
{
"category": "product_version",
"name": "devspaces/server-rhel9@sha256:15b8c0c6c6ed150183d8039fda25fa3986a55c8e7571b6d07f19eb91d51ae976_ppc64le",
"product": {
"name": "devspaces/server-rhel9@sha256:15b8c0c6c6ed150183d8039fda25fa3986a55c8e7571b6d07f19eb91d51ae976_ppc64le",
"product_id": "devspaces/server-rhel9@sha256:15b8c0c6c6ed150183d8039fda25fa3986a55c8e7571b6d07f19eb91d51ae976_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/server-rhel9@sha256:15b8c0c6c6ed150183d8039fda25fa3986a55c8e7571b6d07f19eb91d51ae976?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces/server-rhel9\u0026tag=3.18-2"
}
}
},
{
"category": "product_version",
"name": "devspaces/traefik-rhel9@sha256:804e08e8331a96e87c20889ff7f03816d17ec35e18e0449beb8337b82aa30000_ppc64le",
"product": {
"name": "devspaces/traefik-rhel9@sha256:804e08e8331a96e87c20889ff7f03816d17ec35e18e0449beb8337b82aa30000_ppc64le",
"product_id": "devspaces/traefik-rhel9@sha256:804e08e8331a96e87c20889ff7f03816d17ec35e18e0449beb8337b82aa30000_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/traefik-rhel9@sha256:804e08e8331a96e87c20889ff7f03816d17ec35e18e0449beb8337b82aa30000?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces/traefik-rhel9\u0026tag=3.18-1"
}
}
},
{
"category": "product_version",
"name": "devspaces/udi-rhel9@sha256:81e13f10bfa13edbf62318ce58f93f681dc61776e5871e8710e8cf8e0cb86416_ppc64le",
"product": {
"name": "devspaces/udi-rhel9@sha256:81e13f10bfa13edbf62318ce58f93f681dc61776e5871e8710e8cf8e0cb86416_ppc64le",
"product_id": "devspaces/udi-rhel9@sha256:81e13f10bfa13edbf62318ce58f93f681dc61776e5871e8710e8cf8e0cb86416_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/udi-rhel9@sha256:81e13f10bfa13edbf62318ce58f93f681dc61776e5871e8710e8cf8e0cb86416?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces/udi-rhel9\u0026tag=3.18-1"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "devspaces/code-rhel9@sha256:90a61893d9127600dd108fedf9ee0b1fcac4502a196b8de7936589c100fc49fe_amd64",
"product": {
"name": "devspaces/code-rhel9@sha256:90a61893d9127600dd108fedf9ee0b1fcac4502a196b8de7936589c100fc49fe_amd64",
"product_id": "devspaces/code-rhel9@sha256:90a61893d9127600dd108fedf9ee0b1fcac4502a196b8de7936589c100fc49fe_amd64",
"product_identification_helper": {
"purl": "pkg:oci/code-rhel9@sha256:90a61893d9127600dd108fedf9ee0b1fcac4502a196b8de7936589c100fc49fe?arch=amd64\u0026repository_url=registry.redhat.io/devspaces/code-rhel9\u0026tag=3.18-6"
}
}
},
{
"category": "product_version",
"name": "devspaces/configbump-rhel9@sha256:efea4d960bce51d34f2021b08ed5134f99f2bbbe759e550bf5bb4787ec40539e_amd64",
"product": {
"name": "devspaces/configbump-rhel9@sha256:efea4d960bce51d34f2021b08ed5134f99f2bbbe759e550bf5bb4787ec40539e_amd64",
"product_id": "devspaces/configbump-rhel9@sha256:efea4d960bce51d34f2021b08ed5134f99f2bbbe759e550bf5bb4787ec40539e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/configbump-rhel9@sha256:efea4d960bce51d34f2021b08ed5134f99f2bbbe759e550bf5bb4787ec40539e?arch=amd64\u0026repository_url=registry.redhat.io/devspaces/configbump-rhel9\u0026tag=latest"
}
}
},
{
"category": "product_version",
"name": "devspaces/dashboard-rhel9@sha256:70ac5c215c4fc78e0b89c46bfa537f9bfb835af1897708f9cb181648659311d2_amd64",
"product": {
"name": "devspaces/dashboard-rhel9@sha256:70ac5c215c4fc78e0b89c46bfa537f9bfb835af1897708f9cb181648659311d2_amd64",
"product_id": "devspaces/dashboard-rhel9@sha256:70ac5c215c4fc78e0b89c46bfa537f9bfb835af1897708f9cb181648659311d2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/dashboard-rhel9@sha256:70ac5c215c4fc78e0b89c46bfa537f9bfb835af1897708f9cb181648659311d2?arch=amd64\u0026repository_url=registry.redhat.io/devspaces/dashboard-rhel9\u0026tag=3.18-10"
}
}
},
{
"category": "product_version",
"name": "devspaces-tech-preview/idea-rhel9@sha256:56808324fd8f18efcaf1143c062b4611d4daf92d2b3827b6744b7103e6862eb5_amd64",
"product": {
"name": "devspaces-tech-preview/idea-rhel9@sha256:56808324fd8f18efcaf1143c062b4611d4daf92d2b3827b6744b7103e6862eb5_amd64",
"product_id": "devspaces-tech-preview/idea-rhel9@sha256:56808324fd8f18efcaf1143c062b4611d4daf92d2b3827b6744b7103e6862eb5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/idea-rhel9@sha256:56808324fd8f18efcaf1143c062b4611d4daf92d2b3827b6744b7103e6862eb5?arch=amd64\u0026repository_url=registry.redhat.io/devspaces-tech-preview/idea-rhel9\u0026tag=latest"
}
}
},
{
"category": "product_version",
"name": "devspaces/imagepuller-rhel9@sha256:1aab5a0eeaf68576aa5a0793cbe220bb8a783ec5670aa46240b88530897db345_amd64",
"product": {
"name": "devspaces/imagepuller-rhel9@sha256:1aab5a0eeaf68576aa5a0793cbe220bb8a783ec5670aa46240b88530897db345_amd64",
"product_id": "devspaces/imagepuller-rhel9@sha256:1aab5a0eeaf68576aa5a0793cbe220bb8a783ec5670aa46240b88530897db345_amd64",
"product_identification_helper": {
"purl": "pkg:oci/imagepuller-rhel9@sha256:1aab5a0eeaf68576aa5a0793cbe220bb8a783ec5670aa46240b88530897db345?arch=amd64\u0026repository_url=registry.redhat.io/devspaces/imagepuller-rhel9\u0026tag=latest"
}
}
},
{
"category": "product_version",
"name": "devspaces/machineexec-rhel9@sha256:5692486f392037c261b89bdf1004ac8982002c3c7e15cf3babcd3031970b3844_amd64",
"product": {
"name": "devspaces/machineexec-rhel9@sha256:5692486f392037c261b89bdf1004ac8982002c3c7e15cf3babcd3031970b3844_amd64",
"product_id": "devspaces/machineexec-rhel9@sha256:5692486f392037c261b89bdf1004ac8982002c3c7e15cf3babcd3031970b3844_amd64",
"product_identification_helper": {
"purl": "pkg:oci/machineexec-rhel9@sha256:5692486f392037c261b89bdf1004ac8982002c3c7e15cf3babcd3031970b3844?arch=amd64\u0026repository_url=registry.redhat.io/devspaces/machineexec-rhel9\u0026tag=latest"
}
}
},
{
"category": "product_version",
"name": "devspaces/devspaces-operator-bundle@sha256:7d585ce8bce9b7ab571bf8a893bda495d255601e14b8a8aa516d0524545748dc_amd64",
"product": {
"name": "devspaces/devspaces-operator-bundle@sha256:7d585ce8bce9b7ab571bf8a893bda495d255601e14b8a8aa516d0524545748dc_amd64",
"product_id": "devspaces/devspaces-operator-bundle@sha256:7d585ce8bce9b7ab571bf8a893bda495d255601e14b8a8aa516d0524545748dc_amd64",
"product_identification_helper": {
"purl": "pkg:oci/devspaces-operator-bundle@sha256:7d585ce8bce9b7ab571bf8a893bda495d255601e14b8a8aa516d0524545748dc?arch=amd64\u0026repository_url=registry.redhat.io/devspaces/devspaces-operator-bundle\u0026tag=3.18-36"
}
}
},
{
"category": "product_version",
"name": "devspaces/pluginregistry-rhel9@sha256:2d9d7bacf93ceeca7b410e16fa84cb48c5c04092ac7e5ba22681b96abd0cf228_amd64",
"product": {
"name": "devspaces/pluginregistry-rhel9@sha256:2d9d7bacf93ceeca7b410e16fa84cb48c5c04092ac7e5ba22681b96abd0cf228_amd64",
"product_id": "devspaces/pluginregistry-rhel9@sha256:2d9d7bacf93ceeca7b410e16fa84cb48c5c04092ac7e5ba22681b96abd0cf228_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pluginregistry-rhel9@sha256:2d9d7bacf93ceeca7b410e16fa84cb48c5c04092ac7e5ba22681b96abd0cf228?arch=amd64\u0026repository_url=registry.redhat.io/devspaces/pluginregistry-rhel9\u0026tag=latest"
}
}
},
{
"category": "product_version",
"name": "devspaces/devspaces-rhel9-operator@sha256:58218f2ce601e03f87858ada727cf52e964f0212124001740bf305dc36e67fbd_amd64",
"product": {
"name": "devspaces/devspaces-rhel9-operator@sha256:58218f2ce601e03f87858ada727cf52e964f0212124001740bf305dc36e67fbd_amd64",
"product_id": "devspaces/devspaces-rhel9-operator@sha256:58218f2ce601e03f87858ada727cf52e964f0212124001740bf305dc36e67fbd_amd64",
"product_identification_helper": {
"purl": "pkg:oci/devspaces-rhel9-operator@sha256:58218f2ce601e03f87858ada727cf52e964f0212124001740bf305dc36e67fbd?arch=amd64\u0026repository_url=registry.redhat.io/devspaces/devspaces-rhel9-operator\u0026tag=latest"
}
}
},
{
"category": "product_version",
"name": "devspaces/server-rhel9@sha256:83afeb4a5ae28f1193261a4f942c400854fc2b2148bdf38c54706e72b345786b_amd64",
"product": {
"name": "devspaces/server-rhel9@sha256:83afeb4a5ae28f1193261a4f942c400854fc2b2148bdf38c54706e72b345786b_amd64",
"product_id": "devspaces/server-rhel9@sha256:83afeb4a5ae28f1193261a4f942c400854fc2b2148bdf38c54706e72b345786b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/server-rhel9@sha256:83afeb4a5ae28f1193261a4f942c400854fc2b2148bdf38c54706e72b345786b?arch=amd64\u0026repository_url=registry.redhat.io/devspaces/server-rhel9\u0026tag=3.18-2"
}
}
},
{
"category": "product_version",
"name": "devspaces/traefik-rhel9@sha256:55275214e27d4620bd2e4caf7a1a24598762fc1eff67c072e9c53fff4a633dca_amd64",
"product": {
"name": "devspaces/traefik-rhel9@sha256:55275214e27d4620bd2e4caf7a1a24598762fc1eff67c072e9c53fff4a633dca_amd64",
"product_id": "devspaces/traefik-rhel9@sha256:55275214e27d4620bd2e4caf7a1a24598762fc1eff67c072e9c53fff4a633dca_amd64",
"product_identification_helper": {
"purl": "pkg:oci/traefik-rhel9@sha256:55275214e27d4620bd2e4caf7a1a24598762fc1eff67c072e9c53fff4a633dca?arch=amd64\u0026repository_url=registry.redhat.io/devspaces/traefik-rhel9\u0026tag=3.18-1"
}
}
},
{
"category": "product_version",
"name": "devspaces/udi-rhel9@sha256:6fb45a6f9e4dd9a29e87c20b70758041f54b439cde439435aebecff002dd19fb_amd64",
"product": {
"name": "devspaces/udi-rhel9@sha256:6fb45a6f9e4dd9a29e87c20b70758041f54b439cde439435aebecff002dd19fb_amd64",
"product_id": "devspaces/udi-rhel9@sha256:6fb45a6f9e4dd9a29e87c20b70758041f54b439cde439435aebecff002dd19fb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/udi-rhel9@sha256:6fb45a6f9e4dd9a29e87c20b70758041f54b439cde439435aebecff002dd19fb?arch=amd64\u0026repository_url=registry.redhat.io/devspaces/udi-rhel9\u0026tag=3.18-1"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "devspaces/code-rhel9@sha256:7d2e2198bc93f6955477a3ec4f63a38b78273ea1007850c48ace3bb16c9666b1_s390x",
"product": {
"name": "devspaces/code-rhel9@sha256:7d2e2198bc93f6955477a3ec4f63a38b78273ea1007850c48ace3bb16c9666b1_s390x",
"product_id": "devspaces/code-rhel9@sha256:7d2e2198bc93f6955477a3ec4f63a38b78273ea1007850c48ace3bb16c9666b1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/code-rhel9@sha256:7d2e2198bc93f6955477a3ec4f63a38b78273ea1007850c48ace3bb16c9666b1?arch=s390x\u0026repository_url=registry.redhat.io/devspaces/code-rhel9\u0026tag=3.18-6"
}
}
},
{
"category": "product_version",
"name": "devspaces/configbump-rhel9@sha256:cb292b971baf4de9f13b913ef0f3e391c1b12919175ae9dab43d18a70f4411a2_s390x",
"product": {
"name": "devspaces/configbump-rhel9@sha256:cb292b971baf4de9f13b913ef0f3e391c1b12919175ae9dab43d18a70f4411a2_s390x",
"product_id": "devspaces/configbump-rhel9@sha256:cb292b971baf4de9f13b913ef0f3e391c1b12919175ae9dab43d18a70f4411a2_s390x",
"product_identification_helper": {
"purl": "pkg:oci/configbump-rhel9@sha256:cb292b971baf4de9f13b913ef0f3e391c1b12919175ae9dab43d18a70f4411a2?arch=s390x\u0026repository_url=registry.redhat.io/devspaces/configbump-rhel9\u0026tag=latest"
}
}
},
{
"category": "product_version",
"name": "devspaces/dashboard-rhel9@sha256:92891c316760203637d3739fc7fe5a6801e3b11faf22b405559dc1c05adbf6b2_s390x",
"product": {
"name": "devspaces/dashboard-rhel9@sha256:92891c316760203637d3739fc7fe5a6801e3b11faf22b405559dc1c05adbf6b2_s390x",
"product_id": "devspaces/dashboard-rhel9@sha256:92891c316760203637d3739fc7fe5a6801e3b11faf22b405559dc1c05adbf6b2_s390x",
"product_identification_helper": {
"purl": "pkg:oci/dashboard-rhel9@sha256:92891c316760203637d3739fc7fe5a6801e3b11faf22b405559dc1c05adbf6b2?arch=s390x\u0026repository_url=registry.redhat.io/devspaces/dashboard-rhel9\u0026tag=3.18-10"
}
}
},
{
"category": "product_version",
"name": "devspaces/imagepuller-rhel9@sha256:6d121ae6d94afb5d723730e63fcd49c5cfaa1f2518cdb534215399a1f08ff040_s390x",
"product": {
"name": "devspaces/imagepuller-rhel9@sha256:6d121ae6d94afb5d723730e63fcd49c5cfaa1f2518cdb534215399a1f08ff040_s390x",
"product_id": "devspaces/imagepuller-rhel9@sha256:6d121ae6d94afb5d723730e63fcd49c5cfaa1f2518cdb534215399a1f08ff040_s390x",
"product_identification_helper": {
"purl": "pkg:oci/imagepuller-rhel9@sha256:6d121ae6d94afb5d723730e63fcd49c5cfaa1f2518cdb534215399a1f08ff040?arch=s390x\u0026repository_url=registry.redhat.io/devspaces/imagepuller-rhel9\u0026tag=latest"
}
}
},
{
"category": "product_version",
"name": "devspaces/machineexec-rhel9@sha256:5cee29e36e341486bd91b8e578c9fd5a3fb657cbd6c6249dd69bb0a6e5b57dfd_s390x",
"product": {
"name": "devspaces/machineexec-rhel9@sha256:5cee29e36e341486bd91b8e578c9fd5a3fb657cbd6c6249dd69bb0a6e5b57dfd_s390x",
"product_id": "devspaces/machineexec-rhel9@sha256:5cee29e36e341486bd91b8e578c9fd5a3fb657cbd6c6249dd69bb0a6e5b57dfd_s390x",
"product_identification_helper": {
"purl": "pkg:oci/machineexec-rhel9@sha256:5cee29e36e341486bd91b8e578c9fd5a3fb657cbd6c6249dd69bb0a6e5b57dfd?arch=s390x\u0026repository_url=registry.redhat.io/devspaces/machineexec-rhel9\u0026tag=latest"
}
}
},
{
"category": "product_version",
"name": "devspaces/devspaces-operator-bundle@sha256:6a70f3e63cb4d87e96f54e3f2075a7f8cacaa10c92efe71c4d4bb5a43e4f1247_s390x",
"product": {
"name": "devspaces/devspaces-operator-bundle@sha256:6a70f3e63cb4d87e96f54e3f2075a7f8cacaa10c92efe71c4d4bb5a43e4f1247_s390x",
"product_id": "devspaces/devspaces-operator-bundle@sha256:6a70f3e63cb4d87e96f54e3f2075a7f8cacaa10c92efe71c4d4bb5a43e4f1247_s390x",
"product_identification_helper": {
"purl": "pkg:oci/devspaces-operator-bundle@sha256:6a70f3e63cb4d87e96f54e3f2075a7f8cacaa10c92efe71c4d4bb5a43e4f1247?arch=s390x\u0026repository_url=registry.redhat.io/devspaces/devspaces-operator-bundle\u0026tag=3.18-36"
}
}
},
{
"category": "product_version",
"name": "devspaces/pluginregistry-rhel9@sha256:98be37c2d983b7af80f0c8527d6297eaf7177ee52457979b45d13cdd27976004_s390x",
"product": {
"name": "devspaces/pluginregistry-rhel9@sha256:98be37c2d983b7af80f0c8527d6297eaf7177ee52457979b45d13cdd27976004_s390x",
"product_id": "devspaces/pluginregistry-rhel9@sha256:98be37c2d983b7af80f0c8527d6297eaf7177ee52457979b45d13cdd27976004_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pluginregistry-rhel9@sha256:98be37c2d983b7af80f0c8527d6297eaf7177ee52457979b45d13cdd27976004?arch=s390x\u0026repository_url=registry.redhat.io/devspaces/pluginregistry-rhel9\u0026tag=latest"
}
}
},
{
"category": "product_version",
"name": "devspaces/devspaces-rhel9-operator@sha256:616fe916fe4bdf7cf26f1463b7df306bd63772eb31bdf83f70c42db9775765e5_s390x",
"product": {
"name": "devspaces/devspaces-rhel9-operator@sha256:616fe916fe4bdf7cf26f1463b7df306bd63772eb31bdf83f70c42db9775765e5_s390x",
"product_id": "devspaces/devspaces-rhel9-operator@sha256:616fe916fe4bdf7cf26f1463b7df306bd63772eb31bdf83f70c42db9775765e5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/devspaces-rhel9-operator@sha256:616fe916fe4bdf7cf26f1463b7df306bd63772eb31bdf83f70c42db9775765e5?arch=s390x\u0026repository_url=registry.redhat.io/devspaces/devspaces-rhel9-operator\u0026tag=latest"
}
}
},
{
"category": "product_version",
"name": "devspaces/server-rhel9@sha256:03d2025cc1fe797a3c54206cf37323e4bc6bc1c4197b70377bef7f727e33ed1b_s390x",
"product": {
"name": "devspaces/server-rhel9@sha256:03d2025cc1fe797a3c54206cf37323e4bc6bc1c4197b70377bef7f727e33ed1b_s390x",
"product_id": "devspaces/server-rhel9@sha256:03d2025cc1fe797a3c54206cf37323e4bc6bc1c4197b70377bef7f727e33ed1b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/server-rhel9@sha256:03d2025cc1fe797a3c54206cf37323e4bc6bc1c4197b70377bef7f727e33ed1b?arch=s390x\u0026repository_url=registry.redhat.io/devspaces/server-rhel9\u0026tag=3.18-2"
}
}
},
{
"category": "product_version",
"name": "devspaces/traefik-rhel9@sha256:fc0edac05e35fc4cca42cbc81979c54e4db440e340acca6c4c56dc5a3ece6cf7_s390x",
"product": {
"name": "devspaces/traefik-rhel9@sha256:fc0edac05e35fc4cca42cbc81979c54e4db440e340acca6c4c56dc5a3ece6cf7_s390x",
"product_id": "devspaces/traefik-rhel9@sha256:fc0edac05e35fc4cca42cbc81979c54e4db440e340acca6c4c56dc5a3ece6cf7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/traefik-rhel9@sha256:fc0edac05e35fc4cca42cbc81979c54e4db440e340acca6c4c56dc5a3ece6cf7?arch=s390x\u0026repository_url=registry.redhat.io/devspaces/traefik-rhel9\u0026tag=3.18-1"
}
}
},
{
"category": "product_version",
"name": "devspaces/udi-rhel9@sha256:53d4e87eb1ef3a63a42539ea20be463b3cbb76fe93a80d9dc5fb65253120402c_s390x",
"product": {
"name": "devspaces/udi-rhel9@sha256:53d4e87eb1ef3a63a42539ea20be463b3cbb76fe93a80d9dc5fb65253120402c_s390x",
"product_id": "devspaces/udi-rhel9@sha256:53d4e87eb1ef3a63a42539ea20be463b3cbb76fe93a80d9dc5fb65253120402c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/udi-rhel9@sha256:53d4e87eb1ef3a63a42539ea20be463b3cbb76fe93a80d9dc5fb65253120402c?arch=s390x\u0026repository_url=registry.redhat.io/devspaces/udi-rhel9\u0026tag=3.18-1"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces-tech-preview/idea-rhel9@sha256:56808324fd8f18efcaf1143c062b4611d4daf92d2b3827b6744b7103e6862eb5_amd64 as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces-tech-preview/idea-rhel9@sha256:56808324fd8f18efcaf1143c062b4611d4daf92d2b3827b6744b7103e6862eb5_amd64"
},
