Action not permitted
Modal body text goes here.
cve-2024-11831
Vulnerability from cvelistv5
Published
2025-02-10 15:27
Modified
2025-04-24 22:00
Severity ?
EPSS score ?
Summary
Npm-serialize-javascript: cross-site scripting (xss) in serialize-javascript
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-11831",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-10T17:08:31.160473Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-10T17:08:44.112Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://github.com/yahoo/serialize-javascript",
"packageName": "serialize-javascript",
"versions": [
{
"lessThan": "6.0.2",
"status": "affected",
"version": "6.0",
"versionType": "semver"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4.4::el8"
],
"defaultStatus": "affected",
"packageName": "advanced-cluster-security/rhacs-main-rhel8",
"product": "Red Hat Advanced Cluster Security 4.4",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "4.4.8-2",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4.5::el8"
],
"defaultStatus": "affected",
"packageName": "advanced-cluster-security/rhacs-main-rhel8",
"product": "Red Hat Advanced Cluster Security 4.5",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "4.5.6-2",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:enterprise_linux:9::crb",
"cpe:/a:redhat:enterprise_linux:9::appstream"
],
"defaultStatus": "affected",
"packageName": "dotnet8.0",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:8.0.112-1.el9_5",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:cryostat:3"
],
"defaultStatus": "affected",
"packageName": "serialize-javascript",
"product": "Cryostat 3",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:logging:5"
],
"defaultStatus": "affected",
"packageName": "openshift-logging/kibana6-rhel8",
"product": "Logging Subsystem for Red Hat OpenShift",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:migration_toolkit_virtualization:2"
],
"defaultStatus": "unaffected",
"packageName": "migration-toolkit-virtualization/mtv-console-plugin-rhel9",
"product": "Migration Toolkit for Virtualization",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhel_dotnet:6.0"
],
"defaultStatus": "affected",
"packageName": "rh-dotnet60-dotnet",
"product": ".NET 6.0 on Red Hat Enterprise Linux",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_lightspeed"
],
"defaultStatus": "affected",
"packageName": "openshift-lightspeed-beta/lightspeed-console-plugin-rhel9",
"product": "OpenShift Lightspeed",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_pipelines:1"
],
"defaultStatus": "affected",
"packageName": "openshift-pipelines/pipelines-console-plugin-rhel8",
"product": "OpenShift Pipelines",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_pipelines:1"
],
"defaultStatus": "affected",
"packageName": "openshift-pipelines/pipelines-hub-api-rhel8",
"product": "OpenShift Pipelines",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_pipelines:1"
],
"defaultStatus": "affected",
"packageName": "openshift-pipelines/pipelines-hub-db-migration-rhel8",
"product": "OpenShift Pipelines",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_pipelines:1"
],
"defaultStatus": "affected",
"packageName": "openshift-pipelines/pipelines-hub-ui-rhel8",
"product": "OpenShift Pipelines",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:serverless:1"
],
"defaultStatus": "affected",
"packageName": "serialize-javascript",
"product": "OpenShift Serverless",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:service_mesh:2"
],
"defaultStatus": "affected",
"packageName": "openshift-service-mesh/kiali-ossmc-rhel8",
"product": "OpenShift Service Mesh 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:service_mesh:2"
],
"defaultStatus": "affected",
"packageName": "openshift-service-mesh/kiali-rhel8",
"product": "OpenShift Service Mesh 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:red_hat_3scale_amp:2"
],
"defaultStatus": "affected",
"packageName": "3scale-amp-system-container",
"product": "Red Hat 3scale API Management Platform 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:acm:2"
],
"defaultStatus": "unaffected",
"packageName": "rhacm2/console-rhel8",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4"
],
"defaultStatus": "unaffected",
"packageName": "advanced-cluster-security/rhacs-central-db-rhel8",
"product": "Red Hat Advanced Cluster Security 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4"
],
"defaultStatus": "unaffected",
"packageName": "advanced-cluster-security/rhacs-rhel8-operator",
"product": "Red Hat Advanced Cluster Security 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4"
],
"defaultStatus": "unaffected",
"packageName": "advanced-cluster-security/rhacs-roxctl-rhel8",
"product": "Red Hat Advanced Cluster Security 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4"
],
"defaultStatus": "unaffected",
"packageName": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8",
"product": "Red Hat Advanced Cluster Security 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4"
],
"defaultStatus": "unaffected",
"packageName": "advanced-cluster-security/rhacs-scanner-v4-rhel8",
"product": "Red Hat Advanced Cluster Security 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2"
],
"defaultStatus": "affected",
"packageName": "aap-cloud-ui-container",
"product": "Red Hat Ansible Automation Platform 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2"
],
"defaultStatus": "affected",
"packageName": "ansible-automation-platform-24/lightspeed-rhel8",
"product": "Red Hat Ansible Automation Platform 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2"
],
"defaultStatus": "unaffected",
"packageName": "automation-controller",
"product": "Red Hat Ansible Automation Platform 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2"
],
"defaultStatus": "affected",
"packageName": "automation-eda-controller",
"product": "Red Hat Ansible Automation Platform 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhboac_hawtio:4"
],
"defaultStatus": "unaffected",
"packageName": "serialize-javascript",
"product": "Red Hat build of Apache Camel - HawtIO 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:service_registry:2"
],
"defaultStatus": "affected",
"packageName": "serialize-javascript",
"product": "Red Hat build of Apicurio Registry 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:optaplanner:::el6"
],
"defaultStatus": "affected",
"packageName": "serialize-javascript",
"product": "Red Hat build of OptaPlanner 8",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_data_grid:8"
],
"defaultStatus": "affected",
"packageName": "serialize-javascript",
"product": "Red Hat Data Grid 8",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhdh:1"
],
"defaultStatus": "unaffected",
"packageName": "rhdh/rhdh-hub-rhel9",
"product": "Red Hat Developer Hub",
"vendor": "Red Hat"
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:discovery:1"
],
"defaultStatus": "affected",
"packageName": "discovery-server-container",
"product": "Red Hat Discovery",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
],
"defaultStatus": "affected",
"packageName": "dotnet6.0",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
],
"defaultStatus": "affected",
"packageName": "dotnet8.0",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
],
"defaultStatus": "affected",
"packageName": "grafana",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
],
"defaultStatus": "unaffected",
"packageName": "pcs",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "affected",
"packageName": "dotnet6.0",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "affected",
"packageName": "dotnet7.0",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "unaffected",
"packageName": "pcs",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_fuse:7"
],
"defaultStatus": "affected",
"packageName": "serialize-javascript",
"product": "Red Hat Fuse 7",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:integration:1"
],
"defaultStatus": "unaffected",
"packageName": "serialize-javascript",
"product": "Red Hat Integration Camel K 1",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:7"
],
"defaultStatus": "unaffected",
"packageName": "serialize-javascript",
"product": "Red Hat JBoss Enterprise Application Platform 7",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8"
],
"defaultStatus": "unaffected",
"packageName": "serialize-javascript",
"product": "Red Hat JBoss Enterprise Application Platform 8",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html",
"cpes": [
"cpe:/a:redhat:jbosseapxp"
],
"defaultStatus": "unaffected",
"packageName": "serialize-javascript",
"product": "Red Hat JBoss Enterprise Application Platform Expansion Pack",
"vendor": "Red Hat"
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "unaffected",
"packageName": "odh-dashboard-container",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "odh-dashboard-rhel8",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "odh-data-science-pipelines-argo-argoexec-rhel8",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "odh-data-science-pipelines-argo-workflowcontroller-rhel8",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "odh-kf-notebook-controller-rhel8",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "odh-ml-pipelines-api-server-v2-rhel8",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "odh-ml-pipelines-driver-rhel8",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "odh-ml-pipelines-launcher-rhel8",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "odh-ml-pipelines-persistenceagent-v2-rhel8",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "odh-ml-pipelines-scheduledworkflow-v2-rhel8",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "odh-model-registry-rhel8",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "unaffected",
"packageName": "odh-notebook-controller-rhel8",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "unaffected",
"packageName": "odh-operator-container",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:3.11"
],
"defaultStatus": "affected",
"packageName": "openshift3/ose-console",
"product": "Red Hat OpenShift Container Platform 3.11",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "openshift4/ose-monitoring-plugin-rhel9",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4"
],
"defaultStatus": "affected",
"packageName": "odf4/ocs-client-console-rhel9",
"product": "Red Hat Openshift Data Foundation 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-console-rhel9",
"product": "Red Hat Openshift Data Foundation 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-multicluster-console-rhel8",
"product": "Red Hat Openshift Data Foundation 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_devspaces:3:"
],
"defaultStatus": "affected",
"packageName": "devspaces/code-rhel8",
"product": "Red Hat OpenShift Dev Spaces",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_devspaces:3:"
],
"defaultStatus": "affected",
"packageName": "devspaces/dashboard-rhel8",
"product": "Red Hat OpenShift Dev Spaces",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_devspaces:3:"
],
"defaultStatus": "affected",
"packageName": "devspaces/traefik-rhel8",
"product": "Red Hat OpenShift Dev Spaces",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_distributed_tracing:3"
],
"defaultStatus": "unaffected",
"packageName": "rhosdt/jaeger-agent-rhel8",
"product": "Red Hat OpenShift distributed tracing 3",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_distributed_tracing:3"
],
"defaultStatus": "affected",
"packageName": "rhosdt/jaeger-all-in-one-rhel8",
"product": "Red Hat OpenShift distributed tracing 3",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_distributed_tracing:3"
],
"defaultStatus": "unaffected",
"packageName": "rhosdt/jaeger-collector-rhel8",
"product": "Red Hat OpenShift distributed tracing 3",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_distributed_tracing:3"
],
"defaultStatus": "unaffected",
"packageName": "rhosdt/jaeger-es-index-cleaner-rhel8",
"product": "Red Hat OpenShift distributed tracing 3",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_distributed_tracing:3"
],
"defaultStatus": "unaffected",
"packageName": "rhosdt/jaeger-es-rollover-rhel8",
"product": "Red Hat OpenShift distributed tracing 3",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_distributed_tracing:3"
],
"defaultStatus": "unaffected",
"packageName": "rhosdt/jaeger-ingester-rhel8",
"product": "Red Hat OpenShift distributed tracing 3",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_distributed_tracing:3"
],
"defaultStatus": "affected",
"packageName": "rhosdt/jaeger-query-rhel8",
"product": "Red Hat OpenShift distributed tracing 3",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_bpms_platform:7"
],
"defaultStatus": "affected",
"packageName": "serialize-javascript",
"product": "Red Hat Process Automation 7",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:quay:3"
],
"defaultStatus": "affected",
"packageName": "quay/quay-rhel8",
"product": "Red Hat Quay 3",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:satellite:6"
],
"defaultStatus": "unaffected",
"packageName": "nodejs-compression-webpack-plugin",
"product": "Red Hat Satellite 6",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:satellite:6"
],
"defaultStatus": "unaffected",
"packageName": "nodejs-webpack",
"product": "Red Hat Satellite 6",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:red_hat_single_sign_on:7"
],
"defaultStatus": "affected",
"packageName": "serialize-javascript",
"product": "Red Hat Single Sign-On 7",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:trusted_profile_analyzer:1"
],
"defaultStatus": "affected",
"packageName": "rhtpa/rhtpa-trustification-service-rhel9",
"product": "Red Hat Trusted Profile Analyzer",
"vendor": "Red Hat"
}
],
"datePublic": "2024-09-16T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in npm-serialize-javascript. The vulnerability occurs because the serialize-javascript module does not properly sanitize certain inputs, such as regex or other JavaScript object types, allowing an attacker to inject malicious code. This code could be executed when deserialized by a web browser, causing Cross-site scripting (XSS) attacks. This issue is critical in environments where serialized data is sent to web clients, potentially compromising the security of the website or web application using this package."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Moderate"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-24T22:00:29.848Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHBA-2025:0304",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHBA-2025:0304"
},
{
"name": "RHSA-2025:1334",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:1334"
},
{
"name": "RHSA-2025:1468",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:1468"
},
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2024-11831"
},
{
"name": "RHBZ#2312579",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312579"
},
{
"url": "https://github.com/yahoo/serialize-javascript/commit/f27d65d3de42affe2aac14607066c293891cec4e"
},
{
"url": "https://github.com/yahoo/serialize-javascript/pull/173"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-09-16T16:43:32.021000+00:00",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2024-09-16T00:00:00+00:00",
"value": "Made public."
}
],
"title": "Npm-serialize-javascript: cross-site scripting (xss) in serialize-javascript",
"workarounds": [
{
"lang": "en",
"value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
}
],
"x_redhatCweChain": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2024-11831",
"datePublished": "2025-02-10T15:27:46.732Z",
"dateReserved": "2024-11-26T18:56:38.187Z",
"dateUpdated": "2025-04-24T22:00:29.848Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2024-11831\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2025-02-10T16:15:37.080\",\"lastModified\":\"2025-04-24T13:15:44.573\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A flaw was found in npm-serialize-javascript. The vulnerability occurs because the serialize-javascript module does not properly sanitize certain inputs, such as regex or other JavaScript object types, allowing an attacker to inject malicious code. This code could be executed when deserialized by a web browser, causing Cross-site scripting (XSS) attacks. This issue is critical in environments where serialized data is sent to web clients, potentially compromising the security of the website or web application using this package.\"},{\"lang\":\"es\",\"value\":\"Se encontr\u00f3 una falla en npm-serialize-javascript. La vulnerabilidad ocurre porque el m\u00f3dulo serialize-javascript no depura correctamente ciertas entradas, como expresiones regulares u otros tipos de objetos JavaScript, lo que permite que un atacante inyecte c\u00f3digo malicioso. Este c\u00f3digo podr\u00eda ejecutarse cuando un navegador web lo deserialice, lo que causa ataques de cross site scripting (XSS). Este problema es cr\u00edtico en entornos donde se env\u00edan datos serializados a clientes web, lo que potencialmente compromete la seguridad del sitio web o la aplicaci\u00f3n web que utiliza este paquete.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N\",\"baseScore\":5.4,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.3,\"impactScore\":2.7}]},\"weaknesses\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]}],\"references\":[{\"url\":\"https://access.redhat.com/errata/RHBA-2025:0304\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2025:1334\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2025:1468\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/security/cve/CVE-2024-11831\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2312579\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://github.com/yahoo/serialize-javascript/commit/f27d65d3de42affe2aac14607066c293891cec4e\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://github.com/yahoo/serialize-javascript/pull/173\",\"source\":\"secalert@redhat.com\"}]}}"
}
}
ghsa-76p7-773f-r4q5
Vulnerability from github
Published
2025-02-10 18:30
Modified
2025-04-24 15:30
Severity ?
Summary
Cross-site Scripting (XSS) in serialize-javascript
Details
A flaw was found in npm-serialize-javascript. The vulnerability occurs because the serialize-javascript module does not properly sanitize certain inputs, such as regex or other JavaScript object types, allowing an attacker to inject malicious code. This code could be executed when deserialized by a web browser, causing Cross-site scripting (XSS) attacks. This issue is critical in environments where serialized data is sent to web clients, potentially compromising the security of the website or web application using this package.
{
"affected": [
{
"package": {
"ecosystem": "npm",
"name": "serialize-javascript"
},
"ranges": [
{
"events": [
{
"introduced": "6.0.0"
},
{
"fixed": "6.0.2"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2024-11831"
],
"database_specific": {
"cwe_ids": [
"CWE-79"
],
"github_reviewed": true,
"github_reviewed_at": "2025-02-10T21:19:59Z",
"nvd_published_at": "2025-02-10T16:15:37Z",
"severity": "MODERATE"
},
"details": "A flaw was found in npm-serialize-javascript. The vulnerability occurs because the serialize-javascript module does not properly sanitize certain inputs, such as regex or other JavaScript object types, allowing an attacker to inject malicious code. This code could be executed when deserialized by a web browser, causing Cross-site scripting (XSS) attacks. This issue is critical in environments where serialized data is sent to web clients, potentially compromising the security of the website or web application using this package.",
"id": "GHSA-76p7-773f-r4q5",
"modified": "2025-04-24T15:30:49Z",
"published": "2025-02-10T18:30:47Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-11831"
},
{
"type": "WEB",
"url": "https://github.com/yahoo/serialize-javascript/pull/173"
},
{
"type": "WEB",
"url": "https://github.com/yahoo/serialize-javascript/commit/7f3ac252d86b802454cb43782820aea2e0f6dc25"
},
{
"type": "WEB",
"url": "https://github.com/yahoo/serialize-javascript/commit/f27d65d3de42affe2aac14607066c293891cec4e"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHBA-2025:0304"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2025:1334"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2025:1468"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/CVE-2024-11831"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312579"
},
{
"type": "PACKAGE",
"url": "https://github.com/yahoo/serialize-javascript"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"type": "CVSS_V3"
}
],
"summary": "Cross-site Scripting (XSS) in serialize-javascript"
}
rhsa-2025_1468
Vulnerability from csaf_redhat
Published
2025-02-13 18:14
Modified
2025-03-25 11:10
Summary
Red Hat Security Advisory: ACS 4.4 enhancement and security update
Notes
Topic
Updated images are now available for Red Hat Advanced Cluster Security for Kubernetes (RHACS). The updated image includes security fixes.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
This release of RHACS 4.4.8 includes security fixes. If you are
using an earlier version of RHACS 4.4, you are advised to upgrade to this
patch release 4.4.8.
Security issues fixed:
* npm-serialize-javascript: Cross-site Scripting (XSS) in serialize-javascript (CVE-2024-11831)
* go-git: Argument injection via the URL field (CVE-2025-21613)
* go-git: Go-git clients vulnerable to DoS via maliciously crafted Git server replies (CVE-2025-21614)
* golang.org/x/crypto/ssh: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto (CVE-2024-45337)
* golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html (CVE-2024-45338)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated images are now available for Red Hat Advanced Cluster Security for Kubernetes (RHACS). The updated image includes security fixes.\n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "This release of RHACS 4.4.8 includes security fixes. If you are\nusing an earlier version of RHACS 4.4, you are advised to upgrade to this\npatch release 4.4.8.\n\nSecurity issues fixed:\n\n* npm-serialize-javascript: Cross-site Scripting (XSS) in serialize-javascript (CVE-2024-11831)\n\n* go-git: Argument injection via the URL field (CVE-2025-21613)\n\n* go-git: Go-git clients vulnerable to DoS via maliciously crafted Git server replies (CVE-2025-21614)\n\n* golang.org/x/crypto/ssh: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto (CVE-2024-45337)\n\n* golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html (CVE-2024-45338)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:1468",
"url": "https://access.redhat.com/errata/RHSA-2025:1468"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://docs.openshift.com/acs/4.4/release_notes/44-release-notes.html",
"url": "https://docs.openshift.com/acs/4.4/release_notes/44-release-notes.html"
},
{
"category": "external",
"summary": "2312579",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312579"
},
{
"category": "external",
"summary": "2331720",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331720"
},
{
"category": "external",
"summary": "2333122",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2333122"
},
{
"category": "external",
"summary": "2335888",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2335888"
},
{
"category": "external",
"summary": "2335901",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2335901"
},
{
"category": "external",
"summary": "ROX-27933",
"url": "https://issues.redhat.com/browse/ROX-27933"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_1468.json"
}
],
"title": "Red Hat Security Advisory: ACS 4.4 enhancement and security update",
"tracking": {
"current_release_date": "2025-03-25T11:10:55+00:00",
"generator": {
"date": "2025-03-25T11:10:55+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.4.1"
}
},
"id": "RHSA-2025:1468",
"initial_release_date": "2025-02-13T18:14:31+00:00",
"revision_history": [
{
"date": "2025-02-13T18:14:31+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-02-13T18:14:31+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-03-25T11:10:55+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHACS 4.4 for RHEL 8",
"product": {
"name": "RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:advanced_cluster_security:4.4::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Advanced Cluster Security for Kubernetes"
},
{
"branches": [
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:394f4fd42c292ef68abf4a9104fe668026e394c3243ebf9b184d40a4b4b0132e_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:394f4fd42c292ef68abf4a9104fe668026e394c3243ebf9b184d40a4b4b0132e_amd64",
"product_id": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:394f4fd42c292ef68abf4a9104fe668026e394c3243ebf9b184d40a4b4b0132e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256:394f4fd42c292ef68abf4a9104fe668026e394c3243ebf9b184d40a4b4b0132e?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=4.4.8-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:39367ad4f4807b804eb6a95d241d99c528995f75d3264b58820cf50fa6abceef_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:39367ad4f4807b804eb6a95d241d99c528995f75d3264b58820cf50fa6abceef_amd64",
"product_id": "advanced-cluster-security/rhacs-collector-rhel8@sha256:39367ad4f4807b804eb6a95d241d99c528995f75d3264b58820cf50fa6abceef_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256:39367ad4f4807b804eb6a95d241d99c528995f75d3264b58820cf50fa6abceef?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=4.4.8-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:62ddbd8b9e0b27be7a0541c7fe085b621834facff7d83d4a2e57b56ef6c713a2_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:62ddbd8b9e0b27be7a0541c7fe085b621834facff7d83d4a2e57b56ef6c713a2_amd64",
"product_id": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:62ddbd8b9e0b27be7a0541c7fe085b621834facff7d83d4a2e57b56ef6c713a2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-slim-rhel8@sha256:62ddbd8b9e0b27be7a0541c7fe085b621834facff7d83d4a2e57b56ef6c713a2?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-slim-rhel8\u0026tag=4.4.8-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:0e867de15e3038db7274dc1d84cd8ca5b1860b661c8b16ecd8f7aeefa76077a8_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:0e867de15e3038db7274dc1d84cd8ca5b1860b661c8b16ecd8f7aeefa76077a8_amd64",
"product_id": "advanced-cluster-security/rhacs-main-rhel8@sha256:0e867de15e3038db7274dc1d84cd8ca5b1860b661c8b16ecd8f7aeefa76077a8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256:0e867de15e3038db7274dc1d84cd8ca5b1860b661c8b16ecd8f7aeefa76077a8?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=4.4.8-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:123c0108bd7a190dd2accfd21786600f787147f040e57fb5f840861e2caa441d_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:123c0108bd7a190dd2accfd21786600f787147f040e57fb5f840861e2caa441d_amd64",
"product_id": "advanced-cluster-security/rhacs-operator-bundle@sha256:123c0108bd7a190dd2accfd21786600f787147f040e57fb5f840861e2caa441d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-operator-bundle@sha256:123c0108bd7a190dd2accfd21786600f787147f040e57fb5f840861e2caa441d?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle\u0026tag=4.4.8-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:609205741b369f72807fcec1fd3351d56e4605fdbbee37975fad8c01a5ea0339_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:609205741b369f72807fcec1fd3351d56e4605fdbbee37975fad8c01a5ea0339_amd64",
"product_id": "advanced-cluster-security/rhacs-rhel8-operator@sha256:609205741b369f72807fcec1fd3351d56e4605fdbbee37975fad8c01a5ea0339_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256:609205741b369f72807fcec1fd3351d56e4605fdbbee37975fad8c01a5ea0339?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=4.4.8-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b0f32d062678d69350a3a1a18b643c8b97ebfdbd0bea1c0ee67312312d02fcba_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b0f32d062678d69350a3a1a18b643c8b97ebfdbd0bea1c0ee67312312d02fcba_amd64",
"product_id": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b0f32d062678d69350a3a1a18b643c8b97ebfdbd0bea1c0ee67312312d02fcba_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256:b0f32d062678d69350a3a1a18b643c8b97ebfdbd0bea1c0ee67312312d02fcba?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=4.4.8-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:20a368484142ce585e3a49a402bab10b2045ba2d89711154ae80457c01881a4c_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:20a368484142ce585e3a49a402bab10b2045ba2d89711154ae80457c01881a4c_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:20a368484142ce585e3a49a402bab10b2045ba2d89711154ae80457c01881a4c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256:20a368484142ce585e3a49a402bab10b2045ba2d89711154ae80457c01881a4c?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=4.4.8-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7108fcc2c26b8e735231d9bad43febbc2ccc15723b15d3bf9ba643f950f75857_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7108fcc2c26b8e735231d9bad43febbc2ccc15723b15d3bf9ba643f950f75857_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7108fcc2c26b8e735231d9bad43febbc2ccc15723b15d3bf9ba643f950f75857_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256:7108fcc2c26b8e735231d9bad43febbc2ccc15723b15d3bf9ba643f950f75857?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=4.4.8-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:844cef84fb29ee2996c284c6d517a645d4b14862c17021bd1b0052515cd364df_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:844cef84fb29ee2996c284c6d517a645d4b14862c17021bd1b0052515cd364df_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:844cef84fb29ee2996c284c6d517a645d4b14862c17021bd1b0052515cd364df_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256:844cef84fb29ee2996c284c6d517a645d4b14862c17021bd1b0052515cd364df?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=4.4.8-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1d00cc8be3101e0a0a901249545566689d1de5554f5101b8fcbb6fa1827d508b_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1d00cc8be3101e0a0a901249545566689d1de5554f5101b8fcbb6fa1827d508b_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1d00cc8be3101e0a0a901249545566689d1de5554f5101b8fcbb6fa1827d508b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256:1d00cc8be3101e0a0a901249545566689d1de5554f5101b8fcbb6fa1827d508b?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=4.4.8-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bcc9fd4d95422283c8d6016e1f85cd4522f43c0504cadf6aec40b9c30f2d945d_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bcc9fd4d95422283c8d6016e1f85cd4522f43c0504cadf6aec40b9c30f2d945d_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bcc9fd4d95422283c8d6016e1f85cd4522f43c0504cadf6aec40b9c30f2d945d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256:bcc9fd4d95422283c8d6016e1f85cd4522f43c0504cadf6aec40b9c30f2d945d?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8\u0026tag=4.4.8-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:224bfa6af3a2a9b15657ee0adc0233608bb7a2218f9a488b537e3af4c53acacf_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:224bfa6af3a2a9b15657ee0adc0233608bb7a2218f9a488b537e3af4c53acacf_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:224bfa6af3a2a9b15657ee0adc0233608bb7a2218f9a488b537e3af4c53acacf_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256:224bfa6af3a2a9b15657ee0adc0233608bb7a2218f9a488b537e3af4c53acacf?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8\u0026tag=4.4.8-2"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:8b92405457c5240a4d672409a7519d28463f2f0e104f441e3d0d0839549c6215_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:8b92405457c5240a4d672409a7519d28463f2f0e104f441e3d0d0839549c6215_ppc64le",
"product_id": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:8b92405457c5240a4d672409a7519d28463f2f0e104f441e3d0d0839549c6215_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256:8b92405457c5240a4d672409a7519d28463f2f0e104f441e3d0d0839549c6215?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=4.4.8-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:a5a1e18726ce755a8f2a36a58928714d61f4426643b7f08da086004982e993ef_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:a5a1e18726ce755a8f2a36a58928714d61f4426643b7f08da086004982e993ef_ppc64le",
"product_id": "advanced-cluster-security/rhacs-collector-rhel8@sha256:a5a1e18726ce755a8f2a36a58928714d61f4426643b7f08da086004982e993ef_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256:a5a1e18726ce755a8f2a36a58928714d61f4426643b7f08da086004982e993ef?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=4.4.8-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:94b445cbaef0111d98a0ee595988ef420423aa381b36e7127e76e385be12996a_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:94b445cbaef0111d98a0ee595988ef420423aa381b36e7127e76e385be12996a_ppc64le",
"product_id": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:94b445cbaef0111d98a0ee595988ef420423aa381b36e7127e76e385be12996a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-slim-rhel8@sha256:94b445cbaef0111d98a0ee595988ef420423aa381b36e7127e76e385be12996a?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-slim-rhel8\u0026tag=4.4.8-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:92f98ca560ce539495108e6212737ea6cf83215fe0a5aa7a12636ee9d5fca88f_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:92f98ca560ce539495108e6212737ea6cf83215fe0a5aa7a12636ee9d5fca88f_ppc64le",
"product_id": "advanced-cluster-security/rhacs-main-rhel8@sha256:92f98ca560ce539495108e6212737ea6cf83215fe0a5aa7a12636ee9d5fca88f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256:92f98ca560ce539495108e6212737ea6cf83215fe0a5aa7a12636ee9d5fca88f?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=4.4.8-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:6f81e9b903594b0a8bd5517900f7677e09c942953d257c87da11fb779e0f9dab_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:6f81e9b903594b0a8bd5517900f7677e09c942953d257c87da11fb779e0f9dab_ppc64le",
"product_id": "advanced-cluster-security/rhacs-operator-bundle@sha256:6f81e9b903594b0a8bd5517900f7677e09c942953d257c87da11fb779e0f9dab_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-operator-bundle@sha256:6f81e9b903594b0a8bd5517900f7677e09c942953d257c87da11fb779e0f9dab?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle\u0026tag=4.4.8-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:2f74522967f06958e385468a31e14bb9ede90569dec8292d61e67c6640c1ebde_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:2f74522967f06958e385468a31e14bb9ede90569dec8292d61e67c6640c1ebde_ppc64le",
"product_id": "advanced-cluster-security/rhacs-rhel8-operator@sha256:2f74522967f06958e385468a31e14bb9ede90569dec8292d61e67c6640c1ebde_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256:2f74522967f06958e385468a31e14bb9ede90569dec8292d61e67c6640c1ebde?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=4.4.8-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1e37a386006e4a7b4414dcdbe6a42191b8f41e706e1df6dfe401cbdbe342f06a_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1e37a386006e4a7b4414dcdbe6a42191b8f41e706e1df6dfe401cbdbe342f06a_ppc64le",
"product_id": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1e37a386006e4a7b4414dcdbe6a42191b8f41e706e1df6dfe401cbdbe342f06a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256:1e37a386006e4a7b4414dcdbe6a42191b8f41e706e1df6dfe401cbdbe342f06a?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=4.4.8-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:08c488f99ef1c837418842db1c8e52391a55f5f61a1de98edbbe3a201070168a_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:08c488f99ef1c837418842db1c8e52391a55f5f61a1de98edbbe3a201070168a_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:08c488f99ef1c837418842db1c8e52391a55f5f61a1de98edbbe3a201070168a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256:08c488f99ef1c837418842db1c8e52391a55f5f61a1de98edbbe3a201070168a?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=4.4.8-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:439fc3b91a4841c81355ecbb5c610c66139525df82bdb96a4ece4ffd20aca0a5_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:439fc3b91a4841c81355ecbb5c610c66139525df82bdb96a4ece4ffd20aca0a5_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:439fc3b91a4841c81355ecbb5c610c66139525df82bdb96a4ece4ffd20aca0a5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256:439fc3b91a4841c81355ecbb5c610c66139525df82bdb96a4ece4ffd20aca0a5?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=4.4.8-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:fc974b15c869a26e0ae259a39ce0ed1f1954630557c31465561eeee67bfc2797_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:fc974b15c869a26e0ae259a39ce0ed1f1954630557c31465561eeee67bfc2797_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:fc974b15c869a26e0ae259a39ce0ed1f1954630557c31465561eeee67bfc2797_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256:fc974b15c869a26e0ae259a39ce0ed1f1954630557c31465561eeee67bfc2797?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=4.4.8-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:17a5ed5cea7a0b355ea13e6a95218143c351e34cee1ba0188a14c28f9605e504_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:17a5ed5cea7a0b355ea13e6a95218143c351e34cee1ba0188a14c28f9605e504_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:17a5ed5cea7a0b355ea13e6a95218143c351e34cee1ba0188a14c28f9605e504_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256:17a5ed5cea7a0b355ea13e6a95218143c351e34cee1ba0188a14c28f9605e504?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=4.4.8-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c9713eae9be9f99e9e7382ace5f520f96f641c50d8aed1c64a0f6a0ba9ed5395_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c9713eae9be9f99e9e7382ace5f520f96f641c50d8aed1c64a0f6a0ba9ed5395_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c9713eae9be9f99e9e7382ace5f520f96f641c50d8aed1c64a0f6a0ba9ed5395_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256:c9713eae9be9f99e9e7382ace5f520f96f641c50d8aed1c64a0f6a0ba9ed5395?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8\u0026tag=4.4.8-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1ad40dd05581bffe04db700b8b4fbfbe8112399f2bef70b69dd690458b6512ed_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1ad40dd05581bffe04db700b8b4fbfbe8112399f2bef70b69dd690458b6512ed_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1ad40dd05581bffe04db700b8b4fbfbe8112399f2bef70b69dd690458b6512ed_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256:1ad40dd05581bffe04db700b8b4fbfbe8112399f2bef70b69dd690458b6512ed?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8\u0026tag=4.4.8-2"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:6478816c1b2bdeb40c77c267fff033dca5523375c64623bf56d493c4417a3c3f_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:6478816c1b2bdeb40c77c267fff033dca5523375c64623bf56d493c4417a3c3f_s390x",
