RHSA-2025:9776
Vulnerability from csaf_redhat - Published: 2025-06-26 12:12 - Updated: 2026-04-12 19:39Summary
Red Hat Security Advisory: New RHCS 8.1 container image is now available in the Red Hat Ecosystem Catalog.
Severity
Important
Notes
Topic: A new container image for Red Hat Ceph Storage 8.1 is now available in the Red Hat Ecosystem Catalog.
Details: Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services.
This new container image is based on Red Hat Ceph Storage 8.1 and Red Hat Enterprise Linux 8.10, 9.5, 9.6.
Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat Ceph Storage Release Notes for information on the most significant of these changes:
https://docs.redhat.com/en/documentation/red_hat_ceph_storage/8/html/8.1_release_notes
All users of Red Hat Ceph Storage are advised to pull these new images from the Red Hat Ecosystem catalog, which provides numerous enhancements and bug fixes.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in python-certifi. Untrusted certificates from TrustCor have been found in the root certificates store.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/2789521
For supported configurations, refer to:
https://access.redhat.com/articles/1548993
https://access.redhat.com/errata/RHSA-2025:9776
A flaw was discovered in Go's net/http standard library package. When parsing a multipart form (either explicitly with Request.ParseMultipartForm or implicitly with Request.FormValue, Request.PostFormValue, or Request.FormFile), limits on the total size of the parsed form were not applied to the memory consumed while reading a single form line. This permits a maliciously crafted input containing very long lines to cause allocation of arbitrarily large amounts of memory, potentially leading to memory exhaustion. With fix, the ParseMultipartForm function now correctly limits the maximum size of form lines.
5.3 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/2789521
For supported configurations, refer to:
https://access.redhat.com/articles/1548993
https://access.redhat.com/errata/RHSA-2025:9776
Workaround
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A vulnerability was found in go-retryablehttp. The package may suffer from a lack of input sanitization by not cleaning up URL data when writing to the logs. This issue could expose sensitive authentication information.
6.0 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/2789521
For supported configurations, refer to:
https://access.redhat.com/articles/1548993
https://access.redhat.com/errata/RHSA-2025:9776
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in Go's crypto/x509 standard library package. Verifying a certificate chain that contains a certificate with an unknown public key algorithm will cause a Certificate.Verify to panic. This issue affects all crypto/tls clients and servers that set Config.ClientAuth to VerifyClientCertIfGiven or RequireAndVerifyClientCert.
5.9 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/2789521
For supported configurations, refer to:
https://access.redhat.com/articles/1548993
https://access.redhat.com/errata/RHSA-2025:9776
Workaround
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in Go's net/mail standard library package. The ParseAddressList function incorrectly handles comments (text within parentheses) within display names. Since this is a misalignment with conforming address parsers, it can result in different trust decisions made by programs using different parsers.
5.4 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/2789521
For supported configurations, refer to:
https://access.redhat.com/articles/1548993
https://access.redhat.com/errata/RHSA-2025:9776
Workaround
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in Go's html/template standard library package. If errors returned from MarshalJSON methods contain user-controlled data, they may be used to break the contextual auto-escaping behavior of the html/template package, allowing subsequent actions to inject unexpected content into templates.
6.5 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/2789521
For supported configurations, refer to:
https://access.redhat.com/articles/1548993
https://access.redhat.com/errata/RHSA-2025:9776
Workaround
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in Golang's protobuf module, where the unmarshal function can enter an infinite loop when processing certain invalid inputs. This issue occurs during unmarshaling into a message that includes a google.protobuf.Any or when the UnmarshalOptions.DiscardUnknown option is enabled. This flaw allows an attacker to craft malicious input tailored to trigger the identified flaw in the unmarshal function. By providing carefully constructed invalid inputs, they could potentially cause the function to enter an infinite loop, resulting in a denial of service condition or other unintended behaviors in the affected system.
5.9 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/2789521
For supported configurations, refer to:
https://access.redhat.com/articles/1548993
https://access.redhat.com/errata/RHSA-2025:9776
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in the net package of the Go stdlib. When a malformed DNS message is received as a response to a query, the Lookup functions within the net package can get stuck in an infinite loop. This issue can lead to resource exhaustion and denial of service (DoS) conditions.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/2789521
For supported configurations, refer to:
https://access.redhat.com/articles/1548993
https://access.redhat.com/errata/RHSA-2025:9776
Workaround
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in Golang. The ZIP implementation of the Go language archive/zip library behaves differently than the rest of the ZIP file format implementations. When handling ZIP files with a corrupted central directory record, the library skips over the invalid record and processes the next valid one. This flaw allows a malicious user to access hidden information or files inside maliciously crafted ZIP files.
