Action not permitted
Modal body text goes here.
cve-2023-0809
Vulnerability from cvelistv5
Published
2023-10-02 18:56
Modified
2025-02-13 16:39
Severity ?
EPSS score ?
Summary
In Mosquitto before 2.0.16, excessive memory is allocated based on malicious initial packets that are not CONNECT packets.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T05:24:34.509Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://mosquitto.org/blog/2023/08/version-2-0-16-released/"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202401-09"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-0809",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-20T14:51:17.455933Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-20T14:51:34.000Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Mosquitto",
"vendor": "Eclipse",
"versions": [
{
"lessThan": "2.0.16",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In Mosquitto before 2.0.16, excessive memory is allocated based on malicious initial packets that are not CONNECT packets."
}
],
"value": "In Mosquitto before 2.0.16, excessive memory is allocated based on malicious initial packets that are not CONNECT packets."
}
],
"impacts": [
{
"capecId": "CAPEC-130",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-130 Excessive Allocation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-789",
"description": "CWE-789",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-07T10:06:16.711Z",
"orgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
"shortName": "eclipse"
},
"references": [
{
"url": "https://mosquitto.org/blog/2023/08/version-2-0-16-released/"
},
{
"url": "https://security.gentoo.org/glsa/202401-09"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "SecretariatVulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
"assignerShortName": "eclipse",
"cveId": "CVE-2023-0809",
"datePublished": "2023-10-02T18:56:26.824Z",
"dateReserved": "2023-02-13T14:04:10.012Z",
"dateUpdated": "2025-02-13T16:39:08.267Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2023-0809\",\"sourceIdentifier\":\"emo@eclipse.org\",\"published\":\"2023-10-02T19:15:09.717\",\"lastModified\":\"2024-01-07T10:15:08.310\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In Mosquitto before 2.0.16, excessive memory is allocated based on malicious initial packets that are not CONNECT packets.\"},{\"lang\":\"es\",\"value\":\"En Mosquitto anterior a 2.0.16, el exceso de memoria se asigna en funci\u00f3n de paquetes iniciales maliciosos que no son paquetes CONNECT.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"LOW\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\"},\"exploitabilityScore\":3.9,\"impactScore\":1.4},{\"source\":\"emo@eclipse.org\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"LOW\",\"baseScore\":5.8,\"baseSeverity\":\"MEDIUM\"},\"exploitabilityScore\":3.9,\"impactScore\":1.4}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-770\"}]},{\"source\":\"emo@eclipse.org\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-789\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:eclipse:mosquitto:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.0.16\",\"matchCriteriaId\":\"C744F41F-1469-4455-8C1C-B06373070721\"}]}]}],\"references\":[{\"url\":\"https://mosquitto.org/blog/2023/08/version-2-0-16-released/\",\"source\":\"emo@eclipse.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://security.gentoo.org/glsa/202401-09\",\"source\":\"emo@eclipse.org\"}]}}"
}
}
sca-2025-0006
Vulnerability from csaf_sick
Published
2025-04-28 13:00
Modified
2025-04-28 13:00
Summary
Vulnerability affecting picoScan and multiScan
Notes
summary
SICK has identified a Denial of Service vulnerability (CVE-2025-32472) in picoScan and multiScan, which can cause the web page to become unresponsive. Due to their architectural design, these products are not affected by the other vulnerabilities listed in this advisory. Currently SICK is not aware of any public exploits specifically targeting the vulnerability. SICK recommends applying the mitigation for CVE-2025-32472.
General Security Measures
As general security measures, SICK recommends to minimize network exposure of the devices, restrict network access and follow recommended security practices in order to run the devices in a protected IT environment.
Vulnerability Classification
SICK performs vulnerability classification by using the CVSS scoring system (*CVSS v3.1*). The environmental score is dependent on the customer’s environment and can affect the overall CVSS score. SICK recommends that customers individually evaluate the environmental score to achieve final scoring.
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "summary",
"text": "SICK has identified a Denial of Service vulnerability (CVE-2025-32472) in picoScan and multiScan, which can cause the web page to become unresponsive. Due to their architectural design, these products are not affected by the other vulnerabilities listed in this advisory. Currently SICK is not aware of any public exploits specifically targeting the vulnerability. SICK recommends applying the mitigation for CVE-2025-32472.",
"title": "summary"
},
{
"category": "general",
"text": "As general security measures, SICK recommends to minimize network exposure of the devices, restrict network access and follow recommended security practices in order to run the devices in a protected IT environment.",
"title": "General Security Measures"
},
{
"category": "general",
"text": "SICK performs vulnerability classification by using the CVSS scoring system (*CVSS v3.1*). The environmental score is dependent on the customer\u2019s environment and can affect the overall CVSS score. SICK recommends that customers individually evaluate the environmental score to achieve final scoring.",
"title": "Vulnerability Classification"
}
],
"publisher": {
"category": "vendor",
"contact_details": "psirt@sick.de",
"issuing_authority": "SICK PSIRT is responsible for any vulnerabilities related to SICK products.",
"name": "SICK PSIRT",
"namespace": "https://www.sick.com/psirt"
},
"references": [
{
"summary": "SICK PSIRT Security Advisories",
"url": "https://sick.com/psirt"
},
{
"summary": "SICK Operating Guidelines",
"url": "https://cdn.sick.com/media/docs/1/11/411/Special_information_CYBERSECURITY_BY_SICK_en_IM0084411.PDF"
},
{
"summary": "ICS-CERT recommended practices on Industrial Security",
"url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
},
{
"summary": "CVSS v3.1 Calculator",
"url": "https://www.first.org/cvss/calculator/3.1"
},
{
"category": "self",
"summary": "The canonical URL.",
"url": "https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0006.json"
}
],
"title": "Vulnerability affecting picoScan and multiScan",
"tracking": {
"current_release_date": "2025-04-28T13:00:00.000Z",
"generator": {
"date": "2025-04-28T06:38:33.857Z",
"engine": {
"name": "Secvisogram",
"version": "2.5.24"
}
},
"id": "SCA-2025-0006",
"initial_release_date": "2025-04-28T13:00:00.000Z",
"revision_history": [
{
"date": "2025-04-28T13:00:00.000Z",
"number": "1",
"summary": "Initial version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SICK picoScan1XX all versions",
"product_id": "CSAFPID-0001",
"product_identification_helper": {
"skus": [
"1134607",
"1134608",
"1134609",
"1134610",
"1141395",
"1141396",
"1141397",
"1141751",
"1142269",
"1142270",
"1142272",
"1142273"
]
}
}
}
],
"category": "product_name",
"name": "picoScan1XX"
}
],
"category": "product_family",
"name": "picoScan100"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SICK multiScan1XX all versions",
"product_id": "CSAFPID-0002",
"product_identification_helper": {
"skus": [
"1131164",
"1137723",
"1140110",
"1140133",
"1140134",
"1141496",
"1143873"
]
}
}
}
],
"category": "product_name",
"name": "multiScan1XX"
}
],
"category": "product_family",
"name": "multiScan100"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SICK picoScan1XX Firmware all versions",
"product_id": "CSAFPID-0003"
}
}
],
"category": "product_name",
"name": "picoScan1XX Firmware"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SICK multiScan1XX Firmware all versions",
"product_id": "CSAFPID-0004"
}
}
],
"category": "product_name",
"name": "multiScan1XX Firmware"
}
],
"category": "vendor",
"name": "SICK AG"
}
],
"relationships": [
{
"category": "installed_on",
"full_product_name": {
"name": "SICK picoScan1XX all Firmware versions",
"product_id": "CSAFPID-0005"
},
"product_reference": "CSAFPID-0003",
"relates_to_product_reference": "CSAFPID-0001"
},
{
"category": "installed_on",
"full_product_name": {
"name": "SICK multiScan1XX all Firmware versions",
"product_id": "CSAFPID-0006"
},
"product_reference": "CSAFPID-0004",
"relates_to_product_reference": "CSAFPID-0002"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-32472",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"audience": "all",
"category": "summary",
"text": "The multiScan and picoScan are vulnerable to a denial-of-service (DoS) attack. A remote attacker can exploit this vulnerability by conducting a Slowloris-type attack, causing the web page to become unresponsive.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0005",
"CSAFPID-0006"
]
},
"remediations": [
{
"category": "workaround",
"details": "Please make sure that only trusted entities have access to the device. Furthermore, you should apply the following General Security Measures when operating the product to mitigate the associated security risk. The collected resources \u201dSICK Operating Guidelines\u201d and \u201dICS-CERT recommended practices on Industrial Security\u201d could help to implement the general security practices. Additionally, the web server can be disabled via the CyberSecurity page in the UI.",
"product_ids": [
"CSAFPID-0005",
"CSAFPID-0006"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 5.3,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.3,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-0005",
"CSAFPID-0006"
]
}
],
"title": "Denial-of-Service Vulnerability in multiScan and picoScan via Slowloris Attack"
},
{
"cve": "CVE-2024-38517",
"cwe": {
"id": "CWE-191",
"name": "Integer Underflow (Wrap or Wraparound)"
},
"notes": [
{
"audience": "all",
"category": "summary",
"text": "Tencent RapidJSON is vulnerable to privilege escalation due to an integer underflow in the `GenericReader::ParseNumber()` function of `include/rapidjson/reader.h` when parsing JSON text from a stream. An attacker needs to send the victim a crafted file which needs to be opened; this triggers the integer underflow vulnerability (when the file is parsed), leading to elevation of privilege.",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"CSAFPID-0005",
"CSAFPID-0006"
]
},
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0005",
"CSAFPID-0006"
]
}
],
"title": "Tencent RapidJSON Vulnerable to Privilege Escalation via Integer Underflow in GenericReader::ParseNumber() Function"
},
{
"cve": "CVE-2024-39684",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"audience": "all",
"category": "summary",
"text": "Tencent RapidJSON is vulnerable to privilege escalation due to an integer overflow in the GenericReader::ParseNumber() function of include/rapidjson/reader.h when parsing JSON text from a stream. An attacker needs to send the victim a crafted file which needs to be opened; this triggers the integer overflow vulnerability (when the file is parsed), leading to elevation of privilege.",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"CSAFPID-0005",
"CSAFPID-0006"
]
},
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0005",
"CSAFPID-0006"
]
}
],
"title": "Tencent RapidJSON Vulnerable to Privilege Escalation via Integer Overflow in GenericReader::ParseNumber() Function"
},
{
"cve": "CVE-2022-46908",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"notes": [
{
"audience": "all",
"category": "summary",
"text": "SQLite through 3.40.0, when relying on --safe for execution of an untrusted CLI script, does not properly implement the azProhibitedFunctions protection mechanism, and instead allows UDF functions such as WRITEFILE.",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"CSAFPID-0005",
"CSAFPID-0006"
]
},
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.3,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 7.3,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-0005",
"CSAFPID-0006"
]
}
],
"title": "SQLite Vulnerable to Protection Mechanism Bypass via Improper Implementation of \u0027azProhibitedFunctions\u0027"
},
{
"cve": "CVE-2021-36690",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"audience": "all",
"category": "summary",
"text": "A segmentation fault can occur in the sqlite3.exe command-line component of SQLite 3.36.0 via the idxGetTableInfo function when there is a crafted SQL query. NOTE: the vendor disputes the relevance of this report because a sqlite3.exe user already has full privileges (e.g., is intentionally allowed to execute commands). This report does NOT imply any problem in the SQLite library.",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"CSAFPID-0005",
"CSAFPID-0006"
]
},
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0005",
"CSAFPID-0006"
]
}
],
"title": "SQLite Vulnerable to Denial-of-Service (DoS) via Segmentation Fault in \u0027idxGetTableInfo\u0027 Function"
},
{
"cve": "CVE-2022-35737",
"cwe": {
"id": "CWE-129",
"name": "Improper Validation of Array Index"
},
"notes": [
{
"audience": "all",
"category": "summary",
"text": "SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-bounds overflow if billions of bytes are used in a string argument to a C API.",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"CSAFPID-0005",
"CSAFPID-0006"
]
},
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0005",
"CSAFPID-0006"
]
}
],
"title": "SQLite Vulnerable to Memory Corruption via Stack-Based Buffer Overflow in \u0027sqlite3_str_vappendf()\u0027 Function Used by \u0027printf\u0027 Family API Implementations"
},
{
"cve": "CVE-2021-45346",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"notes": [
{
"audience": "all",
"category": "summary",
"text": "A Memory Leak vulnerability exists in SQLite Project SQLite3 3.35.1 and 3.37.0 via maliciously crafted SQL Queries (made via editing the Database File), it is possible to query a record, and leak subsequent bytes of memory that extend beyond the record, which could let a malicious user obtain sensitive information. NOTE: The developer disputes this as a vulnerability stating that If you give SQLite a corrupted database file and submit a query against the database, it might read parts of the database that you did not intend or expect",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"CSAFPID-0005",
"CSAFPID-0006"
]
},
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"environmentalScore": 4.3,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 4.3,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0005",
"CSAFPID-0006"
]
}
],
"title": "SQLite Vulnerable to Information Disclosure via Maliciously Crafted Queries"
},
{
"cve": "CVE-2023-7104",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"audience": "all",
"category": "summary",
"text": "A vulnerability was found in SQLite SQLite3 up to 3.43.0 and classified as critical. This issue affects the function sessionReadRecord of the file ext/session/sqlite3session.c of the component make alltest Handler. The manipulation leads to heap-based buffer overflow. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-248999.",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"CSAFPID-0005",
"CSAFPID-0006"