"product_id": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:6478816c1b2bdeb40c77c267fff033dca5523375c64623bf56d493c4417a3c3f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256:6478816c1b2bdeb40c77c267fff033dca5523375c64623bf56d493c4417a3c3f?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=4.4.8-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:cd132ae4b02647d5b0f0a910539c75efb3e0795590df00056542e969605ae296_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:cd132ae4b02647d5b0f0a910539c75efb3e0795590df00056542e969605ae296_s390x",
"product_id": "advanced-cluster-security/rhacs-collector-rhel8@sha256:cd132ae4b02647d5b0f0a910539c75efb3e0795590df00056542e969605ae296_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256:cd132ae4b02647d5b0f0a910539c75efb3e0795590df00056542e969605ae296?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=4.4.8-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:357fa537a29f82ca117b8ed4695456707bd9599c5057ed938a91114e94badf62_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:357fa537a29f82ca117b8ed4695456707bd9599c5057ed938a91114e94badf62_s390x",
"product_id": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:357fa537a29f82ca117b8ed4695456707bd9599c5057ed938a91114e94badf62_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-slim-rhel8@sha256:357fa537a29f82ca117b8ed4695456707bd9599c5057ed938a91114e94badf62?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-slim-rhel8\u0026tag=4.4.8-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:1aedb2f4b2aefa9586c8aecfff4647497f7a36fc6a547d6688645d87e90413f4_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:1aedb2f4b2aefa9586c8aecfff4647497f7a36fc6a547d6688645d87e90413f4_s390x",
"product_id": "advanced-cluster-security/rhacs-main-rhel8@sha256:1aedb2f4b2aefa9586c8aecfff4647497f7a36fc6a547d6688645d87e90413f4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256:1aedb2f4b2aefa9586c8aecfff4647497f7a36fc6a547d6688645d87e90413f4?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=4.4.8-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:8c199930239623166973ea9cdb40ce2e2537d63e8c731afca3892caa84d2f16a_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:8c199930239623166973ea9cdb40ce2e2537d63e8c731afca3892caa84d2f16a_s390x",
"product_id": "advanced-cluster-security/rhacs-operator-bundle@sha256:8c199930239623166973ea9cdb40ce2e2537d63e8c731afca3892caa84d2f16a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-operator-bundle@sha256:8c199930239623166973ea9cdb40ce2e2537d63e8c731afca3892caa84d2f16a?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle\u0026tag=4.4.8-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:38b340062dea9adc1159a326d39a214541e259e9e16582ef98efcd8e6deb3dd6_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:38b340062dea9adc1159a326d39a214541e259e9e16582ef98efcd8e6deb3dd6_s390x",
"product_id": "advanced-cluster-security/rhacs-rhel8-operator@sha256:38b340062dea9adc1159a326d39a214541e259e9e16582ef98efcd8e6deb3dd6_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256:38b340062dea9adc1159a326d39a214541e259e9e16582ef98efcd8e6deb3dd6?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=4.4.8-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1ab2b5e9423a2edd5f663cdbf4c15dd6a5c13db13125161f4b4a9916d3c523e2_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1ab2b5e9423a2edd5f663cdbf4c15dd6a5c13db13125161f4b4a9916d3c523e2_s390x",
"product_id": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1ab2b5e9423a2edd5f663cdbf4c15dd6a5c13db13125161f4b4a9916d3c523e2_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256:1ab2b5e9423a2edd5f663cdbf4c15dd6a5c13db13125161f4b4a9916d3c523e2?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=4.4.8-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:f252a2c2eaa0a4807e39df8e5fe89a8b66e8ef62a9303a144b765c4857b17e51_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:f252a2c2eaa0a4807e39df8e5fe89a8b66e8ef62a9303a144b765c4857b17e51_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:f252a2c2eaa0a4807e39df8e5fe89a8b66e8ef62a9303a144b765c4857b17e51_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256:f252a2c2eaa0a4807e39df8e5fe89a8b66e8ef62a9303a144b765c4857b17e51?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=4.4.8-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7c4fa13ab624b17711df308a9434e529b49b259fe9c6bde4b4e9037ae45996d6_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7c4fa13ab624b17711df308a9434e529b49b259fe9c6bde4b4e9037ae45996d6_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7c4fa13ab624b17711df308a9434e529b49b259fe9c6bde4b4e9037ae45996d6_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256:7c4fa13ab624b17711df308a9434e529b49b259fe9c6bde4b4e9037ae45996d6?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=4.4.8-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62df44281133dd4191848bfb861ba70eeb113b2bc0ce28c71b82524860421bed_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62df44281133dd4191848bfb861ba70eeb113b2bc0ce28c71b82524860421bed_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62df44281133dd4191848bfb861ba70eeb113b2bc0ce28c71b82524860421bed_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256:62df44281133dd4191848bfb861ba70eeb113b2bc0ce28c71b82524860421bed?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=4.4.8-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d001fb8afaf083ac3b02ab7571a709183931ef37baa75908556081480ee395dc_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d001fb8afaf083ac3b02ab7571a709183931ef37baa75908556081480ee395dc_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d001fb8afaf083ac3b02ab7571a709183931ef37baa75908556081480ee395dc_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256:d001fb8afaf083ac3b02ab7571a709183931ef37baa75908556081480ee395dc?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=4.4.8-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9ae99a357ee1f9e42942edc998b378960d1a4a6bd9630b802f86743965f36898_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9ae99a357ee1f9e42942edc998b378960d1a4a6bd9630b802f86743965f36898_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9ae99a357ee1f9e42942edc998b378960d1a4a6bd9630b802f86743965f36898_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256:9ae99a357ee1f9e42942edc998b378960d1a4a6bd9630b802f86743965f36898?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8\u0026tag=4.4.8-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f2cf132ddd130c3de1e3732f35fdade709c17e8a2775df5ab47cf7583db82fd6_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f2cf132ddd130c3de1e3732f35fdade709c17e8a2775df5ab47cf7583db82fd6_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f2cf132ddd130c3de1e3732f35fdade709c17e8a2775df5ab47cf7583db82fd6_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256:f2cf132ddd130c3de1e3732f35fdade709c17e8a2775df5ab47cf7583db82fd6?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8\u0026tag=4.4.8-2"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:394f4fd42c292ef68abf4a9104fe668026e394c3243ebf9b184d40a4b4b0132e_amd64 as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:394f4fd42c292ef68abf4a9104fe668026e394c3243ebf9b184d40a4b4b0132e_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:394f4fd42c292ef68abf4a9104fe668026e394c3243ebf9b184d40a4b4b0132e_amd64",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:6478816c1b2bdeb40c77c267fff033dca5523375c64623bf56d493c4417a3c3f_s390x as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:6478816c1b2bdeb40c77c267fff033dca5523375c64623bf56d493c4417a3c3f_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:6478816c1b2bdeb40c77c267fff033dca5523375c64623bf56d493c4417a3c3f_s390x",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:8b92405457c5240a4d672409a7519d28463f2f0e104f441e3d0d0839549c6215_ppc64le as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:8b92405457c5240a4d672409a7519d28463f2f0e104f441e3d0d0839549c6215_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:8b92405457c5240a4d672409a7519d28463f2f0e104f441e3d0d0839549c6215_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:39367ad4f4807b804eb6a95d241d99c528995f75d3264b58820cf50fa6abceef_amd64 as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:39367ad4f4807b804eb6a95d241d99c528995f75d3264b58820cf50fa6abceef_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-collector-rhel8@sha256:39367ad4f4807b804eb6a95d241d99c528995f75d3264b58820cf50fa6abceef_amd64",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:a5a1e18726ce755a8f2a36a58928714d61f4426643b7f08da086004982e993ef_ppc64le as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:a5a1e18726ce755a8f2a36a58928714d61f4426643b7f08da086004982e993ef_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-collector-rhel8@sha256:a5a1e18726ce755a8f2a36a58928714d61f4426643b7f08da086004982e993ef_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:cd132ae4b02647d5b0f0a910539c75efb3e0795590df00056542e969605ae296_s390x as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cd132ae4b02647d5b0f0a910539c75efb3e0795590df00056542e969605ae296_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-collector-rhel8@sha256:cd132ae4b02647d5b0f0a910539c75efb3e0795590df00056542e969605ae296_s390x",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:357fa537a29f82ca117b8ed4695456707bd9599c5057ed938a91114e94badf62_s390x as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:357fa537a29f82ca117b8ed4695456707bd9599c5057ed938a91114e94badf62_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:357fa537a29f82ca117b8ed4695456707bd9599c5057ed938a91114e94badf62_s390x",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:62ddbd8b9e0b27be7a0541c7fe085b621834facff7d83d4a2e57b56ef6c713a2_amd64 as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:62ddbd8b9e0b27be7a0541c7fe085b621834facff7d83d4a2e57b56ef6c713a2_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:62ddbd8b9e0b27be7a0541c7fe085b621834facff7d83d4a2e57b56ef6c713a2_amd64",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:94b445cbaef0111d98a0ee595988ef420423aa381b36e7127e76e385be12996a_ppc64le as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:94b445cbaef0111d98a0ee595988ef420423aa381b36e7127e76e385be12996a_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:94b445cbaef0111d98a0ee595988ef420423aa381b36e7127e76e385be12996a_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:0e867de15e3038db7274dc1d84cd8ca5b1860b661c8b16ecd8f7aeefa76077a8_amd64 as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:0e867de15e3038db7274dc1d84cd8ca5b1860b661c8b16ecd8f7aeefa76077a8_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-main-rhel8@sha256:0e867de15e3038db7274dc1d84cd8ca5b1860b661c8b16ecd8f7aeefa76077a8_amd64",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:1aedb2f4b2aefa9586c8aecfff4647497f7a36fc6a547d6688645d87e90413f4_s390x as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:1aedb2f4b2aefa9586c8aecfff4647497f7a36fc6a547d6688645d87e90413f4_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-main-rhel8@sha256:1aedb2f4b2aefa9586c8aecfff4647497f7a36fc6a547d6688645d87e90413f4_s390x",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:92f98ca560ce539495108e6212737ea6cf83215fe0a5aa7a12636ee9d5fca88f_ppc64le as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:92f98ca560ce539495108e6212737ea6cf83215fe0a5aa7a12636ee9d5fca88f_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-main-rhel8@sha256:92f98ca560ce539495108e6212737ea6cf83215fe0a5aa7a12636ee9d5fca88f_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:123c0108bd7a190dd2accfd21786600f787147f040e57fb5f840861e2caa441d_amd64 as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:123c0108bd7a190dd2accfd21786600f787147f040e57fb5f840861e2caa441d_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-operator-bundle@sha256:123c0108bd7a190dd2accfd21786600f787147f040e57fb5f840861e2caa441d_amd64",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:6f81e9b903594b0a8bd5517900f7677e09c942953d257c87da11fb779e0f9dab_ppc64le as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:6f81e9b903594b0a8bd5517900f7677e09c942953d257c87da11fb779e0f9dab_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-operator-bundle@sha256:6f81e9b903594b0a8bd5517900f7677e09c942953d257c87da11fb779e0f9dab_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:8c199930239623166973ea9cdb40ce2e2537d63e8c731afca3892caa84d2f16a_s390x as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:8c199930239623166973ea9cdb40ce2e2537d63e8c731afca3892caa84d2f16a_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-operator-bundle@sha256:8c199930239623166973ea9cdb40ce2e2537d63e8c731afca3892caa84d2f16a_s390x",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:2f74522967f06958e385468a31e14bb9ede90569dec8292d61e67c6640c1ebde_ppc64le as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:2f74522967f06958e385468a31e14bb9ede90569dec8292d61e67c6640c1ebde_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-rhel8-operator@sha256:2f74522967f06958e385468a31e14bb9ede90569dec8292d61e67c6640c1ebde_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:38b340062dea9adc1159a326d39a214541e259e9e16582ef98efcd8e6deb3dd6_s390x as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:38b340062dea9adc1159a326d39a214541e259e9e16582ef98efcd8e6deb3dd6_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-rhel8-operator@sha256:38b340062dea9adc1159a326d39a214541e259e9e16582ef98efcd8e6deb3dd6_s390x",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:609205741b369f72807fcec1fd3351d56e4605fdbbee37975fad8c01a5ea0339_amd64 as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:609205741b369f72807fcec1fd3351d56e4605fdbbee37975fad8c01a5ea0339_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-rhel8-operator@sha256:609205741b369f72807fcec1fd3351d56e4605fdbbee37975fad8c01a5ea0339_amd64",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1ab2b5e9423a2edd5f663cdbf4c15dd6a5c13db13125161f4b4a9916d3c523e2_s390x as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1ab2b5e9423a2edd5f663cdbf4c15dd6a5c13db13125161f4b4a9916d3c523e2_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1ab2b5e9423a2edd5f663cdbf4c15dd6a5c13db13125161f4b4a9916d3c523e2_s390x",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1e37a386006e4a7b4414dcdbe6a42191b8f41e706e1df6dfe401cbdbe342f06a_ppc64le as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1e37a386006e4a7b4414dcdbe6a42191b8f41e706e1df6dfe401cbdbe342f06a_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1e37a386006e4a7b4414dcdbe6a42191b8f41e706e1df6dfe401cbdbe342f06a_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b0f32d062678d69350a3a1a18b643c8b97ebfdbd0bea1c0ee67312312d02fcba_amd64 as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b0f32d062678d69350a3a1a18b643c8b97ebfdbd0bea1c0ee67312312d02fcba_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b0f32d062678d69350a3a1a18b643c8b97ebfdbd0bea1c0ee67312312d02fcba_amd64",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:439fc3b91a4841c81355ecbb5c610c66139525df82bdb96a4ece4ffd20aca0a5_ppc64le as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:439fc3b91a4841c81355ecbb5c610c66139525df82bdb96a4ece4ffd20aca0a5_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:439fc3b91a4841c81355ecbb5c610c66139525df82bdb96a4ece4ffd20aca0a5_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7108fcc2c26b8e735231d9bad43febbc2ccc15723b15d3bf9ba643f950f75857_amd64 as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7108fcc2c26b8e735231d9bad43febbc2ccc15723b15d3bf9ba643f950f75857_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7108fcc2c26b8e735231d9bad43febbc2ccc15723b15d3bf9ba643f950f75857_amd64",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7c4fa13ab624b17711df308a9434e529b49b259fe9c6bde4b4e9037ae45996d6_s390x as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7c4fa13ab624b17711df308a9434e529b49b259fe9c6bde4b4e9037ae45996d6_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7c4fa13ab624b17711df308a9434e529b49b259fe9c6bde4b4e9037ae45996d6_s390x",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62df44281133dd4191848bfb861ba70eeb113b2bc0ce28c71b82524860421bed_s390x as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62df44281133dd4191848bfb861ba70eeb113b2bc0ce28c71b82524860421bed_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62df44281133dd4191848bfb861ba70eeb113b2bc0ce28c71b82524860421bed_s390x",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:844cef84fb29ee2996c284c6d517a645d4b14862c17021bd1b0052515cd364df_amd64 as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:844cef84fb29ee2996c284c6d517a645d4b14862c17021bd1b0052515cd364df_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:844cef84fb29ee2996c284c6d517a645d4b14862c17021bd1b0052515cd364df_amd64",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:fc974b15c869a26e0ae259a39ce0ed1f1954630557c31465561eeee67bfc2797_ppc64le as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:fc974b15c869a26e0ae259a39ce0ed1f1954630557c31465561eeee67bfc2797_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:fc974b15c869a26e0ae259a39ce0ed1f1954630557c31465561eeee67bfc2797_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:08c488f99ef1c837418842db1c8e52391a55f5f61a1de98edbbe3a201070168a_ppc64le as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:08c488f99ef1c837418842db1c8e52391a55f5f61a1de98edbbe3a201070168a_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:08c488f99ef1c837418842db1c8e52391a55f5f61a1de98edbbe3a201070168a_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:20a368484142ce585e3a49a402bab10b2045ba2d89711154ae80457c01881a4c_amd64 as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:20a368484142ce585e3a49a402bab10b2045ba2d89711154ae80457c01881a4c_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:20a368484142ce585e3a49a402bab10b2045ba2d89711154ae80457c01881a4c_amd64",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:f252a2c2eaa0a4807e39df8e5fe89a8b66e8ef62a9303a144b765c4857b17e51_s390x as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f252a2c2eaa0a4807e39df8e5fe89a8b66e8ef62a9303a144b765c4857b17e51_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:f252a2c2eaa0a4807e39df8e5fe89a8b66e8ef62a9303a144b765c4857b17e51_s390x",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:17a5ed5cea7a0b355ea13e6a95218143c351e34cee1ba0188a14c28f9605e504_ppc64le as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:17a5ed5cea7a0b355ea13e6a95218143c351e34cee1ba0188a14c28f9605e504_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:17a5ed5cea7a0b355ea13e6a95218143c351e34cee1ba0188a14c28f9605e504_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1d00cc8be3101e0a0a901249545566689d1de5554f5101b8fcbb6fa1827d508b_amd64 as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1d00cc8be3101e0a0a901249545566689d1de5554f5101b8fcbb6fa1827d508b_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1d00cc8be3101e0a0a901249545566689d1de5554f5101b8fcbb6fa1827d508b_amd64",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d001fb8afaf083ac3b02ab7571a709183931ef37baa75908556081480ee395dc_s390x as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d001fb8afaf083ac3b02ab7571a709183931ef37baa75908556081480ee395dc_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d001fb8afaf083ac3b02ab7571a709183931ef37baa75908556081480ee395dc_s390x",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1ad40dd05581bffe04db700b8b4fbfbe8112399f2bef70b69dd690458b6512ed_ppc64le as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1ad40dd05581bffe04db700b8b4fbfbe8112399f2bef70b69dd690458b6512ed_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1ad40dd05581bffe04db700b8b4fbfbe8112399f2bef70b69dd690458b6512ed_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:224bfa6af3a2a9b15657ee0adc0233608bb7a2218f9a488b537e3af4c53acacf_amd64 as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:224bfa6af3a2a9b15657ee0adc0233608bb7a2218f9a488b537e3af4c53acacf_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:224bfa6af3a2a9b15657ee0adc0233608bb7a2218f9a488b537e3af4c53acacf_amd64",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f2cf132ddd130c3de1e3732f35fdade709c17e8a2775df5ab47cf7583db82fd6_s390x as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f2cf132ddd130c3de1e3732f35fdade709c17e8a2775df5ab47cf7583db82fd6_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f2cf132ddd130c3de1e3732f35fdade709c17e8a2775df5ab47cf7583db82fd6_s390x",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9ae99a357ee1f9e42942edc998b378960d1a4a6bd9630b802f86743965f36898_s390x as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9ae99a357ee1f9e42942edc998b378960d1a4a6bd9630b802f86743965f36898_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9ae99a357ee1f9e42942edc998b378960d1a4a6bd9630b802f86743965f36898_s390x",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bcc9fd4d95422283c8d6016e1f85cd4522f43c0504cadf6aec40b9c30f2d945d_amd64 as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bcc9fd4d95422283c8d6016e1f85cd4522f43c0504cadf6aec40b9c30f2d945d_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bcc9fd4d95422283c8d6016e1f85cd4522f43c0504cadf6aec40b9c30f2d945d_amd64",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c9713eae9be9f99e9e7382ace5f520f96f641c50d8aed1c64a0f6a0ba9ed5395_ppc64le as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c9713eae9be9f99e9e7382ace5f520f96f641c50d8aed1c64a0f6a0ba9ed5395_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c9713eae9be9f99e9e7382ace5f520f96f641c50d8aed1c64a0f6a0ba9ed5395_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-11831",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-09-16T16:43:32.021000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:394f4fd42c292ef68abf4a9104fe668026e394c3243ebf9b184d40a4b4b0132e_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:6478816c1b2bdeb40c77c267fff033dca5523375c64623bf56d493c4417a3c3f_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:8b92405457c5240a4d672409a7519d28463f2f0e104f441e3d0d0839549c6215_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:39367ad4f4807b804eb6a95d241d99c528995f75d3264b58820cf50fa6abceef_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:a5a1e18726ce755a8f2a36a58928714d61f4426643b7f08da086004982e993ef_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cd132ae4b02647d5b0f0a910539c75efb3e0795590df00056542e969605ae296_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:357fa537a29f82ca117b8ed4695456707bd9599c5057ed938a91114e94badf62_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:62ddbd8b9e0b27be7a0541c7fe085b621834facff7d83d4a2e57b56ef6c713a2_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:94b445cbaef0111d98a0ee595988ef420423aa381b36e7127e76e385be12996a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:123c0108bd7a190dd2accfd21786600f787147f040e57fb5f840861e2caa441d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:6f81e9b903594b0a8bd5517900f7677e09c942953d257c87da11fb779e0f9dab_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:8c199930239623166973ea9cdb40ce2e2537d63e8c731afca3892caa84d2f16a_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:2f74522967f06958e385468a31e14bb9ede90569dec8292d61e67c6640c1ebde_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:38b340062dea9adc1159a326d39a214541e259e9e16582ef98efcd8e6deb3dd6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:609205741b369f72807fcec1fd3351d56e4605fdbbee37975fad8c01a5ea0339_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1ab2b5e9423a2edd5f663cdbf4c15dd6a5c13db13125161f4b4a9916d3c523e2_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1e37a386006e4a7b4414dcdbe6a42191b8f41e706e1df6dfe401cbdbe342f06a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b0f32d062678d69350a3a1a18b643c8b97ebfdbd0bea1c0ee67312312d02fcba_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:439fc3b91a4841c81355ecbb5c610c66139525df82bdb96a4ece4ffd20aca0a5_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7108fcc2c26b8e735231d9bad43febbc2ccc15723b15d3bf9ba643f950f75857_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7c4fa13ab624b17711df308a9434e529b49b259fe9c6bde4b4e9037ae45996d6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62df44281133dd4191848bfb861ba70eeb113b2bc0ce28c71b82524860421bed_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:844cef84fb29ee2996c284c6d517a645d4b14862c17021bd1b0052515cd364df_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:fc974b15c869a26e0ae259a39ce0ed1f1954630557c31465561eeee67bfc2797_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:08c488f99ef1c837418842db1c8e52391a55f5f61a1de98edbbe3a201070168a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:20a368484142ce585e3a49a402bab10b2045ba2d89711154ae80457c01881a4c_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f252a2c2eaa0a4807e39df8e5fe89a8b66e8ef62a9303a144b765c4857b17e51_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:17a5ed5cea7a0b355ea13e6a95218143c351e34cee1ba0188a14c28f9605e504_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1d00cc8be3101e0a0a901249545566689d1de5554f5101b8fcbb6fa1827d508b_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d001fb8afaf083ac3b02ab7571a709183931ef37baa75908556081480ee395dc_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1ad40dd05581bffe04db700b8b4fbfbe8112399f2bef70b69dd690458b6512ed_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:224bfa6af3a2a9b15657ee0adc0233608bb7a2218f9a488b537e3af4c53acacf_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f2cf132ddd130c3de1e3732f35fdade709c17e8a2775df5ab47cf7583db82fd6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9ae99a357ee1f9e42942edc998b378960d1a4a6bd9630b802f86743965f36898_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bcc9fd4d95422283c8d6016e1f85cd4522f43c0504cadf6aec40b9c30f2d945d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c9713eae9be9f99e9e7382ace5f520f96f641c50d8aed1c64a0f6a0ba9ed5395_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2312579"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in npm-serialize-javascript. The vulnerability occurs because the serialize-javascript module does not properly sanitize certain inputs, such as regex or other JavaScript object types, allowing an attacker to inject malicious code. This code could be executed when deserialized by a web browser, causing Cross-site scripting (XSS) attacks. This issue is critical in environments where serialized data is sent to web clients, potentially compromising the security of the website or web application using this package.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "npm-serialize-javascript: Cross-site Scripting (XSS) in serialize-javascript",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:0e867de15e3038db7274dc1d84cd8ca5b1860b661c8b16ecd8f7aeefa76077a8_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:1aedb2f4b2aefa9586c8aecfff4647497f7a36fc6a547d6688645d87e90413f4_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:92f98ca560ce539495108e6212737ea6cf83215fe0a5aa7a12636ee9d5fca88f_ppc64le"
],
"known_not_affected": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:394f4fd42c292ef68abf4a9104fe668026e394c3243ebf9b184d40a4b4b0132e_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:6478816c1b2bdeb40c77c267fff033dca5523375c64623bf56d493c4417a3c3f_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:8b92405457c5240a4d672409a7519d28463f2f0e104f441e3d0d0839549c6215_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:39367ad4f4807b804eb6a95d241d99c528995f75d3264b58820cf50fa6abceef_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:a5a1e18726ce755a8f2a36a58928714d61f4426643b7f08da086004982e993ef_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cd132ae4b02647d5b0f0a910539c75efb3e0795590df00056542e969605ae296_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:357fa537a29f82ca117b8ed4695456707bd9599c5057ed938a91114e94badf62_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:62ddbd8b9e0b27be7a0541c7fe085b621834facff7d83d4a2e57b56ef6c713a2_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:94b445cbaef0111d98a0ee595988ef420423aa381b36e7127e76e385be12996a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:123c0108bd7a190dd2accfd21786600f787147f040e57fb5f840861e2caa441d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:6f81e9b903594b0a8bd5517900f7677e09c942953d257c87da11fb779e0f9dab_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:8c199930239623166973ea9cdb40ce2e2537d63e8c731afca3892caa84d2f16a_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:2f74522967f06958e385468a31e14bb9ede90569dec8292d61e67c6640c1ebde_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:38b340062dea9adc1159a326d39a214541e259e9e16582ef98efcd8e6deb3dd6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:609205741b369f72807fcec1fd3351d56e4605fdbbee37975fad8c01a5ea0339_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1ab2b5e9423a2edd5f663cdbf4c15dd6a5c13db13125161f4b4a9916d3c523e2_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1e37a386006e4a7b4414dcdbe6a42191b8f41e706e1df6dfe401cbdbe342f06a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b0f32d062678d69350a3a1a18b643c8b97ebfdbd0bea1c0ee67312312d02fcba_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:439fc3b91a4841c81355ecbb5c610c66139525df82bdb96a4ece4ffd20aca0a5_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7108fcc2c26b8e735231d9bad43febbc2ccc15723b15d3bf9ba643f950f75857_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7c4fa13ab624b17711df308a9434e529b49b259fe9c6bde4b4e9037ae45996d6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62df44281133dd4191848bfb861ba70eeb113b2bc0ce28c71b82524860421bed_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:844cef84fb29ee2996c284c6d517a645d4b14862c17021bd1b0052515cd364df_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:fc974b15c869a26e0ae259a39ce0ed1f1954630557c31465561eeee67bfc2797_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:08c488f99ef1c837418842db1c8e52391a55f5f61a1de98edbbe3a201070168a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:20a368484142ce585e3a49a402bab10b2045ba2d89711154ae80457c01881a4c_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f252a2c2eaa0a4807e39df8e5fe89a8b66e8ef62a9303a144b765c4857b17e51_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:17a5ed5cea7a0b355ea13e6a95218143c351e34cee1ba0188a14c28f9605e504_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1d00cc8be3101e0a0a901249545566689d1de5554f5101b8fcbb6fa1827d508b_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d001fb8afaf083ac3b02ab7571a709183931ef37baa75908556081480ee395dc_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1ad40dd05581bffe04db700b8b4fbfbe8112399f2bef70b69dd690458b6512ed_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:224bfa6af3a2a9b15657ee0adc0233608bb7a2218f9a488b537e3af4c53acacf_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f2cf132ddd130c3de1e3732f35fdade709c17e8a2775df5ab47cf7583db82fd6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9ae99a357ee1f9e42942edc998b378960d1a4a6bd9630b802f86743965f36898_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bcc9fd4d95422283c8d6016e1f85cd4522f43c0504cadf6aec40b9c30f2d945d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c9713eae9be9f99e9e7382ace5f520f96f641c50d8aed1c64a0f6a0ba9ed5395_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-11831"
},
{
"category": "external",
"summary": "RHBZ#2312579",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312579"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-11831",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11831"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-11831",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-11831"
},
{
"category": "external",
"summary": "https://github.com/yahoo/serialize-javascript/commit/f27d65d3de42affe2aac14607066c293891cec4e",
"url": "https://github.com/yahoo/serialize-javascript/commit/f27d65d3de42affe2aac14607066c293891cec4e"
},
{
"category": "external",
"summary": "https://github.com/yahoo/serialize-javascript/pull/173",
"url": "https://github.com/yahoo/serialize-javascript/pull/173"
}
],
"release_date": "2024-09-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-02-13T18:14:31+00:00",
"details": "If you are using an earlier version of RHACS 4.4, you are advised to upgrade to this patch release 4.4.8.",
"product_ids": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:0e867de15e3038db7274dc1d84cd8ca5b1860b661c8b16ecd8f7aeefa76077a8_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:1aedb2f4b2aefa9586c8aecfff4647497f7a36fc6a547d6688645d87e90413f4_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:92f98ca560ce539495108e6212737ea6cf83215fe0a5aa7a12636ee9d5fca88f_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:1468"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:394f4fd42c292ef68abf4a9104fe668026e394c3243ebf9b184d40a4b4b0132e_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:6478816c1b2bdeb40c77c267fff033dca5523375c64623bf56d493c4417a3c3f_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:8b92405457c5240a4d672409a7519d28463f2f0e104f441e3d0d0839549c6215_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:39367ad4f4807b804eb6a95d241d99c528995f75d3264b58820cf50fa6abceef_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:a5a1e18726ce755a8f2a36a58928714d61f4426643b7f08da086004982e993ef_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cd132ae4b02647d5b0f0a910539c75efb3e0795590df00056542e969605ae296_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:357fa537a29f82ca117b8ed4695456707bd9599c5057ed938a91114e94badf62_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:62ddbd8b9e0b27be7a0541c7fe085b621834facff7d83d4a2e57b56ef6c713a2_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:94b445cbaef0111d98a0ee595988ef420423aa381b36e7127e76e385be12996a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:0e867de15e3038db7274dc1d84cd8ca5b1860b661c8b16ecd8f7aeefa76077a8_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:1aedb2f4b2aefa9586c8aecfff4647497f7a36fc6a547d6688645d87e90413f4_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:92f98ca560ce539495108e6212737ea6cf83215fe0a5aa7a12636ee9d5fca88f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:123c0108bd7a190dd2accfd21786600f787147f040e57fb5f840861e2caa441d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:6f81e9b903594b0a8bd5517900f7677e09c942953d257c87da11fb779e0f9dab_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:8c199930239623166973ea9cdb40ce2e2537d63e8c731afca3892caa84d2f16a_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:2f74522967f06958e385468a31e14bb9ede90569dec8292d61e67c6640c1ebde_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:38b340062dea9adc1159a326d39a214541e259e9e16582ef98efcd8e6deb3dd6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:609205741b369f72807fcec1fd3351d56e4605fdbbee37975fad8c01a5ea0339_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1ab2b5e9423a2edd5f663cdbf4c15dd6a5c13db13125161f4b4a9916d3c523e2_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1e37a386006e4a7b4414dcdbe6a42191b8f41e706e1df6dfe401cbdbe342f06a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b0f32d062678d69350a3a1a18b643c8b97ebfdbd0bea1c0ee67312312d02fcba_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:439fc3b91a4841c81355ecbb5c610c66139525df82bdb96a4ece4ffd20aca0a5_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7108fcc2c26b8e735231d9bad43febbc2ccc15723b15d3bf9ba643f950f75857_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7c4fa13ab624b17711df308a9434e529b49b259fe9c6bde4b4e9037ae45996d6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62df44281133dd4191848bfb861ba70eeb113b2bc0ce28c71b82524860421bed_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:844cef84fb29ee2996c284c6d517a645d4b14862c17021bd1b0052515cd364df_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:fc974b15c869a26e0ae259a39ce0ed1f1954630557c31465561eeee67bfc2797_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:08c488f99ef1c837418842db1c8e52391a55f5f61a1de98edbbe3a201070168a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:20a368484142ce585e3a49a402bab10b2045ba2d89711154ae80457c01881a4c_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f252a2c2eaa0a4807e39df8e5fe89a8b66e8ef62a9303a144b765c4857b17e51_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:17a5ed5cea7a0b355ea13e6a95218143c351e34cee1ba0188a14c28f9605e504_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1d00cc8be3101e0a0a901249545566689d1de5554f5101b8fcbb6fa1827d508b_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d001fb8afaf083ac3b02ab7571a709183931ef37baa75908556081480ee395dc_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1ad40dd05581bffe04db700b8b4fbfbe8112399f2bef70b69dd690458b6512ed_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:224bfa6af3a2a9b15657ee0adc0233608bb7a2218f9a488b537e3af4c53acacf_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f2cf132ddd130c3de1e3732f35fdade709c17e8a2775df5ab47cf7583db82fd6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9ae99a357ee1f9e42942edc998b378960d1a4a6bd9630b802f86743965f36898_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bcc9fd4d95422283c8d6016e1f85cd4522f43c0504cadf6aec40b9c30f2d945d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c9713eae9be9f99e9e7382ace5f520f96f641c50d8aed1c64a0f6a0ba9ed5395_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:394f4fd42c292ef68abf4a9104fe668026e394c3243ebf9b184d40a4b4b0132e_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:6478816c1b2bdeb40c77c267fff033dca5523375c64623bf56d493c4417a3c3f_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:8b92405457c5240a4d672409a7519d28463f2f0e104f441e3d0d0839549c6215_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:39367ad4f4807b804eb6a95d241d99c528995f75d3264b58820cf50fa6abceef_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:a5a1e18726ce755a8f2a36a58928714d61f4426643b7f08da086004982e993ef_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cd132ae4b02647d5b0f0a910539c75efb3e0795590df00056542e969605ae296_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:357fa537a29f82ca117b8ed4695456707bd9599c5057ed938a91114e94badf62_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:62ddbd8b9e0b27be7a0541c7fe085b621834facff7d83d4a2e57b56ef6c713a2_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:94b445cbaef0111d98a0ee595988ef420423aa381b36e7127e76e385be12996a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:0e867de15e3038db7274dc1d84cd8ca5b1860b661c8b16ecd8f7aeefa76077a8_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:1aedb2f4b2aefa9586c8aecfff4647497f7a36fc6a547d6688645d87e90413f4_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:92f98ca560ce539495108e6212737ea6cf83215fe0a5aa7a12636ee9d5fca88f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:123c0108bd7a190dd2accfd21786600f787147f040e57fb5f840861e2caa441d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:6f81e9b903594b0a8bd5517900f7677e09c942953d257c87da11fb779e0f9dab_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:8c199930239623166973ea9cdb40ce2e2537d63e8c731afca3892caa84d2f16a_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:2f74522967f06958e385468a31e14bb9ede90569dec8292d61e67c6640c1ebde_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:38b340062dea9adc1159a326d39a214541e259e9e16582ef98efcd8e6deb3dd6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:609205741b369f72807fcec1fd3351d56e4605fdbbee37975fad8c01a5ea0339_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1ab2b5e9423a2edd5f663cdbf4c15dd6a5c13db13125161f4b4a9916d3c523e2_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1e37a386006e4a7b4414dcdbe6a42191b8f41e706e1df6dfe401cbdbe342f06a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b0f32d062678d69350a3a1a18b643c8b97ebfdbd0bea1c0ee67312312d02fcba_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:439fc3b91a4841c81355ecbb5c610c66139525df82bdb96a4ece4ffd20aca0a5_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7108fcc2c26b8e735231d9bad43febbc2ccc15723b15d3bf9ba643f950f75857_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7c4fa13ab624b17711df308a9434e529b49b259fe9c6bde4b4e9037ae45996d6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62df44281133dd4191848bfb861ba70eeb113b2bc0ce28c71b82524860421bed_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:844cef84fb29ee2996c284c6d517a645d4b14862c17021bd1b0052515cd364df_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:fc974b15c869a26e0ae259a39ce0ed1f1954630557c31465561eeee67bfc2797_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:08c488f99ef1c837418842db1c8e52391a55f5f61a1de98edbbe3a201070168a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:20a368484142ce585e3a49a402bab10b2045ba2d89711154ae80457c01881a4c_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f252a2c2eaa0a4807e39df8e5fe89a8b66e8ef62a9303a144b765c4857b17e51_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:17a5ed5cea7a0b355ea13e6a95218143c351e34cee1ba0188a14c28f9605e504_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1d00cc8be3101e0a0a901249545566689d1de5554f5101b8fcbb6fa1827d508b_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d001fb8afaf083ac3b02ab7571a709183931ef37baa75908556081480ee395dc_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1ad40dd05581bffe04db700b8b4fbfbe8112399f2bef70b69dd690458b6512ed_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:224bfa6af3a2a9b15657ee0adc0233608bb7a2218f9a488b537e3af4c53acacf_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f2cf132ddd130c3de1e3732f35fdade709c17e8a2775df5ab47cf7583db82fd6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9ae99a357ee1f9e42942edc998b378960d1a4a6bd9630b802f86743965f36898_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bcc9fd4d95422283c8d6016e1f85cd4522f43c0504cadf6aec40b9c30f2d945d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c9713eae9be9f99e9e7382ace5f520f96f641c50d8aed1c64a0f6a0ba9ed5395_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "npm-serialize-javascript: Cross-site Scripting (XSS) in serialize-javascript"