5.5 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/2789521
For supported configurations, refer to:
https://access.redhat.com/articles/1548993
https://access.redhat.com/errata/RHSA-2025:9776
A flaw was found in the Go language standard library net/netip. The method Is*() (IsPrivate(), IsPublic(), etc) doesn't behave properly when working with IPv6 mapped to IPv4 addresses. The unexpected behavior can lead to integrity and confidentiality issues, specifically when these methods are used to control access to resources or data.
6.7 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/2789521
For supported configurations, refer to:
https://access.redhat.com/articles/1548993
https://access.redhat.com/errata/RHSA-2025:9776
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in Go. The net/http module mishandles specific server responses from HTTP/1.1 client requests. This issue may render a connection invalid and cause a denial of service.
5.9 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/2789521
For supported configurations, refer to:
https://access.redhat.com/articles/1548993
https://access.redhat.com/errata/RHSA-2025:9776
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in the go/parser package of the Golang standard library. Calling any Parse functions on Go source code containing deeply nested literals can cause a panic due to stack exhaustion.
5.9 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/2789521
For supported configurations, refer to:
https://access.redhat.com/articles/1548993
https://access.redhat.com/errata/RHSA-2025:9776
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/2789521
For supported configurations, refer to:
https://access.redhat.com/articles/1548993
https://access.redhat.com/errata/RHSA-2025:9776
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
References
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A new container image for Red Hat Ceph Storage 8.1 is now available in the Red Hat Ecosystem Catalog.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services. \n \nThis new container image is based on Red Hat Ceph Storage 8.1 and Red Hat Enterprise Linux 8.10, 9.5, 9.6. \n \nSpace precludes documenting all of these changes in this advisory. Users are directed to the Red Hat Ceph Storage Release Notes for information on the most significant of these changes:\n\nhttps://docs.redhat.com/en/documentation/red_hat_ceph_storage/8/html/8.1_release_notes\n\nAll users of Red Hat Ceph Storage are advised to pull these new images from the Red Hat Ecosystem catalog, which provides numerous enhancements and bug fixes.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:9776",
"url": "https://access.redhat.com/errata/RHSA-2025:9776"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_9776.json"
}
],
"title": "Red Hat Security Advisory: New RHCS 8.1 container image is now available in the Red Hat Ecosystem Catalog.",
"tracking": {
"current_release_date": "2026-04-12T19:39:26+00:00",
"generator": {
"date": "2026-04-12T19:39:26+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.5"
}
},
"id": "RHSA-2025:9776",
"initial_release_date": "2025-06-26T12:12:44+00:00",
"revision_history": [
{
"date": "2025-06-26T12:12:44+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-06-26T12:12:44+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-04-12T19:39:26+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Ceph Storage 8.1 Tools",
"product": {
"name": "Red Hat Ceph Storage 8.1 Tools",
"product_id": "9Base-RHCEPH-8.1-Tools",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ceph_storage:8.1::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Ceph Storage"
},
{
"branches": [
{
"category": "product_version",
"name": "rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
"product": {
"name": "rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
"product_id": "rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34?arch=ppc64le\u0026repository_url=registry.redhat.io/rhceph/grafana-rhel9\u0026tag=11.5.2-6"
}
}
},
{
"category": "product_version",
"name": "rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
"product": {
"name": "rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
"product_id": "rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75?arch=ppc64le\u0026repository_url=registry.redhat.io/rhceph/keepalived-rhel9\u0026tag=2.2.8-65"
}
}
},
{
"category": "product_version",
"name": "rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
"product": {
"name": "rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
"product_id": "rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97?arch=ppc64le\u0026repository_url=registry.redhat.io/rhceph/oauth2-proxy-rhel9\u0026tag=v7.6.0-27"
}
}
},
{
"category": "product_version",
"name": "rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
"product": {
"name": "rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
"product_id": "rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433?arch=ppc64le\u0026repository_url=registry.redhat.io/rhceph/rhceph-promtail-rhel9\u0026tag=v3.0.0-34"
}
}
},
{
"category": "product_version",
"name": "rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
"product": {
"name": "rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
"product_id": "rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf?arch=ppc64le\u0026repository_url=registry.redhat.io/rhceph/rhceph-8-rhel9\u0026tag=8-492"
}
}
},
{
"category": "product_version",
"name": "rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
"product": {
"name": "rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
"product_id": "rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c?arch=ppc64le\u0026repository_url=registry.redhat.io/rhceph/rhceph-haproxy-rhel9\u0026tag=2.4.22-67"
}
}
},
{
"category": "product_version",
"name": "rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
"product": {
"name": "rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
"product_id": "rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14?arch=ppc64le\u0026repository_url=registry.redhat.io/rhceph/snmp-notifier-rhel9\u0026tag=1.2.1-115"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
"product": {
"name": "rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
"product_id": "rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07?arch=amd64\u0026repository_url=registry.redhat.io/rhceph/grafana-rhel9\u0026tag=11.5.2-6"
}
}
},
{
"category": "product_version",
"name": "rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
"product": {