]
},
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"environmentalScore": 7.3,
"environmentalSeverity": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.3,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-0005",
"CSAFPID-0006"
]
}
],
"title": "SQLite Vulnerable to Out-of-Bounds Memory Access via Insufficient Input Validation in \u0027sessionReadRecord\u0027 Function of \u0027Sessions\u0027 Extension"
},
{
"cve": "CVE-2022-28805",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"audience": "all",
"category": "summary",
"text": "singlevar in lparser.c in Lua from (including) 5.4.0 up to (excluding) 5.4.4 lacks a certain luaK_exp2anyregup call, leading to a heap-based buffer over-read that might affect a system that compiles untrusted Lua code.",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"CSAFPID-0005",
"CSAFPID-0006"
]
},
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"environmentalScore": 9.1,
"environmentalSeverity": "CRITICAL",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 9.1,
"temporalSeverity": "CRITICAL",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0005",
"CSAFPID-0006"
]
}
],
"title": "Lua Vulnerable to Denial-of-Service (DoS) and Information Disclosure via Heap-Based Buffer Over-Read in \u0027luaH_getshortstr\u0027 Function"
},
{
"cve": "CVE-2020-24370",
"cwe": {
"id": "CWE-191",
"name": "Integer Underflow (Wrap or Wraparound)"
},
"notes": [
{
"audience": "all",
"category": "summary",
"text": "ldebug.c in Lua 5.4.0 allows a negation overflow and segmentation fault in getlocal and setlocal, as demonstrated by getlocal(3,2^31).",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"CSAFPID-0005",
"CSAFPID-0006"
]
},
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 5.3,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.3,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-0005",
"CSAFPID-0006"
]
}
],
"title": "Lua Vulnerable to Denial-of-Service (DoS) via Integer Overflow in \u0027ldebug.c\u0027 File"
},
{
"cve": "CVE-2021-43519",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"notes": [
{
"audience": "all",
"category": "summary",
"text": "Stack overflow in lua_resume of ldo.c in Lua Interpreter 5.1.0~5.4.4 allows attackers to perform a Denial of Service via a crafted script file.",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"CSAFPID-0005",
"CSAFPID-0006"
]
},
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0005",
"CSAFPID-0006"
]
}
],
"title": "Lua Vulnerable to Denial-of-Service (DoS) via Stack-Based Buffer Overflow in \u0027ldo.c\u0027"
},
{
"cve": "CVE-2020-24369",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"audience": "all",
"category": "summary",
"text": "ldebug.c in Lua 5.4.0 attempts to access debug information via the line hook of a stripped function, leading to a NULL pointer dereference.",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"CSAFPID-0005",
"CSAFPID-0006"
]
},
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0005",
"CSAFPID-0006"
]
}
],
"title": "Lua Vulnerable to Denial-of-Service (DoS) via Stack-Based Buffer Overflow in \u0027ldo.c\u0027"
},
{
"cve": "CVE-2020-24371",
"cwe": {
"id": "CWE-763",
"name": "Release of Invalid Pointer or Reference"
},
"notes": [
{
"audience": "all",
"category": "summary",
"text": "lgc.c in Lua 5.4.0 mishandles the interaction between barriers and the sweep phase, leading to a memory access violation involving collectgarbage.",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"CSAFPID-0005",
"CSAFPID-0006"
]
},
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 5.3,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.3,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-0005",
"CSAFPID-0006"
]
}
],
"title": "Lua Vulnerable to Information Disclosure via Mishandled Interaction Between Barriers and Sweep Phase"
},
{
"cve": "CVE-2022-33099",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"audience": "all",
"category": "summary",
"text": "An issue in the component luaG_runerror of Lua v5.4.4 and below leads to a heap-buffer overflow when a recursive error occurs.",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"CSAFPID-0005",
"CSAFPID-0006"
]
},
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0005",
"CSAFPID-0006"
]
}
],
"title": "Lua Vulnerable to Denial-of-Service (DoS) via Stack Overflow in \u0027luaG_runerror\u0027 Function"
},
{
"cve": "CVE-2020-15945",
"cwe": {
"id": "CWE-229",
"name": "Improper Handling of Values"
},
"notes": [
{
"audience": "all",
"category": "summary",
"text": "Lua 5.4.0 (fixed in 5.4.1) has a segmentation fault in changedline in ldebug.c (e.g., when called by luaG_traceexec) because it incorrectly expects that an oldpc value is always updated upon a return of the flow of control to a function.",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"CSAFPID-0005",
"CSAFPID-0006"
]
},
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0005",
"CSAFPID-0006"
]
}
],
"title": "Lua Vulnerable to Denial-of-Service via \u0027changedline\u0027 Function"
},
{
"cve": "CVE-2020-15888",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"audience": "all",
"category": "summary",
"text": "Lua through 5.4.0 mishandles the interaction between stack resizes and garbage collection, leading to a heap-based buffer overflow, heap-based buffer over-read, or use-after-free.",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"CSAFPID-0005",
"CSAFPID-0006"
]
},
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 8.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 8.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0005",
"CSAFPID-0006"
]
}
],
"title": "Lua Vulnerable to Denial-of-Service (DoS) via Multiple Heap Related Memory Errors via Garbage Collection \u0027Stack Resizing\u0027"
},
{
"cve": "CVE-2020-24342",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"audience": "all",
"category": "summary",
"text": "Lua through 5.4.0 allows a stack redzone cross in luaO_pushvfstring because a protection mechanism wrongly calls luaD_callnoyield twice in a row.",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"CSAFPID-0005",
"CSAFPID-0006"
]
},
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0005",
"CSAFPID-0006"
]
}
],
"title": "Lua Vulnerable to Denial-of-Service (DoS) via Stack Overflow in \u0027luaD_callnoyield\u0027 Function"
},
{
"cve": "CVE-2024-10525",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"audience": "all",
"category": "summary",
"text": "In Eclipse Mosquitto, from version 1.3.2 through 2.0.18, if a malicious broker sends a crafted SUBACK packet with no reason codes, a client using libmosquitto may make out of bounds memory access when acting in its on_subscribe callback. This affects the mosquitto_sub and mosquitto_rr clients.",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"CSAFPID-0005",
"CSAFPID-0006"
]
},
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"environmentalScore": 9.8,
"environmentalSeverity": "CRITICAL",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 9.8,
"temporalSeverity": "CRITICAL",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0005",
"CSAFPID-0006"
]
}
],
"title": "Eclipse Mosquitto Vulnerable to Memory Corruption via Heap-Based-Buffer Overflow in Crafted SUBACK Packet in libmosquitto Component"
},
{
"cve": "CVE-2024-8376",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"notes": [
{
"audience": "all",
"category": "summary",
"text": "In Eclipse Mosquitto up to version 2.0.18a, an attacker can achieve memory leaking, segmentation fault or heap-use-after-free by sending specific sequences of \"CONNECT\", \"DISCONNECT\", \"SUBSCRIBE\", \"UNSUBSCRIBE\" and \"PUBLISH\" packets.",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"CSAFPID-0005",
"CSAFPID-0006"
]
},
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0005",
"CSAFPID-0006"
]
}
],
"title": "Eclipse Mosquitto Vulnerable to Memory Corruption via Specific Sequences in Packet Handling Component"
},
{
"cve": "CVE-2023-28366",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"notes": [
{
"audience": "all",
"category": "summary",
"text": "The broker in Eclipse Mosquitto 1.3.2 through 2.x before 2.0.16 has a memory leak that can be abused remotely when a client sends many QoS 2 messages with duplicate message IDs, and fails to respond to PUBREC commands. This occurs because of mishandling of EAGAIN from the libc send function.",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"CSAFPID-0005",
"CSAFPID-0006"
]
},
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0005",
"CSAFPID-0006"
]
}
],
"title": "Mosquitto Vulnerable to Denial-of-Service (DoS) via Memory Leak Triggered by Duplicate QoS 2 Messages"
},
{
"cve": "CVE-2023-3592",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"notes": [
{
"audience": "all",
"category": "summary",
"text": "In Mosquitto before 2.0.16, a memory leak occurs when clients send v5 CONNECT packets with a will message that contains invalid property types.",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"CSAFPID-0005",
"CSAFPID-0006"
]
},
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0005",
"CSAFPID-0006"
]
}
],
"title": "Mosquitto Vulnerable to Denial-of-Service (DoS) via Memory Leak in \u0027v5 CONNECT\u0027 Packets"
},
{
"cve": "CVE-2024-3935",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"notes": [
{
"audience": "all",
"category": "summary",
"text": "In Eclipse Mosquito, versions from 2.0.0 through 2.0.18, if a Mosquitto broker is configured to create an outgoing bridge connection, and that bridge connection has an incoming topic configured that makes use of topic remapping, then if the remote connection sends a crafted PUBLISH packet to the broker a double free will occur with a subsequent crash of the broker.",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"CSAFPID-0005",
"CSAFPID-0006"
]
},
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 6.5,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 6.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0005",
"CSAFPID-0006"
]
}
],
"title": "Eclipse Mosquitto Vulnerable to Memory Corruption via Double Free in Crafted PUBLISH Packet in Outgoing Bridge Connection"
},
{
"cve": "CVE-2023-0809",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"audience": "all",
"category": "summary",
"text": "In Mosquitto before 2.0.16, excessive memory is allocated based on malicious initial packets that are not CONNECT packets.",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"CSAFPID-0005",
"CSAFPID-0006"
]
},
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 5.3,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.3,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-0005",
"CSAFPID-0006"
]
}
],
"title": "Mosquitto Vulnerable to Denial-of-Service (DoS) via Excessive Memory Allocation"
}
]
}
wid-sec-w-2023-2724
Vulnerability from csaf_certbund
Published
2023-10-22 22:00
Modified
2023-10-22 22:00
Summary
IBM Integration Bus: Mehrere Schwachstellen ermöglichen Denial of Service
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
IBM Integration Bus ist eine "lightweight" ESB, welche die Integration von SOAP oder non-SOAP Datenquellen von verschiedenen Plattformen ermöglicht.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in IBM Integration Bus ausnutzen, um einen Denial of Service Angriff durchzuführen.
Betroffene Betriebssysteme
- Linux
- Windows
- Sonstiges
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "IBM Integration Bus ist eine \"lightweight\" ESB, welche die Integration von SOAP oder non-SOAP Datenquellen von verschiedenen Plattformen erm\u00f6glicht.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in IBM Integration Bus ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- Windows\n- Sonstiges",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2023-2724 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2724.json"
},
{
"category": "self",
"summary": "WID-SEC-2023-2724 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2724"
},
{
"category": "external",
"summary": "IBM Security Bulletin: 7056518 vom 2023-10-22",
"url": "https://www.ibm.com/support/pages/node/7056518"
},
{
"category": "external",
"summary": "IBM Security Bulletin: 7056456 vom 2023-10-22",
"url": "https://www.ibm.com/support/pages/node/7056456"
}
],
"source_lang": "en-US",
"title": "IBM Integration Bus: Mehrere Schwachstellen erm\u00f6glichen Denial of Service",
"tracking": {
"current_release_date": "2023-10-22T22:00:00.000+00:00",
"generator": {
"date": "2024-08-15T18:00:24.040+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2023-2724",
"initial_release_date": "2023-10-22T22:00:00.000+00:00",
"revision_history": [
{
"date": "2023-10-22T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "IBM Integration Bus 10.1 - 10.1.0.1",
"product": {
"name": "IBM Integration Bus 10.1 - 10.1.0.1",
"product_id": "T028402",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:integration_bus:10.1_-_10.1.0.1"
}
}
}
],
"category": "vendor",
"name": "IBM"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-3635",
"notes": [
{
"category": "description",
"text": "In IBM Integration Bus existieren mehrere Schwachstellen. Diese bestehen in Komponenten von Drittanbietern und sind auf Speicherlecks sowie nicht abgefangene Excepetions zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T028402"
]
},
"release_date": "2023-10-22T22:00:00.000+00:00",
"title": "CVE-2023-3635"
},
{
"cve": "CVE-2023-3592",
"notes": [
{
"category": "description",
"text": "In IBM Integration Bus existieren mehrere Schwachstellen. Diese bestehen in Komponenten von Drittanbietern und sind auf Speicherlecks sowie nicht abgefangene Excepetions zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T028402"
]
},
"release_date": "2023-10-22T22:00:00.000+00:00",
"title": "CVE-2023-3592"
},
{
"cve": "CVE-2023-28366",
"notes": [
{
"category": "description",
"text": "In IBM Integration Bus existieren mehrere Schwachstellen. Diese bestehen in Komponenten von Drittanbietern und sind auf Speicherlecks sowie nicht abgefangene Excepetions zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T028402"
]
},
"release_date": "2023-10-22T22:00:00.000+00:00",
"title": "CVE-2023-28366"
},
{
"cve": "CVE-2023-0809",
"notes": [
{
"category": "description",
"text": "In IBM Integration Bus existieren mehrere Schwachstellen. Diese bestehen in Komponenten von Drittanbietern und sind auf Speicherlecks sowie nicht abgefangene Excepetions zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T028402"
]
},
"release_date": "2023-10-22T22:00:00.000+00:00",
"title": "CVE-2023-0809"
}
]
}
gsd-2023-0809
Vulnerability from gsd
Modified
2023-12-13 01:20
Details
In Mosquitto before 2.0.16, excessive memory is allocated based on malicious initial packets that are not CONNECT packets.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2023-0809",
"id": "GSD-2023-0809"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2023-0809"
],
"details": "In Mosquitto before 2.0.16, excessive memory is allocated based on malicious initial packets that are not CONNECT packets.",
"id": "GSD-2023-0809",
"modified": "2023-12-13T01:20:23.021547Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "security@eclipse.org",
"ID": "CVE-2023-0809",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Mosquitto",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "0",
"version_value": "2.0.16"
}
]
}
}
]
},
"vendor_name": "Eclipse"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Mosquitto before 2.0.16, excessive memory is allocated based on malicious initial packets that are not CONNECT packets."
