Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2018-12608 (GCVE-0-2018-12608)
Vulnerability from cvelistv5
Published
2018-09-10 17:00
Modified
2024-08-05 08:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
An issue was discovered in Docker Moby before 17.06.0. The Docker engine validated a client TLS certificate using both the configured client CA root certificate and all system roots on non-Windows systems. This allowed a client with any domain validated certificate signed by a system-trusted root CA (as opposed to one signed by the configured CA root certificate) to authenticate.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T08:38:06.338Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/moby/moby/pull/33182"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-09-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Docker Moby before 17.06.0. The Docker engine validated a client TLS certificate using both the configured client CA root certificate and all system roots on non-Windows systems. This allowed a client with any domain validated certificate signed by a system-trusted root CA (as opposed to one signed by the configured CA root certificate) to authenticate."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-09-10T17:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/moby/moby/pull/33182"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-12608",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in Docker Moby before 17.06.0. The Docker engine validated a client TLS certificate using both the configured client CA root certificate and all system roots on non-Windows systems. This allowed a client with any domain validated certificate signed by a system-trusted root CA (as opposed to one signed by the configured CA root certificate) to authenticate."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/moby/moby/pull/33182",
"refsource": "MISC",
"url": "https://github.com/moby/moby/pull/33182"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-12608",
"datePublished": "2018-09-10T17:00:00",
"dateReserved": "2018-06-21T00:00:00",
"dateUpdated": "2024-08-05T08:38:06.338Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2018-12608\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2018-09-10T17:29:00.287\",\"lastModified\":\"2024-11-21T03:45:32.067\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An issue was discovered in Docker Moby before 17.06.0. The Docker engine validated a client TLS certificate using both the configured client CA root certificate and all system roots on non-Windows systems. This allowed a client with any domain validated certificate signed by a system-trusted root CA (as opposed to one signed by the configured CA root certificate) to authenticate.\"},{\"lang\":\"es\",\"value\":\"Se ha descubierto un problema en Docker Moby, en versiones anteriores a la 17.06.0. EL motor Docker valid\u00f3 el certificado TLS del cliente mediante el certificado root del CA del cliente configurado y todos los roots del sistema en sistemas que no son Windows. Esto permiti\u00f3 que un cliente con cualquier certificado de dominio validado por una CA root en la que conf\u00eda el sistema (al contrario que otro firmado por la CA root configurada) para autenticarse\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:P/A:N\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-295\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mobyproject:moby:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"17.06.0\",\"matchCriteriaId\":\"779519D6-D1A3-464C-9ECD-601E87099FFD\"}]}]}],\"references\":[{\"url\":\"https://github.com/moby/moby/pull/33182\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/moby/moby/pull/33182\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]}]}}"
}
}
fkie_cve-2018-12608
Vulnerability from fkie_nvd
Published
2018-09-10 17:29
Modified
2024-11-21 03:45
Severity ?
Summary
An issue was discovered in Docker Moby before 17.06.0. The Docker engine validated a client TLS certificate using both the configured client CA root certificate and all system roots on non-Windows systems. This allowed a client with any domain validated certificate signed by a system-trusted root CA (as opposed to one signed by the configured CA root certificate) to authenticate.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/moby/moby/pull/33182 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/moby/moby/pull/33182 | Patch, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mobyproject | moby | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mobyproject:moby:*:*:*:*:*:*:*:*",
"matchCriteriaId": "779519D6-D1A3-464C-9ECD-601E87099FFD",
"versionEndExcluding": "17.06.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Docker Moby before 17.06.0. The Docker engine validated a client TLS certificate using both the configured client CA root certificate and all system roots on non-Windows systems. This allowed a client with any domain validated certificate signed by a system-trusted root CA (as opposed to one signed by the configured CA root certificate) to authenticate."
},
{
"lang": "es",
"value": "Se ha descubierto un problema en Docker Moby, en versiones anteriores a la 17.06.0. EL motor Docker valid\u00f3 el certificado TLS del cliente mediante el certificado root del CA del cliente configurado y todos los roots del sistema en sistemas que no son Windows. Esto permiti\u00f3 que un cliente con cualquier certificado de dominio validado por una CA root en la que conf\u00eda el sistema (al contrario que otro firmado por la CA root configurada) para autenticarse"
}
],
"id": "CVE-2018-12608",
"lastModified": "2024-11-21T03:45:32.067",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-09-10T17:29:00.287",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/moby/moby/pull/33182"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/moby/moby/pull/33182"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-295"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
rhsa-2024:5094
Vulnerability from csaf_redhat
Published
2024-08-07 15:39
Modified
2025-07-23 20:38
Summary
Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.6.0 security update
Notes
Topic
Red Hat OpenShift Service Mesh Containers for 2.6.0
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation.
Security Fix(es):
* quic-go: memory exhaustion attack against QUIC's connection ID mechanism(CVE-2024-22189)
* moby: cert signing bypass(CVE-2018-12608)
* golang: archive/zip: Incorrect handling of certain ZIP files(CVE-2024-24789)
* jose: resource exhaustion(CVE-2024-28176)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Service Mesh Containers for 2.6.0 \n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Service Mesh is Red Hat\u0027s distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation.\n\nSecurity Fix(es):\n\n* quic-go: memory exhaustion attack against QUIC\u0027s connection ID mechanism(CVE-2024-22189)\n* moby: cert signing bypass(CVE-2018-12608)\n* golang: archive/zip: Incorrect handling of certain ZIP files(CVE-2024-24789)\n* jose: resource exhaustion(CVE-2024-28176)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:5094",
"url": "https://access.redhat.com/errata/RHSA-2024:5094"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2268820",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268820"
},
{
"category": "external",
"summary": "2273513",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2273513"
},
{
"category": "external",
"summary": "2275812",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275812"
},
{
"category": "external",
"summary": "2292668",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2292668"
},
{
"category": "external",
"summary": "OSSM-2101",
"url": "https://issues.redhat.com/browse/OSSM-2101"
},
{
"category": "external",
"summary": "OSSM-5687",
"url": "https://issues.redhat.com/browse/OSSM-5687"
},
{
"category": "external",
"summary": "OSSM-5854",
"url": "https://issues.redhat.com/browse/OSSM-5854"
},
{
"category": "external",
"summary": "OSSM-6009",
"url": "https://issues.redhat.com/browse/OSSM-6009"
},
{
"category": "external",
"summary": "OSSM-6296",
"url": "https://issues.redhat.com/browse/OSSM-6296"
},
{
"category": "external",
"summary": "OSSM-6336",
"url": "https://issues.redhat.com/browse/OSSM-6336"
},
{
"category": "external",
"summary": "OSSM-6391",
"url": "https://issues.redhat.com/browse/OSSM-6391"
},
{
"category": "external",
"summary": "OSSM-6682",
"url": "https://issues.redhat.com/browse/OSSM-6682"
},
{
"category": "external",
"summary": "OSSM-6693",
"url": "https://issues.redhat.com/browse/OSSM-6693"
},
{
"category": "external",
"summary": "OSSM-6699",
"url": "https://issues.redhat.com/browse/OSSM-6699"
},
{
"category": "external",
"summary": "OSSM-6700",
"url": "https://issues.redhat.com/browse/OSSM-6700"
},
{
"category": "external",
"summary": "OSSM-6703",
"url": "https://issues.redhat.com/browse/OSSM-6703"
},
{
"category": "external",
"summary": "OSSM-6762",
"url": "https://issues.redhat.com/browse/OSSM-6762"
},
{
"category": "external",
"summary": "OSSM-6769",
"url": "https://issues.redhat.com/browse/OSSM-6769"
},
{
"category": "external",
"summary": "OSSM-6774",
"url": "https://issues.redhat.com/browse/OSSM-6774"
},
{
"category": "external",
"summary": "OSSM-6777",
"url": "https://issues.redhat.com/browse/OSSM-6777"
},
{
"category": "external",
"summary": "OSSM-6781",
"url": "https://issues.redhat.com/browse/OSSM-6781"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_5094.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.6.0 security update",
"tracking": {
"current_release_date": "2025-07-23T20:38:43+00:00",
"generator": {
"date": "2025-07-23T20:38:43+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.4"
}
},
"id": "RHSA-2024:5094",
"initial_release_date": "2024-08-07T15:39:25+00:00",
"revision_history": [
{
"date": "2024-08-07T15:39:25+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-08-07T15:39:25+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-07-23T20:38:43+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHOSSM 2.6 for RHEL 8",
"product": {
"name": "RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:service_mesh:2.6::el8"
}
}
},
{
"category": "product_name",
"name": "RHOSSM 2.6 for RHEL 9",
"product": {
"name": "RHOSSM 2.6 for RHEL 9",
"product_id": "9Base-RHOSSM-2.6",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:service_mesh:2.6::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Service Mesh"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:084b7af79fce2ccd8e9291054e727cd536b2e8d0392d6fae41070acc640dda7d_s390x",
"product": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:084b7af79fce2ccd8e9291054e727cd536b2e8d0392d6fae41070acc640dda7d_s390x",
"product_id": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:084b7af79fce2ccd8e9291054e727cd536b2e8d0392d6fae41070acc640dda7d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel8@sha256:084b7af79fce2ccd8e9291054e727cd536b2e8d0392d6fae41070acc640dda7d?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8\u0026tag=1.73.10-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:407b37dd42635c1d11de7cca69e620c140416a401c1a608d5e8f06a18ff51374_s390x",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:407b37dd42635c1d11de7cca69e620c140416a401c1a608d5e8f06a18ff51374_s390x",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:407b37dd42635c1d11de7cca69e620c140416a401c1a608d5e8f06a18ff51374_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:407b37dd42635c1d11de7cca69e620c140416a401c1a608d5e8f06a18ff51374?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.6.0-21"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:4f73fc9525b461cb31c7f76a776b3ba6d586de87e763f3dace8edea1031d2dd8_s390x",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:4f73fc9525b461cb31c7f76a776b3ba6d586de87e763f3dace8edea1031d2dd8_s390x",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:4f73fc9525b461cb31c7f76a776b3ba6d586de87e763f3dace8edea1031d2dd8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:4f73fc9525b461cb31c7f76a776b3ba6d586de87e763f3dace8edea1031d2dd8?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.6.0-7"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:4d0c6c49b2c660d5ed04273cfcd5e01444c7c479432c374ecbcb4b99334b2ac9_s390x",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:4d0c6c49b2c660d5ed04273cfcd5e01444c7c479432c374ecbcb4b99334b2ac9_s390x",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:4d0c6c49b2c660d5ed04273cfcd5e01444c7c479432c374ecbcb4b99334b2ac9_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:4d0c6c49b2c660d5ed04273cfcd5e01444c7c479432c374ecbcb4b99334b2ac9?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.73.9-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:cdf3a7e2f5e76c59d9b3228daeabce86478693f7311ff44db0b0bbe41d9cc310_s390x",
"product": {
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:cdf3a7e2f5e76c59d9b3228daeabce86478693f7311ff44db0b0bbe41d9cc310_s390x",
"product_id": "openshift-service-mesh/kiali-rhel8-operator@sha256:cdf3a7e2f5e76c59d9b3228daeabce86478693f7311ff44db0b0bbe41d9cc310_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8-operator@sha256:cdf3a7e2f5e76c59d9b3228daeabce86478693f7311ff44db0b0bbe41d9cc310?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8-operator\u0026tag=1.73.10-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:dbbcfdcdd4b7dca0363140675ccbf5a7e17cf6671e9c7d0858309eaa9e3e35bb_s390x",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:dbbcfdcdd4b7dca0363140675ccbf5a7e17cf6671e9c7d0858309eaa9e3e35bb_s390x",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:dbbcfdcdd4b7dca0363140675ccbf5a7e17cf6671e9c7d0858309eaa9e3e35bb_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:dbbcfdcdd4b7dca0363140675ccbf5a7e17cf6671e9c7d0858309eaa9e3e35bb?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.6.0-7"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:abf18be2515f0e0bdf54c29e96c517043e23a248b84b72a7c77fb6627535435a_s390x",
"product": {
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:abf18be2515f0e0bdf54c29e96c517043e23a248b84b72a7c77fb6627535435a_s390x",
"product_id": "openshift-service-mesh/istio-rhel8-operator@sha256:abf18be2515f0e0bdf54c29e96c517043e23a248b84b72a7c77fb6627535435a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-rhel8-operator@sha256:abf18be2515f0e0bdf54c29e96c517043e23a248b84b72a7c77fb6627535435a?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-rhel8-operator\u0026tag=2.6.0-27"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:099a9a6e6ecc221ce47fe8da358fb90caf1de22cc90353adbd2f4073e3a8c962_s390x",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:099a9a6e6ecc221ce47fe8da358fb90caf1de22cc90353adbd2f4073e3a8c962_s390x",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:099a9a6e6ecc221ce47fe8da358fb90caf1de22cc90353adbd2f4073e3a8c962_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:099a9a6e6ecc221ce47fe8da358fb90caf1de22cc90353adbd2f4073e3a8c962?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.6.0-19"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:7672a4b3475e71674897eb4c2d47c84bd7151ff71716d19dd29d8e140bc7b2ec_s390x",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:7672a4b3475e71674897eb4c2d47c84bd7151ff71716d19dd29d8e140bc7b2ec_s390x",
"product_id": "openshift-service-mesh/proxyv2-rhel9@sha256:7672a4b3475e71674897eb4c2d47c84bd7151ff71716d19dd29d8e140bc7b2ec_s390x",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel9@sha256:7672a4b3475e71674897eb4c2d47c84bd7151ff71716d19dd29d8e140bc7b2ec?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel9\u0026tag=2.6.0-18"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:f4d5e0ab476f92e9985e86c0a6200f82e60972df12976c2ca64ff596c8e84bd0_s390x",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:f4d5e0ab476f92e9985e86c0a6200f82e60972df12976c2ca64ff596c8e84bd0_s390x",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:f4d5e0ab476f92e9985e86c0a6200f82e60972df12976c2ca64ff596c8e84bd0_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:f4d5e0ab476f92e9985e86c0a6200f82e60972df12976c2ca64ff596c8e84bd0?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.6.0-8"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:392e140789a39e10526de2cae19316759ff36c954c7b0e8d88fac91556be3bf0_arm64",