"product_reference": "devspaces-tech-preview/idea-rhel9@sha256:56808324fd8f18efcaf1143c062b4611d4daf92d2b3827b6744b7103e6862eb5_amd64",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/code-rhel9@sha256:03465af90654f18716911c227ad49422cda691bdea686936df1d37dcc058e485_ppc64le as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/code-rhel9@sha256:03465af90654f18716911c227ad49422cda691bdea686936df1d37dcc058e485_ppc64le"
},
"product_reference": "devspaces/code-rhel9@sha256:03465af90654f18716911c227ad49422cda691bdea686936df1d37dcc058e485_ppc64le",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/code-rhel9@sha256:7d2e2198bc93f6955477a3ec4f63a38b78273ea1007850c48ace3bb16c9666b1_s390x as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/code-rhel9@sha256:7d2e2198bc93f6955477a3ec4f63a38b78273ea1007850c48ace3bb16c9666b1_s390x"
},
"product_reference": "devspaces/code-rhel9@sha256:7d2e2198bc93f6955477a3ec4f63a38b78273ea1007850c48ace3bb16c9666b1_s390x",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/code-rhel9@sha256:90a61893d9127600dd108fedf9ee0b1fcac4502a196b8de7936589c100fc49fe_amd64 as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/code-rhel9@sha256:90a61893d9127600dd108fedf9ee0b1fcac4502a196b8de7936589c100fc49fe_amd64"
},
"product_reference": "devspaces/code-rhel9@sha256:90a61893d9127600dd108fedf9ee0b1fcac4502a196b8de7936589c100fc49fe_amd64",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/configbump-rhel9@sha256:741e2650528085ebfe65969d5c48ab7f3f258d73f0a35e9f0ca0ff2186a64072_ppc64le as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:741e2650528085ebfe65969d5c48ab7f3f258d73f0a35e9f0ca0ff2186a64072_ppc64le"
},
"product_reference": "devspaces/configbump-rhel9@sha256:741e2650528085ebfe65969d5c48ab7f3f258d73f0a35e9f0ca0ff2186a64072_ppc64le",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/configbump-rhel9@sha256:cb292b971baf4de9f13b913ef0f3e391c1b12919175ae9dab43d18a70f4411a2_s390x as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:cb292b971baf4de9f13b913ef0f3e391c1b12919175ae9dab43d18a70f4411a2_s390x"
},
"product_reference": "devspaces/configbump-rhel9@sha256:cb292b971baf4de9f13b913ef0f3e391c1b12919175ae9dab43d18a70f4411a2_s390x",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/configbump-rhel9@sha256:efea4d960bce51d34f2021b08ed5134f99f2bbbe759e550bf5bb4787ec40539e_amd64 as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:efea4d960bce51d34f2021b08ed5134f99f2bbbe759e550bf5bb4787ec40539e_amd64"
},
"product_reference": "devspaces/configbump-rhel9@sha256:efea4d960bce51d34f2021b08ed5134f99f2bbbe759e550bf5bb4787ec40539e_amd64",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/dashboard-rhel9@sha256:70ac5c215c4fc78e0b89c46bfa537f9bfb835af1897708f9cb181648659311d2_amd64 as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:70ac5c215c4fc78e0b89c46bfa537f9bfb835af1897708f9cb181648659311d2_amd64"
},
"product_reference": "devspaces/dashboard-rhel9@sha256:70ac5c215c4fc78e0b89c46bfa537f9bfb835af1897708f9cb181648659311d2_amd64",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/dashboard-rhel9@sha256:92891c316760203637d3739fc7fe5a6801e3b11faf22b405559dc1c05adbf6b2_s390x as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:92891c316760203637d3739fc7fe5a6801e3b11faf22b405559dc1c05adbf6b2_s390x"
},
"product_reference": "devspaces/dashboard-rhel9@sha256:92891c316760203637d3739fc7fe5a6801e3b11faf22b405559dc1c05adbf6b2_s390x",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/dashboard-rhel9@sha256:a929eb292b97c9fc5d573a1ce5dc283268e189ec271abca29e183769b7f8ab86_ppc64le as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:a929eb292b97c9fc5d573a1ce5dc283268e189ec271abca29e183769b7f8ab86_ppc64le"
},
"product_reference": "devspaces/dashboard-rhel9@sha256:a929eb292b97c9fc5d573a1ce5dc283268e189ec271abca29e183769b7f8ab86_ppc64le",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/devspaces-operator-bundle@sha256:677b3ce8d509429000a0696e05518ea9d4e69533407480b7728e523375c5303b_ppc64le as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:677b3ce8d509429000a0696e05518ea9d4e69533407480b7728e523375c5303b_ppc64le"
},
"product_reference": "devspaces/devspaces-operator-bundle@sha256:677b3ce8d509429000a0696e05518ea9d4e69533407480b7728e523375c5303b_ppc64le",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/devspaces-operator-bundle@sha256:6a70f3e63cb4d87e96f54e3f2075a7f8cacaa10c92efe71c4d4bb5a43e4f1247_s390x as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:6a70f3e63cb4d87e96f54e3f2075a7f8cacaa10c92efe71c4d4bb5a43e4f1247_s390x"
},
"product_reference": "devspaces/devspaces-operator-bundle@sha256:6a70f3e63cb4d87e96f54e3f2075a7f8cacaa10c92efe71c4d4bb5a43e4f1247_s390x",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/devspaces-operator-bundle@sha256:7d585ce8bce9b7ab571bf8a893bda495d255601e14b8a8aa516d0524545748dc_amd64 as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:7d585ce8bce9b7ab571bf8a893bda495d255601e14b8a8aa516d0524545748dc_amd64"
},
"product_reference": "devspaces/devspaces-operator-bundle@sha256:7d585ce8bce9b7ab571bf8a893bda495d255601e14b8a8aa516d0524545748dc_amd64",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/devspaces-rhel9-operator@sha256:58218f2ce601e03f87858ada727cf52e964f0212124001740bf305dc36e67fbd_amd64 as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:58218f2ce601e03f87858ada727cf52e964f0212124001740bf305dc36e67fbd_amd64"
},
"product_reference": "devspaces/devspaces-rhel9-operator@sha256:58218f2ce601e03f87858ada727cf52e964f0212124001740bf305dc36e67fbd_amd64",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/devspaces-rhel9-operator@sha256:616fe916fe4bdf7cf26f1463b7df306bd63772eb31bdf83f70c42db9775765e5_s390x as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:616fe916fe4bdf7cf26f1463b7df306bd63772eb31bdf83f70c42db9775765e5_s390x"
},
"product_reference": "devspaces/devspaces-rhel9-operator@sha256:616fe916fe4bdf7cf26f1463b7df306bd63772eb31bdf83f70c42db9775765e5_s390x",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/devspaces-rhel9-operator@sha256:98f3e811e3c8ebec180a6dc58353f72acf0dffad608b59d091af5f1887d37e05_ppc64le as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:98f3e811e3c8ebec180a6dc58353f72acf0dffad608b59d091af5f1887d37e05_ppc64le"
},
"product_reference": "devspaces/devspaces-rhel9-operator@sha256:98f3e811e3c8ebec180a6dc58353f72acf0dffad608b59d091af5f1887d37e05_ppc64le",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/imagepuller-rhel9@sha256:1aab5a0eeaf68576aa5a0793cbe220bb8a783ec5670aa46240b88530897db345_amd64 as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:1aab5a0eeaf68576aa5a0793cbe220bb8a783ec5670aa46240b88530897db345_amd64"
},
"product_reference": "devspaces/imagepuller-rhel9@sha256:1aab5a0eeaf68576aa5a0793cbe220bb8a783ec5670aa46240b88530897db345_amd64",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/imagepuller-rhel9@sha256:6d121ae6d94afb5d723730e63fcd49c5cfaa1f2518cdb534215399a1f08ff040_s390x as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:6d121ae6d94afb5d723730e63fcd49c5cfaa1f2518cdb534215399a1f08ff040_s390x"
},
"product_reference": "devspaces/imagepuller-rhel9@sha256:6d121ae6d94afb5d723730e63fcd49c5cfaa1f2518cdb534215399a1f08ff040_s390x",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/imagepuller-rhel9@sha256:d68cced8fab3fd16ddaaf45fe0c5498b60a4a09a2b5c4e5f984529d041d13708_ppc64le as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:d68cced8fab3fd16ddaaf45fe0c5498b60a4a09a2b5c4e5f984529d041d13708_ppc64le"
},
"product_reference": "devspaces/imagepuller-rhel9@sha256:d68cced8fab3fd16ddaaf45fe0c5498b60a4a09a2b5c4e5f984529d041d13708_ppc64le",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/machineexec-rhel9@sha256:5692486f392037c261b89bdf1004ac8982002c3c7e15cf3babcd3031970b3844_amd64 as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:5692486f392037c261b89bdf1004ac8982002c3c7e15cf3babcd3031970b3844_amd64"
},
"product_reference": "devspaces/machineexec-rhel9@sha256:5692486f392037c261b89bdf1004ac8982002c3c7e15cf3babcd3031970b3844_amd64",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/machineexec-rhel9@sha256:5cee29e36e341486bd91b8e578c9fd5a3fb657cbd6c6249dd69bb0a6e5b57dfd_s390x as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:5cee29e36e341486bd91b8e578c9fd5a3fb657cbd6c6249dd69bb0a6e5b57dfd_s390x"
},
"product_reference": "devspaces/machineexec-rhel9@sha256:5cee29e36e341486bd91b8e578c9fd5a3fb657cbd6c6249dd69bb0a6e5b57dfd_s390x",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/machineexec-rhel9@sha256:92c07684e0deb9c515e509853d2d58a714b655f8be48be942f1da12da5cc65e0_ppc64le as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:92c07684e0deb9c515e509853d2d58a714b655f8be48be942f1da12da5cc65e0_ppc64le"
},
"product_reference": "devspaces/machineexec-rhel9@sha256:92c07684e0deb9c515e509853d2d58a714b655f8be48be942f1da12da5cc65e0_ppc64le",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/pluginregistry-rhel9@sha256:2d9d7bacf93ceeca7b410e16fa84cb48c5c04092ac7e5ba22681b96abd0cf228_amd64 as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:2d9d7bacf93ceeca7b410e16fa84cb48c5c04092ac7e5ba22681b96abd0cf228_amd64"
},
"product_reference": "devspaces/pluginregistry-rhel9@sha256:2d9d7bacf93ceeca7b410e16fa84cb48c5c04092ac7e5ba22681b96abd0cf228_amd64",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/pluginregistry-rhel9@sha256:98be37c2d983b7af80f0c8527d6297eaf7177ee52457979b45d13cdd27976004_s390x as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:98be37c2d983b7af80f0c8527d6297eaf7177ee52457979b45d13cdd27976004_s390x"
},
"product_reference": "devspaces/pluginregistry-rhel9@sha256:98be37c2d983b7af80f0c8527d6297eaf7177ee52457979b45d13cdd27976004_s390x",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/pluginregistry-rhel9@sha256:c57424174146743c9185105ae51c49e578a9dae1ca53375879a730704a5a686f_ppc64le as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:c57424174146743c9185105ae51c49e578a9dae1ca53375879a730704a5a686f_ppc64le"
},
"product_reference": "devspaces/pluginregistry-rhel9@sha256:c57424174146743c9185105ae51c49e578a9dae1ca53375879a730704a5a686f_ppc64le",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/server-rhel9@sha256:03d2025cc1fe797a3c54206cf37323e4bc6bc1c4197b70377bef7f727e33ed1b_s390x as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/server-rhel9@sha256:03d2025cc1fe797a3c54206cf37323e4bc6bc1c4197b70377bef7f727e33ed1b_s390x"
},
"product_reference": "devspaces/server-rhel9@sha256:03d2025cc1fe797a3c54206cf37323e4bc6bc1c4197b70377bef7f727e33ed1b_s390x",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/server-rhel9@sha256:15b8c0c6c6ed150183d8039fda25fa3986a55c8e7571b6d07f19eb91d51ae976_ppc64le as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/server-rhel9@sha256:15b8c0c6c6ed150183d8039fda25fa3986a55c8e7571b6d07f19eb91d51ae976_ppc64le"
},
"product_reference": "devspaces/server-rhel9@sha256:15b8c0c6c6ed150183d8039fda25fa3986a55c8e7571b6d07f19eb91d51ae976_ppc64le",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/server-rhel9@sha256:83afeb4a5ae28f1193261a4f942c400854fc2b2148bdf38c54706e72b345786b_amd64 as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/server-rhel9@sha256:83afeb4a5ae28f1193261a4f942c400854fc2b2148bdf38c54706e72b345786b_amd64"
},
"product_reference": "devspaces/server-rhel9@sha256:83afeb4a5ae28f1193261a4f942c400854fc2b2148bdf38c54706e72b345786b_amd64",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/traefik-rhel9@sha256:55275214e27d4620bd2e4caf7a1a24598762fc1eff67c072e9c53fff4a633dca_amd64 as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:55275214e27d4620bd2e4caf7a1a24598762fc1eff67c072e9c53fff4a633dca_amd64"
},
"product_reference": "devspaces/traefik-rhel9@sha256:55275214e27d4620bd2e4caf7a1a24598762fc1eff67c072e9c53fff4a633dca_amd64",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/traefik-rhel9@sha256:804e08e8331a96e87c20889ff7f03816d17ec35e18e0449beb8337b82aa30000_ppc64le as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:804e08e8331a96e87c20889ff7f03816d17ec35e18e0449beb8337b82aa30000_ppc64le"
},
"product_reference": "devspaces/traefik-rhel9@sha256:804e08e8331a96e87c20889ff7f03816d17ec35e18e0449beb8337b82aa30000_ppc64le",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/traefik-rhel9@sha256:fc0edac05e35fc4cca42cbc81979c54e4db440e340acca6c4c56dc5a3ece6cf7_s390x as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:fc0edac05e35fc4cca42cbc81979c54e4db440e340acca6c4c56dc5a3ece6cf7_s390x"
},
"product_reference": "devspaces/traefik-rhel9@sha256:fc0edac05e35fc4cca42cbc81979c54e4db440e340acca6c4c56dc5a3ece6cf7_s390x",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/udi-rhel9@sha256:53d4e87eb1ef3a63a42539ea20be463b3cbb76fe93a80d9dc5fb65253120402c_s390x as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:53d4e87eb1ef3a63a42539ea20be463b3cbb76fe93a80d9dc5fb65253120402c_s390x"
},
"product_reference": "devspaces/udi-rhel9@sha256:53d4e87eb1ef3a63a42539ea20be463b3cbb76fe93a80d9dc5fb65253120402c_s390x",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/udi-rhel9@sha256:6fb45a6f9e4dd9a29e87c20b70758041f54b439cde439435aebecff002dd19fb_amd64 as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:6fb45a6f9e4dd9a29e87c20b70758041f54b439cde439435aebecff002dd19fb_amd64"
},
"product_reference": "devspaces/udi-rhel9@sha256:6fb45a6f9e4dd9a29e87c20b70758041f54b439cde439435aebecff002dd19fb_amd64",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/udi-rhel9@sha256:81e13f10bfa13edbf62318ce58f93f681dc61776e5871e8710e8cf8e0cb86416_ppc64le as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:81e13f10bfa13edbf62318ce58f93f681dc61776e5871e8710e8cf8e0cb86416_ppc64le"
},
"product_reference": "devspaces/udi-rhel9@sha256:81e13f10bfa13edbf62318ce58f93f681dc61776e5871e8710e8cf8e0cb86416_ppc64le",
"relates_to_product_reference": "9Base-RHOSDS-3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-44270",
"cwe": {
"id": "CWE-93",
"name": "Improper Neutralization of CRLF Sequences (\u0027CRLF Injection\u0027)"
},
"discovery_date": "2024-11-18T14:11:50.400987+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHOSDS-3:devspaces-tech-preview/idea-rhel9@sha256:56808324fd8f18efcaf1143c062b4611d4daf92d2b3827b6744b7103e6862eb5_amd64",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:741e2650528085ebfe65969d5c48ab7f3f258d73f0a35e9f0ca0ff2186a64072_ppc64le",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:cb292b971baf4de9f13b913ef0f3e391c1b12919175ae9dab43d18a70f4411a2_s390x",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:efea4d960bce51d34f2021b08ed5134f99f2bbbe759e550bf5bb4787ec40539e_amd64",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:677b3ce8d509429000a0696e05518ea9d4e69533407480b7728e523375c5303b_ppc64le",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:6a70f3e63cb4d87e96f54e3f2075a7f8cacaa10c92efe71c4d4bb5a43e4f1247_s390x",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:7d585ce8bce9b7ab571bf8a893bda495d255601e14b8a8aa516d0524545748dc_amd64",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:58218f2ce601e03f87858ada727cf52e964f0212124001740bf305dc36e67fbd_amd64",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:616fe916fe4bdf7cf26f1463b7df306bd63772eb31bdf83f70c42db9775765e5_s390x",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:98f3e811e3c8ebec180a6dc58353f72acf0dffad608b59d091af5f1887d37e05_ppc64le",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:1aab5a0eeaf68576aa5a0793cbe220bb8a783ec5670aa46240b88530897db345_amd64",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:6d121ae6d94afb5d723730e63fcd49c5cfaa1f2518cdb534215399a1f08ff040_s390x",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:d68cced8fab3fd16ddaaf45fe0c5498b60a4a09a2b5c4e5f984529d041d13708_ppc64le",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:5692486f392037c261b89bdf1004ac8982002c3c7e15cf3babcd3031970b3844_amd64",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:5cee29e36e341486bd91b8e578c9fd5a3fb657cbd6c6249dd69bb0a6e5b57dfd_s390x",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:92c07684e0deb9c515e509853d2d58a714b655f8be48be942f1da12da5cc65e0_ppc64le",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:2d9d7bacf93ceeca7b410e16fa84cb48c5c04092ac7e5ba22681b96abd0cf228_amd64",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:98be37c2d983b7af80f0c8527d6297eaf7177ee52457979b45d13cdd27976004_s390x",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:c57424174146743c9185105ae51c49e578a9dae1ca53375879a730704a5a686f_ppc64le",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:03d2025cc1fe797a3c54206cf37323e4bc6bc1c4197b70377bef7f727e33ed1b_s390x",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:15b8c0c6c6ed150183d8039fda25fa3986a55c8e7571b6d07f19eb91d51ae976_ppc64le",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:83afeb4a5ae28f1193261a4f942c400854fc2b2148bdf38c54706e72b345786b_amd64",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:55275214e27d4620bd2e4caf7a1a24598762fc1eff67c072e9c53fff4a633dca_amd64",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:804e08e8331a96e87c20889ff7f03816d17ec35e18e0449beb8337b82aa30000_ppc64le",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:fc0edac05e35fc4cca42cbc81979c54e4db440e340acca6c4c56dc5a3ece6cf7_s390x",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:53d4e87eb1ef3a63a42539ea20be463b3cbb76fe93a80d9dc5fb65253120402c_s390x",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:6fb45a6f9e4dd9a29e87c20b70758041f54b439cde439435aebecff002dd19fb_amd64",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:81e13f10bfa13edbf62318ce58f93f681dc61776e5871e8710e8cf8e0cb86416_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2326998"