}
]
},
"generator": {
"engine": "SecretariatVulnogram 0.1.0-dev"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
"version": "3.1"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"cweId": "CWE-789",
"lang": "eng",
"value": "CWE-789"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://mosquitto.org/blog/2023/08/version-2-0-16-released/",
"refsource": "MISC",
"url": "https://mosquitto.org/blog/2023/08/version-2-0-16-released/"
},
{
"name": "https://security.gentoo.org/glsa/202401-09",
"refsource": "MISC",
"url": "https://security.gentoo.org/glsa/202401-09"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
},
"nvd.nist.gov": {
"cve": {
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eclipse:mosquitto:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C744F41F-1469-4455-8C1C-B06373070721",
"versionEndExcluding": "2.0.16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Mosquitto before 2.0.16, excessive memory is allocated based on malicious initial packets that are not CONNECT packets."
},
{
"lang": "es",
"value": "En Mosquitto anterior a 2.0.16, el exceso de memoria se asigna en funci\u00f3n de paquetes iniciales maliciosos que no son paquetes CONNECT."
}
],
"id": "CVE-2023-0809",
"lastModified": "2024-01-07T10:15:08.310",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "emo@eclipse.org",
"type": "Secondary"
}
]
},
"published": "2023-10-02T19:15:09.717",
"references": [
{
"source": "emo@eclipse.org",
"tags": [
"Release Notes"
],
"url": "https://mosquitto.org/blog/2023/08/version-2-0-16-released/"
},
{
"source": "emo@eclipse.org",
"url": "https://security.gentoo.org/glsa/202401-09"
}
],
"sourceIdentifier": "emo@eclipse.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-770"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-789"
}
],
"source": "emo@eclipse.org",
"type": "Secondary"
}
]
}
}
}
}
ghsa-v9xr-r3xx-x9gc
Vulnerability from github
Published
2023-10-02 21:30
Modified
2024-01-07 12:30
Severity ?
Details
In Mosquitto before 2.0.16, excessive memory is allocated based on malicious initial packets that are not CONNECT packets.
{
"affected": [],
"aliases": [
"CVE-2023-0809"
],
"database_specific": {
"cwe_ids": [
"CWE-770",
"CWE-789"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-10-02T19:15:09Z",
"severity": "MODERATE"
},
"details": "In Mosquitto before 2.0.16, excessive memory is allocated based on malicious initial packets that are not CONNECT packets.",
"id": "GHSA-v9xr-r3xx-x9gc",
"modified": "2024-01-07T12:30:30Z",
"published": "2023-10-02T21:30:17Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0809"
},
{
"type": "WEB",
"url": "https://mosquitto.org/blog/2023/08/version-2-0-16-released"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/202401-09"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
"type": "CVSS_V3"
}
]
}
rhsa-2024_1061
Vulnerability from csaf_redhat
Published
2024-02-29 20:37
Modified
2024-09-16 17:34
Summary
Red Hat Security Advisory: Red Hat Satellite 6 security and bug fix update
Notes
Topic
An update is now available for Red Hat Satellite 6.13 for RHEL 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Satellite is a system management solution that allows organizations to
configure and maintain their systems without the necessity to provide public
Internet access to their servers or other client systems. It performs
provisioning and configuration management of predefined standard operating
environments.
Security Fix(es):
* satellite: Blind SSRF via Referer header (CVE-2022-4130)
* mosquitto: memory leak leads to unresponsive broker (CVE-2023-0809, CVE-2023-28366, CVE-2023-3592)
* foreman: World readable file containing secrets (CVE-2023-4886)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* Long running postgres threads during content-export (BZ#2257299)
* After upstream repo switched to zst compression, Satellite 6.12.5.1 unable to sync (BZ#2257300)
* Actions::ForemanLeapp::PreupgradeJob fails with null value in column "preupgrade_report_id" violates not-null constraint when run with non-admin user (BZ#2257302)
* Puppet reports without any messages don't get an origin (BZ#2257314)
* Provisioning vm host fails with error "Failed to attach ISO image to CDROM drive of instance client.example.com: InvalidPowerState: The attempted operation cannot be performed in the current state (Powered on)". (BZ#2257316)
* [Improvement] RefreshRepos step in Capsule Sync to refresh just repos to sync (BZ#2260526)
* Support Satellite Clone running on Python 3.12 (BZ#2264354)
* Support Satellite Ansible Collection running on Python 3.12 (BZ#2264918)
* Unable to sync library/busybox from gcr.io (BZ#2265149)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat Satellite 6.13 for RHEL 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Satellite is a system management solution that allows organizations to\nconfigure and maintain their systems without the necessity to provide public\nInternet access to their servers or other client systems. It performs\nprovisioning and configuration management of predefined standard operating\nenvironments.\n\nSecurity Fix(es):\n\n* satellite: Blind SSRF via Referer header (CVE-2022-4130)\n\n* mosquitto: memory leak leads to unresponsive broker (CVE-2023-0809, CVE-2023-28366, CVE-2023-3592)\n\n* foreman: World readable file containing secrets (CVE-2023-4886)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* Long running postgres threads during content-export (BZ#2257299)\n\n* After upstream repo switched to zst compression, Satellite 6.12.5.1 unable to sync (BZ#2257300)\n\n* Actions::ForemanLeapp::PreupgradeJob fails with null value in column \"preupgrade_report_id\" violates not-null constraint when run with non-admin user (BZ#2257302)\n\n* Puppet reports without any messages don\u0027t get an origin (BZ#2257314)\n\n* Provisioning vm host fails with error \"Failed to attach ISO image to CDROM drive of instance client.example.com: InvalidPowerState: The attempted operation cannot be performed in the current state (Powered on)\". (BZ#2257316)\n\n* [Improvement] RefreshRepos step in Capsule Sync to refresh just repos to sync (BZ#2260526)\n\n* Support Satellite Clone running on Python 3.12 (BZ#2264354)\n\n* Support Satellite Ansible Collection running on Python 3.12 (BZ#2264918)\n\n* Unable to sync library/busybox from gcr.io (BZ#2265149)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:1061",
"url": "https://access.redhat.com/errata/RHSA-2024:1061"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_satellite/6.13/html/upgrading_and_updating_red_hat_satellite/index",
"url": "https://access.redhat.com/documentation/en-us/red_hat_satellite/6.13/html/upgrading_and_updating_red_hat_satellite/index"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "2145254",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145254"
},
{
"category": "external",
"summary": "2230135",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2230135"
},
{
"category": "external",
"summary": "2236882",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236882"
},
{
"category": "external",
"summary": "2257299",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257299"
},
{
"category": "external",
"summary": "2257300",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257300"
},
{
"category": "external",
"summary": "2257302",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257302"
},
{
"category": "external",
"summary": "2257314",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257314"
},
{
"category": "external",
"summary": "2257316",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257316"
},
{
"category": "external",
"summary": "2260526",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2260526"
},
{
"category": "external",
"summary": "2264354",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2264354"
},
{
"category": "external",
"summary": "2264918",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2264918"
},
{
"category": "external",
"summary": "2265149",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265149"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_1061.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Satellite 6 security and bug fix update",
"tracking": {
"current_release_date": "2024-09-16T17:34:39+00:00",
"generator": {
"date": "2024-09-16T17:34:39+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2024:1061",
"initial_release_date": "2024-02-29T20:37:45+00:00",
"revision_history": [
{
"date": "2024-02-29T20:37:45+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-02-29T20:37:45+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-16T17:34:39+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Satellite 6.13 for RHEL 8",
"product": {
"name": "Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:satellite:6.13::el8"
}
}
},
{
"category": "product_name",
"name": "Red Hat Satellite 6.13 for RHEL 8",
"product": {
"name": "Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-capsule",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:satellite_capsule:6.13::el8"
}
}
},
{
"category": "product_name",
"name": "Red Hat Satellite 6.13 for RHEL 8",
"product": {
"name": "Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-utils",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:satellite_utils:6.13::el8"
}
}
},
{
"category": "product_name",
"name": "Red Hat Satellite 6.13 for RHEL 8",
"product": {
"name": "Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-maintenance",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:satellite_maintenance:6.13::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Satellite 6"
},
{
"branches": [
{
"category": "product_version",
"name": "createrepo_c-0:1.0.2-2.el8pc.src",
"product": {
"name": "createrepo_c-0:1.0.2-2.el8pc.src",
"product_id": "createrepo_c-0:1.0.2-2.el8pc.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/createrepo_c@1.0.2-2.el8pc?arch=src"
}
}
},
{
"category": "product_version",
"name": "foreman-0:3.5.1.24-1.el8sat.src",
"product": {
"name": "foreman-0:3.5.1.24-1.el8sat.src",
"product_id": "foreman-0:3.5.1.24-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman@3.5.1.24-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "foreman-installer-1:3.5.2.7-1.el8sat.src",
"product": {
"name": "foreman-installer-1:3.5.2.7-1.el8sat.src",
"product_id": "foreman-installer-1:3.5.2.7-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-installer@3.5.2.7-1.el8sat?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mosquitto-0:2.0.17-1.el8sat.src",
"product": {
"name": "mosquitto-0:2.0.17-1.el8sat.src",
"product_id": "mosquitto-0:2.0.17-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mosquitto@2.0.17-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-pulp-rpm-0:3.18.19-2.el8pc.src",
"product": {
"name": "python-pulp-rpm-0:3.18.19-2.el8pc.src",
"product_id": "python-pulp-rpm-0:3.18.19-2.el8pc.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-pulp-rpm@3.18.19-2.el8pc?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src",
"product": {
"name": "rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src",
"product_id": "rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-foreman_bootdisk@21.0.5-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-foreman_leapp-0:0.1.13-2.el8sat.src",
"product": {
"name": "rubygem-foreman_leapp-0:0.1.13-2.el8sat.src",
"product_id": "rubygem-foreman_leapp-0:0.1.13-2.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-foreman_leapp@0.1.13-2.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-katello-0:4.7.0.36-1.el8sat.src",
"product": {
"name": "rubygem-katello-0:4.7.0.36-1.el8sat.src",
"product_id": "rubygem-katello-0:4.7.0.36-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-katello@4.7.0.36-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "satellite-0:6.13.7-1.el8sat.src",
"product": {
"name": "satellite-0:6.13.7-1.el8sat.src",
"product_id": "satellite-0:6.13.7-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite@6.13.7-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src",
"product": {
"name": "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src",
"product_id": "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ansible-collection-redhat-satellite@3.9.0-3.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-pulp-container-0:2.14.11-1.el8pc.src",
"product": {
"name": "python-pulp-container-0:2.14.11-1.el8pc.src",
"product_id": "python-pulp-container-0:2.14.11-1.el8pc.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-pulp-container@2.14.11-1.el8pc?arch=src"
}
}
},
{
"category": "product_version",
"name": "satellite-clone-0:3.5.0-1.el8sat.src",
"product": {
"name": "satellite-clone-0:3.5.0-1.el8sat.src",
"product_id": "satellite-clone-0:3.5.0-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-clone@3.5.0-1.el8sat?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "createrepo_c-0:1.0.2-2.el8pc.x86_64",
"product": {
"name": "createrepo_c-0:1.0.2-2.el8pc.x86_64",
"product_id": "createrepo_c-0:1.0.2-2.el8pc.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/createrepo_c@1.0.2-2.el8pc?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"product": {
"name": "createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"product_id": "createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/createrepo_c-libs@1.0.2-2.el8pc?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"product": {
"name": "python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"product_id": "python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-createrepo_c@1.0.2-2.el8pc?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"product": {
"name": "python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"product_id": "python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-createrepo_c@1.0.2-2.el8pc?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"product": {
"name": "createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"product_id": "createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/createrepo_c-debugsource@1.0.2-2.el8pc?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"product": {
"name": "createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"product_id": "createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/createrepo_c-debuginfo@1.0.2-2.el8pc?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"product": {
"name": "createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"product_id": "createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/createrepo_c-libs-debuginfo@1.0.2-2.el8pc?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"product": {
"name": "python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"product_id": "python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-createrepo_c-debuginfo@1.0.2-2.el8pc?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"product": {
"name": "python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"product_id": "python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-createrepo_c-debuginfo@1.0.2-2.el8pc?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mosquitto-0:2.0.17-1.el8sat.x86_64",
"product": {
"name": "mosquitto-0:2.0.17-1.el8sat.x86_64",
"product_id": "mosquitto-0:2.0.17-1.el8sat.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mosquitto@2.0.17-1.el8sat?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"product": {
"name": "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"product_id": "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mosquitto-debugsource@2.0.17-1.el8sat?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"product": {
"name": "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"product_id": "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mosquitto-debuginfo@2.0.17-1.el8sat?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "foreman-debug-0:3.5.1.24-1.el8sat.noarch",
"product": {
"name": "foreman-debug-0:3.5.1.24-1.el8sat.noarch",
"product_id": "foreman-debug-0:3.5.1.24-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-debug@3.5.1.24-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-0:3.5.1.24-1.el8sat.noarch",
"product": {
"name": "foreman-0:3.5.1.24-1.el8sat.noarch",
"product_id": "foreman-0:3.5.1.24-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman@3.5.1.24-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-cli-0:3.5.1.24-1.el8sat.noarch",
"product": {
"name": "foreman-cli-0:3.5.1.24-1.el8sat.noarch",
"product_id": "foreman-cli-0:3.5.1.24-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-cli@3.5.1.24-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch",
"product": {
"name": "foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch",
"product_id": "foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-dynflow-sidekiq@3.5.1.24-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-ec2-0:3.5.1.24-1.el8sat.noarch",
"product": {
"name": "foreman-ec2-0:3.5.1.24-1.el8sat.noarch",
"product_id": "foreman-ec2-0:3.5.1.24-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-ec2@3.5.1.24-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-journald-0:3.5.1.24-1.el8sat.noarch",
"product": {
"name": "foreman-journald-0:3.5.1.24-1.el8sat.noarch",
"product_id": "foreman-journald-0:3.5.1.24-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-journald@3.5.1.24-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-libvirt-0:3.5.1.24-1.el8sat.noarch",
"product": {
"name": "foreman-libvirt-0:3.5.1.24-1.el8sat.noarch",
"product_id": "foreman-libvirt-0:3.5.1.24-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-libvirt@3.5.1.24-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-openstack-0:3.5.1.24-1.el8sat.noarch",
"product": {
"name": "foreman-openstack-0:3.5.1.24-1.el8sat.noarch",
"product_id": "foreman-openstack-0:3.5.1.24-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-openstack@3.5.1.24-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-ovirt-0:3.5.1.24-1.el8sat.noarch",
"product": {
"name": "foreman-ovirt-0:3.5.1.24-1.el8sat.noarch",
"product_id": "foreman-ovirt-0:3.5.1.24-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-ovirt@3.5.1.24-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-postgresql-0:3.5.1.24-1.el8sat.noarch",
"product": {
"name": "foreman-postgresql-0:3.5.1.24-1.el8sat.noarch",
"product_id": "foreman-postgresql-0:3.5.1.24-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-postgresql@3.5.1.24-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-service-0:3.5.1.24-1.el8sat.noarch",
"product": {
"name": "foreman-service-0:3.5.1.24-1.el8sat.noarch",
"product_id": "foreman-service-0:3.5.1.24-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-service@3.5.1.24-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-telemetry-0:3.5.1.24-1.el8sat.noarch",
"product": {
"name": "foreman-telemetry-0:3.5.1.24-1.el8sat.noarch",
"product_id": "foreman-telemetry-0:3.5.1.24-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-telemetry@3.5.1.24-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-vmware-0:3.5.1.24-1.el8sat.noarch",
"product": {
"name": "foreman-vmware-0:3.5.1.24-1.el8sat.noarch",
"product_id": "foreman-vmware-0:3.5.1.24-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-vmware@3.5.1.24-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-installer-1:3.5.2.7-1.el8sat.noarch",
"product": {
"name": "foreman-installer-1:3.5.2.7-1.el8sat.noarch",
"product_id": "foreman-installer-1:3.5.2.7-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-installer@3.5.2.7-1.el8sat?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch",
"product": {
"name": "foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch",
"product_id": "foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-installer-katello@3.5.2.7-1.el8sat?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "python39-pulp-rpm-0:3.18.19-2.el8pc.noarch",
"product": {
"name": "python39-pulp-rpm-0:3.18.19-2.el8pc.noarch",
"product_id": "python39-pulp-rpm-0:3.18.19-2.el8pc.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-pulp-rpm@3.18.19-2.el8pc?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch",
"product": {
"name": "rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch",
"product_id": "rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-foreman_bootdisk@21.0.5-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch",
"product": {
"name": "rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch",
"product_id": "rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-foreman_leapp@0.1.13-2.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-katello-0:4.7.0.36-1.el8sat.noarch",
"product": {
"name": "rubygem-katello-0:4.7.0.36-1.el8sat.noarch",
"product_id": "rubygem-katello-0:4.7.0.36-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-katello@4.7.0.36-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-capsule-0:6.13.7-1.el8sat.noarch",
"product": {
"name": "satellite-capsule-0:6.13.7-1.el8sat.noarch",
"product_id": "satellite-capsule-0:6.13.7-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-capsule@6.13.7-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-common-0:6.13.7-1.el8sat.noarch",
"product": {
"name": "satellite-common-0:6.13.7-1.el8sat.noarch",
"product_id": "satellite-common-0:6.13.7-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-common@6.13.7-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-0:6.13.7-1.el8sat.noarch",
"product": {
"name": "satellite-0:6.13.7-1.el8sat.noarch",
"product_id": "satellite-0:6.13.7-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite@6.13.7-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-cli-0:6.13.7-1.el8sat.noarch",
"product": {
"name": "satellite-cli-0:6.13.7-1.el8sat.noarch",
"product_id": "satellite-cli-0:6.13.7-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-cli@6.13.7-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch",
"product": {
"name": "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch",
"product_id": "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ansible-collection-redhat-satellite@3.9.0-3.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"product": {
"name": "python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"product_id": "python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-pulp-container@2.14.11-1.el8pc?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-clone-0:3.5.0-1.el8sat.noarch",
