csaf_redhat - rhsa-2025:1050

rhsa-2025:1050

Vulnerability from csaf_redhat

Published

2025-02-05 08:56

Modified

2025-02-20 11:27

Summary

Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.4.14

Notes

Topic

Red Hat OpenShift Service Mesh Containers for 2.4.14 This update has a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Details

Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation. Security Fix(es): * openshift-istio-kiali-rhel8-container: Non-linear parsing of case-insensitive content in golang.org/x/net/html (CVE-2024-45338) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Red Hat OpenShift Service Mesh Containers for 2.4.14\n\nThis update has a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat OpenShift Service Mesh is Red Hat\u0027s distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation.\n\nSecurity Fix(es):\n\n* openshift-istio-kiali-rhel8-container: Non-linear parsing of case-insensitive content in golang.org/x/net/html (CVE-2024-45338)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2025:1050",
        "url": "https://access.redhat.com/errata/RHSA-2025:1050"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "2333122",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2333122"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_1050.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.4.14",
    "tracking": {
      "current_release_date": "2025-02-20T11:27:28+00:00",
      "generator": {
        "date": "2025-02-20T11:27:28+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.3.1"
        }
      },
      "id": "RHSA-2025:1050",
      "initial_release_date": "2025-02-05T08:56:35+00:00",
      "revision_history": [
        {
          "date": "2025-02-05T08:56:35+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2025-02-05T08:56:35+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-02-20T11:27:28+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "RHOSSM 2.4 for RHEL 8",
                "product": {
                  "name": "RHOSSM 2.4 for RHEL 8",
                  "product_id": "8Base-RHOSSM-2.4",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:service_mesh:2.4::el8"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat OpenShift Service Mesh"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "openshift-service-mesh/istio-cni-rhel8@sha256:134d25c125cc861192e8c4ffdfda9fe91a228a67861a2931d7ac636f49377ef1_amd64",
                "product": {
                  "name": "openshift-service-mesh/istio-cni-rhel8@sha256:134d25c125cc861192e8c4ffdfda9fe91a228a67861a2931d7ac636f49377ef1_amd64",
                  "product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:134d25c125cc861192e8c4ffdfda9fe91a228a67861a2931d7ac636f49377ef1_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/istio-cni-rhel8@sha256:134d25c125cc861192e8c4ffdfda9fe91a228a67861a2931d7ac636f49377ef1?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.4.14-5"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-service-mesh/grafana-rhel8@sha256:700d608fde7cf366a3dafe1f38d2e9127feadd9c128333c727e763fb480f94db_amd64",
                "product": {
                  "name": "openshift-service-mesh/grafana-rhel8@sha256:700d608fde7cf366a3dafe1f38d2e9127feadd9c128333c727e763fb480f94db_amd64",
                  "product_id": "openshift-service-mesh/grafana-rhel8@sha256:700d608fde7cf366a3dafe1f38d2e9127feadd9c128333c727e763fb480f94db_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/grafana-rhel8@sha256:700d608fde7cf366a3dafe1f38d2e9127feadd9c128333c727e763fb480f94db?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.4.14-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-service-mesh/kiali-rhel8@sha256:81c1d7ffe409eab23c59791d76291e5a59df44490b637e5a10ae5d6a9a95201f_amd64",
                "product": {
                  "name": "openshift-service-mesh/kiali-rhel8@sha256:81c1d7ffe409eab23c59791d76291e5a59df44490b637e5a10ae5d6a9a95201f_amd64",
                  "product_id": "openshift-service-mesh/kiali-rhel8@sha256:81c1d7ffe409eab23c59791d76291e5a59df44490b637e5a10ae5d6a9a95201f_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/kiali-rhel8@sha256:81c1d7ffe409eab23c59791d76291e5a59df44490b637e5a10ae5d6a9a95201f?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.65.19-1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-service-mesh/pilot-rhel8@sha256:33ee1d2337ae8a49c130a19228d900c8300a131c2d866d2f2bcc255522792310_amd64",
                "product": {
                  "name": "openshift-service-mesh/pilot-rhel8@sha256:33ee1d2337ae8a49c130a19228d900c8300a131c2d866d2f2bcc255522792310_amd64",
                  "product_id": "openshift-service-mesh/pilot-rhel8@sha256:33ee1d2337ae8a49c130a19228d900c8300a131c2d866d2f2bcc255522792310_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/pilot-rhel8@sha256:33ee1d2337ae8a49c130a19228d900c8300a131c2d866d2f2bcc255522792310?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.4.14-5"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-service-mesh/proxyv2-rhel8@sha256:94e26548521b96a26dc48d33a9e79772c237d9e7992f099adb86dc47d0887af6_amd64",
                "product": {
                  "name": "openshift-service-mesh/proxyv2-rhel8@sha256:94e26548521b96a26dc48d33a9e79772c237d9e7992f099adb86dc47d0887af6_amd64",
                  "product_id": "openshift-service-mesh/proxyv2-rhel8@sha256:94e26548521b96a26dc48d33a9e79772c237d9e7992f099adb86dc47d0887af6_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/proxyv2-rhel8@sha256:94e26548521b96a26dc48d33a9e79772c237d9e7992f099adb86dc47d0887af6?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8\u0026tag=2.4.14-7"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-service-mesh/ratelimit-rhel8@sha256:3c196a7c334d8968e7202e56777a1188a0cab9c228ecf7f2e80b8d8dd8ff3523_amd64",
                "product": {
                  "name": "openshift-service-mesh/ratelimit-rhel8@sha256:3c196a7c334d8968e7202e56777a1188a0cab9c228ecf7f2e80b8d8dd8ff3523_amd64",
                  "product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:3c196a7c334d8968e7202e56777a1188a0cab9c228ecf7f2e80b8d8dd8ff3523_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ratelimit-rhel8@sha256:3c196a7c334d8968e7202e56777a1188a0cab9c228ecf7f2e80b8d8dd8ff3523?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.4.14-4"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "amd64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "openshift-service-mesh/istio-cni-rhel8@sha256:af301ce002b6b9bcadbe3c7d40d356f87849375fb6e25bb3b7be2a3327a87d8e_arm64",