"product": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:392e140789a39e10526de2cae19316759ff36c954c7b0e8d88fac91556be3bf0_arm64",
"product_id": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:392e140789a39e10526de2cae19316759ff36c954c7b0e8d88fac91556be3bf0_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel8@sha256:392e140789a39e10526de2cae19316759ff36c954c7b0e8d88fac91556be3bf0?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8\u0026tag=1.73.10-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:49542fec00ff65d1d4d27849c67468fb5d0b1314f7a9010d67c0dbbf55c1306b_arm64",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:49542fec00ff65d1d4d27849c67468fb5d0b1314f7a9010d67c0dbbf55c1306b_arm64",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:49542fec00ff65d1d4d27849c67468fb5d0b1314f7a9010d67c0dbbf55c1306b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:49542fec00ff65d1d4d27849c67468fb5d0b1314f7a9010d67c0dbbf55c1306b?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.6.0-21"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:a312eee18c620e4b7c19258d2619b732a4fdf48320a04d8e216a018b99e046d7_arm64",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:a312eee18c620e4b7c19258d2619b732a4fdf48320a04d8e216a018b99e046d7_arm64",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:a312eee18c620e4b7c19258d2619b732a4fdf48320a04d8e216a018b99e046d7_arm64",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:a312eee18c620e4b7c19258d2619b732a4fdf48320a04d8e216a018b99e046d7?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.6.0-7"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:c0bb751d102763412fc936fb3b69a45e477bc2c0aa71b5f6fa5c0f69a94d8767_arm64",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:c0bb751d102763412fc936fb3b69a45e477bc2c0aa71b5f6fa5c0f69a94d8767_arm64",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:c0bb751d102763412fc936fb3b69a45e477bc2c0aa71b5f6fa5c0f69a94d8767_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:c0bb751d102763412fc936fb3b69a45e477bc2c0aa71b5f6fa5c0f69a94d8767?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.73.9-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:5f070c96656b4e01a691caa916dcf81fb34c153d192d26acec7c08cc7f9d6fda_arm64",
"product": {
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:5f070c96656b4e01a691caa916dcf81fb34c153d192d26acec7c08cc7f9d6fda_arm64",
"product_id": "openshift-service-mesh/kiali-rhel8-operator@sha256:5f070c96656b4e01a691caa916dcf81fb34c153d192d26acec7c08cc7f9d6fda_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8-operator@sha256:5f070c96656b4e01a691caa916dcf81fb34c153d192d26acec7c08cc7f9d6fda?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8-operator\u0026tag=1.73.10-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:6327e0c83d4f21f33053bdc92a8091cfd7a53f272f57f3fa8e045611229f98ba_arm64",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:6327e0c83d4f21f33053bdc92a8091cfd7a53f272f57f3fa8e045611229f98ba_arm64",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:6327e0c83d4f21f33053bdc92a8091cfd7a53f272f57f3fa8e045611229f98ba_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:6327e0c83d4f21f33053bdc92a8091cfd7a53f272f57f3fa8e045611229f98ba?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.6.0-7"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:c0341aec6013018cc7f97d4a9ac1ea4537a7fee8dbe473958ceab0f67e8bc502_arm64",
"product": {
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:c0341aec6013018cc7f97d4a9ac1ea4537a7fee8dbe473958ceab0f67e8bc502_arm64",
"product_id": "openshift-service-mesh/istio-rhel8-operator@sha256:c0341aec6013018cc7f97d4a9ac1ea4537a7fee8dbe473958ceab0f67e8bc502_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-rhel8-operator@sha256:c0341aec6013018cc7f97d4a9ac1ea4537a7fee8dbe473958ceab0f67e8bc502?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-rhel8-operator\u0026tag=2.6.0-27"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:df0b0c0364bbe30220bd92c24ba41c54d4b871503e6b4ccdc8b7991031830637_arm64",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:df0b0c0364bbe30220bd92c24ba41c54d4b871503e6b4ccdc8b7991031830637_arm64",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:df0b0c0364bbe30220bd92c24ba41c54d4b871503e6b4ccdc8b7991031830637_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:df0b0c0364bbe30220bd92c24ba41c54d4b871503e6b4ccdc8b7991031830637?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.6.0-19"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:823118b612b0bfc3c10d1ad07d65236a8e21d703e64a09c5bdc9377fc0e7cf47_arm64",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:823118b612b0bfc3c10d1ad07d65236a8e21d703e64a09c5bdc9377fc0e7cf47_arm64",
"product_id": "openshift-service-mesh/proxyv2-rhel9@sha256:823118b612b0bfc3c10d1ad07d65236a8e21d703e64a09c5bdc9377fc0e7cf47_arm64",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel9@sha256:823118b612b0bfc3c10d1ad07d65236a8e21d703e64a09c5bdc9377fc0e7cf47?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel9\u0026tag=2.6.0-18"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:911f2c0b5159f6c13c6f4dc958ac66e987cab2b091f55e75b998d95cc1ae3e72_arm64",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:911f2c0b5159f6c13c6f4dc958ac66e987cab2b091f55e75b998d95cc1ae3e72_arm64",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:911f2c0b5159f6c13c6f4dc958ac66e987cab2b091f55e75b998d95cc1ae3e72_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:911f2c0b5159f6c13c6f4dc958ac66e987cab2b091f55e75b998d95cc1ae3e72?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.6.0-8"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:86b5406c483065ae2085721e6069f36767d6dc512d8f885ac02660955fb5fbed_ppc64le",
"product": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:86b5406c483065ae2085721e6069f36767d6dc512d8f885ac02660955fb5fbed_ppc64le",
"product_id": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:86b5406c483065ae2085721e6069f36767d6dc512d8f885ac02660955fb5fbed_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel8@sha256:86b5406c483065ae2085721e6069f36767d6dc512d8f885ac02660955fb5fbed?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8\u0026tag=1.73.10-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:7d8a4815dee1f4e109876d47184b669e81dc22421b602f2beef48588f414743e_ppc64le",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:7d8a4815dee1f4e109876d47184b669e81dc22421b602f2beef48588f414743e_ppc64le",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:7d8a4815dee1f4e109876d47184b669e81dc22421b602f2beef48588f414743e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:7d8a4815dee1f4e109876d47184b669e81dc22421b602f2beef48588f414743e?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.6.0-21"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:677746a7132573b2b40658fad4801cbe3d0381079f2d6cd7ee508318d75e6ad0_ppc64le",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:677746a7132573b2b40658fad4801cbe3d0381079f2d6cd7ee508318d75e6ad0_ppc64le",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:677746a7132573b2b40658fad4801cbe3d0381079f2d6cd7ee508318d75e6ad0_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:677746a7132573b2b40658fad4801cbe3d0381079f2d6cd7ee508318d75e6ad0?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.6.0-7"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:4f581fd9388ba9256a34b85296a8f3728826804bd9f59fe0f8832d91c3ecc8ae_ppc64le",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:4f581fd9388ba9256a34b85296a8f3728826804bd9f59fe0f8832d91c3ecc8ae_ppc64le",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:4f581fd9388ba9256a34b85296a8f3728826804bd9f59fe0f8832d91c3ecc8ae_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:4f581fd9388ba9256a34b85296a8f3728826804bd9f59fe0f8832d91c3ecc8ae?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.73.9-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:09d04d86a4e646d6e45e57893d383432fa966ac536e460ff6fdd375c939d96ca_ppc64le",
"product": {
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:09d04d86a4e646d6e45e57893d383432fa966ac536e460ff6fdd375c939d96ca_ppc64le",
"product_id": "openshift-service-mesh/kiali-rhel8-operator@sha256:09d04d86a4e646d6e45e57893d383432fa966ac536e460ff6fdd375c939d96ca_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8-operator@sha256:09d04d86a4e646d6e45e57893d383432fa966ac536e460ff6fdd375c939d96ca?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8-operator\u0026tag=1.73.10-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:0172d2aefc611c66c1ceac5acbe771b0109944024ccaa1534a992c154cc70186_ppc64le",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:0172d2aefc611c66c1ceac5acbe771b0109944024ccaa1534a992c154cc70186_ppc64le",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:0172d2aefc611c66c1ceac5acbe771b0109944024ccaa1534a992c154cc70186_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:0172d2aefc611c66c1ceac5acbe771b0109944024ccaa1534a992c154cc70186?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.6.0-7"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:28a794322e00582e5d74c3a7e0934735652d09ae83ac59f925434a8e2f32ca81_ppc64le",
"product": {
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:28a794322e00582e5d74c3a7e0934735652d09ae83ac59f925434a8e2f32ca81_ppc64le",
"product_id": "openshift-service-mesh/istio-rhel8-operator@sha256:28a794322e00582e5d74c3a7e0934735652d09ae83ac59f925434a8e2f32ca81_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-rhel8-operator@sha256:28a794322e00582e5d74c3a7e0934735652d09ae83ac59f925434a8e2f32ca81?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-rhel8-operator\u0026tag=2.6.0-27"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:6c6842b5ba5d85e3d9990ae73754499863ed648c9b7efa9c75ab7936093d6c06_ppc64le",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:6c6842b5ba5d85e3d9990ae73754499863ed648c9b7efa9c75ab7936093d6c06_ppc64le",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:6c6842b5ba5d85e3d9990ae73754499863ed648c9b7efa9c75ab7936093d6c06_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:6c6842b5ba5d85e3d9990ae73754499863ed648c9b7efa9c75ab7936093d6c06?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.6.0-19"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:8355c8f725d3713be992545bc8396582be6d792bec620b95bc5cd5475436a903_ppc64le",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:8355c8f725d3713be992545bc8396582be6d792bec620b95bc5cd5475436a903_ppc64le",
"product_id": "openshift-service-mesh/proxyv2-rhel9@sha256:8355c8f725d3713be992545bc8396582be6d792bec620b95bc5cd5475436a903_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel9@sha256:8355c8f725d3713be992545bc8396582be6d792bec620b95bc5cd5475436a903?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel9\u0026tag=2.6.0-18"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:0ab18d9cc3d927e162c25e895bb5d55a970b5906f83c95f0759b659a2a2d45c2_ppc64le",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:0ab18d9cc3d927e162c25e895bb5d55a970b5906f83c95f0759b659a2a2d45c2_ppc64le",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:0ab18d9cc3d927e162c25e895bb5d55a970b5906f83c95f0759b659a2a2d45c2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:0ab18d9cc3d927e162c25e895bb5d55a970b5906f83c95f0759b659a2a2d45c2?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.6.0-8"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:b55b09211c8e5857060baca392be5534a3707d0a876ceb76939908b271163cc0_amd64",
"product": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:b55b09211c8e5857060baca392be5534a3707d0a876ceb76939908b271163cc0_amd64",
"product_id": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:b55b09211c8e5857060baca392be5534a3707d0a876ceb76939908b271163cc0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel8@sha256:b55b09211c8e5857060baca392be5534a3707d0a876ceb76939908b271163cc0?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8\u0026tag=1.73.10-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:81b661df0703a3d7cddfce3be55b12aa297164177990b263f4b584bf9de948c7_amd64",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:81b661df0703a3d7cddfce3be55b12aa297164177990b263f4b584bf9de948c7_amd64",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:81b661df0703a3d7cddfce3be55b12aa297164177990b263f4b584bf9de948c7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:81b661df0703a3d7cddfce3be55b12aa297164177990b263f4b584bf9de948c7?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.6.0-21"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:fcbba8962e1f5fa864c073f86467468d732a6edc9fc78cbeb6050a35beced88e_amd64",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:fcbba8962e1f5fa864c073f86467468d732a6edc9fc78cbeb6050a35beced88e_amd64",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:fcbba8962e1f5fa864c073f86467468d732a6edc9fc78cbeb6050a35beced88e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:fcbba8962e1f5fa864c073f86467468d732a6edc9fc78cbeb6050a35beced88e?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.6.0-7"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:4e512e8195d93a887d411bf23da9602cdbfb46a0aa9b15292f500cf2eda284e6_amd64",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:4e512e8195d93a887d411bf23da9602cdbfb46a0aa9b15292f500cf2eda284e6_amd64",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:4e512e8195d93a887d411bf23da9602cdbfb46a0aa9b15292f500cf2eda284e6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:4e512e8195d93a887d411bf23da9602cdbfb46a0aa9b15292f500cf2eda284e6?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.73.9-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:7dd97c5e5b1c3502c52352decbe48b0f0998e59604da618dbb2689f8a9a86cf1_amd64",
"product": {
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:7dd97c5e5b1c3502c52352decbe48b0f0998e59604da618dbb2689f8a9a86cf1_amd64",
"product_id": "openshift-service-mesh/kiali-rhel8-operator@sha256:7dd97c5e5b1c3502c52352decbe48b0f0998e59604da618dbb2689f8a9a86cf1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8-operator@sha256:7dd97c5e5b1c3502c52352decbe48b0f0998e59604da618dbb2689f8a9a86cf1?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8-operator\u0026tag=1.73.10-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:293ef0eb34e035a972f5a45b87970cecc7942c6bee6da68c4d1f3ba2bd1e92d4_amd64",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:293ef0eb34e035a972f5a45b87970cecc7942c6bee6da68c4d1f3ba2bd1e92d4_amd64",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:293ef0eb34e035a972f5a45b87970cecc7942c6bee6da68c4d1f3ba2bd1e92d4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:293ef0eb34e035a972f5a45b87970cecc7942c6bee6da68c4d1f3ba2bd1e92d4?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.6.0-7"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:7bbef82965d81bd768d915a1bcc220c7fb21c321e2ffb861eb628c81eeb8e000_amd64",
"product": {
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:7bbef82965d81bd768d915a1bcc220c7fb21c321e2ffb861eb628c81eeb8e000_amd64",
"product_id": "openshift-service-mesh/istio-rhel8-operator@sha256:7bbef82965d81bd768d915a1bcc220c7fb21c321e2ffb861eb628c81eeb8e000_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-rhel8-operator@sha256:7bbef82965d81bd768d915a1bcc220c7fb21c321e2ffb861eb628c81eeb8e000?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-rhel8-operator\u0026tag=2.6.0-27"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:221bf107c93e183a093dc13a41d2e2d907e97c1a74242bf7bfefae2c1436f02c_amd64",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:221bf107c93e183a093dc13a41d2e2d907e97c1a74242bf7bfefae2c1436f02c_amd64",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:221bf107c93e183a093dc13a41d2e2d907e97c1a74242bf7bfefae2c1436f02c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:221bf107c93e183a093dc13a41d2e2d907e97c1a74242bf7bfefae2c1436f02c?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.6.0-19"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:f280ea9888acab2a2aee6fece6a99257b6b0a2093a042b958382684d1f590334_amd64",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:f280ea9888acab2a2aee6fece6a99257b6b0a2093a042b958382684d1f590334_amd64",