"product": {
"name": "satellite-clone-0:3.5.0-1.el8sat.noarch",
"product_id": "satellite-clone-0:3.5.0-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-clone@3.5.0-1.el8sat?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch"
},
"product_reference": "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src"
},
"product_reference": "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.13-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "createrepo_c-0:1.0.2-2.el8pc.src as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src"
},
"product_reference": "createrepo_c-0:1.0.2-2.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.13-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "createrepo_c-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64"
},
"product_reference": "createrepo_c-0:1.0.2-2.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.13-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64"
},
"product_reference": "createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.13-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64"
},
"product_reference": "createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.13-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "createrepo_c-libs-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64"
},
"product_reference": "createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.13-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64"
},
"product_reference": "createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.13-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch"
},
"product_reference": "foreman-0:3.5.1.24-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.5.1.24-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src"
},
"product_reference": "foreman-0:3.5.1.24-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.13-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-cli-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch"
},
"product_reference": "foreman-cli-0:3.5.1.24-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-debug-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch"
},
"product_reference": "foreman-debug-0:3.5.1.24-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch"
},
"product_reference": "foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ec2-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch"
},
"product_reference": "foreman-ec2-0:3.5.1.24-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-installer-1:3.5.2.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch"
},
"product_reference": "foreman-installer-1:3.5.2.7-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-installer-1:3.5.2.7-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src"
},
"product_reference": "foreman-installer-1:3.5.2.7-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.13-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch"
},
"product_reference": "foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-journald-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch"
},
"product_reference": "foreman-journald-0:3.5.1.24-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-libvirt-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch"
},
"product_reference": "foreman-libvirt-0:3.5.1.24-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-openstack-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch"
},
"product_reference": "foreman-openstack-0:3.5.1.24-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ovirt-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch"
},
"product_reference": "foreman-ovirt-0:3.5.1.24-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-postgresql-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch"
},
"product_reference": "foreman-postgresql-0:3.5.1.24-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-service-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch"
},
"product_reference": "foreman-service-0:3.5.1.24-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-telemetry-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch"
},
"product_reference": "foreman-telemetry-0:3.5.1.24-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-vmware-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch"
},
"product_reference": "foreman-vmware-0:3.5.1.24-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mosquitto-0:2.0.17-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src"
},
"product_reference": "mosquitto-0:2.0.17-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.13-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mosquitto-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64"
},
"product_reference": "mosquitto-0:2.0.17-1.el8sat.x86_64",
"relates_to_product_reference": "8Base-satellite-6.13-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64"
},
"product_reference": "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"relates_to_product_reference": "8Base-satellite-6.13-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64"
},
"product_reference": "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"relates_to_product_reference": "8Base-satellite-6.13-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pulp-container-0:2.14.11-1.el8pc.src as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src"
},
"product_reference": "python-pulp-container-0:2.14.11-1.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.13-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pulp-rpm-0:3.18.19-2.el8pc.src as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src"
},
"product_reference": "python-pulp-rpm-0:3.18.19-2.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.13-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-createrepo_c-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64"
},
"product_reference": "python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.13-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64"
},
"product_reference": "python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.13-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-createrepo_c-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64"
},
"product_reference": "python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.13-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64"
},
"product_reference": "python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.13-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-pulp-container-0:2.14.11-1.el8pc.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch"
},
"product_reference": "python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"relates_to_product_reference": "8Base-satellite-6.13-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-pulp-rpm-0:3.18.19-2.el8pc.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch"
},
"product_reference": "python39-pulp-rpm-0:3.18.19-2.el8pc.noarch",
"relates_to_product_reference": "8Base-satellite-6.13-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch"
},
"product_reference": "satellite-0:6.13.7-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.13.7-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src"
},
"product_reference": "satellite-0:6.13.7-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.13-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-capsule-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch"
},
"product_reference": "satellite-capsule-0:6.13.7-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-cli-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch"
},
"product_reference": "satellite-cli-0:6.13.7-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-common-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch"
},
"product_reference": "satellite-common-0:6.13.7-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-clone-0:3.5.0-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch"
},
"product_reference": "satellite-clone-0:3.5.0-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13-maintenance"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-clone-0:3.5.0-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src"
},
"product_reference": "satellite-clone-0:3.5.0-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.13-maintenance"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch"
},
"product_reference": "foreman-0:3.5.1.24-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.5.1.24-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src"
},
"product_reference": "foreman-0:3.5.1.24-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.13-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-cli-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch"
},
"product_reference": "foreman-cli-0:3.5.1.24-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-debug-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch"
},
"product_reference": "foreman-debug-0:3.5.1.24-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch"
},
"product_reference": "foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ec2-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch"
},
"product_reference": "foreman-ec2-0:3.5.1.24-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-journald-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch"
},
"product_reference": "foreman-journald-0:3.5.1.24-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-libvirt-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch"
},
"product_reference": "foreman-libvirt-0:3.5.1.24-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-openstack-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch"
},
"product_reference": "foreman-openstack-0:3.5.1.24-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ovirt-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch"
},
"product_reference": "foreman-ovirt-0:3.5.1.24-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-postgresql-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch"
},
"product_reference": "foreman-postgresql-0:3.5.1.24-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-service-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch"
},
"product_reference": "foreman-service-0:3.5.1.24-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-telemetry-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch"
},
"product_reference": "foreman-telemetry-0:3.5.1.24-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-vmware-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch"
},
"product_reference": "foreman-vmware-0:3.5.1.24-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch"
},
"product_reference": "satellite-0:6.13.7-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.13.7-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src"
},
"product_reference": "satellite-0:6.13.7-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.13-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-capsule-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch"
},
"product_reference": "satellite-capsule-0:6.13.7-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-cli-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch"
},
"product_reference": "satellite-cli-0:6.13.7-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-common-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch"
},
"product_reference": "satellite-common-0:6.13.7-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch"
},
"product_reference": "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src"
},
"product_reference": "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "createrepo_c-0:1.0.2-2.el8pc.src as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src"
},
"product_reference": "createrepo_c-0:1.0.2-2.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "createrepo_c-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64"
},
"product_reference": "createrepo_c-0:1.0.2-2.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64"
},
"product_reference": "createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64"
},
"product_reference": "createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "createrepo_c-libs-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64"
},
"product_reference": "createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64"
},
"product_reference": "createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch"
},
"product_reference": "foreman-0:3.5.1.24-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.5.1.24-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src"
},
"product_reference": "foreman-0:3.5.1.24-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-cli-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch"
},
"product_reference": "foreman-cli-0:3.5.1.24-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-debug-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch"
},
"product_reference": "foreman-debug-0:3.5.1.24-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch"
},
"product_reference": "foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ec2-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch"
},
"product_reference": "foreman-ec2-0:3.5.1.24-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-installer-1:3.5.2.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch"
},
"product_reference": "foreman-installer-1:3.5.2.7-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-installer-1:3.5.2.7-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src"
},
"product_reference": "foreman-installer-1:3.5.2.7-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch"
},
"product_reference": "foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-journald-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch"
},
"product_reference": "foreman-journald-0:3.5.1.24-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-libvirt-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch"
},
"product_reference": "foreman-libvirt-0:3.5.1.24-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-openstack-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch"
},
"product_reference": "foreman-openstack-0:3.5.1.24-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ovirt-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch"
},
"product_reference": "foreman-ovirt-0:3.5.1.24-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-postgresql-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch"
},
"product_reference": "foreman-postgresql-0:3.5.1.24-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-service-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch"
},
"product_reference": "foreman-service-0:3.5.1.24-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-telemetry-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch"
},
"product_reference": "foreman-telemetry-0:3.5.1.24-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-vmware-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch"
},
"product_reference": "foreman-vmware-0:3.5.1.24-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mosquitto-0:2.0.17-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src"
},
"product_reference": "mosquitto-0:2.0.17-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mosquitto-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64"
},
"product_reference": "mosquitto-0:2.0.17-1.el8sat.x86_64",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64"
},
"product_reference": "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64"
},
"product_reference": "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pulp-container-0:2.14.11-1.el8pc.src as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src"
},
"product_reference": "python-pulp-container-0:2.14.11-1.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pulp-rpm-0:3.18.19-2.el8pc.src as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src"
},
"product_reference": "python-pulp-rpm-0:3.18.19-2.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-createrepo_c-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64"
},
"product_reference": "python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64"
},
"product_reference": "python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-createrepo_c-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64"
},
"product_reference": "python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64"
},
"product_reference": "python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-pulp-container-0:2.14.11-1.el8pc.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch"
},
"product_reference": "python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-pulp-rpm-0:3.18.19-2.el8pc.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch"
},
"product_reference": "python39-pulp-rpm-0:3.18.19-2.el8pc.noarch",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch"
},
"product_reference": "rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src"
},
"product_reference": "rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch"
},
"product_reference": "rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-foreman_leapp-0:0.1.13-2.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src"
},
"product_reference": "rubygem-foreman_leapp-0:0.1.13-2.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-katello-0:4.7.0.36-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch"
},
"product_reference": "rubygem-katello-0:4.7.0.36-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-katello-0:4.7.0.36-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src"
},
"product_reference": "rubygem-katello-0:4.7.0.36-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch"
},
"product_reference": "satellite-0:6.13.7-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.13.7-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src"
},
"product_reference": "satellite-0:6.13.7-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-capsule-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch"
},
"product_reference": "satellite-capsule-0:6.13.7-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-cli-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch"
},
"product_reference": "satellite-cli-0:6.13.7-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-common-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch"
},
"product_reference": "satellite-common-0:6.13.7-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Fernando Velazquez"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2022-4130",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2022-11-23T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch",
"8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src",
"8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src",
"8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src",
"8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch",
"8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src",
"8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch",
"8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src",
"8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src",
"8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch",
"8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src",
"8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src",
"8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src",
"8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch",
"8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch",
"8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src",
"8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch",
"8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src",
"8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch",
"8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src",
"8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src",
"8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2145254"
}
],
"notes": [
{
"category": "description",
"text": "A blind site-to-site request forgery vulnerability was found in Satellite server. It is possible to trigger an external interaction to an attacker\u0027s server by modifying the Referer header in an HTTP request of specific resources in the server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "satellite: Blind SSRF via Referer header",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src",
"8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src",
"8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src"
],
"known_not_affected": [
"8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch",
"8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src",
"8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src",
"8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src",
"8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch",
"8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src",
"8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch",
"8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src",
"8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src",
"8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch",
"8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src",
"8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src",
"8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src",
"8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch",
"8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch",
"8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src",
"8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch",
"8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src",
"8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch",
"8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src",
"8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src",
"8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-4130"
},
{
"category": "external",
"summary": "RHBZ#2145254",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145254"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-4130",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4130"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-4130",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4130"