"name": "rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
"product_id": "rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a?arch=amd64\u0026repository_url=registry.redhat.io/rhceph/keepalived-rhel9\u0026tag=2.2.8-65"
}
}
},
{
"category": "product_version",
"name": "rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
"product": {
"name": "rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
"product_id": "rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671?arch=amd64\u0026repository_url=registry.redhat.io/rhceph/oauth2-proxy-rhel9\u0026tag=v7.6.0-27"
}
}
},
{
"category": "product_version",
"name": "rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
"product": {
"name": "rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
"product_id": "rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9?arch=amd64\u0026repository_url=registry.redhat.io/rhceph/rhceph-promtail-rhel9\u0026tag=v3.0.0-34"
}
}
},
{
"category": "product_version",
"name": "rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
"product": {
"name": "rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
"product_id": "rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c?arch=amd64\u0026repository_url=registry.redhat.io/rhceph/rhceph-8-rhel9\u0026tag=8-492"
}
}
},
{
"category": "product_version",
"name": "rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
"product": {
"name": "rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
"product_id": "rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e?arch=amd64\u0026repository_url=registry.redhat.io/rhceph/rhceph-haproxy-rhel9\u0026tag=2.4.22-67"
}
}
},
{
"category": "product_version",
"name": "rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
"product": {
"name": "rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
"product_id": "rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2?arch=amd64\u0026repository_url=registry.redhat.io/rhceph/snmp-notifier-rhel9\u0026tag=1.2.1-115"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
"product": {
"name": "rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
"product_id": "rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427?arch=s390x\u0026repository_url=registry.redhat.io/rhceph/grafana-rhel9\u0026tag=11.5.2-6"
}
}
},
{
"category": "product_version",
"name": "rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
"product": {
"name": "rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
"product_id": "rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
"product_identification_helper": {
"purl": "pkg:oci/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333?arch=s390x\u0026repository_url=registry.redhat.io/rhceph/keepalived-rhel9\u0026tag=2.2.8-65"
}
}
},
{
"category": "product_version",
"name": "rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
"product": {
"name": "rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
"product_id": "rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92?arch=s390x\u0026repository_url=registry.redhat.io/rhceph/oauth2-proxy-rhel9\u0026tag=v7.6.0-27"
}
}
},
{
"category": "product_version",
"name": "rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
"product": {
"name": "rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
"product_id": "rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9?arch=s390x\u0026repository_url=registry.redhat.io/rhceph/rhceph-promtail-rhel9\u0026tag=v3.0.0-34"
}
}
},
{
"category": "product_version",
"name": "rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
"product": {
"name": "rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
"product_id": "rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24?arch=s390x\u0026repository_url=registry.redhat.io/rhceph/rhceph-8-rhel9\u0026tag=8-492"
}
}
},
{
"category": "product_version",
"name": "rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
"product": {
"name": "rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
"product_id": "rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee?arch=s390x\u0026repository_url=registry.redhat.io/rhceph/rhceph-haproxy-rhel9\u0026tag=2.4.22-67"
}
}
},
{
"category": "product_version",
"name": "rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x",
"product": {
"name": "rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x",
"product_id": "rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x",
"product_identification_helper": {
"purl": "pkg:oci/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06?arch=s390x\u0026repository_url=registry.redhat.io/rhceph/snmp-notifier-rhel9\u0026tag=1.2.1-115"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
"product": {
"name": "rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
"product_id": "rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc?arch=arm64\u0026repository_url=registry.redhat.io/rhceph/grafana-rhel9\u0026tag=11.5.2-6"
}
}
},
{
"category": "product_version",
"name": "rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
"product": {
"name": "rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
"product_id": "rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
"product_identification_helper": {
"purl": "pkg:oci/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43?arch=arm64\u0026repository_url=registry.redhat.io/rhceph/keepalived-rhel9\u0026tag=2.2.8-65"
}
}
},
{
"category": "product_version",
"name": "rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
"product": {
"name": "rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
"product_id": "rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
"product_identification_helper": {
"purl": "pkg:oci/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92?arch=arm64\u0026repository_url=registry.redhat.io/rhceph/oauth2-proxy-rhel9\u0026tag=v7.6.0-27"
}
}
},
{
"category": "product_version",
"name": "rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
"product": {
"name": "rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
"product_id": "rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2?arch=arm64\u0026repository_url=registry.redhat.io/rhceph/rhceph-8-rhel9\u0026tag=8-492"
}
}
},
{
"category": "product_version",
"name": "rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
"product": {
"name": "rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
"product_id": "rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2?arch=arm64\u0026repository_url=registry.redhat.io/rhceph/rhceph-haproxy-rhel9\u0026tag=2.4.22-67"
}
}
},
{
"category": "product_version",
"name": "rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