}
],
"notes": [
{
"category": "description",
"text": "An issue was discovered in PostCSS before 8.4.31. The vulnerability affects linters using PostCSS to parse external untrusted CSS. An attacker can prepare CSS in such a way that it will contains parts parsed by PostCSS as a CSS comment. After processing by PostCSS, it will be included in the PostCSS output in CSS nodes (rules, properties) despite being included in a comment.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "PostCSS: Improper input validation in PostCSS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:03465af90654f18716911c227ad49422cda691bdea686936df1d37dcc058e485_ppc64le",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:7d2e2198bc93f6955477a3ec4f63a38b78273ea1007850c48ace3bb16c9666b1_s390x",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:90a61893d9127600dd108fedf9ee0b1fcac4502a196b8de7936589c100fc49fe_amd64",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:70ac5c215c4fc78e0b89c46bfa537f9bfb835af1897708f9cb181648659311d2_amd64",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:92891c316760203637d3739fc7fe5a6801e3b11faf22b405559dc1c05adbf6b2_s390x",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:a929eb292b97c9fc5d573a1ce5dc283268e189ec271abca29e183769b7f8ab86_ppc64le"
],
"known_not_affected": [
"9Base-RHOSDS-3:devspaces-tech-preview/idea-rhel9@sha256:56808324fd8f18efcaf1143c062b4611d4daf92d2b3827b6744b7103e6862eb5_amd64",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:741e2650528085ebfe65969d5c48ab7f3f258d73f0a35e9f0ca0ff2186a64072_ppc64le",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:cb292b971baf4de9f13b913ef0f3e391c1b12919175ae9dab43d18a70f4411a2_s390x",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:efea4d960bce51d34f2021b08ed5134f99f2bbbe759e550bf5bb4787ec40539e_amd64",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:677b3ce8d509429000a0696e05518ea9d4e69533407480b7728e523375c5303b_ppc64le",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:6a70f3e63cb4d87e96f54e3f2075a7f8cacaa10c92efe71c4d4bb5a43e4f1247_s390x",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:7d585ce8bce9b7ab571bf8a893bda495d255601e14b8a8aa516d0524545748dc_amd64",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:58218f2ce601e03f87858ada727cf52e964f0212124001740bf305dc36e67fbd_amd64",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:616fe916fe4bdf7cf26f1463b7df306bd63772eb31bdf83f70c42db9775765e5_s390x",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:98f3e811e3c8ebec180a6dc58353f72acf0dffad608b59d091af5f1887d37e05_ppc64le",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:1aab5a0eeaf68576aa5a0793cbe220bb8a783ec5670aa46240b88530897db345_amd64",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:6d121ae6d94afb5d723730e63fcd49c5cfaa1f2518cdb534215399a1f08ff040_s390x",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:d68cced8fab3fd16ddaaf45fe0c5498b60a4a09a2b5c4e5f984529d041d13708_ppc64le",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:5692486f392037c261b89bdf1004ac8982002c3c7e15cf3babcd3031970b3844_amd64",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:5cee29e36e341486bd91b8e578c9fd5a3fb657cbd6c6249dd69bb0a6e5b57dfd_s390x",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:92c07684e0deb9c515e509853d2d58a714b655f8be48be942f1da12da5cc65e0_ppc64le",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:2d9d7bacf93ceeca7b410e16fa84cb48c5c04092ac7e5ba22681b96abd0cf228_amd64",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:98be37c2d983b7af80f0c8527d6297eaf7177ee52457979b45d13cdd27976004_s390x",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:c57424174146743c9185105ae51c49e578a9dae1ca53375879a730704a5a686f_ppc64le",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:03d2025cc1fe797a3c54206cf37323e4bc6bc1c4197b70377bef7f727e33ed1b_s390x",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:15b8c0c6c6ed150183d8039fda25fa3986a55c8e7571b6d07f19eb91d51ae976_ppc64le",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:83afeb4a5ae28f1193261a4f942c400854fc2b2148bdf38c54706e72b345786b_amd64",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:55275214e27d4620bd2e4caf7a1a24598762fc1eff67c072e9c53fff4a633dca_amd64",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:804e08e8331a96e87c20889ff7f03816d17ec35e18e0449beb8337b82aa30000_ppc64le",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:fc0edac05e35fc4cca42cbc81979c54e4db440e340acca6c4c56dc5a3ece6cf7_s390x",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:53d4e87eb1ef3a63a42539ea20be463b3cbb76fe93a80d9dc5fb65253120402c_s390x",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:6fb45a6f9e4dd9a29e87c20b70758041f54b439cde439435aebecff002dd19fb_amd64",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:81e13f10bfa13edbf62318ce58f93f681dc61776e5871e8710e8cf8e0cb86416_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-44270"
},
{
"category": "external",
"summary": "RHBZ#2326998",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2326998"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-44270",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44270"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-44270",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44270"
},
{
"category": "external",
"summary": "https://github.com/github/advisory-database/issues/2820",
"url": "https://github.com/github/advisory-database/issues/2820"
},
{
"category": "external",
"summary": "https://github.com/postcss/postcss/blob/main/lib/tokenize.js#L25",
"url": "https://github.com/postcss/postcss/blob/main/lib/tokenize.js#L25"
},
{
"category": "external",
"summary": "https://github.com/postcss/postcss/commit/58cc860b4c1707510c9cd1bc1fa30b423a9ad6c5",
"url": "https://github.com/postcss/postcss/commit/58cc860b4c1707510c9cd1bc1fa30b423a9ad6c5"
},
{
"category": "external",
"summary": "https://github.com/postcss/postcss/releases/tag/8.4.31",
"url": "https://github.com/postcss/postcss/releases/tag/8.4.31"
}
],
"release_date": "2023-09-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-02-03T16:38:18+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:03465af90654f18716911c227ad49422cda691bdea686936df1d37dcc058e485_ppc64le",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:7d2e2198bc93f6955477a3ec4f63a38b78273ea1007850c48ace3bb16c9666b1_s390x",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:90a61893d9127600dd108fedf9ee0b1fcac4502a196b8de7936589c100fc49fe_amd64",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:70ac5c215c4fc78e0b89c46bfa537f9bfb835af1897708f9cb181648659311d2_amd64",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:92891c316760203637d3739fc7fe5a6801e3b11faf22b405559dc1c05adbf6b2_s390x",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:a929eb292b97c9fc5d573a1ce5dc283268e189ec271abca29e183769b7f8ab86_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:0892"
},
{
"category": "workaround",
"details": "There\u0027s no known mitigation for this issue. Red Hat recommends to not parse untrusted CSS input using PostCSS.",
"product_ids": [
"9Base-RHOSDS-3:devspaces-tech-preview/idea-rhel9@sha256:56808324fd8f18efcaf1143c062b4611d4daf92d2b3827b6744b7103e6862eb5_amd64",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:03465af90654f18716911c227ad49422cda691bdea686936df1d37dcc058e485_ppc64le",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:7d2e2198bc93f6955477a3ec4f63a38b78273ea1007850c48ace3bb16c9666b1_s390x",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:90a61893d9127600dd108fedf9ee0b1fcac4502a196b8de7936589c100fc49fe_amd64",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:741e2650528085ebfe65969d5c48ab7f3f258d73f0a35e9f0ca0ff2186a64072_ppc64le",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:cb292b971baf4de9f13b913ef0f3e391c1b12919175ae9dab43d18a70f4411a2_s390x",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:efea4d960bce51d34f2021b08ed5134f99f2bbbe759e550bf5bb4787ec40539e_amd64",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:70ac5c215c4fc78e0b89c46bfa537f9bfb835af1897708f9cb181648659311d2_amd64",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:92891c316760203637d3739fc7fe5a6801e3b11faf22b405559dc1c05adbf6b2_s390x",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:a929eb292b97c9fc5d573a1ce5dc283268e189ec271abca29e183769b7f8ab86_ppc64le",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:677b3ce8d509429000a0696e05518ea9d4e69533407480b7728e523375c5303b_ppc64le",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:6a70f3e63cb4d87e96f54e3f2075a7f8cacaa10c92efe71c4d4bb5a43e4f1247_s390x",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:7d585ce8bce9b7ab571bf8a893bda495d255601e14b8a8aa516d0524545748dc_amd64",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:58218f2ce601e03f87858ada727cf52e964f0212124001740bf305dc36e67fbd_amd64",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:616fe916fe4bdf7cf26f1463b7df306bd63772eb31bdf83f70c42db9775765e5_s390x",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:98f3e811e3c8ebec180a6dc58353f72acf0dffad608b59d091af5f1887d37e05_ppc64le",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:1aab5a0eeaf68576aa5a0793cbe220bb8a783ec5670aa46240b88530897db345_amd64",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:6d121ae6d94afb5d723730e63fcd49c5cfaa1f2518cdb534215399a1f08ff040_s390x",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:d68cced8fab3fd16ddaaf45fe0c5498b60a4a09a2b5c4e5f984529d041d13708_ppc64le",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:5692486f392037c261b89bdf1004ac8982002c3c7e15cf3babcd3031970b3844_amd64",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:5cee29e36e341486bd91b8e578c9fd5a3fb657cbd6c6249dd69bb0a6e5b57dfd_s390x",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:92c07684e0deb9c515e509853d2d58a714b655f8be48be942f1da12da5cc65e0_ppc64le",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:2d9d7bacf93ceeca7b410e16fa84cb48c5c04092ac7e5ba22681b96abd0cf228_amd64",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:98be37c2d983b7af80f0c8527d6297eaf7177ee52457979b45d13cdd27976004_s390x",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:c57424174146743c9185105ae51c49e578a9dae1ca53375879a730704a5a686f_ppc64le",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:03d2025cc1fe797a3c54206cf37323e4bc6bc1c4197b70377bef7f727e33ed1b_s390x",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:15b8c0c6c6ed150183d8039fda25fa3986a55c8e7571b6d07f19eb91d51ae976_ppc64le",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:83afeb4a5ae28f1193261a4f942c400854fc2b2148bdf38c54706e72b345786b_amd64",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:55275214e27d4620bd2e4caf7a1a24598762fc1eff67c072e9c53fff4a633dca_amd64",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:804e08e8331a96e87c20889ff7f03816d17ec35e18e0449beb8337b82aa30000_ppc64le",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:fc0edac05e35fc4cca42cbc81979c54e4db440e340acca6c4c56dc5a3ece6cf7_s390x",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:53d4e87eb1ef3a63a42539ea20be463b3cbb76fe93a80d9dc5fb65253120402c_s390x",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:6fb45a6f9e4dd9a29e87c20b70758041f54b439cde439435aebecff002dd19fb_amd64",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:81e13f10bfa13edbf62318ce58f93f681dc61776e5871e8710e8cf8e0cb86416_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"9Base-RHOSDS-3:devspaces-tech-preview/idea-rhel9@sha256:56808324fd8f18efcaf1143c062b4611d4daf92d2b3827b6744b7103e6862eb5_amd64",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:03465af90654f18716911c227ad49422cda691bdea686936df1d37dcc058e485_ppc64le",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:7d2e2198bc93f6955477a3ec4f63a38b78273ea1007850c48ace3bb16c9666b1_s390x",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:90a61893d9127600dd108fedf9ee0b1fcac4502a196b8de7936589c100fc49fe_amd64",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:741e2650528085ebfe65969d5c48ab7f3f258d73f0a35e9f0ca0ff2186a64072_ppc64le",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:cb292b971baf4de9f13b913ef0f3e391c1b12919175ae9dab43d18a70f4411a2_s390x",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:efea4d960bce51d34f2021b08ed5134f99f2bbbe759e550bf5bb4787ec40539e_amd64",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:70ac5c215c4fc78e0b89c46bfa537f9bfb835af1897708f9cb181648659311d2_amd64",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:92891c316760203637d3739fc7fe5a6801e3b11faf22b405559dc1c05adbf6b2_s390x",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:a929eb292b97c9fc5d573a1ce5dc283268e189ec271abca29e183769b7f8ab86_ppc64le",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:677b3ce8d509429000a0696e05518ea9d4e69533407480b7728e523375c5303b_ppc64le",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:6a70f3e63cb4d87e96f54e3f2075a7f8cacaa10c92efe71c4d4bb5a43e4f1247_s390x",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:7d585ce8bce9b7ab571bf8a893bda495d255601e14b8a8aa516d0524545748dc_amd64",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:58218f2ce601e03f87858ada727cf52e964f0212124001740bf305dc36e67fbd_amd64",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:616fe916fe4bdf7cf26f1463b7df306bd63772eb31bdf83f70c42db9775765e5_s390x",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:98f3e811e3c8ebec180a6dc58353f72acf0dffad608b59d091af5f1887d37e05_ppc64le",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:1aab5a0eeaf68576aa5a0793cbe220bb8a783ec5670aa46240b88530897db345_amd64",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:6d121ae6d94afb5d723730e63fcd49c5cfaa1f2518cdb534215399a1f08ff040_s390x",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:d68cced8fab3fd16ddaaf45fe0c5498b60a4a09a2b5c4e5f984529d041d13708_ppc64le",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:5692486f392037c261b89bdf1004ac8982002c3c7e15cf3babcd3031970b3844_amd64",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:5cee29e36e341486bd91b8e578c9fd5a3fb657cbd6c6249dd69bb0a6e5b57dfd_s390x",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:92c07684e0deb9c515e509853d2d58a714b655f8be48be942f1da12da5cc65e0_ppc64le",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:2d9d7bacf93ceeca7b410e16fa84cb48c5c04092ac7e5ba22681b96abd0cf228_amd64",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:98be37c2d983b7af80f0c8527d6297eaf7177ee52457979b45d13cdd27976004_s390x",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:c57424174146743c9185105ae51c49e578a9dae1ca53375879a730704a5a686f_ppc64le",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:03d2025cc1fe797a3c54206cf37323e4bc6bc1c4197b70377bef7f727e33ed1b_s390x",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:15b8c0c6c6ed150183d8039fda25fa3986a55c8e7571b6d07f19eb91d51ae976_ppc64le",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:83afeb4a5ae28f1193261a4f942c400854fc2b2148bdf38c54706e72b345786b_amd64",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:55275214e27d4620bd2e4caf7a1a24598762fc1eff67c072e9c53fff4a633dca_amd64",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:804e08e8331a96e87c20889ff7f03816d17ec35e18e0449beb8337b82aa30000_ppc64le",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:fc0edac05e35fc4cca42cbc81979c54e4db440e340acca6c4c56dc5a3ece6cf7_s390x",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:53d4e87eb1ef3a63a42539ea20be463b3cbb76fe93a80d9dc5fb65253120402c_s390x",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:6fb45a6f9e4dd9a29e87c20b70758041f54b439cde439435aebecff002dd19fb_amd64",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:81e13f10bfa13edbf62318ce58f93f681dc61776e5871e8710e8cf8e0cb86416_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "PostCSS: Improper input validation in PostCSS"
},
{