},
{
"cve": "CVE-2024-45337",
"cwe": {
"id": "CWE-285",
"name": "Improper Authorization"
},
"discovery_date": "2024-12-11T19:00:54.247490+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:39367ad4f4807b804eb6a95d241d99c528995f75d3264b58820cf50fa6abceef_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:a5a1e18726ce755a8f2a36a58928714d61f4426643b7f08da086004982e993ef_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cd132ae4b02647d5b0f0a910539c75efb3e0795590df00056542e969605ae296_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:357fa537a29f82ca117b8ed4695456707bd9599c5057ed938a91114e94badf62_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:62ddbd8b9e0b27be7a0541c7fe085b621834facff7d83d4a2e57b56ef6c713a2_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:94b445cbaef0111d98a0ee595988ef420423aa381b36e7127e76e385be12996a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:123c0108bd7a190dd2accfd21786600f787147f040e57fb5f840861e2caa441d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:6f81e9b903594b0a8bd5517900f7677e09c942953d257c87da11fb779e0f9dab_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:8c199930239623166973ea9cdb40ce2e2537d63e8c731afca3892caa84d2f16a_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:439fc3b91a4841c81355ecbb5c610c66139525df82bdb96a4ece4ffd20aca0a5_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7108fcc2c26b8e735231d9bad43febbc2ccc15723b15d3bf9ba643f950f75857_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7c4fa13ab624b17711df308a9434e529b49b259fe9c6bde4b4e9037ae45996d6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62df44281133dd4191848bfb861ba70eeb113b2bc0ce28c71b82524860421bed_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:844cef84fb29ee2996c284c6d517a645d4b14862c17021bd1b0052515cd364df_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:fc974b15c869a26e0ae259a39ce0ed1f1954630557c31465561eeee67bfc2797_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:08c488f99ef1c837418842db1c8e52391a55f5f61a1de98edbbe3a201070168a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:20a368484142ce585e3a49a402bab10b2045ba2d89711154ae80457c01881a4c_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f252a2c2eaa0a4807e39df8e5fe89a8b66e8ef62a9303a144b765c4857b17e51_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:17a5ed5cea7a0b355ea13e6a95218143c351e34cee1ba0188a14c28f9605e504_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1d00cc8be3101e0a0a901249545566689d1de5554f5101b8fcbb6fa1827d508b_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d001fb8afaf083ac3b02ab7571a709183931ef37baa75908556081480ee395dc_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1ad40dd05581bffe04db700b8b4fbfbe8112399f2bef70b69dd690458b6512ed_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:224bfa6af3a2a9b15657ee0adc0233608bb7a2218f9a488b537e3af4c53acacf_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f2cf132ddd130c3de1e3732f35fdade709c17e8a2775df5ab47cf7583db82fd6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9ae99a357ee1f9e42942edc998b378960d1a4a6bd9630b802f86743965f36898_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bcc9fd4d95422283c8d6016e1f85cd4522f43c0504cadf6aec40b9c30f2d945d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c9713eae9be9f99e9e7382ace5f520f96f641c50d8aed1c64a0f6a0ba9ed5395_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2331720"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the x/crypto/ssh go library. Applications and libraries that misuse the ServerConfig.PublicKeyCallback callback may be susceptible to an authorization bypass. For example, an attacker may send public keys A and B and authenticate with A. PublicKeyCallback would be called only twice, first with A and then with B. A vulnerable application may then make authorization decisions based on key B, for which the attacker does not control the private key. The misuse of ServerConfig.PublicKeyCallback may cause an authorization bypass.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is classified as important rather than critical because it does not directly enable unauthorized access but rather introduces a risk of authorization bypass if the application or library misuses the PublicKeyCallback API. The vulnerability relies on incorrect assumptions made by the application when handling the sequence or state of keys provided during SSH authentication. Properly implemented systems that use the Permissions field or avoid relying on external state remain unaffected. Additionally, the vulnerability does not allow direct exploitation to gain control over a system without the presence of insecure logic in the application\u0027s handling of authentication attempts.\n\n\nRed Hat Enterprise Linux(RHEL) 8 \u0026 9 and Red Hat Openshift marked as not affected as it was determined that the problem function `ServerConfig.PublicKeyCallback`, as noted in the CVE-2024-45337 issue, is not called by Podman, Buildah, containers-common, or the gvisor-tap-vsock projects.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:394f4fd42c292ef68abf4a9104fe668026e394c3243ebf9b184d40a4b4b0132e_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:6478816c1b2bdeb40c77c267fff033dca5523375c64623bf56d493c4417a3c3f_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:8b92405457c5240a4d672409a7519d28463f2f0e104f441e3d0d0839549c6215_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:0e867de15e3038db7274dc1d84cd8ca5b1860b661c8b16ecd8f7aeefa76077a8_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:1aedb2f4b2aefa9586c8aecfff4647497f7a36fc6a547d6688645d87e90413f4_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:92f98ca560ce539495108e6212737ea6cf83215fe0a5aa7a12636ee9d5fca88f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:2f74522967f06958e385468a31e14bb9ede90569dec8292d61e67c6640c1ebde_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:38b340062dea9adc1159a326d39a214541e259e9e16582ef98efcd8e6deb3dd6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:609205741b369f72807fcec1fd3351d56e4605fdbbee37975fad8c01a5ea0339_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1ab2b5e9423a2edd5f663cdbf4c15dd6a5c13db13125161f4b4a9916d3c523e2_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1e37a386006e4a7b4414dcdbe6a42191b8f41e706e1df6dfe401cbdbe342f06a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b0f32d062678d69350a3a1a18b643c8b97ebfdbd0bea1c0ee67312312d02fcba_amd64"
],
"known_not_affected": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:39367ad4f4807b804eb6a95d241d99c528995f75d3264b58820cf50fa6abceef_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:a5a1e18726ce755a8f2a36a58928714d61f4426643b7f08da086004982e993ef_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cd132ae4b02647d5b0f0a910539c75efb3e0795590df00056542e969605ae296_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:357fa537a29f82ca117b8ed4695456707bd9599c5057ed938a91114e94badf62_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:62ddbd8b9e0b27be7a0541c7fe085b621834facff7d83d4a2e57b56ef6c713a2_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:94b445cbaef0111d98a0ee595988ef420423aa381b36e7127e76e385be12996a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:123c0108bd7a190dd2accfd21786600f787147f040e57fb5f840861e2caa441d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:6f81e9b903594b0a8bd5517900f7677e09c942953d257c87da11fb779e0f9dab_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:8c199930239623166973ea9cdb40ce2e2537d63e8c731afca3892caa84d2f16a_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:439fc3b91a4841c81355ecbb5c610c66139525df82bdb96a4ece4ffd20aca0a5_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7108fcc2c26b8e735231d9bad43febbc2ccc15723b15d3bf9ba643f950f75857_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7c4fa13ab624b17711df308a9434e529b49b259fe9c6bde4b4e9037ae45996d6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62df44281133dd4191848bfb861ba70eeb113b2bc0ce28c71b82524860421bed_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:844cef84fb29ee2996c284c6d517a645d4b14862c17021bd1b0052515cd364df_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:fc974b15c869a26e0ae259a39ce0ed1f1954630557c31465561eeee67bfc2797_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:08c488f99ef1c837418842db1c8e52391a55f5f61a1de98edbbe3a201070168a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:20a368484142ce585e3a49a402bab10b2045ba2d89711154ae80457c01881a4c_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f252a2c2eaa0a4807e39df8e5fe89a8b66e8ef62a9303a144b765c4857b17e51_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:17a5ed5cea7a0b355ea13e6a95218143c351e34cee1ba0188a14c28f9605e504_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1d00cc8be3101e0a0a901249545566689d1de5554f5101b8fcbb6fa1827d508b_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d001fb8afaf083ac3b02ab7571a709183931ef37baa75908556081480ee395dc_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1ad40dd05581bffe04db700b8b4fbfbe8112399f2bef70b69dd690458b6512ed_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:224bfa6af3a2a9b15657ee0adc0233608bb7a2218f9a488b537e3af4c53acacf_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f2cf132ddd130c3de1e3732f35fdade709c17e8a2775df5ab47cf7583db82fd6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9ae99a357ee1f9e42942edc998b378960d1a4a6bd9630b802f86743965f36898_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bcc9fd4d95422283c8d6016e1f85cd4522f43c0504cadf6aec40b9c30f2d945d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c9713eae9be9f99e9e7382ace5f520f96f641c50d8aed1c64a0f6a0ba9ed5395_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45337"
},
{
"category": "external",
"summary": "RHBZ#2331720",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331720"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45337"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45337",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45337"
},
{
"category": "external",
"summary": "https://github.com/golang/crypto/commit/b4f1988a35dee11ec3e05d6bf3e90b695fbd8909",
"url": "https://github.com/golang/crypto/commit/b4f1988a35dee11ec3e05d6bf3e90b695fbd8909"
},
{
"category": "external",
"summary": "https://go.dev/cl/635315",
"url": "https://go.dev/cl/635315"
},
{
"category": "external",
"summary": "https://go.dev/issue/70779",
"url": "https://go.dev/issue/70779"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/-nPEi39gI4Q/m/cGVPJCqdAQAJ",
"url": "https://groups.google.com/g/golang-announce/c/-nPEi39gI4Q/m/cGVPJCqdAQAJ"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3321",
"url": "https://pkg.go.dev/vuln/GO-2024-3321"
}
],
"release_date": "2024-12-11T18:55:58.506000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-02-13T18:14:31+00:00",
"details": "If you are using an earlier version of RHACS 4.4, you are advised to upgrade to this patch release 4.4.8.",
"product_ids": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:394f4fd42c292ef68abf4a9104fe668026e394c3243ebf9b184d40a4b4b0132e_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:6478816c1b2bdeb40c77c267fff033dca5523375c64623bf56d493c4417a3c3f_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:8b92405457c5240a4d672409a7519d28463f2f0e104f441e3d0d0839549c6215_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:0e867de15e3038db7274dc1d84cd8ca5b1860b661c8b16ecd8f7aeefa76077a8_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:1aedb2f4b2aefa9586c8aecfff4647497f7a36fc6a547d6688645d87e90413f4_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:92f98ca560ce539495108e6212737ea6cf83215fe0a5aa7a12636ee9d5fca88f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:2f74522967f06958e385468a31e14bb9ede90569dec8292d61e67c6640c1ebde_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:38b340062dea9adc1159a326d39a214541e259e9e16582ef98efcd8e6deb3dd6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:609205741b369f72807fcec1fd3351d56e4605fdbbee37975fad8c01a5ea0339_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1ab2b5e9423a2edd5f663cdbf4c15dd6a5c13db13125161f4b4a9916d3c523e2_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1e37a386006e4a7b4414dcdbe6a42191b8f41e706e1df6dfe401cbdbe342f06a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b0f32d062678d69350a3a1a18b643c8b97ebfdbd0bea1c0ee67312312d02fcba_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:1468"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:394f4fd42c292ef68abf4a9104fe668026e394c3243ebf9b184d40a4b4b0132e_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:6478816c1b2bdeb40c77c267fff033dca5523375c64623bf56d493c4417a3c3f_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:8b92405457c5240a4d672409a7519d28463f2f0e104f441e3d0d0839549c6215_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:39367ad4f4807b804eb6a95d241d99c528995f75d3264b58820cf50fa6abceef_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:a5a1e18726ce755a8f2a36a58928714d61f4426643b7f08da086004982e993ef_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cd132ae4b02647d5b0f0a910539c75efb3e0795590df00056542e969605ae296_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:357fa537a29f82ca117b8ed4695456707bd9599c5057ed938a91114e94badf62_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:62ddbd8b9e0b27be7a0541c7fe085b621834facff7d83d4a2e57b56ef6c713a2_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:94b445cbaef0111d98a0ee595988ef420423aa381b36e7127e76e385be12996a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:0e867de15e3038db7274dc1d84cd8ca5b1860b661c8b16ecd8f7aeefa76077a8_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:1aedb2f4b2aefa9586c8aecfff4647497f7a36fc6a547d6688645d87e90413f4_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:92f98ca560ce539495108e6212737ea6cf83215fe0a5aa7a12636ee9d5fca88f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:123c0108bd7a190dd2accfd21786600f787147f040e57fb5f840861e2caa441d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:6f81e9b903594b0a8bd5517900f7677e09c942953d257c87da11fb779e0f9dab_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:8c199930239623166973ea9cdb40ce2e2537d63e8c731afca3892caa84d2f16a_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:2f74522967f06958e385468a31e14bb9ede90569dec8292d61e67c6640c1ebde_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:38b340062dea9adc1159a326d39a214541e259e9e16582ef98efcd8e6deb3dd6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:609205741b369f72807fcec1fd3351d56e4605fdbbee37975fad8c01a5ea0339_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1ab2b5e9423a2edd5f663cdbf4c15dd6a5c13db13125161f4b4a9916d3c523e2_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1e37a386006e4a7b4414dcdbe6a42191b8f41e706e1df6dfe401cbdbe342f06a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b0f32d062678d69350a3a1a18b643c8b97ebfdbd0bea1c0ee67312312d02fcba_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:439fc3b91a4841c81355ecbb5c610c66139525df82bdb96a4ece4ffd20aca0a5_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7108fcc2c26b8e735231d9bad43febbc2ccc15723b15d3bf9ba643f950f75857_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7c4fa13ab624b17711df308a9434e529b49b259fe9c6bde4b4e9037ae45996d6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62df44281133dd4191848bfb861ba70eeb113b2bc0ce28c71b82524860421bed_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:844cef84fb29ee2996c284c6d517a645d4b14862c17021bd1b0052515cd364df_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:fc974b15c869a26e0ae259a39ce0ed1f1954630557c31465561eeee67bfc2797_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:08c488f99ef1c837418842db1c8e52391a55f5f61a1de98edbbe3a201070168a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:20a368484142ce585e3a49a402bab10b2045ba2d89711154ae80457c01881a4c_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f252a2c2eaa0a4807e39df8e5fe89a8b66e8ef62a9303a144b765c4857b17e51_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:17a5ed5cea7a0b355ea13e6a95218143c351e34cee1ba0188a14c28f9605e504_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1d00cc8be3101e0a0a901249545566689d1de5554f5101b8fcbb6fa1827d508b_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d001fb8afaf083ac3b02ab7571a709183931ef37baa75908556081480ee395dc_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1ad40dd05581bffe04db700b8b4fbfbe8112399f2bef70b69dd690458b6512ed_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:224bfa6af3a2a9b15657ee0adc0233608bb7a2218f9a488b537e3af4c53acacf_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f2cf132ddd130c3de1e3732f35fdade709c17e8a2775df5ab47cf7583db82fd6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9ae99a357ee1f9e42942edc998b378960d1a4a6bd9630b802f86743965f36898_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bcc9fd4d95422283c8d6016e1f85cd4522f43c0504cadf6aec40b9c30f2d945d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c9713eae9be9f99e9e7382ace5f520f96f641c50d8aed1c64a0f6a0ba9ed5395_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:394f4fd42c292ef68abf4a9104fe668026e394c3243ebf9b184d40a4b4b0132e_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:6478816c1b2bdeb40c77c267fff033dca5523375c64623bf56d493c4417a3c3f_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:8b92405457c5240a4d672409a7519d28463f2f0e104f441e3d0d0839549c6215_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:39367ad4f4807b804eb6a95d241d99c528995f75d3264b58820cf50fa6abceef_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:a5a1e18726ce755a8f2a36a58928714d61f4426643b7f08da086004982e993ef_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cd132ae4b02647d5b0f0a910539c75efb3e0795590df00056542e969605ae296_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:357fa537a29f82ca117b8ed4695456707bd9599c5057ed938a91114e94badf62_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:62ddbd8b9e0b27be7a0541c7fe085b621834facff7d83d4a2e57b56ef6c713a2_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:94b445cbaef0111d98a0ee595988ef420423aa381b36e7127e76e385be12996a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:0e867de15e3038db7274dc1d84cd8ca5b1860b661c8b16ecd8f7aeefa76077a8_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:1aedb2f4b2aefa9586c8aecfff4647497f7a36fc6a547d6688645d87e90413f4_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:92f98ca560ce539495108e6212737ea6cf83215fe0a5aa7a12636ee9d5fca88f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:123c0108bd7a190dd2accfd21786600f787147f040e57fb5f840861e2caa441d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:6f81e9b903594b0a8bd5517900f7677e09c942953d257c87da11fb779e0f9dab_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:8c199930239623166973ea9cdb40ce2e2537d63e8c731afca3892caa84d2f16a_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:2f74522967f06958e385468a31e14bb9ede90569dec8292d61e67c6640c1ebde_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:38b340062dea9adc1159a326d39a214541e259e9e16582ef98efcd8e6deb3dd6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:609205741b369f72807fcec1fd3351d56e4605fdbbee37975fad8c01a5ea0339_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1ab2b5e9423a2edd5f663cdbf4c15dd6a5c13db13125161f4b4a9916d3c523e2_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1e37a386006e4a7b4414dcdbe6a42191b8f41e706e1df6dfe401cbdbe342f06a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b0f32d062678d69350a3a1a18b643c8b97ebfdbd0bea1c0ee67312312d02fcba_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:439fc3b91a4841c81355ecbb5c610c66139525df82bdb96a4ece4ffd20aca0a5_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7108fcc2c26b8e735231d9bad43febbc2ccc15723b15d3bf9ba643f950f75857_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7c4fa13ab624b17711df308a9434e529b49b259fe9c6bde4b4e9037ae45996d6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62df44281133dd4191848bfb861ba70eeb113b2bc0ce28c71b82524860421bed_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:844cef84fb29ee2996c284c6d517a645d4b14862c17021bd1b0052515cd364df_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:fc974b15c869a26e0ae259a39ce0ed1f1954630557c31465561eeee67bfc2797_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:08c488f99ef1c837418842db1c8e52391a55f5f61a1de98edbbe3a201070168a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:20a368484142ce585e3a49a402bab10b2045ba2d89711154ae80457c01881a4c_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f252a2c2eaa0a4807e39df8e5fe89a8b66e8ef62a9303a144b765c4857b17e51_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:17a5ed5cea7a0b355ea13e6a95218143c351e34cee1ba0188a14c28f9605e504_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1d00cc8be3101e0a0a901249545566689d1de5554f5101b8fcbb6fa1827d508b_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d001fb8afaf083ac3b02ab7571a709183931ef37baa75908556081480ee395dc_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1ad40dd05581bffe04db700b8b4fbfbe8112399f2bef70b69dd690458b6512ed_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:224bfa6af3a2a9b15657ee0adc0233608bb7a2218f9a488b537e3af4c53acacf_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f2cf132ddd130c3de1e3732f35fdade709c17e8a2775df5ab47cf7583db82fd6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9ae99a357ee1f9e42942edc998b378960d1a4a6bd9630b802f86743965f36898_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bcc9fd4d95422283c8d6016e1f85cd4522f43c0504cadf6aec40b9c30f2d945d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c9713eae9be9f99e9e7382ace5f520f96f641c50d8aed1c64a0f6a0ba9ed5395_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto"
},
{
"cve": "CVE-2024-45338",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2024-12-18T21:00:59.938173+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:39367ad4f4807b804eb6a95d241d99c528995f75d3264b58820cf50fa6abceef_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:a5a1e18726ce755a8f2a36a58928714d61f4426643b7f08da086004982e993ef_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cd132ae4b02647d5b0f0a910539c75efb3e0795590df00056542e969605ae296_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:357fa537a29f82ca117b8ed4695456707bd9599c5057ed938a91114e94badf62_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:62ddbd8b9e0b27be7a0541c7fe085b621834facff7d83d4a2e57b56ef6c713a2_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:94b445cbaef0111d98a0ee595988ef420423aa381b36e7127e76e385be12996a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:123c0108bd7a190dd2accfd21786600f787147f040e57fb5f840861e2caa441d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:6f81e9b903594b0a8bd5517900f7677e09c942953d257c87da11fb779e0f9dab_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:8c199930239623166973ea9cdb40ce2e2537d63e8c731afca3892caa84d2f16a_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:439fc3b91a4841c81355ecbb5c610c66139525df82bdb96a4ece4ffd20aca0a5_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7108fcc2c26b8e735231d9bad43febbc2ccc15723b15d3bf9ba643f950f75857_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7c4fa13ab624b17711df308a9434e529b49b259fe9c6bde4b4e9037ae45996d6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62df44281133dd4191848bfb861ba70eeb113b2bc0ce28c71b82524860421bed_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:844cef84fb29ee2996c284c6d517a645d4b14862c17021bd1b0052515cd364df_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:fc974b15c869a26e0ae259a39ce0ed1f1954630557c31465561eeee67bfc2797_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:08c488f99ef1c837418842db1c8e52391a55f5f61a1de98edbbe3a201070168a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:20a368484142ce585e3a49a402bab10b2045ba2d89711154ae80457c01881a4c_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f252a2c2eaa0a4807e39df8e5fe89a8b66e8ef62a9303a144b765c4857b17e51_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:17a5ed5cea7a0b355ea13e6a95218143c351e34cee1ba0188a14c28f9605e504_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1d00cc8be3101e0a0a901249545566689d1de5554f5101b8fcbb6fa1827d508b_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d001fb8afaf083ac3b02ab7571a709183931ef37baa75908556081480ee395dc_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1ad40dd05581bffe04db700b8b4fbfbe8112399f2bef70b69dd690458b6512ed_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:224bfa6af3a2a9b15657ee0adc0233608bb7a2218f9a488b537e3af4c53acacf_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f2cf132ddd130c3de1e3732f35fdade709c17e8a2775df5ab47cf7583db82fd6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9ae99a357ee1f9e42942edc998b378960d1a4a6bd9630b802f86743965f36898_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bcc9fd4d95422283c8d6016e1f85cd4522f43c0504cadf6aec40b9c30f2d945d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c9713eae9be9f99e9e7382ace5f520f96f641c50d8aed1c64a0f6a0ba9ed5395_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2333122"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/net/html. This flaw allows an attacker to craft input to the parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This issue can cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as an Important severity because an attacker can craft malicious input that causes the parsing functions to process data non-linearly, resulting in significant delays which leads to a denial of service by exhausting system resources.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:394f4fd42c292ef68abf4a9104fe668026e394c3243ebf9b184d40a4b4b0132e_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:6478816c1b2bdeb40c77c267fff033dca5523375c64623bf56d493c4417a3c3f_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:8b92405457c5240a4d672409a7519d28463f2f0e104f441e3d0d0839549c6215_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:0e867de15e3038db7274dc1d84cd8ca5b1860b661c8b16ecd8f7aeefa76077a8_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:1aedb2f4b2aefa9586c8aecfff4647497f7a36fc6a547d6688645d87e90413f4_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:92f98ca560ce539495108e6212737ea6cf83215fe0a5aa7a12636ee9d5fca88f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:2f74522967f06958e385468a31e14bb9ede90569dec8292d61e67c6640c1ebde_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:38b340062dea9adc1159a326d39a214541e259e9e16582ef98efcd8e6deb3dd6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:609205741b369f72807fcec1fd3351d56e4605fdbbee37975fad8c01a5ea0339_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1ab2b5e9423a2edd5f663cdbf4c15dd6a5c13db13125161f4b4a9916d3c523e2_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1e37a386006e4a7b4414dcdbe6a42191b8f41e706e1df6dfe401cbdbe342f06a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b0f32d062678d69350a3a1a18b643c8b97ebfdbd0bea1c0ee67312312d02fcba_amd64"
],
"known_not_affected": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:39367ad4f4807b804eb6a95d241d99c528995f75d3264b58820cf50fa6abceef_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:a5a1e18726ce755a8f2a36a58928714d61f4426643b7f08da086004982e993ef_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cd132ae4b02647d5b0f0a910539c75efb3e0795590df00056542e969605ae296_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:357fa537a29f82ca117b8ed4695456707bd9599c5057ed938a91114e94badf62_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:62ddbd8b9e0b27be7a0541c7fe085b621834facff7d83d4a2e57b56ef6c713a2_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:94b445cbaef0111d98a0ee595988ef420423aa381b36e7127e76e385be12996a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:123c0108bd7a190dd2accfd21786600f787147f040e57fb5f840861e2caa441d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:6f81e9b903594b0a8bd5517900f7677e09c942953d257c87da11fb779e0f9dab_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:8c199930239623166973ea9cdb40ce2e2537d63e8c731afca3892caa84d2f16a_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:439fc3b91a4841c81355ecbb5c610c66139525df82bdb96a4ece4ffd20aca0a5_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7108fcc2c26b8e735231d9bad43febbc2ccc15723b15d3bf9ba643f950f75857_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7c4fa13ab624b17711df308a9434e529b49b259fe9c6bde4b4e9037ae45996d6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62df44281133dd4191848bfb861ba70eeb113b2bc0ce28c71b82524860421bed_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:844cef84fb29ee2996c284c6d517a645d4b14862c17021bd1b0052515cd364df_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:fc974b15c869a26e0ae259a39ce0ed1f1954630557c31465561eeee67bfc2797_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:08c488f99ef1c837418842db1c8e52391a55f5f61a1de98edbbe3a201070168a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:20a368484142ce585e3a49a402bab10b2045ba2d89711154ae80457c01881a4c_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f252a2c2eaa0a4807e39df8e5fe89a8b66e8ef62a9303a144b765c4857b17e51_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:17a5ed5cea7a0b355ea13e6a95218143c351e34cee1ba0188a14c28f9605e504_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1d00cc8be3101e0a0a901249545566689d1de5554f5101b8fcbb6fa1827d508b_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d001fb8afaf083ac3b02ab7571a709183931ef37baa75908556081480ee395dc_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1ad40dd05581bffe04db700b8b4fbfbe8112399f2bef70b69dd690458b6512ed_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:224bfa6af3a2a9b15657ee0adc0233608bb7a2218f9a488b537e3af4c53acacf_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f2cf132ddd130c3de1e3732f35fdade709c17e8a2775df5ab47cf7583db82fd6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9ae99a357ee1f9e42942edc998b378960d1a4a6bd9630b802f86743965f36898_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bcc9fd4d95422283c8d6016e1f85cd4522f43c0504cadf6aec40b9c30f2d945d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c9713eae9be9f99e9e7382ace5f520f96f641c50d8aed1c64a0f6a0ba9ed5395_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45338"
},
{
"category": "external",
"summary": "RHBZ#2333122",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2333122"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45338",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45338"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45338",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45338"
},
{
"category": "external",
"summary": "https://go.dev/cl/637536",
"url": "https://go.dev/cl/637536"
},
{
"category": "external",
"summary": "https://go.dev/issue/70906",
"url": "https://go.dev/issue/70906"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/wSCRmFnNmPA/m/Lvcd0mRMAwAJ",
"url": "https://groups.google.com/g/golang-announce/c/wSCRmFnNmPA/m/Lvcd0mRMAwAJ"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3333",
"url": "https://pkg.go.dev/vuln/GO-2024-3333"
}
],
"release_date": "2024-12-18T20:38:22.660000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-02-13T18:14:31+00:00",
"details": "If you are using an earlier version of RHACS 4.4, you are advised to upgrade to this patch release 4.4.8.",
"product_ids": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:394f4fd42c292ef68abf4a9104fe668026e394c3243ebf9b184d40a4b4b0132e_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:6478816c1b2bdeb40c77c267fff033dca5523375c64623bf56d493c4417a3c3f_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:8b92405457c5240a4d672409a7519d28463f2f0e104f441e3d0d0839549c6215_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:0e867de15e3038db7274dc1d84cd8ca5b1860b661c8b16ecd8f7aeefa76077a8_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:1aedb2f4b2aefa9586c8aecfff4647497f7a36fc6a547d6688645d87e90413f4_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:92f98ca560ce539495108e6212737ea6cf83215fe0a5aa7a12636ee9d5fca88f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:2f74522967f06958e385468a31e14bb9ede90569dec8292d61e67c6640c1ebde_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:38b340062dea9adc1159a326d39a214541e259e9e16582ef98efcd8e6deb3dd6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:609205741b369f72807fcec1fd3351d56e4605fdbbee37975fad8c01a5ea0339_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1ab2b5e9423a2edd5f663cdbf4c15dd6a5c13db13125161f4b4a9916d3c523e2_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1e37a386006e4a7b4414dcdbe6a42191b8f41e706e1df6dfe401cbdbe342f06a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b0f32d062678d69350a3a1a18b643c8b97ebfdbd0bea1c0ee67312312d02fcba_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:1468"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:394f4fd42c292ef68abf4a9104fe668026e394c3243ebf9b184d40a4b4b0132e_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:6478816c1b2bdeb40c77c267fff033dca5523375c64623bf56d493c4417a3c3f_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:8b92405457c5240a4d672409a7519d28463f2f0e104f441e3d0d0839549c6215_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:39367ad4f4807b804eb6a95d241d99c528995f75d3264b58820cf50fa6abceef_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:a5a1e18726ce755a8f2a36a58928714d61f4426643b7f08da086004982e993ef_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cd132ae4b02647d5b0f0a910539c75efb3e0795590df00056542e969605ae296_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:357fa537a29f82ca117b8ed4695456707bd9599c5057ed938a91114e94badf62_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:62ddbd8b9e0b27be7a0541c7fe085b621834facff7d83d4a2e57b56ef6c713a2_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:94b445cbaef0111d98a0ee595988ef420423aa381b36e7127e76e385be12996a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:0e867de15e3038db7274dc1d84cd8ca5b1860b661c8b16ecd8f7aeefa76077a8_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:1aedb2f4b2aefa9586c8aecfff4647497f7a36fc6a547d6688645d87e90413f4_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:92f98ca560ce539495108e6212737ea6cf83215fe0a5aa7a12636ee9d5fca88f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:123c0108bd7a190dd2accfd21786600f787147f040e57fb5f840861e2caa441d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:6f81e9b903594b0a8bd5517900f7677e09c942953d257c87da11fb779e0f9dab_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:8c199930239623166973ea9cdb40ce2e2537d63e8c731afca3892caa84d2f16a_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:2f74522967f06958e385468a31e14bb9ede90569dec8292d61e67c6640c1ebde_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:38b340062dea9adc1159a326d39a214541e259e9e16582ef98efcd8e6deb3dd6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:609205741b369f72807fcec1fd3351d56e4605fdbbee37975fad8c01a5ea0339_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1ab2b5e9423a2edd5f663cdbf4c15dd6a5c13db13125161f4b4a9916d3c523e2_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1e37a386006e4a7b4414dcdbe6a42191b8f41e706e1df6dfe401cbdbe342f06a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b0f32d062678d69350a3a1a18b643c8b97ebfdbd0bea1c0ee67312312d02fcba_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:439fc3b91a4841c81355ecbb5c610c66139525df82bdb96a4ece4ffd20aca0a5_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7108fcc2c26b8e735231d9bad43febbc2ccc15723b15d3bf9ba643f950f75857_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7c4fa13ab624b17711df308a9434e529b49b259fe9c6bde4b4e9037ae45996d6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62df44281133dd4191848bfb861ba70eeb113b2bc0ce28c71b82524860421bed_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:844cef84fb29ee2996c284c6d517a645d4b14862c17021bd1b0052515cd364df_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:fc974b15c869a26e0ae259a39ce0ed1f1954630557c31465561eeee67bfc2797_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:08c488f99ef1c837418842db1c8e52391a55f5f61a1de98edbbe3a201070168a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:20a368484142ce585e3a49a402bab10b2045ba2d89711154ae80457c01881a4c_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f252a2c2eaa0a4807e39df8e5fe89a8b66e8ef62a9303a144b765c4857b17e51_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:17a5ed5cea7a0b355ea13e6a95218143c351e34cee1ba0188a14c28f9605e504_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1d00cc8be3101e0a0a901249545566689d1de5554f5101b8fcbb6fa1827d508b_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d001fb8afaf083ac3b02ab7571a709183931ef37baa75908556081480ee395dc_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1ad40dd05581bffe04db700b8b4fbfbe8112399f2bef70b69dd690458b6512ed_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:224bfa6af3a2a9b15657ee0adc0233608bb7a2218f9a488b537e3af4c53acacf_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f2cf132ddd130c3de1e3732f35fdade709c17e8a2775df5ab47cf7583db82fd6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9ae99a357ee1f9e42942edc998b378960d1a4a6bd9630b802f86743965f36898_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bcc9fd4d95422283c8d6016e1f85cd4522f43c0504cadf6aec40b9c30f2d945d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c9713eae9be9f99e9e7382ace5f520f96f641c50d8aed1c64a0f6a0ba9ed5395_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html"