"product": {
"name": "rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
"product_id": "rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
"product_identification_helper": {
"purl": "pkg:oci/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74?arch=arm64\u0026repository_url=registry.redhat.io/rhceph/snmp-notifier-rhel9\u0026tag=1.2.1-115"
}
}
}
],
"category": "architecture",
"name": "arm64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le as a component of Red Hat Ceph Storage 8.1 Tools",
"product_id": "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le"
},
"product_reference": "rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
"relates_to_product_reference": "9Base-RHCEPH-8.1-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64 as a component of Red Hat Ceph Storage 8.1 Tools",
"product_id": "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64"
},
"product_reference": "rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
"relates_to_product_reference": "9Base-RHCEPH-8.1-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x as a component of Red Hat Ceph Storage 8.1 Tools",
"product_id": "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x"
},
"product_reference": "rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
"relates_to_product_reference": "9Base-RHCEPH-8.1-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64 as a component of Red Hat Ceph Storage 8.1 Tools",
"product_id": "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64"
},
"product_reference": "rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
"relates_to_product_reference": "9Base-RHCEPH-8.1-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64 as a component of Red Hat Ceph Storage 8.1 Tools",
"product_id": "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64"
},
"product_reference": "rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
"relates_to_product_reference": "9Base-RHCEPH-8.1-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64 as a component of Red Hat Ceph Storage 8.1 Tools",
"product_id": "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64"
},
"product_reference": "rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
"relates_to_product_reference": "9Base-RHCEPH-8.1-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le as a component of Red Hat Ceph Storage 8.1 Tools",
"product_id": "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le"
},
"product_reference": "rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
"relates_to_product_reference": "9Base-RHCEPH-8.1-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x as a component of Red Hat Ceph Storage 8.1 Tools",
"product_id": "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x"
},
"product_reference": "rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
"relates_to_product_reference": "9Base-RHCEPH-8.1-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64 as a component of Red Hat Ceph Storage 8.1 Tools",
"product_id": "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64"
},
"product_reference": "rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
"relates_to_product_reference": "9Base-RHCEPH-8.1-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x as a component of Red Hat Ceph Storage 8.1 Tools",
"product_id": "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x"
},
"product_reference": "rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
"relates_to_product_reference": "9Base-RHCEPH-8.1-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64 as a component of Red Hat Ceph Storage 8.1 Tools",
"product_id": "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64"
},
"product_reference": "rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
"relates_to_product_reference": "9Base-RHCEPH-8.1-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le as a component of Red Hat Ceph Storage 8.1 Tools",
"product_id": "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le"
},
"product_reference": "rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
"relates_to_product_reference": "9Base-RHCEPH-8.1-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x as a component of Red Hat Ceph Storage 8.1 Tools",
"product_id": "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x"
},
"product_reference": "rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
"relates_to_product_reference": "9Base-RHCEPH-8.1-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64 as a component of Red Hat Ceph Storage 8.1 Tools",
"product_id": "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64"
},
"product_reference": "rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
"relates_to_product_reference": "9Base-RHCEPH-8.1-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le as a component of Red Hat Ceph Storage 8.1 Tools",
"product_id": "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le"
},
"product_reference": "rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
"relates_to_product_reference": "9Base-RHCEPH-8.1-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64 as a component of Red Hat Ceph Storage 8.1 Tools",
"product_id": "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64"
},
"product_reference": "rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
"relates_to_product_reference": "9Base-RHCEPH-8.1-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64 as a component of Red Hat Ceph Storage 8.1 Tools",
"product_id": "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64"
},
"product_reference": "rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
"relates_to_product_reference": "9Base-RHCEPH-8.1-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le as a component of Red Hat Ceph Storage 8.1 Tools",
"product_id": "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le"
},
"product_reference": "rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
"relates_to_product_reference": "9Base-RHCEPH-8.1-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x as a component of Red Hat Ceph Storage 8.1 Tools",
"product_id": "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x"
},
"product_reference": "rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
"relates_to_product_reference": "9Base-RHCEPH-8.1-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64 as a component of Red Hat Ceph Storage 8.1 Tools",
"product_id": "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64"
},
"product_reference": "rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