"cve": "CVE-2024-21538",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2024-11-08T13:44:29.182678+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHOSDS-3:devspaces-tech-preview/idea-rhel9@sha256:56808324fd8f18efcaf1143c062b4611d4daf92d2b3827b6744b7103e6862eb5_amd64",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:741e2650528085ebfe65969d5c48ab7f3f258d73f0a35e9f0ca0ff2186a64072_ppc64le",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:cb292b971baf4de9f13b913ef0f3e391c1b12919175ae9dab43d18a70f4411a2_s390x",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:efea4d960bce51d34f2021b08ed5134f99f2bbbe759e550bf5bb4787ec40539e_amd64",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:677b3ce8d509429000a0696e05518ea9d4e69533407480b7728e523375c5303b_ppc64le",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:6a70f3e63cb4d87e96f54e3f2075a7f8cacaa10c92efe71c4d4bb5a43e4f1247_s390x",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:7d585ce8bce9b7ab571bf8a893bda495d255601e14b8a8aa516d0524545748dc_amd64",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:58218f2ce601e03f87858ada727cf52e964f0212124001740bf305dc36e67fbd_amd64",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:616fe916fe4bdf7cf26f1463b7df306bd63772eb31bdf83f70c42db9775765e5_s390x",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:98f3e811e3c8ebec180a6dc58353f72acf0dffad608b59d091af5f1887d37e05_ppc64le",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:1aab5a0eeaf68576aa5a0793cbe220bb8a783ec5670aa46240b88530897db345_amd64",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:6d121ae6d94afb5d723730e63fcd49c5cfaa1f2518cdb534215399a1f08ff040_s390x",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:d68cced8fab3fd16ddaaf45fe0c5498b60a4a09a2b5c4e5f984529d041d13708_ppc64le",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:5692486f392037c261b89bdf1004ac8982002c3c7e15cf3babcd3031970b3844_amd64",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:5cee29e36e341486bd91b8e578c9fd5a3fb657cbd6c6249dd69bb0a6e5b57dfd_s390x",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:92c07684e0deb9c515e509853d2d58a714b655f8be48be942f1da12da5cc65e0_ppc64le",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:2d9d7bacf93ceeca7b410e16fa84cb48c5c04092ac7e5ba22681b96abd0cf228_amd64",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:98be37c2d983b7af80f0c8527d6297eaf7177ee52457979b45d13cdd27976004_s390x",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:c57424174146743c9185105ae51c49e578a9dae1ca53375879a730704a5a686f_ppc64le",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:03d2025cc1fe797a3c54206cf37323e4bc6bc1c4197b70377bef7f727e33ed1b_s390x",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:15b8c0c6c6ed150183d8039fda25fa3986a55c8e7571b6d07f19eb91d51ae976_ppc64le",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:83afeb4a5ae28f1193261a4f942c400854fc2b2148bdf38c54706e72b345786b_amd64",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:55275214e27d4620bd2e4caf7a1a24598762fc1eff67c072e9c53fff4a633dca_amd64",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:804e08e8331a96e87c20889ff7f03816d17ec35e18e0449beb8337b82aa30000_ppc64le",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:fc0edac05e35fc4cca42cbc81979c54e4db440e340acca6c4c56dc5a3ece6cf7_s390x",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:53d4e87eb1ef3a63a42539ea20be463b3cbb76fe93a80d9dc5fb65253120402c_s390x",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:6fb45a6f9e4dd9a29e87c20b70758041f54b439cde439435aebecff002dd19fb_amd64",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:81e13f10bfa13edbf62318ce58f93f681dc61776e5871e8710e8cf8e0cb86416_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2324550"
}
],
"notes": [
{
"category": "description",
"text": "A Regular Expression Denial of Service (ReDoS) vulnerability was found in the cross-spawn package for Node.js. Due to improper input sanitization, an attacker can increase CPU usage and crash the program with a large, specially crafted string.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cross-spawn: regular expression denial of service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:03465af90654f18716911c227ad49422cda691bdea686936df1d37dcc058e485_ppc64le",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:7d2e2198bc93f6955477a3ec4f63a38b78273ea1007850c48ace3bb16c9666b1_s390x",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:90a61893d9127600dd108fedf9ee0b1fcac4502a196b8de7936589c100fc49fe_amd64",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:70ac5c215c4fc78e0b89c46bfa537f9bfb835af1897708f9cb181648659311d2_amd64",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:92891c316760203637d3739fc7fe5a6801e3b11faf22b405559dc1c05adbf6b2_s390x",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:a929eb292b97c9fc5d573a1ce5dc283268e189ec271abca29e183769b7f8ab86_ppc64le"
],
"known_not_affected": [
"9Base-RHOSDS-3:devspaces-tech-preview/idea-rhel9@sha256:56808324fd8f18efcaf1143c062b4611d4daf92d2b3827b6744b7103e6862eb5_amd64",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:741e2650528085ebfe65969d5c48ab7f3f258d73f0a35e9f0ca0ff2186a64072_ppc64le",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:cb292b971baf4de9f13b913ef0f3e391c1b12919175ae9dab43d18a70f4411a2_s390x",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:efea4d960bce51d34f2021b08ed5134f99f2bbbe759e550bf5bb4787ec40539e_amd64",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:677b3ce8d509429000a0696e05518ea9d4e69533407480b7728e523375c5303b_ppc64le",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:6a70f3e63cb4d87e96f54e3f2075a7f8cacaa10c92efe71c4d4bb5a43e4f1247_s390x",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:7d585ce8bce9b7ab571bf8a893bda495d255601e14b8a8aa516d0524545748dc_amd64",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:58218f2ce601e03f87858ada727cf52e964f0212124001740bf305dc36e67fbd_amd64",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:616fe916fe4bdf7cf26f1463b7df306bd63772eb31bdf83f70c42db9775765e5_s390x",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:98f3e811e3c8ebec180a6dc58353f72acf0dffad608b59d091af5f1887d37e05_ppc64le",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:1aab5a0eeaf68576aa5a0793cbe220bb8a783ec5670aa46240b88530897db345_amd64",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:6d121ae6d94afb5d723730e63fcd49c5cfaa1f2518cdb534215399a1f08ff040_s390x",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:d68cced8fab3fd16ddaaf45fe0c5498b60a4a09a2b5c4e5f984529d041d13708_ppc64le",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:5692486f392037c261b89bdf1004ac8982002c3c7e15cf3babcd3031970b3844_amd64",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:5cee29e36e341486bd91b8e578c9fd5a3fb657cbd6c6249dd69bb0a6e5b57dfd_s390x",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:92c07684e0deb9c515e509853d2d58a714b655f8be48be942f1da12da5cc65e0_ppc64le",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:2d9d7bacf93ceeca7b410e16fa84cb48c5c04092ac7e5ba22681b96abd0cf228_amd64",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:98be37c2d983b7af80f0c8527d6297eaf7177ee52457979b45d13cdd27976004_s390x",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:c57424174146743c9185105ae51c49e578a9dae1ca53375879a730704a5a686f_ppc64le",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:03d2025cc1fe797a3c54206cf37323e4bc6bc1c4197b70377bef7f727e33ed1b_s390x",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:15b8c0c6c6ed150183d8039fda25fa3986a55c8e7571b6d07f19eb91d51ae976_ppc64le",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:83afeb4a5ae28f1193261a4f942c400854fc2b2148bdf38c54706e72b345786b_amd64",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:55275214e27d4620bd2e4caf7a1a24598762fc1eff67c072e9c53fff4a633dca_amd64",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:804e08e8331a96e87c20889ff7f03816d17ec35e18e0449beb8337b82aa30000_ppc64le",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:fc0edac05e35fc4cca42cbc81979c54e4db440e340acca6c4c56dc5a3ece6cf7_s390x",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:53d4e87eb1ef3a63a42539ea20be463b3cbb76fe93a80d9dc5fb65253120402c_s390x",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:6fb45a6f9e4dd9a29e87c20b70758041f54b439cde439435aebecff002dd19fb_amd64",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:81e13f10bfa13edbf62318ce58f93f681dc61776e5871e8710e8cf8e0cb86416_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-21538"
},
{
"category": "external",
"summary": "RHBZ#2324550",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2324550"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-21538",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21538"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-21538",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-21538"
},
{
"category": "external",
"summary": "https://github.com/moxystudio/node-cross-spawn/commit/5ff3a07d9add449021d806e45c4168203aa833ff",
"url": "https://github.com/moxystudio/node-cross-spawn/commit/5ff3a07d9add449021d806e45c4168203aa833ff"
},
{
"category": "external",
"summary": "https://github.com/moxystudio/node-cross-spawn/commit/640d391fde65388548601d95abedccc12943374f",
"url": "https://github.com/moxystudio/node-cross-spawn/commit/640d391fde65388548601d95abedccc12943374f"
},
{
"category": "external",
"summary": "https://github.com/moxystudio/node-cross-spawn/pull/160",
"url": "https://github.com/moxystudio/node-cross-spawn/pull/160"
},
{
"category": "external",
"summary": "https://security.snyk.io/vuln/SNYK-JS-CROSSSPAWN-8303230",
"url": "https://security.snyk.io/vuln/SNYK-JS-CROSSSPAWN-8303230"
}
],
"release_date": "2024-11-08T05:00:04.695000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-02-03T16:38:18+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:03465af90654f18716911c227ad49422cda691bdea686936df1d37dcc058e485_ppc64le",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:7d2e2198bc93f6955477a3ec4f63a38b78273ea1007850c48ace3bb16c9666b1_s390x",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:90a61893d9127600dd108fedf9ee0b1fcac4502a196b8de7936589c100fc49fe_amd64",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:70ac5c215c4fc78e0b89c46bfa537f9bfb835af1897708f9cb181648659311d2_amd64",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:92891c316760203637d3739fc7fe5a6801e3b11faf22b405559dc1c05adbf6b2_s390x",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:a929eb292b97c9fc5d573a1ce5dc283268e189ec271abca29e183769b7f8ab86_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:0892"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHOSDS-3:devspaces-tech-preview/idea-rhel9@sha256:56808324fd8f18efcaf1143c062b4611d4daf92d2b3827b6744b7103e6862eb5_amd64",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:03465af90654f18716911c227ad49422cda691bdea686936df1d37dcc058e485_ppc64le",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:7d2e2198bc93f6955477a3ec4f63a38b78273ea1007850c48ace3bb16c9666b1_s390x",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:90a61893d9127600dd108fedf9ee0b1fcac4502a196b8de7936589c100fc49fe_amd64",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:741e2650528085ebfe65969d5c48ab7f3f258d73f0a35e9f0ca0ff2186a64072_ppc64le",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:cb292b971baf4de9f13b913ef0f3e391c1b12919175ae9dab43d18a70f4411a2_s390x",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:efea4d960bce51d34f2021b08ed5134f99f2bbbe759e550bf5bb4787ec40539e_amd64",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:70ac5c215c4fc78e0b89c46bfa537f9bfb835af1897708f9cb181648659311d2_amd64",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:92891c316760203637d3739fc7fe5a6801e3b11faf22b405559dc1c05adbf6b2_s390x",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:a929eb292b97c9fc5d573a1ce5dc283268e189ec271abca29e183769b7f8ab86_ppc64le",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:677b3ce8d509429000a0696e05518ea9d4e69533407480b7728e523375c5303b_ppc64le",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:6a70f3e63cb4d87e96f54e3f2075a7f8cacaa10c92efe71c4d4bb5a43e4f1247_s390x",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:7d585ce8bce9b7ab571bf8a893bda495d255601e14b8a8aa516d0524545748dc_amd64",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:58218f2ce601e03f87858ada727cf52e964f0212124001740bf305dc36e67fbd_amd64",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:616fe916fe4bdf7cf26f1463b7df306bd63772eb31bdf83f70c42db9775765e5_s390x",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:98f3e811e3c8ebec180a6dc58353f72acf0dffad608b59d091af5f1887d37e05_ppc64le",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:1aab5a0eeaf68576aa5a0793cbe220bb8a783ec5670aa46240b88530897db345_amd64",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:6d121ae6d94afb5d723730e63fcd49c5cfaa1f2518cdb534215399a1f08ff040_s390x",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:d68cced8fab3fd16ddaaf45fe0c5498b60a4a09a2b5c4e5f984529d041d13708_ppc64le",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:5692486f392037c261b89bdf1004ac8982002c3c7e15cf3babcd3031970b3844_amd64",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:5cee29e36e341486bd91b8e578c9fd5a3fb657cbd6c6249dd69bb0a6e5b57dfd_s390x",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:92c07684e0deb9c515e509853d2d58a714b655f8be48be942f1da12da5cc65e0_ppc64le",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:2d9d7bacf93ceeca7b410e16fa84cb48c5c04092ac7e5ba22681b96abd0cf228_amd64",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:98be37c2d983b7af80f0c8527d6297eaf7177ee52457979b45d13cdd27976004_s390x",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:c57424174146743c9185105ae51c49e578a9dae1ca53375879a730704a5a686f_ppc64le",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:03d2025cc1fe797a3c54206cf37323e4bc6bc1c4197b70377bef7f727e33ed1b_s390x",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:15b8c0c6c6ed150183d8039fda25fa3986a55c8e7571b6d07f19eb91d51ae976_ppc64le",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:83afeb4a5ae28f1193261a4f942c400854fc2b2148bdf38c54706e72b345786b_amd64",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:55275214e27d4620bd2e4caf7a1a24598762fc1eff67c072e9c53fff4a633dca_amd64",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:804e08e8331a96e87c20889ff7f03816d17ec35e18e0449beb8337b82aa30000_ppc64le",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:fc0edac05e35fc4cca42cbc81979c54e4db440e340acca6c4c56dc5a3ece6cf7_s390x",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:53d4e87eb1ef3a63a42539ea20be463b3cbb76fe93a80d9dc5fb65253120402c_s390x",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:6fb45a6f9e4dd9a29e87c20b70758041f54b439cde439435aebecff002dd19fb_amd64",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:81e13f10bfa13edbf62318ce58f93f681dc61776e5871e8710e8cf8e0cb86416_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "cross-spawn: regular expression denial of service"
},
{
"cve": "CVE-2024-45337",
"cwe": {
"id": "CWE-285",
"name": "Improper Authorization"
},