                "product": {
                  "name": "openshift-service-mesh/istio-cni-rhel8@sha256:af301ce002b6b9bcadbe3c7d40d356f87849375fb6e25bb3b7be2a3327a87d8e_arm64",
                  "product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:af301ce002b6b9bcadbe3c7d40d356f87849375fb6e25bb3b7be2a3327a87d8e_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/istio-cni-rhel8@sha256:af301ce002b6b9bcadbe3c7d40d356f87849375fb6e25bb3b7be2a3327a87d8e?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.4.14-5"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-service-mesh/grafana-rhel8@sha256:347d5c0a95a85c84f80e943bf48540c8f09806f6d9785e08ef049b2c0441e63a_arm64",
                "product": {
                  "name": "openshift-service-mesh/grafana-rhel8@sha256:347d5c0a95a85c84f80e943bf48540c8f09806f6d9785e08ef049b2c0441e63a_arm64",
                  "product_id": "openshift-service-mesh/grafana-rhel8@sha256:347d5c0a95a85c84f80e943bf48540c8f09806f6d9785e08ef049b2c0441e63a_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/grafana-rhel8@sha256:347d5c0a95a85c84f80e943bf48540c8f09806f6d9785e08ef049b2c0441e63a?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.4.14-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-service-mesh/kiali-rhel8@sha256:d13f066630c536743f62e98636f462c211b71fa4ca3ab606d0d177ffb0a6f02f_arm64",
                "product": {
                  "name": "openshift-service-mesh/kiali-rhel8@sha256:d13f066630c536743f62e98636f462c211b71fa4ca3ab606d0d177ffb0a6f02f_arm64",
                  "product_id": "openshift-service-mesh/kiali-rhel8@sha256:d13f066630c536743f62e98636f462c211b71fa4ca3ab606d0d177ffb0a6f02f_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/kiali-rhel8@sha256:d13f066630c536743f62e98636f462c211b71fa4ca3ab606d0d177ffb0a6f02f?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.65.19-1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-service-mesh/pilot-rhel8@sha256:bf61c8797777441a6d1374708c9e514d927e8afe06112341c305488039c43a06_arm64",
                "product": {
                  "name": "openshift-service-mesh/pilot-rhel8@sha256:bf61c8797777441a6d1374708c9e514d927e8afe06112341c305488039c43a06_arm64",
                  "product_id": "openshift-service-mesh/pilot-rhel8@sha256:bf61c8797777441a6d1374708c9e514d927e8afe06112341c305488039c43a06_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/pilot-rhel8@sha256:bf61c8797777441a6d1374708c9e514d927e8afe06112341c305488039c43a06?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.4.14-5"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-service-mesh/proxyv2-rhel8@sha256:6fc5598f9fe5de385397e5182acd98bf2d97286c03fae9cd9dc1379513731d5a_arm64",
                "product": {
                  "name": "openshift-service-mesh/proxyv2-rhel8@sha256:6fc5598f9fe5de385397e5182acd98bf2d97286c03fae9cd9dc1379513731d5a_arm64",
                  "product_id": "openshift-service-mesh/proxyv2-rhel8@sha256:6fc5598f9fe5de385397e5182acd98bf2d97286c03fae9cd9dc1379513731d5a_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/proxyv2-rhel8@sha256:6fc5598f9fe5de385397e5182acd98bf2d97286c03fae9cd9dc1379513731d5a?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8\u0026tag=2.4.14-7"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-service-mesh/ratelimit-rhel8@sha256:52cf66418ff79ac50742bb18b09fcb1dd526d36dd404ce225eb835e207696b12_arm64",
                "product": {
                  "name": "openshift-service-mesh/ratelimit-rhel8@sha256:52cf66418ff79ac50742bb18b09fcb1dd526d36dd404ce225eb835e207696b12_arm64",
                  "product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:52cf66418ff79ac50742bb18b09fcb1dd526d36dd404ce225eb835e207696b12_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ratelimit-rhel8@sha256:52cf66418ff79ac50742bb18b09fcb1dd526d36dd404ce225eb835e207696b12?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.4.14-4"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "arm64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "openshift-service-mesh/istio-cni-rhel8@sha256:d71c0e938768d9b921b18a3ef4d63dd807b653738e2469da904e4d11349d13ce_ppc64le",
                "product": {
                  "name": "openshift-service-mesh/istio-cni-rhel8@sha256:d71c0e938768d9b921b18a3ef4d63dd807b653738e2469da904e4d11349d13ce_ppc64le",
                  "product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:d71c0e938768d9b921b18a3ef4d63dd807b653738e2469da904e4d11349d13ce_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/istio-cni-rhel8@sha256:d71c0e938768d9b921b18a3ef4d63dd807b653738e2469da904e4d11349d13ce?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.4.14-5"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-service-mesh/grafana-rhel8@sha256:2ef5d8f71141875e3835f3e9a40d5178c55ab6f8d0bc749993712f655880e140_ppc64le",
                "product": {
                  "name": "openshift-service-mesh/grafana-rhel8@sha256:2ef5d8f71141875e3835f3e9a40d5178c55ab6f8d0bc749993712f655880e140_ppc64le",
                  "product_id": "openshift-service-mesh/grafana-rhel8@sha256:2ef5d8f71141875e3835f3e9a40d5178c55ab6f8d0bc749993712f655880e140_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/grafana-rhel8@sha256:2ef5d8f71141875e3835f3e9a40d5178c55ab6f8d0bc749993712f655880e140?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.4.14-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-service-mesh/kiali-rhel8@sha256:c29bc9c4a2e3e6e60c3b652abac36d522df7981a7ffa51d82a3ca0fd3bc8c6e3_ppc64le",
                "product": {
                  "name": "openshift-service-mesh/kiali-rhel8@sha256:c29bc9c4a2e3e6e60c3b652abac36d522df7981a7ffa51d82a3ca0fd3bc8c6e3_ppc64le",
                  "product_id": "openshift-service-mesh/kiali-rhel8@sha256:c29bc9c4a2e3e6e60c3b652abac36d522df7981a7ffa51d82a3ca0fd3bc8c6e3_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/kiali-rhel8@sha256:c29bc9c4a2e3e6e60c3b652abac36d522df7981a7ffa51d82a3ca0fd3bc8c6e3?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.65.19-1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-service-mesh/pilot-rhel8@sha256:4d9888b16216965b8a4b4599268da1cfc3370959caf1c81aad40c98e9fd27fe4_ppc64le",