"relates_to_product_reference": "9Base-RHCEPH-8.1-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x as a component of Red Hat Ceph Storage 8.1 Tools",
"product_id": "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x"
},
"product_reference": "rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
"relates_to_product_reference": "9Base-RHCEPH-8.1-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64 as a component of Red Hat Ceph Storage 8.1 Tools",
"product_id": "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64"
},
"product_reference": "rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
"relates_to_product_reference": "9Base-RHCEPH-8.1-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le as a component of Red Hat Ceph Storage 8.1 Tools",
"product_id": "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le"
},
"product_reference": "rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
"relates_to_product_reference": "9Base-RHCEPH-8.1-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64 as a component of Red Hat Ceph Storage 8.1 Tools",
"product_id": "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64"
},
"product_reference": "rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
"relates_to_product_reference": "9Base-RHCEPH-8.1-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le as a component of Red Hat Ceph Storage 8.1 Tools",
"product_id": "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le"
},
"product_reference": "rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
"relates_to_product_reference": "9Base-RHCEPH-8.1-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64 as a component of Red Hat Ceph Storage 8.1 Tools",
"product_id": "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64"
},
"product_reference": "rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
"relates_to_product_reference": "9Base-RHCEPH-8.1-Tools"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x as a component of Red Hat Ceph Storage 8.1 Tools",
"product_id": "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
},
"product_reference": "rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x",
"relates_to_product_reference": "9Base-RHCEPH-8.1-Tools"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-23491",
"cwe": {
"id": "CWE-345",
"name": "Insufficient Verification of Data Authenticity"
},
"discovery_date": "2023-03-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2180089"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in python-certifi. Untrusted certificates from TrustCor have been found in the root certificates store.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-certifi: untrusted root certificates",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Satellite is not vulnerable to this flaw as it ships a build of python-certifi that is patched to use system certs from /etc/pki/tls/certs/ca-bundle.crt.Redhat has rated this CVE as moderate because most redhat products use system-wide root CA certificate bundle instead of certifi bundle.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-23491"
},
{
"category": "external",
"summary": "RHBZ#2180089",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2180089"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-23491",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23491"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-23491",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23491"
},
{
"category": "external",
"summary": "https://github.com/certifi/python-certifi/security/advisories/GHSA-43fp-rhv2-5gv8",
"url": "https://github.com/certifi/python-certifi/security/advisories/GHSA-43fp-rhv2-5gv8"
}
],
"release_date": "2022-12-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-06-26T12:12:44+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/2789521\n\nFor supported configurations, refer to:\n\nhttps://access.redhat.com/articles/1548993",
"product_ids": [
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:9776"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "python-certifi: untrusted root certificates"
},
{
"cve": "CVE-2023-45290",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2024-03-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2268017"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in Go\u0027s net/http standard library package. When parsing a multipart form (either explicitly with Request.ParseMultipartForm or implicitly with Request.FormValue, Request.PostFormValue, or Request.FormFile), limits on the total size of the parsed form were not applied to the memory consumed while reading a single form line. This permits a maliciously crafted input containing very long lines to cause allocation of arbitrarily large amounts of memory, potentially leading to memory exhaustion. With fix, the ParseMultipartForm function now correctly limits the maximum size of form lines.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http: golang: mime/multipart: golang: net/textproto: memory exhaustion in Request.ParseMultipartForm",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-45290"
},
{
"category": "external",
"summary": "RHBZ#2268017",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268017"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-45290",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45290"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-45290",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45290"
},
{
"category": "external",
"summary": "http://www.openwall.com/lists/oss-security/2024/03/08/4",
"url": "http://www.openwall.com/lists/oss-security/2024/03/08/4"
},
{
"category": "external",
"summary": "https://go.dev/cl/569341",
"url": "https://go.dev/cl/569341"
},
{
"category": "external",
"summary": "https://go.dev/issue/65383",
"url": "https://go.dev/issue/65383"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg",
"url": "https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-2599",
"url": "https://pkg.go.dev/vuln/GO-2024-2599"
},
{
"category": "external",
"summary": "https://security.netapp.com/advisory/ntap-20240329-0004",
"url": "https://security.netapp.com/advisory/ntap-20240329-0004"
}
],
"release_date": "2024-03-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-06-26T12:12:44+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/2789521\n\nFor supported configurations, refer to:\n\nhttps://access.redhat.com/articles/1548993",
"product_ids": [