"discovery_date": "2024-12-11T19:00:54.247490+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHOSDS-3:devspaces-tech-preview/idea-rhel9@sha256:56808324fd8f18efcaf1143c062b4611d4daf92d2b3827b6744b7103e6862eb5_amd64",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:03465af90654f18716911c227ad49422cda691bdea686936df1d37dcc058e485_ppc64le",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:7d2e2198bc93f6955477a3ec4f63a38b78273ea1007850c48ace3bb16c9666b1_s390x",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:90a61893d9127600dd108fedf9ee0b1fcac4502a196b8de7936589c100fc49fe_amd64",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:741e2650528085ebfe65969d5c48ab7f3f258d73f0a35e9f0ca0ff2186a64072_ppc64le",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:cb292b971baf4de9f13b913ef0f3e391c1b12919175ae9dab43d18a70f4411a2_s390x",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:efea4d960bce51d34f2021b08ed5134f99f2bbbe759e550bf5bb4787ec40539e_amd64",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:70ac5c215c4fc78e0b89c46bfa537f9bfb835af1897708f9cb181648659311d2_amd64",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:92891c316760203637d3739fc7fe5a6801e3b11faf22b405559dc1c05adbf6b2_s390x",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:a929eb292b97c9fc5d573a1ce5dc283268e189ec271abca29e183769b7f8ab86_ppc64le",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:677b3ce8d509429000a0696e05518ea9d4e69533407480b7728e523375c5303b_ppc64le",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:6a70f3e63cb4d87e96f54e3f2075a7f8cacaa10c92efe71c4d4bb5a43e4f1247_s390x",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:7d585ce8bce9b7ab571bf8a893bda495d255601e14b8a8aa516d0524545748dc_amd64",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:1aab5a0eeaf68576aa5a0793cbe220bb8a783ec5670aa46240b88530897db345_amd64",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:6d121ae6d94afb5d723730e63fcd49c5cfaa1f2518cdb534215399a1f08ff040_s390x",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:d68cced8fab3fd16ddaaf45fe0c5498b60a4a09a2b5c4e5f984529d041d13708_ppc64le",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:5692486f392037c261b89bdf1004ac8982002c3c7e15cf3babcd3031970b3844_amd64",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:5cee29e36e341486bd91b8e578c9fd5a3fb657cbd6c6249dd69bb0a6e5b57dfd_s390x",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:92c07684e0deb9c515e509853d2d58a714b655f8be48be942f1da12da5cc65e0_ppc64le",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:2d9d7bacf93ceeca7b410e16fa84cb48c5c04092ac7e5ba22681b96abd0cf228_amd64",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:98be37c2d983b7af80f0c8527d6297eaf7177ee52457979b45d13cdd27976004_s390x",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:c57424174146743c9185105ae51c49e578a9dae1ca53375879a730704a5a686f_ppc64le",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:03d2025cc1fe797a3c54206cf37323e4bc6bc1c4197b70377bef7f727e33ed1b_s390x",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:15b8c0c6c6ed150183d8039fda25fa3986a55c8e7571b6d07f19eb91d51ae976_ppc64le",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:83afeb4a5ae28f1193261a4f942c400854fc2b2148bdf38c54706e72b345786b_amd64",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:55275214e27d4620bd2e4caf7a1a24598762fc1eff67c072e9c53fff4a633dca_amd64",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:804e08e8331a96e87c20889ff7f03816d17ec35e18e0449beb8337b82aa30000_ppc64le",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:fc0edac05e35fc4cca42cbc81979c54e4db440e340acca6c4c56dc5a3ece6cf7_s390x",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:53d4e87eb1ef3a63a42539ea20be463b3cbb76fe93a80d9dc5fb65253120402c_s390x",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:6fb45a6f9e4dd9a29e87c20b70758041f54b439cde439435aebecff002dd19fb_amd64",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:81e13f10bfa13edbf62318ce58f93f681dc61776e5871e8710e8cf8e0cb86416_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2331720"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the x/crypto/ssh go library. Applications and libraries that misuse the ServerConfig.PublicKeyCallback callback may be susceptible to an authorization bypass. For example, an attacker may send public keys A and B and authenticate with A. PublicKeyCallback would be called only twice, first with A and then with B. A vulnerable application may then make authorization decisions based on key B, for which the attacker does not control the private key. The misuse of ServerConfig.PublicKeyCallback may cause an authorization bypass.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is classified as important rather than critical because it does not directly enable unauthorized access but rather introduces a risk of authorization bypass if the application or library misuses the PublicKeyCallback API. The vulnerability relies on incorrect assumptions made by the application when handling the sequence or state of keys provided during SSH authentication. Properly implemented systems that use the Permissions field or avoid relying on external state remain unaffected. Additionally, the vulnerability does not allow direct exploitation to gain control over a system without the presence of insecure logic in the application\u0027s handling of authentication attempts.\n\n\nRed Hat Enterprise Linux(RHEL) 8 and 9 marked as not affected as it was determined that the problem function `ServerConfig.PublicKeyCallback`, as noted in the CVE-2024-45337 issue, is not called by Podman, Buildah, containers-common, or the gvisor-tap-vsock projects.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:58218f2ce601e03f87858ada727cf52e964f0212124001740bf305dc36e67fbd_amd64",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:616fe916fe4bdf7cf26f1463b7df306bd63772eb31bdf83f70c42db9775765e5_s390x",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:98f3e811e3c8ebec180a6dc58353f72acf0dffad608b59d091af5f1887d37e05_ppc64le"
],
"known_not_affected": [
"9Base-RHOSDS-3:devspaces-tech-preview/idea-rhel9@sha256:56808324fd8f18efcaf1143c062b4611d4daf92d2b3827b6744b7103e6862eb5_amd64",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:03465af90654f18716911c227ad49422cda691bdea686936df1d37dcc058e485_ppc64le",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:7d2e2198bc93f6955477a3ec4f63a38b78273ea1007850c48ace3bb16c9666b1_s390x",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:90a61893d9127600dd108fedf9ee0b1fcac4502a196b8de7936589c100fc49fe_amd64",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:741e2650528085ebfe65969d5c48ab7f3f258d73f0a35e9f0ca0ff2186a64072_ppc64le",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:cb292b971baf4de9f13b913ef0f3e391c1b12919175ae9dab43d18a70f4411a2_s390x",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:efea4d960bce51d34f2021b08ed5134f99f2bbbe759e550bf5bb4787ec40539e_amd64",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:70ac5c215c4fc78e0b89c46bfa537f9bfb835af1897708f9cb181648659311d2_amd64",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:92891c316760203637d3739fc7fe5a6801e3b11faf22b405559dc1c05adbf6b2_s390x",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:a929eb292b97c9fc5d573a1ce5dc283268e189ec271abca29e183769b7f8ab86_ppc64le",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:677b3ce8d509429000a0696e05518ea9d4e69533407480b7728e523375c5303b_ppc64le",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:6a70f3e63cb4d87e96f54e3f2075a7f8cacaa10c92efe71c4d4bb5a43e4f1247_s390x",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:7d585ce8bce9b7ab571bf8a893bda495d255601e14b8a8aa516d0524545748dc_amd64",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:1aab5a0eeaf68576aa5a0793cbe220bb8a783ec5670aa46240b88530897db345_amd64",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:6d121ae6d94afb5d723730e63fcd49c5cfaa1f2518cdb534215399a1f08ff040_s390x",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:d68cced8fab3fd16ddaaf45fe0c5498b60a4a09a2b5c4e5f984529d041d13708_ppc64le",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:5692486f392037c261b89bdf1004ac8982002c3c7e15cf3babcd3031970b3844_amd64",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:5cee29e36e341486bd91b8e578c9fd5a3fb657cbd6c6249dd69bb0a6e5b57dfd_s390x",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:92c07684e0deb9c515e509853d2d58a714b655f8be48be942f1da12da5cc65e0_ppc64le",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:2d9d7bacf93ceeca7b410e16fa84cb48c5c04092ac7e5ba22681b96abd0cf228_amd64",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:98be37c2d983b7af80f0c8527d6297eaf7177ee52457979b45d13cdd27976004_s390x",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:c57424174146743c9185105ae51c49e578a9dae1ca53375879a730704a5a686f_ppc64le",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:03d2025cc1fe797a3c54206cf37323e4bc6bc1c4197b70377bef7f727e33ed1b_s390x",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:15b8c0c6c6ed150183d8039fda25fa3986a55c8e7571b6d07f19eb91d51ae976_ppc64le",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:83afeb4a5ae28f1193261a4f942c400854fc2b2148bdf38c54706e72b345786b_amd64",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:55275214e27d4620bd2e4caf7a1a24598762fc1eff67c072e9c53fff4a633dca_amd64",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:804e08e8331a96e87c20889ff7f03816d17ec35e18e0449beb8337b82aa30000_ppc64le",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:fc0edac05e35fc4cca42cbc81979c54e4db440e340acca6c4c56dc5a3ece6cf7_s390x",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:53d4e87eb1ef3a63a42539ea20be463b3cbb76fe93a80d9dc5fb65253120402c_s390x",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:6fb45a6f9e4dd9a29e87c20b70758041f54b439cde439435aebecff002dd19fb_amd64",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:81e13f10bfa13edbf62318ce58f93f681dc61776e5871e8710e8cf8e0cb86416_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45337"
},
{
"category": "external",
"summary": "RHBZ#2331720",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331720"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45337"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45337",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45337"
},
{
"category": "external",
"summary": "https://github.com/golang/crypto/commit/b4f1988a35dee11ec3e05d6bf3e90b695fbd8909",
"url": "https://github.com/golang/crypto/commit/b4f1988a35dee11ec3e05d6bf3e90b695fbd8909"
},
{
"category": "external",
"summary": "https://go.dev/cl/635315",
"url": "https://go.dev/cl/635315"
},
{
"category": "external",
"summary": "https://go.dev/issue/70779",
"url": "https://go.dev/issue/70779"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/-nPEi39gI4Q/m/cGVPJCqdAQAJ",
"url": "https://groups.google.com/g/golang-announce/c/-nPEi39gI4Q/m/cGVPJCqdAQAJ"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3321",
"url": "https://pkg.go.dev/vuln/GO-2024-3321"
}
],
"release_date": "2024-12-11T18:55:58.506000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-02-03T16:38:18+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:58218f2ce601e03f87858ada727cf52e964f0212124001740bf305dc36e67fbd_amd64",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:616fe916fe4bdf7cf26f1463b7df306bd63772eb31bdf83f70c42db9775765e5_s390x",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:98f3e811e3c8ebec180a6dc58353f72acf0dffad608b59d091af5f1887d37e05_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:0892"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHOSDS-3:devspaces-tech-preview/idea-rhel9@sha256:56808324fd8f18efcaf1143c062b4611d4daf92d2b3827b6744b7103e6862eb5_amd64",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:03465af90654f18716911c227ad49422cda691bdea686936df1d37dcc058e485_ppc64le",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:7d2e2198bc93f6955477a3ec4f63a38b78273ea1007850c48ace3bb16c9666b1_s390x",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:90a61893d9127600dd108fedf9ee0b1fcac4502a196b8de7936589c100fc49fe_amd64",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:741e2650528085ebfe65969d5c48ab7f3f258d73f0a35e9f0ca0ff2186a64072_ppc64le",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:cb292b971baf4de9f13b913ef0f3e391c1b12919175ae9dab43d18a70f4411a2_s390x",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:efea4d960bce51d34f2021b08ed5134f99f2bbbe759e550bf5bb4787ec40539e_amd64",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:70ac5c215c4fc78e0b89c46bfa537f9bfb835af1897708f9cb181648659311d2_amd64",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:92891c316760203637d3739fc7fe5a6801e3b11faf22b405559dc1c05adbf6b2_s390x",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:a929eb292b97c9fc5d573a1ce5dc283268e189ec271abca29e183769b7f8ab86_ppc64le",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:677b3ce8d509429000a0696e05518ea9d4e69533407480b7728e523375c5303b_ppc64le",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:6a70f3e63cb4d87e96f54e3f2075a7f8cacaa10c92efe71c4d4bb5a43e4f1247_s390x",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:7d585ce8bce9b7ab571bf8a893bda495d255601e14b8a8aa516d0524545748dc_amd64",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:58218f2ce601e03f87858ada727cf52e964f0212124001740bf305dc36e67fbd_amd64",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:616fe916fe4bdf7cf26f1463b7df306bd63772eb31bdf83f70c42db9775765e5_s390x",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:98f3e811e3c8ebec180a6dc58353f72acf0dffad608b59d091af5f1887d37e05_ppc64le",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:1aab5a0eeaf68576aa5a0793cbe220bb8a783ec5670aa46240b88530897db345_amd64",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:6d121ae6d94afb5d723730e63fcd49c5cfaa1f2518cdb534215399a1f08ff040_s390x",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:d68cced8fab3fd16ddaaf45fe0c5498b60a4a09a2b5c4e5f984529d041d13708_ppc64le",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:5692486f392037c261b89bdf1004ac8982002c3c7e15cf3babcd3031970b3844_amd64",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:5cee29e36e341486bd91b8e578c9fd5a3fb657cbd6c6249dd69bb0a6e5b57dfd_s390x",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:92c07684e0deb9c515e509853d2d58a714b655f8be48be942f1da12da5cc65e0_ppc64le",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:2d9d7bacf93ceeca7b410e16fa84cb48c5c04092ac7e5ba22681b96abd0cf228_amd64",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:98be37c2d983b7af80f0c8527d6297eaf7177ee52457979b45d13cdd27976004_s390x",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:c57424174146743c9185105ae51c49e578a9dae1ca53375879a730704a5a686f_ppc64le",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:03d2025cc1fe797a3c54206cf37323e4bc6bc1c4197b70377bef7f727e33ed1b_s390x",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:15b8c0c6c6ed150183d8039fda25fa3986a55c8e7571b6d07f19eb91d51ae976_ppc64le",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:83afeb4a5ae28f1193261a4f942c400854fc2b2148bdf38c54706e72b345786b_amd64",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:55275214e27d4620bd2e4caf7a1a24598762fc1eff67c072e9c53fff4a633dca_amd64",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:804e08e8331a96e87c20889ff7f03816d17ec35e18e0449beb8337b82aa30000_ppc64le",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:fc0edac05e35fc4cca42cbc81979c54e4db440e340acca6c4c56dc5a3ece6cf7_s390x",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:53d4e87eb1ef3a63a42539ea20be463b3cbb76fe93a80d9dc5fb65253120402c_s390x",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:6fb45a6f9e4dd9a29e87c20b70758041f54b439cde439435aebecff002dd19fb_amd64",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:81e13f10bfa13edbf62318ce58f93f681dc61776e5871e8710e8cf8e0cb86416_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-RHOSDS-3:devspaces-tech-preview/idea-rhel9@sha256:56808324fd8f18efcaf1143c062b4611d4daf92d2b3827b6744b7103e6862eb5_amd64",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:03465af90654f18716911c227ad49422cda691bdea686936df1d37dcc058e485_ppc64le",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:7d2e2198bc93f6955477a3ec4f63a38b78273ea1007850c48ace3bb16c9666b1_s390x",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:90a61893d9127600dd108fedf9ee0b1fcac4502a196b8de7936589c100fc49fe_amd64",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:741e2650528085ebfe65969d5c48ab7f3f258d73f0a35e9f0ca0ff2186a64072_ppc64le",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:cb292b971baf4de9f13b913ef0f3e391c1b12919175ae9dab43d18a70f4411a2_s390x",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:efea4d960bce51d34f2021b08ed5134f99f2bbbe759e550bf5bb4787ec40539e_amd64",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:70ac5c215c4fc78e0b89c46bfa537f9bfb835af1897708f9cb181648659311d2_amd64",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:92891c316760203637d3739fc7fe5a6801e3b11faf22b405559dc1c05adbf6b2_s390x",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:a929eb292b97c9fc5d573a1ce5dc283268e189ec271abca29e183769b7f8ab86_ppc64le",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:677b3ce8d509429000a0696e05518ea9d4e69533407480b7728e523375c5303b_ppc64le",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:6a70f3e63cb4d87e96f54e3f2075a7f8cacaa10c92efe71c4d4bb5a43e4f1247_s390x",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:7d585ce8bce9b7ab571bf8a893bda495d255601e14b8a8aa516d0524545748dc_amd64",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:58218f2ce601e03f87858ada727cf52e964f0212124001740bf305dc36e67fbd_amd64",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:616fe916fe4bdf7cf26f1463b7df306bd63772eb31bdf83f70c42db9775765e5_s390x",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:98f3e811e3c8ebec180a6dc58353f72acf0dffad608b59d091af5f1887d37e05_ppc64le",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:1aab5a0eeaf68576aa5a0793cbe220bb8a783ec5670aa46240b88530897db345_amd64",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:6d121ae6d94afb5d723730e63fcd49c5cfaa1f2518cdb534215399a1f08ff040_s390x",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:d68cced8fab3fd16ddaaf45fe0c5498b60a4a09a2b5c4e5f984529d041d13708_ppc64le",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:5692486f392037c261b89bdf1004ac8982002c3c7e15cf3babcd3031970b3844_amd64",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:5cee29e36e341486bd91b8e578c9fd5a3fb657cbd6c6249dd69bb0a6e5b57dfd_s390x",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:92c07684e0deb9c515e509853d2d58a714b655f8be48be942f1da12da5cc65e0_ppc64le",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:2d9d7bacf93ceeca7b410e16fa84cb48c5c04092ac7e5ba22681b96abd0cf228_amd64",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:98be37c2d983b7af80f0c8527d6297eaf7177ee52457979b45d13cdd27976004_s390x",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:c57424174146743c9185105ae51c49e578a9dae1ca53375879a730704a5a686f_ppc64le",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:03d2025cc1fe797a3c54206cf37323e4bc6bc1c4197b70377bef7f727e33ed1b_s390x",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:15b8c0c6c6ed150183d8039fda25fa3986a55c8e7571b6d07f19eb91d51ae976_ppc64le",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:83afeb4a5ae28f1193261a4f942c400854fc2b2148bdf38c54706e72b345786b_amd64",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:55275214e27d4620bd2e4caf7a1a24598762fc1eff67c072e9c53fff4a633dca_amd64",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:804e08e8331a96e87c20889ff7f03816d17ec35e18e0449beb8337b82aa30000_ppc64le",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:fc0edac05e35fc4cca42cbc81979c54e4db440e340acca6c4c56dc5a3ece6cf7_s390x",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:53d4e87eb1ef3a63a42539ea20be463b3cbb76fe93a80d9dc5fb65253120402c_s390x",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:6fb45a6f9e4dd9a29e87c20b70758041f54b439cde439435aebecff002dd19fb_amd64",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:81e13f10bfa13edbf62318ce58f93f681dc61776e5871e8710e8cf8e0cb86416_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto"