                "product": {
                  "name": "openshift-service-mesh/pilot-rhel8@sha256:4d9888b16216965b8a4b4599268da1cfc3370959caf1c81aad40c98e9fd27fe4_ppc64le",
                  "product_id": "openshift-service-mesh/pilot-rhel8@sha256:4d9888b16216965b8a4b4599268da1cfc3370959caf1c81aad40c98e9fd27fe4_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/pilot-rhel8@sha256:4d9888b16216965b8a4b4599268da1cfc3370959caf1c81aad40c98e9fd27fe4?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.4.14-5"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-service-mesh/proxyv2-rhel8@sha256:be984de5e04120d793ebd239b2ff13dd96fb5ef91f35e145474f7cf10e3e78bc_ppc64le",
                "product": {
                  "name": "openshift-service-mesh/proxyv2-rhel8@sha256:be984de5e04120d793ebd239b2ff13dd96fb5ef91f35e145474f7cf10e3e78bc_ppc64le",
                  "product_id": "openshift-service-mesh/proxyv2-rhel8@sha256:be984de5e04120d793ebd239b2ff13dd96fb5ef91f35e145474f7cf10e3e78bc_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/proxyv2-rhel8@sha256:be984de5e04120d793ebd239b2ff13dd96fb5ef91f35e145474f7cf10e3e78bc?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8\u0026tag=2.4.14-7"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-service-mesh/ratelimit-rhel8@sha256:be64102c8273b817c4cc1e40e598ab3c25aba7bd67d062f4bc2dc0d769f4ca92_ppc64le",
                "product": {
                  "name": "openshift-service-mesh/ratelimit-rhel8@sha256:be64102c8273b817c4cc1e40e598ab3c25aba7bd67d062f4bc2dc0d769f4ca92_ppc64le",
                  "product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:be64102c8273b817c4cc1e40e598ab3c25aba7bd67d062f4bc2dc0d769f4ca92_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ratelimit-rhel8@sha256:be64102c8273b817c4cc1e40e598ab3c25aba7bd67d062f4bc2dc0d769f4ca92?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.4.14-4"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "openshift-service-mesh/istio-cni-rhel8@sha256:696f3b4e47dba74b0c0fa09d8f9ca0d93808bef46b43442fc3ed30d891e9caad_s390x",
                "product": {
                  "name": "openshift-service-mesh/istio-cni-rhel8@sha256:696f3b4e47dba74b0c0fa09d8f9ca0d93808bef46b43442fc3ed30d891e9caad_s390x",
                  "product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:696f3b4e47dba74b0c0fa09d8f9ca0d93808bef46b43442fc3ed30d891e9caad_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/istio-cni-rhel8@sha256:696f3b4e47dba74b0c0fa09d8f9ca0d93808bef46b43442fc3ed30d891e9caad?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.4.14-5"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-service-mesh/grafana-rhel8@sha256:b82b62ebd62dc7ccfdea48ed9a79781fda827e842c378edb21f0a50e1957c3a1_s390x",
                "product": {
                  "name": "openshift-service-mesh/grafana-rhel8@sha256:b82b62ebd62dc7ccfdea48ed9a79781fda827e842c378edb21f0a50e1957c3a1_s390x",
                  "product_id": "openshift-service-mesh/grafana-rhel8@sha256:b82b62ebd62dc7ccfdea48ed9a79781fda827e842c378edb21f0a50e1957c3a1_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/grafana-rhel8@sha256:b82b62ebd62dc7ccfdea48ed9a79781fda827e842c378edb21f0a50e1957c3a1?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.4.14-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-service-mesh/kiali-rhel8@sha256:19e5e7cfd27a871e3e90af68d5cfa178aa18c5c81c6058a8f979871c372da02b_s390x",
                "product": {
                  "name": "openshift-service-mesh/kiali-rhel8@sha256:19e5e7cfd27a871e3e90af68d5cfa178aa18c5c81c6058a8f979871c372da02b_s390x",
                  "product_id": "openshift-service-mesh/kiali-rhel8@sha256:19e5e7cfd27a871e3e90af68d5cfa178aa18c5c81c6058a8f979871c372da02b_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/kiali-rhel8@sha256:19e5e7cfd27a871e3e90af68d5cfa178aa18c5c81c6058a8f979871c372da02b?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.65.19-1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-service-mesh/pilot-rhel8@sha256:9f5e6fc3aaafe7e0d3ae73602d518103e6cc6c4d04d64f66d910c13c4b7152f9_s390x",
                "product": {
                  "name": "openshift-service-mesh/pilot-rhel8@sha256:9f5e6fc3aaafe7e0d3ae73602d518103e6cc6c4d04d64f66d910c13c4b7152f9_s390x",
                  "product_id": "openshift-service-mesh/pilot-rhel8@sha256:9f5e6fc3aaafe7e0d3ae73602d518103e6cc6c4d04d64f66d910c13c4b7152f9_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/pilot-rhel8@sha256:9f5e6fc3aaafe7e0d3ae73602d518103e6cc6c4d04d64f66d910c13c4b7152f9?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.4.14-5"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-service-mesh/proxyv2-rhel8@sha256:4544c22ea468034f0e0b3cddf6a3623e7fbb6dc57781303acba3444b65d96529_s390x",
                "product": {
                  "name": "openshift-service-mesh/proxyv2-rhel8@sha256:4544c22ea468034f0e0b3cddf6a3623e7fbb6dc57781303acba3444b65d96529_s390x",
                  "product_id": "openshift-service-mesh/proxyv2-rhel8@sha256:4544c22ea468034f0e0b3cddf6a3623e7fbb6dc57781303acba3444b65d96529_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/proxyv2-rhel8@sha256:4544c22ea468034f0e0b3cddf6a3623e7fbb6dc57781303acba3444b65d96529?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8\u0026tag=2.4.14-7"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-service-mesh/ratelimit-rhel8@sha256:d1f320a2fb040e4968fac96a3cab0b28fcfd54249d9cdb6b5abcf3117b7c950e_s390x",
                "product": {
                  "name": "openshift-service-mesh/ratelimit-rhel8@sha256:d1f320a2fb040e4968fac96a3cab0b28fcfd54249d9cdb6b5abcf3117b7c950e_s390x",
                  "product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:d1f320a2fb040e4968fac96a3cab0b28fcfd54249d9cdb6b5abcf3117b7c950e_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ratelimit-rhel8@sha256:d1f320a2fb040e4968fac96a3cab0b28fcfd54249d9cdb6b5abcf3117b7c950e?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.4.14-4"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-service-mesh/grafana-rhel8@sha256:2ef5d8f71141875e3835f3e9a40d5178c55ab6f8d0bc749993712f655880e140_ppc64le as a component of RHOSSM 2.4 for RHEL 8",