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:9776"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http: golang: mime/multipart: golang: net/textproto: memory exhaustion in Request.ParseMultipartForm"
},
{
"cve": "CVE-2024-6104",
"cwe": {
"id": "CWE-532",
"name": "Insertion of Sensitive Information into Log File"
},
"discovery_date": "2024-06-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2294000"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in go-retryablehttp. The package may suffer from a lack of input sanitization by not cleaning up URL data when writing to the logs. This issue could expose sensitive authentication information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "go-retryablehttp: url might write sensitive information to log file",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-6104"
},
{
"category": "external",
"summary": "RHBZ#2294000",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2294000"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-6104",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6104"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-6104",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-6104"
}
],
"release_date": "2024-06-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-06-26T12:12:44+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/2789521\n\nFor supported configurations, refer to:\n\nhttps://access.redhat.com/articles/1548993",
"product_ids": [
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:9776"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "go-retryablehttp: url might write sensitive information to log file"
},
{
"cve": "CVE-2024-24783",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2024-03-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2268019"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go\u0027s crypto/x509 standard library package. Verifying a certificate chain that contains a certificate with an unknown public key algorithm will cause a Certificate.Verify to panic. This issue affects all crypto/tls clients and servers that set Config.ClientAuth to VerifyClientCertIfGiven or RequireAndVerifyClientCert.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-24783"
},
{
"category": "external",
"summary": "RHBZ#2268019",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268019"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-24783",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24783"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-24783",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24783"
},
{
"category": "external",
"summary": "http://www.openwall.com/lists/oss-security/2024/03/08/4",
"url": "http://www.openwall.com/lists/oss-security/2024/03/08/4"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-3q2c-pvp5-3cqp",
"url": "https://github.com/advisories/GHSA-3q2c-pvp5-3cqp"
},
{
"category": "external",
"summary": "https://go.dev/cl/569339",
"url": "https://go.dev/cl/569339"
},
{
"category": "external",
"summary": "https://go.dev/issue/65390",
"url": "https://go.dev/issue/65390"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg",
"url": "https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-2598",
"url": "https://pkg.go.dev/vuln/GO-2024-2598"
},
{
"category": "external",
"summary": "https://security.netapp.com/advisory/ntap-20240329-0005",
"url": "https://security.netapp.com/advisory/ntap-20240329-0005"
}
],
"release_date": "2024-03-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-06-26T12:12:44+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/2789521\n\nFor supported configurations, refer to:\n\nhttps://access.redhat.com/articles/1548993",
"product_ids": [
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:9776"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm"
},
{
"cve": "CVE-2024-24784",
"cwe": {
"id": "CWE-115",
"name": "Misinterpretation of Input"
},
"discovery_date": "2024-03-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2268021"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go\u0027s net/mail standard library package. The ParseAddressList function incorrectly handles comments (text within parentheses) within display names. Since this is a misalignment with conforming address parsers, it can result in different trust decisions made by programs using different parsers.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/mail: comments in display names are incorrectly handled",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-24784"
},
{
"category": "external",
"summary": "RHBZ#2268021",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268021"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-24784",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24784"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-24784",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24784"
}
],
"release_date": "2024-03-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-06-26T12:12:44+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/2789521\n\nFor supported configurations, refer to:\n\nhttps://access.redhat.com/articles/1548993",
"product_ids": [
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:9776"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/mail: comments in display names are incorrectly handled"
},
{
"cve": "CVE-2024-24785",
"cwe": {
"id": "CWE-74",
"name": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)"
},
"discovery_date": "2024-03-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2268022"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go\u0027s html/template standard library package. If errors returned from MarshalJSON methods contain user-controlled data, they may be used to break the contextual auto-escaping behavior of the html/template package, allowing subsequent actions to inject unexpected content into templates.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: html/template: errors returned from MarshalJSON methods may break template escaping",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-24785"
},
{
"category": "external",
"summary": "RHBZ#2268022",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268022"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-24785",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24785"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-24785",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24785"
},
{
"category": "external",
"summary": "https://go.dev/cl/564196",
"url": "https://go.dev/cl/564196"
},
{
"category": "external",
"summary": "https://go.dev/issue/65697",