}
],
"release_date": "2023-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_satellite/6.6/html/upgrading_and_updating_red_hat_satellite/updating_satellite_server_capsule_server_and_content_hosts",
"product_ids": [
"8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src",
"8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src",
"8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1061"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src",
"8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src",
"8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "satellite: Blind SSRF via Referer header"
},
{
"cve": "CVE-2023-0809",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"discovery_date": "2023-09-01T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch",
"8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src",
"8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src",
"8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src",
"8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src",
"8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch",
"8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src",
"8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch",
"8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src",
"8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src",
"8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src",
"8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch",
"8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src",
"8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src",
"8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src",
"8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src",
"8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch",
"8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch",
"8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src",
"8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch",
"8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src",
"8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch",
"8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src",
"8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src",
"8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2236882"
}
],
"notes": [
{
"category": "description",
"text": "A memory leak vulnerability was found in Eclipse Mosquitto. This issue is triggered by malicious initial packets or certain client actions and may allow a remote attacker to the deplete system resources causing memory exhaustion, leading to a disruption in services and a denial of service condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mosquitto: memory leak leads to unresponsive broker",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64"
],
"known_not_affected": [
"8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch",
"8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src",
"8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src",
"8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src",
"8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src",
"8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch",
"8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src",
"8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch",
"8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src",
"8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src",
"8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src",
"8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch",
"8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src",
"8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src",
"8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src",
"8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src",
"8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch",
"8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch",
"8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src",
"8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch",
"8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src",
"8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch",
"8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src",
"8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src",
"8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-0809"
},
{
"category": "external",
"summary": "RHBZ#2236882",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236882"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-0809",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0809"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0809",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0809"
},
{
"category": "external",
"summary": "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9",
"url": "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9"
}
],
"release_date": "2023-09-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_satellite/6.6/html/upgrading_and_updating_red_hat_satellite/updating_satellite_server_capsule_server_and_content_hosts",
"product_ids": [
"8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1061"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mosquitto: memory leak leads to unresponsive broker"
},
{
"cve": "CVE-2023-3592",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"discovery_date": "2023-09-01T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch",
"8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src",
"8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src",
"8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src",
"8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src",
"8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch",
"8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src",
"8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch",
"8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src",
"8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src",
"8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src",
"8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch",
"8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src",
"8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src",
"8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src",
"8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src",
"8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch",
"8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch",
"8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src",
"8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch",
"8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src",
"8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch",
"8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src",
"8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src",
"8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2236882"
}
],
"notes": [
{
"category": "description",
"text": "A memory leak vulnerability was found in Eclipse Mosquitto. This issue is triggered by malicious initial packets or certain client actions and may allow a remote attacker to the deplete system resources causing memory exhaustion, leading to a disruption in services and a denial of service condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mosquitto: memory leak leads to unresponsive broker",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64"
],
"known_not_affected": [
"8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch",
"8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src",
"8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src",
"8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src",
"8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src",
"8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch",
"8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src",
"8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch",
"8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src",
"8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src",
"8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src",
"8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch",
"8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src",
"8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src",
"8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src",
"8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src",
"8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch",
"8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch",
"8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src",
"8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch",
"8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src",
"8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch",
"8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src",
"8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src",
"8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-3592"
},
{
"category": "external",
"summary": "RHBZ#2236882",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236882"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-3592",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3592"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-3592",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-3592"
},
{
"category": "external",
"summary": "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9",
"url": "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9"
}
],
"release_date": "2023-09-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_satellite/6.6/html/upgrading_and_updating_red_hat_satellite/updating_satellite_server_capsule_server_and_content_hosts",
"product_ids": [
"8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1061"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mosquitto: memory leak leads to unresponsive broker"
},
{
"cve": "CVE-2023-4886",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2023-08-08T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch",
"8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src",
"8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src",
"8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src",
"8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch",
"8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src",
"8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch",
"8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src",
"8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src",
"8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch",
"8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src",
"8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src",
"8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch",
"8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src",
"8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch",
"8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch",
"8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src",
"8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch",
"8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src",
"8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch",
"8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src",
"8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src",
"8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2230135"
}
],
"notes": [
{
"category": "description",
"text": "A sensitive information exposure vulnerability was found in foreman. Contents of tomcat\u0027s server.xml file, which contain passwords to candlepin\u0027s keystore and truststore, were found to be world readable.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "foreman: World readable file containing secrets",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw has a limited impact on security, as candlepin\u0027s individual stores\u0027 privileges are limited to root and tomcat only. Therefore, the impact is limited to highly privileged users.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src",
"8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src",
"8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src",
"8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch"
],
"known_not_affected": [
"8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch",
"8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src",
"8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src",
"8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src",
"8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch",
"8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src",
"8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch",
"8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src",
"8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src",
"8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch",
"8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src",
"8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src",
"8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch",
"8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src",
"8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch",
"8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch",
"8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src",
"8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch",
"8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src",
"8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch",
"8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src",
"8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src",
"8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-4886"
},
{
"category": "external",
"summary": "RHBZ#2230135",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2230135"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-4886",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4886"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-4886",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-4886"
}
],
"release_date": "2023-10-03T14:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_satellite/6.6/html/upgrading_and_updating_red_hat_satellite/updating_satellite_server_capsule_server_and_content_hosts",
"product_ids": [
"8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src",
"8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src",
"8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src",
"8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1061"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src",
"8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src",
"8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src",
"8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "foreman: World readable file containing secrets"
},
{
"cve": "CVE-2023-28366",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"discovery_date": "2023-09-01T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch",
"8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src",
"8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src",
"8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src",
"8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src",
"8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch",
"8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src",
"8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch",
"8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src",
"8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src",
"8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src",
"8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch",
"8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src",
"8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src",
"8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src",
"8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src",
"8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch",
"8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch",
"8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src",
"8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch",
"8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src",
"8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch",
"8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src",
"8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src",
"8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2236882"
}
],
"notes": [
{
"category": "description",
"text": "A memory leak vulnerability was found in Eclipse Mosquitto. This issue is triggered by malicious initial packets or certain client actions and may allow a remote attacker to the deplete system resources causing memory exhaustion, leading to a disruption in services and a denial of service condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mosquitto: memory leak leads to unresponsive broker",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64"
],
"known_not_affected": [
"8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch",
"8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src",
"8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src",
"8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src",
"8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src",
"8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch",
"8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src",
"8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch",
"8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src",
"8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src",
"8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src",
"8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch",
"8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src",
"8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src",
"8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src",
"8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src",
"8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch",
"8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch",
"8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src",
"8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch",
"8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src",
"8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch",
"8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src",
"8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src",
"8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-28366"
},
{
"category": "external",
"summary": "RHBZ#2236882",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236882"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-28366",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28366"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-28366",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28366"
},
{
"category": "external",
"summary": "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9",
"url": "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9"
}
],
"release_date": "2023-09-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_satellite/6.6/html/upgrading_and_updating_red_hat_satellite/updating_satellite_server_capsule_server_and_content_hosts",
"product_ids": [
"8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1061"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mosquitto: memory leak leads to unresponsive broker"
}
]
}
rhsa-2024_0797
Vulnerability from csaf_redhat
Published
2024-02-13 14:45
Modified
2024-09-20 14:46
Summary
Red Hat Security Advisory: Satellite 6.14.2 Async Security Update
Notes
Topic
Updated Satellite 6.14 packages that fixes Important security bugs and several
regular bugs are now available for Red Hat Satellite.
Details
Red Hat Satellite is a system management solution that allows organizations
to configure and maintain their systems without the necessity to provide
public Internet access to their servers or other client systems. It
performs provisioning and configuration management of predefined standard
operating environments.
Security fix(es):
* CVE-2023-26049 (puppetserver): Cookie parsing of quoted values can exfiltrate values from other cookies
* CVE-2023-26141 (rubygem-sidekiq): Denial of Service (DoS) in dashboard-charts
* CVE-2023-36479 (puppetserver): Improper addition of quotation marks to user inputs in CgiServlet
* CVE-2023-38545 (puppet-agent): Heap-based buffer overflow in the SOCKS5 proxy handshake
* CVE-2023-40167 (puppetserver): Improper validation of HTTP/1 content-length
* CVE-2023-40175 (rubygem-puma): HTTP request smuggling when parsing chunked transfer encoding bodies and zero-length content-length headers
* CVE-2023-4785 (rubygem-grpc): File descriptor exhaustion leads to denial of service
* CVE-2023-0809, CVE-2023-28366, CVE-2023-3592 (mosquitto): Memory leak leads to unresponsive broker
This update fixes the following bugs:
2250347 - 'Sun, 11 Jun 2023 17:51:29 GMT' could not be parsed at index 0 at java.time.format.DateTimeFormatter.parseResolved
2254974 - satellite-convert2rhel-toolkit install fails on latest rpm with `/usr/bin/bash: /usr/libexec/satellite-convert2rhel-appliance/action-install.sh: No such file or directory`
2255260 - 6.14 - satellite-convert2rhel-toolkit is part of the satellite module
2257321 - Request for UEFI Kickstart Provisioning to handle naming convention for VLAN tagged interfaces of the format <parent_device>.<vlan_id> in addition to vlan<vlan_id>
2257324 - Generate applicability tasks fails with error "ERROR: insert or update on table "katello_content_facet_errata" violates foreign key constraint "katello_content_facet_errata_ca_id"
2257326 - Show failed resources in failed installation report
2257327 - Puppet reports without any messages don't get an origin
2257329 - Host registration fails with error "Attached to can't be blank" when the VLAN name includes UPPERCASE letters
2257330 - default tuning profile leaves httpd MaxClients 150 which httpd raises a warning
2257331 - Registering host through load balancer causes REX not to know what capsule to choose for 'registered_through'
2257332 - Registration can't find any Capsules when their locations are not assigned to admin user
2257415 - Provisioning vm host fails with error "Failed to attach ISO image to CDROM drive of instance client.example.com: InvalidPowerState: The attempted operation cannot be performed in the current state (Powered on)".