          "product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2ef5d8f71141875e3835f3e9a40d5178c55ab6f8d0bc749993712f655880e140_ppc64le"
        },
        "product_reference": "openshift-service-mesh/grafana-rhel8@sha256:2ef5d8f71141875e3835f3e9a40d5178c55ab6f8d0bc749993712f655880e140_ppc64le",
        "relates_to_product_reference": "8Base-RHOSSM-2.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-service-mesh/grafana-rhel8@sha256:347d5c0a95a85c84f80e943bf48540c8f09806f6d9785e08ef049b2c0441e63a_arm64 as a component of RHOSSM 2.4 for RHEL 8",
          "product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:347d5c0a95a85c84f80e943bf48540c8f09806f6d9785e08ef049b2c0441e63a_arm64"
        },
        "product_reference": "openshift-service-mesh/grafana-rhel8@sha256:347d5c0a95a85c84f80e943bf48540c8f09806f6d9785e08ef049b2c0441e63a_arm64",
        "relates_to_product_reference": "8Base-RHOSSM-2.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-service-mesh/grafana-rhel8@sha256:700d608fde7cf366a3dafe1f38d2e9127feadd9c128333c727e763fb480f94db_amd64 as a component of RHOSSM 2.4 for RHEL 8",
          "product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:700d608fde7cf366a3dafe1f38d2e9127feadd9c128333c727e763fb480f94db_amd64"
        },
        "product_reference": "openshift-service-mesh/grafana-rhel8@sha256:700d608fde7cf366a3dafe1f38d2e9127feadd9c128333c727e763fb480f94db_amd64",
        "relates_to_product_reference": "8Base-RHOSSM-2.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-service-mesh/grafana-rhel8@sha256:b82b62ebd62dc7ccfdea48ed9a79781fda827e842c378edb21f0a50e1957c3a1_s390x as a component of RHOSSM 2.4 for RHEL 8",
          "product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:b82b62ebd62dc7ccfdea48ed9a79781fda827e842c378edb21f0a50e1957c3a1_s390x"
        },
        "product_reference": "openshift-service-mesh/grafana-rhel8@sha256:b82b62ebd62dc7ccfdea48ed9a79781fda827e842c378edb21f0a50e1957c3a1_s390x",
        "relates_to_product_reference": "8Base-RHOSSM-2.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-service-mesh/istio-cni-rhel8@sha256:134d25c125cc861192e8c4ffdfda9fe91a228a67861a2931d7ac636f49377ef1_amd64 as a component of RHOSSM 2.4 for RHEL 8",
          "product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:134d25c125cc861192e8c4ffdfda9fe91a228a67861a2931d7ac636f49377ef1_amd64"
        },
        "product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:134d25c125cc861192e8c4ffdfda9fe91a228a67861a2931d7ac636f49377ef1_amd64",
        "relates_to_product_reference": "8Base-RHOSSM-2.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-service-mesh/istio-cni-rhel8@sha256:696f3b4e47dba74b0c0fa09d8f9ca0d93808bef46b43442fc3ed30d891e9caad_s390x as a component of RHOSSM 2.4 for RHEL 8",
          "product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:696f3b4e47dba74b0c0fa09d8f9ca0d93808bef46b43442fc3ed30d891e9caad_s390x"
        },
        "product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:696f3b4e47dba74b0c0fa09d8f9ca0d93808bef46b43442fc3ed30d891e9caad_s390x",
        "relates_to_product_reference": "8Base-RHOSSM-2.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-service-mesh/istio-cni-rhel8@sha256:af301ce002b6b9bcadbe3c7d40d356f87849375fb6e25bb3b7be2a3327a87d8e_arm64 as a component of RHOSSM 2.4 for RHEL 8",
          "product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:af301ce002b6b9bcadbe3c7d40d356f87849375fb6e25bb3b7be2a3327a87d8e_arm64"
        },
        "product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:af301ce002b6b9bcadbe3c7d40d356f87849375fb6e25bb3b7be2a3327a87d8e_arm64",
        "relates_to_product_reference": "8Base-RHOSSM-2.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-service-mesh/istio-cni-rhel8@sha256:d71c0e938768d9b921b18a3ef4d63dd807b653738e2469da904e4d11349d13ce_ppc64le as a component of RHOSSM 2.4 for RHEL 8",
          "product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:d71c0e938768d9b921b18a3ef4d63dd807b653738e2469da904e4d11349d13ce_ppc64le"
        },
        "product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:d71c0e938768d9b921b18a3ef4d63dd807b653738e2469da904e4d11349d13ce_ppc64le",
        "relates_to_product_reference": "8Base-RHOSSM-2.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-service-mesh/kiali-rhel8@sha256:19e5e7cfd27a871e3e90af68d5cfa178aa18c5c81c6058a8f979871c372da02b_s390x as a component of RHOSSM 2.4 for RHEL 8",
          "product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:19e5e7cfd27a871e3e90af68d5cfa178aa18c5c81c6058a8f979871c372da02b_s390x"
        },
        "product_reference": "openshift-service-mesh/kiali-rhel8@sha256:19e5e7cfd27a871e3e90af68d5cfa178aa18c5c81c6058a8f979871c372da02b_s390x",
        "relates_to_product_reference": "8Base-RHOSSM-2.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-service-mesh/kiali-rhel8@sha256:81c1d7ffe409eab23c59791d76291e5a59df44490b637e5a10ae5d6a9a95201f_amd64 as a component of RHOSSM 2.4 for RHEL 8",
          "product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:81c1d7ffe409eab23c59791d76291e5a59df44490b637e5a10ae5d6a9a95201f_amd64"
        },
        "product_reference": "openshift-service-mesh/kiali-rhel8@sha256:81c1d7ffe409eab23c59791d76291e5a59df44490b637e5a10ae5d6a9a95201f_amd64",
        "relates_to_product_reference": "8Base-RHOSSM-2.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-service-mesh/kiali-rhel8@sha256:c29bc9c4a2e3e6e60c3b652abac36d522df7981a7ffa51d82a3ca0fd3bc8c6e3_ppc64le as a component of RHOSSM 2.4 for RHEL 8",
          "product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c29bc9c4a2e3e6e60c3b652abac36d522df7981a7ffa51d82a3ca0fd3bc8c6e3_ppc64le"
        },
        "product_reference": "openshift-service-mesh/kiali-rhel8@sha256:c29bc9c4a2e3e6e60c3b652abac36d522df7981a7ffa51d82a3ca0fd3bc8c6e3_ppc64le",
        "relates_to_product_reference": "8Base-RHOSSM-2.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-service-mesh/kiali-rhel8@sha256:d13f066630c536743f62e98636f462c211b71fa4ca3ab606d0d177ffb0a6f02f_arm64 as a component of RHOSSM 2.4 for RHEL 8",
          "product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:d13f066630c536743f62e98636f462c211b71fa4ca3ab606d0d177ffb0a6f02f_arm64"
        },