"url": "https://go.dev/issue/65697"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg",
"url": "https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg"
},
{
"category": "external",
"summary": "https://vuln.go.dev/ID/GO-2024-2610.json",
"url": "https://vuln.go.dev/ID/GO-2024-2610.json"
}
],
"release_date": "2024-03-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-06-26T12:12:44+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/2789521\n\nFor supported configurations, refer to:\n\nhttps://access.redhat.com/articles/1548993",
"product_ids": [
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:9776"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: html/template: errors returned from MarshalJSON methods may break template escaping"
},
{
"cve": "CVE-2024-24786",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2024-03-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2268046"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Golang\u0027s protobuf module, where the unmarshal function can enter an infinite loop when processing certain invalid inputs. This issue occurs during unmarshaling into a message that includes a google.protobuf.Any or when the UnmarshalOptions.DiscardUnknown option is enabled. This flaw allows an attacker to craft malicious input tailored to trigger the identified flaw in the unmarshal function. By providing carefully constructed invalid inputs, they could potentially cause the function to enter an infinite loop, resulting in a denial of service condition or other unintended behaviors in the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-24786"
},
{
"category": "external",
"summary": "RHBZ#2268046",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268046"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-24786",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24786"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-24786",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24786"
},
{
"category": "external",
"summary": "https://go.dev/cl/569356",
"url": "https://go.dev/cl/569356"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/ArQ6CDgtEjY/",
"url": "https://groups.google.com/g/golang-announce/c/ArQ6CDgtEjY/"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-2611",
"url": "https://pkg.go.dev/vuln/GO-2024-2611"
}
],
"release_date": "2024-03-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-06-26T12:12:44+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/2789521\n\nFor supported configurations, refer to:\n\nhttps://access.redhat.com/articles/1548993",
"product_ids": [
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:9776"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON"
},
{
"cve": "CVE-2024-24788",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2024-05-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2279814"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the net package of the Go stdlib. When a malformed DNS message is received as a response to a query, the Lookup functions within the net package can get stuck in an infinite loop. This issue can lead to resource exhaustion and denial of service (DoS) conditions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net: malformed DNS message can cause infinite loop",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-24788"
},
{
"category": "external",
"summary": "RHBZ#2279814",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2279814"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-24788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24788"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-24788",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24788"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-2824",
"url": "https://pkg.go.dev/vuln/GO-2024-2824"
}
],
"release_date": "2024-05-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-06-26T12:12:44+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/2789521\n\nFor supported configurations, refer to:\n\nhttps://access.redhat.com/articles/1548993",
"product_ids": [
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:9776"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net: malformed DNS message can cause infinite loop"
},
{
"cve": "CVE-2024-24789",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2024-06-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2292668"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Golang. The ZIP implementation of the Go language archive/zip library behaves differently than the rest of the ZIP file format implementations. When handling ZIP files with a corrupted central directory record, the library skips over the invalid record and processes the next valid one. This flaw allows a malicious user to access hidden information or files inside maliciously crafted ZIP files.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: archive/zip: Incorrect handling of certain ZIP files",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-24789"
},
{
"category": "external",
"summary": "RHBZ#2292668",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2292668"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-24789",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24789"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-24789",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24789"
}
],
"release_date": "2024-06-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-06-26T12:12:44+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/2789521\n\nFor supported configurations, refer to:\n\nhttps://access.redhat.com/articles/1548993",
"product_ids": [
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:9776"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: archive/zip: Incorrect handling of certain ZIP files"
},
{
"cve": "CVE-2024-24790",
"cwe": {
"id": "CWE-115",
"name": "Misinterpretation of Input"
},
"discovery_date": "2024-06-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2292787"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Go language standard library net/netip. The method Is*() (IsPrivate(), IsPublic(), etc) doesn\u0027t behave properly when working with IPv6 mapped to IPv4 addresses. The unexpected behavior can lead to integrity and confidentiality issues, specifically when these methods are used to control access to resources or data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE has been marked as moderate as for our products a network-based attack vector is simply impossible when it comes to golang code,apart from that as per CVE flaw analysis reported by golang, this only affects integrity and confidentiality and has no effect on availability, hence CVSS has been marked as such.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-24790"