"product_id": "openshift-service-mesh/proxyv2-rhel9@sha256:f280ea9888acab2a2aee6fece6a99257b6b0a2093a042b958382684d1f590334_amd64",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel9@sha256:f280ea9888acab2a2aee6fece6a99257b6b0a2093a042b958382684d1f590334?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel9\u0026tag=2.6.0-18"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:563b8f4b130657936b077139d86d648e6c65d68cf51bbcf09f3f2790db23cfd8_amd64",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:563b8f4b130657936b077139d86d648e6c65d68cf51bbcf09f3f2790db23cfd8_amd64",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:563b8f4b130657936b077139d86d648e6c65d68cf51bbcf09f3f2790db23cfd8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:563b8f4b130657936b077139d86d648e6c65d68cf51bbcf09f3f2790db23cfd8?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.6.0-8"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:4f73fc9525b461cb31c7f76a776b3ba6d586de87e763f3dace8edea1031d2dd8_s390x as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:4f73fc9525b461cb31c7f76a776b3ba6d586de87e763f3dace8edea1031d2dd8_s390x"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:4f73fc9525b461cb31c7f76a776b3ba6d586de87e763f3dace8edea1031d2dd8_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:677746a7132573b2b40658fad4801cbe3d0381079f2d6cd7ee508318d75e6ad0_ppc64le as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:677746a7132573b2b40658fad4801cbe3d0381079f2d6cd7ee508318d75e6ad0_ppc64le"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:677746a7132573b2b40658fad4801cbe3d0381079f2d6cd7ee508318d75e6ad0_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:a312eee18c620e4b7c19258d2619b732a4fdf48320a04d8e216a018b99e046d7_arm64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a312eee18c620e4b7c19258d2619b732a4fdf48320a04d8e216a018b99e046d7_arm64"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:a312eee18c620e4b7c19258d2619b732a4fdf48320a04d8e216a018b99e046d7_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:fcbba8962e1f5fa864c073f86467468d732a6edc9fc78cbeb6050a35beced88e_amd64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:fcbba8962e1f5fa864c073f86467468d732a6edc9fc78cbeb6050a35beced88e_amd64"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:fcbba8962e1f5fa864c073f86467468d732a6edc9fc78cbeb6050a35beced88e_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:407b37dd42635c1d11de7cca69e620c140416a401c1a608d5e8f06a18ff51374_s390x as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:407b37dd42635c1d11de7cca69e620c140416a401c1a608d5e8f06a18ff51374_s390x"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:407b37dd42635c1d11de7cca69e620c140416a401c1a608d5e8f06a18ff51374_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:49542fec00ff65d1d4d27849c67468fb5d0b1314f7a9010d67c0dbbf55c1306b_arm64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:49542fec00ff65d1d4d27849c67468fb5d0b1314f7a9010d67c0dbbf55c1306b_arm64"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:49542fec00ff65d1d4d27849c67468fb5d0b1314f7a9010d67c0dbbf55c1306b_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:7d8a4815dee1f4e109876d47184b669e81dc22421b602f2beef48588f414743e_ppc64le as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:7d8a4815dee1f4e109876d47184b669e81dc22421b602f2beef48588f414743e_ppc64le"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:7d8a4815dee1f4e109876d47184b669e81dc22421b602f2beef48588f414743e_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:81b661df0703a3d7cddfce3be55b12aa297164177990b263f4b584bf9de948c7_amd64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:81b661df0703a3d7cddfce3be55b12aa297164177990b263f4b584bf9de948c7_amd64"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:81b661df0703a3d7cddfce3be55b12aa297164177990b263f4b584bf9de948c7_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:0172d2aefc611c66c1ceac5acbe771b0109944024ccaa1534a992c154cc70186_ppc64le as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:0172d2aefc611c66c1ceac5acbe771b0109944024ccaa1534a992c154cc70186_ppc64le"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:0172d2aefc611c66c1ceac5acbe771b0109944024ccaa1534a992c154cc70186_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:293ef0eb34e035a972f5a45b87970cecc7942c6bee6da68c4d1f3ba2bd1e92d4_amd64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:293ef0eb34e035a972f5a45b87970cecc7942c6bee6da68c4d1f3ba2bd1e92d4_amd64"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:293ef0eb34e035a972f5a45b87970cecc7942c6bee6da68c4d1f3ba2bd1e92d4_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:6327e0c83d4f21f33053bdc92a8091cfd7a53f272f57f3fa8e045611229f98ba_arm64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:6327e0c83d4f21f33053bdc92a8091cfd7a53f272f57f3fa8e045611229f98ba_arm64"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:6327e0c83d4f21f33053bdc92a8091cfd7a53f272f57f3fa8e045611229f98ba_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:dbbcfdcdd4b7dca0363140675ccbf5a7e17cf6671e9c7d0858309eaa9e3e35bb_s390x as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:dbbcfdcdd4b7dca0363140675ccbf5a7e17cf6671e9c7d0858309eaa9e3e35bb_s390x"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:dbbcfdcdd4b7dca0363140675ccbf5a7e17cf6671e9c7d0858309eaa9e3e35bb_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:28a794322e00582e5d74c3a7e0934735652d09ae83ac59f925434a8e2f32ca81_ppc64le as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:28a794322e00582e5d74c3a7e0934735652d09ae83ac59f925434a8e2f32ca81_ppc64le"
},
"product_reference": "openshift-service-mesh/istio-rhel8-operator@sha256:28a794322e00582e5d74c3a7e0934735652d09ae83ac59f925434a8e2f32ca81_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:7bbef82965d81bd768d915a1bcc220c7fb21c321e2ffb861eb628c81eeb8e000_amd64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:7bbef82965d81bd768d915a1bcc220c7fb21c321e2ffb861eb628c81eeb8e000_amd64"
},
"product_reference": "openshift-service-mesh/istio-rhel8-operator@sha256:7bbef82965d81bd768d915a1bcc220c7fb21c321e2ffb861eb628c81eeb8e000_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:abf18be2515f0e0bdf54c29e96c517043e23a248b84b72a7c77fb6627535435a_s390x as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:abf18be2515f0e0bdf54c29e96c517043e23a248b84b72a7c77fb6627535435a_s390x"
},
"product_reference": "openshift-service-mesh/istio-rhel8-operator@sha256:abf18be2515f0e0bdf54c29e96c517043e23a248b84b72a7c77fb6627535435a_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:c0341aec6013018cc7f97d4a9ac1ea4537a7fee8dbe473958ceab0f67e8bc502_arm64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:c0341aec6013018cc7f97d4a9ac1ea4537a7fee8dbe473958ceab0f67e8bc502_arm64"
},
"product_reference": "openshift-service-mesh/istio-rhel8-operator@sha256:c0341aec6013018cc7f97d4a9ac1ea4537a7fee8dbe473958ceab0f67e8bc502_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:084b7af79fce2ccd8e9291054e727cd536b2e8d0392d6fae41070acc640dda7d_s390x as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:084b7af79fce2ccd8e9291054e727cd536b2e8d0392d6fae41070acc640dda7d_s390x"
},
"product_reference": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:084b7af79fce2ccd8e9291054e727cd536b2e8d0392d6fae41070acc640dda7d_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:392e140789a39e10526de2cae19316759ff36c954c7b0e8d88fac91556be3bf0_arm64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:392e140789a39e10526de2cae19316759ff36c954c7b0e8d88fac91556be3bf0_arm64"
},
"product_reference": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:392e140789a39e10526de2cae19316759ff36c954c7b0e8d88fac91556be3bf0_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:86b5406c483065ae2085721e6069f36767d6dc512d8f885ac02660955fb5fbed_ppc64le as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:86b5406c483065ae2085721e6069f36767d6dc512d8f885ac02660955fb5fbed_ppc64le"
},
"product_reference": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:86b5406c483065ae2085721e6069f36767d6dc512d8f885ac02660955fb5fbed_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:b55b09211c8e5857060baca392be5534a3707d0a876ceb76939908b271163cc0_amd64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b55b09211c8e5857060baca392be5534a3707d0a876ceb76939908b271163cc0_amd64"
},
"product_reference": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:b55b09211c8e5857060baca392be5534a3707d0a876ceb76939908b271163cc0_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:09d04d86a4e646d6e45e57893d383432fa966ac536e460ff6fdd375c939d96ca_ppc64le as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:09d04d86a4e646d6e45e57893d383432fa966ac536e460ff6fdd375c939d96ca_ppc64le"
},
"product_reference": "openshift-service-mesh/kiali-rhel8-operator@sha256:09d04d86a4e646d6e45e57893d383432fa966ac536e460ff6fdd375c939d96ca_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:5f070c96656b4e01a691caa916dcf81fb34c153d192d26acec7c08cc7f9d6fda_arm64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5f070c96656b4e01a691caa916dcf81fb34c153d192d26acec7c08cc7f9d6fda_arm64"
},
"product_reference": "openshift-service-mesh/kiali-rhel8-operator@sha256:5f070c96656b4e01a691caa916dcf81fb34c153d192d26acec7c08cc7f9d6fda_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:7dd97c5e5b1c3502c52352decbe48b0f0998e59604da618dbb2689f8a9a86cf1_amd64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7dd97c5e5b1c3502c52352decbe48b0f0998e59604da618dbb2689f8a9a86cf1_amd64"
},
"product_reference": "openshift-service-mesh/kiali-rhel8-operator@sha256:7dd97c5e5b1c3502c52352decbe48b0f0998e59604da618dbb2689f8a9a86cf1_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:cdf3a7e2f5e76c59d9b3228daeabce86478693f7311ff44db0b0bbe41d9cc310_s390x as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:cdf3a7e2f5e76c59d9b3228daeabce86478693f7311ff44db0b0bbe41d9cc310_s390x"
},
"product_reference": "openshift-service-mesh/kiali-rhel8-operator@sha256:cdf3a7e2f5e76c59d9b3228daeabce86478693f7311ff44db0b0bbe41d9cc310_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:4d0c6c49b2c660d5ed04273cfcd5e01444c7c479432c374ecbcb4b99334b2ac9_s390x as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4d0c6c49b2c660d5ed04273cfcd5e01444c7c479432c374ecbcb4b99334b2ac9_s390x"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:4d0c6c49b2c660d5ed04273cfcd5e01444c7c479432c374ecbcb4b99334b2ac9_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:4e512e8195d93a887d411bf23da9602cdbfb46a0aa9b15292f500cf2eda284e6_amd64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4e512e8195d93a887d411bf23da9602cdbfb46a0aa9b15292f500cf2eda284e6_amd64"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:4e512e8195d93a887d411bf23da9602cdbfb46a0aa9b15292f500cf2eda284e6_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:4f581fd9388ba9256a34b85296a8f3728826804bd9f59fe0f8832d91c3ecc8ae_ppc64le as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4f581fd9388ba9256a34b85296a8f3728826804bd9f59fe0f8832d91c3ecc8ae_ppc64le"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:4f581fd9388ba9256a34b85296a8f3728826804bd9f59fe0f8832d91c3ecc8ae_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:c0bb751d102763412fc936fb3b69a45e477bc2c0aa71b5f6fa5c0f69a94d8767_arm64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:c0bb751d102763412fc936fb3b69a45e477bc2c0aa71b5f6fa5c0f69a94d8767_arm64"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:c0bb751d102763412fc936fb3b69a45e477bc2c0aa71b5f6fa5c0f69a94d8767_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:099a9a6e6ecc221ce47fe8da358fb90caf1de22cc90353adbd2f4073e3a8c962_s390x as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:099a9a6e6ecc221ce47fe8da358fb90caf1de22cc90353adbd2f4073e3a8c962_s390x"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:099a9a6e6ecc221ce47fe8da358fb90caf1de22cc90353adbd2f4073e3a8c962_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:221bf107c93e183a093dc13a41d2e2d907e97c1a74242bf7bfefae2c1436f02c_amd64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:221bf107c93e183a093dc13a41d2e2d907e97c1a74242bf7bfefae2c1436f02c_amd64"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:221bf107c93e183a093dc13a41d2e2d907e97c1a74242bf7bfefae2c1436f02c_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:6c6842b5ba5d85e3d9990ae73754499863ed648c9b7efa9c75ab7936093d6c06_ppc64le as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:6c6842b5ba5d85e3d9990ae73754499863ed648c9b7efa9c75ab7936093d6c06_ppc64le"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:6c6842b5ba5d85e3d9990ae73754499863ed648c9b7efa9c75ab7936093d6c06_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:df0b0c0364bbe30220bd92c24ba41c54d4b871503e6b4ccdc8b7991031830637_arm64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:df0b0c0364bbe30220bd92c24ba41c54d4b871503e6b4ccdc8b7991031830637_arm64"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:df0b0c0364bbe30220bd92c24ba41c54d4b871503e6b4ccdc8b7991031830637_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:0ab18d9cc3d927e162c25e895bb5d55a970b5906f83c95f0759b659a2a2d45c2_ppc64le as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0ab18d9cc3d927e162c25e895bb5d55a970b5906f83c95f0759b659a2a2d45c2_ppc64le"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:0ab18d9cc3d927e162c25e895bb5d55a970b5906f83c95f0759b659a2a2d45c2_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:563b8f4b130657936b077139d86d648e6c65d68cf51bbcf09f3f2790db23cfd8_amd64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:563b8f4b130657936b077139d86d648e6c65d68cf51bbcf09f3f2790db23cfd8_amd64"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:563b8f4b130657936b077139d86d648e6c65d68cf51bbcf09f3f2790db23cfd8_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:911f2c0b5159f6c13c6f4dc958ac66e987cab2b091f55e75b998d95cc1ae3e72_arm64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:911f2c0b5159f6c13c6f4dc958ac66e987cab2b091f55e75b998d95cc1ae3e72_arm64"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:911f2c0b5159f6c13c6f4dc958ac66e987cab2b091f55e75b998d95cc1ae3e72_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:f4d5e0ab476f92e9985e86c0a6200f82e60972df12976c2ca64ff596c8e84bd0_s390x as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:f4d5e0ab476f92e9985e86c0a6200f82e60972df12976c2ca64ff596c8e84bd0_s390x"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:f4d5e0ab476f92e9985e86c0a6200f82e60972df12976c2ca64ff596c8e84bd0_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:7672a4b3475e71674897eb4c2d47c84bd7151ff71716d19dd29d8e140bc7b2ec_s390x as a component of RHOSSM 2.6 for RHEL 9",
"product_id": "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:7672a4b3475e71674897eb4c2d47c84bd7151ff71716d19dd29d8e140bc7b2ec_s390x"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel9@sha256:7672a4b3475e71674897eb4c2d47c84bd7151ff71716d19dd29d8e140bc7b2ec_s390x",
"relates_to_product_reference": "9Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:823118b612b0bfc3c10d1ad07d65236a8e21d703e64a09c5bdc9377fc0e7cf47_arm64 as a component of RHOSSM 2.6 for RHEL 9",
"product_id": "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:823118b612b0bfc3c10d1ad07d65236a8e21d703e64a09c5bdc9377fc0e7cf47_arm64"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel9@sha256:823118b612b0bfc3c10d1ad07d65236a8e21d703e64a09c5bdc9377fc0e7cf47_arm64",
"relates_to_product_reference": "9Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:8355c8f725d3713be992545bc8396582be6d792bec620b95bc5cd5475436a903_ppc64le as a component of RHOSSM 2.6 for RHEL 9",
"product_id": "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:8355c8f725d3713be992545bc8396582be6d792bec620b95bc5cd5475436a903_ppc64le"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel9@sha256:8355c8f725d3713be992545bc8396582be6d792bec620b95bc5cd5475436a903_ppc64le",