2260525 - [Improvement] RefreshRepos step in Capsule Sync to refresh just repos to sync
2262131 - Unable to sync library/busybox from gcr.io
Users of Red Hat Satellite are advised to upgrade to these updated
packages, which fix these bugs.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated Satellite 6.14 packages that fixes Important security bugs and several\nregular bugs are now available for Red Hat Satellite.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Satellite is a system management solution that allows organizations\nto configure and maintain their systems without the necessity to provide\npublic Internet access to their servers or other client systems. It\nperforms provisioning and configuration management of predefined standard\noperating environments.\n\nSecurity fix(es):\n* CVE-2023-26049 (puppetserver): Cookie parsing of quoted values can exfiltrate values from other cookies\n* CVE-2023-26141 (rubygem-sidekiq): Denial of Service (DoS) in dashboard-charts\n* CVE-2023-36479 (puppetserver): Improper addition of quotation marks to user inputs in CgiServlet\n* CVE-2023-38545 (puppet-agent): Heap-based buffer overflow in the SOCKS5 proxy handshake\n* CVE-2023-40167 (puppetserver): Improper validation of HTTP/1 content-length\n* CVE-2023-40175 (rubygem-puma): HTTP request smuggling when parsing chunked transfer encoding bodies and zero-length content-length headers\n* CVE-2023-4785 (rubygem-grpc): File descriptor exhaustion leads to denial of service\n* CVE-2023-0809, CVE-2023-28366, CVE-2023-3592 (mosquitto): Memory leak leads to unresponsive broker\n\nThis update fixes the following bugs:\n2250347 - \u0027Sun, 11 Jun 2023 17:51:29 GMT\u0027 could not be parsed at index 0 at java.time.format.DateTimeFormatter.parseResolved\n2254974 - satellite-convert2rhel-toolkit install fails on latest rpm with `/usr/bin/bash: /usr/libexec/satellite-convert2rhel-appliance/action-install.sh: No such file or directory`\n2255260 - 6.14 - satellite-convert2rhel-toolkit is part of the satellite module\n2257321 - Request for UEFI Kickstart Provisioning to handle naming convention for VLAN tagged interfaces of the format \u003cparent_device\u003e.\u003cvlan_id\u003e in addition to vlan\u003cvlan_id\u003e\n2257324 - Generate applicability tasks fails with error \"ERROR: insert or update on table \"katello_content_facet_errata\" violates foreign key constraint \"katello_content_facet_errata_ca_id\"\n2257326 - Show failed resources in failed installation report\n2257327 - Puppet reports without any messages don\u0027t get an origin\n2257329 - Host registration fails with error \"Attached to can\u0027t be blank\" when the VLAN name includes UPPERCASE letters\n2257330 - default tuning profile leaves httpd MaxClients 150 which httpd raises a warning\n2257331 - Registering host through load balancer causes REX not to know what capsule to choose for \u0027registered_through\u0027\n2257332 - Registration can\u0027t find any Capsules when their locations are not assigned to admin user\n2257415 - Provisioning vm host fails with error \"Failed to attach ISO image to CDROM drive of instance client.example.com: InvalidPowerState: The attempted operation cannot be performed in the current state (Powered on)\". \n2260525 - [Improvement] RefreshRepos step in Capsule Sync to refresh just repos to sync \n2262131 - Unable to sync library/busybox from gcr.io \n\nUsers of Red Hat Satellite are advised to upgrade to these updated\npackages, which fix these bugs.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:0797",
"url": "https://access.redhat.com/errata/RHSA-2024:0797"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_satellite/6.14/html/upgrading_and_updating_red_hat_satellite/index",
"url": "https://access.redhat.com/documentation/en-us/red_hat_satellite/6.14/html/upgrading_and_updating_red_hat_satellite/index"
},
{
"category": "external",
"summary": "2232729",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2232729"
},
{
"category": "external",
"summary": "2236341",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236341"
},
{
"category": "external",
"summary": "2236882",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236882"
},
{
"category": "external",
"summary": "2239010",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2239010"
},
{
"category": "external",
"summary": "2239017",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2239017"
},
{
"category": "external",
"summary": "2239630",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2239630"
},
{
"category": "external",
"summary": "2239634",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2239634"
},
{
"category": "external",
"summary": "2241933",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241933"
},
{
"category": "external",
"summary": "2250347",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2250347"
},
{
"category": "external",
"summary": "2254974",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254974"
},
{
"category": "external",
"summary": "2255260",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255260"
},
{
"category": "external",
"summary": "2257321",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257321"
},
{
"category": "external",
"summary": "2257324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257324"
},
{
"category": "external",
"summary": "2257326",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257326"
},
{
"category": "external",
"summary": "2257327",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257327"
},
{
"category": "external",
"summary": "2257329",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257329"
},
{
"category": "external",
"summary": "2257330",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257330"
},
{
"category": "external",
"summary": "2257331",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257331"
},
{
"category": "external",
"summary": "2257332",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257332"
},
{
"category": "external",
"summary": "2257415",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257415"
},
{
"category": "external",
"summary": "2260525",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2260525"
},
{
"category": "external",
"summary": "2262131",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2262131"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_0797.json"
}
],
"title": "Red Hat Security Advisory: Satellite 6.14.2 Async Security Update",
"tracking": {
"current_release_date": "2024-09-20T14:46:34+00:00",
"generator": {
"date": "2024-09-20T14:46:34+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2024:0797",
"initial_release_date": "2024-02-13T14:45:57+00:00",
"revision_history": [
{
"date": "2024-02-13T14:45:57+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-02-13T14:45:57+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-20T14:46:34+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Satellite 6.14 for RHEL 8",
"product": {
"name": "Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:satellite:6.14::el8"
}
}
},
{
"category": "product_name",
"name": "Red Hat Satellite 6.14 for RHEL 8",
"product": {
"name": "Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:satellite_capsule:6.14::el8"
}
}
},
{
"category": "product_name",
"name": "Red Hat Satellite 6.14 for RHEL 8",
"product": {
"name": "Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:satellite_utils:6.14::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Satellite 6"
},
{
"branches": [
{
"category": "product_version",
"name": "rubygem-katello-0:4.9.0.21-1.el8sat.src",
"product": {
"name": "rubygem-katello-0:4.9.0.21-1.el8sat.src",
"product_id": "rubygem-katello-0:4.9.0.21-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-katello@4.9.0.21-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-pulp-container-0:2.14.11-1.el8pc.src",
"product": {
"name": "python-pulp-container-0:2.14.11-1.el8pc.src",
"product_id": "python-pulp-container-0:2.14.11-1.el8pc.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-pulp-container@2.14.11-1.el8pc?arch=src"
}
}
},
{
"category": "product_version",
"name": "candlepin-0:4.3.11-1.el8sat.src",
"product": {
"name": "candlepin-0:4.3.11-1.el8sat.src",
"product_id": "candlepin-0:4.3.11-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/candlepin@4.3.11-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "foreman-0:3.7.0.11-2.el8sat.src",
"product": {
"name": "foreman-0:3.7.0.11-2.el8sat.src",
"product_id": "foreman-0:3.7.0.11-2.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman@3.7.0.11-2.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "mosquitto-0:2.0.17-1.el8sat.src",
"product": {
"name": "mosquitto-0:2.0.17-1.el8sat.src",
"product_id": "mosquitto-0:2.0.17-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mosquitto@2.0.17-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "puppet-agent-0:7.27.0-1.el8sat.src",
"product": {
"name": "puppet-agent-0:7.27.0-1.el8sat.src",
"product_id": "puppet-agent-0:7.27.0-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet-agent@7.27.0-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "puppetserver-0:7.14.0-1.el8sat.src",
"product": {
"name": "puppetserver-0:7.14.0-1.el8sat.src",
"product_id": "puppetserver-0:7.14.0-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppetserver@7.14.0-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src",
"product": {
"name": "rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src",
"product_id": "rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-foreman_bootdisk@21.2.1-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-google-protobuf-0:3.24.3-1.el8sat.src",
"product": {
"name": "rubygem-google-protobuf-0:3.24.3-1.el8sat.src",
"product_id": "rubygem-google-protobuf-0:3.24.3-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-google-protobuf@3.24.3-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-grpc-0:1.58.0-1.el8sat.src",
"product": {
"name": "rubygem-grpc-0:1.58.0-1.el8sat.src",
"product_id": "rubygem-grpc-0:1.58.0-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-grpc@1.58.0-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-kafo-0:7.2.0-1.el8sat.src",
"product": {
"name": "rubygem-kafo-0:7.2.0-1.el8sat.src",
"product_id": "rubygem-kafo-0:7.2.0-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-kafo@7.2.0-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-puma-0:6.3.1-1.el8sat.src",
"product": {
"name": "rubygem-puma-0:6.3.1-1.el8sat.src",
"product_id": "rubygem-puma-0:6.3.1-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-puma@6.3.1-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-sidekiq-0:6.5.12-1.el8sat.src",
"product": {
"name": "rubygem-sidekiq-0:6.5.12-1.el8sat.src",
"product_id": "rubygem-sidekiq-0:6.5.12-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-sidekiq@6.5.12-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "satellite-0:6.14.2-1.el8sat.src",
"product": {
"name": "satellite-0:6.14.2-1.el8sat.src",
"product_id": "satellite-0:6.14.2-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite@6.14.2-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src",
"product": {
"name": "satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src",
"product_id": "satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-convert2rhel-toolkit@1.0.1-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "foreman-installer-1:3.7.0.7-1.el8sat.src",
"product": {
"name": "foreman-installer-1:3.7.0.7-1.el8sat.src",
"product_id": "foreman-installer-1:3.7.0.7-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-installer@3.7.0.7-1.el8sat?arch=src\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "rubygem-katello-0:4.9.0.21-1.el8sat.noarch",
"product": {
"name": "rubygem-katello-0:4.9.0.21-1.el8sat.noarch",
"product_id": "rubygem-katello-0:4.9.0.21-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-katello@4.9.0.21-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"product": {
"name": "python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"product_id": "python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-pulp-container@2.14.11-1.el8pc?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "candlepin-0:4.3.11-1.el8sat.noarch",
"product": {
"name": "candlepin-0:4.3.11-1.el8sat.noarch",
"product_id": "candlepin-0:4.3.11-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/candlepin@4.3.11-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "candlepin-selinux-0:4.3.11-1.el8sat.noarch",
"product": {
"name": "candlepin-selinux-0:4.3.11-1.el8sat.noarch",
"product_id": "candlepin-selinux-0:4.3.11-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/candlepin-selinux@4.3.11-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"product": {
"name": "foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"product_id": "foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-cli@3.7.0.11-2.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"product": {
"name": "foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"product_id": "foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-debug@3.7.0.11-2.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-0:3.7.0.11-2.el8sat.noarch",
"product": {
"name": "foreman-0:3.7.0.11-2.el8sat.noarch",
"product_id": "foreman-0:3.7.0.11-2.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman@3.7.0.11-2.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"product": {
"name": "foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"product_id": "foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-dynflow-sidekiq@3.7.0.11-2.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"product": {
"name": "foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"product_id": "foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-ec2@3.7.0.11-2.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"product": {
"name": "foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"product_id": "foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-journald@3.7.0.11-2.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"product": {
"name": "foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"product_id": "foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-libvirt@3.7.0.11-2.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"product": {
"name": "foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"product_id": "foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-openstack@3.7.0.11-2.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"product": {
"name": "foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"product_id": "foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-ovirt@3.7.0.11-2.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"product": {
"name": "foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"product_id": "foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-postgresql@3.7.0.11-2.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"product": {
"name": "foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"product_id": "foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-redis@3.7.0.11-2.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-service-0:3.7.0.11-2.el8sat.noarch",
"product": {
"name": "foreman-service-0:3.7.0.11-2.el8sat.noarch",
"product_id": "foreman-service-0:3.7.0.11-2.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-service@3.7.0.11-2.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"product": {
"name": "foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"product_id": "foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-telemetry@3.7.0.11-2.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"product": {
"name": "foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"product_id": "foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-vmware@3.7.0.11-2.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "puppetserver-0:7.14.0-1.el8sat.noarch",
"product": {
"name": "puppetserver-0:7.14.0-1.el8sat.noarch",
"product_id": "puppetserver-0:7.14.0-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppetserver@7.14.0-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch",
"product": {
"name": "rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch",
"product_id": "rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-foreman_bootdisk@21.2.1-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"product": {
"name": "rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"product_id": "rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-kafo@7.2.0-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-sidekiq-0:6.5.12-1.el8sat.noarch",
"product": {
"name": "rubygem-sidekiq-0:6.5.12-1.el8sat.noarch",
"product_id": "rubygem-sidekiq-0:6.5.12-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-sidekiq@6.5.12-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-cli-0:6.14.2-1.el8sat.noarch",
"product": {
"name": "satellite-cli-0:6.14.2-1.el8sat.noarch",
"product_id": "satellite-cli-0:6.14.2-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-cli@6.14.2-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-capsule-0:6.14.2-1.el8sat.noarch",
"product": {
"name": "satellite-capsule-0:6.14.2-1.el8sat.noarch",
"product_id": "satellite-capsule-0:6.14.2-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-capsule@6.14.2-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-common-0:6.14.2-1.el8sat.noarch",
"product": {
"name": "satellite-common-0:6.14.2-1.el8sat.noarch",
"product_id": "satellite-common-0:6.14.2-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-common@6.14.2-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-0:6.14.2-1.el8sat.noarch",
"product": {
"name": "satellite-0:6.14.2-1.el8sat.noarch",
"product_id": "satellite-0:6.14.2-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite@6.14.2-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"product": {
"name": "foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"product_id": "foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-installer@3.7.0.7-1.el8sat?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"product": {
"name": "foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"product_id": "foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-installer-katello@3.7.0.7-1.el8sat?arch=noarch\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "mosquitto-0:2.0.17-1.el8sat.x86_64",
"product": {
"name": "mosquitto-0:2.0.17-1.el8sat.x86_64",
"product_id": "mosquitto-0:2.0.17-1.el8sat.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mosquitto@2.0.17-1.el8sat?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"product": {
"name": "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"product_id": "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mosquitto-debugsource@2.0.17-1.el8sat?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"product": {
"name": "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"product_id": "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mosquitto-debuginfo@2.0.17-1.el8sat?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "puppet-agent-0:7.27.0-1.el8sat.x86_64",
"product": {
"name": "puppet-agent-0:7.27.0-1.el8sat.x86_64",
"product_id": "puppet-agent-0:7.27.0-1.el8sat.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet-agent@7.27.0-1.el8sat?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64",
"product": {
"name": "rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64",
"product_id": "rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-google-protobuf@3.24.3-1.el8sat?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64",
"product": {
"name": "rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64",
"product_id": "rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-google-protobuf-debugsource@3.24.3-1.el8sat?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64",
"product": {
"name": "rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64",
"product_id": "rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-google-protobuf-debuginfo@3.24.3-1.el8sat?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-grpc-0:1.58.0-1.el8sat.x86_64",
"product": {
"name": "rubygem-grpc-0:1.58.0-1.el8sat.x86_64",
"product_id": "rubygem-grpc-0:1.58.0-1.el8sat.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-grpc@1.58.0-1.el8sat?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-puma-0:6.3.1-1.el8sat.x86_64",
"product": {
"name": "rubygem-puma-0:6.3.1-1.el8sat.x86_64",
"product_id": "rubygem-puma-0:6.3.1-1.el8sat.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-puma@6.3.1-1.el8sat?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64",
"product": {
"name": "rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64",
"product_id": "rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-puma-debugsource@6.3.1-1.el8sat?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64",
"product": {
"name": "rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64",
"product_id": "rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-puma-debuginfo@6.3.1-1.el8sat?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64",
"product": {
"name": "satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64",
"product_id": "satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-convert2rhel-toolkit@1.0.1-1.el8sat?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch"
},
"product_reference": "foreman-0:3.7.0.11-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.7.0.11-2.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src"
},
"product_reference": "foreman-0:3.7.0.11-2.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-cli-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch"
},
"product_reference": "foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-debug-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch"
},
"product_reference": "foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch"
},
"product_reference": "foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ec2-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch"
},
"product_reference": "foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-installer-1:3.7.0.7-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch"
},
"product_reference": "foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-installer-1:3.7.0.7-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src"
},
"product_reference": "foreman-installer-1:3.7.0.7-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch"
},
"product_reference": "foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-journald-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch"
},
"product_reference": "foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-libvirt-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch"
},
"product_reference": "foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-openstack-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch"
},
"product_reference": "foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ovirt-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch"
},
"product_reference": "foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-postgresql-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch"
},
"product_reference": "foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-redis-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch"