        "product_reference": "openshift-service-mesh/kiali-rhel8@sha256:d13f066630c536743f62e98636f462c211b71fa4ca3ab606d0d177ffb0a6f02f_arm64",
        "relates_to_product_reference": "8Base-RHOSSM-2.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-service-mesh/pilot-rhel8@sha256:33ee1d2337ae8a49c130a19228d900c8300a131c2d866d2f2bcc255522792310_amd64 as a component of RHOSSM 2.4 for RHEL 8",
          "product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:33ee1d2337ae8a49c130a19228d900c8300a131c2d866d2f2bcc255522792310_amd64"
        },
        "product_reference": "openshift-service-mesh/pilot-rhel8@sha256:33ee1d2337ae8a49c130a19228d900c8300a131c2d866d2f2bcc255522792310_amd64",
        "relates_to_product_reference": "8Base-RHOSSM-2.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-service-mesh/pilot-rhel8@sha256:4d9888b16216965b8a4b4599268da1cfc3370959caf1c81aad40c98e9fd27fe4_ppc64le as a component of RHOSSM 2.4 for RHEL 8",
          "product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:4d9888b16216965b8a4b4599268da1cfc3370959caf1c81aad40c98e9fd27fe4_ppc64le"
        },
        "product_reference": "openshift-service-mesh/pilot-rhel8@sha256:4d9888b16216965b8a4b4599268da1cfc3370959caf1c81aad40c98e9fd27fe4_ppc64le",
        "relates_to_product_reference": "8Base-RHOSSM-2.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-service-mesh/pilot-rhel8@sha256:9f5e6fc3aaafe7e0d3ae73602d518103e6cc6c4d04d64f66d910c13c4b7152f9_s390x as a component of RHOSSM 2.4 for RHEL 8",
          "product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:9f5e6fc3aaafe7e0d3ae73602d518103e6cc6c4d04d64f66d910c13c4b7152f9_s390x"
        },
        "product_reference": "openshift-service-mesh/pilot-rhel8@sha256:9f5e6fc3aaafe7e0d3ae73602d518103e6cc6c4d04d64f66d910c13c4b7152f9_s390x",
        "relates_to_product_reference": "8Base-RHOSSM-2.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-service-mesh/pilot-rhel8@sha256:bf61c8797777441a6d1374708c9e514d927e8afe06112341c305488039c43a06_arm64 as a component of RHOSSM 2.4 for RHEL 8",
          "product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:bf61c8797777441a6d1374708c9e514d927e8afe06112341c305488039c43a06_arm64"
        },
        "product_reference": "openshift-service-mesh/pilot-rhel8@sha256:bf61c8797777441a6d1374708c9e514d927e8afe06112341c305488039c43a06_arm64",
        "relates_to_product_reference": "8Base-RHOSSM-2.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-service-mesh/proxyv2-rhel8@sha256:4544c22ea468034f0e0b3cddf6a3623e7fbb6dc57781303acba3444b65d96529_s390x as a component of RHOSSM 2.4 for RHEL 8",
          "product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:4544c22ea468034f0e0b3cddf6a3623e7fbb6dc57781303acba3444b65d96529_s390x"
        },
        "product_reference": "openshift-service-mesh/proxyv2-rhel8@sha256:4544c22ea468034f0e0b3cddf6a3623e7fbb6dc57781303acba3444b65d96529_s390x",
        "relates_to_product_reference": "8Base-RHOSSM-2.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-service-mesh/proxyv2-rhel8@sha256:6fc5598f9fe5de385397e5182acd98bf2d97286c03fae9cd9dc1379513731d5a_arm64 as a component of RHOSSM 2.4 for RHEL 8",
          "product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:6fc5598f9fe5de385397e5182acd98bf2d97286c03fae9cd9dc1379513731d5a_arm64"
        },
        "product_reference": "openshift-service-mesh/proxyv2-rhel8@sha256:6fc5598f9fe5de385397e5182acd98bf2d97286c03fae9cd9dc1379513731d5a_arm64",
        "relates_to_product_reference": "8Base-RHOSSM-2.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-service-mesh/proxyv2-rhel8@sha256:94e26548521b96a26dc48d33a9e79772c237d9e7992f099adb86dc47d0887af6_amd64 as a component of RHOSSM 2.4 for RHEL 8",
          "product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:94e26548521b96a26dc48d33a9e79772c237d9e7992f099adb86dc47d0887af6_amd64"
        },
        "product_reference": "openshift-service-mesh/proxyv2-rhel8@sha256:94e26548521b96a26dc48d33a9e79772c237d9e7992f099adb86dc47d0887af6_amd64",
        "relates_to_product_reference": "8Base-RHOSSM-2.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-service-mesh/proxyv2-rhel8@sha256:be984de5e04120d793ebd239b2ff13dd96fb5ef91f35e145474f7cf10e3e78bc_ppc64le as a component of RHOSSM 2.4 for RHEL 8",
          "product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:be984de5e04120d793ebd239b2ff13dd96fb5ef91f35e145474f7cf10e3e78bc_ppc64le"
        },
        "product_reference": "openshift-service-mesh/proxyv2-rhel8@sha256:be984de5e04120d793ebd239b2ff13dd96fb5ef91f35e145474f7cf10e3e78bc_ppc64le",
        "relates_to_product_reference": "8Base-RHOSSM-2.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-service-mesh/ratelimit-rhel8@sha256:3c196a7c334d8968e7202e56777a1188a0cab9c228ecf7f2e80b8d8dd8ff3523_amd64 as a component of RHOSSM 2.4 for RHEL 8",
          "product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:3c196a7c334d8968e7202e56777a1188a0cab9c228ecf7f2e80b8d8dd8ff3523_amd64"
        },
        "product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:3c196a7c334d8968e7202e56777a1188a0cab9c228ecf7f2e80b8d8dd8ff3523_amd64",
        "relates_to_product_reference": "8Base-RHOSSM-2.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-service-mesh/ratelimit-rhel8@sha256:52cf66418ff79ac50742bb18b09fcb1dd526d36dd404ce225eb835e207696b12_arm64 as a component of RHOSSM 2.4 for RHEL 8",
          "product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:52cf66418ff79ac50742bb18b09fcb1dd526d36dd404ce225eb835e207696b12_arm64"
        },
        "product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:52cf66418ff79ac50742bb18b09fcb1dd526d36dd404ce225eb835e207696b12_arm64",
        "relates_to_product_reference": "8Base-RHOSSM-2.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-service-mesh/ratelimit-rhel8@sha256:be64102c8273b817c4cc1e40e598ab3c25aba7bd67d062f4bc2dc0d769f4ca92_ppc64le as a component of RHOSSM 2.4 for RHEL 8",
          "product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:be64102c8273b817c4cc1e40e598ab3c25aba7bd67d062f4bc2dc0d769f4ca92_ppc64le"
        },
        "product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:be64102c8273b817c4cc1e40e598ab3c25aba7bd67d062f4bc2dc0d769f4ca92_ppc64le",