"relates_to_product_reference": "9Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:f280ea9888acab2a2aee6fece6a99257b6b0a2093a042b958382684d1f590334_amd64 as a component of RHOSSM 2.6 for RHEL 9",
"product_id": "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f280ea9888acab2a2aee6fece6a99257b6b0a2093a042b958382684d1f590334_amd64"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel9@sha256:f280ea9888acab2a2aee6fece6a99257b6b0a2093a042b958382684d1f590334_amd64",
"relates_to_product_reference": "9Base-RHOSSM-2.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-12608",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2024-04-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2275812"
}
],
"notes": [
{
"category": "description",
"text": "A certificate signing vulnerability was found in Moby. This issue could allow an unauthenticated remote attacker to validate a TLS certificate using Certificate Authorities (CA) from the system instead of only by a specified client CA root, which could allow bypassing of some certificate authorization rules, reducing system integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "moby: cert signing bypass",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:4f73fc9525b461cb31c7f76a776b3ba6d586de87e763f3dace8edea1031d2dd8_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:677746a7132573b2b40658fad4801cbe3d0381079f2d6cd7ee508318d75e6ad0_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a312eee18c620e4b7c19258d2619b732a4fdf48320a04d8e216a018b99e046d7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:fcbba8962e1f5fa864c073f86467468d732a6edc9fc78cbeb6050a35beced88e_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:407b37dd42635c1d11de7cca69e620c140416a401c1a608d5e8f06a18ff51374_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:49542fec00ff65d1d4d27849c67468fb5d0b1314f7a9010d67c0dbbf55c1306b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:7d8a4815dee1f4e109876d47184b669e81dc22421b602f2beef48588f414743e_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:81b661df0703a3d7cddfce3be55b12aa297164177990b263f4b584bf9de948c7_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:0172d2aefc611c66c1ceac5acbe771b0109944024ccaa1534a992c154cc70186_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:293ef0eb34e035a972f5a45b87970cecc7942c6bee6da68c4d1f3ba2bd1e92d4_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:6327e0c83d4f21f33053bdc92a8091cfd7a53f272f57f3fa8e045611229f98ba_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:dbbcfdcdd4b7dca0363140675ccbf5a7e17cf6671e9c7d0858309eaa9e3e35bb_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:28a794322e00582e5d74c3a7e0934735652d09ae83ac59f925434a8e2f32ca81_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:7bbef82965d81bd768d915a1bcc220c7fb21c321e2ffb861eb628c81eeb8e000_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:abf18be2515f0e0bdf54c29e96c517043e23a248b84b72a7c77fb6627535435a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:c0341aec6013018cc7f97d4a9ac1ea4537a7fee8dbe473958ceab0f67e8bc502_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:084b7af79fce2ccd8e9291054e727cd536b2e8d0392d6fae41070acc640dda7d_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:392e140789a39e10526de2cae19316759ff36c954c7b0e8d88fac91556be3bf0_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:86b5406c483065ae2085721e6069f36767d6dc512d8f885ac02660955fb5fbed_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b55b09211c8e5857060baca392be5534a3707d0a876ceb76939908b271163cc0_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:09d04d86a4e646d6e45e57893d383432fa966ac536e460ff6fdd375c939d96ca_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5f070c96656b4e01a691caa916dcf81fb34c153d192d26acec7c08cc7f9d6fda_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7dd97c5e5b1c3502c52352decbe48b0f0998e59604da618dbb2689f8a9a86cf1_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:cdf3a7e2f5e76c59d9b3228daeabce86478693f7311ff44db0b0bbe41d9cc310_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4d0c6c49b2c660d5ed04273cfcd5e01444c7c479432c374ecbcb4b99334b2ac9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4e512e8195d93a887d411bf23da9602cdbfb46a0aa9b15292f500cf2eda284e6_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4f581fd9388ba9256a34b85296a8f3728826804bd9f59fe0f8832d91c3ecc8ae_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:c0bb751d102763412fc936fb3b69a45e477bc2c0aa71b5f6fa5c0f69a94d8767_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:099a9a6e6ecc221ce47fe8da358fb90caf1de22cc90353adbd2f4073e3a8c962_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:221bf107c93e183a093dc13a41d2e2d907e97c1a74242bf7bfefae2c1436f02c_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:6c6842b5ba5d85e3d9990ae73754499863ed648c9b7efa9c75ab7936093d6c06_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:df0b0c0364bbe30220bd92c24ba41c54d4b871503e6b4ccdc8b7991031830637_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0ab18d9cc3d927e162c25e895bb5d55a970b5906f83c95f0759b659a2a2d45c2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:563b8f4b130657936b077139d86d648e6c65d68cf51bbcf09f3f2790db23cfd8_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:911f2c0b5159f6c13c6f4dc958ac66e987cab2b091f55e75b998d95cc1ae3e72_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:f4d5e0ab476f92e9985e86c0a6200f82e60972df12976c2ca64ff596c8e84bd0_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:7672a4b3475e71674897eb4c2d47c84bd7151ff71716d19dd29d8e140bc7b2ec_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:823118b612b0bfc3c10d1ad07d65236a8e21d703e64a09c5bdc9377fc0e7cf47_arm64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:8355c8f725d3713be992545bc8396582be6d792bec620b95bc5cd5475436a903_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f280ea9888acab2a2aee6fece6a99257b6b0a2093a042b958382684d1f590334_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-12608"
},
{
"category": "external",
"summary": "RHBZ#2275812",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275812"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-12608",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12608"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-12608",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-12608"
},
{
"category": "external",
"summary": "https://github.com/golang/vulndb/issues/2209",
"url": "https://github.com/golang/vulndb/issues/2209"
}
],
"release_date": "2018-10-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-08-07T15:39:25+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:4f73fc9525b461cb31c7f76a776b3ba6d586de87e763f3dace8edea1031d2dd8_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:677746a7132573b2b40658fad4801cbe3d0381079f2d6cd7ee508318d75e6ad0_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a312eee18c620e4b7c19258d2619b732a4fdf48320a04d8e216a018b99e046d7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:fcbba8962e1f5fa864c073f86467468d732a6edc9fc78cbeb6050a35beced88e_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:407b37dd42635c1d11de7cca69e620c140416a401c1a608d5e8f06a18ff51374_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:49542fec00ff65d1d4d27849c67468fb5d0b1314f7a9010d67c0dbbf55c1306b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:7d8a4815dee1f4e109876d47184b669e81dc22421b602f2beef48588f414743e_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:81b661df0703a3d7cddfce3be55b12aa297164177990b263f4b584bf9de948c7_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:0172d2aefc611c66c1ceac5acbe771b0109944024ccaa1534a992c154cc70186_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:293ef0eb34e035a972f5a45b87970cecc7942c6bee6da68c4d1f3ba2bd1e92d4_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:6327e0c83d4f21f33053bdc92a8091cfd7a53f272f57f3fa8e045611229f98ba_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:dbbcfdcdd4b7dca0363140675ccbf5a7e17cf6671e9c7d0858309eaa9e3e35bb_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:28a794322e00582e5d74c3a7e0934735652d09ae83ac59f925434a8e2f32ca81_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:7bbef82965d81bd768d915a1bcc220c7fb21c321e2ffb861eb628c81eeb8e000_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:abf18be2515f0e0bdf54c29e96c517043e23a248b84b72a7c77fb6627535435a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:c0341aec6013018cc7f97d4a9ac1ea4537a7fee8dbe473958ceab0f67e8bc502_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:084b7af79fce2ccd8e9291054e727cd536b2e8d0392d6fae41070acc640dda7d_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:392e140789a39e10526de2cae19316759ff36c954c7b0e8d88fac91556be3bf0_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:86b5406c483065ae2085721e6069f36767d6dc512d8f885ac02660955fb5fbed_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b55b09211c8e5857060baca392be5534a3707d0a876ceb76939908b271163cc0_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:09d04d86a4e646d6e45e57893d383432fa966ac536e460ff6fdd375c939d96ca_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5f070c96656b4e01a691caa916dcf81fb34c153d192d26acec7c08cc7f9d6fda_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7dd97c5e5b1c3502c52352decbe48b0f0998e59604da618dbb2689f8a9a86cf1_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:cdf3a7e2f5e76c59d9b3228daeabce86478693f7311ff44db0b0bbe41d9cc310_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4d0c6c49b2c660d5ed04273cfcd5e01444c7c479432c374ecbcb4b99334b2ac9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4e512e8195d93a887d411bf23da9602cdbfb46a0aa9b15292f500cf2eda284e6_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4f581fd9388ba9256a34b85296a8f3728826804bd9f59fe0f8832d91c3ecc8ae_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:c0bb751d102763412fc936fb3b69a45e477bc2c0aa71b5f6fa5c0f69a94d8767_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:099a9a6e6ecc221ce47fe8da358fb90caf1de22cc90353adbd2f4073e3a8c962_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:221bf107c93e183a093dc13a41d2e2d907e97c1a74242bf7bfefae2c1436f02c_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:6c6842b5ba5d85e3d9990ae73754499863ed648c9b7efa9c75ab7936093d6c06_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:df0b0c0364bbe30220bd92c24ba41c54d4b871503e6b4ccdc8b7991031830637_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0ab18d9cc3d927e162c25e895bb5d55a970b5906f83c95f0759b659a2a2d45c2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:563b8f4b130657936b077139d86d648e6c65d68cf51bbcf09f3f2790db23cfd8_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:911f2c0b5159f6c13c6f4dc958ac66e987cab2b091f55e75b998d95cc1ae3e72_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:f4d5e0ab476f92e9985e86c0a6200f82e60972df12976c2ca64ff596c8e84bd0_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:7672a4b3475e71674897eb4c2d47c84bd7151ff71716d19dd29d8e140bc7b2ec_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:823118b612b0bfc3c10d1ad07d65236a8e21d703e64a09c5bdc9377fc0e7cf47_arm64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:8355c8f725d3713be992545bc8396582be6d792bec620b95bc5cd5475436a903_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f280ea9888acab2a2aee6fece6a99257b6b0a2093a042b958382684d1f590334_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:5094"
},
{
"category": "workaround",
"details": "Some environments may be able to mitigate this issue by removing extra CAs from the host.",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:4f73fc9525b461cb31c7f76a776b3ba6d586de87e763f3dace8edea1031d2dd8_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:677746a7132573b2b40658fad4801cbe3d0381079f2d6cd7ee508318d75e6ad0_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a312eee18c620e4b7c19258d2619b732a4fdf48320a04d8e216a018b99e046d7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:fcbba8962e1f5fa864c073f86467468d732a6edc9fc78cbeb6050a35beced88e_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:407b37dd42635c1d11de7cca69e620c140416a401c1a608d5e8f06a18ff51374_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:49542fec00ff65d1d4d27849c67468fb5d0b1314f7a9010d67c0dbbf55c1306b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:7d8a4815dee1f4e109876d47184b669e81dc22421b602f2beef48588f414743e_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:81b661df0703a3d7cddfce3be55b12aa297164177990b263f4b584bf9de948c7_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:0172d2aefc611c66c1ceac5acbe771b0109944024ccaa1534a992c154cc70186_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:293ef0eb34e035a972f5a45b87970cecc7942c6bee6da68c4d1f3ba2bd1e92d4_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:6327e0c83d4f21f33053bdc92a8091cfd7a53f272f57f3fa8e045611229f98ba_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:dbbcfdcdd4b7dca0363140675ccbf5a7e17cf6671e9c7d0858309eaa9e3e35bb_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:28a794322e00582e5d74c3a7e0934735652d09ae83ac59f925434a8e2f32ca81_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:7bbef82965d81bd768d915a1bcc220c7fb21c321e2ffb861eb628c81eeb8e000_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:abf18be2515f0e0bdf54c29e96c517043e23a248b84b72a7c77fb6627535435a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:c0341aec6013018cc7f97d4a9ac1ea4537a7fee8dbe473958ceab0f67e8bc502_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:084b7af79fce2ccd8e9291054e727cd536b2e8d0392d6fae41070acc640dda7d_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:392e140789a39e10526de2cae19316759ff36c954c7b0e8d88fac91556be3bf0_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:86b5406c483065ae2085721e6069f36767d6dc512d8f885ac02660955fb5fbed_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b55b09211c8e5857060baca392be5534a3707d0a876ceb76939908b271163cc0_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:09d04d86a4e646d6e45e57893d383432fa966ac536e460ff6fdd375c939d96ca_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5f070c96656b4e01a691caa916dcf81fb34c153d192d26acec7c08cc7f9d6fda_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7dd97c5e5b1c3502c52352decbe48b0f0998e59604da618dbb2689f8a9a86cf1_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:cdf3a7e2f5e76c59d9b3228daeabce86478693f7311ff44db0b0bbe41d9cc310_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4d0c6c49b2c660d5ed04273cfcd5e01444c7c479432c374ecbcb4b99334b2ac9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4e512e8195d93a887d411bf23da9602cdbfb46a0aa9b15292f500cf2eda284e6_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4f581fd9388ba9256a34b85296a8f3728826804bd9f59fe0f8832d91c3ecc8ae_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:c0bb751d102763412fc936fb3b69a45e477bc2c0aa71b5f6fa5c0f69a94d8767_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:099a9a6e6ecc221ce47fe8da358fb90caf1de22cc90353adbd2f4073e3a8c962_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:221bf107c93e183a093dc13a41d2e2d907e97c1a74242bf7bfefae2c1436f02c_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:6c6842b5ba5d85e3d9990ae73754499863ed648c9b7efa9c75ab7936093d6c06_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:df0b0c0364bbe30220bd92c24ba41c54d4b871503e6b4ccdc8b7991031830637_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0ab18d9cc3d927e162c25e895bb5d55a970b5906f83c95f0759b659a2a2d45c2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:563b8f4b130657936b077139d86d648e6c65d68cf51bbcf09f3f2790db23cfd8_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:911f2c0b5159f6c13c6f4dc958ac66e987cab2b091f55e75b998d95cc1ae3e72_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:f4d5e0ab476f92e9985e86c0a6200f82e60972df12976c2ca64ff596c8e84bd0_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:7672a4b3475e71674897eb4c2d47c84bd7151ff71716d19dd29d8e140bc7b2ec_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:823118b612b0bfc3c10d1ad07d65236a8e21d703e64a09c5bdc9377fc0e7cf47_arm64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:8355c8f725