},
{
"category": "external",
"summary": "RHBZ#2292787",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2292787"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-24790",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24790"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-24790",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24790"
}
],
"release_date": "2024-06-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-06-26T12:12:44+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/2789521\n\nFor supported configurations, refer to:\n\nhttps://access.redhat.com/articles/1548993",
"product_ids": [
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:9776"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses"
},
{
"cve": "CVE-2024-24791",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2024-07-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2295310"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go. The net/http module mishandles specific server responses from HTTP/1.1 client requests. This issue may render a connection invalid and cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/http: Denial of service due to improper 100-continue handling in net/http",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "An attacker would need to control a malicious server and induce a client to connect to it, requiring some amount of preparation outside of the attacker\u0027s control. This reduces the severity score of this flaw to Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-24791"
},
{
"category": "external",
"summary": "RHBZ#2295310",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295310"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-24791",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24791"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-24791",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24791"
},
{
"category": "external",
"summary": "https://go.dev/cl/591255",
"url": "https://go.dev/cl/591255"
},
{
"category": "external",
"summary": "https://go.dev/issue/67555",
"url": "https://go.dev/issue/67555"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ",
"url": "https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ"
}
],
"release_date": "2024-07-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-06-26T12:12:44+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/2789521\n\nFor supported configurations, refer to:\n\nhttps://access.redhat.com/articles/1548993",
"product_ids": [
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:9776"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "net/http: Denial of service due to improper 100-continue handling in net/http"
},
{
"cve": "CVE-2024-34155",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2024-09-06T21:20:06.929766+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2310527"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the go/parser package of the Golang standard library. Calling any Parse functions on Go source code containing deeply nested literals can cause a panic due to stack exhaustion.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-34155"
},
{
"category": "external",
"summary": "RHBZ#2310527",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310527"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-34155",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34155"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-34155",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34155"
},
{
"category": "external",
"summary": "https://go.dev/cl/611238",
"url": "https://go.dev/cl/611238"
},
{
"category": "external",
"summary": "https://go.dev/issue/69138",
"url": "https://go.dev/issue/69138"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk",
"url": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3105",
"url": "https://pkg.go.dev/vuln/GO-2024-3105"
}
],
"release_date": "2024-09-06T21:15:11.947000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-06-26T12:12:44+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/2789521\n\nFor supported configurations, refer to:\n\nhttps://access.redhat.com/articles/1548993",
"product_ids": [
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:9776"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion"
},
{
"cve": "CVE-2024-34156",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2024-09-06T21:20:09.377905+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2310528"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in Go\u0027s `encoding/gob` package is of high severity because it exposes applications to potential Denial of Service (DoS) attacks through stack exhaustion. Since `gob` relies on recursive function calls to decode nested structures, an attacker could exploit this by sending crafted messages with excessively deep nesting, causing the application to panic due to stack overflow. This risk is particularly important in scenarios where untrusted or external input is processed, as it can lead to system unavailability or crashes, undermining the reliability and availability of services.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-34156"
},
{
"category": "external",
"summary": "RHBZ#2310528",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310528"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-34156",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34156"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-34156",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34156"
},
{
"category": "external",
"summary": "https://go.dev/cl/611239",
"url": "https://go.dev/cl/611239"
},
{
"category": "external",
"summary": "https://go.dev/issue/69139",
"url": "https://go.dev/issue/69139"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk",
"url": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3106",
"url": "https://pkg.go.dev/vuln/GO-2024-3106"
}
],
"release_date": "2024-09-06T21:15:12.020000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-06-26T12:12:44+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/2789521\n\nFor supported configurations, refer to:\n\nhttps://access.redhat.com/articles/1548993",
"product_ids": [
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:9776"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
"9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…