},
{
"cve": "CVE-2024-45338",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2024-12-18T21:00:59.938173+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHOSDS-3:devspaces-tech-preview/idea-rhel9@sha256:56808324fd8f18efcaf1143c062b4611d4daf92d2b3827b6744b7103e6862eb5_amd64",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:03465af90654f18716911c227ad49422cda691bdea686936df1d37dcc058e485_ppc64le",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:7d2e2198bc93f6955477a3ec4f63a38b78273ea1007850c48ace3bb16c9666b1_s390x",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:90a61893d9127600dd108fedf9ee0b1fcac4502a196b8de7936589c100fc49fe_amd64",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:741e2650528085ebfe65969d5c48ab7f3f258d73f0a35e9f0ca0ff2186a64072_ppc64le",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:cb292b971baf4de9f13b913ef0f3e391c1b12919175ae9dab43d18a70f4411a2_s390x",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:efea4d960bce51d34f2021b08ed5134f99f2bbbe759e550bf5bb4787ec40539e_amd64",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:70ac5c215c4fc78e0b89c46bfa537f9bfb835af1897708f9cb181648659311d2_amd64",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:92891c316760203637d3739fc7fe5a6801e3b11faf22b405559dc1c05adbf6b2_s390x",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:a929eb292b97c9fc5d573a1ce5dc283268e189ec271abca29e183769b7f8ab86_ppc64le",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:677b3ce8d509429000a0696e05518ea9d4e69533407480b7728e523375c5303b_ppc64le",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:6a70f3e63cb4d87e96f54e3f2075a7f8cacaa10c92efe71c4d4bb5a43e4f1247_s390x",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:7d585ce8bce9b7ab571bf8a893bda495d255601e14b8a8aa516d0524545748dc_amd64",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:1aab5a0eeaf68576aa5a0793cbe220bb8a783ec5670aa46240b88530897db345_amd64",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:6d121ae6d94afb5d723730e63fcd49c5cfaa1f2518cdb534215399a1f08ff040_s390x",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:d68cced8fab3fd16ddaaf45fe0c5498b60a4a09a2b5c4e5f984529d041d13708_ppc64le",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:5692486f392037c261b89bdf1004ac8982002c3c7e15cf3babcd3031970b3844_amd64",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:5cee29e36e341486bd91b8e578c9fd5a3fb657cbd6c6249dd69bb0a6e5b57dfd_s390x",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:92c07684e0deb9c515e509853d2d58a714b655f8be48be942f1da12da5cc65e0_ppc64le",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:2d9d7bacf93ceeca7b410e16fa84cb48c5c04092ac7e5ba22681b96abd0cf228_amd64",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:98be37c2d983b7af80f0c8527d6297eaf7177ee52457979b45d13cdd27976004_s390x",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:c57424174146743c9185105ae51c49e578a9dae1ca53375879a730704a5a686f_ppc64le",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:03d2025cc1fe797a3c54206cf37323e4bc6bc1c4197b70377bef7f727e33ed1b_s390x",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:15b8c0c6c6ed150183d8039fda25fa3986a55c8e7571b6d07f19eb91d51ae976_ppc64le",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:83afeb4a5ae28f1193261a4f942c400854fc2b2148bdf38c54706e72b345786b_amd64",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:55275214e27d4620bd2e4caf7a1a24598762fc1eff67c072e9c53fff4a633dca_amd64",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:804e08e8331a96e87c20889ff7f03816d17ec35e18e0449beb8337b82aa30000_ppc64le",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:fc0edac05e35fc4cca42cbc81979c54e4db440e340acca6c4c56dc5a3ece6cf7_s390x",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:53d4e87eb1ef3a63a42539ea20be463b3cbb76fe93a80d9dc5fb65253120402c_s390x",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:6fb45a6f9e4dd9a29e87c20b70758041f54b439cde439435aebecff002dd19fb_amd64",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:81e13f10bfa13edbf62318ce58f93f681dc61776e5871e8710e8cf8e0cb86416_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2333122"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/net/html. This flaw allows an attacker to craft input to the parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This issue can cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as an Important severity because an attacker can craft malicious input that causes the parsing functions to process data non-linearly, resulting in significant delays which leads to a denial of service by exhausting system resources.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:58218f2ce601e03f87858ada727cf52e964f0212124001740bf305dc36e67fbd_amd64",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:616fe916fe4bdf7cf26f1463b7df306bd63772eb31bdf83f70c42db9775765e5_s390x",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:98f3e811e3c8ebec180a6dc58353f72acf0dffad608b59d091af5f1887d37e05_ppc64le"
],
"known_not_affected": [
"9Base-RHOSDS-3:devspaces-tech-preview/idea-rhel9@sha256:56808324fd8f18efcaf1143c062b4611d4daf92d2b3827b6744b7103e6862eb5_amd64",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:03465af90654f18716911c227ad49422cda691bdea686936df1d37dcc058e485_ppc64le",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:7d2e2198bc93f6955477a3ec4f63a38b78273ea1007850c48ace3bb16c9666b1_s390x",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:90a61893d9127600dd108fedf9ee0b1fcac4502a196b8de7936589c100fc49fe_amd64",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:741e2650528085ebfe65969d5c48ab7f3f258d73f0a35e9f0ca0ff2186a64072_ppc64le",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:cb292b971baf4de9f13b913ef0f3e391c1b12919175ae9dab43d18a70f4411a2_s390x",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:efea4d960bce51d34f2021b08ed5134f99f2bbbe759e550bf5bb4787ec40539e_amd64",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:70ac5c215c4fc78e0b89c46bfa537f9bfb835af1897708f9cb181648659311d2_amd64",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:92891c316760203637d3739fc7fe5a6801e3b11faf22b405559dc1c05adbf6b2_s390x",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:a929eb292b97c9fc5d573a1ce5dc283268e189ec271abca29e183769b7f8ab86_ppc64le",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:677b3ce8d509429000a0696e05518ea9d4e69533407480b7728e523375c5303b_ppc64le",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:6a70f3e63cb4d87e96f54e3f2075a7f8cacaa10c92efe71c4d4bb5a43e4f1247_s390x",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:7d585ce8bce9b7ab571bf8a893bda495d255601e14b8a8aa516d0524545748dc_amd64",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:1aab5a0eeaf68576aa5a0793cbe220bb8a783ec5670aa46240b88530897db345_amd64",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:6d121ae6d94afb5d723730e63fcd49c5cfaa1f2518cdb534215399a1f08ff040_s390x",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:d68cced8fab3fd16ddaaf45fe0c5498b60a4a09a2b5c4e5f984529d041d13708_ppc64le",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:5692486f392037c261b89bdf1004ac8982002c3c7e15cf3babcd3031970b3844_amd64",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:5cee29e36e341486bd91b8e578c9fd5a3fb657cbd6c6249dd69bb0a6e5b57dfd_s390x",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:92c07684e0deb9c515e509853d2d58a714b655f8be48be942f1da12da5cc65e0_ppc64le",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:2d9d7bacf93ceeca7b410e16fa84cb48c5c04092ac7e5ba22681b96abd0cf228_amd64",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:98be37c2d983b7af80f0c8527d6297eaf7177ee52457979b45d13cdd27976004_s390x",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:c57424174146743c9185105ae51c49e578a9dae1ca53375879a730704a5a686f_ppc64le",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:03d2025cc1fe797a3c54206cf37323e4bc6bc1c4197b70377bef7f727e33ed1b_s390x",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:15b8c0c6c6ed150183d8039fda25fa3986a55c8e7571b6d07f19eb91d51ae976_ppc64le",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:83afeb4a5ae28f1193261a4f942c400854fc2b2148bdf38c54706e72b345786b_amd64",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:55275214e27d4620bd2e4caf7a1a24598762fc1eff67c072e9c53fff4a633dca_amd64",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:804e08e8331a96e87c20889ff7f03816d17ec35e18e0449beb8337b82aa30000_ppc64le",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:fc0edac05e35fc4cca42cbc81979c54e4db440e340acca6c4c56dc5a3ece6cf7_s390x",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:53d4e87eb1ef3a63a42539ea20be463b3cbb76fe93a80d9dc5fb65253120402c_s390x",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:6fb45a6f9e4dd9a29e87c20b70758041f54b439cde439435aebecff002dd19fb_amd64",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:81e13f10bfa13edbf62318ce58f93f681dc61776e5871e8710e8cf8e0cb86416_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45338"
},
{
"category": "external",
"summary": "RHBZ#2333122",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2333122"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45338",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45338"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45338",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45338"
},
{
"category": "external",
"summary": "https://go.dev/cl/637536",
"url": "https://go.dev/cl/637536"
},
{
"category": "external",
"summary": "https://go.dev/issue/70906",
"url": "https://go.dev/issue/70906"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/wSCRmFnNmPA/m/Lvcd0mRMAwAJ",
"url": "https://groups.google.com/g/golang-announce/c/wSCRmFnNmPA/m/Lvcd0mRMAwAJ"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3333",
"url": "https://pkg.go.dev/vuln/GO-2024-3333"
}
],
"release_date": "2024-12-18T20:38:22.660000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-02-03T16:38:18+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:58218f2ce601e03f87858ada727cf52e964f0212124001740bf305dc36e67fbd_amd64",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:616fe916fe4bdf7cf26f1463b7df306bd63772eb31bdf83f70c42db9775765e5_s390x",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:98f3e811e3c8ebec180a6dc58353f72acf0dffad608b59d091af5f1887d37e05_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:0892"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHOSDS-3:devspaces-tech-preview/idea-rhel9@sha256:56808324fd8f18efcaf1143c062b4611d4daf92d2b3827b6744b7103e6862eb5_amd64",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:03465af90654f18716911c227ad49422cda691bdea686936df1d37dcc058e485_ppc64le",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:7d2e2198bc93f6955477a3ec4f63a38b78273ea1007850c48ace3bb16c9666b1_s390x",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:90a61893d9127600dd108fedf9ee0b1fcac4502a196b8de7936589c100fc49fe_amd64",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:741e2650528085ebfe65969d5c48ab7f3f258d73f0a35e9f0ca0ff2186a64072_ppc64le",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:cb292b971baf4de9f13b913ef0f3e391c1b12919175ae9dab43d18a70f4411a2_s390x",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:efea4d960bce51d34f2021b08ed5134f99f2bbbe759e550bf5bb4787ec40539e_amd64",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:70ac5c215c4fc78e0b89c46bfa537f9bfb835af1897708f9cb181648659311d2_amd64",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:92891c316760203637d3739fc7fe5a6801e3b11faf22b405559dc1c05adbf6b2_s390x",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:a929eb292b97c9fc5d573a1ce5dc283268e189ec271abca29e183769b7f8ab86_ppc64le",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:677b3ce8d509429000a0696e05518ea9d4e69533407480b7728e523375c5303b_ppc64le",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:6a70f3e63cb4d87e96f54e3f2075a7f8cacaa10c92efe71c4d4bb5a43e4f1247_s390x",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:7d585ce8bce9b7ab571bf8a893bda495d255601e14b8a8aa516d0524545748dc_amd64",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:58218f2ce601e03f87858ada727cf52e964f0212124001740bf305dc36e67fbd_amd64",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:616fe916fe4bdf7cf26f1463b7df306bd63772eb31bdf83f70c42db9775765e5_s390x",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:98f3e811e3c8ebec180a6dc58353f72acf0dffad608b59d091af5f1887d37e05_ppc64le",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:1aab5a0eeaf68576aa5a0793cbe220bb8a783ec5670aa46240b88530897db345_amd64",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:6d121ae6d94afb5d723730e63fcd49c5cfaa1f2518cdb534215399a1f08ff040_s390x",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:d68cced8fab3fd16ddaaf45fe0c5498b60a4a09a2b5c4e5f984529d041d13708_ppc64le",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:5692486f392037c261b89bdf1004ac8982002c3c7e15cf3babcd3031970b3844_amd64",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:5cee29e36e341486bd91b8e578c9fd5a3fb657cbd6c6249dd69bb0a6e5b57dfd_s390x",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:92c07684e0deb9c515e509853d2d58a714b655f8be48be942f1da12da5cc65e0_ppc64le",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:2d9d7bacf93ceeca7b410e16fa84cb48c5c04092ac7e5ba22681b96abd0cf228_amd64",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:98be37c2d983b7af80f0c8527d6297eaf7177ee52457979b45d13cdd27976004_s390x",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:c57424174146743c9185105ae51c49e578a9dae1ca53375879a730704a5a686f_ppc64le",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:03d2025cc1fe797a3c54206cf37323e4bc6bc1c4197b70377bef7f727e33ed1b_s390x",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:15b8c0c6c6ed150183d8039fda25fa3986a55c8e7571b6d07f19eb91d51ae976_ppc64le",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:83afeb4a5ae28f1193261a4f942c400854fc2b2148bdf38c54706e72b345786b_amd64",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:55275214e27d4620bd2e4caf7a1a24598762fc1eff67c072e9c53fff4a633dca_amd64",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:804e08e8331a96e87c20889ff7f03816d17ec35e18e0449beb8337b82aa30000_ppc64le",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:fc0edac05e35fc4cca42cbc81979c54e4db440e340acca6c4c56dc5a3ece6cf7_s390x",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:53d4e87eb1ef3a63a42539ea20be463b3cbb76fe93a80d9dc5fb65253120402c_s390x",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:6fb45a6f9e4dd9a29e87c20b70758041f54b439cde439435aebecff002dd19fb_amd64",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:81e13f10bfa13edbf62318ce58f93f681dc61776e5871e8710e8cf8e0cb86416_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html"
},
{