},
"product_reference": "foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-service-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch"
},
"product_reference": "foreman-service-0:3.7.0.11-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-telemetry-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch"
},
"product_reference": "foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-vmware-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch"
},
"product_reference": "foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mosquitto-0:2.0.17-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src"
},
"product_reference": "mosquitto-0:2.0.17-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mosquitto-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64"
},
"product_reference": "mosquitto-0:2.0.17-1.el8sat.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64"
},
"product_reference": "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64"
},
"product_reference": "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-agent-0:7.27.0-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src"
},
"product_reference": "puppet-agent-0:7.27.0-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-agent-0:7.27.0-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64"
},
"product_reference": "puppet-agent-0:7.27.0-1.el8sat.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppetserver-0:7.14.0-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch"
},
"product_reference": "puppetserver-0:7.14.0-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppetserver-0:7.14.0-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src"
},
"product_reference": "puppetserver-0:7.14.0-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pulp-container-0:2.14.11-1.el8pc.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src"
},
"product_reference": "python-pulp-container-0:2.14.11-1.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-pulp-container-0:2.14.11-1.el8pc.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch"
},
"product_reference": "python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-kafo-0:7.2.0-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch"
},
"product_reference": "rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-kafo-0:7.2.0-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src"
},
"product_reference": "rubygem-kafo-0:7.2.0-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch"
},
"product_reference": "satellite-0:6.14.2-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.14.2-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src"
},
"product_reference": "satellite-0:6.14.2-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-capsule-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch"
},
"product_reference": "satellite-capsule-0:6.14.2-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-cli-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch"
},
"product_reference": "satellite-cli-0:6.14.2-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-common-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch"
},
"product_reference": "satellite-common-0:6.14.2-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch"
},
"product_reference": "foreman-0:3.7.0.11-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.7.0.11-2.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src"
},
"product_reference": "foreman-0:3.7.0.11-2.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-cli-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch"
},
"product_reference": "foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-debug-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch"
},
"product_reference": "foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch"
},
"product_reference": "foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ec2-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch"
},
"product_reference": "foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-journald-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch"
},
"product_reference": "foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-libvirt-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch"
},
"product_reference": "foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-openstack-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch"
},
"product_reference": "foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ovirt-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch"
},
"product_reference": "foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-postgresql-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch"
},
"product_reference": "foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-redis-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch"
},
"product_reference": "foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-service-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch"
},
"product_reference": "foreman-service-0:3.7.0.11-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-telemetry-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch"
},
"product_reference": "foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-vmware-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch"
},
"product_reference": "foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch"
},
"product_reference": "satellite-0:6.14.2-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.14.2-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src"
},
"product_reference": "satellite-0:6.14.2-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-capsule-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch"
},
"product_reference": "satellite-capsule-0:6.14.2-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-cli-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch"
},
"product_reference": "satellite-cli-0:6.14.2-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-common-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch"
},
"product_reference": "satellite-common-0:6.14.2-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "candlepin-0:4.3.11-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch"
},
"product_reference": "candlepin-0:4.3.11-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "candlepin-0:4.3.11-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src"
},
"product_reference": "candlepin-0:4.3.11-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "candlepin-selinux-0:4.3.11-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch"
},
"product_reference": "candlepin-selinux-0:4.3.11-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch"
},
"product_reference": "foreman-0:3.7.0.11-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.7.0.11-2.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src"
},
"product_reference": "foreman-0:3.7.0.11-2.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-cli-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch"
},
"product_reference": "foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-debug-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch"
},
"product_reference": "foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch"
},
"product_reference": "foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ec2-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch"
},
"product_reference": "foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-installer-1:3.7.0.7-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch"
},
"product_reference": "foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-installer-1:3.7.0.7-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src"
},
"product_reference": "foreman-installer-1:3.7.0.7-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch"
},
"product_reference": "foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-journald-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch"
},
"product_reference": "foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-libvirt-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch"
},
"product_reference": "foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-openstack-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch"
},
"product_reference": "foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ovirt-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch"
},
"product_reference": "foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-postgresql-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch"
},
"product_reference": "foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-redis-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch"
},
"product_reference": "foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-service-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch"
},
"product_reference": "foreman-service-0:3.7.0.11-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-telemetry-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch"
},
"product_reference": "foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-vmware-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch"
},
"product_reference": "foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mosquitto-0:2.0.17-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src"
},
"product_reference": "mosquitto-0:2.0.17-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mosquitto-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64"
},
"product_reference": "mosquitto-0:2.0.17-1.el8sat.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64"
},
"product_reference": "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64"
},
"product_reference": "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-agent-0:7.27.0-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src"
},
"product_reference": "puppet-agent-0:7.27.0-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-agent-0:7.27.0-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64"
},
"product_reference": "puppet-agent-0:7.27.0-1.el8sat.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppetserver-0:7.14.0-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch"
},
"product_reference": "puppetserver-0:7.14.0-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppetserver-0:7.14.0-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src"
},
"product_reference": "puppetserver-0:7.14.0-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pulp-container-0:2.14.11-1.el8pc.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src"
},
"product_reference": "python-pulp-container-0:2.14.11-1.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-pulp-container-0:2.14.11-1.el8pc.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch"
},
"product_reference": "python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch"
},
"product_reference": "rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src"
},
"product_reference": "rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-google-protobuf-0:3.24.3-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src"
},
"product_reference": "rubygem-google-protobuf-0:3.24.3-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64"
},
"product_reference": "rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64"
},
"product_reference": "rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64"
},
"product_reference": "rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-grpc-0:1.58.0-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src"
},
"product_reference": "rubygem-grpc-0:1.58.0-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-grpc-0:1.58.0-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64"
},
"product_reference": "rubygem-grpc-0:1.58.0-1.el8sat.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-kafo-0:7.2.0-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch"
},
"product_reference": "rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-kafo-0:7.2.0-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src"
},
"product_reference": "rubygem-kafo-0:7.2.0-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-katello-0:4.9.0.21-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch"
},
"product_reference": "rubygem-katello-0:4.9.0.21-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-katello-0:4.9.0.21-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src"
},
"product_reference": "rubygem-katello-0:4.9.0.21-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-puma-0:6.3.1-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src"
},
"product_reference": "rubygem-puma-0:6.3.1-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-puma-0:6.3.1-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64"
},
"product_reference": "rubygem-puma-0:6.3.1-1.el8sat.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64"
},
"product_reference": "rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64"
},
"product_reference": "rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-sidekiq-0:6.5.12-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch"
},
"product_reference": "rubygem-sidekiq-0:6.5.12-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-sidekiq-0:6.5.12-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src"
},
"product_reference": "rubygem-sidekiq-0:6.5.12-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch"
},
"product_reference": "satellite-0:6.14.2-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.14.2-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src"
},
"product_reference": "satellite-0:6.14.2-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-capsule-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch"
},
"product_reference": "satellite-capsule-0:6.14.2-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-cli-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch"
},
"product_reference": "satellite-cli-0:6.14.2-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-common-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch"
},
"product_reference": "satellite-common-0:6.14.2-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src"
},
"product_reference": "satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64"
},
"product_reference": "satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-0809",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"discovery_date": "2023-09-01T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch",
"8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src",
"8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src",
"8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src",
"8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64",
"8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch",
"8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src",
"8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src",
"8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src",
"8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src",
"8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src",
"8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src",
"8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2236882"
}
],
"notes": [
{
"category": "description",
"text": "A memory leak vulnerability was found in Eclipse Mosquitto. This issue is triggered by malicious initial packets or certain client actions and may allow a remote attacker to the deplete system resources causing memory exhaustion, leading to a disruption in services and a denial of service condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mosquitto: memory leak leads to unresponsive broker",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64"
],
"known_not_affected": [
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch",
"8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src",
"8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src",
"8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src",
"8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64",
"8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch",
"8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src",
"8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src",
"8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src",
"8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src",
"8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src",
"8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src",
"8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-0809"
},
{
"category": "external",
"summary": "RHBZ#2236882",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236882"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-0809",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0809"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0809",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0809"
},
{
"category": "external",
"summary": "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9",
"url": "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9"
}
],
"release_date": "2023-09-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0797"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mosquitto: memory leak leads to unresponsive broker"
},
{
"cve": "CVE-2023-3592",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"discovery_date": "2023-09-01T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch",
"8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src",
"8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src",
"8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src",
"8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64",
"8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch",
"8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src",
"8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src",
"8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src",
"8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src",
"8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src",
"8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src",
"8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2236882"
}
],
"notes": [
{
"category": "description",
"text": "A memory leak vulnerability was found in Eclipse Mosquitto. This issue is triggered by malicious initial packets or certain client actions and may allow a remote attacker to the deplete system resources causing memory exhaustion, leading to a disruption in services and a denial of service condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mosquitto: memory leak leads to unresponsive broker",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64"
],
"known_not_affected": [
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch",
"8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src",
"8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src",
"8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src",
"8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64",
"8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch",
"8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src",
"8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src",
"8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src",
"8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src",
"8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src",
"8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src",
"8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-3592"
},
{
"category": "external",
"summary": "RHBZ#2236882",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236882"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-3592",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3592"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-3592",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-3592"
},
{
"category": "external",
"summary": "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9",
"url": "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9"
}
],
"release_date": "2023-09-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0797"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mosquitto: memory leak leads to unresponsive broker"
},
{
"cve": "CVE-2023-4785",
"cwe": {
"id": "CWE-248",
"name": "Uncaught Exception"
},
"discovery_date": "2023-09-14T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch",
"8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src",
"8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src",
"8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src",
"8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64",
"8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch",
"8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src",
"8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src",
"8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src",
"8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src",
"8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src",
"8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src",
"8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2239017"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in gRPC. Lack of error handling in the TCP server in Google\u0027s gRPC, starting in version 1.23 on POSIX-compatible platforms (for example, Linux), allows an attacker to cause a denial of service by initiating a significant number of connections with the server. Note that gRPC C++, Python, and Ruby are affected, but gRPC Java and Go are NOT affected.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "gRPC: file descriptor exhaustion leads to denial of service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64"
],
"known_not_affected": [
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch",
"8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src",
"8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src",
"8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src",
"8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64",
"8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch",
"8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src",
"8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src",
"8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src",
"8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src",
"8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src",
"8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src",
"8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-4785"
},
{
"category": "external",
"summary": "RHBZ#2239017",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2239017"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-4785",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4785"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-4785",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-4785"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-p25m-jpj4-qcrr",
"url": "https://github.com/advisories/GHSA-p25m-jpj4-qcrr"
},
{
"category": "external",
"summary": "https://github.com/grpc/grpc/pull/33656",
"url": "https://github.com/grpc/grpc/pull/33656"
},
{
"category": "external",
"summary": "https://github.com/grpc/grpc/pull/33667",
"url": "https://github.com/grpc/grpc/pull/33667"
},
{
"category": "external",
"summary": "https://github.com/grpc/grpc/pull/33669",
"url": "https://github.com/grpc/grpc/pull/33669"
},
{
"category": "external",
"summary": "https://github.com/grpc/grpc/pull/33670",
"url": "https://github.com/grpc/grpc/pull/33670"
},
{
"category": "external",
"summary": "https://github.com/grpc/grpc/pull/33672",
"url": "https://github.com/grpc/grpc/pull/33672"
}
],
"release_date": "2023-09-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0797"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "gRPC: file descriptor exhaustion leads to denial of service"
},
{
"cve": "CVE-2023-26049",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2023-08-30T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch",
"8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src",
"8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src",
"8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src",
"8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64",
"8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src",
"8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src",
"8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src",
"8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src",
"8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src",
"8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2236341"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the jetty-server package. Nonstandard cookie parsing in Jetty may allow an attacker to smuggle cookies within other cookies or otherwise perform unintended behavior by tampering with the cookie parsing mechanism.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jetty-server: Cookie parsing of quoted values can exfiltrate values from other cookies",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src",
"8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch",
"8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src"
],
"known_not_affected": [
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch",
"8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src",
"8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src",
"8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src",
"8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64",
"8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src",
"8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src",
"8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src",
"8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src",
"8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src",
"8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-26049"
},
{
"category": "external",
"summary": "RHBZ#2236341",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236341"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-26049",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26049"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-26049",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-26049"
},
{
"category": "external",
"summary": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-p26g-97m4-6q7c",
"url": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-p26g-97m4-6q7c"
}
],
"release_date": "2023-04-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src",
"8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch",
"8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0797"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src",
"8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch",
"8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jetty-server: Cookie parsing of quoted values can exfiltrate values from other cookies"
},
{
"cve": "CVE-2023-26141",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-09-14T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch",
"8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src",
"8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src",
"8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src",
"8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64",
"8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch",
"8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src",
"8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src",
"8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src",
"8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src",
"8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src",
"8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2239010"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service vulnerability was found in Sidekiq. This flaw allows an attacker to manipulate the localStorage value in the dashboard-charts.js file and cause excessive polling requests.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "sidekiq: DoS in dashboard-charts",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src"
],
"known_not_affected": [
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch",
"8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src",
"8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src",
"8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src",
"8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64",
"8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch",
"8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src",
"8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src",
"8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src",
"8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src",
"8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src",
"8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-26141"
},
{
"category": "external",
"summary": "RHBZ#2239010",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2239010"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-26141",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26141"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-26141",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-26141"
},
{
"category": "external",
"summary": "https://github.com/sidekiq/sidekiq/commit/62c90d7c5a7d8a378d79909859d87c2e0702bf89",
"url": "https://github.com/sidekiq/sidekiq/commit/62c90d7c5a7d8a378d79909859d87c2e0702bf89"
}
],
"release_date": "2023-09-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0797"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "sidekiq: DoS in dashboard-charts"
},
{
"cve": "CVE-2023-28366",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"discovery_date": "2023-09-01T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch",
"8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src",
"8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src",
"8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src",
"8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64",
"8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch",
"8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src",
"8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src",
"8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src",
"8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src",
"8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src",
"8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src",
"8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2236882"
}
],
"notes": [
{
"category": "description",
"text": "A memory leak vulnerability was found in Eclipse Mosquitto. This issue is triggered by malicious initial packets or certain client actions and may allow a remote attacker to the deplete system resources causing memory exhaustion, leading to a disruption in services and a denial of service condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mosquitto: memory leak leads to unresponsive broker",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64"
],
"known_not_affected": [
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch",
"8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src",
"8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src",
"8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src",
"8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64",
"8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch",
"8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src",
"8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src",
"8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src",
"8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src",
"8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src",
"8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src",
"8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-28366"
},
{
"category": "external",
"summary": "RHBZ#2236882",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236882"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-28366",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28366"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-28366",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28366"
},
{
"category": "external",
"summary": "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9",
"url": "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9"
}
],
"release_date": "2023-09-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0797"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mosquitto: memory leak leads to unresponsive broker"
},
{
"cve": "CVE-2023-36479",
"cwe": {
"id": "CWE-149",
"name": "Improper Neutralization of Quoting Syntax"
},
"discovery_date": "2023-09-19T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src",
"8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src",
"8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64",
"8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch",
"8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src",
"8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src",
"8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src",
"8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src",
"8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src",
"8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src",
"8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2239630"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jetty\u0027s CGI servlet which permits incorrect command execution in specific circumstances such as requests with certain characters in requested filenames. This issue could allow an attacker to run permitted commands other than the one requested.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jetty: Improper addition of quotation marks to user inputs in CgiServlet",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch",
"8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src",
"8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch"
],
"known_not_affected": [
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src",
"8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src",
"8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64",
"8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch",
"8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src",
"8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src",
"8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src",
"8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src",
"8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src",
"8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src",
"8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-36479"
},
{
"category": "external",
"summary": "RHBZ#2239630",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2239630"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-36479",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36479"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-36479",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-36479"
}
],
"release_date": "2023-09-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch",
"8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src",
"8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0797"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch",
"8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src",
"8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jetty: Improper addition of quotation marks to user inputs in CgiServlet"
},
{
"acknowledgments": [
{
"names": [
"Jay Satiro"
]
}
],
"cve": "CVE-2023-38545",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"discovery_date": "2023-10-03T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch",
"8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src",
"8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src",
"8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch",
"8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src",
"8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src",
"8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src",
"8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src",
"8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src",
"8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src",
"8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2241933"
}
],
"notes": [
{
"category": "description",
"text": "A heap-based buffer overflow flaw was found in the SOCKS5 proxy handshake in the Curl package. If Curl is unable to resolve the address itself, it passes the hostname to the SOCKS5 proxy. However, the maximum length of the hostname that can be passed is 255 bytes. If the hostname is longer, then Curl switches to the local name resolving and passes the resolved address only to the proxy. The local variable that instructs Curl to \"let the host resolve the name\" could obtain the wrong value during a slow SOCKS5 handshake, resulting in the too-long hostname being copied to the target buffer instead of the resolved address, which was not the intended behavior.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "curl: heap based buffer overflow in the SOCKS5 proxy handshake",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw does not affect the versions of curl as shipped with Red Hat Enterprise Linux 6, 7, and 8.\n\nAn overflow is only possible in applications that do not set `CURLOPT_BUFFERSIZE`, or set it smaller than approximately 65kB. Since the curl tool sets `CURLOPT_BUFFERSIZE` to 100kB by default, it is not vulnerable unless rate limiting was set by the user to a size smaller than 65kB.\n\nKnowledgebase article:\n\nhttps://access.redhat.com/solutions/7045099",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64",
"8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src",
"8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64"
],
"known_not_affected": [
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch",
"8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src",
"8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src",
"8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch",
"8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src",
"8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src",
"8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src",
"8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src",
"8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src",
"8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src",
"8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-38545"
},
{
"category": "external",
"summary": "RHBZ#2241933",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241933"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-38545",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38545"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-38545",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-38545"
},
{
"category": "external",
"summary": "https://curl.se/docs/CVE-2023-38545.html",
"url": "https://curl.se/docs/CVE-2023-38545.html"
}
],
"release_date": "2023-10-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64",
"8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src",
"8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0797"
},
{
"category": "workaround",
"details": "To avoid this issue, we recommend you do not use `CURLPROXY_SOCKS5_HOSTNAME` proxies with curl. Also do not set a proxy environment variable to socks5h://",
"product_ids": [
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch",
"8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src",
"8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src",
"8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src",
"8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64",
"8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch",
"8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src",
"8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src",
"8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src",
"8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src",
"8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src",
"8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src",
"8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64",
"8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src",
"8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "curl: heap based buffer overflow in the SOCKS5 proxy handshake"
},
{
"cve": "CVE-2023-40167",
"cwe": {
"id": "CWE-130",
"name": "Improper Handling of Length Parameter Inconsistency"
},
"discovery_date": "2023-09-19T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src",
"8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src",
"8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64",
"8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch",
"8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src",
"8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src",
"8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src",
"8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src",
"8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src",
"8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src",
"8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2239634"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jetty that permits a plus sign (+) preceding the content-length value in a HTTP/1 header field, which is non-standard and more permissive than RFC. This issue could allow an attacker to request smuggling in conjunction with a server that does not close connections after 400 responses.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jetty: Improper validation of HTTP/1 content-length",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch",
"8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src",
"8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch"
],
"known_not_affected": [
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src",
"8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src",
"8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64",
"8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch",
"8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src",
"8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src",
"8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src",
"8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src",
"8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src",
"8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src",
"8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-40167"
},
{
"category": "external",
"summary": "RHBZ#2239634",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2239634"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-40167",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40167"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-40167",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-40167"
},
{
"category": "external",
"summary": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-hmr7-m48g-48f6",
"url": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-hmr7-m48g-48f6"
},
{
"category": "external",
"summary": "https://www.rfc-editor.org/rfc/rfc9110#section-8.6",
"url": "https://www.rfc-editor.org/rfc/rfc9110#section-8.6"
}
],
"release_date": "2023-09-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch",
"8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src",
"8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0797"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch",
"8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src",
"8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jetty: Improper validation of HTTP/1 content-length"
},
{
"cve": "CVE-2023-40175",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2023-08-18T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch",
"8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src",
"8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src",
"8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src",
"8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64",
"8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch",
"8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src",
"8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src",
"8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src",
"8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src",
"8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src",
"8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2232729"
}
],
"notes": [
{
"category": "description",
"text": "An HTTP request smuggling attack vulnerability was found in Rubygem Puma. This flaw allows an attacker to gain unauthorized access to sensitive data due to an inconsistent interpretation of HTTP requests.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rubygem-puma: HTTP request smuggling when parsing chunked transfer encoding bodies and zero-length content-length headers",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src",
"8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64"
],
"known_not_affected": [
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch",
"8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src",
"8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src",
"8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src",
"8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64",
"8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch",
"8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src",
"8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src",
"8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src",
"8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src",
"8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src",
"8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-40175"
},
{
"category": "external",
"summary": "RHBZ#2232729",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2232729"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-40175",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40175"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-40175",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-40175"
},
{
"category": "external",
"summary": "https://github.com/puma/puma/security/advisories/GHSA-68xg-gqqm-vgj8",
"url": "https://github.com/puma/puma/security/advisories/GHSA-68xg-gqqm-vgj8"
}
],
"release_date": "2023-08-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src",
"8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0797"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src",
"8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "rubygem-puma: HTTP request smuggling when parsing chunked transfer encoding bodies and zero-length content-length headers"
}
]
}
Loading...
Loading...
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.