        "relates_to_product_reference": "8Base-RHOSSM-2.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-service-mesh/ratelimit-rhel8@sha256:d1f320a2fb040e4968fac96a3cab0b28fcfd54249d9cdb6b5abcf3117b7c950e_s390x as a component of RHOSSM 2.4 for RHEL 8",
          "product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:d1f320a2fb040e4968fac96a3cab0b28fcfd54249d9cdb6b5abcf3117b7c950e_s390x"
        },
        "product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:d1f320a2fb040e4968fac96a3cab0b28fcfd54249d9cdb6b5abcf3117b7c950e_s390x",
        "relates_to_product_reference": "8Base-RHOSSM-2.4"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-45338",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "discovery_date": "2024-12-18T21:00:59.938173+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2ef5d8f71141875e3835f3e9a40d5178c55ab6f8d0bc749993712f655880e140_ppc64le",
            "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:347d5c0a95a85c84f80e943bf48540c8f09806f6d9785e08ef049b2c0441e63a_arm64",
            "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:700d608fde7cf366a3dafe1f38d2e9127feadd9c128333c727e763fb480f94db_amd64",
            "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:b82b62ebd62dc7ccfdea48ed9a79781fda827e842c378edb21f0a50e1957c3a1_s390x",
            "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:134d25c125cc861192e8c4ffdfda9fe91a228a67861a2931d7ac636f49377ef1_amd64",
            "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:696f3b4e47dba74b0c0fa09d8f9ca0d93808bef46b43442fc3ed30d891e9caad_s390x",
            "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:af301ce002b6b9bcadbe3c7d40d356f87849375fb6e25bb3b7be2a3327a87d8e_arm64",
            "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:d71c0e938768d9b921b18a3ef4d63dd807b653738e2469da904e4d11349d13ce_ppc64le",
            "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:33ee1d2337ae8a49c130a19228d900c8300a131c2d866d2f2bcc255522792310_amd64",
            "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:4d9888b16216965b8a4b4599268da1cfc3370959caf1c81aad40c98e9fd27fe4_ppc64le",
            "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:9f5e6fc3aaafe7e0d3ae73602d518103e6cc6c4d04d64f66d910c13c4b7152f9_s390x",
            "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:bf61c8797777441a6d1374708c9e514d927e8afe06112341c305488039c43a06_arm64",
            "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:4544c22ea468034f0e0b3cddf6a3623e7fbb6dc57781303acba3444b65d96529_s390x",
            "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:6fc5598f9fe5de385397e5182acd98bf2d97286c03fae9cd9dc1379513731d5a_arm64",
            "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:94e26548521b96a26dc48d33a9e79772c237d9e7992f099adb86dc47d0887af6_amd64",
            "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:be984de5e04120d793ebd239b2ff13dd96fb5ef91f35e145474f7cf10e3e78bc_ppc64le",
            "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:3c196a7c334d8968e7202e56777a1188a0cab9c228ecf7f2e80b8d8dd8ff3523_amd64",
            "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:52cf66418ff79ac50742bb18b09fcb1dd526d36dd404ce225eb835e207696b12_arm64",
            "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:be64102c8273b817c4cc1e40e598ab3c25aba7bd67d062f4bc2dc0d769f4ca92_ppc64le",
            "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:d1f320a2fb040e4968fac96a3cab0b28fcfd54249d9cdb6b5abcf3117b7c950e_s390x"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2333122"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in golang.org/x/net/html. This flaw allows an attacker to craft input to the parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This issue can cause a denial of service.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This vulnerability is rated as an Important severity because an attacker can craft malicious input that causes the parsing functions to process data non-linearly, resulting in significant delays which leads to a denial of service by exhausting system resources.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:19e5e7cfd27a871e3e90af68d5cfa178aa18c5c81c6058a8f979871c372da02b_s390x",
          "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:81c1d7ffe409eab23c59791d76291e5a59df44490b637e5a10ae5d6a9a95201f_amd64",
          "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c29bc9c4a2e3e6e60c3b652abac36d522df7981a7ffa51d82a3ca0fd3bc8c6e3_ppc64le",
          "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:d13f066630c536743f62e98636f462c211b71fa4ca3ab606d0d177ffb0a6f02f_arm64"
        ],
        "known_not_affected": [
          "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2ef5d8f71141875e3835f3e9a40d5178c55ab6f8d0bc749993712f655880e140_ppc64le",
          "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:347d5c0a95a85c84f80e943bf48540c8f09806f6d9785e08ef049b2c0441e63a_arm64",
          "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:700d608fde7cf366a3dafe1f38d2e9127feadd9c128333c727e763fb480f94db_amd64",
          "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:b82b62ebd62dc7ccfdea48ed9a79781fda827e842c378edb21f0a50e1957c3a1_s390x",
          "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:134d25c125cc861192e8c4ffdfda9fe91a228a67861a2931d7ac636f49377ef1_amd64",
          "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:696f3b4e47dba74b0c0fa09d8f9ca0d93808bef46b43442fc3ed30d891e9caad_s390x",
          "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:af301ce002b6b9bcadbe3c7d40d356f87849375fb6e25bb3b7be2a3327a87d8e_arm64",
          "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:d71c0e938768d9b921b18a3ef4d63dd807b653738e2469da904e4d11349d13ce_ppc64le",
          "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:33ee1d2337ae8a49c130a19228d900c8300a131c2d866d2f2bcc255522792310_amd64",
          "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:4d9888b16216965b8a4b4599268da1cfc3370959caf1c81aad40c98e9fd27fe4_ppc64le",
          "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:9f5e6fc3aaafe7e0d3ae73602d518103e6cc6c4d04d64f66d910c13c4b7152f9_s390x",
          "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:bf61c8797777441a6d1374708c9e514d927e8afe06112341c305488039c43a06_arm64",