"cve": "CVE-2024-45801",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2024-09-16T19:20:09.863249+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHOSDS-3:devspaces-tech-preview/idea-rhel9@sha256:56808324fd8f18efcaf1143c062b4611d4daf92d2b3827b6744b7103e6862eb5_amd64",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:741e2650528085ebfe65969d5c48ab7f3f258d73f0a35e9f0ca0ff2186a64072_ppc64le",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:cb292b971baf4de9f13b913ef0f3e391c1b12919175ae9dab43d18a70f4411a2_s390x",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:efea4d960bce51d34f2021b08ed5134f99f2bbbe759e550bf5bb4787ec40539e_amd64",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:70ac5c215c4fc78e0b89c46bfa537f9bfb835af1897708f9cb181648659311d2_amd64",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:92891c316760203637d3739fc7fe5a6801e3b11faf22b405559dc1c05adbf6b2_s390x",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:a929eb292b97c9fc5d573a1ce5dc283268e189ec271abca29e183769b7f8ab86_ppc64le",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:677b3ce8d509429000a0696e05518ea9d4e69533407480b7728e523375c5303b_ppc64le",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:6a70f3e63cb4d87e96f54e3f2075a7f8cacaa10c92efe71c4d4bb5a43e4f1247_s390x",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:7d585ce8bce9b7ab571bf8a893bda495d255601e14b8a8aa516d0524545748dc_amd64",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:58218f2ce601e03f87858ada727cf52e964f0212124001740bf305dc36e67fbd_amd64",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:616fe916fe4bdf7cf26f1463b7df306bd63772eb31bdf83f70c42db9775765e5_s390x",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:98f3e811e3c8ebec180a6dc58353f72acf0dffad608b59d091af5f1887d37e05_ppc64le",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:1aab5a0eeaf68576aa5a0793cbe220bb8a783ec5670aa46240b88530897db345_amd64",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:6d121ae6d94afb5d723730e63fcd49c5cfaa1f2518cdb534215399a1f08ff040_s390x",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:d68cced8fab3fd16ddaaf45fe0c5498b60a4a09a2b5c4e5f984529d041d13708_ppc64le",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:5692486f392037c261b89bdf1004ac8982002c3c7e15cf3babcd3031970b3844_amd64",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:5cee29e36e341486bd91b8e578c9fd5a3fb657cbd6c6249dd69bb0a6e5b57dfd_s390x",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:92c07684e0deb9c515e509853d2d58a714b655f8be48be942f1da12da5cc65e0_ppc64le",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:2d9d7bacf93ceeca7b410e16fa84cb48c5c04092ac7e5ba22681b96abd0cf228_amd64",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:98be37c2d983b7af80f0c8527d6297eaf7177ee52457979b45d13cdd27976004_s390x",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:c57424174146743c9185105ae51c49e578a9dae1ca53375879a730704a5a686f_ppc64le",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:03d2025cc1fe797a3c54206cf37323e4bc6bc1c4197b70377bef7f727e33ed1b_s390x",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:15b8c0c6c6ed150183d8039fda25fa3986a55c8e7571b6d07f19eb91d51ae976_ppc64le",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:83afeb4a5ae28f1193261a4f942c400854fc2b2148bdf38c54706e72b345786b_amd64",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:55275214e27d4620bd2e4caf7a1a24598762fc1eff67c072e9c53fff4a633dca_amd64",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:804e08e8331a96e87c20889ff7f03816d17ec35e18e0449beb8337b82aa30000_ppc64le",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:fc0edac05e35fc4cca42cbc81979c54e4db440e340acca6c4c56dc5a3ece6cf7_s390x",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:53d4e87eb1ef3a63a42539ea20be463b3cbb76fe93a80d9dc5fb65253120402c_s390x",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:6fb45a6f9e4dd9a29e87c20b70758041f54b439cde439435aebecff002dd19fb_amd64",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:81e13f10bfa13edbf62318ce58f93f681dc61776e5871e8710e8cf8e0cb86416_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2312631"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in DOMPurify. This issue may allow an attacker to use specially-crafted HTML to bypass the depth checking or use Prototype Pollution to weaken the depth check, which can lead to cross site scripting (XSS) attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "dompurify: XSS vulnerability via prototype pollution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The vulnerability in DOMPurify, while significant, is categorized as moderate severity rather than important due to its specific conditions for exploitation. The issue requires not only a sophisticated nesting technique to bypass the depth checks but also the ability to leverage Prototype Pollution to weaken these protections. This makes the attack scenario relatively complex and less likely to be encountered in general use cases. Furthermore, the flaw impacts only certain configurations and usage patterns, thus reducing its immediate risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:03465af90654f18716911c227ad49422cda691bdea686936df1d37dcc058e485_ppc64le",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:7d2e2198bc93f6955477a3ec4f63a38b78273ea1007850c48ace3bb16c9666b1_s390x",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:90a61893d9127600dd108fedf9ee0b1fcac4502a196b8de7936589c100fc49fe_amd64"
],
"known_not_affected": [
"9Base-RHOSDS-3:devspaces-tech-preview/idea-rhel9@sha256:56808324fd8f18efcaf1143c062b4611d4daf92d2b3827b6744b7103e6862eb5_amd64",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:741e2650528085ebfe65969d5c48ab7f3f258d73f0a35e9f0ca0ff2186a64072_ppc64le",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:cb292b971baf4de9f13b913ef0f3e391c1b12919175ae9dab43d18a70f4411a2_s390x",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:efea4d960bce51d34f2021b08ed5134f99f2bbbe759e550bf5bb4787ec40539e_amd64",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:70ac5c215c4fc78e0b89c46bfa537f9bfb835af1897708f9cb181648659311d2_amd64",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:92891c316760203637d3739fc7fe5a6801e3b11faf22b405559dc1c05adbf6b2_s390x",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:a929eb292b97c9fc5d573a1ce5dc283268e189ec271abca29e183769b7f8ab86_ppc64le",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:677b3ce8d509429000a0696e05518ea9d4e69533407480b7728e523375c5303b_ppc64le",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:6a70f3e63cb4d87e96f54e3f2075a7f8cacaa10c92efe71c4d4bb5a43e4f1247_s390x",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:7d585ce8bce9b7ab571bf8a893bda495d255601e14b8a8aa516d0524545748dc_amd64",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:58218f2ce601e03f87858ada727cf52e964f0212124001740bf305dc36e67fbd_amd64",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:616fe916fe4bdf7cf26f1463b7df306bd63772eb31bdf83f70c42db9775765e5_s390x",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:98f3e811e3c8ebec180a6dc58353f72acf0dffad608b59d091af5f1887d37e05_ppc64le",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:1aab5a0eeaf68576aa5a0793cbe220bb8a783ec5670aa46240b88530897db345_amd64",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:6d121ae6d94afb5d723730e63fcd49c5cfaa1f2518cdb534215399a1f08ff040_s390x",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:d68cced8fab3fd16ddaaf45fe0c5498b60a4a09a2b5c4e5f984529d041d13708_ppc64le",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:5692486f392037c261b89bdf1004ac8982002c3c7e15cf3babcd3031970b3844_amd64",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:5cee29e36e341486bd91b8e578c9fd5a3fb657cbd6c6249dd69bb0a6e5b57dfd_s390x",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:92c07684e0deb9c515e509853d2d58a714b655f8be48be942f1da12da5cc65e0_ppc64le",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:2d9d7bacf93ceeca7b410e16fa84cb48c5c04092ac7e5ba22681b96abd0cf228_amd64",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:98be37c2d983b7af80f0c8527d6297eaf7177ee52457979b45d13cdd27976004_s390x",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:c57424174146743c9185105ae51c49e578a9dae1ca53375879a730704a5a686f_ppc64le",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:03d2025cc1fe797a3c54206cf37323e4bc6bc1c4197b70377bef7f727e33ed1b_s390x",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:15b8c0c6c6ed150183d8039fda25fa3986a55c8e7571b6d07f19eb91d51ae976_ppc64le",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:83afeb4a5ae28f1193261a4f942c400854fc2b2148bdf38c54706e72b345786b_amd64",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:55275214e27d4620bd2e4caf7a1a24598762fc1eff67c072e9c53fff4a633dca_amd64",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:804e08e8331a96e87c20889ff7f03816d17ec35e18e0449beb8337b82aa30000_ppc64le",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:fc0edac05e35fc4cca42cbc81979c54e4db440e340acca6c4c56dc5a3ece6cf7_s390x",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:53d4e87eb1ef3a63a42539ea20be463b3cbb76fe93a80d9dc5fb65253120402c_s390x",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:6fb45a6f9e4dd9a29e87c20b70758041f54b439cde439435aebecff002dd19fb_amd64",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:81e13f10bfa13edbf62318ce58f93f681dc61776e5871e8710e8cf8e0cb86416_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45801"
},
{
"category": "external",
"summary": "RHBZ#2312631",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312631"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45801",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45801"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45801",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45801"
},
{
"category": "external",
"summary": "https://github.com/cure53/DOMPurify/commit/1e520262bf4c66b5efda49e2316d6d1246ca7b21",
"url": "https://github.com/cure53/DOMPurify/commit/1e520262bf4c66b5efda49e2316d6d1246ca7b21"
},
{
"category": "external",
"summary": "https://github.com/cure53/DOMPurify/commit/26e1d69ca7f769f5c558619d644d90dd8bf26ebc",
"url": "https://github.com/cure53/DOMPurify/commit/26e1d69ca7f769f5c558619d644d90dd8bf26ebc"
},
{
"category": "external",
"summary": "https://github.com/cure53/DOMPurify/security/advisories/GHSA-mmhx-hmjr-r674",
"url": "https://github.com/cure53/DOMPurify/security/advisories/GHSA-mmhx-hmjr-r674"
}
],
"release_date": "2024-09-16T19:16:11.080000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-02-03T16:38:18+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:03465af90654f18716911c227ad49422cda691bdea686936df1d37dcc058e485_ppc64le",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:7d2e2198bc93f6955477a3ec4f63a38b78273ea1007850c48ace3bb16c9666b1_s390x",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:90a61893d9127600dd108fedf9ee0b1fcac4502a196b8de7936589c100fc49fe_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:0892"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHOSDS-3:devspaces-tech-preview/idea-rhel9@sha256:56808324fd8f18efcaf1143c062b4611d4daf92d2b3827b6744b7103e6862eb5_amd64",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:03465af90654f18716911c227ad49422cda691bdea686936df1d37dcc058e485_ppc64le",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:7d2e2198bc93f6955477a3ec4f63a38b78273ea1007850c48ace3bb16c9666b1_s390x",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:90a61893d9127600dd108fedf9ee0b1fcac4502a196b8de7936589c100fc49fe_amd64",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:741e2650528085ebfe65969d5c48ab7f3f258d73f0a35e9f0ca0ff2186a64072_ppc64le",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:cb292b971baf4de9f13b913ef0f3e391c1b12919175ae9dab43d18a70f4411a2_s390x",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:efea4d960bce51d34f2021b08ed5134f99f2bbbe759e550bf5bb4787ec40539e_amd64",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:70ac5c215c4fc78e0b89c46bfa537f9bfb835af1897708f9cb181648659311d2_amd64",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:92891c316760203637d3739fc7fe5a6801e3b11faf22b405559dc1c05adbf6b2_s390x",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:a929eb292b97c9fc5d573a1ce5dc283268e189ec271abca29e183769b7f8ab86_ppc64le",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:677b3ce8d509429000a0696e05518ea9d4e69533407480b7728e523375c5303b_ppc64le",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:6a70f3e63cb4d87e96f54e3f2075a7f8cacaa10c92efe71c4d4bb5a43e4f1247_s390x",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:7d585ce8bce9b7ab571bf8a893bda495d255601e14b8a8aa516d0524545748dc_amd64",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:58218f2ce601e03f87858ada727cf52e964f0212124001740bf305dc36e67fbd_amd64",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:616fe916fe4bdf7cf26f1463b7df306bd63772eb31bdf83f70c42db9775765e5_s390x",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:98f3e811e3c8ebec180a6dc58353f72acf0dffad608b59d091af5f1887d37e05_ppc64le",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:1aab5a0eeaf68576aa5a0793cbe220bb8a783ec5670aa46240b88530897db345_amd64",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:6d121ae6d94afb5d723730e63fcd49c5cfaa1f2518cdb534215399a1f08ff040_s390x",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:d68cced8fab3fd16ddaaf45fe0c5498b60a4a09a2b5c4e5f984529d041d13708_ppc64le",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:5692486f392037c261b89bdf1004ac8982002c3c7e15cf3babcd3031970b3844_amd64",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:5cee29e36e341486bd91b8e578c9fd5a3fb657cbd6c6249dd69bb0a6e5b57dfd_s390x",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:92c07684e0deb9c515e509853d2d58a714b655f8be48be942f1da12da5cc65e0_ppc64le",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:2d9d7bacf93ceeca7b410e16fa84cb48c5c04092ac7e5ba22681b96abd0cf228_amd64",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:98be37c2d983b7af80f0c8527d6297eaf7177ee52457979b45d13cdd27976004_s390x",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:c57424174146743c9185105ae51c49e578a9dae1ca53375879a730704a5a686f_ppc64le",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:03d2025cc1fe797a3c54206cf37323e4bc6bc1c4197b70377bef7f727e33ed1b_s390x",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:15b8c0c6c6ed150183d8039fda25fa3986a55c8e7571b6d07f19eb91d51ae976_ppc64le",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:83afeb4a5ae28f1193261a4f942c400854fc2b2148bdf38c54706e72b345786b_amd64",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:55275214e27d4620bd2e4caf7a1a24598762fc1eff67c072e9c53fff4a633dca_amd64",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:804e08e8331a96e87c20889ff7f03816d17ec35e18e0449beb8337b82aa30000_ppc64le",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:fc0edac05e35fc4cca42cbc81979c54e4db440e340acca6c4c56dc5a3ece6cf7_s390x",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:53d4e87eb1ef3a63a42539ea20be463b3cbb76fe93a80d9dc5fb65253120402c_s390x",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:6fb45a6f9e4dd9a29e87c20b70758041f54b439cde439435aebecff002dd19fb_amd64",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:81e13f10bfa13edbf62318ce58f93f681dc61776e5871e8710e8cf8e0cb86416_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:L",
"version": "3.1"
},
"products": [
"9Base-RHOSDS-3:devspaces-tech-preview/idea-rhel9@sha256:56808324fd8f18efcaf1143c062b4611d4daf92d2b3827b6744b7103e6862eb5_amd64",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:03465af90654f18716911c227ad49422cda691bdea686936df1d37dcc058e485_ppc64le",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:7d2e2198bc93f6955477a3ec4f63a38b78273ea1007850c48ace3bb16c9666b1_s390x",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:90a61893d9127600dd108fedf9ee0b1fcac4502a196b8de7936589c100fc49fe_amd64",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:741e2650528085ebfe65969d5c48ab7f3f258d73f0a35e9f0ca0ff2186a64072_ppc64le",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:cb292b971baf4de9f13b913ef0f3e391c1b12919175ae9dab43d18a70f4411a2_s390x",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:efea4d960bce51d34f2021b08ed5134f99f2bbbe759e550bf5bb4787ec40539e_amd64",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:70ac5c215c4fc78e0b89c46bfa537f9bfb835af1897708f9cb181648659311d2_amd64",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:92891c316760203637d3739fc7fe5a6801e3b11faf22b405559dc1c05adbf6b2_s390x",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:a929eb292b97c9fc5d573a1ce5dc283268e189ec271abca29e183769b7f8ab86_ppc64le",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:677b3ce8d509429000a0696e05518ea9d4e69533407480b7728e523375c5303b_ppc64le",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:6a70f3e63cb4d87e96f54e3f2075a7f8cacaa10c92efe71c4d4bb5a43e4f1247_s390x",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:7d585ce8bce9b7ab571bf8a893bda495d255601e14b8a8aa516d0524545748dc_amd64",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:58218f2ce601e03f87858ada727cf52e964f0212124001740bf305dc36e67fbd_amd64",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:616fe916fe4bdf7cf26f1463b7df306bd63772eb31bdf83f70c42db9775765e5_s390x",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:98f3e811e3c8ebec180a6dc58353f72acf0dffad608b59d091af5f1887d37e05_ppc64le",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:1aab5a0eeaf68576aa5a0793cbe220bb8a783ec5670aa46240b88530897db345_amd64",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:6d121ae6d94afb5d723730e63fcd49c5cfaa1f2518cdb534215399a1f08ff040_s390x",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:d68cced8fab3fd16ddaaf45fe0c5498b60a4a09a2b5c4e5f984529d041d13708_ppc64le",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:5692486f392037c261b89bdf1004ac8982002c3c7e15cf3babcd3031970b3844_amd64",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:5cee29e36e341486bd91b8e578c9fd5a3fb657cbd6c6249dd69bb0a6e5b57dfd_s390x",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:92c07684e0deb9c515e509853d2d58a714b655f8be48be942f1da12da5cc65e0_ppc64le",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:2d9d7bacf93ceeca7b410e16fa84cb48c5c04092ac7e5ba22681b96abd0cf228_amd64",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:98be37c2d983b7af80f0c8527d6297eaf7177ee52457979b45d13cdd27976004_s390x",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:c57424174146743c9185105ae51c49e578a9dae1ca53375879a730704a5a686f_ppc64le",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:03d2025cc1fe797a3c54206cf37323e4bc6bc1c4197b70377bef7f727e33ed1b_s390x",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:15b8c0c6c6ed150183d8039fda25fa3986a55c8e7571b6d07f19eb91d51ae976_ppc64le",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:83afeb4a5ae28f1193261a4f942c400854fc2b2148bdf38c54706e72b345786b_amd64",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:55275214e27d4620bd2e4caf7a1a24598762fc1eff67c072e9c53fff4a633dca_amd64",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:804e08e8331a96e87c20889ff7f03816d17ec35e18e0449beb8337b82aa30000_ppc64le",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:fc0edac05e35fc4cca42cbc81979c54e4db440e340acca6c4c56dc5a3ece6cf7_s390x",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:53d4e87eb1ef3a63a42539ea20be463b3cbb76fe93a80d9dc5fb65253120402c_s390x",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:6fb45a6f9e4dd9a29e87c20b70758041f54b439cde439435aebecff002dd19fb_amd64",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:81e13f10bfa13edbf62318ce58f93f681dc61776e5871e8710e8cf8e0cb86416_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "dompurify: XSS vulnerability via prototype pollution"
},
{
"cve": "CVE-2024-55565",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2024-12-09T02:00:45.255738+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHOSDS-3:devspaces-tech-preview/idea-rhel9@sha256:56808324fd8f18efcaf1143c062b4611d4daf92d2b3827b6744b7103e6862eb5_amd64",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:741e2650528085ebfe65969d5c48ab7f3f258d73f0a35e9f0ca0ff2186a64072_ppc64le",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:cb292b971baf4de9f13b913ef0f3e391c1b12919175ae9dab43d18a70f4411a2_s390x",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:efea4d960bce51d34f2021b08ed5134f99f2bbbe759e550bf5bb4787ec40539e_amd64",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:677b3ce8d509429000a0696e05518ea9d4e69533407480b7728e523375c5303b_ppc64le",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:6a70f3e63cb4d87e96f54e3f2075a7f8cacaa10c92efe71c4d4bb5a43e4f1247_s390x",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:7d585ce8bce9b7ab571bf8a893bda495d255601e14b8a8aa516d0524545748dc_amd64",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:58218f2ce601e03f87858ada727cf52e964f0212124001740bf305dc36e67fbd_amd64",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:616fe916fe4bdf7cf26f1463b7df306bd63772eb31bdf83f70c42db9775765e5_s390x",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:98f3e811e3c8ebec180a6dc58353f72acf0dffad608b59d091af5f1887d37e05_ppc64le",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:1aab5a0eeaf68576aa5a0793cbe220bb8a783ec5670aa46240b88530897db345_amd64",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:6d121ae6d94afb5d723730e63fcd49c5cfaa1f2518cdb534215399a1f08ff040_s390x",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:d68cced8fab3fd16ddaaf45fe0c5498b60a4a09a2b5c4e5f984529d041d13708_ppc64le",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:5692486f392037c261b89bdf1004ac8982002c3c7e15cf3babcd3031970b3844_amd64",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:5cee29e36e341486bd91b8e578c9fd5a3fb657cbd6c6249dd69bb0a6e5b57dfd_s390x",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:92c07684e0deb9c515e509853d2d58a714b655f8be48be942f1da12da5cc65e0_ppc64le",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:2d9d7bacf93ceeca7b410e16fa84cb48c5c04092ac7e5ba22681b96abd0cf228_amd64",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:98be37c2d983b7af80f0c8527d6297eaf7177ee52457979b45d13cdd27976004_s390x",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:c57424174146743c9185105ae51c49e578a9dae1ca53375879a730704a5a686f_ppc64le",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:03d2025cc1fe797a3c54206cf37323e4bc6bc1c4197b70377bef7f727e33ed1b_s390x",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:15b8c0c6c6ed150183d8039fda25fa3986a55c8e7571b6d07f19eb91d51ae976_ppc64le",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:83afeb4a5ae28f1193261a4f942c400854fc2b2148bdf38c54706e72b345786b_amd64",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:55275214e27d4620bd2e4caf7a1a24598762fc1eff67c072e9c53fff4a633dca_amd64",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:804e08e8331a96e87c20889ff7f03816d17ec35e18e0449beb8337b82aa30000_ppc64le",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:fc0edac05e35fc4cca42cbc81979c54e4db440e340acca6c4c56dc5a3ece6cf7_s390x",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:53d4e87eb1ef3a63a42539ea20be463b3cbb76fe93a80d9dc5fb65253120402c_s390x",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:6fb45a6f9e4dd9a29e87c20b70758041f54b439cde439435aebecff002dd19fb_amd64",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:81e13f10bfa13edbf62318ce58f93f681dc61776e5871e8710e8cf8e0cb86416_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2331063"
}
],
"notes": [
{
"category": "description",
"text": "nanoid (aka Nano ID) before 5.0.9 mishandles non-integer values. 3.3.8 is also a fixed version.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nanoid: nanoid mishandles non-integer values",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:03465af90654f18716911c227ad49422cda691bdea686936df1d37dcc058e485_ppc64le",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:7d2e2198bc93f6955477a3ec4f63a38b78273ea1007850c48ace3bb16c9666b1_s390x",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:90a61893d9127600dd108fedf9ee0b1fcac4502a196b8de7936589c100fc49fe_amd64",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:70ac5c215c4fc78e0b89c46bfa537f9bfb835af1897708f9cb181648659311d2_amd64",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:92891c316760203637d3739fc7fe5a6801e3b11faf22b405559dc1c05adbf6b2_s390x",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:a929eb292b97c9fc5d573a1ce5dc283268e189ec271abca29e183769b7f8ab86_ppc64le"
],
"known_not_affected": [
"9Base-RHOSDS-3:devspaces-tech-preview/idea-rhel9@sha256:56808324fd8f18efcaf1143c062b4611d4daf92d2b3827b6744b7103e6862eb5_amd64",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:741e2650528085ebfe65969d5c48ab7f3f258d73f0a35e9f0ca0ff2186a64072_ppc64le",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:cb292b971baf4de9f13b913ef0f3e391c1b12919175ae9dab43d18a70f4411a2_s390x",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:efea4d960bce51d34f2021b08ed5134f99f2bbbe759e550bf5bb4787ec40539e_amd64",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:677b3ce8d509429000a0696e05518ea9d4e69533407480b7728e523375c5303b_ppc64le",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:6a70f3e63cb4d87e96f54e3f2075a7f8cacaa10c92efe71c4d4bb5a43e4f1247_s390x",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:7d585ce8bce9b7ab571bf8a893bda495d255601e14b8a8aa516d0524545748dc_amd64",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:58218f2ce601e03f87858ada727cf52e964f0212124001740bf305dc36e67fbd_amd64",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:616fe916fe4bdf7cf26f1463b7df306bd63772eb31bdf83f70c42db9775765e5_s390x",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:98f3e811e3c8ebec180a6dc58353f72acf0dffad608b59d091af5f1887d37e05_ppc64le",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:1aab5a0eeaf68576aa5a0793cbe220bb8a783ec5670aa46240b88530897db345_amd64",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:6d121ae6d94afb5d723730e63fcd49c5cfaa1f2518cdb534215399a1f08ff040_s390x",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:d68cced8fab3fd16ddaaf45fe0c5498b60a4a09a2b5c4e5f984529d041d13708_ppc64le",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:5692486f392037c261b89bdf1004ac8982002c3c7e15cf3babcd3031970b3844_amd64",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:5cee29e36e341486bd91b8e578c9fd5a3fb657cbd6c6249dd69bb0a6e5b57dfd_s390x",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:92c07684e0deb9c515e509853d2d58a714b655f8be48be942f1da12da5cc65e0_ppc64le",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:2d9d7bacf93ceeca7b410e16fa84cb48c5c04092ac7e5ba22681b96abd0cf228_amd64",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:98be37c2d983b7af80f0c8527d6297eaf7177ee52457979b45d13cdd27976004_s390x",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:c57424174146743c9185105ae51c49e578a9dae1ca53375879a730704a5a686f_ppc64le",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:03d2025cc1fe797a3c54206cf37323e4bc6bc1c4197b70377bef7f727e33ed1b_s390x",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:15b8c0c6c6ed150183d8039fda25fa3986a55c8e7571b6d07f19eb91d51ae976_ppc64le",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:83afeb4a5ae28f1193261a4f942c400854fc2b2148bdf38c54706e72b345786b_amd64",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:55275214e27d4620bd2e4caf7a1a24598762fc1eff67c072e9c53fff4a633dca_amd64",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:804e08e8331a96e87c20889ff7f03816d17ec35e18e0449beb8337b82aa30000_ppc64le",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:fc0edac05e35fc4cca42cbc81979c54e4db440e340acca6c4c56dc5a3ece6cf7_s390x",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:53d4e87eb1ef3a63a42539ea20be463b3cbb76fe93a80d9dc5fb65253120402c_s390x",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:6fb45a6f9e4dd9a29e87c20b70758041f54b439cde439435aebecff002dd19fb_amd64",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:81e13f10bfa13edbf62318ce58f93f681dc61776e5871e8710e8cf8e0cb86416_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-55565"
},
{
"category": "external",
"summary": "RHBZ#2331063",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331063"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-55565",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-55565"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-55565",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-55565"
},
{
"category": "external",
"summary": "https://github.com/ai/nanoid/compare/3.3.7...3.3.8",
"url": "https://github.com/ai/nanoid/compare/3.3.7...3.3.8"
},
{
"category": "external",
"summary": "https://github.com/ai/nanoid/pull/510",
"url": "https://github.com/ai/nanoid/pull/510"
},
{
"category": "external",
"summary": "https://github.com/ai/nanoid/releases/tag/5.0.9",
"url": "https://github.com/ai/nanoid/releases/tag/5.0.9"
}
],
"release_date": "2024-12-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-02-03T16:38:18+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:03465af90654f18716911c227ad49422cda691bdea686936df1d37dcc058e485_ppc64le",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:7d2e2198bc93f6955477a3ec4f63a38b78273ea1007850c48ace3bb16c9666b1_s390x",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:90a61893d9127600dd108fedf9ee0b1fcac4502a196b8de7936589c100fc49fe_amd64",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:70ac5c215c4fc78e0b89c46bfa537f9bfb835af1897708f9cb181648659311d2_amd64",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:92891c316760203637d3739fc7fe5a6801e3b11faf22b405559dc1c05adbf6b2_s390x",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:a929eb292b97c9fc5d573a1ce5dc283268e189ec271abca29e183769b7f8ab86_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:0892"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHOSDS-3:devspaces-tech-preview/idea-rhel9@sha256:56808324fd8f18efcaf1143c062b4611d4daf92d2b3827b6744b7103e6862eb5_amd64",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:03465af90654f18716911c227ad49422cda691bdea686936df1d37dcc058e485_ppc64le",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:7d2e2198bc93f6955477a3ec4f63a38b78273ea1007850c48ace3bb16c9666b1_s390x",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:90a61893d9127600dd108fedf9ee0b1fcac4502a196b8de7936589c100fc49fe_amd64",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:741e2650528085ebfe65969d5c48ab7f3f258d73f0a35e9f0ca0ff2186a64072_ppc64le",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:cb292b971baf4de9f13b913ef0f3e391c1b12919175ae9dab43d18a70f4411a2_s390x",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:efea4d960bce51d34f2021b08ed5134f99f2bbbe759e550bf5bb4787ec40539e_amd64",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:70ac5c215c4fc78e0b89c46bfa537f9bfb835af1897708f9cb181648659311d2_amd64",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:92891c316760203637d3739fc7fe5a6801e3b11faf22b405559dc1c05adbf6b2_s390x",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:a929eb292b97c9fc5d573a1ce5dc283268e189ec271abca29e183769b7f8ab86_ppc64le",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:677b3ce8d509429000a0696e05518ea9d4e69533407480b7728e523375c5303b_ppc64le",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:6a70f3e63cb4d87e96f54e3f2075a7f8cacaa10c92efe71c4d4bb5a43e4f1247_s390x",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:7d585ce8bce9b7ab571bf8a893bda495d255601e14b8a8aa516d0524545748dc_amd64",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:58218f2ce601e03f87858ada727cf52e964f0212124001740bf305dc36e67fbd_amd64",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:616fe916fe4bdf7cf26f1463b7df306bd63772eb31bdf83f70c42db9775765e5_s390x",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:98f3e811e3c8ebec180a6dc58353f72acf0dffad608b59d091af5f1887d37e05_ppc64le",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:1aab5a0eeaf68576aa5a0793cbe220bb8a783ec5670aa46240b88530897db345_amd64",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:6d121ae6d94afb5d723730e63fcd49c5cfaa1f2518cdb534215399a1f08ff040_s390x",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:d68cced8fab3fd16ddaaf45fe0c5498b60a4a09a2b5c4e5f984529d041d13708_ppc64le",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:5692486f392037c261b89bdf1004ac8982002c3c7e15cf3babcd3031970b3844_amd64",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:5cee29e36e341486bd91b8e578c9fd5a3fb657cbd6c6249dd69bb0a6e5b57dfd_s390x",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:92c07684e0deb9c515e509853d2d58a714b655f8be48be942f1da12da5cc65e0_ppc64le",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:2d9d7bacf93ceeca7b410e16fa84cb48c5c04092ac7e5ba22681b96abd0cf228_amd64",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:98be37c2d983b7af80f0c8527d6297eaf7177ee52457979b45d13cdd27976004_s390x",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:c57424174146743c9185105ae51c49e578a9dae1ca53375879a730704a5a686f_ppc64le",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:03d2025cc1fe797a3c54206cf37323e4bc6bc1c4197b70377bef7f727e33ed1b_s390x",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:15b8c0c6c6ed150183d8039fda25fa3986a55c8e7571b6d07f19eb91d51ae976_ppc64le",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:83afeb4a5ae28f1193261a4f942c400854fc2b2148bdf38c54706e72b345786b_amd64",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:55275214e27d4620bd2e4caf7a1a24598762fc1eff67c072e9c53fff4a633dca_amd64",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:804e08e8331a96e87c20889ff7f03816d17ec35e18e0449beb8337b82aa30000_ppc64le",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:fc0edac05e35fc4cca42cbc81979c54e4db440e340acca6c4c56dc5a3ece6cf7_s390x",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:53d4e87eb1ef3a63a42539ea20be463b3cbb76fe93a80d9dc5fb65253120402c_s390x",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:6fb45a6f9e4dd9a29e87c20b70758041f54b439cde439435aebecff002dd19fb_amd64",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:81e13f10bfa13edbf62318ce58f93f681dc61776e5871e8710e8cf8e0cb86416_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nanoid: nanoid mishandles non-integer values"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.