},
{
"cve": "CVE-2025-21613",
"cwe": {
"id": "CWE-88",
"name": "Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)"
},
"discovery_date": "2025-01-06T17:00:41.244449+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:394f4fd42c292ef68abf4a9104fe668026e394c3243ebf9b184d40a4b4b0132e_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:6478816c1b2bdeb40c77c267fff033dca5523375c64623bf56d493c4417a3c3f_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:8b92405457c5240a4d672409a7519d28463f2f0e104f441e3d0d0839549c6215_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:39367ad4f4807b804eb6a95d241d99c528995f75d3264b58820cf50fa6abceef_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:a5a1e18726ce755a8f2a36a58928714d61f4426643b7f08da086004982e993ef_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cd132ae4b02647d5b0f0a910539c75efb3e0795590df00056542e969605ae296_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:357fa537a29f82ca117b8ed4695456707bd9599c5057ed938a91114e94badf62_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:62ddbd8b9e0b27be7a0541c7fe085b621834facff7d83d4a2e57b56ef6c713a2_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:94b445cbaef0111d98a0ee595988ef420423aa381b36e7127e76e385be12996a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:123c0108bd7a190dd2accfd21786600f787147f040e57fb5f840861e2caa441d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:6f81e9b903594b0a8bd5517900f7677e09c942953d257c87da11fb779e0f9dab_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:8c199930239623166973ea9cdb40ce2e2537d63e8c731afca3892caa84d2f16a_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:439fc3b91a4841c81355ecbb5c610c66139525df82bdb96a4ece4ffd20aca0a5_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7108fcc2c26b8e735231d9bad43febbc2ccc15723b15d3bf9ba643f950f75857_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7c4fa13ab624b17711df308a9434e529b49b259fe9c6bde4b4e9037ae45996d6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62df44281133dd4191848bfb861ba70eeb113b2bc0ce28c71b82524860421bed_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:844cef84fb29ee2996c284c6d517a645d4b14862c17021bd1b0052515cd364df_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:fc974b15c869a26e0ae259a39ce0ed1f1954630557c31465561eeee67bfc2797_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:08c488f99ef1c837418842db1c8e52391a55f5f61a1de98edbbe3a201070168a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:20a368484142ce585e3a49a402bab10b2045ba2d89711154ae80457c01881a4c_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f252a2c2eaa0a4807e39df8e5fe89a8b66e8ef62a9303a144b765c4857b17e51_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:17a5ed5cea7a0b355ea13e6a95218143c351e34cee1ba0188a14c28f9605e504_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1d00cc8be3101e0a0a901249545566689d1de5554f5101b8fcbb6fa1827d508b_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d001fb8afaf083ac3b02ab7571a709183931ef37baa75908556081480ee395dc_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1ad40dd05581bffe04db700b8b4fbfbe8112399f2bef70b69dd690458b6512ed_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:224bfa6af3a2a9b15657ee0adc0233608bb7a2218f9a488b537e3af4c53acacf_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f2cf132ddd130c3de1e3732f35fdade709c17e8a2775df5ab47cf7583db82fd6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9ae99a357ee1f9e42942edc998b378960d1a4a6bd9630b802f86743965f36898_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bcc9fd4d95422283c8d6016e1f85cd4522f43c0504cadf6aec40b9c30f2d945d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c9713eae9be9f99e9e7382ace5f520f96f641c50d8aed1c64a0f6a0ba9ed5395_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2335888"
}
],
"notes": [
{
"category": "description",
"text": "An argument injection vulnerability was found in go-git. This flaw allows an attacker to set arbitrary values to git-upload-pack flags, leading to command or code execution, exposure of sensitive data, or other unintended behavior. This is only possible in configurations where the file transport protocol is being used.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "go-git: argument injection via the URL field",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as an Important severity because an argument injection has been discovered in go-git, where an attackers can manipulate git-upload-pack flags, potentially enabling command or code execution leads to an exposure of sensitive data or other unintended actions, this vulnerability occurs exclusively in configurations using the file transport protocol.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:0e867de15e3038db7274dc1d84cd8ca5b1860b661c8b16ecd8f7aeefa76077a8_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:1aedb2f4b2aefa9586c8aecfff4647497f7a36fc6a547d6688645d87e90413f4_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:92f98ca560ce539495108e6212737ea6cf83215fe0a5aa7a12636ee9d5fca88f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:2f74522967f06958e385468a31e14bb9ede90569dec8292d61e67c6640c1ebde_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:38b340062dea9adc1159a326d39a214541e259e9e16582ef98efcd8e6deb3dd6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:609205741b369f72807fcec1fd3351d56e4605fdbbee37975fad8c01a5ea0339_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1ab2b5e9423a2edd5f663cdbf4c15dd6a5c13db13125161f4b4a9916d3c523e2_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1e37a386006e4a7b4414dcdbe6a42191b8f41e706e1df6dfe401cbdbe342f06a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b0f32d062678d69350a3a1a18b643c8b97ebfdbd0bea1c0ee67312312d02fcba_amd64"
],
"known_not_affected": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:394f4fd42c292ef68abf4a9104fe668026e394c3243ebf9b184d40a4b4b0132e_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:6478816c1b2bdeb40c77c267fff033dca5523375c64623bf56d493c4417a3c3f_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:8b92405457c5240a4d672409a7519d28463f2f0e104f441e3d0d0839549c6215_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:39367ad4f4807b804eb6a95d241d99c528995f75d3264b58820cf50fa6abceef_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:a5a1e18726ce755a8f2a36a58928714d61f4426643b7f08da086004982e993ef_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cd132ae4b02647d5b0f0a910539c75efb3e0795590df00056542e969605ae296_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:357fa537a29f82ca117b8ed4695456707bd9599c5057ed938a91114e94badf62_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:62ddbd8b9e0b27be7a0541c7fe085b621834facff7d83d4a2e57b56ef6c713a2_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:94b445cbaef0111d98a0ee595988ef420423aa381b36e7127e76e385be12996a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:123c0108bd7a190dd2accfd21786600f787147f040e57fb5f840861e2caa441d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:6f81e9b903594b0a8bd5517900f7677e09c942953d257c87da11fb779e0f9dab_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:8c199930239623166973ea9cdb40ce2e2537d63e8c731afca3892caa84d2f16a_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:439fc3b91a4841c81355ecbb5c610c66139525df82bdb96a4ece4ffd20aca0a5_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7108fcc2c26b8e735231d9bad43febbc2ccc15723b15d3bf9ba643f950f75857_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7c4fa13ab624b17711df308a9434e529b49b259fe9c6bde4b4e9037ae45996d6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62df44281133dd4191848bfb861ba70eeb113b2bc0ce28c71b82524860421bed_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:844cef84fb29ee2996c284c6d517a645d4b14862c17021bd1b0052515cd364df_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:fc974b15c869a26e0ae259a39ce0ed1f1954630557c31465561eeee67bfc2797_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:08c488f99ef1c837418842db1c8e52391a55f5f61a1de98edbbe3a201070168a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:20a368484142ce585e3a49a402bab10b2045ba2d89711154ae80457c01881a4c_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f252a2c2eaa0a4807e39df8e5fe89a8b66e8ef62a9303a144b765c4857b17e51_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:17a5ed5cea7a0b355ea13e6a95218143c351e34cee1ba0188a14c28f9605e504_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1d00cc8be3101e0a0a901249545566689d1de5554f5101b8fcbb6fa1827d508b_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d001fb8afaf083ac3b02ab7571a709183931ef37baa75908556081480ee395dc_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1ad40dd05581bffe04db700b8b4fbfbe8112399f2bef70b69dd690458b6512ed_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:224bfa6af3a2a9b15657ee0adc0233608bb7a2218f9a488b537e3af4c53acacf_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f2cf132ddd130c3de1e3732f35fdade709c17e8a2775df5ab47cf7583db82fd6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9ae99a357ee1f9e42942edc998b378960d1a4a6bd9630b802f86743965f36898_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bcc9fd4d95422283c8d6016e1f85cd4522f43c0504cadf6aec40b9c30f2d945d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c9713eae9be9f99e9e7382ace5f520f96f641c50d8aed1c64a0f6a0ba9ed5395_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-21613"
},
{
"category": "external",
"summary": "RHBZ#2335888",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2335888"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-21613",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21613"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-21613",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-21613"
},
{
"category": "external",
"summary": "https://github.com/go-git/go-git/security/advisories/GHSA-v725-9546-7q7m",
"url": "https://github.com/go-git/go-git/security/advisories/GHSA-v725-9546-7q7m"
}
],
"release_date": "2025-01-06T16:13:10.611000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-02-13T18:14:31+00:00",
"details": "If you are using an earlier version of RHACS 4.4, you are advised to upgrade to this patch release 4.4.8.",
"product_ids": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:0e867de15e3038db7274dc1d84cd8ca5b1860b661c8b16ecd8f7aeefa76077a8_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:1aedb2f4b2aefa9586c8aecfff4647497f7a36fc6a547d6688645d87e90413f4_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:92f98ca560ce539495108e6212737ea6cf83215fe0a5aa7a12636ee9d5fca88f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:2f74522967f06958e385468a31e14bb9ede90569dec8292d61e67c6640c1ebde_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:38b340062dea9adc1159a326d39a214541e259e9e16582ef98efcd8e6deb3dd6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:609205741b369f72807fcec1fd3351d56e4605fdbbee37975fad8c01a5ea0339_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1ab2b5e9423a2edd5f663cdbf4c15dd6a5c13db13125161f4b4a9916d3c523e2_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1e37a386006e4a7b4414dcdbe6a42191b8f41e706e1df6dfe401cbdbe342f06a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b0f32d062678d69350a3a1a18b643c8b97ebfdbd0bea1c0ee67312312d02fcba_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:1468"
},
{
"category": "workaround",
"details": "In cases where it is not possible to update to the latest version of go-git, it is recommended to enforce validation rules for values passed in the URL field.",
"product_ids": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:394f4fd42c292ef68abf4a9104fe668026e394c3243ebf9b184d40a4b4b0132e_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:6478816c1b2bdeb40c77c267fff033dca5523375c64623bf56d493c4417a3c3f_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:8b92405457c5240a4d672409a7519d28463f2f0e104f441e3d0d0839549c6215_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:39367ad4f4807b804eb6a95d241d99c528995f75d3264b58820cf50fa6abceef_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:a5a1e18726ce755a8f2a36a58928714d61f4426643b7f08da086004982e993ef_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cd132ae4b02647d5b0f0a910539c75efb3e0795590df00056542e969605ae296_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:357fa537a29f82ca117b8ed4695456707bd9599c5057ed938a91114e94badf62_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:62ddbd8b9e0b27be7a0541c7fe085b621834facff7d83d4a2e57b56ef6c713a2_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:94b445cbaef0111d98a0ee595988ef420423aa381b36e7127e76e385be12996a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:0e867de15e3038db7274dc1d84cd8ca5b1860b661c8b16ecd8f7aeefa76077a8_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:1aedb2f4b2aefa9586c8aecfff4647497f7a36fc6a547d6688645d87e90413f4_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:92f98ca560ce539495108e6212737ea6cf83215fe0a5aa7a12636ee9d5fca88f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:123c0108bd7a190dd2accfd21786600f787147f040e57fb5f840861e2caa441d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:6f81e9b903594b0a8bd5517900f7677e09c942953d257c87da11fb779e0f9dab_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:8c199930239623166973ea9cdb40ce2e2537d63e8c731afca3892caa84d2f16a_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:2f74522967f06958e385468a31e14bb9ede90569dec8292d61e67c6640c1ebde_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:38b340062dea9adc1159a326d39a214541e259e9e16582ef98efcd8e6deb3dd6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:609205741b369f72807fcec1fd3351d56e4605fdbbee37975fad8c01a5ea0339_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1ab2b5e9423a2edd5f663cdbf4c15dd6a5c13db13125161f4b4a9916d3c523e2_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1e37a386006e4a7b4414dcdbe6a42191b8f41e706e1df6dfe401cbdbe342f06a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b0f32d062678d69350a3a1a18b643c8b97ebfdbd0bea1c0ee67312312d02fcba_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:439fc3b91a4841c81355ecbb5c610c66139525df82bdb96a4ece4ffd20aca0a5_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7108fcc2c26b8e735231d9bad43febbc2ccc15723b15d3bf9ba643f950f75857_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7c4fa13ab624b17711df308a9434e529b49b259fe9c6bde4b4e9037ae45996d6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62df44281133dd4191848bfb861ba70eeb113b2bc0ce28c71b82524860421bed_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:844cef84fb29ee2996c284c6d517a645d4b14862c17021bd1b0052515cd364df_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:fc974b15c869a26e0ae259a39ce0ed1f1954630557c31465561eeee67bfc2797_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:08c488f99ef1c837418842db1c8e52391a55f5f61a1de98edbbe3a201070168a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:20a368484142ce585e3a49a402bab10b2045ba2d89711154ae80457c01881a4c_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f252a2c2eaa0a4807e39df8e5fe89a8b66e8ef62a9303a144b765c4857b17e51_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:17a5ed5cea7a0b355ea13e6a95218143c351e34cee1ba0188a14c28f9605e504_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1d00cc8be3101e0a0a901249545566689d1de5554f5101b8fcbb6fa1827d508b_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d001fb8afaf083ac3b02ab7571a709183931ef37baa75908556081480ee395dc_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1ad40dd05581bffe04db700b8b4fbfbe8112399f2bef70b69dd690458b6512ed_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:224bfa6af3a2a9b15657ee0adc0233608bb7a2218f9a488b537e3af4c53acacf_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f2cf132ddd130c3de1e3732f35fdade709c17e8a2775df5ab47cf7583db82fd6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9ae99a357ee1f9e42942edc998b378960d1a4a6bd9630b802f86743965f36898_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bcc9fd4d95422283c8d6016e1f85cd4522f43c0504cadf6aec40b9c30f2d945d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c9713eae9be9f99e9e7382ace5f520f96f641c50d8aed1c64a0f6a0ba9ed5395_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:394f4fd42c292ef68abf4a9104fe668026e394c3243ebf9b184d40a4b4b0132e_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:6478816c1b2bdeb40c77c267fff033dca5523375c64623bf56d493c4417a3c3f_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:8b92405457c5240a4d672409a7519d28463f2f0e104f441e3d0d0839549c6215_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:39367ad4f4807b804eb6a95d241d99c528995f75d3264b58820cf50fa6abceef_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:a5a1e18726ce755a8f2a36a58928714d61f4426643b7f08da086004982e993ef_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cd132ae4b02647d5b0f0a910539c75efb3e0795590df00056542e969605ae296_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:357fa537a29f82ca117b8ed4695456707bd9599c5057ed938a91114e94badf62_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:62ddbd8b9e0b27be7a0541c7fe085b621834facff7d83d4a2e57b56ef6c713a2_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:94b445cbaef0111d98a0ee595988ef420423aa381b36e7127e76e385be12996a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:0e867de15e3038db7274dc1d84cd8ca5b1860b661c8b16ecd8f7aeefa76077a8_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:1aedb2f4b2aefa9586c8aecfff4647497f7a36fc6a547d6688645d87e90413f4_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:92f98ca560ce539495108e6212737ea6cf83215fe0a5aa7a12636ee9d5fca88f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:123c0108bd7a190dd2accfd21786600f787147f040e57fb5f840861e2caa441d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:6f81e9b903594b0a8bd5517900f7677e09c942953d257c87da11fb779e0f9dab_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:8c199930239623166973ea9cdb40ce2e2537d63e8c731afca3892caa84d2f16a_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:2f74522967f06958e385468a31e14bb9ede90569dec8292d61e67c6640c1ebde_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:38b340062dea9adc1159a326d39a214541e259e9e16582ef98efcd8e6deb3dd6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:609205741b369f72807fcec1fd3351d56e4605fdbbee37975fad8c01a5ea0339_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1ab2b5e9423a2edd5f663cdbf4c15dd6a5c13db13125161f4b4a9916d3c523e2_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1e37a386006e4a7b4414dcdbe6a42191b8f41e706e1df6dfe401cbdbe342f06a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b0f32d062678d69350a3a1a18b643c8b97ebfdbd0bea1c0ee67312312d02fcba_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:439fc3b91a4841c81355ecbb5c610c66139525df82bdb96a4ece4ffd20aca0a5_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7108fcc2c26b8e735231d9bad43febbc2ccc15723b15d3bf9ba643f950f75857_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7c4fa13ab624b17711df308a9434e529b49b259fe9c6bde4b4e9037ae45996d6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62df44281133dd4191848bfb861ba70eeb113b2bc0ce28c71b82524860421bed_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:844cef84fb29ee2996c284c6d517a645d4b14862c17021bd1b0052515cd364df_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:fc974b15c869a26e0ae259a39ce0ed1f1954630557c31465561eeee67bfc2797_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:08c488f99ef1c837418842db1c8e52391a55f5f61a1de98edbbe3a201070168a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:20a368484142ce585e3a49a402bab10b2045ba2d89711154ae80457c01881a4c_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f252a2c2eaa0a4807e39df8e5fe89a8b66e8ef62a9303a144b765c4857b17e51_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:17a5ed5cea7a0b355ea13e6a95218143c351e34cee1ba0188a14c28f9605e504_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1d00cc8be3101e0a0a901249545566689d1de5554f5101b8fcbb6fa1827d508b_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d001fb8afaf083ac3b02ab7571a709183931ef37baa75908556081480ee395dc_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1ad40dd05581bffe04db700b8b4fbfbe8112399f2bef70b69dd690458b6512ed_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:224bfa6af3a2a9b15657ee0adc0233608bb7a2218f9a488b537e3af4c53acacf_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f2cf132ddd130c3de1e3732f35fdade709c17e8a2775df5ab47cf7583db82fd6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9ae99a357ee1f9e42942edc998b378960d1a4a6bd9630b802f86743965f36898_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bcc9fd4d95422283c8d6016e1f85cd4522f43c0504cadf6aec40b9c30f2d945d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c9713eae9be9f99e9e7382ace5f520f96f641c50d8aed1c64a0f6a0ba9ed5395_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "go-git: argument injection via the URL field"
},
{
"cve": "CVE-2025-21614",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-01-06T17:01:36.743039+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:394f4fd42c292ef68abf4a9104fe668026e394c3243ebf9b184d40a4b4b0132e_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:6478816c1b2bdeb40c77c267fff033dca5523375c64623bf56d493c4417a3c3f_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:8b92405457c5240a4d672409a7519d28463f2f0e104f441e3d0d0839549c6215_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:39367ad4f4807b804eb6a95d241d99c528995f75d3264b58820cf50fa6abceef_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:a5a1e18726ce755a8f2a36a58928714d61f4426643b7f08da086004982e993ef_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cd132ae4b02647d5b0f0a910539c75efb3e0795590df00056542e969605ae296_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:357fa537a29f82ca117b8ed4695456707bd9599c5057ed938a91114e94badf62_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:62ddbd8b9e0b27be7a0541c7fe085b621834facff7d83d4a2e57b56ef6c713a2_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:94b445cbaef0111d98a0ee595988ef420423aa381b36e7127e76e385be12996a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:123c0108bd7a190dd2accfd21786600f787147f040e57fb5f840861e2caa441d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:6f81e9b903594b0a8bd5517900f7677e09c942953d257c87da11fb779e0f9dab_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:8c199930239623166973ea9cdb40ce2e2537d63e8c731afca3892caa84d2f16a_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:439fc3b91a4841c81355ecbb5c610c66139525df82bdb96a4ece4ffd20aca0a5_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7108fcc2c26b8e735231d9bad43febbc2ccc15723b15d3bf9ba643f950f75857_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7c4fa13ab624b17711df308a9434e529b49b259fe9c6bde4b4e9037ae45996d6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62df44281133dd4191848bfb861ba70eeb113b2bc0ce28c71b82524860421bed_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:844cef84fb29ee2996c284c6d517a645d4b14862c17021bd1b0052515cd364df_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:fc974b15c869a26e0ae259a39ce0ed1f1954630557c31465561eeee67bfc2797_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:08c488f99ef1c837418842db1c8e52391a55f5f61a1de98edbbe3a201070168a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:20a368484142ce585e3a49a402bab10b2045ba2d89711154ae80457c01881a4c_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f252a2c2eaa0a4807e39df8e5fe89a8b66e8ef62a9303a144b765c4857b17e51_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:17a5ed5cea7a0b355ea13e6a95218143c351e34cee1ba0188a14c28f9605e504_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1d00cc8be3101e0a0a901249545566689d1de5554f5101b8fcbb6fa1827d508b_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d001fb8afaf083ac3b02ab7571a709183931ef37baa75908556081480ee395dc_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1ad40dd05581bffe04db700b8b4fbfbe8112399f2bef70b69dd690458b6512ed_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:224bfa6af3a2a9b15657ee0adc0233608bb7a2218f9a488b537e3af4c53acacf_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f2cf132ddd130c3de1e3732f35fdade709c17e8a2775df5ab47cf7583db82fd6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9ae99a357ee1f9e42942edc998b378960d1a4a6bd9630b802f86743965f36898_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bcc9fd4d95422283c8d6016e1f85cd4522f43c0504cadf6aec40b9c30f2d945d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c9713eae9be9f99e9e7382ace5f520f96f641c50d8aed1c64a0f6a0ba9ed5395_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2335901"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service (DoS) vulnerability was found in go-git. This vulnerability allows an attacker to perform denial of service attacks by providing specially crafted responses from a Git server, which triggers resource exhaustion in go-git clients.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "go-git: go-git clients vulnerable to DoS via maliciously crafted Git server replies",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:0e867de15e3038db7274dc1d84cd8ca5b1860b661c8b16ecd8f7aeefa76077a8_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:1aedb2f4b2aefa9586c8aecfff4647497f7a36fc6a547d6688645d87e90413f4_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:92f98ca560ce539495108e6212737ea6cf83215fe0a5aa7a12636ee9d5fca88f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:2f74522967f06958e385468a31e14bb9ede90569dec8292d61e67c6640c1ebde_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:38b340062dea9adc1159a326d39a214541e259e9e16582ef98efcd8e6deb3dd6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:609205741b369f72807fcec1fd3351d56e4605fdbbee37975fad8c01a5ea0339_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1ab2b5e9423a2edd5f663cdbf4c15dd6a5c13db13125161f4b4a9916d3c523e2_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1e37a386006e4a7b4414dcdbe6a42191b8f41e706e1df6dfe401cbdbe342f06a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b0f32d062678d69350a3a1a18b643c8b97ebfdbd0bea1c0ee67312312d02fcba_amd64"
],
"known_not_affected": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:394f4fd42c292ef68abf4a9104fe668026e394c3243ebf9b184d40a4b4b0132e_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:6478816c1b2bdeb40c77c267fff033dca5523375c64623bf56d493c4417a3c3f_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:8b92405457c5240a4d672409a7519d28463f2f0e104f441e3d0d0839549c6215_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:39367ad4f4807b804eb6a95d241d99c528995f75d3264b58820cf50fa6abceef_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:a5a1e18726ce755a8f2a36a58928714d61f4426643b7f08da086004982e993ef_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cd132ae4b02647d5b0f0a910539c75efb3e0795590df00056542e969605ae296_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:357fa537a29f82ca117b8ed4695456707bd9599c5057ed938a91114e94badf62_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:62ddbd8b9e0b27be7a0541c7fe085b621834facff7d83d4a2e57b56ef6c713a2_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:94b445cbaef0111d98a0ee595988ef420423aa381b36e7127e76e385be12996a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:123c0108bd7a190dd2accfd21786600f787147f040e57fb5f840861e2caa441d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:6f81e9b903594b0a8bd5517900f7677e09c942953d257c87da11fb779e0f9dab_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:8c199930239623166973ea9cdb40ce2e2537d63e8c731afca3892caa84d2f16a_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:439fc3b91a4841c81355ecbb5c610c66139525df82bdb96a4ece4ffd20aca0a5_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7108fcc2c26b8e735231d9bad43febbc2ccc15723b15d3bf9ba643f950f75857_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7c4fa13ab624b17711df308a9434e529b49b259fe9c6bde4b4e9037ae45996d6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62df44281133dd4191848bfb861ba70eeb113b2bc0ce28c71b82524860421bed_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:844cef84fb29ee2996c284c6d517a645d4b14862c17021bd1b0052515cd364df_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:fc974b15c869a26e0ae259a39ce0ed1f1954630557c31465561eeee67bfc2797_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:08c488f99ef1c837418842db1c8e52391a55f5f61a1de98edbbe3a201070168a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:20a368484142ce585e3a49a402bab10b2045ba2d89711154ae80457c01881a4c_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f252a2c2eaa0a4807e39df8e5fe89a8b66e8ef62a9303a144b765c4857b17e51_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:17a5ed5cea7a0b355ea13e6a95218143c351e34cee1ba0188a14c28f9605e504_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1d00cc8be3101e0a0a901249545566689d1de5554f5101b8fcbb6fa1827d508b_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d001fb8afaf083ac3b02ab7571a709183931ef37baa75908556081480ee395dc_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1ad40dd05581bffe04db700b8b4fbfbe8112399f2bef70b69dd690458b6512ed_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:224bfa6af3a2a9b15657ee0adc0233608bb7a2218f9a488b537e3af4c53acacf_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f2cf132ddd130c3de1e3732f35fdade709c17e8a2775df5ab47cf7583db82fd6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9ae99a357ee1f9e42942edc998b378960d1a4a6bd9630b802f86743965f36898_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bcc9fd4d95422283c8d6016e1f85cd4522f43c0504cadf6aec40b9c30f2d945d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c9713eae9be9f99e9e7382ace5f520f96f641c50d8aed1c64a0f6a0ba9ed5395_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-21614"
},
{
"category": "external",
"summary": "RHBZ#2335901",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2335901"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-21614",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21614"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-21614",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-21614"
},
{
"category": "external",
"summary": "https://github.com/go-git/go-git/security/advisories/GHSA-r9px-m959-cxf4",
"url": "https://github.com/go-git/go-git/security/advisories/GHSA-r9px-m959-cxf4"
}
],
"release_date": "2025-01-06T16:20:16.140000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-02-13T18:14:31+00:00",
"details": "If you are using an earlier version of RHACS 4.4, you are advised to upgrade to this patch release 4.4.8.",
"product_ids": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:0e867de15e3038db7274dc1d84cd8ca5b1860b661c8b16ecd8f7aeefa76077a8_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:1aedb2f4b2aefa9586c8aecfff4647497f7a36fc6a547d6688645d87e90413f4_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:92f98ca560ce539495108e6212737ea6cf83215fe0a5aa7a12636ee9d5fca88f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:2f74522967f06958e385468a31e14bb9ede90569dec8292d61e67c6640c1ebde_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:38b340062dea9adc1159a326d39a214541e259e9e16582ef98efcd8e6deb3dd6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:609205741b369f72807fcec1fd3351d56e4605fdbbee37975fad8c01a5ea0339_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1ab2b5e9423a2edd5f663cdbf4c15dd6a5c13db13125161f4b4a9916d3c523e2_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1e37a386006e4a7b4414dcdbe6a42191b8f41e706e1df6dfe401cbdbe342f06a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b0f32d062678d69350a3a1a18b643c8b97ebfdbd0bea1c0ee67312312d02fcba_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:1468"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:394f4fd42c292ef68abf4a9104fe668026e394c3243ebf9b184d40a4b4b0132e_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:6478816c1b2bdeb40c77c267fff033dca5523375c64623bf56d493c4417a3c3f_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:8b92405457c5240a4d672409a7519d28463f2f0e104f441e3d0d0839549c6215_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:39367ad4f4807b804eb6a95d241d99c528995f75d3264b58820cf50fa6abceef_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:a5a1e18726ce755a8f2a36a58928714d61f4426643b7f08da086004982e993ef_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cd132ae4b02647d5b0f0a910539c75efb3e0795590df00056542e969605ae296_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:357fa537a29f82ca117b8ed4695456707bd9599c5057ed938a91114e94badf62_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:62ddbd8b9e0b27be7a0541c7fe085b621834facff7d83d4a2e57b56ef6c713a2_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:94b445cbaef0111d98a0ee595988ef420423aa381b36e7127e76e385be12996a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:0e867de15e3038db7274dc1d84cd8ca5b1860b661c8b16ecd8f7aeefa76077a8_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:1aedb2f4b2aefa9586c8aecfff4647497f7a36fc6a547d6688645d87e90413f4_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:92f98ca560ce539495108e6212737ea6cf83215fe0a5aa7a12636ee9d5fca88f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:123c0108bd7a190dd2accfd21786600f787147f040e57fb5f840861e2caa441d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:6f81e9b903594b0a8bd5517900f7677e09c942953d257c87da11fb779e0f9dab_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:8c199930239623166973ea9cdb40ce2e2537d63e8c731afca3892caa84d2f16a_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:2f74522967f06958e385468a31e14bb9ede90569dec8292d61e67c6640c1ebde_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:38b340062dea9adc1159a326d39a214541e259e9e16582ef98efcd8e6deb3dd6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:609205741b369f72807fcec1fd3351d56e4605fdbbee37975fad8c01a5ea0339_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1ab2b5e9423a2edd5f663cdbf4c15dd6a5c13db13125161f4b4a9916d3c523e2_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1e37a386006e4a7b4414dcdbe6a42191b8f41e706e1df6dfe401cbdbe342f06a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b0f32d062678d69350a3a1a18b643c8b97ebfdbd0bea1c0ee67312312d02fcba_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:439fc3b91a4841c81355ecbb5c610c66139525df82bdb96a4ece4ffd20aca0a5_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7108fcc2c26b8e735231d9bad43febbc2ccc15723b15d3bf9ba643f950f75857_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7c4fa13ab624b17711df308a9434e529b49b259fe9c6bde4b4e9037ae45996d6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62df44281133dd4191848bfb861ba70eeb113b2bc0ce28c71b82524860421bed_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:844cef84fb29ee2996c284c6d517a645d4b14862c17021bd1b0052515cd364df_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:fc974b15c869a26e0ae259a39ce0ed1f1954630557c31465561eeee67bfc2797_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:08c488f99ef1c837418842db1c8e52391a55f5f61a1de98edbbe3a201070168a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:20a368484142ce585e3a49a402bab10b2045ba2d89711154ae80457c01881a4c_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f252a2c2eaa0a4807e39df8e5fe89a8b66e8ef62a9303a144b765c4857b17e51_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:17a5ed5cea7a0b355ea13e6a95218143c351e34cee1ba0188a14c28f9605e504_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1d00cc8be3101e0a0a901249545566689d1de5554f5101b8fcbb6fa1827d508b_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d001fb8afaf083ac3b02ab7571a709183931ef37baa75908556081480ee395dc_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1ad40dd05581bffe04db700b8b4fbfbe8112399f2bef70b69dd690458b6512ed_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:224bfa6af3a2a9b15657ee0adc0233608bb7a2218f9a488b537e3af4c53acacf_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f2cf132ddd130c3de1e3732f35fdade709c17e8a2775df5ab47cf7583db82fd6_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9ae99a357ee1f9e42942edc998b378960d1a4a6bd9630b802f86743965f36898_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bcc9fd4d95422283c8d6016e1f85cd4522f43c0504cadf6aec40b9c30f2d945d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c9713eae9be9f99e9e7382ace5f520f96f641c50d8aed1c64a0f6a0ba9ed5395_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "go-git: go-git clients vulnerable to DoS via maliciously crafted Git server replies"
}
]
}
rhsa-2025_1334
Vulnerability from csaf_redhat
Published
2025-02-11 21:20
Modified
2025-03-25 11:10
Summary
Red Hat Security Advisory: ACS 4.5 enhancement and security update
Notes
Topic
Updated images are now available for Red Hat Advanced Cluster Security (RHACS). The updated image includes security fixes.
Details
This release of RHACS includes fixes for the following security vulnerabilities:
* npm-serialize-javascript: Cross-site Scripting (XSS) in serialize-javascript (CVE-2024-11831)
* go-git: Argument injection via the URL field (CVE-2025-21613)
* go-git: Go-git clients vulnerable to DoS via maliciously crafted Git server replies (CVE-2025-21614)
* golang.org/x/crypto: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto (CVE-2024-45337)
* golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html (CVE-2024-45338)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated images are now available for Red Hat Advanced Cluster Security (RHACS). The updated image includes security fixes.",
"title": "Topic"
},
{
"category": "general",
"text": "This release of RHACS includes fixes for the following security vulnerabilities:\n\n* npm-serialize-javascript: Cross-site Scripting (XSS) in serialize-javascript (CVE-2024-11831)\n\n* go-git: Argument injection via the URL field (CVE-2025-21613)\n\n* go-git: Go-git clients vulnerable to DoS via maliciously crafted Git server replies (CVE-2025-21614)\n\n* golang.org/x/crypto: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto (CVE-2024-45337)\n\n* golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html (CVE-2024-45338)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:1334",
"url": "https://access.redhat.com/errata/RHSA-2025:1334"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2312579",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312579"
},
{
"category": "external",
"summary": "2331720",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331720"
},
{
"category": "external",
"summary": "2333122",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2333122"
},
{
"category": "external",
"summary": "2335888",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2335888"
},
{
"category": "external",
"summary": "2335901",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2335901"
},
{
"category": "external",
"summary": "ROX-27932",
"url": "https://issues.redhat.com/browse/ROX-27932"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_1334.json"
}
],
"title": "Red Hat Security Advisory: ACS 4.5 enhancement and security update",
"tracking": {
"current_release_date": "2025-03-25T11:10:34+00:00",
"generator": {
"date": "2025-03-25T11:10:34+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.4.1"
}
},
"id": "RHSA-2025:1334",
"initial_release_date": "2025-02-11T21:20:30+00:00",
"revision_history": [
{
"date": "2025-02-11T21:20:30+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-02-11T21:20:30+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-03-25T11:10:34+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHACS 4.5 for RHEL 8",
"product": {
"name": "RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:advanced_cluster_security:4.5::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Advanced Cluster Security for Kubernetes"
},
{
"branches": [
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:d42f1ed5f7e32313c51f59b5e10d2bafba6c51c3f47a53cec92b3bfeefca9e3c_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:d42f1ed5f7e32313c51f59b5e10d2bafba6c51c3f47a53cec92b3bfeefca9e3c_ppc64le",
"product_id": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:d42f1ed5f7e32313c51f59b5e10d2bafba6c51c3f47a53cec92b3bfeefca9e3c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256:d42f1ed5f7e32313c51f59b5e10d2bafba6c51c3f47a53cec92b3bfeefca9e3c?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=4.5.6-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:4eb90f3bb36a84d01e963bddb088c1f29777ba14e3317c4007b2d373c24bc6b5_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:4eb90f3bb36a84d01e963bddb088c1f29777ba14e3317c4007b2d373c24bc6b5_ppc64le",
"product_id": "advanced-cluster-security/rhacs-collector-rhel8@sha256:4eb90f3bb36a84d01e963bddb088c1f29777ba14e3317c4007b2d373c24bc6b5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256:4eb90f3bb36a84d01e963bddb088c1f29777ba14e3317c4007b2d373c24bc6b5?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=4.5.6-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:f667a0644465523f295d7feae6f2e264e127e0e98cadd192519b8be9c4974b37_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:f667a0644465523f295d7feae6f2e264e127e0e98cadd192519b8be9c4974b37_ppc64le",
"product_id": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:f667a0644465523f295d7feae6f2e264e127e0e98cadd192519b8be9c4974b37_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-slim-rhel8@sha256:f667a0644465523f295d7feae6f2e264e127e0e98cadd192519b8be9c4974b37?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-slim-rhel8\u0026tag=4.5.6-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:19a9d111b5fb8fc6a01149c56bc4c131dfd418e2ca42f889078e9d015e1ef28b_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:19a9d111b5fb8fc6a01149c56bc4c131dfd418e2ca42f889078e9d015e1ef28b_ppc64le",
"product_id": "advanced-cluster-security/rhacs-main-rhel8@sha256:19a9d111b5fb8fc6a01149c56bc4c131dfd418e2ca42f889078e9d015e1ef28b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256:19a9d111b5fb8fc6a01149c56bc4c131dfd418e2ca42f889078e9d015e1ef28b?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=4.5.6-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:0af77978ee01c000b343197ae45812e3579f521d9a7301d7ae9eb25fb0357145_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:0af77978ee01c000b343197ae45812e3579f521d9a7301d7ae9eb25fb0357145_ppc64le",
"product_id": "advanced-cluster-security/rhacs-operator-bundle@sha256:0af77978ee01c000b343197ae45812e3579f521d9a7301d7ae9eb25fb0357145_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-operator-bundle@sha256:0af77978ee01c000b343197ae45812e3579f521d9a7301d7ae9eb25fb0357145?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle\u0026tag=4.5.6-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:c617fc54457d6fcbe4d2d93ae575ef714f2ba03b82a557adac71a6408a9a33c7_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:c617fc54457d6fcbe4d2d93ae575ef714f2ba03b82a557adac71a6408a9a33c7_ppc64le",
"product_id": "advanced-cluster-security/rhacs-rhel8-operator@sha256:c617fc54457d6fcbe4d2d93ae575ef714f2ba03b82a557adac71a6408a9a33c7_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256:c617fc54457d6fcbe4d2d93ae575ef714f2ba03b82a557adac71a6408a9a33c7?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=4.5.6-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f77d20eb21bb79808805804465d5e5cdf1f390aa8029a9bad597a0813ff0bf0d_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f77d20eb21bb79808805804465d5e5cdf1f390aa8029a9bad597a0813ff0bf0d_ppc64le",
"product_id": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f77d20eb21bb79808805804465d5e5cdf1f390aa8029a9bad597a0813ff0bf0d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256:f77d20eb21bb79808805804465d5e5cdf1f390aa8029a9bad597a0813ff0bf0d?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=4.5.6-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:aae8aa35d456489ab247e1143e61bce73d20a4eee5337345ac2957b1dd9d2a61_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:aae8aa35d456489ab247e1143e61bce73d20a4eee5337345ac2957b1dd9d2a61_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:aae8aa35d456489ab247e1143e61bce73d20a4eee5337345ac2957b1dd9d2a61_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256:aae8aa35d456489ab247e1143e61bce73d20a4eee5337345ac2957b1dd9d2a61?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=4.5.6-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:2e4d3444239d131b8e50e60ba8cef0ad270750a99958c246d3c9e1a446e710e3_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:2e4d3444239d131b8e50e60ba8cef0ad270750a99958c246d3c9e1a446e710e3_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:2e4d3444239d131b8e50e60ba8cef0ad270750a99958c246d3c9e1a446e710e3_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256:2e4d3444239d131b8e50e60ba8cef0ad270750a99958c246d3c9e1a446e710e3?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=4.5.6-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cb822f22db66571f9cbff1e0f26cb317946f43191da21e2723d8d56663278d80_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cb822f22db66571f9cbff1e0f26cb317946f43191da21e2723d8d56663278d80_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cb822f22db66571f9cbff1e0f26cb317946f43191da21e2723d8d56663278d80_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256:cb822f22db66571f9cbff1e0f26cb317946f43191da21e2723d8d56663278d80?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=4.5.6-1"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:ee19b41a12ead98be6d8bdedee09e50f9da66057f7de6f6bc0f11021d49a61d9_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:ee19b41a12ead98be6d8bdedee09e50f9da66057f7de6f6bc0f11021d49a61d9_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:ee19b41a12ead98be6d8bdedee09e50f9da66057f7de6f6bc0f11021d49a61d9_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256:ee19b41a12ead98be6d8bdedee09e50f9da66057f7de6f6bc0f11021d49a61d9?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=4.5.6-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cbb1e220e27abb38b72ed2dcb8832fd183d26a069df72ab56b57523d8076ae40_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cbb1e220e27abb38b72ed2dcb8832fd183d26a069df72ab56b57523d8076ae40_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cbb1e220e27abb38b72ed2dcb8832fd183d26a069df72ab56b57523d8076ae40_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256:cbb1e220e27abb38b72ed2dcb8832fd183d26a069df72ab56b57523d8076ae40?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8\u0026tag=4.5.6-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:de629de8581767a407bfe73eaafd17fedf353a09e8c0f0a18d81605098704af2_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:de629de8581767a407bfe73eaafd17fedf353a09e8c0f0a18d81605098704af2_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:de629de8581767a407bfe73eaafd17fedf353a09e8c0f0a18d81605098704af2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256:de629de8581767a407bfe73eaafd17fedf353a09e8c0f0a18d81605098704af2?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8\u0026tag=4.5.6-1"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:0ae5e45fe68d907fdfc1fdc9d4b040074acb8bc36cf979fe192451d48787707b_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:0ae5e45fe68d907fdfc1fdc9d4b040074acb8bc36cf979fe192451d48787707b_s390x",
"product_id": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:0ae5e45fe68d907fdfc1fdc9d4b040074acb8bc36cf979fe192451d48787707b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256:0ae5e45fe68d907fdfc1fdc9d4b040074acb8bc36cf979fe192451d48787707b?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=4.5.6-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:7f6314e00a332f7369908d6f64fed35ce21854ea7cb4e7f492da28fd4feb5256_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:7f6314e00a332f7369908d6f64fed35ce21854ea7cb4e7f492da28fd4feb5256_s390x",
"product_id": "advanced-cluster-security/rhacs-collector-rhel8@sha256:7f6314e00a332f7369908d6f64fed35ce21854ea7cb4e7f492da28fd4feb5256_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256:7f6314e00a332f7369908d6f64fed35ce21854ea7cb4e7f492da28fd4feb5256?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=4.5.6-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:0f2e0de230f704fd915e43aecfa5bb49bbba5ee814b32d606980403f21999dd6_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:0f2e0de230f704fd915e43aecfa5bb49bbba5ee814b32d606980403f21999dd6_s390x",
"product_id": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:0f2e0de230f704fd915e43aecfa5bb49bbba5ee814b32d606980403f21999dd6_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-slim-rhel8@sha256:0f2e0de230f704fd915e43aecfa5bb49bbba5ee814b32d606980403f21999dd6?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-slim-rhel8\u0026tag=4.5.6-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:a98ebdd3991efc207c83306020a4146da2bdc5678eb10efc52113093eb831915_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:a98ebdd3991efc207c83306020a4146da2bdc5678eb10efc52113093eb831915_s390x",
"product_id": "advanced-cluster-security/rhacs-main-rhel8@sha256:a98ebdd3991efc207c83306020a4146da2bdc5678eb10efc52113093eb831915_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256:a98ebdd3991efc207c83306020a4146da2bdc5678eb10efc52113093eb831915?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=4.5.6-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:68e30d15136c47a03a4736e4a8e569bf50593162996b04c76de89d9b541e4f52_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:68e30d15136c47a03a4736e4a8e569bf50593162996b04c76de89d9b541e4f52_s390x",
"product_id": "advanced-cluster-security/rhacs-operator-bundle@sha256:68e30d15136c47a03a4736e4a8e569bf50593162996b04c76de89d9b541e4f52_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-operator-bundle@sha256:68e30d15136c47a03a4736e4a8e569bf50593162996b04c76de89d9b541e4f52?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle\u0026tag=4.5.6-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:4eda1ddfd36a0a06750640c26a124a9c203bd578d8431145be35be435e0848e7_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:4eda1ddfd36a0a06750640c26a124a9c203bd578d8431145be35be435e0848e7_s390x",
"product_id": "advanced-cluster-security/rhacs-rhel8-operator@sha256:4eda1ddfd36a0a06750640c26a124a9c203bd578d8431145be35be435e0848e7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256:4eda1ddfd36a0a06750640c26a124a9c203bd578d8431145be35be435e0848e7?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=4.5.6-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9fa462358a39923f6306b016314cbe923dffa46e27b2b53a5a77934f416c840d_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9fa462358a39923f6306b016314cbe923dffa46e27b2b53a5a77934f416c840d_s390x",
"product_id": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9fa462358a39923f6306b016314cbe923dffa46e27b2b53a5a77934f416c840d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256:9fa462358a39923f6306b016314cbe923dffa46e27b2b53a5a77934f416c840d?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=4.5.6-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:da2af83d28dd25c8b2255d299155308c5d03aa2ff507695297090bbef8db2b1f_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:da2af83d28dd25c8b2255d299155308c5d03aa2ff507695297090bbef8db2b1f_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:da2af83d28dd25c8b2255d299155308c5d03aa2ff507695297090bbef8db2b1f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256:da2af83d28dd25c8b2255d299155308c5d03aa2ff507695297090bbef8db2b1f?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=4.5.6-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7a5735d8ea892ad522179d10d6c4701798baf1bdbc6ed4b4f555ef2a30738670_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7a5735d8ea892ad522179d10d6c4701798baf1bdbc6ed4b4f555ef2a30738670_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7a5735d8ea892ad522179d10d6c4701798baf1bdbc6ed4b4f555ef2a30738670_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256:7a5735d8ea892ad522179d10d6c4701798baf1bdbc6ed4b4f555ef2a30738670?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=4.5.6-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ad3bfe5d8946806355611ca93d5c7b4cb48e55d21f13131c43690452687f1d41_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ad3bfe5d8946806355611ca93d5c7b4cb48e55d21f13131c43690452687f1d41_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ad3bfe5d8946806355611ca93d5c7b4cb48e55d21f13131c43690452687f1d41_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256:ad3bfe5d8946806355611ca93d5c7b4cb48e55d21f13131c43690452687f1d41?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=4.5.6-1"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:68b336dc6aad04c2003762b310df258750d125e7e3d09743fbb3fb9570d885e7_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:68b336dc6aad04c2003762b310df258750d125e7e3d09743fbb3fb9570d885e7_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:68b336dc6aad04c2003762b310df258750d125e7e3d09743fbb3fb9570d885e7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256:68b336dc6aad04c2003762b310df258750d125e7e3d09743fbb3fb9570d885e7?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=4.5.6-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:dc546d7821c65e970d5b5f05fccb98eb220a0328ec5a3c806096113397798ad4_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:dc546d7821c65e970d5b5f05fccb98eb220a0328ec5a3c806096113397798ad4_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:dc546d7821c65e970d5b5f05fccb98eb220a0328ec5a3c806096113397798ad4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256:dc546d7821c65e970d5b5f05fccb98eb220a0328ec5a3c806096113397798ad4?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8\u0026tag=4.5.6-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9abbd37870679b1ece3da858f3bc9f107a43203ff43a4aafcb088d3e3803e678_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9abbd37870679b1ece3da858f3bc9f107a43203ff43a4aafcb088d3e3803e678_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9abbd37870679b1ece3da858f3bc9f107a43203ff43a4aafcb088d3e3803e678_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256:9abbd37870679b1ece3da858f3bc9f107a43203ff43a4aafcb088d3e3803e678?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8\u0026tag=4.5.6-1"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:3e77d381ec1ef080140b8f4d71e3dd078096abd9409a8dfc9ea2b8f38cc66d2b_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:3e77d381ec1ef080140b8f4d71e3dd078096abd9409a8dfc9ea2b8f38cc66d2b_amd64",
"product_id": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:3e77d381ec1ef080140b8f4d71e3dd078096abd9409a8dfc9ea2b8f38cc66d2b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256:3e77d381ec1ef080140b8f4d71e3dd078096abd9409a8dfc9ea2b8f38cc66d2b?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=4.5.6-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:13d2f304f1a54b5809649c3118177a310368490ed45af13b385b1bf648a11216_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:13d2f304f1a54b5809649c3118177a310368490ed45af13b385b1bf648a11216_amd64",
"product_id": "advanced-cluster-security/rhacs-collector-rhel8@sha256:13d2f304f1a54b5809649c3118177a310368490ed45af13b385b1bf648a11216_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256:13d2f304f1a54b5809649c3118177a310368490ed45af13b385b1bf648a11216?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=4.5.6-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:2f831bbdc78a748b9be5b92857ba4f66fd357436520c04fe279f6dc1c6139216_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:2f831bbdc78a748b9be5b92857ba4f66fd357436520c04fe279f6dc1c6139216_amd64",
"product_id": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:2f831bbdc78a748b9be5b92857ba4f66fd357436520c04fe279f6dc1c6139216_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-slim-rhel8@sha256:2f831bbdc78a748b9be5b92857ba4f66fd357436520c04fe279f6dc1c6139216?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-slim-rhel8\u0026tag=4.5.6-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:87639cf63f9a0aa09ea8aed99fe8625922e61bd3cae5bbd959e68a825072788c_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:87639cf63f9a0aa09ea8aed99fe8625922e61bd3cae5bbd959e68a825072788c_amd64",
"product_id": "advanced-cluster-security/rhacs-main-rhel8@sha256:87639cf63f9a0aa09ea8aed99fe8625922e61bd3cae5bbd959e68a825072788c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256:87639cf63f9a0aa09ea8aed99fe8625922e61bd3cae5bbd959e68a825072788c?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=4.5.6-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:56772b736bb1aec1b10d38d4c2b18bcde17b450b55f8c260ac38b23bd6c85b5c_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:56772b736bb1aec1b10d38d4c2b18bcde17b450b55f8c260ac38b23bd6c85b5c_amd64",
"product_id": "advanced-cluster-security/rhacs-operator-bundle@sha256:56772b736bb1aec1b10d38d4c2b18bcde17b450b55f8c260ac38b23bd6c85b5c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-operator-bundle@sha256:56772b736bb1aec1b10d38d4c2b18bcde17b450b55f8c260ac38b23bd6c85b5c?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle\u0026tag=4.5.6-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:257f2893d8e4600744a688fdc49499e70242cb4f93b862755b12b29fe83d44db_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:257f2893d8e4600744a688fdc49499e70242cb4f93b862755b12b29fe83d44db_amd64",
"product_id": "advanced-cluster-security/rhacs-rhel8-operator@sha256:257f2893d8e4600744a688fdc49499e70242cb4f93b862755b12b29fe83d44db_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256:257f2893d8e4600744a688fdc49499e70242cb4f93b862755b12b29fe83d44db?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=4.5.6-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f4f22880b6ea0e5b97dd19c311ec00bf650e670373e14aaa29690481503e2fda_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f4f22880b6ea0e5b97dd19c311ec00bf650e670373e14aaa29690481503e2fda_amd64",
"product_id": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f4f22880b6ea0e5b97dd19c311ec00bf650e670373e14aaa29690481503e2fda_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256:f4f22880b6ea0e5b97dd19c311ec00bf650e670373e14aaa29690481503e2fda?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=4.5.6-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:1bf7195f2709e56a3961e58aaf3199b7f696d6f973f98fc91c76153923e72cde_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:1bf7195f2709e56a3961e58aaf3199b7f696d6f973f98fc91c76153923e72cde_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:1bf7195f2709e56a3961e58aaf3199b7f696d6f973f98fc91c76153923e72cde_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256:1bf7195f2709e56a3961e58aaf3199b7f696d6f973f98fc91c76153923e72cde?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=4.5.6-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:36c603b86b770d2ff35a98665471e6441f51ea56ffb819c6ac3d530e86d1f6c9_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:36c603b86b770d2ff35a98665471e6441f51ea56ffb819c6ac3d530e86d1f6c9_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:36c603b86b770d2ff35a98665471e6441f51ea56ffb819c6ac3d530e86d1f6c9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256:36c603b86b770d2ff35a98665471e6441f51ea56ffb819c6ac3d530e86d1f6c9?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=4.5.6-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86e6f9339c16c873473c304220e2628593fe85c68ee9d8f7e68bda3db8106a9d_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86e6f9339c16c873473c304220e2628593fe85c68ee9d8f7e68bda3db8106a9d_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86e6f9339c16c873473c304220e2628593fe85c68ee9d8f7e68bda3db8106a9d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256:86e6f9339c16c873473c304220e2628593fe85c68ee9d8f7e68bda3db8106a9d?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=4.5.6-1"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d96c936f85a4d733c37f7da7b5dcde27bcad7a154abca48c3ee8f9b7baecc319_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d96c936f85a4d733c37f7da7b5dcde27bcad7a154abca48c3ee8f9b7baecc319_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d96c936f85a4d733c37f7da7b5dcde27bcad7a154abca48c3ee8f9b7baecc319_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256:d96c936f85a4d733c37f7da7b5dcde27bcad7a154abca48c3ee8f9b7baecc319?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=4.5.6-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c153ef8bc0473cb3f5f6498c14609c8bddfc5c0fed33442144c79f5d42be190e_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c153ef8bc0473cb3f5f6498c14609c8bddfc5c0fed33442144c79f5d42be190e_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c153ef8bc0473cb3f5f6498c14609c8bddfc5c0fed33442144c79f5d42be190e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256:c153ef8bc0473cb3f5f6498c14609c8bddfc5c0fed33442144c79f5d42be190e?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8\u0026tag=4.5.6-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b922026dc0b8dc7247ab27ffd8215bf2e958db753355871158ef4e0d5d2df33f_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b922026dc0b8dc7247ab27ffd8215bf2e958db753355871158ef4e0d5d2df33f_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b922026dc0b8dc7247ab27ffd8215bf2e958db753355871158ef4e0d5d2df33f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256:b922026dc0b8dc7247ab27ffd8215bf2e958db753355871158ef4e0d5d2df33f?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8\u0026tag=4.5.6-1"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:0ae5e45fe68d907fdfc1fdc9d4b040074acb8bc36cf979fe192451d48787707b_s390x as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:0ae5e45fe68d907fdfc1fdc9d4b040074acb8bc36cf979fe192451d48787707b_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:0ae5e45fe68d907fdfc1fdc9d4b040074acb8bc36cf979fe192451d48787707b_s390x",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:3e77d381ec1ef080140b8f4d71e3dd078096abd9409a8dfc9ea2b8f38cc66d2b_amd64 as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:3e77d381ec1ef080140b8f4d71e3dd078096abd9409a8dfc9ea2b8f38cc66d2b_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:3e77d381ec1ef080140b8f4d71e3dd078096abd9409a8dfc9ea2b8f38cc66d2b_amd64",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:d42f1ed5f7e32313c51f59b5e10d2bafba6c51c3f47a53cec92b3bfeefca9e3c_ppc64le as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:d42f1ed5f7e32313c51f59b5e10d2bafba6c51c3f47a53cec92b3bfeefca9e3c_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:d42f1ed5f7e32313c51f59b5e10d2bafba6c51c3f47a53cec92b3bfeefca9e3c_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:13d2f304f1a54b5809649c3118177a310368490ed45af13b385b1bf648a11216_amd64 as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:13d2f304f1a54b5809649c3118177a310368490ed45af13b385b1bf648a11216_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-collector-rhel8@sha256:13d2f304f1a54b5809649c3118177a310368490ed45af13b385b1bf648a11216_amd64",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:4eb90f3bb36a84d01e963bddb088c1f29777ba14e3317c4007b2d373c24bc6b5_ppc64le as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:4eb90f3bb36a84d01e963bddb088c1f29777ba14e3317c4007b2d373c24bc6b5_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-collector-rhel8@sha256:4eb90f3bb36a84d01e963bddb088c1f29777ba14e3317c4007b2d373c24bc6b5_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:7f6314e00a332f7369908d6f64fed35ce21854ea7cb4e7f492da28fd4feb5256_s390x as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:7f6314e00a332f7369908d6f64fed35ce21854ea7cb4e7f492da28fd4feb5256_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-collector-rhel8@sha256:7f6314e00a332f7369908d6f64fed35ce21854ea7cb4e7f492da28fd4feb5256_s390x",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:0f2e0de230f704fd915e43aecfa5bb49bbba5ee814b32d606980403f21999dd6_s390x as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:0f2e0de230f704fd915e43aecfa5bb49bbba5ee814b32d606980403f21999dd6_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:0f2e0de230f704fd915e43aecfa5bb49bbba5ee814b32d606980403f21999dd6_s390x",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:2f831bbdc78a748b9be5b92857ba4f66fd357436520c04fe279f6dc1c6139216_amd64 as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:2f831bbdc78a748b9be5b92857ba4f66fd357436520c04fe279f6dc1c6139216_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:2f831bbdc78a748b9be5b92857ba4f66fd357436520c04fe279f6dc1c6139216_amd64",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:f667a0644465523f295d7feae6f2e264e127e0e98cadd192519b8be9c4974b37_ppc64le as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:f667a0644465523f295d7feae6f2e264e127e0e98cadd192519b8be9c4974b37_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:f667a0644465523f295d7feae6f2e264e127e0e98cadd192519b8be9c4974b37_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:19a9d111b5fb8fc6a01149c56bc4c131dfd418e2ca42f889078e9d015e1ef28b_ppc64le as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:19a9d111b5fb8fc6a01149c56bc4c131dfd418e2ca42f889078e9d015e1ef28b_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-main-rhel8@sha256:19a9d111b5fb8fc6a01149c56bc4c131dfd418e2ca42f889078e9d015e1ef28b_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:87639cf63f9a0aa09ea8aed99fe8625922e61bd3cae5bbd959e68a825072788c_amd64 as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:87639cf63f9a0aa09ea8aed99fe8625922e61bd3cae5bbd959e68a825072788c_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-main-rhel8@sha256:87639cf63f9a0aa09ea8aed99fe8625922e61bd3cae5bbd959e68a825072788c_amd64",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:a98ebdd3991efc207c83306020a4146da2bdc5678eb10efc52113093eb831915_s390x as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:a98ebdd3991efc207c83306020a4146da2bdc5678eb10efc52113093eb831915_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-main-rhel8@sha256:a98ebdd3991efc207c83306020a4146da2bdc5678eb10efc52113093eb831915_s390x",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:0af77978ee01c000b343197ae45812e3579f521d9a7301d7ae9eb25fb0357145_ppc64le as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:0af77978ee01c000b343197ae45812e3579f521d9a7301d7ae9eb25fb0357145_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-operator-bundle@sha256:0af77978ee01c000b343197ae45812e3579f521d9a7301d7ae9eb25fb0357145_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:56772b736bb1aec1b10d38d4c2b18bcde17b450b55f8c260ac38b23bd6c85b5c_amd64 as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:56772b736bb1aec1b10d38d4c2b18bcde17b450b55f8c260ac38b23bd6c85b5c_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-operator-bundle@sha256:56772b736bb1aec1b10d38d4c2b18bcde17b450b55f8c260ac38b23bd6c85b5c_amd64",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:68e30d15136c47a03a4736e4a8e569bf50593162996b04c76de89d9b541e4f52_s390x as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:68e30d15136c47a03a4736e4a8e569bf50593162996b04c76de89d9b541e4f52_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-operator-bundle@sha256:68e30d15136c47a03a4736e4a8e569bf50593162996b04c76de89d9b541e4f52_s390x",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:257f2893d8e4600744a688fdc49499e70242cb4f93b862755b12b29fe83d44db_amd64 as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:257f2893d8e4600744a688fdc49499e70242cb4f93b862755b12b29fe83d44db_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-rhel8-operator@sha256:257f2893d8e4600744a688fdc49499e70242cb4f93b862755b12b29fe83d44db_amd64",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:4eda1ddfd36a0a06750640c26a124a9c203bd578d8431145be35be435e0848e7_s390x as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:4eda1ddfd36a0a06750640c26a124a9c203bd578d8431145be35be435e0848e7_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-rhel8-operator@sha256:4eda1ddfd36a0a06750640c26a124a9c203bd578d8431145be35be435e0848e7_s390x",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:c617fc54457d6fcbe4d2d93ae575ef714f2ba03b82a557adac71a6408a9a33c7_ppc64le as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:c617fc54457d6fcbe4d2d93ae575ef714f2ba03b82a557adac71a6408a9a33c7_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-rhel8-operator@sha256:c617fc54457d6fcbe4d2d93ae575ef714f2ba03b82a557adac71a6408a9a33c7_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9fa462358a39923f6306b016314cbe923dffa46e27b2b53a5a77934f416c840d_s390x as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9fa462358a39923f6306b016314cbe923dffa46e27b2b53a5a77934f416c840d_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9fa462358a39923f6306b016314cbe923dffa46e27b2b53a5a77934f416c840d_s390x",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f4f22880b6ea0e5b97dd19c311ec00bf650e670373e14aaa29690481503e2fda_amd64 as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f4f22880b6ea0e5b97dd19c311ec00bf650e670373e14aaa29690481503e2fda_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f4f22880b6ea0e5b97dd19c311ec00bf650e670373e14aaa29690481503e2fda_amd64",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f77d20eb21bb79808805804465d5e5cdf1f390aa8029a9bad597a0813ff0bf0d_ppc64le as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f77d20eb21bb79808805804465d5e5cdf1f390aa8029a9bad597a0813ff0bf0d_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f77d20eb21bb79808805804465d5e5cdf1f390aa8029a9bad597a0813ff0bf0d_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:2e4d3444239d131b8e50e60ba8cef0ad270750a99958c246d3c9e1a446e710e3_ppc64le as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:2e4d3444239d131b8e50e60ba8cef0ad270750a99958c246d3c9e1a446e710e3_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:2e4d3444239d131b8e50e60ba8cef0ad270750a99958c246d3c9e1a446e710e3_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:36c603b86b770d2ff35a98665471e6441f51ea56ffb819c6ac3d530e86d1f6c9_amd64 as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:36c603b86b770d2ff35a98665471e6441f51ea56ffb819c6ac3d530e86d1f6c9_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:36c603b86b770d2ff35a98665471e6441f51ea56ffb819c6ac3d530e86d1f6c9_amd64",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7a5735d8ea892ad522179d10d6c4701798baf1bdbc6ed4b4f555ef2a30738670_s390x as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7a5735d8ea892ad522179d10d6c4701798baf1bdbc6ed4b4f555ef2a30738670_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7a5735d8ea892ad522179d10d6c4701798baf1bdbc6ed4b4f555ef2a30738670_s390x",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86e6f9339c16c873473c304220e2628593fe85c68ee9d8f7e68bda3db8106a9d_amd64 as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86e6f9339c16c873473c304220e2628593fe85c68ee9d8f7e68bda3db8106a9d_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86e6f9339c16c873473c304220e2628593fe85c68ee9d8f7e68bda3db8106a9d_amd64",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ad3bfe5d8946806355611ca93d5c7b4cb48e55d21f13131c43690452687f1d41_s390x as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ad3bfe5d8946806355611ca93d5c7b4cb48e55d21f13131c43690452687f1d41_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ad3bfe5d8946806355611ca93d5c7b4cb48e55d21f13131c43690452687f1d41_s390x",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cb822f22db66571f9cbff1e0f26cb317946f43191da21e2723d8d56663278d80_ppc64le as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cb822f22db66571f9cbff1e0f26cb317946f43191da21e2723d8d56663278d80_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cb822f22db66571f9cbff1e0f26cb317946f43191da21e2723d8d56663278d80_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:1bf7195f2709e56a3961e58aaf3199b7f696d6f973f98fc91c76153923e72cde_amd64 as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:1bf7195f2709e56a3961e58aaf3199b7f696d6f973f98fc91c76153923e72cde_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:1bf7195f2709e56a3961e58aaf3199b7f696d6f973f98fc91c76153923e72cde_amd64",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:aae8aa35d456489ab247e1143e61bce73d20a4eee5337345ac2957b1dd9d2a61_ppc64le as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:aae8aa35d456489ab247e1143e61bce73d20a4eee5337345ac2957b1dd9d2a61_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:aae8aa35d456489ab247e1143e61bce73d20a4eee5337345ac2957b1dd9d2a61_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:da2af83d28dd25c8b2255d299155308c5d03aa2ff507695297090bbef8db2b1f_s390x as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:da2af83d28dd25c8b2255d299155308c5d03aa2ff507695297090bbef8db2b1f_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:da2af83d28dd25c8b2255d299155308c5d03aa2ff507695297090bbef8db2b1f_s390x",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:68b336dc6aad04c2003762b310df258750d125e7e3d09743fbb3fb9570d885e7_s390x as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:68b336dc6aad04c2003762b310df258750d125e7e3d09743fbb3fb9570d885e7_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:68b336dc6aad04c2003762b310df258750d125e7e3d09743fbb3fb9570d885e7_s390x",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d96c936f85a4d733c37f7da7b5dcde27bcad7a154abca48c3ee8f9b7baecc319_amd64 as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d96c936f85a4d733c37f7da7b5dcde27bcad7a154abca48c3ee8f9b7baecc319_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d96c936f85a4d733c37f7da7b5dcde27bcad7a154abca48c3ee8f9b7baecc319_amd64",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:ee19b41a12ead98be6d8bdedee09e50f9da66057f7de6f6bc0f11021d49a61d9_ppc64le as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:ee19b41a12ead98be6d8bdedee09e50f9da66057f7de6f6bc0f11021d49a61d9_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:ee19b41a12ead98be6d8bdedee09e50f9da66057f7de6f6bc0f11021d49a61d9_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9abbd37870679b1ece3da858f3bc9f107a43203ff43a4aafcb088d3e3803e678_s390x as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9abbd37870679b1ece3da858f3bc9f107a43203ff43a4aafcb088d3e3803e678_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9abbd37870679b1ece3da858f3bc9f107a43203ff43a4aafcb088d3e3803e678_s390x",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b922026dc0b8dc7247ab27ffd8215bf2e958db753355871158ef4e0d5d2df33f_amd64 as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b922026dc0b8dc7247ab27ffd8215bf2e958db753355871158ef4e0d5d2df33f_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b922026dc0b8dc7247ab27ffd8215bf2e958db753355871158ef4e0d5d2df33f_amd64",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:de629de8581767a407bfe73eaafd17fedf353a09e8c0f0a18d81605098704af2_ppc64le as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:de629de8581767a407bfe73eaafd17fedf353a09e8c0f0a18d81605098704af2_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:de629de8581767a407bfe73eaafd17fedf353a09e8c0f0a18d81605098704af2_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c153ef8bc0473cb3f5f6498c14609c8bddfc5c0fed33442144c79f5d42be190e_amd64 as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c153ef8bc0473cb3f5f6498c14609c8bddfc5c0fed33442144c79f5d42be190e_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c153ef8bc0473cb3f5f6498c14609c8bddfc5c0fed33442144c79f5d42be190e_amd64",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cbb1e220e27abb38b72ed2dcb8832fd183d26a069df72ab56b57523d8076ae40_ppc64le as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cbb1e220e27abb38b72ed2dcb8832fd183d26a069df72ab56b57523d8076ae40_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cbb1e220e27abb38b72ed2dcb8832fd183d26a069df72ab56b57523d8076ae40_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:dc546d7821c65e970d5b5f05fccb98eb220a0328ec5a3c806096113397798ad4_s390x as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:dc546d7821c65e970d5b5f05fccb98eb220a0328ec5a3c806096113397798ad4_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:dc546d7821c65e970d5b5f05fccb98eb220a0328ec5a3c806096113397798ad4_s390x",
"relates_to_product_reference": "8Base-RHACS-4.5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-11831",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-09-16T16:43:32.021000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:0ae5e45fe68d907fdfc1fdc9d4b040074acb8bc36cf979fe192451d48787707b_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:3e77d381ec1ef080140b8f4d71e3dd078096abd9409a8dfc9ea2b8f38cc66d2b_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:d42f1ed5f7e32313c51f59b5e10d2bafba6c51c3f47a53cec92b3bfeefca9e3c_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:13d2f304f1a54b5809649c3118177a310368490ed45af13b385b1bf648a11216_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:4eb90f3bb36a84d01e963bddb088c1f29777ba14e3317c4007b2d373c24bc6b5_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:7f6314e00a332f7369908d6f64fed35ce21854ea7cb4e7f492da28fd4feb5256_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:0f2e0de230f704fd915e43aecfa5bb49bbba5ee814b32d606980403f21999dd6_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:2f831bbdc78a748b9be5b92857ba4f66fd357436520c04fe279f6dc1c6139216_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:f667a0644465523f295d7feae6f2e264e127e0e98cadd192519b8be9c4974b37_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:0af77978ee01c000b343197ae45812e3579f521d9a7301d7ae9eb25fb0357145_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:56772b736bb1aec1b10d38d4c2b18bcde17b450b55f8c260ac38b23bd6c85b5c_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:68e30d15136c47a03a4736e4a8e569bf50593162996b04c76de89d9b541e4f52_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:257f2893d8e4600744a688fdc49499e70242cb4f93b862755b12b29fe83d44db_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:4eda1ddfd36a0a06750640c26a124a9c203bd578d8431145be35be435e0848e7_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:c617fc54457d6fcbe4d2d93ae575ef714f2ba03b82a557adac71a6408a9a33c7_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9fa462358a39923f6306b016314cbe923dffa46e27b2b53a5a77934f416c840d_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f4f22880b6ea0e5b97dd19c311ec00bf650e670373e14aaa29690481503e2fda_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f77d20eb21bb79808805804465d5e5cdf1f390aa8029a9bad597a0813ff0bf0d_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:2e4d3444239d131b8e50e60ba8cef0ad270750a99958c246d3c9e1a446e710e3_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:36c603b86b770d2ff35a98665471e6441f51ea56ffb819c6ac3d530e86d1f6c9_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7a5735d8ea892ad522179d10d6c4701798baf1bdbc6ed4b4f555ef2a30738670_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86e6f9339c16c873473c304220e2628593fe85c68ee9d8f7e68bda3db8106a9d_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ad3bfe5d8946806355611ca93d5c7b4cb48e55d21f13131c43690452687f1d41_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cb822f22db66571f9cbff1e0f26cb317946f43191da21e2723d8d56663278d80_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:1bf7195f2709e56a3961e58aaf3199b7f696d6f973f98fc91c76153923e72cde_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:aae8aa35d456489ab247e1143e61bce73d20a4eee5337345ac2957b1dd9d2a61_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:da2af83d28dd25c8b2255d299155308c5d03aa2ff507695297090bbef8db2b1f_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:68b336dc6aad04c2003762b310df258750d125e7e3d09743fbb3fb9570d885e7_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d96c936f85a4d733c37f7da7b5dcde27bcad7a154abca48c3ee8f9b7baecc319_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:ee19b41a12ead98be6d8bdedee09e50f9da66057f7de6f6bc0f11021d49a61d9_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9abbd37870679b1ece3da858f3bc9f107a43203ff43a4aafcb088d3e3803e678_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b922026dc0b8dc7247ab27ffd8215bf2e958db753355871158ef4e0d5d2df33f_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:de629de8581767a407bfe73eaafd17fedf353a09e8c0f0a18d81605098704af2_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c153ef8bc0473cb3f5f6498c14609c8bddfc5c0fed33442144c79f5d42be190e_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cbb1e220e27abb38b72ed2dcb8832fd183d26a069df72ab56b57523d8076ae40_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:dc546d7821c65e970d5b5f05fccb98eb220a0328ec5a3c806096113397798ad4_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2312579"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in npm-serialize-javascript. The vulnerability occurs because the serialize-javascript module does not properly sanitize certain inputs, such as regex or other JavaScript object types, allowing an attacker to inject malicious code. This code could be executed when deserialized by a web browser, causing Cross-site scripting (XSS) attacks. This issue is critical in environments where serialized data is sent to web clients, potentially compromising the security of the website or web application using this package.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "npm-serialize-javascript: Cross-site Scripting (XSS) in serialize-javascript",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:19a9d111b5fb8fc6a01149c56bc4c131dfd418e2ca42f889078e9d015e1ef28b_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:87639cf63f9a0aa09ea8aed99fe8625922e61bd3cae5bbd959e68a825072788c_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:a98ebdd3991efc207c83306020a4146da2bdc5678eb10efc52113093eb831915_s390x"
],
"known_not_affected": [
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:0ae5e45fe68d907fdfc1fdc9d4b040074acb8bc36cf979fe192451d48787707b_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:3e77d381ec1ef080140b8f4d71e3dd078096abd9409a8dfc9ea2b8f38cc66d2b_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:d42f1ed5f7e32313c51f59b5e10d2bafba6c51c3f47a53cec92b3bfeefca9e3c_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:13d2f304f1a54b5809649c3118177a310368490ed45af13b385b1bf648a11216_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:4eb90f3bb36a84d01e963bddb088c1f29777ba14e3317c4007b2d373c24bc6b5_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:7f6314e00a332f7369908d6f64fed35ce21854ea7cb4e7f492da28fd4feb5256_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:0f2e0de230f704fd915e43aecfa5bb49bbba5ee814b32d606980403f21999dd6_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:2f831bbdc78a748b9be5b92857ba4f66fd357436520c04fe279f6dc1c6139216_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:f667a0644465523f295d7feae6f2e264e127e0e98cadd192519b8be9c4974b37_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:0af77978ee01c000b343197ae45812e3579f521d9a7301d7ae9eb25fb0357145_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:56772b736bb1aec1b10d38d4c2b18bcde17b450b55f8c260ac38b23bd6c85b5c_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:68e30d15136c47a03a4736e4a8e569bf50593162996b04c76de89d9b541e4f52_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:257f2893d8e4600744a688fdc49499e70242cb4f93b862755b12b29fe83d44db_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:4eda1ddfd36a0a06750640c26a124a9c203bd578d8431145be35be435e0848e7_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:c617fc54457d6fcbe4d2d93ae575ef714f2ba03b82a557adac71a6408a9a33c7_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9fa462358a39923f6306b016314cbe923dffa46e27b2b53a5a77934f416c840d_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f4f22880b6ea0e5b97dd19c311ec00bf650e670373e14aaa29690481503e2fda_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f77d20eb21bb79808805804465d5e5cdf1f390aa8029a9bad597a0813ff0bf0d_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:2e4d3444239d131b8e50e60ba8cef0ad270750a99958c246d3c9e1a446e710e3_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:36c603b86b770d2ff35a98665471e6441f51ea56ffb819c6ac3d530e86d1f6c9_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7a5735d8ea892ad522179d10d6c4701798baf1bdbc6ed4b4f555ef2a30738670_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86e6f9339c16c873473c304220e2628593fe85c68ee9d8f7e68bda3db8106a9d_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ad3bfe5d8946806355611ca93d5c7b4cb48e55d21f13131c43690452687f1d41_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cb822f22db66571f9cbff1e0f26cb317946f43191da21e2723d8d56663278d80_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:1bf7195f2709e56a3961e58aaf3199b7f696d6f973f98fc91c76153923e72cde_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:aae8aa35d456489ab247e1143e61bce73d20a4eee5337345ac2957b1dd9d2a61_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:da2af83d28dd25c8b2255d299155308c5d03aa2ff507695297090bbef8db2b1f_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:68b336dc6aad04c2003762b310df258750d125e7e3d09743fbb3fb9570d885e7_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d96c936f85a4d733c37f7da7b5dcde27bcad7a154abca48c3ee8f9b7baecc319_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:ee19b41a12ead98be6d8bdedee09e50f9da66057f7de6f6bc0f11021d49a61d9_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9abbd37870679b1ece3da858f3bc9f107a43203ff43a4aafcb088d3e3803e678_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b922026dc0b8dc7247ab27ffd8215bf2e958db753355871158ef4e0d5d2df33f_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:de629de8581767a407bfe73eaafd17fedf353a09e8c0f0a18d81605098704af2_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c153ef8bc0473cb3f5f6498c14609c8bddfc5c0fed33442144c79f5d42be190e_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cbb1e220e27abb38b72ed2dcb8832fd183d26a069df72ab56b57523d8076ae40_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:dc546d7821c65e970d5b5f05fccb98eb220a0328ec5a3c806096113397798ad4_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-11831"
},
{
"category": "external",
"summary": "RHBZ#2312579",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312579"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-11831",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11831"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-11831",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-11831"
},
{
"category": "external",
"summary": "https://github.com/yahoo/serialize-javascript/commit/f27d65d3de42affe2aac14607066c293891cec4e",
"url": "https://github.com/yahoo/serialize-javascript/commit/f27d65d3de42affe2aac14607066c293891cec4e"
},
{
"category": "external",
"summary": "https://github.com/yahoo/serialize-javascript/pull/173",
"url": "https://github.com/yahoo/serialize-javascript/pull/173"
}
],
"release_date": "2024-09-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-02-11T21:20:30+00:00",
"details": "If you are using an earlier version of RHACS 4.5, you are advised to upgrade to this patch release 4.5.6.",
"product_ids": [
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:19a9d111b5fb8fc6a01149c56bc4c131dfd418e2ca42f889078e9d015e1ef28b_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:87639cf63f9a0aa09ea8aed99fe8625922e61bd3cae5bbd959e68a825072788c_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:a98ebdd3991efc207c83306020a4146da2bdc5678eb10efc52113093eb831915_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:1334"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:0ae5e45fe68d907fdfc1fdc9d4b040074acb8bc36cf979fe192451d48787707b_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:3e77d381ec1ef080140b8f4d71e3dd078096abd9409a8dfc9ea2b8f38cc66d2b_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:d42f1ed5f7e32313c51f59b5e10d2bafba6c51c3f47a53cec92b3bfeefca9e3c_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:13d2f304f1a54b5809649c3118177a310368490ed45af13b385b1bf648a11216_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:4eb90f3bb36a84d01e963bddb088c1f29777ba14e3317c4007b2d373c24bc6b5_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:7f6314e00a332f7369908d6f64fed35ce21854ea7cb4e7f492da28fd4feb5256_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:0f2e0de230f704fd915e43aecfa5bb49bbba5ee814b32d606980403f21999dd6_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:2f831bbdc78a748b9be5b92857ba4f66fd357436520c04fe279f6dc1c6139216_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:f667a0644465523f295d7feae6f2e264e127e0e98cadd192519b8be9c4974b37_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:19a9d111b5fb8fc6a01149c56bc4c131dfd418e2ca42f889078e9d015e1ef28b_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:87639cf63f9a0aa09ea8aed99fe8625922e61bd3cae5bbd959e68a825072788c_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:a98ebdd3991efc207c83306020a4146da2bdc5678eb10efc52113093eb831915_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:0af77978ee01c000b343197ae45812e3579f521d9a7301d7ae9eb25fb0357145_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:56772b736bb1aec1b10d38d4c2b18bcde17b450b55f8c260ac38b23bd6c85b5c_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:68e30d15136c47a03a4736e4a8e569bf50593162996b04c76de89d9b541e4f52_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:257f2893d8e4600744a688fdc49499e70242cb4f93b862755b12b29fe83d44db_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:4eda1ddfd36a0a06750640c26a124a9c203bd578d8431145be35be435e0848e7_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:c617fc54457d6fcbe4d2d93ae575ef714f2ba03b82a557adac71a6408a9a33c7_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9fa462358a39923f6306b016314cbe923dffa46e27b2b53a5a77934f416c840d_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f4f22880b6ea0e5b97dd19c311ec00bf650e670373e14aaa29690481503e2fda_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f77d20eb21bb79808805804465d5e5cdf1f390aa8029a9bad597a0813ff0bf0d_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:2e4d3444239d131b8e50e60ba8cef0ad270750a99958c246d3c9e1a446e710e3_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:36c603b86b770d2ff35a98665471e6441f51ea56ffb819c6ac3d530e86d1f6c9_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7a5735d8ea892ad522179d10d6c4701798baf1bdbc6ed4b4f555ef2a30738670_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86e6f9339c16c873473c304220e2628593fe85c68ee9d8f7e68bda3db8106a9d_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ad3bfe5d8946806355611ca93d5c7b4cb48e55d21f13131c43690452687f1d41_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cb822f22db66571f9cbff1e0f26cb317946f43191da21e2723d8d56663278d80_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:1bf7195f2709e56a3961e58aaf3199b7f696d6f973f98fc91c76153923e72cde_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:aae8aa35d456489ab247e1143e61bce73d20a4eee5337345ac2957b1dd9d2a61_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:da2af83d28dd25c8b2255d299155308c5d03aa2ff507695297090bbef8db2b1f_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:68b336dc6aad04c2003762b310df258750d125e7e3d09743fbb3fb9570d885e7_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d96c936f85a4d733c37f7da7b5dcde27bcad7a154abca48c3ee8f9b7baecc319_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:ee19b41a12ead98be6d8bdedee09e50f9da66057f7de6f6bc0f11021d49a61d9_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9abbd37870679b1ece3da858f3bc9f107a43203ff43a4aafcb088d3e3803e678_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b922026dc0b8dc7247ab27ffd8215bf2e958db753355871158ef4e0d5d2df33f_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:de629de8581767a407bfe73eaafd17fedf353a09e8c0f0a18d81605098704af2_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c153ef8bc0473cb3f5f6498c14609c8bddfc5c0fed33442144c79f5d42be190e_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cbb1e220e27abb38b72ed2dcb8832fd183d26a069df72ab56b57523d8076ae40_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:dc546d7821c65e970d5b5f05fccb98eb220a0328ec5a3c806096113397798ad4_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:0ae5e45fe68d907fdfc1fdc9d4b040074acb8bc36cf979fe192451d48787707b_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:3e77d381ec1ef080140b8f4d71e3dd078096abd9409a8dfc9ea2b8f38cc66d2b_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:d42f1ed5f7e32313c51f59b5e10d2bafba6c51c3f47a53cec92b3bfeefca9e3c_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:13d2f304f1a54b5809649c3118177a310368490ed45af13b385b1bf648a11216_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:4eb90f3bb36a84d01e963bddb088c1f29777ba14e3317c4007b2d373c24bc6b5_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:7f6314e00a332f7369908d6f64fed35ce21854ea7cb4e7f492da28fd4feb5256_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:0f2e0de230f704fd915e43aecfa5bb49bbba5ee814b32d606980403f21999dd6_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:2f831bbdc78a748b9be5b92857ba4f66fd357436520c04fe279f6dc1c6139216_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:f667a0644465523f295d7feae6f2e264e127e0e98cadd192519b8be9c4974b37_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:19a9d111b5fb8fc6a01149c56bc4c131dfd418e2ca42f889078e9d015e1ef28b_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:87639cf63f9a0aa09ea8aed99fe8625922e61bd3cae5bbd959e68a825072788c_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:a98ebdd3991efc207c83306020a4146da2bdc5678eb10efc52113093eb831915_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:0af77978ee01c000b343197ae45812e3579f521d9a7301d7ae9eb25fb0357145_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:56772b736bb1aec1b10d38d4c2b18bcde17b450b55f8c260ac38b23bd6c85b5c_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:68e30d15136c47a03a4736e4a8e569bf50593162996b04c76de89d9b541e4f52_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:257f2893d8e4600744a688fdc49499e70242cb4f93b862755b12b29fe83d44db_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:4eda1ddfd36a0a06750640c26a124a9c203bd578d8431145be35be435e0848e7_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:c617fc54457d6fcbe4d2d93ae575ef714f2ba03b82a557adac71a6408a9a33c7_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9fa462358a39923f6306b016314cbe923dffa46e27b2b53a5a77934f416c840d_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f4f22880b6ea0e5b97dd19c311ec00bf650e670373e14aaa29690481503e2fda_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f77d20eb21bb79808805804465d5e5cdf1f390aa8029a9bad597a0813ff0bf0d_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:2e4d3444239d131b8e50e60ba8cef0ad270750a99958c246d3c9e1a446e710e3_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:36c603b86b770d2ff35a98665471e6441f51ea56ffb819c6ac3d530e86d1f6c9_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7a5735d8ea892ad522179d10d6c4701798baf1bdbc6ed4b4f555ef2a30738670_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86e6f9339c16c873473c304220e2628593fe85c68ee9d8f7e68bda3db8106a9d_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ad3bfe5d8946806355611ca93d5c7b4cb48e55d21f13131c43690452687f1d41_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cb822f22db66571f9cbff1e0f26cb317946f43191da21e2723d8d56663278d80_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:1bf7195f2709e56a3961e58aaf3199b7f696d6f973f98fc91c76153923e72cde_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:aae8aa35d456489ab247e1143e61bce73d20a4eee5337345ac2957b1dd9d2a61_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:da2af83d28dd25c8b2255d299155308c5d03aa2ff507695297090bbef8db2b1f_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:68b336dc6aad04c2003762b310df258750d125e7e3d09743fbb3fb9570d885e7_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d96c936f85a4d733c37f7da7b5dcde27bcad7a154abca48c3ee8f9b7baecc319_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:ee19b41a12ead98be6d8bdedee09e50f9da66057f7de6f6bc0f11021d49a61d9_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9abbd37870679b1ece3da858f3bc9f107a43203ff43a4aafcb088d3e3803e678_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b922026dc0b8dc7247ab27ffd8215bf2e958db753355871158ef4e0d5d2df33f_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:de629de8581767a407bfe73eaafd17fedf353a09e8c0f0a18d81605098704af2_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c153ef8bc0473cb3f5f6498c14609c8bddfc5c0fed33442144c79f5d42be190e_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cbb1e220e27abb38b72ed2dcb8832fd183d26a069df72ab56b57523d8076ae40_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:dc546d7821c65e970d5b5f05fccb98eb220a0328ec5a3c806096113397798ad4_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "npm-serialize-javascript: Cross-site Scripting (XSS) in serialize-javascript"
},
{
"cve": "CVE-2024-45337",
"cwe": {
"id": "CWE-285",
"name": "Improper Authorization"
},
"discovery_date": "2024-12-11T19:00:54.247490+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:13d2f304f1a54b5809649c3118177a310368490ed45af13b385b1bf648a11216_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:4eb90f3bb36a84d01e963bddb088c1f29777ba14e3317c4007b2d373c24bc6b5_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:7f6314e00a332f7369908d6f64fed35ce21854ea7cb4e7f492da28fd4feb5256_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:0f2e0de230f704fd915e43aecfa5bb49bbba5ee814b32d606980403f21999dd6_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:2f831bbdc78a748b9be5b92857ba4f66fd357436520c04fe279f6dc1c6139216_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:f667a0644465523f295d7feae6f2e264e127e0e98cadd192519b8be9c4974b37_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:0af77978ee01c000b343197ae45812e3579f521d9a7301d7ae9eb25fb0357145_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:56772b736bb1aec1b10d38d4c2b18bcde17b450b55f8c260ac38b23bd6c85b5c_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:68e30d15136c47a03a4736e4a8e569bf50593162996b04c76de89d9b541e4f52_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:2e4d3444239d131b8e50e60ba8cef0ad270750a99958c246d3c9e1a446e710e3_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:36c603b86b770d2ff35a98665471e6441f51ea56ffb819c6ac3d530e86d1f6c9_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7a5735d8ea892ad522179d10d6c4701798baf1bdbc6ed4b4f555ef2a30738670_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86e6f9339c16c873473c304220e2628593fe85c68ee9d8f7e68bda3db8106a9d_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ad3bfe5d8946806355611ca93d5c7b4cb48e55d21f13131c43690452687f1d41_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cb822f22db66571f9cbff1e0f26cb317946f43191da21e2723d8d56663278d80_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:1bf7195f2709e56a3961e58aaf3199b7f696d6f973f98fc91c76153923e72cde_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:aae8aa35d456489ab247e1143e61bce73d20a4eee5337345ac2957b1dd9d2a61_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:da2af83d28dd25c8b2255d299155308c5d03aa2ff507695297090bbef8db2b1f_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:68b336dc6aad04c2003762b310df258750d125e7e3d09743fbb3fb9570d885e7_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d96c936f85a4d733c37f7da7b5dcde27bcad7a154abca48c3ee8f9b7baecc319_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:ee19b41a12ead98be6d8bdedee09e50f9da66057f7de6f6bc0f11021d49a61d9_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9abbd37870679b1ece3da858f3bc9f107a43203ff43a4aafcb088d3e3803e678_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b922026dc0b8dc7247ab27ffd8215bf2e958db753355871158ef4e0d5d2df33f_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:de629de8581767a407bfe73eaafd17fedf353a09e8c0f0a18d81605098704af2_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c153ef8bc0473cb3f5f6498c14609c8bddfc5c0fed33442144c79f5d42be190e_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cbb1e220e27abb38b72ed2dcb8832fd183d26a069df72ab56b57523d8076ae40_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:dc546d7821c65e970d5b5f05fccb98eb220a0328ec5a3c806096113397798ad4_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2331720"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the x/crypto/ssh go library. Applications and libraries that misuse the ServerConfig.PublicKeyCallback callback may be susceptible to an authorization bypass. For example, an attacker may send public keys A and B and authenticate with A. PublicKeyCallback would be called only twice, first with A and then with B. A vulnerable application may then make authorization decisions based on key B, for which the attacker does not control the private key. The misuse of ServerConfig.PublicKeyCallback may cause an authorization bypass.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is classified as important rather than critical because it does not directly enable unauthorized access but rather introduces a risk of authorization bypass if the application or library misuses the PublicKeyCallback API. The vulnerability relies on incorrect assumptions made by the application when handling the sequence or state of keys provided during SSH authentication. Properly implemented systems that use the Permissions field or avoid relying on external state remain unaffected. Additionally, the vulnerability does not allow direct exploitation to gain control over a system without the presence of insecure logic in the application\u0027s handling of authentication attempts.\n\n\nRed Hat Enterprise Linux(RHEL) 8 \u0026 9 and Red Hat Openshift marked as not affected as it was determined that the problem function `ServerConfig.PublicKeyCallback`, as noted in the CVE-2024-45337 issue, is not called by Podman, Buildah, containers-common, or the gvisor-tap-vsock projects.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:0ae5e45fe68d907fdfc1fdc9d4b040074acb8bc36cf979fe192451d48787707b_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:3e77d381ec1ef080140b8f4d71e3dd078096abd9409a8dfc9ea2b8f38cc66d2b_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:d42f1ed5f7e32313c51f59b5e10d2bafba6c51c3f47a53cec92b3bfeefca9e3c_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:19a9d111b5fb8fc6a01149c56bc4c131dfd418e2ca42f889078e9d015e1ef28b_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:87639cf63f9a0aa09ea8aed99fe8625922e61bd3cae5bbd959e68a825072788c_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:a98ebdd3991efc207c83306020a4146da2bdc5678eb10efc52113093eb831915_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:257f2893d8e4600744a688fdc49499e70242cb4f93b862755b12b29fe83d44db_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:4eda1ddfd36a0a06750640c26a124a9c203bd578d8431145be35be435e0848e7_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:c617fc54457d6fcbe4d2d93ae575ef714f2ba03b82a557adac71a6408a9a33c7_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9fa462358a39923f6306b016314cbe923dffa46e27b2b53a5a77934f416c840d_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f4f22880b6ea0e5b97dd19c311ec00bf650e670373e14aaa29690481503e2fda_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f77d20eb21bb79808805804465d5e5cdf1f390aa8029a9bad597a0813ff0bf0d_ppc64le"
],
"known_not_affected": [
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:13d2f304f1a54b5809649c3118177a310368490ed45af13b385b1bf648a11216_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:4eb90f3bb36a84d01e963bddb088c1f29777ba14e3317c4007b2d373c24bc6b5_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:7f6314e00a332f7369908d6f64fed35ce21854ea7cb4e7f492da28fd4feb5256_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:0f2e0de230f704fd915e43aecfa5bb49bbba5ee814b32d606980403f21999dd6_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:2f831bbdc78a748b9be5b92857ba4f66fd357436520c04fe279f6dc1c6139216_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:f667a0644465523f295d7feae6f2e264e127e0e98cadd192519b8be9c4974b37_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:0af77978ee01c000b343197ae45812e3579f521d9a7301d7ae9eb25fb0357145_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:56772b736bb1aec1b10d38d4c2b18bcde17b450b55f8c260ac38b23bd6c85b5c_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:68e30d15136c47a03a4736e4a8e569bf50593162996b04c76de89d9b541e4f52_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:2e4d3444239d131b8e50e60ba8cef0ad270750a99958c246d3c9e1a446e710e3_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:36c603b86b770d2ff35a98665471e6441f51ea56ffb819c6ac3d530e86d1f6c9_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7a5735d8ea892ad522179d10d6c4701798baf1bdbc6ed4b4f555ef2a30738670_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86e6f9339c16c873473c304220e2628593fe85c68ee9d8f7e68bda3db8106a9d_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ad3bfe5d8946806355611ca93d5c7b4cb48e55d21f13131c43690452687f1d41_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cb822f22db66571f9cbff1e0f26cb317946f43191da21e2723d8d56663278d80_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:1bf7195f2709e56a3961e58aaf3199b7f696d6f973f98fc91c76153923e72cde_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:aae8aa35d456489ab247e1143e61bce73d20a4eee5337345ac2957b1dd9d2a61_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:da2af83d28dd25c8b2255d299155308c5d03aa2ff507695297090bbef8db2b1f_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:68b336dc6aad04c2003762b310df258750d125e7e3d09743fbb3fb9570d885e7_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d96c936f85a4d733c37f7da7b5dcde27bcad7a154abca48c3ee8f9b7baecc319_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:ee19b41a12ead98be6d8bdedee09e50f9da66057f7de6f6bc0f11021d49a61d9_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9abbd37870679b1ece3da858f3bc9f107a43203ff43a4aafcb088d3e3803e678_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b922026dc0b8dc7247ab27ffd8215bf2e958db753355871158ef4e0d5d2df33f_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:de629de8581767a407bfe73eaafd17fedf353a09e8c0f0a18d81605098704af2_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c153ef8bc0473cb3f5f6498c14609c8bddfc5c0fed33442144c79f5d42be190e_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cbb1e220e27abb38b72ed2dcb8832fd183d26a069df72ab56b57523d8076ae40_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:dc546d7821c65e970d5b5f05fccb98eb220a0328ec5a3c806096113397798ad4_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45337"
},
{
"category": "external",
"summary": "RHBZ#2331720",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331720"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45337"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45337",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45337"
},
{
"category": "external",
"summary": "https://github.com/golang/crypto/commit/b4f1988a35dee11ec3e05d6bf3e90b695fbd8909",
"url": "https://github.com/golang/crypto/commit/b4f1988a35dee11ec3e05d6bf3e90b695fbd8909"
},
{
"category": "external",
"summary": "https://go.dev/cl/635315",
"url": "https://go.dev/cl/635315"
},
{
"category": "external",
"summary": "https://go.dev/issue/70779",
"url": "https://go.dev/issue/70779"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/-nPEi39gI4Q/m/cGVPJCqdAQAJ",
"url": "https://groups.google.com/g/golang-announce/c/-nPEi39gI4Q/m/cGVPJCqdAQAJ"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3321",
"url": "https://pkg.go.dev/vuln/GO-2024-3321"
}
],
"release_date": "2024-12-11T18:55:58.506000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-02-11T21:20:30+00:00",
"details": "If you are using an earlier version of RHACS 4.5, you are advised to upgrade to this patch release 4.5.6.",
"product_ids": [
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:0ae5e45fe68d907fdfc1fdc9d4b040074acb8bc36cf979fe192451d48787707b_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:3e77d381ec1ef080140b8f4d71e3dd078096abd9409a8dfc9ea2b8f38cc66d2b_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:d42f1ed5f7e32313c51f59b5e10d2bafba6c51c3f47a53cec92b3bfeefca9e3c_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:19a9d111b5fb8fc6a01149c56bc4c131dfd418e2ca42f889078e9d015e1ef28b_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:87639cf63f9a0aa09ea8aed99fe8625922e61bd3cae5bbd959e68a825072788c_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:a98ebdd3991efc207c83306020a4146da2bdc5678eb10efc52113093eb831915_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:257f2893d8e4600744a688fdc49499e70242cb4f93b862755b12b29fe83d44db_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:4eda1ddfd36a0a06750640c26a124a9c203bd578d8431145be35be435e0848e7_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:c617fc54457d6fcbe4d2d93ae575ef714f2ba03b82a557adac71a6408a9a33c7_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9fa462358a39923f6306b016314cbe923dffa46e27b2b53a5a77934f416c840d_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f4f22880b6ea0e5b97dd19c311ec00bf650e670373e14aaa29690481503e2fda_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f77d20eb21bb79808805804465d5e5cdf1f390aa8029a9bad597a0813ff0bf0d_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:1334"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:0ae5e45fe68d907fdfc1fdc9d4b040074acb8bc36cf979fe192451d48787707b_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:3e77d381ec1ef080140b8f4d71e3dd078096abd9409a8dfc9ea2b8f38cc66d2b_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:d42f1ed5f7e32313c51f59b5e10d2bafba6c51c3f47a53cec92b3bfeefca9e3c_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:13d2f304f1a54b5809649c3118177a310368490ed45af13b385b1bf648a11216_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:4eb90f3bb36a84d01e963bddb088c1f29777ba14e3317c4007b2d373c24bc6b5_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:7f6314e00a332f7369908d6f64fed35ce21854ea7cb4e7f492da28fd4feb5256_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:0f2e0de230f704fd915e43aecfa5bb49bbba5ee814b32d606980403f21999dd6_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:2f831bbdc78a748b9be5b92857ba4f66fd357436520c04fe279f6dc1c6139216_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:f667a0644465523f295d7feae6f2e264e127e0e98cadd192519b8be9c4974b37_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:19a9d111b5fb8fc6a01149c56bc4c131dfd418e2ca42f889078e9d015e1ef28b_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:87639cf63f9a0aa09ea8aed99fe8625922e61bd3cae5bbd959e68a825072788c_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:a98ebdd3991efc207c83306020a4146da2bdc5678eb10efc52113093eb831915_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:0af77978ee01c000b343197ae45812e3579f521d9a7301d7ae9eb25fb0357145_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:56772b736bb1aec1b10d38d4c2b18bcde17b450b55f8c260ac38b23bd6c85b5c_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:68e30d15136c47a03a4736e4a8e569bf50593162996b04c76de89d9b541e4f52_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:257f2893d8e4600744a688fdc49499e70242cb4f93b862755b12b29fe83d44db_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:4eda1ddfd36a0a06750640c26a124a9c203bd578d8431145be35be435e0848e7_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:c617fc54457d6fcbe4d2d93ae575ef714f2ba03b82a557adac71a6408a9a33c7_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9fa462358a39923f6306b016314cbe923dffa46e27b2b53a5a77934f416c840d_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f4f22880b6ea0e5b97dd19c311ec00bf650e670373e14aaa29690481503e2fda_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f77d20eb21bb79808805804465d5e5cdf1f390aa8029a9bad597a0813ff0bf0d_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:2e4d3444239d131b8e50e60ba8cef0ad270750a99958c246d3c9e1a446e710e3_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:36c603b86b770d2ff35a98665471e6441f51ea56ffb819c6ac3d530e86d1f6c9_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7a5735d8ea892ad522179d10d6c4701798baf1bdbc6ed4b4f555ef2a30738670_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86e6f9339c16c873473c304220e2628593fe85c68ee9d8f7e68bda3db8106a9d_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ad3bfe5d8946806355611ca93d5c7b4cb48e55d21f13131c43690452687f1d41_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cb822f22db66571f9cbff1e0f26cb317946f43191da21e2723d8d56663278d80_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:1bf7195f2709e56a3961e58aaf3199b7f696d6f973f98fc91c76153923e72cde_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:aae8aa35d456489ab247e1143e61bce73d20a4eee5337345ac2957b1dd9d2a61_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:da2af83d28dd25c8b2255d299155308c5d03aa2ff507695297090bbef8db2b1f_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:68b336dc6aad04c2003762b310df258750d125e7e3d09743fbb3fb9570d885e7_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d96c936f85a4d733c37f7da7b5dcde27bcad7a154abca48c3ee8f9b7baecc319_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:ee19b41a12ead98be6d8bdedee09e50f9da66057f7de6f6bc0f11021d49a61d9_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9abbd37870679b1ece3da858f3bc9f107a43203ff43a4aafcb088d3e3803e678_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b922026dc0b8dc7247ab27ffd8215bf2e958db753355871158ef4e0d5d2df33f_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:de629de8581767a407bfe73eaafd17fedf353a09e8c0f0a18d81605098704af2_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c153ef8bc0473cb3f5f6498c14609c8bddfc5c0fed33442144c79f5d42be190e_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cbb1e220e27abb38b72ed2dcb8832fd183d26a069df72ab56b57523d8076ae40_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:dc546d7821c65e970d5b5f05fccb98eb220a0328ec5a3c806096113397798ad4_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:0ae5e45fe68d907fdfc1fdc9d4b040074acb8bc36cf979fe192451d48787707b_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:3e77d381ec1ef080140b8f4d71e3dd078096abd9409a8dfc9ea2b8f38cc66d2b_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:d42f1ed5f7e32313c51f59b5e10d2bafba6c51c3f47a53cec92b3bfeefca9e3c_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:13d2f304f1a54b5809649c3118177a310368490ed45af13b385b1bf648a11216_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:4eb90f3bb36a84d01e963bddb088c1f29777ba14e3317c4007b2d373c24bc6b5_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:7f6314e00a332f7369908d6f64fed35ce21854ea7cb4e7f492da28fd4feb5256_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:0f2e0de230f704fd915e43aecfa5bb49bbba5ee814b32d606980403f21999dd6_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:2f831bbdc78a748b9be5b92857ba4f66fd357436520c04fe279f6dc1c6139216_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:f667a0644465523f295d7feae6f2e264e127e0e98cadd192519b8be9c4974b37_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:19a9d111b5fb8fc6a01149c56bc4c131dfd418e2ca42f889078e9d015e1ef28b_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:87639cf63f9a0aa09ea8aed99fe8625922e61bd3cae5bbd959e68a825072788c_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:a98ebdd3991efc207c83306020a4146da2bdc5678eb10efc52113093eb831915_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:0af77978ee01c000b343197ae45812e3579f521d9a7301d7ae9eb25fb0357145_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:56772b736bb1aec1b10d38d4c2b18bcde17b450b55f8c260ac38b23bd6c85b5c_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:68e30d15136c47a03a4736e4a8e569bf50593162996b04c76de89d9b541e4f52_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:257f2893d8e4600744a688fdc49499e70242cb4f93b862755b12b29fe83d44db_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:4eda1ddfd36a0a06750640c26a124a9c203bd578d8431145be35be435e0848e7_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:c617fc54457d6fcbe4d2d93ae575ef714f2ba03b82a557adac71a6408a9a33c7_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9fa462358a39923f6306b016314cbe923dffa46e27b2b53a5a77934f416c840d_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f4f22880b6ea0e5b97dd19c311ec00bf650e670373e14aaa29690481503e2fda_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f77d20eb21bb79808805804465d5e5cdf1f390aa8029a9bad597a0813ff0bf0d_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:2e4d3444239d131b8e50e60ba8cef0ad270750a99958c246d3c9e1a446e710e3_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:36c603b86b770d2ff35a98665471e6441f51ea56ffb819c6ac3d530e86d1f6c9_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7a5735d8ea892ad522179d10d6c4701798baf1bdbc6ed4b4f555ef2a30738670_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86e6f9339c16c873473c304220e2628593fe85c68ee9d8f7e68bda3db8106a9d_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ad3bfe5d8946806355611ca93d5c7b4cb48e55d21f13131c43690452687f1d41_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cb822f22db66571f9cbff1e0f26cb317946f43191da21e2723d8d56663278d80_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:1bf7195f2709e56a3961e58aaf3199b7f696d6f973f98fc91c76153923e72cde_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:aae8aa35d456489ab247e1143e61bce73d20a4eee5337345ac2957b1dd9d2a61_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:da2af83d28dd25c8b2255d299155308c5d03aa2ff507695297090bbef8db2b1f_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:68b336dc6aad04c2003762b310df258750d125e7e3d09743fbb3fb9570d885e7_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d96c936f85a4d733c37f7da7b5dcde27bcad7a154abca48c3ee8f9b7baecc319_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:ee19b41a12ead98be6d8bdedee09e50f9da66057f7de6f6bc0f11021d49a61d9_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9abbd37870679b1ece3da858f3bc9f107a43203ff43a4aafcb088d3e3803e678_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b922026dc0b8dc7247ab27ffd8215bf2e958db753355871158ef4e0d5d2df33f_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:de629de8581767a407bfe73eaafd17fedf353a09e8c0f0a18d81605098704af2_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c153ef8bc0473cb3f5f6498c14609c8bddfc5c0fed33442144c79f5d42be190e_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cbb1e220e27abb38b72ed2dcb8832fd183d26a069df72ab56b57523d8076ae40_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:dc546d7821c65e970d5b5f05fccb98eb220a0328ec5a3c806096113397798ad4_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto"
},
{
"cve": "CVE-2024-45338",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2024-12-18T21:00:59.938173+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:13d2f304f1a54b5809649c3118177a310368490ed45af13b385b1bf648a11216_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:4eb90f3bb36a84d01e963bddb088c1f29777ba14e3317c4007b2d373c24bc6b5_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:7f6314e00a332f7369908d6f64fed35ce21854ea7cb4e7f492da28fd4feb5256_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:0f2e0de230f704fd915e43aecfa5bb49bbba5ee814b32d606980403f21999dd6_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:2f831bbdc78a748b9be5b92857ba4f66fd357436520c04fe279f6dc1c6139216_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:f667a0644465523f295d7feae6f2e264e127e0e98cadd192519b8be9c4974b37_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:0af77978ee01c000b343197ae45812e3579f521d9a7301d7ae9eb25fb0357145_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:56772b736bb1aec1b10d38d4c2b18bcde17b450b55f8c260ac38b23bd6c85b5c_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:68e30d15136c47a03a4736e4a8e569bf50593162996b04c76de89d9b541e4f52_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:2e4d3444239d131b8e50e60ba8cef0ad270750a99958c246d3c9e1a446e710e3_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:36c603b86b770d2ff35a98665471e6441f51ea56ffb819c6ac3d530e86d1f6c9_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7a5735d8ea892ad522179d10d6c4701798baf1bdbc6ed4b4f555ef2a30738670_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86e6f9339c16c873473c304220e2628593fe85c68ee9d8f7e68bda3db8106a9d_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ad3bfe5d8946806355611ca93d5c7b4cb48e55d21f13131c43690452687f1d41_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cb822f22db66571f9cbff1e0f26cb317946f43191da21e2723d8d56663278d80_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:1bf7195f2709e56a3961e58aaf3199b7f696d6f973f98fc91c76153923e72cde_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:aae8aa35d456489ab247e1143e61bce73d20a4eee5337345ac2957b1dd9d2a61_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:da2af83d28dd25c8b2255d299155308c5d03aa2ff507695297090bbef8db2b1f_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:68b336dc6aad04c2003762b310df258750d125e7e3d09743fbb3fb9570d885e7_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d96c936f85a4d733c37f7da7b5dcde27bcad7a154abca48c3ee8f9b7baecc319_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:ee19b41a12ead98be6d8bdedee09e50f9da66057f7de6f6bc0f11021d49a61d9_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9abbd37870679b1ece3da858f3bc9f107a43203ff43a4aafcb088d3e3803e678_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b922026dc0b8dc7247ab27ffd8215bf2e958db753355871158ef4e0d5d2df33f_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:de629de8581767a407bfe73eaafd17fedf353a09e8c0f0a18d81605098704af2_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c153ef8bc0473cb3f5f6498c14609c8bddfc5c0fed33442144c79f5d42be190e_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cbb1e220e27abb38b72ed2dcb8832fd183d26a069df72ab56b57523d8076ae40_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:dc546d7821c65e970d5b5f05fccb98eb220a0328ec5a3c806096113397798ad4_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2333122"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/net/html. This flaw allows an attacker to craft input to the parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This issue can cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as an Important severity because an attacker can craft malicious input that causes the parsing functions to process data non-linearly, resulting in significant delays which leads to a denial of service by exhausting system resources.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:0ae5e45fe68d907fdfc1fdc9d4b040074acb8bc36cf979fe192451d48787707b_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:3e77d381ec1ef080140b8f4d71e3dd078096abd9409a8dfc9ea2b8f38cc66d2b_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:d42f1ed5f7e32313c51f59b5e10d2bafba6c51c3f47a53cec92b3bfeefca9e3c_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:19a9d111b5fb8fc6a01149c56bc4c131dfd418e2ca42f889078e9d015e1ef28b_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:87639cf63f9a0aa09ea8aed99fe8625922e61bd3cae5bbd959e68a825072788c_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:a98ebdd3991efc207c83306020a4146da2bdc5678eb10efc52113093eb831915_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:257f2893d8e4600744a688fdc49499e70242cb4f93b862755b12b29fe83d44db_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:4eda1ddfd36a0a06750640c26a124a9c203bd578d8431145be35be435e0848e7_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:c617fc54457d6fcbe4d2d93ae575ef714f2ba03b82a557adac71a6408a9a33c7_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9fa462358a39923f6306b016314cbe923dffa46e27b2b53a5a77934f416c840d_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f4f22880b6ea0e5b97dd19c311ec00bf650e670373e14aaa29690481503e2fda_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f77d20eb21bb79808805804465d5e5cdf1f390aa8029a9bad597a0813ff0bf0d_ppc64le"
],
"known_not_affected": [
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:13d2f304f1a54b5809649c3118177a310368490ed45af13b385b1bf648a11216_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:4eb90f3bb36a84d01e963bddb088c1f29777ba14e3317c4007b2d373c24bc6b5_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:7f6314e00a332f7369908d6f64fed35ce21854ea7cb4e7f492da28fd4feb5256_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:0f2e0de230f704fd915e43aecfa5bb49bbba5ee814b32d606980403f21999dd6_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:2f831bbdc78a748b9be5b92857ba4f66fd357436520c04fe279f6dc1c6139216_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:f667a0644465523f295d7feae6f2e264e127e0e98cadd192519b8be9c4974b37_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:0af77978ee01c000b343197ae45812e3579f521d9a7301d7ae9eb25fb0357145_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:56772b736bb1aec1b10d38d4c2b18bcde17b450b55f8c260ac38b23bd6c85b5c_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:68e30d15136c47a03a4736e4a8e569bf50593162996b04c76de89d9b541e4f52_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:2e4d3444239d131b8e50e60ba8cef0ad270750a99958c246d3c9e1a446e710e3_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:36c603b86b770d2ff35a98665471e6441f51ea56ffb819c6ac3d530e86d1f6c9_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7a5735d8ea892ad522179d10d6c4701798baf1bdbc6ed4b4f555ef2a30738670_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86e6f9339c16c873473c304220e2628593fe85c68ee9d8f7e68bda3db8106a9d_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ad3bfe5d8946806355611ca93d5c7b4cb48e55d21f13131c43690452687f1d41_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cb822f22db66571f9cbff1e0f26cb317946f43191da21e2723d8d56663278d80_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:1bf7195f2709e56a3961e58aaf3199b7f696d6f973f98fc91c76153923e72cde_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:aae8aa35d456489ab247e1143e61bce73d20a4eee5337345ac2957b1dd9d2a61_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:da2af83d28dd25c8b2255d299155308c5d03aa2ff507695297090bbef8db2b1f_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:68b336dc6aad04c2003762b310df258750d125e7e3d09743fbb3fb9570d885e7_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d96c936f85a4d733c37f7da7b5dcde27bcad7a154abca48c3ee8f9b7baecc319_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:ee19b41a12ead98be6d8bdedee09e50f9da66057f7de6f6bc0f11021d49a61d9_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9abbd37870679b1ece3da858f3bc9f107a43203ff43a4aafcb088d3e3803e678_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b922026dc0b8dc7247ab27ffd8215bf2e958db753355871158ef4e0d5d2df33f_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:de629de8581767a407bfe73eaafd17fedf353a09e8c0f0a18d81605098704af2_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c153ef8bc0473cb3f5f6498c14609c8bddfc5c0fed33442144c79f5d42be190e_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cbb1e220e27abb38b72ed2dcb8832fd183d26a069df72ab56b57523d8076ae40_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:dc546d7821c65e970d5b5f05fccb98eb220a0328ec5a3c806096113397798ad4_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45338"
},
{
"category": "external",
"summary": "RHBZ#2333122",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2333122"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45338",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45338"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45338",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45338"
},
{
"category": "external",
"summary": "https://go.dev/cl/637536",
"url": "https://go.dev/cl/637536"
},
{
"category": "external",
"summary": "https://go.dev/issue/70906",
"url": "https://go.dev/issue/70906"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/wSCRmFnNmPA/m/Lvcd0mRMAwAJ",
"url": "https://groups.google.com/g/golang-announce/c/wSCRmFnNmPA/m/Lvcd0mRMAwAJ"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3333",
"url": "https://pkg.go.dev/vuln/GO-2024-3333"
}
],
"release_date": "2024-12-18T20:38:22.660000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-02-11T21:20:30+00:00",
"details": "If you are using an earlier version of RHACS 4.5, you are advised to upgrade to this patch release 4.5.6.",
"product_ids": [
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:0ae5e45fe68d907fdfc1fdc9d4b040074acb8bc36cf979fe192451d48787707b_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:3e77d381ec1ef080140b8f4d71e3dd078096abd9409a8dfc9ea2b8f38cc66d2b_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:d42f1ed5f7e32313c51f59b5e10d2bafba6c51c3f47a53cec92b3bfeefca9e3c_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:19a9d111b5fb8fc6a01149c56bc4c131dfd418e2ca42f889078e9d015e1ef28b_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:87639cf63f9a0aa09ea8aed99fe8625922e61bd3cae5bbd959e68a825072788c_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:a98ebdd3991efc207c83306020a4146da2bdc5678eb10efc52113093eb831915_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:257f2893d8e4600744a688fdc49499e70242cb4f93b862755b12b29fe83d44db_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:4eda1ddfd36a0a06750640c26a124a9c203bd578d8431145be35be435e0848e7_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:c617fc54457d6fcbe4d2d93ae575ef714f2ba03b82a557adac71a6408a9a33c7_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9fa462358a39923f6306b016314cbe923dffa46e27b2b53a5a77934f416c840d_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f4f22880b6ea0e5b97dd19c311ec00bf650e670373e14aaa29690481503e2fda_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f77d20eb21bb79808805804465d5e5cdf1f390aa8029a9bad597a0813ff0bf0d_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:1334"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:0ae5e45fe68d907fdfc1fdc9d4b040074acb8bc36cf979fe192451d48787707b_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:3e77d381ec1ef080140b8f4d71e3dd078096abd9409a8dfc9ea2b8f38cc66d2b_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:d42f1ed5f7e32313c51f59b5e10d2bafba6c51c3f47a53cec92b3bfeefca9e3c_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:13d2f304f1a54b5809649c3118177a310368490ed45af13b385b1bf648a11216_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:4eb90f3bb36a84d01e963bddb088c1f29777ba14e3317c4007b2d373c24bc6b5_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:7f6314e00a332f7369908d6f64fed35ce21854ea7cb4e7f492da28fd4feb5256_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:0f2e0de230f704fd915e43aecfa5bb49bbba5ee814b32d606980403f21999dd6_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:2f831bbdc78a748b9be5b92857ba4f66fd357436520c04fe279f6dc1c6139216_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:f667a0644465523f295d7feae6f2e264e127e0e98cadd192519b8be9c4974b37_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:19a9d111b5fb8fc6a01149c56bc4c131dfd418e2ca42f889078e9d015e1ef28b_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:87639cf63f9a0aa09ea8aed99fe8625922e61bd3cae5bbd959e68a825072788c_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:a98ebdd3991efc207c83306020a4146da2bdc5678eb10efc52113093eb831915_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:0af77978ee01c000b343197ae45812e3579f521d9a7301d7ae9eb25fb0357145_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:56772b736bb1aec1b10d38d4c2b18bcde17b450b55f8c260ac38b23bd6c85b5c_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:68e30d15136c47a03a4736e4a8e569bf50593162996b04c76de89d9b541e4f52_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:257f2893d8e4600744a688fdc49499e70242cb4f93b862755b12b29fe83d44db_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:4eda1ddfd36a0a06750640c26a124a9c203bd578d8431145be35be435e0848e7_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:c617fc54457d6fcbe4d2d93ae575ef714f2ba03b82a557adac71a6408a9a33c7_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9fa462358a39923f6306b016314cbe923dffa46e27b2b53a5a77934f416c840d_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f4f22880b6ea0e5b97dd19c311ec00bf650e670373e14aaa29690481503e2fda_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f77d20eb21bb79808805804465d5e5cdf1f390aa8029a9bad597a0813ff0bf0d_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:2e4d3444239d131b8e50e60ba8cef0ad270750a99958c246d3c9e1a446e710e3_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:36c603b86b770d2ff35a98665471e6441f51ea56ffb819c6ac3d530e86d1f6c9_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7a5735d8ea892ad522179d10d6c4701798baf1bdbc6ed4b4f555ef2a30738670_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86e6f9339c16c873473c304220e2628593fe85c68ee9d8f7e68bda3db8106a9d_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ad3bfe5d8946806355611ca93d5c7b4cb48e55d21f13131c43690452687f1d41_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cb822f22db66571f9cbff1e0f26cb317946f43191da21e2723d8d56663278d80_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:1bf7195f2709e56a3961e58aaf3199b7f696d6f973f98fc91c76153923e72cde_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:aae8aa35d456489ab247e1143e61bce73d20a4eee5337345ac2957b1dd9d2a61_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:da2af83d28dd25c8b2255d299155308c5d03aa2ff507695297090bbef8db2b1f_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:68b336dc6aad04c2003762b310df258750d125e7e3d09743fbb3fb9570d885e7_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d96c936f85a4d733c37f7da7b5dcde27bcad7a154abca48c3ee8f9b7baecc319_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:ee19b41a12ead98be6d8bdedee09e50f9da66057f7de6f6bc0f11021d49a61d9_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9abbd37870679b1ece3da858f3bc9f107a43203ff43a4aafcb088d3e3803e678_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b922026dc0b8dc7247ab27ffd8215bf2e958db753355871158ef4e0d5d2df33f_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:de629de8581767a407bfe73eaafd17fedf353a09e8c0f0a18d81605098704af2_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c153ef8bc0473cb3f5f6498c14609c8bddfc5c0fed33442144c79f5d42be190e_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cbb1e220e27abb38b72ed2dcb8832fd183d26a069df72ab56b57523d8076ae40_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:dc546d7821c65e970d5b5f05fccb98eb220a0328ec5a3c806096113397798ad4_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html"
},
{
"cve": "CVE-2025-21613",
"cwe": {
"id": "CWE-88",
"name": "Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)"
},
"discovery_date": "2025-01-06T17:00:41.244449+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:0ae5e45fe68d907fdfc1fdc9d4b040074acb8bc36cf979fe192451d48787707b_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:3e77d381ec1ef080140b8f4d71e3dd078096abd9409a8dfc9ea2b8f38cc66d2b_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:d42f1ed5f7e32313c51f59b5e10d2bafba6c51c3f47a53cec92b3bfeefca9e3c_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:13d2f304f1a54b5809649c3118177a310368490ed45af13b385b1bf648a11216_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:4eb90f3bb36a84d01e963bddb088c1f29777ba14e3317c4007b2d373c24bc6b5_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:7f6314e00a332f7369908d6f64fed35ce21854ea7cb4e7f492da28fd4feb5256_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:0f2e0de230f704fd915e43aecfa5bb49bbba5ee814b32d606980403f21999dd6_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:2f831bbdc78a748b9be5b92857ba4f66fd357436520c04fe279f6dc1c6139216_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:f667a0644465523f295d7feae6f2e264e127e0e98cadd192519b8be9c4974b37_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:0af77978ee01c000b343197ae45812e3579f521d9a7301d7ae9eb25fb0357145_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:56772b736bb1aec1b10d38d4c2b18bcde17b450b55f8c260ac38b23bd6c85b5c_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:68e30d15136c47a03a4736e4a8e569bf50593162996b04c76de89d9b541e4f52_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:2e4d3444239d131b8e50e60ba8cef0ad270750a99958c246d3c9e1a446e710e3_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:36c603b86b770d2ff35a98665471e6441f51ea56ffb819c6ac3d530e86d1f6c9_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7a5735d8ea892ad522179d10d6c4701798baf1bdbc6ed4b4f555ef2a30738670_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86e6f9339c16c873473c304220e2628593fe85c68ee9d8f7e68bda3db8106a9d_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ad3bfe5d8946806355611ca93d5c7b4cb48e55d21f13131c43690452687f1d41_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cb822f22db66571f9cbff1e0f26cb317946f43191da21e2723d8d56663278d80_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2335888"
}
],
"notes": [
{
"category": "description",
"text": "An argument injection vulnerability was found in go-git. This flaw allows an attacker to set arbitrary values to git-upload-pack flags, leading to command or code execution, exposure of sensitive data, or other unintended behavior. This is only possible in configurations where the file transport protocol is being used.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "go-git: argument injection via the URL field",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as an Important severity because an argument injection has been discovered in go-git, where an attackers can manipulate git-upload-pack flags, potentially enabling command or code execution leads to an exposure of sensitive data or other unintended actions, this vulnerability occurs exclusively in configurations using the file transport protocol.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:19a9d111b5fb8fc6a01149c56bc4c131dfd418e2ca42f889078e9d015e1ef28b_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:87639cf63f9a0aa09ea8aed99fe8625922e61bd3cae5bbd959e68a825072788c_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:a98ebdd3991efc207c83306020a4146da2bdc5678eb10efc52113093eb831915_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:257f2893d8e4600744a688fdc49499e70242cb4f93b862755b12b29fe83d44db_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:4eda1ddfd36a0a06750640c26a124a9c203bd578d8431145be35be435e0848e7_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:c617fc54457d6fcbe4d2d93ae575ef714f2ba03b82a557adac71a6408a9a33c7_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9fa462358a39923f6306b016314cbe923dffa46e27b2b53a5a77934f416c840d_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f4f22880b6ea0e5b97dd19c311ec00bf650e670373e14aaa29690481503e2fda_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f77d20eb21bb79808805804465d5e5cdf1f390aa8029a9bad597a0813ff0bf0d_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:1bf7195f2709e56a3961e58aaf3199b7f696d6f973f98fc91c76153923e72cde_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:aae8aa35d456489ab247e1143e61bce73d20a4eee5337345ac2957b1dd9d2a61_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:da2af83d28dd25c8b2255d299155308c5d03aa2ff507695297090bbef8db2b1f_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:68b336dc6aad04c2003762b310df258750d125e7e3d09743fbb3fb9570d885e7_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d96c936f85a4d733c37f7da7b5dcde27bcad7a154abca48c3ee8f9b7baecc319_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:ee19b41a12ead98be6d8bdedee09e50f9da66057f7de6f6bc0f11021d49a61d9_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9abbd37870679b1ece3da858f3bc9f107a43203ff43a4aafcb088d3e3803e678_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b922026dc0b8dc7247ab27ffd8215bf2e958db753355871158ef4e0d5d2df33f_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:de629de8581767a407bfe73eaafd17fedf353a09e8c0f0a18d81605098704af2_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c153ef8bc0473cb3f5f6498c14609c8bddfc5c0fed33442144c79f5d42be190e_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cbb1e220e27abb38b72ed2dcb8832fd183d26a069df72ab56b57523d8076ae40_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:dc546d7821c65e970d5b5f05fccb98eb220a0328ec5a3c806096113397798ad4_s390x"
],
"known_not_affected": [
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:0ae5e45fe68d907fdfc1fdc9d4b040074acb8bc36cf979fe192451d48787707b_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:3e77d381ec1ef080140b8f4d71e3dd078096abd9409a8dfc9ea2b8f38cc66d2b_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:d42f1ed5f7e32313c51f59b5e10d2bafba6c51c3f47a53cec92b3bfeefca9e3c_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:13d2f304f1a54b5809649c3118177a310368490ed45af13b385b1bf648a11216_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:4eb90f3bb36a84d01e963bddb088c1f29777ba14e3317c4007b2d373c24bc6b5_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:7f6314e00a332f7369908d6f64fed35ce21854ea7cb4e7f492da28fd4feb5256_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:0f2e0de230f704fd915e43aecfa5bb49bbba5ee814b32d606980403f21999dd6_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:2f831bbdc78a748b9be5b92857ba4f66fd357436520c04fe279f6dc1c6139216_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:f667a0644465523f295d7feae6f2e264e127e0e98cadd192519b8be9c4974b37_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:0af77978ee01c000b343197ae45812e3579f521d9a7301d7ae9eb25fb0357145_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:56772b736bb1aec1b10d38d4c2b18bcde17b450b55f8c260ac38b23bd6c85b5c_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:68e30d15136c47a03a4736e4a8e569bf50593162996b04c76de89d9b541e4f52_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:2e4d3444239d131b8e50e60ba8cef0ad270750a99958c246d3c9e1a446e710e3_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:36c603b86b770d2ff35a98665471e6441f51ea56ffb819c6ac3d530e86d1f6c9_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7a5735d8ea892ad522179d10d6c4701798baf1bdbc6ed4b4f555ef2a30738670_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86e6f9339c16c873473c304220e2628593fe85c68ee9d8f7e68bda3db8106a9d_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ad3bfe5d8946806355611ca93d5c7b4cb48e55d21f13131c43690452687f1d41_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cb822f22db66571f9cbff1e0f26cb317946f43191da21e2723d8d56663278d80_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-21613"
},
{
"category": "external",
"summary": "RHBZ#2335888",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2335888"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-21613",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21613"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-21613",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-21613"
},
{
"category": "external",
"summary": "https://github.com/go-git/go-git/security/advisories/GHSA-v725-9546-7q7m",
"url": "https://github.com/go-git/go-git/security/advisories/GHSA-v725-9546-7q7m"
}
],
"release_date": "2025-01-06T16:13:10.611000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-02-11T21:20:30+00:00",
"details": "If you are using an earlier version of RHACS 4.5, you are advised to upgrade to this patch release 4.5.6.",
"product_ids": [
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:19a9d111b5fb8fc6a01149c56bc4c131dfd418e2ca42f889078e9d015e1ef28b_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:87639cf63f9a0aa09ea8aed99fe8625922e61bd3cae5bbd959e68a825072788c_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:a98ebdd3991efc207c83306020a4146da2bdc5678eb10efc52113093eb831915_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:257f2893d8e4600744a688fdc49499e70242cb4f93b862755b12b29fe83d44db_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:4eda1ddfd36a0a06750640c26a124a9c203bd578d8431145be35be435e0848e7_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:c617fc54457d6fcbe4d2d93ae575ef714f2ba03b82a557adac71a6408a9a33c7_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9fa462358a39923f6306b016314cbe923dffa46e27b2b53a5a77934f416c840d_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f4f22880b6ea0e5b97dd19c311ec00bf650e670373e14aaa29690481503e2fda_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f77d20eb21bb79808805804465d5e5cdf1f390aa8029a9bad597a0813ff0bf0d_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:1bf7195f2709e56a3961e58aaf3199b7f696d6f973f98fc91c76153923e72cde_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:aae8aa35d456489ab247e1143e61bce73d20a4eee5337345ac2957b1dd9d2a61_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:da2af83d28dd25c8b2255d299155308c5d03aa2ff507695297090bbef8db2b1f_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:68b336dc6aad04c2003762b310df258750d125e7e3d09743fbb3fb9570d885e7_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d96c936f85a4d733c37f7da7b5dcde27bcad7a154abca48c3ee8f9b7baecc319_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:ee19b41a12ead98be6d8bdedee09e50f9da66057f7de6f6bc0f11021d49a61d9_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9abbd37870679b1ece3da858f3bc9f107a43203ff43a4aafcb088d3e3803e678_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b922026dc0b8dc7247ab27ffd8215bf2e958db753355871158ef4e0d5d2df33f_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:de629de8581767a407bfe73eaafd17fedf353a09e8c0f0a18d81605098704af2_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c153ef8bc0473cb3f5f6498c14609c8bddfc5c0fed33442144c79f5d42be190e_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cbb1e220e27abb38b72ed2dcb8832fd183d26a069df72ab56b57523d8076ae40_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:dc546d7821c65e970d5b5f05fccb98eb220a0328ec5a3c806096113397798ad4_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:1334"
},
{
"category": "workaround",
"details": "In cases where it is not possible to update to the latest version of go-git, it is recommended to enforce validation rules for values passed in the URL field.",
"product_ids": [
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:0ae5e45fe68d907fdfc1fdc9d4b040074acb8bc36cf979fe192451d48787707b_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:3e77d381ec1ef080140b8f4d71e3dd078096abd9409a8dfc9ea2b8f38cc66d2b_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:d42f1ed5f7e32313c51f59b5e10d2bafba6c51c3f47a53cec92b3bfeefca9e3c_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:13d2f304f1a54b5809649c3118177a310368490ed45af13b385b1bf648a11216_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:4eb90f3bb36a84d01e963bddb088c1f29777ba14e3317c4007b2d373c24bc6b5_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:7f6314e00a332f7369908d6f64fed35ce21854ea7cb4e7f492da28fd4feb5256_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:0f2e0de230f704fd915e43aecfa5bb49bbba5ee814b32d606980403f21999dd6_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:2f831bbdc78a748b9be5b92857ba4f66fd357436520c04fe279f6dc1c6139216_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:f667a0644465523f295d7feae6f2e264e127e0e98cadd192519b8be9c4974b37_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:19a9d111b5fb8fc6a01149c56bc4c131dfd418e2ca42f889078e9d015e1ef28b_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:87639cf63f9a0aa09ea8aed99fe8625922e61bd3cae5bbd959e68a825072788c_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:a98ebdd3991efc207c83306020a4146da2bdc5678eb10efc52113093eb831915_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:0af77978ee01c000b343197ae45812e3579f521d9a7301d7ae9eb25fb0357145_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:56772b736bb1aec1b10d38d4c2b18bcde17b450b55f8c260ac38b23bd6c85b5c_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:68e30d15136c47a03a4736e4a8e569bf50593162996b04c76de89d9b541e4f52_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:257f2893d8e4600744a688fdc49499e70242cb4f93b862755b12b29fe83d44db_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:4eda1ddfd36a0a06750640c26a124a9c203bd578d8431145be35be435e0848e7_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:c617fc54457d6fcbe4d2d93ae575ef714f2ba03b82a557adac71a6408a9a33c7_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9fa462358a39923f6306b016314cbe923dffa46e27b2b53a5a77934f416c840d_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f4f22880b6ea0e5b97dd19c311ec00bf650e670373e14aaa29690481503e2fda_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f77d20eb21bb79808805804465d5e5cdf1f390aa8029a9bad597a0813ff0bf0d_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:2e4d3444239d131b8e50e60ba8cef0ad270750a99958c246d3c9e1a446e710e3_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:36c603b86b770d2ff35a98665471e6441f51ea56ffb819c6ac3d530e86d1f6c9_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7a5735d8ea892ad522179d10d6c4701798baf1bdbc6ed4b4f555ef2a30738670_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86e6f9339c16c873473c304220e2628593fe85c68ee9d8f7e68bda3db8106a9d_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ad3bfe5d8946806355611ca93d5c7b4cb48e55d21f13131c43690452687f1d41_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cb822f22db66571f9cbff1e0f26cb317946f43191da21e2723d8d56663278d80_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:1bf7195f2709e56a3961e58aaf3199b7f696d6f973f98fc91c76153923e72cde_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:aae8aa35d456489ab247e1143e61bce73d20a4eee5337345ac2957b1dd9d2a61_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:da2af83d28dd25c8b2255d299155308c5d03aa2ff507695297090bbef8db2b1f_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:68b336dc6aad04c2003762b310df258750d125e7e3d09743fbb3fb9570d885e7_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d96c936f85a4d733c37f7da7b5dcde27bcad7a154abca48c3ee8f9b7baecc319_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:ee19b41a12ead98be6d8bdedee09e50f9da66057f7de6f6bc0f11021d49a61d9_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9abbd37870679b1ece3da858f3bc9f107a43203ff43a4aafcb088d3e3803e678_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b922026dc0b8dc7247ab27ffd8215bf2e958db753355871158ef4e0d5d2df33f_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:de629de8581767a407bfe73eaafd17fedf353a09e8c0f0a18d81605098704af2_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c153ef8bc0473cb3f5f6498c14609c8bddfc5c0fed33442144c79f5d42be190e_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cbb1e220e27abb38b72ed2dcb8832fd183d26a069df72ab56b57523d8076ae40_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:dc546d7821c65e970d5b5f05fccb98eb220a0328ec5a3c806096113397798ad4_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:0ae5e45fe68d907fdfc1fdc9d4b040074acb8bc36cf979fe192451d48787707b_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:3e77d381ec1ef080140b8f4d71e3dd078096abd9409a8dfc9ea2b8f38cc66d2b_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:d42f1ed5f7e32313c51f59b5e10d2bafba6c51c3f47a53cec92b3bfeefca9e3c_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:13d2f304f1a54b5809649c3118177a310368490ed45af13b385b1bf648a11216_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:4eb90f3bb36a84d01e963bddb088c1f29777ba14e3317c4007b2d373c24bc6b5_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:7f6314e00a332f7369908d6f64fed35ce21854ea7cb4e7f492da28fd4feb5256_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:0f2e0de230f704fd915e43aecfa5bb49bbba5ee814b32d606980403f21999dd6_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:2f831bbdc78a748b9be5b92857ba4f66fd357436520c04fe279f6dc1c6139216_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:f667a0644465523f295d7feae6f2e264e127e0e98cadd192519b8be9c4974b37_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:19a9d111b5fb8fc6a01149c56bc4c131dfd418e2ca42f889078e9d015e1ef28b_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:87639cf63f9a0aa09ea8aed99fe8625922e61bd3cae5bbd959e68a825072788c_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:a98ebdd3991efc207c83306020a4146da2bdc5678eb10efc52113093eb831915_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:0af77978ee01c000b343197ae45812e3579f521d9a7301d7ae9eb25fb0357145_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:56772b736bb1aec1b10d38d4c2b18bcde17b450b55f8c260ac38b23bd6c85b5c_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:68e30d15136c47a03a4736e4a8e569bf50593162996b04c76de89d9b541e4f52_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:257f2893d8e4600744a688fdc49499e70242cb4f93b862755b12b29fe83d44db_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:4eda1ddfd36a0a06750640c26a124a9c203bd578d8431145be35be435e0848e7_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:c617fc54457d6fcbe4d2d93ae575ef714f2ba03b82a557adac71a6408a9a33c7_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9fa462358a39923f6306b016314cbe923dffa46e27b2b53a5a77934f416c840d_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f4f22880b6ea0e5b97dd19c311ec00bf650e670373e14aaa29690481503e2fda_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f77d20eb21bb79808805804465d5e5cdf1f390aa8029a9bad597a0813ff0bf0d_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:2e4d3444239d131b8e50e60ba8cef0ad270750a99958c246d3c9e1a446e710e3_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:36c603b86b770d2ff35a98665471e6441f51ea56ffb819c6ac3d530e86d1f6c9_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7a5735d8ea892ad522179d10d6c4701798baf1bdbc6ed4b4f555ef2a30738670_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86e6f9339c16c873473c304220e2628593fe85c68ee9d8f7e68bda3db8106a9d_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ad3bfe5d8946806355611ca93d5c7b4cb48e55d21f13131c43690452687f1d41_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cb822f22db66571f9cbff1e0f26cb317946f43191da21e2723d8d56663278d80_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:1bf7195f2709e56a3961e58aaf3199b7f696d6f973f98fc91c76153923e72cde_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:aae8aa35d456489ab247e1143e61bce73d20a4eee5337345ac2957b1dd9d2a61_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:da2af83d28dd25c8b2255d299155308c5d03aa2ff507695297090bbef8db2b1f_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:68b336dc6aad04c2003762b310df258750d125e7e3d09743fbb3fb9570d885e7_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d96c936f85a4d733c37f7da7b5dcde27bcad7a154abca48c3ee8f9b7baecc319_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:ee19b41a12ead98be6d8bdedee09e50f9da66057f7de6f6bc0f11021d49a61d9_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9abbd37870679b1ece3da858f3bc9f107a43203ff43a4aafcb088d3e3803e678_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b922026dc0b8dc7247ab27ffd8215bf2e958db753355871158ef4e0d5d2df33f_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:de629de8581767a407bfe73eaafd17fedf353a09e8c0f0a18d81605098704af2_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c153ef8bc0473cb3f5f6498c14609c8bddfc5c0fed33442144c79f5d42be190e_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cbb1e220e27abb38b72ed2dcb8832fd183d26a069df72ab56b57523d8076ae40_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:dc546d7821c65e970d5b5f05fccb98eb220a0328ec5a3c806096113397798ad4_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "go-git: argument injection via the URL field"
},
{
"cve": "CVE-2025-21614",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-01-06T17:01:36.743039+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:0ae5e45fe68d907fdfc1fdc9d4b040074acb8bc36cf979fe192451d48787707b_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:3e77d381ec1ef080140b8f4d71e3dd078096abd9409a8dfc9ea2b8f38cc66d2b_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:d42f1ed5f7e32313c51f59b5e10d2bafba6c51c3f47a53cec92b3bfeefca9e3c_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:13d2f304f1a54b5809649c3118177a310368490ed45af13b385b1bf648a11216_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:4eb90f3bb36a84d01e963bddb088c1f29777ba14e3317c4007b2d373c24bc6b5_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:7f6314e00a332f7369908d6f64fed35ce21854ea7cb4e7f492da28fd4feb5256_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:0f2e0de230f704fd915e43aecfa5bb49bbba5ee814b32d606980403f21999dd6_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:2f831bbdc78a748b9be5b92857ba4f66fd357436520c04fe279f6dc1c6139216_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:f667a0644465523f295d7feae6f2e264e127e0e98cadd192519b8be9c4974b37_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:0af77978ee01c000b343197ae45812e3579f521d9a7301d7ae9eb25fb0357145_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:56772b736bb1aec1b10d38d4c2b18bcde17b450b55f8c260ac38b23bd6c85b5c_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:68e30d15136c47a03a4736e4a8e569bf50593162996b04c76de89d9b541e4f52_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:2e4d3444239d131b8e50e60ba8cef0ad270750a99958c246d3c9e1a446e710e3_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:36c603b86b770d2ff35a98665471e6441f51ea56ffb819c6ac3d530e86d1f6c9_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7a5735d8ea892ad522179d10d6c4701798baf1bdbc6ed4b4f555ef2a30738670_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86e6f9339c16c873473c304220e2628593fe85c68ee9d8f7e68bda3db8106a9d_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ad3bfe5d8946806355611ca93d5c7b4cb48e55d21f13131c43690452687f1d41_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cb822f22db66571f9cbff1e0f26cb317946f43191da21e2723d8d56663278d80_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2335901"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service (DoS) vulnerability was found in go-git. This vulnerability allows an attacker to perform denial of service attacks by providing specially crafted responses from a Git server, which triggers resource exhaustion in go-git clients.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "go-git: go-git clients vulnerable to DoS via maliciously crafted Git server replies",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:19a9d111b5fb8fc6a01149c56bc4c131dfd418e2ca42f889078e9d015e1ef28b_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:87639cf63f9a0aa09ea8aed99fe8625922e61bd3cae5bbd959e68a825072788c_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:a98ebdd3991efc207c83306020a4146da2bdc5678eb10efc52113093eb831915_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:257f2893d8e4600744a688fdc49499e70242cb4f93b862755b12b29fe83d44db_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:4eda1ddfd36a0a06750640c26a124a9c203bd578d8431145be35be435e0848e7_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:c617fc54457d6fcbe4d2d93ae575ef714f2ba03b82a557adac71a6408a9a33c7_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9fa462358a39923f6306b016314cbe923dffa46e27b2b53a5a77934f416c840d_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f4f22880b6ea0e5b97dd19c311ec00bf650e670373e14aaa29690481503e2fda_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f77d20eb21bb79808805804465d5e5cdf1f390aa8029a9bad597a0813ff0bf0d_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:1bf7195f2709e56a3961e58aaf3199b7f696d6f973f98fc91c76153923e72cde_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:aae8aa35d456489ab247e1143e61bce73d20a4eee5337345ac2957b1dd9d2a61_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:da2af83d28dd25c8b2255d299155308c5d03aa2ff507695297090bbef8db2b1f_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:68b336dc6aad04c2003762b310df258750d125e7e3d09743fbb3fb9570d885e7_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d96c936f85a4d733c37f7da7b5dcde27bcad7a154abca48c3ee8f9b7baecc319_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:ee19b41a12ead98be6d8bdedee09e50f9da66057f7de6f6bc0f11021d49a61d9_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9abbd37870679b1ece3da858f3bc9f107a43203ff43a4aafcb088d3e3803e678_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b922026dc0b8dc7247ab27ffd8215bf2e958db753355871158ef4e0d5d2df33f_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:de629de8581767a407bfe73eaafd17fedf353a09e8c0f0a18d81605098704af2_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c153ef8bc0473cb3f5f6498c14609c8bddfc5c0fed33442144c79f5d42be190e_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cbb1e220e27abb38b72ed2dcb8832fd183d26a069df72ab56b57523d8076ae40_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:dc546d7821c65e970d5b5f05fccb98eb220a0328ec5a3c806096113397798ad4_s390x"
],
"known_not_affected": [
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:0ae5e45fe68d907fdfc1fdc9d4b040074acb8bc36cf979fe192451d48787707b_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:3e77d381ec1ef080140b8f4d71e3dd078096abd9409a8dfc9ea2b8f38cc66d2b_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:d42f1ed5f7e32313c51f59b5e10d2bafba6c51c3f47a53cec92b3bfeefca9e3c_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:13d2f304f1a54b5809649c3118177a310368490ed45af13b385b1bf648a11216_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:4eb90f3bb36a84d01e963bddb088c1f29777ba14e3317c4007b2d373c24bc6b5_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:7f6314e00a332f7369908d6f64fed35ce21854ea7cb4e7f492da28fd4feb5256_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:0f2e0de230f704fd915e43aecfa5bb49bbba5ee814b32d606980403f21999dd6_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:2f831bbdc78a748b9be5b92857ba4f66fd357436520c04fe279f6dc1c6139216_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:f667a0644465523f295d7feae6f2e264e127e0e98cadd192519b8be9c4974b37_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:0af77978ee01c000b343197ae45812e3579f521d9a7301d7ae9eb25fb0357145_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:56772b736bb1aec1b10d38d4c2b18bcde17b450b55f8c260ac38b23bd6c85b5c_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:68e30d15136c47a03a4736e4a8e569bf50593162996b04c76de89d9b541e4f52_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:2e4d3444239d131b8e50e60ba8cef0ad270750a99958c246d3c9e1a446e710e3_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:36c603b86b770d2ff35a98665471e6441f51ea56ffb819c6ac3d530e86d1f6c9_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7a5735d8ea892ad522179d10d6c4701798baf1bdbc6ed4b4f555ef2a30738670_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86e6f9339c16c873473c304220e2628593fe85c68ee9d8f7e68bda3db8106a9d_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ad3bfe5d8946806355611ca93d5c7b4cb48e55d21f13131c43690452687f1d41_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cb822f22db66571f9cbff1e0f26cb317946f43191da21e2723d8d56663278d80_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-21614"
},
{
"category": "external",
"summary": "RHBZ#2335901",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2335901"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-21614",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21614"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-21614",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-21614"
},
{
"category": "external",
"summary": "https://github.com/go-git/go-git/security/advisories/GHSA-r9px-m959-cxf4",
"url": "https://github.com/go-git/go-git/security/advisories/GHSA-r9px-m959-cxf4"
}
],
"release_date": "2025-01-06T16:20:16.140000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-02-11T21:20:30+00:00",
"details": "If you are using an earlier version of RHACS 4.5, you are advised to upgrade to this patch release 4.5.6.",
"product_ids": [
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:19a9d111b5fb8fc6a01149c56bc4c131dfd418e2ca42f889078e9d015e1ef28b_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:87639cf63f9a0aa09ea8aed99fe8625922e61bd3cae5bbd959e68a825072788c_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:a98ebdd3991efc207c83306020a4146da2bdc5678eb10efc52113093eb831915_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:257f2893d8e4600744a688fdc49499e70242cb4f93b862755b12b29fe83d44db_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:4eda1ddfd36a0a06750640c26a124a9c203bd578d8431145be35be435e0848e7_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:c617fc54457d6fcbe4d2d93ae575ef714f2ba03b82a557adac71a6408a9a33c7_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9fa462358a39923f6306b016314cbe923dffa46e27b2b53a5a77934f416c840d_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f4f22880b6ea0e5b97dd19c311ec00bf650e670373e14aaa29690481503e2fda_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f77d20eb21bb79808805804465d5e5cdf1f390aa8029a9bad597a0813ff0bf0d_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:1bf7195f2709e56a3961e58aaf3199b7f696d6f973f98fc91c76153923e72cde_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:aae8aa35d456489ab247e1143e61bce73d20a4eee5337345ac2957b1dd9d2a61_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:da2af83d28dd25c8b2255d299155308c5d03aa2ff507695297090bbef8db2b1f_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:68b336dc6aad04c2003762b310df258750d125e7e3d09743fbb3fb9570d885e7_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d96c936f85a4d733c37f7da7b5dcde27bcad7a154abca48c3ee8f9b7baecc319_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:ee19b41a12ead98be6d8bdedee09e50f9da66057f7de6f6bc0f11021d49a61d9_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9abbd37870679b1ece3da858f3bc9f107a43203ff43a4aafcb088d3e3803e678_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b922026dc0b8dc7247ab27ffd8215bf2e958db753355871158ef4e0d5d2df33f_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:de629de8581767a407bfe73eaafd17fedf353a09e8c0f0a18d81605098704af2_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c153ef8bc0473cb3f5f6498c14609c8bddfc5c0fed33442144c79f5d42be190e_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cbb1e220e27abb38b72ed2dcb8832fd183d26a069df72ab56b57523d8076ae40_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:dc546d7821c65e970d5b5f05fccb98eb220a0328ec5a3c806096113397798ad4_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:1334"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:0ae5e45fe68d907fdfc1fdc9d4b040074acb8bc36cf979fe192451d48787707b_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:3e77d381ec1ef080140b8f4d71e3dd078096abd9409a8dfc9ea2b8f38cc66d2b_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:d42f1ed5f7e32313c51f59b5e10d2bafba6c51c3f47a53cec92b3bfeefca9e3c_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:13d2f304f1a54b5809649c3118177a310368490ed45af13b385b1bf648a11216_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:4eb90f3bb36a84d01e963bddb088c1f29777ba14e3317c4007b2d373c24bc6b5_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:7f6314e00a332f7369908d6f64fed35ce21854ea7cb4e7f492da28fd4feb5256_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:0f2e0de230f704fd915e43aecfa5bb49bbba5ee814b32d606980403f21999dd6_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:2f831bbdc78a748b9be5b92857ba4f66fd357436520c04fe279f6dc1c6139216_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:f667a0644465523f295d7feae6f2e264e127e0e98cadd192519b8be9c4974b37_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:19a9d111b5fb8fc6a01149c56bc4c131dfd418e2ca42f889078e9d015e1ef28b_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:87639cf63f9a0aa09ea8aed99fe8625922e61bd3cae5bbd959e68a825072788c_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:a98ebdd3991efc207c83306020a4146da2bdc5678eb10efc52113093eb831915_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:0af77978ee01c000b343197ae45812e3579f521d9a7301d7ae9eb25fb0357145_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:56772b736bb1aec1b10d38d4c2b18bcde17b450b55f8c260ac38b23bd6c85b5c_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:68e30d15136c47a03a4736e4a8e569bf50593162996b04c76de89d9b541e4f52_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:257f2893d8e4600744a688fdc49499e70242cb4f93b862755b12b29fe83d44db_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:4eda1ddfd36a0a06750640c26a124a9c203bd578d8431145be35be435e0848e7_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:c617fc54457d6fcbe4d2d93ae575ef714f2ba03b82a557adac71a6408a9a33c7_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9fa462358a39923f6306b016314cbe923dffa46e27b2b53a5a77934f416c840d_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f4f22880b6ea0e5b97dd19c311ec00bf650e670373e14aaa29690481503e2fda_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f77d20eb21bb79808805804465d5e5cdf1f390aa8029a9bad597a0813ff0bf0d_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:2e4d3444239d131b8e50e60ba8cef0ad270750a99958c246d3c9e1a446e710e3_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:36c603b86b770d2ff35a98665471e6441f51ea56ffb819c6ac3d530e86d1f6c9_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7a5735d8ea892ad522179d10d6c4701798baf1bdbc6ed4b4f555ef2a30738670_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86e6f9339c16c873473c304220e2628593fe85c68ee9d8f7e68bda3db8106a9d_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ad3bfe5d8946806355611ca93d5c7b4cb48e55d21f13131c43690452687f1d41_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cb822f22db66571f9cbff1e0f26cb317946f43191da21e2723d8d56663278d80_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:1bf7195f2709e56a3961e58aaf3199b7f696d6f973f98fc91c76153923e72cde_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:aae8aa35d456489ab247e1143e61bce73d20a4eee5337345ac2957b1dd9d2a61_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:da2af83d28dd25c8b2255d299155308c5d03aa2ff507695297090bbef8db2b1f_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:68b336dc6aad04c2003762b310df258750d125e7e3d09743fbb3fb9570d885e7_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d96c936f85a4d733c37f7da7b5dcde27bcad7a154abca48c3ee8f9b7baecc319_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:ee19b41a12ead98be6d8bdedee09e50f9da66057f7de6f6bc0f11021d49a61d9_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9abbd37870679b1ece3da858f3bc9f107a43203ff43a4aafcb088d3e3803e678_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b922026dc0b8dc7247ab27ffd8215bf2e958db753355871158ef4e0d5d2df33f_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:de629de8581767a407bfe73eaafd17fedf353a09e8c0f0a18d81605098704af2_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c153ef8bc0473cb3f5f6498c14609c8bddfc5c0fed33442144c79f5d42be190e_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cbb1e220e27abb38b72ed2dcb8832fd183d26a069df72ab56b57523d8076ae40_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:dc546d7821c65e970d5b5f05fccb98eb220a0328ec5a3c806096113397798ad4_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "go-git: go-git clients vulnerable to DoS via maliciously crafted Git server replies"
}
]
}
Loading...
Loading...
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.