          "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:4544c22ea468034f0e0b3cddf6a3623e7fbb6dc57781303acba3444b65d96529_s390x",
          "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:6fc5598f9fe5de385397e5182acd98bf2d97286c03fae9cd9dc1379513731d5a_arm64",
          "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:94e26548521b96a26dc48d33a9e79772c237d9e7992f099adb86dc47d0887af6_amd64",
          "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:be984de5e04120d793ebd239b2ff13dd96fb5ef91f35e145474f7cf10e3e78bc_ppc64le",
          "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:3c196a7c334d8968e7202e56777a1188a0cab9c228ecf7f2e80b8d8dd8ff3523_amd64",
          "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:52cf66418ff79ac50742bb18b09fcb1dd526d36dd404ce225eb835e207696b12_arm64",
          "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:be64102c8273b817c4cc1e40e598ab3c25aba7bd67d062f4bc2dc0d769f4ca92_ppc64le",
          "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:d1f320a2fb040e4968fac96a3cab0b28fcfd54249d9cdb6b5abcf3117b7c950e_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-45338"
        },
        {
          "category": "external",
          "summary": "RHBZ#2333122",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2333122"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-45338",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-45338"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45338",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45338"
        },
        {
          "category": "external",
          "summary": "https://go.dev/cl/637536",
          "url": "https://go.dev/cl/637536"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/70906",
          "url": "https://go.dev/issue/70906"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/wSCRmFnNmPA/m/Lvcd0mRMAwAJ",
          "url": "https://groups.google.com/g/golang-announce/c/wSCRmFnNmPA/m/Lvcd0mRMAwAJ"
        },
        {
          "category": "external",
          "summary": "https://pkg.go.dev/vuln/GO-2024-3333",
          "url": "https://pkg.go.dev/vuln/GO-2024-3333"
        }
      ],
      "release_date": "2024-12-18T20:38:22.660000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-02-05T08:56:35+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:19e5e7cfd27a871e3e90af68d5cfa178aa18c5c81c6058a8f979871c372da02b_s390x",
            "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:81c1d7ffe409eab23c59791d76291e5a59df44490b637e5a10ae5d6a9a95201f_amd64",
            "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c29bc9c4a2e3e6e60c3b652abac36d522df7981a7ffa51d82a3ca0fd3bc8c6e3_ppc64le",
            "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:d13f066630c536743f62e98636f462c211b71fa4ca3ab606d0d177ffb0a6f02f_arm64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:1050"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2ef5d8f71141875e3835f3e9a40d5178c55ab6f8d0bc749993712f655880e140_ppc64le",
            "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:347d5c0a95a85c84f80e943bf48540c8f09806f6d9785e08ef049b2c0441e63a_arm64",
            "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:700d608fde7cf366a3dafe1f38d2e9127feadd9c128333c727e763fb480f94db_amd64",
            "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:b82b62ebd62dc7ccfdea48ed9a79781fda827e842c378edb21f0a50e1957c3a1_s390x",
            "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:134d25c125cc861192e8c4ffdfda9fe91a228a67861a2931d7ac636f49377ef1_amd64",
            "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:696f3b4e47dba74b0c0fa09d8f9ca0d93808bef46b43442fc3ed30d891e9caad_s390x",
            "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:af301ce002b6b9bcadbe3c7d40d356f87849375fb6e25bb3b7be2a3327a87d8e_arm64",
            "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:d71c0e938768d9b921b18a3ef4d63dd807b653738e2469da904e4d11349d13ce_ppc64le",
            "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:19e5e7cfd27a871e3e90af68d5cfa178aa18c5c81c6058a8f979871c372da02b_s390x",
            "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:81c1d7ffe409eab23c59791d76291e5a59df44490b637e5a10ae5d6a9a95201f_amd64",
            "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c29bc9c4a2e3e6e60c3b652abac36d522df7981a7ffa51d82a3ca0fd3bc8c6e3_ppc64le",
            "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:d13f066630c536743f62e98636f462c211b71fa4ca3ab606d0d177ffb0a6f02f_arm64",
            "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:33ee1d2337ae8a49c130a19228d900c8300a131c2d866d2f2bcc255522792310_amd64",
            "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:4d9888b16216965b8a4b4599268da1cfc3370959caf1c81aad40c98e9fd27fe4_ppc64le",
            "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:9f5e6fc3aaafe7e0d3ae73602d518103e6cc6c4d04d64f66d910c13c4b7152f9_s390x",
            "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:bf61c8797777441a6d1374708c9e514d927e8afe06112341c305488039c43a06_arm64",
            "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:4544c22ea468034f0e0b3cddf6a3623e7fbb6dc57781303acba3444b65d96529_s390x",
            "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:6fc5598f9fe5de385397e5182acd98bf2d97286c03fae9cd9dc1379513731d5a_arm64",
            "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:94e26548521b96a26dc48d33a9e79772c237d9e7992f099adb86dc47d0887af6_amd64",
            "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:be984de5e04120d793ebd239b2ff13dd96fb5ef91f35e145474f7cf10e3e78bc_ppc64le",
            "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:3c196a7c334d8968e7202e56777a1188a0cab9c228ecf7f2e80b8d8dd8ff3523_amd64",
            "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:52cf66418ff79ac50742bb18b09fcb1dd526d36dd404ce225eb835e207696b12_arm64",
            "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:be64102c8273b817c4cc1e40e598ab3c25aba7bd67d062f4bc2dc0d769f4ca92_ppc64le",
            "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:d1f320a2fb040e4968fac96a3cab0b28fcfd54249d9cdb6b5abcf3117b7c950e_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html"
    }
  ]
}