d3713be992545bc8396582be6d792bec620b95bc5cd5475436a903_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f280ea9888acab2a2aee6fece6a99257b6b0a2093a042b958382684d1f590334_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:4f73fc9525b461cb31c7f76a776b3ba6d586de87e763f3dace8edea1031d2dd8_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:677746a7132573b2b40658fad4801cbe3d0381079f2d6cd7ee508318d75e6ad0_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a312eee18c620e4b7c19258d2619b732a4fdf48320a04d8e216a018b99e046d7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:fcbba8962e1f5fa864c073f86467468d732a6edc9fc78cbeb6050a35beced88e_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:407b37dd42635c1d11de7cca69e620c140416a401c1a608d5e8f06a18ff51374_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:49542fec00ff65d1d4d27849c67468fb5d0b1314f7a9010d67c0dbbf55c1306b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:7d8a4815dee1f4e109876d47184b669e81dc22421b602f2beef48588f414743e_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:81b661df0703a3d7cddfce3be55b12aa297164177990b263f4b584bf9de948c7_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:0172d2aefc611c66c1ceac5acbe771b0109944024ccaa1534a992c154cc70186_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:293ef0eb34e035a972f5a45b87970cecc7942c6bee6da68c4d1f3ba2bd1e92d4_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:6327e0c83d4f21f33053bdc92a8091cfd7a53f272f57f3fa8e045611229f98ba_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:dbbcfdcdd4b7dca0363140675ccbf5a7e17cf6671e9c7d0858309eaa9e3e35bb_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:28a794322e00582e5d74c3a7e0934735652d09ae83ac59f925434a8e2f32ca81_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:7bbef82965d81bd768d915a1bcc220c7fb21c321e2ffb861eb628c81eeb8e000_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:abf18be2515f0e0bdf54c29e96c517043e23a248b84b72a7c77fb6627535435a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:c0341aec6013018cc7f97d4a9ac1ea4537a7fee8dbe473958ceab0f67e8bc502_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:084b7af79fce2ccd8e9291054e727cd536b2e8d0392d6fae41070acc640dda7d_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:392e140789a39e10526de2cae19316759ff36c954c7b0e8d88fac91556be3bf0_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:86b5406c483065ae2085721e6069f36767d6dc512d8f885ac02660955fb5fbed_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b55b09211c8e5857060baca392be5534a3707d0a876ceb76939908b271163cc0_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:09d04d86a4e646d6e45e57893d383432fa966ac536e460ff6fdd375c939d96ca_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5f070c96656b4e01a691caa916dcf81fb34c153d192d26acec7c08cc7f9d6fda_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7dd97c5e5b1c3502c52352decbe48b0f0998e59604da618dbb2689f8a9a86cf1_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:cdf3a7e2f5e76c59d9b3228daeabce86478693f7311ff44db0b0bbe41d9cc310_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4d0c6c49b2c660d5ed04273cfcd5e01444c7c479432c374ecbcb4b99334b2ac9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4e512e8195d93a887d411bf23da9602cdbfb46a0aa9b15292f500cf2eda284e6_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4f581fd9388ba9256a34b85296a8f3728826804bd9f59fe0f8832d91c3ecc8ae_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:c0bb751d102763412fc936fb3b69a45e477bc2c0aa71b5f6fa5c0f69a94d8767_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:099a9a6e6ecc221ce47fe8da358fb90caf1de22cc90353adbd2f4073e3a8c962_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:221bf107c93e183a093dc13a41d2e2d907e97c1a74242bf7bfefae2c1436f02c_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:6c6842b5ba5d85e3d9990ae73754499863ed648c9b7efa9c75ab7936093d6c06_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:df0b0c0364bbe30220bd92c24ba41c54d4b871503e6b4ccdc8b7991031830637_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0ab18d9cc3d927e162c25e895bb5d55a970b5906f83c95f0759b659a2a2d45c2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:563b8f4b130657936b077139d86d648e6c65d68cf51bbcf09f3f2790db23cfd8_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:911f2c0b5159f6c13c6f4dc958ac66e987cab2b091f55e75b998d95cc1ae3e72_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:f4d5e0ab476f92e9985e86c0a6200f82e60972df12976c2ca64ff596c8e84bd0_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:7672a4b3475e71674897eb4c2d47c84bd7151ff71716d19dd29d8e140bc7b2ec_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:823118b612b0bfc3c10d1ad07d65236a8e21d703e64a09c5bdc9377fc0e7cf47_arm64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:8355c8f725d3713be992545bc8396582be6d792bec620b95bc5cd5475436a903_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f280ea9888acab2a2aee6fece6a99257b6b0a2093a042b958382684d1f590334_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "moby: cert signing bypass"
},
{
"cve": "CVE-2024-22189",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2024-04-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2273513"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in quic-go. This issue may allow an attacker to trigger a denial of service by sending a large number of NEW_CONNECTION_ID frames that retire old connection IDs. The receiver is supposed to respond to each retirement frame with a RETIRE_CONNECTION_ID frame, but the attacker can prevent the receiver from sending out the vast majority of these RETIRE_CONNECTION_ID frames by selectively acknowledging received packets and collapsing the peers congestion window and by manipulating the peer\u0027s RTT estimate.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "quic-go: memory exhaustion attack against QUIC\u0027s connection ID mechanism",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Within regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-770: Allocation of Resources Without Limits or Throttling vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nThe platform enforces hardening guidelines to apply the most restrictive settings required for operations, while baseline configurations maintain secure system and software states. A defense-in-depth monitoring strategy includes perimeter firewalls and endpoint protection services that detect excessive resource usage caused by malicious activity or system misconfigurations. In the event of exploitation, process isolation ensures workloads operate in separate environments, preventing any single process from overconsuming CPU or memory and degrading system performance.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:4f73fc9525b461cb31c7f76a776b3ba6d586de87e763f3dace8edea1031d2dd8_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:677746a7132573b2b40658fad4801cbe3d0381079f2d6cd7ee508318d75e6ad0_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a312eee18c620e4b7c19258d2619b732a4fdf48320a04d8e216a018b99e046d7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:fcbba8962e1f5fa864c073f86467468d732a6edc9fc78cbeb6050a35beced88e_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:407b37dd42635c1d11de7cca69e620c140416a401c1a608d5e8f06a18ff51374_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:49542fec00ff65d1d4d27849c67468fb5d0b1314f7a9010d67c0dbbf55c1306b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:7d8a4815dee1f4e109876d47184b669e81dc22421b602f2beef48588f414743e_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:81b661df0703a3d7cddfce3be55b12aa297164177990b263f4b584bf9de948c7_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:0172d2aefc611c66c1ceac5acbe771b0109944024ccaa1534a992c154cc70186_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:293ef0eb34e035a972f5a45b87970cecc7942c6bee6da68c4d1f3ba2bd1e92d4_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:6327e0c83d4f21f33053bdc92a8091cfd7a53f272f57f3fa8e045611229f98ba_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:dbbcfdcdd4b7dca0363140675ccbf5a7e17cf6671e9c7d0858309eaa9e3e35bb_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:28a794322e00582e5d74c3a7e0934735652d09ae83ac59f925434a8e2f32ca81_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:7bbef82965d81bd768d915a1bcc220c7fb21c321e2ffb861eb628c81eeb8e000_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:abf18be2515f0e0bdf54c29e96c517043e23a248b84b72a7c77fb6627535435a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:c0341aec6013018cc7f97d4a9ac1ea4537a7fee8dbe473958ceab0f67e8bc502_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:084b7af79fce2ccd8e9291054e727cd536b2e8d0392d6fae41070acc640dda7d_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:392e140789a39e10526de2cae19316759ff36c954c7b0e8d88fac91556be3bf0_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:86b5406c483065ae2085721e6069f36767d6dc512d8f885ac02660955fb5fbed_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b55b09211c8e5857060baca392be5534a3707d0a876ceb76939908b271163cc0_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:09d04d86a4e646d6e45e57893d383432fa966ac536e460ff6fdd375c939d96ca_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5f070c96656b4e01a691caa916dcf81fb34c153d192d26acec7c08cc7f9d6fda_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7dd97c5e5b1c3502c52352decbe48b0f0998e59604da618dbb2689f8a9a86cf1_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:cdf3a7e2f5e76c59d9b3228daeabce86478693f7311ff44db0b0bbe41d9cc310_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4d0c6c49b2c660d5ed04273cfcd5e01444c7c479432c374ecbcb4b99334b2ac9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4e512e8195d93a887d411bf23da9602cdbfb46a0aa9b15292f500cf2eda284e6_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4f581fd9388ba9256a34b85296a8f3728826804bd9f59fe0f8832d91c3ecc8ae_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:c0bb751d102763412fc936fb3b69a45e477bc2c0aa71b5f6fa5c0f69a94d8767_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:099a9a6e6ecc221ce47fe8da358fb90caf1de22cc90353adbd2f4073e3a8c962_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:221bf107c93e183a093dc13a41d2e2d907e97c1a74242bf7bfefae2c1436f02c_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:6c6842b5ba5d85e3d9990ae73754499863ed648c9b7efa9c75ab7936093d6c06_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:df0b0c0364bbe30220bd92c24ba41c54d4b871503e6b4ccdc8b7991031830637_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0ab18d9cc3d927e162c25e895bb5d55a970b5906f83c95f0759b659a2a2d45c2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:563b8f4b130657936b077139d86d648e6c65d68cf51bbcf09f3f2790db23cfd8_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:911f2c0b5159f6c13c6f4dc958ac66e987cab2b091f55e75b998d95cc1ae3e72_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:f4d5e0ab476f92e9985e86c0a6200f82e60972df12976c2ca64ff596c8e84bd0_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:7672a4b3475e71674897eb4c2d47c84bd7151ff71716d19dd29d8e140bc7b2ec_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:823118b612b0bfc3c10d1ad07d65236a8e21d703e64a09c5bdc9377fc0e7cf47_arm64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:8355c8f725d3713be992545bc8396582be6d792bec620b95bc5cd5475436a903_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f280ea9888acab2a2aee6fece6a99257b6b0a2093a042b958382684d1f590334_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-22189"
},
{
"category": "external",
"summary": "RHBZ#2273513",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2273513"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-22189",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22189"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-22189",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-22189"
},
{
"category": "external",
"summary": "https://github.com/quic-go/quic-go/commit/4a99b816ae3ab03ae5449d15aac45147c85ed47a",
"url": "https://github.com/quic-go/quic-go/commit/4a99b816ae3ab03ae5449d15aac45147c85ed47a"
},
{
"category": "external",
"summary": "https://github.com/quic-go/quic-go/security/advisories/GHSA-c33x-xqrf-c478",
"url": "https://github.com/quic-go/quic-go/security/advisories/GHSA-c33x-xqrf-c478"
},
{
"category": "external",
"summary": "https://seemann.io/posts/2024-03-19-exploiting-quics-connection-id-management",
"url": "https://seemann.io/posts/2024-03-19-exploiting-quics-connection-id-management"
}
],
"release_date": "2024-04-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-08-07T15:39:25+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:4f73fc9525b461cb31c7f76a776b3ba6d586de87e763f3dace8edea1031d2dd8_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:677746a7132573b2b40658fad4801cbe3d0381079f2d6cd7ee508318d75e6ad0_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a312eee18c620e4b7c19258d2619b732a4fdf48320a04d8e216a018b99e046d7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:fcbba8962e1f5fa864c073f86467468d732a6edc9fc78cbeb6050a35beced88e_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:407b37dd42635c1d11de7cca69e620c140416a401c1a608d5e8f06a18ff51374_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:49542fec00ff65d1d4d27849c67468fb5d0b1314f7a9010d67c0dbbf55c1306b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:7d8a4815dee1f4e109876d47184b669e81dc22421b602f2beef48588f414743e_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:81b661df0703a3d7cddfce3be55b12aa297164177990b263f4b584bf9de948c7_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:0172d2aefc611c66c1ceac5acbe771b0109944024ccaa1534a992c154cc70186_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:293ef0eb34e035a972f5a45b87970cecc7942c6bee6da68c4d1f3ba2bd1e92d4_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:6327e0c83d4f21f33053bdc92a8091cfd7a53f272f57f3fa8e045611229f98ba_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:dbbcfdcdd4b7dca0363140675ccbf5a7e17cf6671e9c7d0858309eaa9e3e35bb_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:28a794322e00582e5d74c3a7e0934735652d09ae83ac59f925434a8e2f32ca81_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:7bbef82965d81bd768d915a1bcc220c7fb21c321e2ffb861eb628c81eeb8e000_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:abf18be2515f0e0bdf54c29e96c517043e23a248b84b72a7c77fb6627535435a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:c0341aec6013018cc7f97d4a9ac1ea4537a7fee8dbe473958ceab0f67e8bc502_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:084b7af79fce2ccd8e9291054e727cd536b2e8d0392d6fae41070acc640dda7d_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:392e140789a39e10526de2cae19316759ff36c954c7b0e8d88fac91556be3bf0_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:86b5406c483065ae2085721e6069f36767d6dc512d8f885ac02660955fb5fbed_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b55b09211c8e5857060baca392be5534a3707d0a876ceb76939908b271163cc0_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:09d04d86a4e646d6e45e57893d383432fa966ac536e460ff6fdd375c939d96ca_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5f070c96656b4e01a691caa916dcf81fb34c153d192d26acec7c08cc7f9d6fda_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7dd97c5e5b1c3502c52352decbe48b0f0998e59604da618dbb2689f8a9a86cf1_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:cdf3a7e2f5e76c59d9b3228daeabce86478693f7311ff44db0b0bbe41d9cc310_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4d0c6c49b2c660d5ed04273cfcd5e01444c7c479432c374ecbcb4b99334b2ac9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4e512e8195d93a887d411bf23da9602cdbfb46a0aa9b15292f500cf2eda284e6_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4f581fd9388ba9256a34b85296a8f3728826804bd9f59fe0f8832d91c3ecc8ae_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:c0bb751d102763412fc936fb3b69a45e477bc2c0aa71b5f6fa5c0f69a94d8767_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:099a9a6e6ecc221ce47fe8da358fb90caf1de22cc90353adbd2f4073e3a8c962_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:221bf107c93e183a093dc13a41d2e2d907e97c1a74242bf7bfefae2c1436f02c_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:6c6842b5ba5d85e3d9990ae73754499863ed648c9b7efa9c75ab7936093d6c06_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:df0b0c0364bbe30220bd92c24ba41c54d4b871503e6b4ccdc8b7991031830637_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0ab18d9cc3d927e162c25e895bb5d55a970b5906f83c95f0759b659a2a2d45c2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:563b8f4b130657936b077139d86d648e6c65d68cf51bbcf09f3f2790db23cfd8_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:911f2c0b5159f6c13c6f4dc958ac66e987cab2b091f55e75b998d95cc1ae3e72_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:f4d5e0ab476f92e9985e86c0a6200f82e60972df12976c2ca64ff596c8e84bd0_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:7672a4b3475e71674897eb4c2d47c84bd7151ff71716d19dd29d8e140bc7b2ec_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:823118b612b0bfc3c10d1ad07d65236a8e21d703e64a09c5bdc9377fc0e7cf47_arm64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:8355c8f725d3713be992545bc8396582be6d792bec620b95bc5cd5475436a903_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f280ea9888acab2a2aee6fece6a99257b6b0a2093a042b958382684d1f590334_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:5094"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:4f73fc9525b461cb31c7f76a776b3ba6d586de87e763f3dace8edea1031d2dd8_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:677746a7132573b2b40658fad4801cbe3d0381079f2d6cd7ee508318d75e6ad0_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a312eee18c620e4b7c19258d2619b732a4fdf48320a04d8e216a018b99e046d7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:fcbba8962e1f5fa864c073f86467468d732a6edc9fc78cbeb6050a35beced88e_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:407b37dd42635c1d11de7cca69e620c140416a401c1a608d5e8f06a18ff51374_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:49542fec00ff65d1d4d27849c67468fb5d0b1314f7a9010d67c0dbbf55c1306b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:7d8a4815dee1f4e109876d47184b669e81dc22421b602f2beef48588f414743e_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:81b661df0703a3d7cddfce3be55b12aa297164177990b263f4b584bf9de948c7_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:0172d2aefc611c66c1ceac5acbe771b0109944024ccaa1534a992c154cc70186_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:293ef0eb34e035a972f5a45b87970cecc7942c6bee6da68c4d1f3ba2bd1e92d4_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:6327e0c83d4f21f33053bdc92a8091cfd7a53f272f57f3fa8e045611229f98ba_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:dbbcfdcdd4b7dca0363140675ccbf5a7e17cf6671e9c7d0858309eaa9e3e35bb_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:28a794322e00582e5d74c3a7e0934735652d09ae83ac59f925434a8e2f32ca81_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:7bbef82965d81bd768d915a1bcc220c7fb21c321e2ffb861eb628c81eeb8e000_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:abf18be2515f0e0bdf54c29e96c517043e23a248b84b72a7c77fb6627535435a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:c0341aec6013018cc7f97d4a9ac1ea4537a7fee8dbe473958ceab0f67e8bc502_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:084b7af79fce2ccd8e9291054e727cd536b2e8d0392d6fae41070acc640dda7d_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:392e140789a39e10526de2cae19316759ff36c954c7b0e8d88fac91556be3bf0_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:86b5406c483065ae2085721e6069f36767d6dc512d8f885ac02660955fb5fbed_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b55b09211c8e5857060baca392be5534a3707d0a876ceb76939908b271163cc0_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:09d04d86a4e646d6e45e57893d383432fa966ac536e460ff6fdd375c939d96ca_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5f070c96656b4e01a691caa916dcf81fb34c153d192d26acec7c08cc7f9d6fda_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7dd97c5e5b1c3502c52352decbe48b0f0998e59604da618dbb2689f8a9a86cf1_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:cdf3a7e2f5e76c59d9b3228daeabce86478693f7311ff44db0b0bbe41d9cc310_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4d0c6c49b2c660d5ed04273cfcd5e01444c7c479432c374ecbcb4b99334b2ac9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4e512e8195d93a887d411bf23da9602cdbfb46a0aa9b15292f500cf2eda284e6_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4f581fd9388ba9256a34b85296a8f3728826804bd9f59fe0f8832d91c3ecc8ae_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:c0bb751d102763412fc936fb3b69a45e477bc2c0aa71b5f6fa5c0f69a94d8767_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:099a9a6e6ecc221ce47fe8da358fb90caf1de22cc90353adbd2f4073e3a8c962_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:221bf107c93e183a093dc13a41d2e2d907e97c1a74242bf7bfefae2c1436f02c_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:6c6842b5ba5d85e3d9990ae73754499863ed648c9b7efa9c75ab7936093d6c06_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:df0b0c0364bbe30220bd92c24ba41c54d4b871503e6b4ccdc8b7991031830637_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0ab18d9cc3d927e162c25e895bb5d55a970b5906f83c95f0759b659a2a2d45c2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:563b8f4b130657936b077139d86d648e6c65d68cf51bbcf09f3f2790db23cfd8_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:911f2c0b5159f6c13c6f4dc958ac66e987cab2b091f55e75b998d95cc1ae3e72_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:f4d5e0ab476f92e9985e86c0a6200f82e60972df12976c2ca64ff596c8e84bd0_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:7672a4b3475e71674897eb4c2d47c84bd7151ff71716d19dd29d8e140bc7b2ec_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:823118b612b0bfc3c10d1ad07d65236a8e21d703e64a09c5bdc9377fc0e7cf47_arm64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:8355c8f725d3713be992545bc8396582be6d792bec620b95bc5cd5475436a903_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f280ea9888acab2a2aee6fece6a99257b6b0a2093a042b958382684d1f590334_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "quic-go: memory exhaustion attack against QUIC\u0027s connection ID mechanism"
},
{
"cve": "CVE-2024-24789",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2024-06-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2292668"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Golang. The ZIP implementation of the Go language archive/zip library behaves differently than the rest of the ZIP file format implementations. When handling ZIP files with a corrupted central directory record, the library skips over the invalid record and processes the next valid one. This flaw allows a malicious user to access hidden information or files inside maliciously crafted ZIP files.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: archive/zip: Incorrect handling of certain ZIP files",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Within regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-20: Improper Input Validation vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nRed Hat enforces the principle of least functionality, ensuring that only essential features, services, and ports are enabled. This minimizes the number of components that could be affected by input validation vulnerabilities. Security testing and evaluation standards are implemented within the environment to rigorously test input validation mechanisms during the development lifecycle, while static code analysis identifies potential input validation vulnerabilities by default. Process isolation ensures that processes handling potentially malicious or unvalidated inputs run in isolated environments by separating execution domains for each process. Malicious code protections, such as IPS/IDS and antimalware solutions, help detect and mitigate malicious payloads stemming from input validation vulnerabilities. Finally, robust input validation and error-handling mechanisms ensure all user inputs are thoroughly validated, preventing improperly validated inputs from causing system instability, exposing sensitive data, or escalating risks further.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:4f73fc9525b461cb31c7f76a776b3ba6d586de87e763f3dace8edea1031d2dd8_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:677746a7132573b2b40658fad4801cbe3d0381079f2d6cd7ee508318d75e6ad0_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a312eee18c620e4b7c19258d2619b732a4fdf48320a04d8e216a018b99e046d7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:fcbba8962e1f5fa864c073f86467468d732a6edc9fc78cbeb6050a35beced88e_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:407b37dd42635c1d11de7cca69e620c140416a401c1a608d5e8f06a18ff51374_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:49542fec00ff65d1d4d27849c67468fb5d0b1314f7a9010d67c0dbbf55c1306b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:7d8a4815dee1f4e109876d47184b669e81dc22421b602f2beef48588f414743e_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:81b661df0703a3d7cddfce3be55b12aa297164177990b263f4b584bf9de948c7_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:0172d2aefc611c66c1ceac5acbe771b0109944024ccaa1534a992c154cc70186_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:293ef0eb34e035a972f5a45b87970cecc7942c6bee6da68c4d1f3ba2bd1e92d4_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:6327e0c83d4f21f33053bdc92a8091cfd7a53f272f57f3fa8e045611229f98ba_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:dbbcfdcdd4b7dca0363140675ccbf5a7e17cf6671e9c7d0858309eaa9e3e35bb_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:28a794322e00582e5d74c3a7e0934735652d09ae83ac59f925434a8e2f32ca81_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:7bbef82965d81bd768d915a1bcc220c7fb21c321e2ffb861eb628c81eeb8e000_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:abf18be2515f0e0bdf54c29e96c517043e23a248b84b72a7c77fb6627535435a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:c0341aec6013018cc7f97d4a9ac1ea4537a7fee8dbe473958ceab0f67e8bc502_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:084b7af79fce2ccd8e9291054e727cd536b2e8d0392d6fae41070acc640dda7d_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:392e140789a39e10526de2cae19316759ff36c954c7b0e8d88fac91556be3bf0_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:86b5406c483065ae2085721e6069f36767d6dc512d8f885ac02660955fb5fbed_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b55b09211c8e5857060baca392be5534a3707d0a876ceb76939908b271163cc0_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:09d04d86a4e646d6e45e57893d383432fa966ac536e460ff6fdd375c939d96ca_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5f070c96656b4e01a691caa916dcf81fb34c153d192d26acec7c08cc7f9d6fda_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7dd97c5e5b1c3502c52352decbe48b0f0998e59604da618dbb2689f8a9a86cf1_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:cdf3a7e2f5e76c59d9b3228daeabce86478693f7311ff44db0b0bbe41d9cc310_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4d0c6c49b2c660d5ed04273cfcd5e01444c7c479432c374ecbcb4b99334b2ac9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4e512e8195d93a887d411bf23da9602cdbfb46a0aa9b15292f500cf2eda284e6_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4f581fd9388ba9256a34b85296a8f3728826804bd9f59fe0f8832d91c3ecc8ae_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:c0bb751d102763412fc936fb3b69a45e477bc2c0aa71b5f6fa5c0f69a94d8767_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:099a9a6e6ecc221ce47fe8da358fb90caf1de22cc90353adbd2f4073e3a8c962_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:221bf107c93e183a093dc13a41d2e2d907e97c1a74242bf7bfefae2c1436f02c_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:6c6842b5ba5d85e3d9990ae73754499863ed648c9b7efa9c75ab7936093d6c06_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:df0b0c0364bbe30220bd92c24ba41c54d4b871503e6b4ccdc8b7991031830637_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0ab18d9cc3d927e162c25e895bb5d55a970b5906f83c95f0759b659a2a2d45c2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:563b8f4b130657936b077139d86d648e6c65d68cf51bbcf09f3f2790db23cfd8_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:911f2c0b5159f6c13c6f4dc958ac66e987cab2b091f55e75b998d95cc1ae3e72_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:f4d5e0ab476f92e9985e86c0a6200f82e60972df12976c2ca64ff596c8e84bd0_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:7672a4b3475e71674897eb4c2d47c84bd7151ff71716d19dd29d8e140bc7b2ec_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:823118b612b0bfc3c10d1ad07d65236a8e21d703e64a09c5bdc9377fc0e7cf47_arm64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:8355c8f725d3713be992545bc8396582be6d792bec620b95bc5cd5475436a903_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f280ea9888acab2a2aee6fece6a99257b6b0a2093a042b958382684d1f590334_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-24789"
},
{
"category": "external",
"summary": "RHBZ#2292668",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2292668"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-24789",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24789"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-24789",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24789"
}
],
"release_date": "2024-06-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-08-07T15:39:25+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:4f73fc9525b461cb31c7f76a776b3ba6d586de87e763f3dace8edea1031d2dd8_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:677746a7132573b2b40658fad4801cbe3d0381079f2d6cd7ee508318d75e6ad0_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a312eee18c620e4b7c19258d2619b732a4fdf48320a04d8e216a018b99e046d7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:fcbba8962e1f5fa864c073f86467468d732a6edc9fc78cbeb6050a35beced88e_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:407b37dd42635c1d11de7cca69e620c140416a401c1a608d5e8f06a18ff51374_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:49542fec00ff65d1d4d27849c67468fb5d0b1314f7a9010d67c0dbbf55c1306b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:7d8a4815dee1f4e109876d47184b669e81dc22421b602f2beef48588f414743e_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:81b661df0703a3d7cddfce3be55b12aa297164177990b263f4b584bf9de948c7_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:0172d2aefc611c66c1ceac5acbe771b0109944024ccaa1534a992c154cc70186_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:293ef0eb34e035a972f5a45b87970cecc7942c6bee6da68c4d1f3ba2bd1e92d4_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:6327e0c83d4f21f33053bdc92a8091cfd7a53f272f57f3fa8e045611229f98ba_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:dbbcfdcdd4b7dca0363140675ccbf5a7e17cf6671e9c7d0858309eaa9e3e35bb_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:28a794322e00582e5d74c3a7e0934735652d09ae83ac59f925434a8e2f32ca81_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:7bbef82965d81bd768d915a1bcc220c7fb21c321e2ffb861eb628c81eeb8e000_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:abf18be2515f0e0bdf54c29e96c517043e23a248b84b72a7c77fb6627535435a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:c0341aec6013018cc7f97d4a9ac1ea4537a7fee8dbe473958ceab0f67e8bc502_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:084b7af79fce2ccd8e9291054e727cd536b2e8d0392d6fae41070acc640dda7d_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:392e140789a39e10526de2cae19316759ff36c954c7b0e8d88fac91556be3bf0_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:86b5406c483065ae2085721e6069f36767d6dc512d8f885ac02660955fb5fbed_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b55b09211c8e5857060baca392be5534a3707d0a876ceb76939908b271163cc0_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:09d04d86a4e646d6e45e57893d383432fa966ac536e460ff6fdd375c939d96ca_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5f070c96656b4e01a691caa916dcf81fb34c153d192d26acec7c08cc7f9d6fda_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7dd97c5e5b1c3502c52352decbe48b0f0998e59604da618dbb2689f8a9a86cf1_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:cdf3a7e2f5e76c59d9b3228daeabce86478693f7311ff44db0b0bbe41d9cc310_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4d0c6c49b2c660d5ed04273cfcd5e01444c7c479432c374ecbcb4b99334b2ac9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4e512e8195d93a887d411bf23da9602cdbfb46a0aa9b15292f500cf2eda284e6_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4f581fd9388ba9256a34b85296a8f3728826804bd9f59fe0f8832d91c3ecc8ae_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:c0bb751d102763412fc936fb3b69a45e477bc2c0aa71b5f6fa5c0f69a94d8767_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:099a9a6e6ecc221ce47fe8da358fb90caf1de22cc90353adbd2f4073e3a8c962_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:221bf107c93e183a093dc13a41d2e2d907e97c1a74242bf7bfefae2c1436f02c_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:6c6842b5ba5d85e3d9990ae73754499863ed648c9b7efa9c75ab7936093d6c06_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:df0b0c0364bbe30220bd92c24ba41c54d4b871503e6b4ccdc8b7991031830637_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0ab18d9cc3d927e162c25e895bb5d55a970b5906f83c95f0759b659a2a2d45c2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:563b8f4b130657936b077139d86d648e6c65d68cf51bbcf09f3f2790db23cfd8_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:911f2c0b5159f6c13c6f4dc958ac66e987cab2b091f55e75b998d95cc1ae3e72_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:f4d5e0ab476f92e9985e86c0a6200f82e60972df12976c2ca64ff596c8e84bd0_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:7672a4b3475e71674897eb4c2d47c84bd7151ff71716d19dd29d8e140bc7b2ec_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:823118b612b0bfc3c10d1ad07d65236a8e21d703e64a09c5bdc9377fc0e7cf47_arm64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:8355c8f725d3713be992545bc8396582be6d792bec620b95bc5cd5475436a903_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f280ea9888acab2a2aee6fece6a99257b6b0a2093a042b958382684d1f590334_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:5094"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:4f73fc9525b461cb31c7f76a776b3ba6d586de87e763f3dace8edea1031d2dd8_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:677746a7132573b2b40658fad4801cbe3d0381079f2d6cd7ee508318d75e6ad0_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a312eee18c620e4b7c19258d2619b732a4fdf48320a04d8e216a018b99e046d7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:fcbba8962e1f5fa864c073f86467468d732a6edc9fc78cbeb6050a35beced88e_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:407b37dd42635c1d11de7cca69e620c140416a401c1a608d5e8f06a18ff51374_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:49542fec00ff65d1d4d27849c67468fb5d0b1314f7a9010d67c0dbbf55c1306b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:7d8a4815dee1f4e109876d47184b669e81dc22421b602f2beef48588f414743e_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:81b661df0703a3d7cddfce3be55b12aa297164177990b263f4b584bf9de948c7_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:0172d2aefc611c66c1ceac5acbe771b0109944024ccaa1534a992c154cc70186_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:293ef0eb34e035a972f5a45b87970cecc7942c6bee6da68c4d1f3ba2bd1e92d4_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:6327e0c83d4f21f33053bdc92a8091cfd7a53f272f57f3fa8e045611229f98ba_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:dbbcfdcdd4b7dca0363140675ccbf5a7e17cf6671e9c7d0858309eaa9e3e35bb_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:28a794322e00582e5d74c3a7e0934735652d09ae83ac59f925434a8e2f32ca81_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:7bbef82965d81bd768d915a1bcc220c7fb21c321e2ffb861eb628c81eeb8e000_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:abf18be2515f0e0bdf54c29e96c517043e23a248b84b72a7c77fb6627535435a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:c0341aec6013018cc7f97d4a9ac1ea4537a7fee8dbe473958ceab0f67e8bc502_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:084b7af79fce2ccd8e9291054e727cd536b2e8d0392d6fae41070acc640dda7d_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:392e140789a39e10526de2cae19316759ff36c954c7b0e8d88fac91556be3bf0_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:86b5406c483065ae2085721e6069f36767d6dc512d8f885ac02660955fb5fbed_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b55b09211c8e5857060baca392be5534a3707d0a876ceb76939908b271163cc0_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:09d04d86a4e646d6e45e57893d383432fa966ac536e460ff6fdd375c939d96ca_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5f070c96656b4e01a691caa916dcf81fb34c153d192d26acec7c08cc7f9d6fda_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7dd97c5e5b1c3502c52352decbe48b0f0998e59604da618dbb2689f8a9a86cf1_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:cdf3a7e2f5e76c59d9b3228daeabce86478693f7311ff44db0b0bbe41d9cc310_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4d0c6c49b2c660d5ed04273cfcd5e01444c7c479432c374ecbcb4b99334b2ac9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4e512e8195d93a887d411bf23da9602cdbfb46a0aa9b15292f500cf2eda284e6_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4f581fd9388ba9256a34b85296a8f3728826804bd9f59fe0f8832d91c3ecc8ae_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:c0bb751d102763412fc936fb3b69a45e477bc2c0aa71b5f6fa5c0f69a94d8767_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:099a9a6e6ecc221ce47fe8da358fb90caf1de22cc90353adbd2f4073e3a8c962_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:221bf107c93e183a093dc13a41d2e2d907e97c1a74242bf7bfefae2c1436f02c_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:6c6842b5ba5d85e3d9990ae73754499863ed648c9b7efa9c75ab7936093d6c06_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:df0b0c0364bbe30220bd92c24ba41c54d4b871503e6b4ccdc8b7991031830637_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0ab18d9cc3d927e162c25e895bb5d55a970b5906f83c95f0759b659a2a2d45c2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:563b8f4b130657936b077139d86d648e6c65d68cf51bbcf09f3f2790db23cfd8_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:911f2c0b5159f6c13c6f4dc958ac66e987cab2b091f55e75b998d95cc1ae3e72_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:f4d5e0ab476f92e9985e86c0a6200f82e60972df12976c2ca64ff596c8e84bd0_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:7672a4b3475e71674897eb4c2d47c84bd7151ff71716d19dd29d8e140bc7b2ec_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:823118b612b0bfc3c10d1ad07d65236a8e21d703e64a09c5bdc9377fc0e7cf47_arm64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:8355c8f725d3713be992545bc8396582be6d792bec620b95bc5cd5475436a903_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f280ea9888acab2a2aee6fece6a99257b6b0a2093a042b958382684d1f590334_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: archive/zip: Incorrect handling of certain ZIP files"
},
{
"cve": "CVE-2024-28176",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-03-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2268820"
}
],
"notes": [
{
"category": "description",
"text": "Jose was found to have an uncontrolled resource consumption vulnerability. Under certain conditions, the user\u0027s environment can consume an unreasonable amount of CPU time or memory during JWE decryption operations, leading to a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jose: resource exhaustion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:4f73fc9525b461cb31c7f76a776b3ba6d586de87e763f3dace8edea1031d2dd8_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:677746a7132573b2b40658fad4801cbe3d0381079f2d6cd7ee508318d75e6ad0_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a312eee18c620e4b7c19258d2619b732a4fdf48320a04d8e216a018b99e046d7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:fcbba8962e1f5fa864c073f86467468d732a6edc9fc78cbeb6050a35beced88e_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:407b37dd42635c1d11de7cca69e620c140416a401c1a608d5e8f06a18ff51374_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:49542fec00ff65d1d4d27849c67468fb5d0b1314f7a9010d67c0dbbf55c1306b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:7d8a4815dee1f4e109876d47184b669e81dc22421b602f2beef48588f414743e_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:81b661df0703a3d7cddfce3be55b12aa297164177990b263f4b584bf9de948c7_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:0172d2aefc611c66c1ceac5acbe771b0109944024ccaa1534a992c154cc70186_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:293ef0eb34e035a972f5a45b87970cecc7942c6bee6da68c4d1f3ba2bd1e92d4_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:6327e0c83d4f21f33053bdc92a8091cfd7a53f272f57f3fa8e045611229f98ba_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:dbbcfdcdd4b7dca0363140675ccbf5a7e17cf6671e9c7d0858309eaa9e3e35bb_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:28a794322e00582e5d74c3a7e0934735652d09ae83ac59f925434a8e2f32ca81_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:7bbef82965d81bd768d915a1bcc220c7fb21c321e2ffb861eb628c81eeb8e000_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:abf18be2515f0e0bdf54c29e96c517043e23a248b84b72a7c77fb6627535435a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:c0341aec6013018cc7f97d4a9ac1ea4537a7fee8dbe473958ceab0f67e8bc502_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:084b7af79fce2ccd8e9291054e727cd536b2e8d0392d6fae41070acc640dda7d_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:392e140789a39e10526de2cae19316759ff36c954c7b0e8d88fac91556be3bf0_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:86b5406c483065ae2085721e6069f36767d6dc512d8f885ac02660955fb5fbed_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b55b09211c8e5857060baca392be5534a3707d0a876ceb76939908b271163cc0_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:09d04d86a4e646d6e45e57893d383432fa966ac536e460ff6fdd375c939d96ca_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5f070c96656b4e01a691caa916dcf81fb34c153d192d26acec7c08cc7f9d6fda_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7dd97c5e5b1c3502c52352decbe48b0f0998e59604da618dbb2689f8a9a86cf1_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:cdf3a7e2f5e76c59d9b3228daeabce86478693f7311ff44db0b0bbe41d9cc310_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4d0c6c49b2c660d5ed04273cfcd5e01444c7c479432c374ecbcb4b99334b2ac9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4e512e8195d93a887d411bf23da9602cdbfb46a0aa9b15292f500cf2eda284e6_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4f581fd9388ba9256a34b85296a8f3728826804bd9f59fe0f8832d91c3ecc8ae_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:c0bb751d102763412fc936fb3b69a45e477bc2c0aa71b5f6fa5c0f69a94d8767_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:099a9a6e6ecc221ce47fe8da358fb90caf1de22cc90353adbd2f4073e3a8c962_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:221bf107c93e183a093dc13a41d2e2d907e97c1a74242bf7bfefae2c1436f02c_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:6c6842b5ba5d85e3d9990ae73754499863ed648c9b7efa9c75ab7936093d6c06_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:df0b0c0364bbe30220bd92c24ba41c54d4b871503e6b4ccdc8b7991031830637_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0ab18d9cc3d927e162c25e895bb5d55a970b5906f83c95f0759b659a2a2d45c2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:563b8f4b130657936b077139d86d648e6c65d68cf51bbcf09f3f2790db23cfd8_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:911f2c0b5159f6c13c6f4dc958ac66e987cab2b091f55e75b998d95cc1ae3e72_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:f4d5e0ab476f92e9985e86c0a6200f82e60972df12976c2ca64ff596c8e84bd0_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:7672a4b3475e71674897eb4c2d47c84bd7151ff71716d19dd29d8e140bc7b2ec_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:823118b612b0bfc3c10d1ad07d65236a8e21d703e64a09c5bdc9377fc0e7cf47_arm64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:8355c8f725d3713be992545bc8396582be6d792bec620b95bc5cd5475436a903_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f280ea9888acab2a2aee6fece6a99257b6b0a2093a042b958382684d1f590334_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-28176"
},
{
"category": "external",
"summary": "RHBZ#2268820",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268820"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-28176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28176"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-28176",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-28176"
},
{
"category": "external",
"summary": "https://github.com/panva/jose/security/advisories/GHSA-hhhv-q57g-882q",
"url": "https://github.com/panva/jose/security/advisories/GHSA-hhhv-q57g-882q"
}
],
"release_date": "2024-03-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-08-07T15:39:25+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:4f73fc9525b461cb31c7f76a776b3ba6d586de87e763f3dace8edea1031d2dd8_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:677746a7132573b2b40658fad4801cbe3d0381079f2d6cd7ee508318d75e6ad0_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a312eee18c620e4b7c19258d2619b732a4fdf48320a04d8e216a018b99e046d7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:fcbba8962e1f5fa864c073f86467468d732a6edc9fc78cbeb6050a35beced88e_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:407b37dd42635c1d11de7cca69e620c140416a401c1a608d5e8f06a18ff51374_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:49542fec00ff65d1d4d27849c67468fb5d0b1314f7a9010d67c0dbbf55c1306b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:7d8a4815dee1f4e109876d47184b669e81dc22421b602f2beef48588f414743e_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:81b661df0703a3d7cddfce3be55b12aa297164177990b263f4b584bf9de948c7_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:0172d2aefc611c66c1ceac5acbe771b0109944024ccaa1534a992c154cc70186_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:293ef0eb34e035a972f5a45b87970cecc7942c6bee6da68c4d1f3ba2bd1e92d4_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:6327e0c83d4f21f33053bdc92a8091cfd7a53f272f57f3fa8e045611229f98ba_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:dbbcfdcdd4b7dca0363140675ccbf5a7e17cf6671e9c7d0858309eaa9e3e35bb_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:28a794322e00582e5d74c3a7e0934735652d09ae83ac59f925434a8e2f32ca81_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:7bbef82965d81bd768d915a1bcc220c7fb21c321e2ffb861eb628c81eeb8e000_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:abf18be2515f0e0bdf54c29e96c517043e23a248b84b72a7c77fb6627535435a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:c0341aec6013018cc7f97d4a9ac1ea4537a7fee8dbe473958ceab0f67e8bc502_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:084b7af79fce2ccd8e9291054e727cd536b2e8d0392d6fae41070acc640dda7d_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:392e140789a39e10526de2cae19316759ff36c954c7b0e8d88fac91556be3bf0_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:86b5406c483065ae2085721e6069f36767d6dc512d8f885ac02660955fb5fbed_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b55b09211c8e5857060baca392be5534a3707d0a876ceb76939908b271163cc0_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:09d04d86a4e646d6e45e57893d383432fa966ac536e460ff6fdd375c939d96ca_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5f070c96656b4e01a691caa916dcf81fb34c153d192d26acec7c08cc7f9d6fda_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7dd97c5e5b1c3502c52352decbe48b0f0998e59604da618dbb2689f8a9a86cf1_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:cdf3a7e2f5e76c59d9b3228daeabce86478693f7311ff44db0b0bbe41d9cc310_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4d0c6c49b2c660d5ed04273cfcd5e01444c7c479432c374ecbcb4b99334b2ac9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4e512e8195d93a887d411bf23da9602cdbfb46a0aa9b15292f500cf2eda284e6_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4f581fd9388ba9256a34b85296a8f3728826804bd9f59fe0f8832d91c3ecc8ae_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:c0bb751d102763412fc936fb3b69a45e477bc2c0aa71b5f6fa5c0f69a94d8767_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:099a9a6e6ecc221ce47fe8da358fb90caf1de22cc90353adbd2f4073e3a8c962_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:221bf107c93e183a093dc13a41d2e2d907e97c1a74242bf7bfefae2c1436f02c_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:6c6842b5ba5d85e3d9990ae73754499863ed648c9b7efa9c75ab7936093d6c06_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:df0b0c0364bbe30220bd92c24ba41c54d4b871503e6b4ccdc8b7991031830637_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0ab18d9cc3d927e162c25e895bb5d55a970b5906f83c95f0759b659a2a2d45c2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:563b8f4b130657936b077139d86d648e6c65d68cf51bbcf09f3f2790db23cfd8_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:911f2c0b5159f6c13c6f4dc958ac66e987cab2b091f55e75b998d95cc1ae3e72_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:f4d5e0ab476f92e9985e86c0a6200f82e60972df12976c2ca64ff596c8e84bd0_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:7672a4b3475e71674897eb4c2d47c84bd7151ff71716d19dd29d8e140bc7b2ec_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:823118b612b0bfc3c10d1ad07d65236a8e21d703e64a09c5bdc9377fc0e7cf47_arm64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:8355c8f725d3713be992545bc8396582be6d792bec620b95bc5cd5475436a903_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f280ea9888acab2a2aee6fece6a99257b6b0a2093a042b958382684d1f590334_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:5094"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:4f73fc9525b461cb31c7f76a776b3ba6d586de87e763f3dace8edea1031d2dd8_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:677746a7132573b2b40658fad4801cbe3d0381079f2d6cd7ee508318d75e6ad0_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a312eee18c620e4b7c19258d2619b732a4fdf48320a04d8e216a018b99e046d7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:fcbba8962e1f5fa864c073f86467468d732a6edc9fc78cbeb6050a35beced88e_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:407b37dd42635c1d11de7cca69e620c140416a401c1a608d5e8f06a18ff51374_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:49542fec00ff65d1d4d27849c67468fb5d0b1314f7a9010d67c0dbbf55c1306b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:7d8a4815dee1f4e109876d47184b669e81dc22421b602f2beef48588f414743e_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:81b661df0703a3d7cddfce3be55b12aa297164177990b263f4b584bf9de948c7_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:0172d2aefc611c66c1ceac5acbe771b0109944024ccaa1534a992c154cc70186_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:293ef0eb34e035a972f5a45b87970cecc7942c6bee6da68c4d1f3ba2bd1e92d4_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:6327e0c83d4f21f33053bdc92a8091cfd7a53f272f57f3fa8e045611229f98ba_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:dbbcfdcdd4b7dca0363140675ccbf5a7e17cf6671e9c7d0858309eaa9e3e35bb_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:28a794322e00582e5d74c3a7e0934735652d09ae83ac59f925434a8e2f32ca81_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:7bbef82965d81bd768d915a1bcc220c7fb21c321e2ffb861eb628c81eeb8e000_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:abf18be2515f0e0bdf54c29e96c517043e23a248b84b72a7c77fb6627535435a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:c0341aec6013018cc7f97d4a9ac1ea4537a7fee8dbe473958ceab0f67e8bc502_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:084b7af79fce2ccd8e9291054e727cd536b2e8d0392d6fae41070acc640dda7d_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:392e140789a39e10526de2cae19316759ff36c954c7b0e8d88fac91556be3bf0_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:86b5406c483065ae2085721e6069f36767d6dc512d8f885ac02660955fb5fbed_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b55b09211c8e5857060baca392be5534a3707d0a876ceb76939908b271163cc0_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:09d04d86a4e646d6e45e57893d383432fa966ac536e460ff6fdd375c939d96ca_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5f070c96656b4e01a691caa916dcf81fb34c153d192d26acec7c08cc7f9d6fda_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7dd97c5e5b1c3502c52352decbe48b0f0998e59604da618dbb2689f8a9a86cf1_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:cdf3a7e2f5e76c59d9b3228daeabce86478693f7311ff44db0b0bbe41d9cc310_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4d0c6c49b2c660d5ed04273cfcd5e01444c7c479432c374ecbcb4b99334b2ac9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4e512e8195d93a887d411bf23da9602cdbfb46a0aa9b15292f500cf2eda284e6_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4f581fd9388ba9256a34b85296a8f3728826804bd9f59fe0f8832d91c3ecc8ae_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:c0bb751d102763412fc936fb3b69a45e477bc2c0aa71b5f6fa5c0f69a94d8767_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:099a9a6e6ecc221ce47fe8da358fb90caf1de22cc90353adbd2f4073e3a8c962_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:221bf107c93e183a093dc13a41d2e2d907e97c1a74242bf7bfefae2c1436f02c_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:6c6842b5ba5d85e3d9990ae73754499863ed648c9b7efa9c75ab7936093d6c06_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:df0b0c0364bbe30220bd92c24ba41c54d4b871503e6b4ccdc8b7991031830637_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0ab18d9cc3d927e162c25e895bb5d55a970b5906f83c95f0759b659a2a2d45c2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:563b8f4b130657936b077139d86d648e6c65d68cf51bbcf09f3f2790db23cfd8_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:911f2c0b5159f6c13c6f4dc958ac66e987cab2b091f55e75b998d95cc1ae3e72_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:f4d5e0ab476f92e9985e86c0a6200f82e60972df12976c2ca64ff596c8e84bd0_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:7672a4b3475e71674897eb4c2d47c84bd7151ff71716d19dd29d8e140bc7b2ec_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:823118b612b0bfc3c10d1ad07d65236a8e21d703e64a09c5bdc9377fc0e7cf47_arm64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:8355c8f725d3713be992545bc8396582be6d792bec620b95bc5cd5475436a903_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f280ea9888acab2a2aee6fece6a99257b6b0a2093a042b958382684d1f590334_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:4f73fc9525b461cb31c7f76a776b3ba6d586de87e763f3dace8edea1031d2dd8_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:677746a7132573b2b40658fad4801cbe3d0381079f2d6cd7ee508318d75e6ad0_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a312eee18c620e4b7c19258d2619b732a4fdf48320a04d8e216a018b99e046d7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:fcbba8962e1f5fa864c073f86467468d732a6edc9fc78cbeb6050a35beced88e_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:407b37dd42635c1d11de7cca69e620c140416a401c1a608d5e8f06a18ff51374_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:49542fec00ff65d1d4d27849c67468fb5d0b1314f7a9010d67c0dbbf55c1306b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:7d8a4815dee1f4e109876d47184b669e81dc22421b602f2beef48588f414743e_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:81b661df0703a3d7cddfce3be55b12aa297164177990b263f4b584bf9de948c7_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:0172d2aefc611c66c1ceac5acbe771b0109944024ccaa1534a992c154cc70186_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:293ef0eb34e035a972f5a45b87970cecc7942c6bee6da68c4d1f3ba2bd1e92d4_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:6327e0c83d4f21f33053bdc92a8091cfd7a53f272f57f3fa8e045611229f98ba_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:dbbcfdcdd4b7dca0363140675ccbf5a7e17cf6671e9c7d0858309eaa9e3e35bb_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:28a794322e00582e5d74c3a7e0934735652d09ae83ac59f925434a8e2f32ca81_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:7bbef82965d81bd768d915a1bcc220c7fb21c321e2ffb861eb628c81eeb8e000_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:abf18be2515f0e0bdf54c29e96c517043e23a248b84b72a7c77fb6627535435a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:c0341aec6013018cc7f97d4a9ac1ea4537a7fee8dbe473958ceab0f67e8bc502_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:084b7af79fce2ccd8e9291054e727cd536b2e8d0392d6fae41070acc640dda7d_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:392e140789a39e10526de2cae19316759ff36c954c7b0e8d88fac91556be3bf0_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:86b5406c483065ae2085721e6069f36767d6dc512d8f885ac02660955fb5fbed_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b55b09211c8e5857060baca392be5534a3707d0a876ceb76939908b271163cc0_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:09d04d86a4e646d6e45e57893d383432fa966ac536e460ff6fdd375c939d96ca_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5f070c96656b4e01a691caa916dcf81fb34c153d192d26acec7c08cc7f9d6fda_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7dd97c5e5b1c3502c52352decbe48b0f0998e59604da618dbb2689f8a9a86cf1_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:cdf3a7e2f5e76c59d9b3228daeabce86478693f7311ff44db0b0bbe41d9cc310_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4d0c6c49b2c660d5ed04273cfcd5e01444c7c479432c374ecbcb4b99334b2ac9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4e512e8195d93a887d411bf23da9602cdbfb46a0aa9b15292f500cf2eda284e6_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4f581fd9388ba9256a34b85296a8f3728826804bd9f59fe0f8832d91c3ecc8ae_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:c0bb751d102763412fc936fb3b69a45e477bc2c0aa71b5f6fa5c0f69a94d8767_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:099a9a6e6ecc221ce47fe8da358fb90caf1de22cc90353adbd2f4073e3a8c962_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:221bf107c93e183a093dc13a41d2e2d907e97c1a74242bf7bfefae2c1436f02c_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:6c6842b5ba5d85e3d9990ae73754499863ed648c9b7efa9c75ab7936093d6c06_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:df0b0c0364bbe30220bd92c24ba41c54d4b871503e6b4ccdc8b7991031830637_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0ab18d9cc3d927e162c25e895bb5d55a970b5906f83c95f0759b659a2a2d45c2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:563b8f4b130657936b077139d86d648e6c65d68cf51bbcf09f3f2790db23cfd8_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:911f2c0b5159f6c13c6f4dc958ac66e987cab2b091f55e75b998d95cc1ae3e72_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:f4d5e0ab476f92e9985e86c0a6200f82e60972df12976c2ca64ff596c8e84bd0_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:7672a4b3475e71674897eb4c2d47c84bd7151ff71716d19dd29d8e140bc7b2ec_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:823118b612b0bfc3c10d1ad07d65236a8e21d703e64a09c5bdc9377fc0e7cf47_arm64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:8355c8f725d3713be992545bc8396582be6d792bec620b95bc5cd5475436a903_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f280ea9888acab2a2aee6fece6a99257b6b0a2093a042b958382684d1f590334_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jose: resource exhaustion"
}
]
}
gsd-2018-12608
Vulnerability from gsd
Modified
2023-12-13 01:22
Details
An issue was discovered in Docker Moby before 17.06.0. The Docker engine validated a client TLS certificate using both the configured client CA root certificate and all system roots on non-Windows systems. This allowed a client with any domain validated certificate signed by a system-trusted root CA (as opposed to one signed by the configured CA root certificate) to authenticate.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2018-12608",
"description": "An issue was discovered in Docker Moby before 17.06.0. The Docker engine validated a client TLS certificate using both the configured client CA root certificate and all system roots on non-Windows systems. This allowed a client with any domain validated certificate signed by a system-trusted root CA (as opposed to one signed by the configured CA root certificate) to authenticate.",
"id": "GSD-2018-12608"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2018-12608"
],
"details": "An issue was discovered in Docker Moby before 17.06.0. The Docker engine validated a client TLS certificate using both the configured client CA root certificate and all system roots on non-Windows systems. This allowed a client with any domain validated certificate signed by a system-trusted root CA (as opposed to one signed by the configured CA root certificate) to authenticate.",
"id": "GSD-2018-12608",
"modified": "2023-12-13T01:22:29.819687Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-12608",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in Docker Moby before 17.06.0. The Docker engine validated a client TLS certificate using both the configured client CA root certificate and all system roots on non-Windows systems. This allowed a client with any domain validated certificate signed by a system-trusted root CA (as opposed to one signed by the configured CA root certificate) to authenticate."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/moby/moby/pull/33182",
"refsource": "MISC",
"url": "https://github.com/moby/moby/pull/33182"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:mobyproject:moby:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "17.06.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-12608"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "An issue was discovered in Docker Moby before 17.06.0. The Docker engine validated a client TLS certificate using both the configured client CA root certificate and all system roots on non-Windows systems. This allowed a client with any domain validated certificate signed by a system-trusted root CA (as opposed to one signed by the configured CA root certificate) to authenticate."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-295"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/moby/moby/pull/33182",
"refsource": "MISC",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/moby/moby/pull/33182"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
},
"lastModifiedDate": "2018-11-19T16:29Z",
"publishedDate": "2018-09-10T17:29Z"
}
}
}
ghsa-qrqr-3x5j-2xw9
Vulnerability from github
Published
2024-01-31 23:28
Modified
2024-07-08 15:54
Severity ?
VLAI Severity ?
Summary
Docker Authentication Bypass
Details
An issue was discovered in Docker Moby before 17.06.0. The Docker engine validated a client TLS certificate using both the configured client CA root certificate and all system roots on non-Windows systems. This allowed a client with any domain validated certificate signed by a system-trusted root CA (as opposed to one signed by the configured CA root certificate) to authenticate.
{
"affected": [
{
"package": {
"ecosystem": "Go",
"name": "github.com/docker/docker"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "17.06.0-ce"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2018-12608"
],
"database_specific": {
"cwe_ids": [
"CWE-288"
],
"github_reviewed": true,
"github_reviewed_at": "2024-01-31T23:28:22Z",
"nvd_published_at": null,
"severity": "HIGH"
},
"details": "An issue was discovered in Docker Moby before 17.06.0. The Docker engine validated a client TLS certificate using both the configured client CA root certificate and all system roots on non-Windows systems. This allowed a client with any domain validated certificate signed by a system-trusted root CA (as opposed to one signed by the configured CA root certificate) to authenticate.",
"id": "GHSA-qrqr-3x5j-2xw9",
"modified": "2024-07-08T15:54:29Z",
"published": "2024-01-31T23:28:22Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-12608"
},
{
"type": "WEB",
"url": "https://github.com/moby/moby/issues/33173"
},
{
"type": "WEB",
"url": "https://github.com/moby/moby/pull/33182"
},
{
"type": "WEB",
"url": "https://github.com/moby/moby/commit/190c6e8cf8b893874a33d83f78307f1bed0bfbcd"
},
{
"type": "PACKAGE",
"url": "https://github.com/moby/moby"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"type": "CVSS_V3"
}
],
"summary": "Docker Authentication Bypass"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…