cve-2024-45338

Vulnerability from cvelistv5

Published

2024-12-18 20:38

Modified

2025-02-21 18:03

Severity ?

5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Summary

An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This could cause a denial of service.

References

▼	URL	Tags
	https://go.dev/cl/637536
	https://go.dev/issue/70906
	https://groups.google.com/g/golang-announce/c/wSCRmFnNmPA/m/Lvcd0mRMAwAJ
	https://pkg.go.dev/vuln/GO-2024-3333

Impacted products

	Vendor	Product	Version
	golang.org/x/net	golang.org/x/net/html	Version: 0 ≤

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "LOW",
              "baseScore": 5.3,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-45338",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-12-31T19:51:42.228627Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-1333",
                "description": "CWE-1333 Inefficient Regular Expression Complexity",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-12-31T19:55:04.864Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-02-21T18:03:32.301Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://security.netapp.com/advisory/ntap-20250221-0001/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://pkg.go.dev",
          "defaultStatus": "unaffected",
          "packageName": "golang.org/x/net/html",
          "product": "golang.org/x/net/html",
          "programRoutines": [
            {
              "name": "parseDoctype"
            },
            {
              "name": "htmlIntegrationPoint"
            },
            {
              "name": "inTableIM"
            },
            {
              "name": "inBodyIM"
            },
            {
              "name": "Parse"
            },
            {
              "name": "ParseFragment"
            },
            {
              "name": "ParseFragmentWithOptions"
            },
            {
              "name": "ParseWithOptions"
            }
          ],
          "vendor": "golang.org/x/net",
          "versions": [
            {
              "lessThan": "0.33.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Guido Vranken"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This could cause a denial of service."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "CWE-405: Asymmetric Resource Consumption (Amplification)",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-12-18T20:38:22.660Z",
        "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "shortName": "Go"
      },
      "references": [
        {
          "url": "https://go.dev/cl/637536"
        },
        {
          "url": "https://go.dev/issue/70906"
        },
        {
          "url": "https://groups.google.com/g/golang-announce/c/wSCRmFnNmPA/m/Lvcd0mRMAwAJ"
        },
        {
          "url": "https://pkg.go.dev/vuln/GO-2024-3333"
        }
      ],
      "title": "Non-linear parsing of case-insensitive content in golang.org/x/net/html"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
    "assignerShortName": "Go",
    "cveId": "CVE-2024-45338",
    "datePublished": "2024-12-18T20:38:22.660Z",
    "dateReserved": "2024-08-27T19:41:58.555Z",
    "dateUpdated": "2025-02-21T18:03:32.301Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted